The NetBSD Project

CVS log for src/lib/libc/hash/

[BACK] Up to [] / src / lib / libc / hash

Request diff between arbitrary revisions

Default branch: MAIN
Current tag: netbsd-3-base

Revision 1.5 / (download) - annotate - [select for diffs], Fri Jul 2 00:05:23 2004 UTC (14 years, 10 months ago) by sjg
Branch: MAIN
CVS Tags: netbsd-3-base
Branch point for: netbsd-3
Changes since 1.4: +2 -1 lines
Diff to previous 1.4 (colored)

Add support for SHA1 hashed passwords.
The algorithm used is essentially PBKDF1 from RFC 2898 but using
hmac_sha1 rather than SHA1 directly (suggested by

 * The format of the encrypted password is:
 * $<tag>$<iterations>$<salt>$<digest>
 * where:
 *      <tag>           is "sha1"
 *      <iterations>    is an unsigned int identifying how many rounds
 *                      have been applied to <digest>.  The number
 *                      should vary slightly for each password to make
 *                      it harder to generate a dictionary of
 *                      pre-computed hashes.  See crypt_sha1_iterations.
 *      <salt>          up to 64 bytes of random data, 8 bytes is
 *                      currently considered more than enough.
 *      <digest>        the hashed password.

hmac.c implementes HMAC as defined in RFC 2104 and includes a unit
test for both hmac_sha1 and hmac_sha1 using a selection of the Known
Answer Tests from RFC 2202.

It is worth noting that to be FIPS compliant the hmac key (password)
should be 10-20 chars.

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

CVSweb <>