NAME

       md5crypt - MD5-based password encryption

SYNOPSIS

       package require Tcl  8.2

       package require md5  2.0

       package require md5crypt  ?1.1.0?

       ::md5crypt::md5crypt password salt

       ::md5crypt::aprcrypt password salt

       ::md5crypt::salt ?length?

_________________________________________________________________________________________________

DESCRIPTION

       This  package provides an implementation of the MD5-crypt password encryption algorithm as
       pioneered by FreeBSD and currently in use as a replacement for the unix crypt(3)  function
       in  many modern systems. An implementation of the closely related Apache MD5-crypt is also
       available.  The output  of  these  commands  are  compatible  with  the  BSD  and  OpenSSL
       implementation of md5crypt and the Apache 2 htpasswd program.

COMMANDS

       ::md5crypt::md5crypt password salt
              Generate a BSD compatible md5-encoded password hash from the plaintext password and
              a random salt (see SALT).

       ::md5crypt::aprcrypt password salt
              Generate an Apache compatible md5-encoded password hash from the plaintext password
              and a random salt (see SALT).

       ::md5crypt::salt ?length?
              Generate  a  random  salt  string  suitable  for use with the md5crypt and aprcrypt
              commands.

SALT

       The salt passed to either of the encryption schemes implemented here is checked to see  if
       it  begins with the encryption scheme magic string (either "$1$" for MD5-crypt or "$apr1$"
       for Apache crypt). If so, this is removed. The remaining characters up to the next  $  and
       up  to  a maximum of 8 characters are then used as the salt. The salt text should probably
       be restricted the set of ASCII alphanumeric characters plus "./" (dot and forward-slash) -
       this is to preserve maximum compatability with the unix password file format.

       If  a  password  is being generated rather than checked from a password file then the salt
       command may be used to generate a random salt.

EXAMPLES

              % md5crypt::md5crypt password 01234567
              $1$01234567$b5lh2mHyD2PdJjFfALlEz1

              % md5crypt::aprcrypt password 01234567
              $apr1$01234567$IXBaQywhAhc0d75ZbaSDp/

              % md5crypt::md5crypt password [md5crypt::salt]
              $1$dFmvyRmO$T.V3OmzqeEf3hqJp2WFcb.

BUGS, IDEAS, FEEDBACK

       This document, and the package it describes,  will  undoubtedly  contain  bugs  and  other
       problems.    Please   report  such  in  the  category  md5crypt  of  the  Tcllib  Trackers
       [http://core.tcl.tk/tcllib/reportlist].  Please also report any ideas for enhancements you
       may have for either package and/or documentation.

       When proposing code changes, please provide unified diffs, i.e the output of diff -u.

       Note further that attachments are strongly preferred over inlined patches. Attachments can
       be made by going to the Edit form of the ticket immediately after its creation,  and  then
       using the left-most button in the secondary navigation bar.

SEE ALSO

       md5

KEYWORDS

       hashing, md5, md5crypt, message-digest, security

CATEGORY

       Hashes, checksums, and encryption

COPYRIGHT

       Copyright (c) 2003, Pat Thoyts <patthoyts@users.sourceforge.net>