Subject: Adding sha1 hashed passwords
To: None <>
From: Simon J. Gerraty <>
List: tech-userlevel
Date: 05/29/2004 00:47:50
I'm adding support for crypt_sha1() 
I've some questions before posting patches...


A sha1 hashed passwd looks like:



<iterations> is the number of times hmac_sha1 is applied to the
salt using the password as key.  The value can be controlled via

<salt> can be up to 64 random bytes, but pwd_gensalt only uses 8.

<digest> is the final hmac result.  The actual algoritm used is
essentially PBKDF1 from RFC 2898 (though using hmac_sha1 rather than
SHA1 directly), and reflects suggestions from several developers.

Eg. $sha1$8362$DSm2QUfl$O2GMtJPUwCqPDW04wpA.QLbv.kDbVlDb


I notice that libcrypt uses __md5crypt() rather than the name
crypt_md5() used in FreeBSD (where I presume the routine originated).
I'm wondering if there's a reason to change the name of crypt_sha1 to
__sha1crypt for NetBSD or wether the current name is ok.

I extracted the static to64 from md5crypt.c and put it in its
own .c file as crypt_to64 and it is now used by __md5crypt, crypt_sha1
and pwd_gensalt.  Again, is there a reason the name should be

Also, should hmac_sha1 be added to libcrypt or libc (or both?)
I've currently added it to both - to make my testing easier.
FWIW the hmac implementation is very simple - based on RFC 2104 and
includes unit tests for hmac_sha1 and hmac_md5.

Finally, does adding crypt_sha1 require bumping the version of ?