libcrypt: Nix trailing whitespace.

No functional change intended.

Prompted by tying up loose ends around PR lib/57895.

libcrypt: trailing white space

Fix typo in comment.

Avoid undefined behavior in left shift

crypt.c:772:11, left shift of 1363235140 by 1 places cannot be represented
in type 'int32_t' (aka 'int')

Avoid undefined behavior in bit shift operations

crypt.c:839:40, left shift of negative value -1197182952
crypt.c:840:40, left shift of negative value -264997776

adding argon2 support to libcrypt. argon2 user authentication now
available via MKARGON2=yes (3 variants supported; argon2id recommended)
before using, please read argon2 paper at
https://github.com/

adding argon2 support to libcrypt. argon2 user authentication now
available via MKARGON2=yes (3 variants supported; argon2id recommended)
before using, please read argon2 paper at
https://github.com/P-H-C/phc-winner-argon2

show more ...

adding full scheme comparison to libcrypt:crypt and pwhash tests

fix error messages

make __crypt static

wrap crypt() to a function that returns *0 and *1 on error.

perform the check for all salts > 2.

Provide a safer salting method that does not turn invalid salts to '.'.
Be more sensitive to bad salts and counts. From:
http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/glibc/crypt_freesec.c
F

Provide a safer salting method that does not turn invalid salts to '.'.
Be more sensitive to bad salts and counts. From:
http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/glibc/crypt_freesec.c
From Solar Designer

show more ...

avoid accessing array over its bound, from Solar Designer

ANSI function prototypes

de-__P

Remove more duplicate #includes, and a few spurious whitespaces at EOL
From Slava Semushin <slava.semushin@gmail.com>

Constify prtab() argument, fixes MKDEBUGLIB build.

gently add some "const", and avoid some casts
compiles with WARNS=4 now (on i386 and alpha)

Need stdio.h if debug.

Add support for SHA1 hashed passwords.
The algorithm used is essentially PBKDF1 from RFC 2898 but using
hmac_sha1 rather than SHA1 directly (suggested by smb@research.att.com).

* The format of the

Add support for SHA1 hashed passwords.
The algorithm used is essentially PBKDF1 from RFC 2898 but using
hmac_sha1 rather than SHA1 directly (suggested by smb@research.att.com).

* The format of the encrypted password is:
* $<tag>$<iterations>$<salt>$<digest>
*
* where:
* <tag> is "sha1"
* <iterations> is an unsigned int identifying how many rounds
* have been applied to <digest>. The number
* should vary slightly for each password to make
* it harder to generate a dictionary of
* pre-computed hashes. See crypt_sha1_iterations.
* <salt> up to 64 bytes of random data, 8 bytes is
* currently considered more than enough.
* <digest> the hashed password.

hmac.c implementes HMAC as defined in RFC 2104 and includes a unit
test for both hmac_sha1 and hmac_sha1 using a selection of the Known
Answer Tests from RFC 2202.

It is worth noting that to be FIPS compliant the hmac key (password)
should be 10-20 chars.

show more ...

Move UCB-licensed code from 4-clause to 3-clause licence.

Patches provided by Joel Baker in PR 22280, verified by myself.

make the read-only arrays const

support bcrypt password. can be chosen by "blowfish" keyword in passwd.conf.
from openbsd

Four casts for lint.

fix nested extern declaration.