* Bug in crypt(3) man page
@ 2010-06-05 11:44 Paul A Sand
[not found] ` <20100605114404.GA30106-gUudzVX/zFgk2GylmosdeQ@public.gmane.org>
0 siblings, 1 reply; 2+ messages in thread
From: Paul A Sand @ 2010-06-05 11:44 UTC (permalink / raw)
To: mtk-manpages-Re5JQEeQqe8AvxtiuMwx3w,
linux-man-u79uwXL29TY76Z2rM5mHXA
Hi --
I have version 3.23 of man-pages (Fedora 13). At the very
end of 'Glibc Notes' of crypt(3):
In the SHA implementation the entire key is significant
(instead of only the first 8 bytes in MD5).
I'm pretty sure that's incorrect. I think both MD5 and SHA implementations
use the whole key, and the 8-byte significance restriction is
applies to (just) the original DES.
I also have version 2.39 of man-pages on Red Hat 5; I think it's more
accurate there.
The problem is also present on the online man page:
http://www.kernel.org/doc/man-pages/online/pages/man3/crypt.3.html
The man page also may be incorrect with the max salt lengths.
I think this is eight bytes for MD5, 16 for SHA-256 and SHA-512.
(The page implies 16 for MD5 too.)
Thanks much for your work on the man pages.
--
-- Paul A. Sand | Necessity is the plea for every infringement
-- University of New Hampshire | of human freedom. It is the argument of
-- pas-JNhspZqLHXk@public.gmane.org | tyrants; it is the creed of slaves.
-- http://pubpages.unh.edu/~pas | (William Pitt, 1783)
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: Bug in crypt(3) man page
[not found] ` <20100605114404.GA30106-gUudzVX/zFgk2GylmosdeQ@public.gmane.org>
@ 2010-06-06 10:44 ` Petr Baudis
0 siblings, 0 replies; 2+ messages in thread
From: Petr Baudis @ 2010-06-06 10:44 UTC (permalink / raw)
To: Paul A Sand
Cc: mtk-manpages-Re5JQEeQqe8AvxtiuMwx3w,
linux-man-u79uwXL29TY76Z2rM5mHXA
On Sat, Jun 05, 2010 at 07:44:05AM -0400, Paul A Sand wrote:
> Hi --
>
> I have version 3.23 of man-pages (Fedora 13). At the very
> end of 'Glibc Notes' of crypt(3):
>
> In the SHA implementation the entire key is significant
> (instead of only the first 8 bytes in MD5).
>
> I'm pretty sure that's incorrect. I think both MD5 and SHA implementations
> use the whole key, and the 8-byte significance restriction is
> applies to (just) the original DES.
Thanks, this shold be already fixed in the git version.
> The man page also may be incorrect with the max salt lengths.
> I think this is eight bytes for MD5, 16 for SHA-256 and SHA-512.
> (The page implies 16 for MD5 too.)
I think the manpage is not strictly wrong here, though it could be more
detailed; patches are welcome.
--
Petr "Pasky" Baudis
The true meaning of life is to plant a tree under whose shade
you will never sit.
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2010-06-06 10:44 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-06-05 11:44 Bug in crypt(3) man page Paul A Sand
[not found] ` <20100605114404.GA30106-gUudzVX/zFgk2GylmosdeQ@public.gmane.org>
2010-06-06 10:44 ` Petr Baudis
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).