Small error in crypt() manpage

Small error in crypt() manpage

[Marcel Moreaux]

Hey,

The Linux manpage for crypt()[1] contains the following statement as the
last sentence of the NOTES section:

    In the SHA implementation the entire key is significant (instead of
    only the first 8 bytes in MD5).

It should probably say "DES" where it says "MD5" (and maybe "MD5/SHA"
where it says "SHA"), because in MD5 password hashing, the entire key is
significant, not just the first 8 bytes.

Quoting the glibc documentation[2]:

    For the MD5-based algorithm, [...] Every character in the key is
    significant. 



Best regards,

Marcel Moreaux



[1] http://www.kernel.org/doc/man-pages/online/pages/man3/crypt.3.html
[2] http://www.gnu.org/s/libc/manual/html_node/crypt.html#crypt
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH] man3/crypt.3: Correct note on key portion significance

[Petr Baudis]

As Marcel Moreaux notes:

> The Linux manpage for crypt()[1] contains the following statement as the
> last sentence of the NOTES section:
> 
>     In the SHA implementation the entire key is significant (instead of
>     only the first 8 bytes in MD5).
> 
> It should probably say "DES" where it says "MD5" (and maybe "MD5/SHA"
> where it says "SHA"), because in MD5 password hashing, the entire key is
> significant, not just the first 8 bytes.

This patch fixes the wording.

Signed-off-by: Petr Baudis <pasky-AlSwsSmVLrQ@public.gmane.org>

---

diff --git a/man3/crypt.3 b/man3/crypt.3
index 1139792..aeaf873 100644
--- a/man3/crypt.3
+++ b/man3/crypt.3
@@ -217,10 +217,10 @@ SHA-512 | 86 characters
 
 The characters in "\fIsalt\fP" and "\fIencrypted\fP" are drawn from the set
 [\fBa\fP\(en\fBzA\fP\(en\fBZ0\fP\(en\fB9./\fP].
-In the SHA implementation the entire
+In the MD5 and SHA implementations the entire
 .I key
 is significant (instead of only the first
-8 bytes in MD5).
+8 bytes in DES).
 .SH "SEE ALSO"
 .BR login (1),
 .BR passwd (1),
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] man3/crypt.3: Correct note on key portion significance

[Michael Kerrisk]

Hello Petr,

On Tue, May 11, 2010 at 3:35 AM, Petr Baudis <pasky-AlSwsSmVLrQ@public.gmane.org> wrote:
> As Marcel Moreaux notes:
>
>> The Linux manpage for crypt()[1] contains the following statement as the
>> last sentence of the NOTES section:
>>
>>     In the SHA implementation the entire key is significant (instead of
>>     only the first 8 bytes in MD5).
>>
>> It should probably say "DES" where it says "MD5" (and maybe "MD5/SHA"
>> where it says "SHA"), because in MD5 password hashing, the entire key is
>> significant, not just the first 8 bytes.
>
> This patch fixes the wording.

Thanks. Applied for 3.25.

Cheers,

Michael


> Signed-off-by: Petr Baudis <pasky-AlSwsSmVLrQ@public.gmane.org>
>
> ---
>
> diff --git a/man3/crypt.3 b/man3/crypt.3
> index 1139792..aeaf873 100644
> --- a/man3/crypt.3
> +++ b/man3/crypt.3
> @@ -217,10 +217,10 @@ SHA-512 | 86 characters
>
>  The characters in "\fIsalt\fP" and "\fIencrypted\fP" are drawn from the set
>  [\fBa\fP\(en\fBzA\fP\(en\fBZ0\fP\(en\fB9./\fP].
> -In the SHA implementation the entire
> +In the MD5 and SHA implementations the entire
>  .I key
>  is significant (instead of only the first
> -8 bytes in MD5).
> +8 bytes in DES).
>  .SH "SEE ALSO"
>  .BR login (1),
>  .BR passwd (1),
>



-- 
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Author of "The Linux Programming Interface" http://blog.man7.org/
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html