Import translated manuals from JM CVS Repository.

[linuxjm/jm.git] / manual / LDP_man-pages / draft / man3 / crypt.3

.\" Michael Haardt (michael@cantor.informatik.rwth.aachen.de)
.\"     Sat Sep  3 22:00:30 MET DST 1994
.\"
.\" This is free documentation; you can redistribute it and/or
.\" modify it under the terms of the GNU General Public License as
.\" published by the Free Software Foundation; either version 2 of
.\" the License, or (at your option) any later version.
.\"
.\" The GNU General Public License's references to "object code"
.\" and "executables" are to be interpreted as the output of any
.\" document formatting or typesetting system, including
.\" intermediate and printed output.
.\"
.\" This manual is distributed in the hope that it will be useful,
.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
.\" GNU General Public License for more details.
.\"
.\" You should have received a copy of the GNU General Public
.\" License along with this manual; if not, write to the Free
.\" Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111,
.\" USA.
.\"
.\" Sun Feb 19 21:32:25 1995, faith@cs.unc.edu edited details away
.\"
.\" TO DO: This manual page should go more into detail how DES is perturbed,
.\" which string will be encrypted, and what determines the repetition factor.
.\" Is a simple repetition using ECB used, or something more advanced?  I hope
.\" the presented explanations are at least better than nothing, but by no
.\" means enough.
.\"
.\" added _XOPEN_SOURCE, aeb, 970705
.\" added GNU MD5 stuff, aeb, 011223
.\"
.\" Japanese Version Copyright (c) 1998 Hiroaki Nagoya and MAEHARA Kouichi all rights reserved.
.\" Translated Sun Sep 27 JST 1998 by Hiroaki Nagoya <nagoya@cc.hit-u.ac.jp> and MAEHARA Kouichi <maeharak@kw.netlaputa.ne.jp>
.\" Updated 2002-01-19 by Kentaro Shirakata <argrath@ub32.org>
.\" Updated 2007-01-01 by Kentaro Shirakata <argrath@ub32.org>
.\" Updated 2008-07-30 by Kentaro Shirakata <argrath@ub32.org>
.\" Updated 2009-09-28 by Kentaro Shirakata <argrath@ub32.org>
.\"
.\"WORD: encryption °Å¹æ²½
.\"WORD: key ¸°
.\" "
.TH CRYPT 3 2008-08-25 "" "Linux Programmer's Manual"
.\"O .SH NAME
.SH ̾Á°
.\"O crypt, crypt_r \- password and data encryption
crypt, crypt_r \- ¥Ñ¥¹¥ï¡¼¥É¤È¥Ç¡¼¥¿¤Î°Å¹æ²½
.\"O .SH SYNOPSIS
.SH ½ñ¼°
.nf
.B #define _XOPEN_SOURCE
.br
.B #include <unistd.h>
.sp
.BI "char *crypt(const char *" key ", const char *" salt );
.sp
.BI "char *crypt_r(const char *" key ", const char *" salt ,
.BI "              struct crypt_data *" data );
.fi
.sp
.\"O Link with \fI\-lcrypt\fP.
\fI\-lcrypt\fP ¤Ç¥ê¥ó¥¯¤¹¤ë¡£
.\"O .SH DESCRIPTION
.SH ÀâÌÀ
.\"O .BR crypt ()
.\"O is the password encryption function.
.\"O It is based on the Data Encryption
.\"O Standard algorithm with variations intended (among other things) to
.\"O discourage use of hardware implementations of a key search.
.BR crypt ()
¤Ï¥Ñ¥¹¥ï¡¼¥É°Å¹æ²½´Ø¿ô¤Ç¤¢¤ë¡£
¸°Ãµº÷¤Î¥Ï¡¼¥É¥¦¥§¥¢¤Ë¤è¤ë¼ÂÁõ¤ò˸¤²¤ë¤è¤¦¤Ë(¤½¤Î¾¤Ë¤â¤¤¤í¤¤¤í)
Êѹ¹¤·¤¿ Data Encryption Standard ¥¢¥ë¥´¥ê¥º¥à¤ò¸µ¤Ë¤·¤Æ¤¤¤ë¡£
.PP
.\"O .I key
.\"O is a user's typed password.
.I key
¤Ï¥æ¡¼¥¶¤¬ÆþÎϤ¹¤ë¥Ñ¥¹¥ï¡¼¥É¤Ç¤¢¤ë¡£
.PP
.\"O .I salt
.\"O is a two-character string chosen from the set
.\"O [\fBa\fP\(en\fBzA\fP\(en\fBZ0\fP\(en\fB9./\fP].
.\"O This string is used to
.\"O perturb the algorithm in one of 4096 different ways.
.I salt
¤Ï½¸¹ç
[\fBa\fP\(en\fBzA\fP\(en\fBZ0\fP\(en\fB9./\fP]
¤«¤éÁª¤Ð¤ì¤¿ 2 ʸ»ú¤Îʸ»úÎó¤Ç¤¢¤ë¡£
¤³¤Îʸ»úÎó¤Ï¥¢¥ë¥´¥ê¥º¥à¤Î½ÐÎϤò 4096 Ä̤ê¤Ë¤«¤­Í𤹤Τ˻Ȥï¤ì¤ë¡£
.PP
.\"O By taking the lowest 7 bits of each of the first eight characters of the
.\"O .IR key ,
.\"O a 56-bit key is obtained.
.\"O This 56-bit key is used to encrypt repeatedly a
.\"O constant string (usually a string consisting of all zeros).
.\"O The returned
.\"O value points to the encrypted password, a series of 13 printable ASCII
.\"O characters (the first two characters represent the salt itself).
.\"O The return value points to static data whose content is
.\"O overwritten by each call.
.I key
¤ÎºÇ½é¤Î 8 ʸ»ú¤Î³Æʸ»ú¤«¤é²¼°Ì 7 ¥Ó¥Ã¥È¤ò¤È¤Ã¤Æ 56 ¥Ó¥Ã¥È¤Î¸°¤¬ÆÀ¤é¤ì¤ë¡£
¤³¤Î 56 ¥Ó¥Ã¥È¤Î¸°¤ÏÆÃÄê¤Îʸ»úÎó(¤Õ¤Ä¤¦¤Ï¤¹¤Ù¤Æ 0 ¤Îʸ»úÎó)
¤ò·«¤êÊÖ¤·°Å¹æ²½¤¹¤ë¤Î¤ËÍѤ¤¤é¤ì¤ë¡£
ÊÖ¤êÃͤϰŹ沽¤µ¤ì¤¿¥Ñ¥¹¥ï¡¼¥É¤Ø¤Î¥Ý¥¤¥ó¥¿¤Ç¡¢13 ¤Î°õ»ú²Äǽ¤Ê ASCII ʸ»ú
¤«¤é¤Ê¤ë(ºÇ½é¤Î 2 ʸ»ú¤Ï salt ¤½¤Î¤â¤Î)¡£
ÊÖ¤êÃͤϡ¢´Ø¿ô¸Æ½Ð¤·¤Î¤¿¤Ó¤Ë¾å½ñ¤­¤µ¤ì¤ëÀÅŪ¤Ê¥Ç¡¼¥¿¤Ø¤Î¥Ý¥¤¥ó¥¿¤Ç¤¢¤ë¡£
.PP
.\"O Warning: The key space consists of
.\"O .if t 2\s-2\u56\s0\d
.\"O .if n 2**56
.\"O equal 7.2e16 possible values.
.\"O Exhaustive searches of this key space are
.\"O possible using massively parallel computers.
.\"O Software, such as
.\"O .BR crack (1),
.\"O is available which will search the portion of this key space that is
.\"O generally used by humans for passwords.
.\"O Hence, password selection should,
.\"O at minimum, avoid common words and names.
.\"O The use of a
.\"O .BR passwd (1)
.\"O program that checks for crackable passwords during the selection process is
.\"O recommended.
·Ù¹ð: ¸°¶õ´Ö¤Ï
.if t 2\s-2\u56\s0\d
.if n 2**56
= 7.2e16 ¤Î²Äǽ¤ÊÃͤ«¤éÀ®¤ë¡£
¤³¤Î¸°¶õ´Ö¤ÎÁ´Ãµº÷¤Ï¶¯ÎϤÊÊÂÎó·×»»µ¡¤ò»È¤¨¤Ð²Äǽ¤Ç¤¢¤ë¡£¤Þ¤¿
.BR crack (1)
¤Î¤è¤¦¤Ê¥½¥Õ¥È¥¦¥§¥¢¤Ï¤³¤Î¸°¶õ´Ö¤ÎÃæ¤Ç¡¢Â¿¤¯¤Î¿Í¤Ë¥Ñ¥¹¥ï¡¼¥É¤È¤·¤Æ
»È¤ï¤ì¤ë¤è¤¦¤Ê¸°¤Ë¤Ä¤¤¤Æ¤ÎÁ´Ãµº÷¤¬²Äǽ¤Ç¤¢¤ë¡£
¤½¤ì¤æ¤¨¡¢¥Ñ¥¹¥ï¡¼¥É¤òÁªÂò¤¹¤ë¤È¤­¤Ë¤Ï¡¢¤¹¤¯¤Ê¤¯¤È¤â¡¢
°ìÈÌŪ¤Ë»È¤ï¤ì¤ëñ¸ì¤È̾Á°¤ÏÈò¤±¤ë¤Ù¤­¤Ç¤¢¤ë¡£
.BR passwd (1)
¤ò»È¤¦»þ¤Ë¤Ï¥¯¥é¥Ã¥¯¤µ¤ì¤¦¤ë¥Ñ¥¹¥ï¡¼¥É¤Ë¤Ä¤¤¤Æ¤Î¸¡ºº¤ò¤¹¤ë¤³¤È¤¬
¿ä¾©¤µ¤ì¤ë¡£
.PP
.\"O The DES algorithm itself has a few quirks which make the use of the
.\"O .BR crypt ()
.\"O interface a very poor choice for anything other than password
.\"O authentication.
.\"O If you are planning on using the
.\"O .BR crypt ()
.\"O interface for a cryptography project, don't do it: get a good book on
.\"O encryption and one of the widely available DES libraries.
DES ¥¢¥ë¥´¥ê¥º¥à¤Ë¤Ï¤¤¤¯¤Ä¤«¤ÎÊʤ¬¤¢¤ê¡¢¤½¤ì¤Ë¤è¤Ã¤Æ¥Ñ¥¹¥ï¡¼¥Éǧ¾Ú°Ê³°¤Ë
.BR crypt ()
¤ò»È¤¦¤Î¤Ï¤¿¤¤¤Ø¤ó¤è¤¯¤Ê¤¤ÁªÂò¤È¤Ê¤Ã¤Æ¤¤¤ë¡£¤â¤·
.BR crypt ()
¤ò°Å¹æ¥×¥í¥¸¥§¥¯¥È¤Ë»È¤ª¤¦¤È¤¤¤¦°Æ¤ò¤â¤Ã¤Æ¤¤¤ë¤Ê¤é¤Ð¡¢¤½¤ì¤Ï¤ä¤á¤¿¤Û¤¦¤¬
¤è¤¤¡£°Å¹æ²½¤Ë¤Ä¤¤¤Æ¤Î¤è¤¤ËܤÈï¤Ç¤âÆþ¼ê¤Ç¤­¤ë DES ¥é¥¤¥Ö¥é¥ê¤Î¤Ò¤È¤Ä¤ò
¼ê¤Ë¤¤¤ì¤ë¤Ù¤­¤À¡£

.\"O .BR crypt_r ()
.\"O is a reentrant version of
.\"O .BR crypt ().
.\"O The structure pointed to by
.\"O .I data
.\"O is used to store result data and bookkeeping information.
.\"O Other than allocating it,
.\"O the only thing that the caller should do with this structure is to set
.\"O .I data->initialized
.\"O to zero before the first call to
.\"O .BR crypt_r ().
.BR crypt_r ()
¤Ï
.BR crypt ()
¤ÎºÆÆþ²ÄǽÈǤǤ¢¤ë¡£
.I data
¤Ç¼¨¤µ¤ì¤ë¹½Â¤ÂΤϷë²Ì¥Ç¡¼¥¿¤ÎÊݸ¤È¾ðÊó¤Î´ÉÍý¤Ë»È¤ï¤ì¤ë¡£
¤³¤Î¹½Â¤ÂΤËÂФ·¤Æ(¥á¥â¥ê¤ò³ä¤êÅö¤Æ¤ë¤³¤È°Ê³°¤Ë)¸Æ¤Ó½Ð¤·¸µ¤¬¤¹¤ë¤Ù¤­Í£°ì¤Î
¤³¤È¤Ï¡¢
.BR crypt_r ()
¤Î½é²ó¤Î¸Æ¤Ó½Ð¤·¤ÎÁ°¤Ë
.I data->initialized
¤ò¥¼¥í¤Ë¤¹¤ë¤³¤È¤À¤±¤Ç¤¢¤ë¡£
.\"O .SH "RETURN VALUE"
.SH ÊÖ¤êÃÍ
.\"O On success, a pointer to the encrypted password is returned.
.\"O On error, NULL is returned.
À®¸ù¤Î¾ì¹ç¤Ë¤Ï¡¢°Å¹æ²½¤µ¤ì¤¿¥Ñ¥¹¥ï¡¼¥É¤Ø¤Î¥Ý¥¤¥ó¥¿¡¼¤¬ÊÖ¤µ¤ì¤ë¡£
¥¨¥é¡¼¤Î¾ì¹ç¤Ë¤Ï NULL ¤¬ÊÖ¤µ¤ì¤ë¡£
.\"O .SH ERRORS
.SH ¥¨¥é¡¼
.TP
.B ENOSYS
.\"O The
.\"O .BR crypt ()
.\"O function was not implemented, probably because of U.S.A. export restrictions.
.BR crypt ()
´Ø¿ô¤¬¼ÂÁõ¤µ¤ì¤Æ¤¤¤Ê¤¤¡£Â¿Ê¬¥¢¥á¥ê¥«¤ÎÍ¢½Ðµ¬À©¤Î¤¿¤á¤Ë¡£
.\"O .\" This level of detail is not necessary in this man page. . .
.\" ¤³¤Î¥ì¥Ù¥ë¤Î¾ÜºÙ¤Ï¤³¤Î¥Þ¥Ë¥å¥¢¥ë¤Ë¤ÏɬÍפʤ¤¤À¤í¤¦¡Ä
.\" (ÌõÃí: °Ê²¼¤Ï MAEHARA Kouichi <maeharak@kw.netlaputa.ne.jp> ¤µ¤ó¤ÎÌõ)
.\" .PP
.\"O .\" When encrypting a plain text P using DES with the key K results in the
.\"O .\" encrypted text C, then the complementary plain text P' being encrypted
.\"O .\" using the complementary key K' will result in the complementary encrypted
.\"O .\" text C'.
.\"ʿʸ P ¤ò¸° K ¤Ç¤â¤Ã¤Æ DES ¤òÍѤ¤¤Æ°Å¹æ²½¤·¤¿¤È¤­¤Î·ë²Ì¤Î°Å¹æʸ
.\"¤ò C ¤È¤¹¤ë¤Ê¤é¤Ð¡¢P ¤ËÂФ¹¤ë 2 ¤ÎÊä¿ôŪ¤Êʿʸ P' ¤ò¸° K
.\"¤ËÂФ¹¤ëƱÍͤËÊä¿ôŪ¤Ê¸° K' ¤òÍѤ¤¤Æ°Å¹æ²½¤¹¤ë¤È C ¤ËÂФ·¤Æ¤ä¤Ï¤êÊä
.\"¿ôŪ¤Ê°Å¹æʸ C' ¤È¤Ê¤ë¡£
.\".PP
.\"O .\" Weak keys are keys which stay invariant under the DES key transformation.
.\"O .\" The four known weak keys 0101010101010101, fefefefefefefefe,
.\"O .\" 1f1f1f1f0e0e0e0e and e0e0e0e0f1f1f1f1 must be avoided.
.\"DES ¤Ë¤è¤ë¸°¤ÎÊÑ·Á¤Ë¤ª¤¤¤Æ¡¢¾ï¤Ë¹¶·â¤ËÂФ·¤Æ¼å¤¤¸°¤¬Â¸ºß¤¹¤ë¡£¤è¤¯
.\"ÃΤé¤ì¤¿»Í¤Ä¤Î¼å¤¤¸°¤Ï 0101010101010101¡¢fefefefefefefefe¡¢
.\"1f1f1f1f0e0e0e0e¡¢e0e0e0e0f1f1f1f1 ¤Ç¤¢¤ê¤³¤ì¤é¤Î»ÈÍѤÏÈò¤±¤Ê¤±¤ì¤Ð
.\"¤Ê¤é¤Ê¤¤¡£
.\".PP
.\"O .\" There are six known half weak key pairs, which keys lead to the same
.\"O .\" encrypted data.  Keys which are part of such key clusters should be
.\"O .\" avoided.
.\"O .\" Sorry, I could not find out what they are.
.\"O .\""
.\"Ʊ°ì¤Î°Å¹æ²½·ë²Ì¤òƳ¤¤¤Æ¤·¤Þ¤¦Ï»ÁȤΤä¤ä¼å¤¤¸°¤â¤¢¤ë¡£¤³¤¦¤·¤¿¤¤¤¯
.\"¤Ä¤«¤Î¸°¤Î»ÈÍѤϤä¤Ï¤êÈò¤±¤ë¤Ù¤­¤Ç¤¢¤ë¡£
.\"¿½¤·¤ï¤±¤Ê¤¤¤³¤È¤À¤¬¡¢¤³¤ì¤Ë¤É¤ó¤Ê¸°¤¬³ºÅö¤¹¤ë¤Î¤«¤ÏÄ´¤Ù¤­¤ì¤Ê¤«¤Ã
.\"¤¿¡£
.\".PP
.\"O .\" Heavily redundant data causes trouble with DES encryption, when used in the
.\"O .\" .I codebook
.\"O .\" mode that
.\"O .\" .BR crypt ()
.\"O .\" implements.  The
.\"O .\" .BR crypt ()
.\"O .\" interface should be used only for its intended purpose of password
.\"O .\" verification, and should not be used as part of a data encryption tool.
.\"¶Ëü¤Ë¾éĹ²½¤Ç¤¢¤ë¥Ç¡¼¥¿¤Ï¡¢
.\".BR crypt ()
.\"¤Î¤è¤¦¤Ë
.\".I "°Å¹æɽ(codebook)"
.\"¥â¡¼¥É¤Ç¼ÂÁõ¤µ¤ì¤Æ¤¤¤ë DES ¤Ë¤è¤ë°Å¹æ²½¤Ë¤ª¤¤¤Æ¤Ï¥È¥é¥Ö¥ë¤Î¤â¤È¤È¤Ê
.\"¤ë¡£
.\".BR crypt ()
.\"¤Ï¤½¤ÎÁÛÄêÄ̤ꡢ¥Ñ¥¹¥ï¡¼¥É¤Îǧ¾Ú¤ÎÌÜŪ¤Ë¤Î¤ßÍøÍѤ¹¤Ù¤­¤â¤Î¤Ç¤¢¤ê¡¢
.\"¥Ç¡¼¥¿¤Î°Å¹æ²½¥Ä¡¼¥ë¤È¤·¤ÆÍѤ¤¤Æ¤Ï¤Ê¤é¤Ê¤¤¡£
.\".PP
.\"O .\" The first and last three output bits of the fourth S-box can be
.\"O .\" represented as function of their input bits.  Empiric studies have
.\"O .\" shown that S-boxes partially compute the same output for similar input.
.\"O .\" It is suspected that this may contain a back door which could allow the
.\"O .\" NSA to decrypt DES encrypted data.
.\"Âè»Í S-box ¤Î¡¢ÀèƬ¤ÈËöÈø»°¤Ä¤Î½ÐÎÏ bit ·²¤Ï¡¢¤½¤ÎÆþÎÏ bit ·²¤Î´Ø¿ô
.\"¤È¤·¤Æɽ¤ï¤¹¤³¤È¤¬¤Ç¤­¤ë¡£¤³¤Î¤è¤¦¤Ê S-box ·²¤ÏƱ¤¸ÆþÎϤËÂФ·¤Æ¤ÏÉô
.\"ʬŪ¤ËƱ¤¸°Å¹æ²½·ë²Ì¤òÀ¸À®¤·¤Æ¤·¤Þ¤¦¤³¤È¤¬¼Â¸³¤Ë¤è¤Ã¤Æ¤¢¤­¤é¤«¤Ë¤µ
.\"¤ì¤Æ¤¤¤ë¡£¤³¤ì¤Ï¡¢¹ñ²È°ÂÁ´Êݾã¶É(NSA)¤¬ DES ¤Ë¤è¤ë°Å¹æ¥Ç¡¼¥¿¤Î²òÆɤò²Äǽ
.\"¤Ë¤¹¤ë¤¿¤á¤ËÀߤ±¤¿Î¢¸ý¤Ê¤Î¤Ç¤Ï¤Ê¤¤¤«¤Èµ¿¤ï¤ì¤Æ¤¤¤ë¡£
.\".PP
.\"O .\" Making encrypted data computed using crypt() publicly available has
.\"O .\" to be considered insecure for the given reasons.
.\"¤³¤¦¤¤¤Ã¤¿Íýͳ¤Ë¤è¤ê¡¢crypt() ¤ò»ÈÍѤ·¤¿°Å¹æ²½¥Ç¡¼¥¿¤ò¸ø³«¤¹¤ë¤³¤È
.\"¤Ï°ÂÁ´¤Ç¤Ï¤Ê¤¤¤Èǧ¼±¤¹¤ë¤Ù¤­¤Ê¤Î¤Ç¤¢¤ë¡£
.\"O .SH "CONFORMING TO"
.SH ½àµò
.BR crypt ():
SVr4, 4.3BSD, POSIX.1-2001.
.\"O .BR crypt_r ()
.\"O is a GNU extension.
.BR crypt_r ()
¤Ï GNU ³ÈÄ¥¤Ç¤¢¤ë¡£
.\"O .SH NOTES
.\"O .SS Glibc Notes
.SH Ãí°Õ
.SS glibc ¤Ç¤ÎÃí°Õ
.\"O The glibc2 version of this function supports additional
.\"O encryption algorithms.
¤³¤Î´Ø¿ô¤Î glibc2 ÈǤÏÄɲäΰŹ沽¥¢¥ë¥´¥ê¥º¥à¤ËÂбþ¤·¤Æ¤¤¤ë¡£

.\"O If
.\"O .I salt
.\"O is a character string starting with the characters "$\fIid\fP$"
.\"O followed by a string terminated by "$":
¤â¤·
.I salt
¤Îʸ»úÎó¤¬ "$\fIid\fP$" ¤Ç»Ï¤Þ¤Ã¤Æ¤¤¤Æ¡¢"$" ¤Ç½ª¤ï¤Ã¤Æ¤¤¤ëʸ»úÎó¤¬
³¤¤¤Æ¤¤¤ë¾ì¹ç:
.RS

$\fIid\fP$\fIsalt\fP$\fIencrypted\fP

.RE
.\"O then instead of using the DES machine,
.\"O .I id
.\"O identifies the encryption method used and this then determines how the rest
.\"O of the password string is interpreted.
.\"O The following values of
.\"O .I id
.\"O are supported:
DES ¤ò»È¤¦Âå¤ï¤ê¤Ë¡¢
.I id
¤Ç»ÈÍѤ¹¤ë°Å¹æ²½¼êË¡¤ò¼±Ê̤·¡¢¤³¤ì¤¬¥Ñ¥¹¥ï¡¼¥Éʸ»úÎó¤Î»Ä¤ê¤ÎÉôʬ¤ò²ò¼á¤¹¤ë
ÊýË¡¤ò·èÄꤹ¤ë¡£
.I id
¤ÎÃͤȤ·¤Æ¡¢°Ê²¼¤ÎÃͤËÂбþ¤·¤Æ¤¤¤ë:
.RS
.TS
l l.
ID  | Method
_
1   | MD5
.\"O 2a  | Blowfish (not in mainline glibc; added in some
.\"O     | Linux distributions)
2a  | Blowfish (ËÜή¤Î glibc ¤Ë¤ÏÆþ¤Ã¤Æ¤¤¤Ê¤¤;
    | ¤¤¤¯¤Ä¤«¤Î Linux ¥Ç¥£¥¹¥È¥ê¥Ó¥å¡¼¥·¥ç¥ó¤ÇÄɲ䵤ì¤Æ¤¤¤ë)
.\" openSUSE has Blowfish, but AFAICS, this option is not supported
.\" natively by glibc -- mtk, Jul 08
.\"
.\" md5 | Sun MD5
.\" glibc doesn't appear to natively support Sun MD5; I don't know
.\" if any distros add the support.
.\"O 5   | SHA-256 (since glibc 2.7)
.\"O 6   | SHA-512 (since glibc 2.7)
5   | SHA-256 (glibc 2.7 °Ê¹ß)
6   | SHA-512 (glibc 2.7 °Ê¹ß)
.TE
.RE

.\"O So $5$\fIsalt\fP$\fIencrypted\fP is an SHA-256 encoded
.\"O password and $6$\fIsalt\fP$\fIencrypted\fP is an
.\"O SHA-512 encoded one.
½¾¤Ã¤Æ¡¢$5$\fIsalt\fP$\fIencrypted\fP ¤Ï SHA-256 ¤Ç¥¨¥ó¥³¡¼¥É¤µ¤ì¤¿
¥Ñ¥¹¥ï¡¼¥É¤Ç¤¢¤ê¡¢$6$\fIsalt\fP$\fIencrypted\fP ¤Ï SHA-512 ¤Ç
¥¨¥ó¥³¡¼¥É¤µ¤ì¤¿¥Ñ¥¹¥ï¡¼¥É¤Ç¤¢¤ë¡£

.\"O "\fIsalt\fP" stands for the up to 16 characters
.\"O following "$\fIid\fP$" in the salt.
.\"O The encrypted part of the password string is the actual computed password.
.\"O The size of this string is fixed:
"\fIsalt\fP" ¤Ï salt ¤Ë¤ª¤±¤ë "$\fIid\fP$" ¤Ë°ú¤­Â³¤¯ 16 ʸ»ú°Ê²¼¤Î
ʸ»úÎó¤Ç¤¢¤ë¡£
¥Ñ¥¹¥ï¡¼¥Éʸ»úÎó¤Î°Å¹æ²½Éôʬ¤Ï¼ÂºÝ¤Ë·×»»¤µ¤ì¤¿¥Ñ¥¹¥ï¡¼¥É¤Ç¤¢¤ë¡£
¤³¤Îʸ»úÎó¤Î¥µ¥¤¥º¤Ï¸ÇÄê¤Ç¤¢¤ë:
.TS
l l.
MD5     | 22 characters
SHA-256 | 43 characters
SHA-512 | 86 characters
.TE

.\"O The characters in "\fIsalt\fP" and "\fIencrypted\fP" are drawn from the set
.\"O The characters in "<salt>" and "<encoded>" are drawn from the set
.\"O [\fBa\fP\(en\fBzA\fP\(en\fBZ0\fP\(en\fB9./\fP].
"\fIsalt\fP" ¤È "\fIencrypted\fP" ¤Îʸ»ú¤Ï
[\fBa\fP\(en\fBzA\fP\(en\fBZ0\fP\(en\fB9./\fP] ¤Î½¸¹ç¤«¤é
Áª¤Ð¤ì¤ë¡£
.\"O In the SHA implementation the entire
.\"O .I key
.\"O is significant (instead of only the first
.\"O 8 bytes).
SHA ¼ÂÁõ¤Ç¤Ï¡¢(ºÇ½é¤Î 8 ʸ»ú¤Ç¤Ï¤Ê¤¯)
.I ¥­¡¼
Á´ÂΤ¬°ÕÌ£¤¬¤¢¤ë¡£
.\"O .SH "SEE ALSO"
.SH ´ØÏ¢¹àÌÜ
.BR login (1),
.BR passwd (1),
.BR encrypt (3),
.BR getpass (3),
.BR passwd (5),
.BR feature_test_macros (7)