如何获得与 Linux crypt 和 salt 输出相同的结果?

How do I get to the same results as the Linux crypt and salt output?

我在 Ubuntu 机器 "openssl passwd -crypt - salt pass book" 上使用了以下命令来生成加盐密码。

输出由什么散列组成?例如 SHA-512、MD5 等。此外,我想知道它是如何组成的。比如,是不是把"passbook"散列在一起做的?

我需要更多关于 hashing/algorithm 用于生成我看到的输出的信息。

谢谢

openssl passwd应用程序在使用-crypt算法时提供的结果似乎与Linux/Unixcrypt()函数提供的结果相同。您可以使用以下(quick'n'dirty)代码片段验证这一点:

#include <crypt.h>
#include <stdio.h>

int main(
  int argc,
  char **argv)
{
  char *key = argv[1];
  char *salt = argv[2];
  char *enc = crypt(key, salt);
  printf("key = \"%s\", salt = \"%s\", enc = \"%s\"\n",
    key ? key:"NULL", salt ? salt:"NULL", enc ? enc:"NULL");
}

结果:

$ ./main book pass
key = "book", salt = "pass", enc = "pahzZkfwawIXw"
$ openssl passwd -crypt -salt pass book
pahzZkfwawIXw

crypt() 函数的确切细节似乎在 its OSX man page 中解释得最清楚,特别是:

Traditional crypt:
  The first 8 bytes of the key are null-padded, and the low-order 7 bits of each character is
  used to form the 56-bit DES key.

  The salt is a 2-character array of the ASCII-encoded salt.  Thus, only 12 bits of salt are
  used.  count is set to 25.

Algorithm:
  The salt introduces disorder in the DES algorithm in one of 16777216 or 4096 possible ways
  (ie. with 24 or 12 bits: if bit i of the salt is set, then bits i and i+24 are swapped in
  the DES E-box output).

  The DES key is used to encrypt a 64-bit constant, using count iterations of DES.  The value
  returned is a null-terminated string, 20 or 13 bytes (plus null) in length, consisting of
  the salt, followed by the encoded 64-bit encryption.