Bug 428280

Summary: No info on crypt(3) SHA-256/512 features
Product: [Fedora] Fedora Reporter: Alexander Todorov <atodorov>
Component: man-pagesAssignee: Ivana Varekova <varekova>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: low Docs Contact:
Priority: low    
Version: 8CC: alain.portal, cward, mtk.manpages
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-01-14 10:44:39 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Alexander Todorov 2008-01-10 13:37:15 UTC 
Description of problem:
From:
http://fedoraproject.org/wiki/Releases/8/ReleaseSummary#head-446aa1d2dc25ce800789630289dca8622bafaca5
<quote>
The glibc package in Fedora 8 now has support for passwords using SHA256 and
SHA512 hashing. Before only DES and MD5 were available. The tools to create
passwords have not been extended yet, but if such passwords are created in
others ways, glibc will recognize and honor them.
</quote>

In man crypt, NOTES, Glibc Notes it's documented how to use the MD5 and DES
implementations and how to distinguish between the two when reading encoded
passwords. No such info exists for the SHA-256/512 implementation.

Version-Release number of selected component (if applicable):
man-pages-2.66-1.fc8

How reproducible:
Always

Steps to Reproduce:
1. man crypt
2.
3.
  
Actual results:
No info on SHA-256/512 capabilities.

Expected results:
SHA capabilities should be described in the same way MD5 ones are described.

Additional info:
Comment 1 Alexander Todorov 2008-01-10 13:45:35 UTC 
According to:
http://people.redhat.com/drepper/SHA-crypt.txt

The integration into existing systems is easy if those systems already
support the MD5-based solution.  Ever since the introduction of the
MD5-based method an extended password format is in used:

   $<ID>$<SALT>$<PWD>

If the password is not of this form it is an old-style DES-encrypted
password.  If the password has this form the ID identifies the method
used and this then determines how the rest of the password string is
interpreted.  So far the following ID values are in use:


     ID       |    Method
  -------------------------------
     1        |  MD5 (Linux, BSD)
     2a       |  Blowfish (OpenBSD)
     md5      |  Sun MD5


For the new SHA-256 and SHA-512 methods the following values are
selected:


     ID       |    Method
  -------------------------------
     5        |  SHA-256
     6        |  SHA-512



So $5$<SALT>$<PWD> is a SHA-256 encoded password and $6$<SALT>$<PWD> is a
SHA-512 encoded one. Please add this info in the manual page.
Comment 2 Ivana Varekova 2008-01-14 10:44:39 UTC 
Thanks, fixed in man-pages-2.75-2.fc9.
Comment 3 Michael Kerrisk 2008-07-09 04:57:35 UTC 
Ivana,

The fix that appears to have been made was to copy the above text, from a 
standards proposal, into the man page.  However, it is not clear if Linux 
systems even support all of these options -- did you check this?

As far as I can see:

2a Blowfish -- is not natively supported by glibc, but some distros patch in 
support (e.g. openSUSE; but does Fedora?)

md5 Sun MD5 -- is not natively supported by glibc.

5 - SHA-256
6 - SHA-512
Are supported by since glibc 2.7.

Can you confirm?
Comment 4 Ivana Varekova 2008-07-28 07:40:11 UTC 
Ulrich Drepper's comment is:
"None of the other encryption (2a, md5) is supported.  It makes no sense
to support them.  I only added 5 and 6.  If you mention any other you
should say that the others are not generally available and should be
avoided.  Only SHA is based on technology sanctioned by NIST." so you are right
the man-page should be fixed.