i need a command or a script returning supported hashing algorithms (for hashing passwords) on a system, i mean algorithms can be used with pam.d configuration files or login.defs .
generally md5,bigcrypt,sha256, sha512 and blowfish are supported but i need to programmatically check if new algorithm is supported and determine it in my script.i checked /proc/crypto but is was too less than what i mentioned before
thanks
/proc/crypto is just a list of the algorithms that the kernel knows about; this has nothing to do with PAM.
There is no way to directly query PAM to find out what hashes it can support; it knows this internally, of course, but it is not exposed by any public API.
One thing you could do is use crypt and attempt to hash a pass with the various id types, essentially probing PAM (or more properly, probing libc's crypt, which PAM uses for shadowed passwords). Simple example:
#include <unistd.h>
#include <stdio.h>
#include <string>
bool test_crypt_method(const char* id)
{
const std::string salt =
std::string("$") + id + "$" + "testsalt$";
std::string crypt_result = ::crypt("password", salt.c_str());
/*
* If the hash ID is not supported, glibc unfortunately
* then treats it as a old-style DES crypt rather than
* failing; find this situation.
*/
if(crypt_result.size() == 13 &&
crypt_result[0] == '$' &&
crypt_result.find('$', 1) == std::string::npos)
return false;
return true;
}
int main()
{
if(test_crypt_method("1"))
printf("md5 ");
if(test_crypt_method("2a"))
printf("blowfish ");
if(test_crypt_method("4")) // test for false positives
printf("undefined ");
if(test_crypt_method("5"))
printf("sha256 ");
if(test_crypt_method("6"))
printf("sha512 ");
printf("\n");
}