1*48352Scael.\" Copyright (c) 1989, 1991 The Regents of the University of California. 247038Sbostic.\" All rights reserved. 320293Smckusick.\" 4*48352Scael.\" %sccs.include.redist.man% 547038Sbostic.\" 6*48352Scael.\" @(#)crypt.3 6.3 (Berkeley) 04/19/91 747038Sbostic.\" 8*48352Scael.Dd 9*48352Scael.Dt CRYPT 3 10*48352Scael.Os 11*48352Scael.Sh NAME 12*48352Scael.Nm crypt , 13*48352Scael.Nm setkey , 14*48352Scael.Nm encrypt , 15*48352Scael.Nm des_setkey , 16*48352Scael.Nm des_cipher 17*48352Scael.Nd DES encryption 18*48352Scael.Sh SYNOPSIS 19*48352Scael.Ft char 20*48352Scael.Fn *crypt "const char *key" "const char *setting" 21*48352Scael.Ft void 22*48352Scael.Fn setkey "char *key" 23*48352Scael.Ft void 24*48352Scael.Fn encrypt "char *block" "int flag" 25*48352Scael.Ft void 26*48352Scael.Fn des_setkey "const char *key" 27*48352Scael.Ft void 28*48352Scael.Fn des_cipher "const char *in" "char *out" "u_long salt" "int count" 29*48352Scael.Sh DESCRIPTION 30*48352ScaelThe 31*48352Scael.Xr crypt 32*48352Scaelfunction 33*48352Scaelperforms password encryption. 34*48352ScaelIt is derived from the 35*48352Scael.Tn NBS 36*48352ScaelData Encryption Standard. 37*48352ScaelAdditional code has been added to deter 38*48352Scaelkey search attempts. 39*48352ScaelThe first argument to 40*48352Scael.Nm crypt 41*48352Scaelis 42*48352Scaela 43*48352Scael.Dv NUL Ns -terminated 44*48352Scaelstring (normally a password typed by 45*48352Scaela user) 46*48352Scaelfirst argument is a 47*48352Scael.Dv NUL Ns -terminated 48*48352Scael(normally a user's typed 4947038SbosticThe second is a character array, 9 bytes in length, consisting of an 5047038Sbosticunderscore (``_'') followed by 4 bytes of iteration count and 4 bytes 5147038Sbosticof salt. 5247038SbosticBoth the iteration 53*48352Scael.Fa count 5447038Sbosticand the 55*48352Scael.Fa salt 5647038Sbosticare encoded as follows: only 6 bits per character are used, with the least 5747038Sbosticsignificant bits occurring first. 5847038SbosticThe values 0 to 63 are encoded by the characters ``./0-9A-Za-z'', 5947038Sbosticrespectively. 6020293SmckusickThe 61*48352Scael.Fa salt 62*48352Scaelis used to induce disorder in to the 63*48352Scael.Tn DES 64*48352Scaelalgorithm 65*48352Scaelin one of 16777216 66*48352Scaelpossible ways 6747038Sbostic(specifically, if bit 68*48352Scael.Em N 6947038Sbosticof the 70*48352Scael.Ar salt 7147038Sbosticis set then bits 72*48352Scael.Em N 7347038Sbosticand 74*48352Scael.Em N+24 75*48352Scaelare swapped in the 76*48352Scael.Tn DES 77*48352Scael``E'' box output). 7847038SbosticThen the 79*48352Scael.Ar key 8047038Sbosticis used to perform 81*48352Scael.Ar count 8247038Sbosticcumulative encryptions of a 64-bit constant. 83*48352ScaelThe value returned is a character array, 20 bytes in length, consisting 8447038Sbosticof the 85*48352Scael.Ar setting 8647038Sbosticfollowed by the encoded 64-bit encryption. 87*48352Scael.Pp 8847038SbosticFor compatibility with historical versions of 89*48352Scael.Xr crypt 3 , 9047038Sbosticthe 91*48352Scael.Ar setting 9247038Sbosticmay consist of 2 bytes of salt, encoded as above, in which case an 9347038Sbosticiteration 94*48352Scael.Ar count 95*48352Scaelof 25 is used, fewer perturbations of 96*48352Scael.Tn DES 97*48352Scaelare available, at most 8 9847038Sbosticcharacters of 99*48352Scael.Ar key 10047038Sbosticare used, and the returned value is a character array 13 bytes in length. 101*48352Scael.Pp 102*48352ScaelThe 103*48352Scaelfunctions, 104*48352Scael.Fn encrypt , 105*48352Scael.Fn setkey , 106*48352Scael.Fn des_setkey 107*48352Scaeland 108*48352Scael.Fn des_cipher 109*48352Scaelallow limited access to the 110*48352Scael.Tn DES 111*48352Scaelalgorithm itself. 112*48352ScaelThe 113*48352Scael.Ar key 114*48352Scaelargument to 115*48352Scael.Fn setkey 116*48352Scaelis a 64 character array of 117*48352Scael.Tn ASCII 118*48352Scaelbinary values (0 or 1). 11947038SbosticA 56-bit key is derived from dividing this array by dividing the string 12047038Sbosticinto groups of 8 and ignoring the last bit in each group. 121*48352Scael.Pp 122*48352ScaelThe 123*48352Scael.Fn encrypt 124*48352Scaelargument 125*48352Scael.Fa block 126*48352Scaelis also a 64 character array of 127*48352Scael.Tn ASCII 128*48352Scaelbinary values. 129*48352ScaelIf the value of 130*48352Scael.Fa flag 131*48352Scaelis 0, 132*48352Scaelthe argument 133*48352Scael.Fa block 134*48352Scaelis encrypted, otherwise it 135*48352Scaelis decrypted. 136*48352ScaelThe encryption or decryption is returned in the original 137*48352Scaelarray 138*48352Scael.Fa block 139*48352Scaelafter using the 140*48352Scaelkey specified 141*48352Scaelby 142*48352Scael.Fn setkey 143*48352Scaelto process it. 144*48352Scael.Pp 145*48352ScaelThe 146*48352Scael.Fn des_setkey 14747038Sbosticand 148*48352Scael.Fn des_cipher 149*48352Scaelfunctions are faster but less portable than 150*48352Scael.Fn setkey 15147038Sbosticand 152*48352Scael.Fn encrypt . 15347038SbosticThe argument to 154*48352Scael.Fn des_setkey 15547038Sbosticis a character array of length 8. 15629774SmckusickThe 157*48352Scael.Em least 15847038Sbosticsignificant bit in each character is ignored and the next 7 bits of each 15947038Sbosticcharacter are concatenated to yield a 56-bit key. 160*48352ScaelThe function 161*48352Scael.Fn des_cipher 16247038Sbosticencrypts (or decrypts if 163*48352Scael.Fa count 16447038Sbosticis negative) the 64-bits stored in the 8 characters at 165*48352Scael.Fa in 16647038Sbosticusing 167*48352Scael.Xr abs 3 168*48352Scaelof 169*48352Scael.Fa count 170*48352Scaeliterations of 171*48352Scael.Tn DES 172*48352Scaeland stores the 64-bit result in the 8 characters at 173*48352Scael.Fa out . 17447038SbosticThe 175*48352Scael.Fa salt 176*48352Scaelspecifies perturbations to 177*48352Scael.Tn DES 178*48352Scaelas described above. 179*48352Scael.Sh SEE ALSO 180*48352Scael.Xr login 1 , 181*48352Scael.Xr passwd 1 , 182*48352Scael.Xr getpass 3 , 183*48352Scael.Xr passwd 5 184*48352Scael.Rs 185*48352Scael.%T "Mathematical Cryptology for Computer Scientists and Mathematicians" 186*48352Scael.%A Wayne Patterson 187*48352Scael.%D 1987 188*48352Scael.%N ISBN 0-8476-7438-X 189*48352Scael.Re 190*48352Scael.Rs 191*48352Scael.%T "Password Security: A Case History" 192*48352Scael.%A R. Morris 193*48352Scael.%A Ken Thompson 194*48352Scael.%J "Communications of the ACM" 195*48352Scael.%V vol. 22 196*48352Scael.%P pp. 594-597 197*48352Scael.%D Nov. 1979 198*48352Scael.Re 199*48352Scael.Rs 200*48352Scael.%T "DES will be Totally Insecure within Ten Years" 201*48352Scael.%A M.E. Hellman 202*48352Scael.%J "IEEE Spectrum" 203*48352Scael.%V vol. 16 204*48352Scael.%P pp. 32-39 205*48352Scael.%D July 1979 206*48352Scael.Re 207*48352Scael.Sh HISTORY 208*48352ScaelA 209*48352Scael.Fn crypt 210*48352Scaelfunction appeared in 211*48352Scael.At v6 . 212*48352Scael.Sh BUGS 21347038SbosticDropping the 214*48352Scael.Em least 21547038Sbosticsignificant bit in each character of the argument to 216*48352Scael.Fn des_setkey 21747038Sbosticis ridiculous. 218*48352Scael.Pp 219*48352ScaelThe 220*48352Scael.Fn crypt 221*48352Scaelfunction leaves its result in an internal static object and returns 222*48352Scaela pointer to that object. Subsequent calls to 223*48352Scael.Fn crypt 224*48352Scaelwill modify the same object. 225