148352Scael.\" Copyright (c) 1989, 1991 The Regents of the University of California. 247038Sbostic.\" All rights reserved. 320293Smckusick.\" 448352Scael.\" %sccs.include.redist.man% 547038Sbostic.\" 6*49224Sbostic.\" @(#)crypt.3 6.5 (Berkeley) 05/06/91 747038Sbostic.\" 848352Scael.Dd 948352Scael.Dt CRYPT 3 1048352Scael.Os 1148352Scael.Sh NAME 1248352Scael.Nm crypt , 1348352Scael.Nm setkey , 1448352Scael.Nm encrypt , 1548352Scael.Nm des_setkey , 1648352Scael.Nm des_cipher 1748352Scael.Nd DES encryption 1848352Scael.Sh SYNOPSIS 1948352Scael.Ft char 2048352Scael.Fn *crypt "const char *key" "const char *setting" 2148352Scael.Ft void 2248352Scael.Fn setkey "char *key" 2348352Scael.Ft void 2448352Scael.Fn encrypt "char *block" "int flag" 2548352Scael.Ft void 2648352Scael.Fn des_setkey "const char *key" 2748352Scael.Ft void 2848486Sbostic.Fn des_cipher "const char *in" "char *out" "long salt" "int count" 2948352Scael.Sh DESCRIPTION 3048352ScaelThe 3148352Scael.Xr crypt 3248352Scaelfunction 3348352Scaelperforms password encryption. 3448352ScaelIt is derived from the 3548352Scael.Tn NBS 3648352ScaelData Encryption Standard. 3748352ScaelAdditional code has been added to deter 3848352Scaelkey search attempts. 3948352ScaelThe first argument to 4048352Scael.Nm crypt 4148352Scaelis 4248352Scaela 4348352Scael.Dv NUL Ns -terminated 4448486Sbosticstring (normally a password typed by a user). 4547038SbosticThe second is a character array, 9 bytes in length, consisting of an 4647038Sbosticunderscore (``_'') followed by 4 bytes of iteration count and 4 bytes 4747038Sbosticof salt. 4847038SbosticBoth the iteration 4948352Scael.Fa count 5047038Sbosticand the 5148352Scael.Fa salt 5247038Sbosticare encoded as follows: only 6 bits per character are used, with the least 5347038Sbosticsignificant bits occurring first. 5447038SbosticThe values 0 to 63 are encoded by the characters ``./0-9A-Za-z'', 5547038Sbosticrespectively. 5620293SmckusickThe 5748352Scael.Fa salt 5848352Scaelis used to induce disorder in to the 5948352Scael.Tn DES 6048352Scaelalgorithm 6148352Scaelin one of 16777216 6248352Scaelpossible ways 6347038Sbostic(specifically, if bit 6448352Scael.Em N 6547038Sbosticof the 6648352Scael.Ar salt 6747038Sbosticis set then bits 6848352Scael.Em N 6947038Sbosticand 7048352Scael.Em N+24 7148352Scaelare swapped in the 7248352Scael.Tn DES 7348352Scael``E'' box output). 7447038SbosticThen the 7548352Scael.Ar key 7647038Sbosticis used to perform 7748352Scael.Ar count 7847038Sbosticcumulative encryptions of a 64-bit constant. 7948352ScaelThe value returned is a character array, 20 bytes in length, consisting 8047038Sbosticof the 8148352Scael.Ar setting 8247038Sbosticfollowed by the encoded 64-bit encryption. 8348352Scael.Pp 8447038SbosticFor compatibility with historical versions of 8548352Scael.Xr crypt 3 , 8647038Sbosticthe 8748352Scael.Ar setting 8847038Sbosticmay consist of 2 bytes of salt, encoded as above, in which case an 8947038Sbosticiteration 9048352Scael.Ar count 9148352Scaelof 25 is used, fewer perturbations of 9248352Scael.Tn DES 9348352Scaelare available, at most 8 9447038Sbosticcharacters of 9548352Scael.Ar key 9647038Sbosticare used, and the returned value is a character array 13 bytes in length. 9748352Scael.Pp 9848352ScaelThe 9948352Scaelfunctions, 10048352Scael.Fn encrypt , 10148352Scael.Fn setkey , 10248352Scael.Fn des_setkey 10348352Scaeland 10448352Scael.Fn des_cipher 10548352Scaelallow limited access to the 10648352Scael.Tn DES 10748352Scaelalgorithm itself. 10848352ScaelThe 10948352Scael.Ar key 11048352Scaelargument to 11148352Scael.Fn setkey 11248352Scaelis a 64 character array of 11348352Scael.Tn ASCII 11448352Scaelbinary values (0 or 1). 11547038SbosticA 56-bit key is derived from dividing this array by dividing the string 11647038Sbosticinto groups of 8 and ignoring the last bit in each group. 11748352Scael.Pp 11848352ScaelThe 11948352Scael.Fn encrypt 12048352Scaelargument 12148352Scael.Fa block 12248352Scaelis also a 64 character array of 12348352Scael.Tn ASCII 12448352Scaelbinary values. 12548352ScaelIf the value of 12648352Scael.Fa flag 12748352Scaelis 0, 12848352Scaelthe argument 12948352Scael.Fa block 13048352Scaelis encrypted, otherwise it 13148352Scaelis decrypted. 13248352ScaelThe encryption or decryption is returned in the original 13348352Scaelarray 13448352Scael.Fa block 13548352Scaelafter using the 13648352Scaelkey specified 13748352Scaelby 13848352Scael.Fn setkey 13948352Scaelto process it. 14048352Scael.Pp 14148352ScaelThe 14248352Scael.Fn des_setkey 14347038Sbosticand 14448352Scael.Fn des_cipher 14548352Scaelfunctions are faster but less portable than 14648352Scael.Fn setkey 14747038Sbosticand 14848352Scael.Fn encrypt . 14947038SbosticThe argument to 15048352Scael.Fn des_setkey 15147038Sbosticis a character array of length 8. 15229774SmckusickThe 15348352Scael.Em least 15447038Sbosticsignificant bit in each character is ignored and the next 7 bits of each 15547038Sbosticcharacter are concatenated to yield a 56-bit key. 15648352ScaelThe function 15748352Scael.Fn des_cipher 15847038Sbosticencrypts (or decrypts if 15948352Scael.Fa count 16047038Sbosticis negative) the 64-bits stored in the 8 characters at 16148352Scael.Fa in 16247038Sbosticusing 16348352Scael.Xr abs 3 16448352Scaelof 16548352Scael.Fa count 16648352Scaeliterations of 16748352Scael.Tn DES 16848352Scaeland stores the 64-bit result in the 8 characters at 16948352Scael.Fa out . 17047038SbosticThe 17148352Scael.Fa salt 17248352Scaelspecifies perturbations to 17348352Scael.Tn DES 17448352Scaelas described above. 17548352Scael.Sh SEE ALSO 17648352Scael.Xr login 1 , 17748352Scael.Xr passwd 1 , 17848352Scael.Xr getpass 3 , 17948352Scael.Xr passwd 5 18048486Sbostic.sp 18148352Scael.Rs 18248352Scael.%T "Mathematical Cryptology for Computer Scientists and Mathematicians" 18348352Scael.%A Wayne Patterson 18448352Scael.%D 1987 18548352Scael.%N ISBN 0-8476-7438-X 18648352Scael.Re 18748352Scael.Rs 18848352Scael.%T "Password Security: A Case History" 18948352Scael.%A R. Morris 19048352Scael.%A Ken Thompson 19148352Scael.%J "Communications of the ACM" 19248352Scael.%V vol. 22 19348352Scael.%P pp. 594-597 19448352Scael.%D Nov. 1979 19548352Scael.Re 19648352Scael.Rs 19748352Scael.%T "DES will be Totally Insecure within Ten Years" 19848352Scael.%A M.E. Hellman 19948352Scael.%J "IEEE Spectrum" 20048352Scael.%V vol. 16 20148352Scael.%P pp. 32-39 20248352Scael.%D July 1979 20348352Scael.Re 20448352Scael.Sh HISTORY 205*49224SbosticA rotor-based 20648352Scael.Fn crypt 20748352Scaelfunction appeared in 20848352Scael.At v6 . 209*49224SbosticThe current style 210*49224Sbostic.Fn crypt 211*49224Sbosticfirst appeared in 212*49224Sbostic.At v7 . 21348352Scael.Sh BUGS 21447038SbosticDropping the 21548352Scael.Em least 21647038Sbosticsignificant bit in each character of the argument to 21748352Scael.Fn des_setkey 21847038Sbosticis ridiculous. 21948352Scael.Pp 22048352ScaelThe 22148352Scael.Fn crypt 22248352Scaelfunction leaves its result in an internal static object and returns 22348352Scaela pointer to that object. Subsequent calls to 22448352Scael.Fn crypt 22548352Scaelwill modify the same object. 226