Commit | Line | Data |
---|---|---|
05dda90f C |
1 | .TH CRYPT 3 "25 February 1983" |
2 | .SH NAME | |
3 | crypt, setkey, encrypt \- DES encryption | |
4 | .SH SYNOPSIS | |
5 | .nf | |
6 | .B char *crypt(key, salt) | |
7 | .B char *key, *salt; | |
8 | .PP | |
9 | .B setkey(key) | |
10 | .B char *key; | |
11 | .PP | |
12 | .B encrypt(block, edflag) | |
13 | .B char *block; | |
14 | .fi | |
15 | .SH DESCRIPTION | |
16 | .I Crypt | |
17 | is the password encryption routine. | |
18 | It is based on the NBS Data Encryption Standard, with | |
19 | variations intended (among other things) to frustrate use of hardware | |
20 | implementations of the DES for key search. | |
21 | .PP | |
22 | The first argument to | |
23 | .I crypt | |
24 | is normally a user's typed password. | |
25 | The second is a 2-character string chosen from the | |
26 | set [a-zA-Z0-9./]. | |
27 | The | |
28 | .I salt | |
29 | string is used to perturb the DES algorithm in one of 4096 | |
30 | different ways, after which the password | |
31 | is used as the key to encrypt repeatedly a constant string. | |
32 | The returned value points to the encrypted password, | |
33 | in the same alphabet as the salt. | |
34 | The first two characters are the salt itself. | |
35 | .PP | |
36 | The other entries provide (rather primitive) | |
37 | access to the actual DES algorithm. | |
38 | The argument of | |
39 | .I setkey | |
40 | is a character array of length 64 containing only the characters | |
41 | with numerical value 0 and 1. | |
42 | If this string is divided into groups of 8, | |
43 | the low-order bit in each group is ignored, | |
44 | leading to a 56-bit key which is set into the machine. | |
45 | .PP | |
46 | The argument to the | |
47 | .I encrypt | |
48 | entry is likewise a character array of length 64 | |
49 | containing 0's and 1's. | |
50 | The argument array is modified in place | |
51 | to a similar array | |
52 | representing the bits of the argument after having been | |
53 | subjected to the DES algorithm using the key set by | |
54 | .I setkey. | |
55 | If | |
56 | .I edflag | |
57 | is 0, the argument is encrypted; | |
58 | if non-zero, | |
59 | it is decrypted. | |
60 | .SH "SEE ALSO" | |
61 | passwd(1), passwd(5), login(1), getpass(3) | |
62 | .SH BUGS | |
63 | The return value | |
64 | points to static data whose content is overwritten | |
65 | by each call. |