[unix-history] / usr / share / man / cat3 / des_crypt.0



DES_CRYPT(3)         BSD Programmer's Manual         DES_CRYPT(3)


N\bNA\bAM\bME\bE
       des_read_password,    des_string_to_key,   des_random_key,
       des_set_key,       des_ecb_encrypt,       des_cbc_encrypt,
       des_pcbc_encrypt,  des_cbc_cksum,  des_quad_cksum, - (new)
       DES encryption

S\bSY\bYN\bNO\bOP\bPS\bSI\bIS\bS
       #\b#i\bin\bnc\bcl\blu\bud\bde\be <\b<k\bke\ber\brb\bbe\ber\bro\bos\bsI\bIV\bV/\b/d\bde\bes\bs.\b.h\bh>\b>

       i\bin\bnt\bt d\bde\bes\bs_\b_r\bre\bea\bad\bd_\b_p\bpa\bas\bss\bsw\bwo\bor\brd\bd(\b(k\bke\bey\by,\b,p\bpr\bro\bom\bmp\bpt\bt,\b,v\bve\ber\bri\bif\bfy\by)\b)
       des_cblock *key;
       char *prompt;
       int verify;

       i\bin\bnt\bt d\bde\bes\bs_\b_s\bst\btr\bri\bin\bng\bg_\b_t\bto\bo_\b_k\bke\bey\by(\b(s\bst\btr\br,\b,k\bke\bey\by)\b)
       c\bch\bha\bar\br *\b*s\bst\btr\br;\b;
       d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk k\bke\bey\by;\b;

       i\bin\bnt\bt d\bde\bes\bs_\b_r\bra\ban\bnd\bdo\bom\bm_\b_k\bke\bey\by(\b(k\bke\bey\by)\b)
       d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk *\b*k\bke\bey\by;\b;

       i\bin\bnt\bt d\bde\bes\bs_\b_s\bse\bet\bt_\b_k\bke\bey\by(\b(k\bke\bey\by,\b,s\bsc\bch\bhe\bed\bdu\bul\ble\be)\b)
       d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk *\b*k\bke\bey\by;\b;
       d\bde\bes\bs_\b_k\bke\bey\by_\b_s\bsc\bch\bhe\bed\bdu\bul\ble\be s\bsc\bch\bhe\bed\bdu\bul\ble\be;\b;

       i\bin\bnt\bt d\bde\bes\bs_\b_e\bec\bcb\bb_\b_e\ben\bnc\bcr\bry\byp\bpt\bt(\b(i\bin\bnp\bpu\but\bt,\b,o\bou\but\btp\bpu\but\bt,\b,s\bsc\bch\bhe\bed\bdu\bul\ble\be,\b,e\ben\bnc\bcr\bry\byp\bpt\bt)\b)
       d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk *\b*i\bin\bnp\bpu\but\bt;\b;
       d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk *\b*o\bou\but\btp\bpu\but\bt;\b;
       d\bde\bes\bs_\b_k\bke\bey\by_\b_s\bsc\bch\bhe\bed\bdu\bul\ble\be s\bsc\bch\bhe\bed\bdu\bul\ble\be;\b;
       i\bin\bnt\bt e\ben\bnc\bcr\bry\byp\bpt\bt;\b;

       i\bin\bnt\bt d\bde\bes\bs_\b_c\bcb\bbc\bc_\b_e\ben\bnc\bcr\bry\byp\bpt\bt(\b(i\bin\bnp\bpu\but\bt,\b,o\bou\but\btp\bpu\but\bt,\b,l\ble\ben\bng\bgt\bth\bh,\b,s\bsc\bch\bhe\bed\bdu\bul\ble\be,\b,i\biv\bve\bec\bc,\b,e\ben\bnc\bcr\bry\byp\bpt\bt)\b)
       d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk *\b*i\bin\bnp\bpu\but\bt;\b;
       d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk *\b*o\bou\but\btp\bpu\but\bt;\b;
       l\blo\bon\bng\bg l\ble\ben\bng\bgt\bth\bh;\b;
       d\bde\bes\bs_\b_k\bke\bey\by_\b_s\bsc\bch\bhe\bed\bdu\bul\ble\be s\bsc\bch\bhe\bed\bdu\bul\ble\be;\b;
       d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk *\b*i\biv\bve\bec\bc;\b;
       i\bin\bnt\bt e\ben\bnc\bcr\bry\byp\bpt\bt;\b;

       i\bin\bnt\bt d\bde\bes\bs_\b_p\bpc\bcb\bbc\bc_\b_e\ben\bnc\bcr\bry\byp\bpt\bt(\b(i\bin\bnp\bpu\but\bt,\b,o\bou\but\btp\bpu\but\bt,\b,l\ble\ben\bng\bgt\bth\bh,\b,s\bsc\bch\bhe\bed\bdu\bul\ble\be,\b,i\biv\bve\bec\bc,\b,e\ben\bnc\bcr\bry\byp\bpt\bt)\b)
       d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk *\b*i\bin\bnp\bpu\but\bt;\b;
       d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk *\b*o\bou\but\btp\bpu\but\bt;\b;
       l\blo\bon\bng\bg l\ble\ben\bng\bgt\bth\bh;\b;
       d\bde\bes\bs_\b_k\bke\bey\by_\b_s\bsc\bch\bhe\bed\bdu\bul\ble\be s\bsc\bch\bhe\bed\bdu\bul\ble\be;\b;
       d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk *\b*i\biv\bve\bec\bc;\b;
       i\bin\bnt\bt e\ben\bnc\bcr\bry\byp\bpt\bt;\b;

       u\bun\bns\bsi\big\bgn\bne\bed\bd l\blo\bon\bng\bg d\bde\bes\bs_\b_c\bcb\bbc\bc_\b_c\bck\bks\bsu\bum\bm(\b(i\bin\bnp\bpu\but\bt,\b,o\bou\but\btp\bpu\but\bt,\b,l\ble\ben\bng\bgt\bth\bh,\b,s\bsc\bch\bhe\bed\bdu\bul\ble\be,\b,i\biv\bve\bec\bc)\b)
       d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk *\b*i\bin\bnp\bpu\but\bt;\b;
       d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk *\b*o\bou\but\btp\bpu\but\bt;\b;
       l\blo\bon\bng\bg l\ble\ben\bng\bgt\bth\bh;\b;


MIT Project Athena     Kerberos Version 4.0                     1


DES_CRYPT(3)         BSD Programmer's Manual         DES_CRYPT(3)


       d\bde\bes\bs_\b_k\bke\bey\by_\b_s\bsc\bch\bhe\bed\bdu\bul\ble\be s\bsc\bch\bhe\bed\bdu\bul\ble\be;\b;
       d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk *\b*i\biv\bve\bec\bc;\b;

       u\bun\bns\bsi\big\bgn\bne\bed\bd l\blo\bon\bng\bg q\bqu\bua\bad\bd_\b_c\bck\bks\bsu\bum\bm(\b(i\bin\bnp\bpu\but\bt,\b,o\bou\but\btp\bpu\but\bt,\b,l\ble\ben\bng\bgt\bth\bh,\b,o\bou\but\bt_\b_c\bco\bou\bun\bnt\bt,\b,s\bse\bee\bed\bd)\b)
       d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk *\b*i\bin\bnp\bpu\but\bt;\b;
       d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk *\b*o\bou\but\btp\bpu\but\bt;\b;
       l\blo\bon\bng\bg l\ble\ben\bng\bgt\bth\bh;\b;
       i\bin\bnt\bt o\bou\but\bt_\b_c\bco\bou\bun\bnt\bt;\b;
       d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk *\b*s\bse\bee\bed\bd;\b;


D\bDE\bES\bSC\bCR\bRI\bIP\bPT\bTI\bIO\bON\bN
       This library supports various DES encryption related oper-
       ations.  It  differs  from  the _\bc_\br_\by_\bp_\bt_\b, _\bs_\be_\bt_\bk_\be_\by_\b, _\ba_\bn_\bd _\be_\bn_\bc_\br_\by_\bp_\bt
       library routines in that it provides a  true  DES  encryp-
       tion,  without  modifying the algorithm, and executes much
       faster.

       For each key that may be simultaneously active,  create  a
       d\bde\bes\bs_\b_k\bke\bey\by_\b_s\bsc\bch\bhe\bed\bdu\bul\ble\be  struct, defined in "des.h". Next, create
       key schedules  (from  the  8-byte  keys)  as  needed,  via
       _\bd_\be_\bs_\b__\bs_\be_\bt_\b__\bk_\be_\by_\b,  prior  to  using  the encryption or checksum
       routines. Then setup the input  and  output  areas.   Make
       sure  to  note the restrictions on lengths being multiples
       of eight bytes. Finally, invoke the  encryption/decryption
       routines,    _\bd_\be_\bs_\b__\be_\bc_\bb_\b__\be_\bn_\bc_\br_\by_\bp_\bt    or    _\bd_\be_\bs_\b__\bc_\bb_\bc_\b__\be_\bn_\bc_\br_\by_\bp_\bt   or
       _\bd_\be_\bs_\b__\bp_\bc_\bb_\bc_\b__\be_\bn_\bc_\br_\by_\bp_\bt_\b, or, to generate a  cryptographic  check-
       sum, use _\bq_\bu_\ba_\bd_\b__\bc_\bk_\bs_\bu_\bm (fast) or _\bd_\be_\bs_\b__\bc_\bb_\bc_\b__\bc_\bk_\bs_\bu_\bm (slow).

       A  _\bd_\be_\bs_\b__\bc_\bb_\bl_\bo_\bc_\bk struct is an 8 byte block used as the funda-
       mental unit for DES data and keys, and is defined as:

       t\bty\byp\bpe\bed\bde\bef\bf   u\bun\bns\bsi\big\bgn\bne\bed\bd c\bch\bha\bar\br d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk[\b[8\b8]\b];\b;

       and a _\bd_\be_\bs_\b__\bk_\be_\by_\b__\bs_\bc_\bh_\be_\bd_\bu_\bl_\be_\b, is defined as:

       t\bty\byp\bpe\bed\bde\bef\bf   s\bst\btr\bru\buc\bct\bt     d\bde\bes\bs_\b_k\bks\bs_\b_s\bst\btr\bru\buc\bct\bt     {\b{d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk     _\b_;\b;}\b}
       d\bde\bes\bs_\b_k\bke\bey\by_\b_s\bsc\bch\bhe\bed\bdu\bul\ble\be[\b[1\b16\b6]\b];\b;

       _\bd_\be_\bs_\b__\br_\be_\ba_\bd_\b__\bp_\ba_\bs_\bs_\bw_\bo_\br_\bd writes the string specified by _\bp_\br_\bo_\bm_\bp_\bt to
       the standard output, turns  off  echo  (if  possible)  and
       reads an input string from standard input until terminated
       with a newline.  If _\bv_\be_\br_\bi_\bf_\by is  non-zero,  it  prompts  and
       reads  input again, for use in applications such as chang-
       ing a password; both versions are compared, and the  input
       is   requested   repeatedly   until   they   match.   Then
       _\bd_\be_\bs_\b__\br_\be_\ba_\bd_\b__\bp_\ba_\bs_\bs_\bw_\bo_\br_\bd converts the input string into  a  valid
       DES  key,  internally using the _\bd_\be_\bs_\b__\bs_\bt_\br_\bi_\bn_\bg_\b__\bt_\bo_\b__\bk_\be_\by routine.
       The newly created key is copied to the area pointed to  by
       the  _\bk_\be_\by argument.  _\bd_\be_\bs_\b__\br_\be_\ba_\bd_\b__\bp_\ba_\bs_\bs_\bw_\bo_\br_\bd returns a zero if no
       errors occurred, or a -1 indicating that an error occurred


MIT Project Athena     Kerberos Version 4.0                     2


DES_CRYPT(3)         BSD Programmer's Manual         DES_CRYPT(3)


       trying to manipulate the terminal echo.


       _\bd_\be_\bs_\b__\bs_\bt_\br_\bi_\bn_\bg_\b__\bt_\bo_\b__\bk_\be_\by   converts  an  arbitrary  length  null-
       terminated string to an 8 byte DES key, with odd byte par-
       ity,  per  FIPS specification.  A one-way function is used
       to convert the string to a key, making it  very  difficult
       to  reconstruct the string from the key.  The _\bs_\bt_\br argument
       is a pointer to the string, and  _\bk_\be_\by  should  point  to  a
       _\bd_\be_\bs_\b__\bc_\bb_\bl_\bo_\bc_\bk supplied by the caller to receive the generated
       key.  No meaningful value is returned. Void  is  not  used
       for compatibility with other compilers.


       _\bd_\be_\bs_\b__\br_\ba_\bn_\bd_\bo_\bm_\b__\bk_\be_\by  generates  a  random  DES  encryption  key
       (eight bytes), set to odd parity per FIPS  specifications.
       This  routine  uses  the  current  time, process id, and a
       counter as a seed for the random  number  generator.   The
       caller  must   supply space for the output key, pointed to
       by argument _\bk_\be_\by_\b, then after calling _\bd_\be_\bs_\b__\br_\ba_\bn_\bd_\bo_\bm_\b__\bk_\be_\by  should
       call  the  _\bd_\be_\bs_\b__\bs_\be_\bt_\b__\bk_\be_\by routine when needed.  No meaningful
       value is returned.  Void is  not  used  for  compatibility
       with other compilers.


       _\bd_\be_\bs_\b__\bs_\be_\bt_\b__\bk_\be_\by calculates a key schedule from all eight bytes
       of the input key, pointed to by the _\bk_\be_\by argument, and out-
       puts  the  schedule into the _\bd_\be_\bs_\b__\bk_\be_\by_\b__\bs_\bc_\bh_\be_\bd_\bu_\bl_\be indicated by
       the _\bs_\bc_\bh_\be_\bd_\bu_\bl_\be argument. Make sure to  pass  a  valid  eight
       byte  key;  no padding is done.  The key schedule may then
       be used in subsequent encryption/decryption/checksum oper-
       ations.   Many  key schedules may be cached for later use.
       The user is responsible to clear  keys  and  schedules  as
       soon  as  no  longer  needed, to prevent their disclosure.
       The routine also checks the key parity, and returns a zero
       if  the key parity is correct (odd), a -1 indicating a key
       parity error, or a -2 indicating use of  an  illegal  weak
       key.  If  an  error  is returned, the key schedule was not
       created.


       _\bd_\be_\bs_\b__\be_\bc_\bb_\b__\be_\bn_\bc_\br_\by_\bp_\bt is the basic DES encryption  routine  that
       encrypts  or  decrypts a single 8-byte block in e\bel\ble\bec\bct\btr\bro\bon\bni\bic\bc
       c\bco\bod\bde\be b\bbo\boo\bok\bk mode.  It  always  transforms  the  input  data,
       pointed  to  by _\bi_\bn_\bp_\bu_\bt_\b, into the output data, pointed to by
       the _\bo_\bu_\bt_\bp_\bu_\bt argument.

       If the _\be_\bn_\bc_\br_\by_\bp_\bt argument is non-zero, the _\bi_\bn_\bp_\bu_\bt (cleartext)
       is  encrypted  into  the  _\bo_\bu_\bt_\bp_\bu_\bt  (ciphertext)  using  the
       key_schedule specified by the  _\bs_\bc_\bh_\be_\bd_\bu_\bl_\be  argument,  previ-
       ously set via _\bd_\be_\bs_\b__\bs_\be_\bt_\b__\bk_\be_\by


MIT Project Athena     Kerberos Version 4.0                     3


DES_CRYPT(3)         BSD Programmer's Manual         DES_CRYPT(3)


       If   encrypt  is  zero,  the  _\bi_\bn_\bp_\bu_\bt  (now  ciphertext)  is
       decrypted into the _\bo_\bu_\bt_\bp_\bu_\bt (now cleartext).

       Input and output may overlap.

       No meaningful value is returned.  Void  is  not  used  for
       compatibility with other compilers.


       _\bd_\be_\bs_\b__\bc_\bb_\bc_\b__\be_\bn_\bc_\br_\by_\bp_\bt  encrypts/decrypts using the c\bci\bip\bph\bhe\ber\br-\b-b\bbl\blo\boc\bck\bk-\b-
       c\bch\bha\bai\bin\bni\bin\bng\bg m\bmo\bod\bde\be o\bof\bf D\bDE\bES\bS.\b.  If the  _\be_\bn_\bc_\br_\by_\bp_\bt  argument  is  non-
       zero,  the routine cipher-block-chain encrypts the cleart-
       ext data pointed to by the _\bi_\bn_\bp_\bu_\bt argument into the cipher-
       text  pointed  to  by  the  _\bo_\bu_\bt_\bp_\bu_\bt argument, using the key
       schedule provided by the _\bs_\bc_\bh_\be_\bd_\bu_\bl_\be argument,  and  initial-
       ization  vector  provided  by  the  _\bi_\bv_\be_\bc argument.  If the
       _\bl_\be_\bn_\bg_\bt_\bh argument is  not  an  integral  multiple  of  eight
       bytes,  the last block is copied to a temp and zero filled
       (highest addresses).  The output  is  ALWAYS  an  integral
       multiple of eight bytes.

       If   _\be_\bn_\bc_\br_\by_\bp_\bt  is  zero,  the  routine  cipher-block  chain
       decrypts the (now) ciphertext data pointed to by the _\bi_\bn_\bp_\bu_\bt
       argument  into  (now)  cleartext  pointed to by the _\bo_\bu_\bt_\bp_\bu_\bt
       argument using the key schedule provided by  the  _\bs_\bc_\bh_\be_\bd_\bu_\bl_\be
       argument,  and  initialization vector provided by the _\bi_\bv_\be_\bc
       argument. Decryption ALWAYS operates on integral multiples
       of 8 bytes, so it will round the _\bl_\be_\bn_\bg_\bt_\bh provided up to the
       appropriate multiple. Consequently, it will always produce
       the  rounded-up  number  of bytes of output cleartext. The
       application must determine if  the  output  cleartext  was
       zero-padded  due  to  original cleartext lengths that were
       not integral multiples of 8.

       No errors or meaningful values are returned.  Void is  not
       used for compatibility with other compilers.

       A characteristic of cbc mode is that changing a single bit
       of the cleartext, then encrypting using cbc mode,  affects
       ALL  the  subsequent ciphertext.  This makes cryptanalysis
       much more difficult. However, modifying a  single  bit  of
       the  ciphertext, then decrypting, only affects the result-
       ing cleartext from the modified block and  the  succeeding
       block.   Therefore,  _\bd_\be_\bs_\b__\bp_\bc_\bb_\bc_\b__\be_\bn_\bc_\br_\by_\bp_\bt  is  STRONGLY recom-
       mended for applications where  indefinite  propagation  of
       errors is required in order to detect modifications.


       _\bd_\be_\bs_\b__\bp_\bc_\bb_\bc_\b__\be_\bn_\bc_\br_\by_\bp_\bt  encrypts/decrypts using a modified block
       chaining  mode.  Its  calling  sequence  is  identical  to
       _\bd_\be_\bs_\b__\bc_\bb_\bc_\b__\be_\bn_\bc_\br_\by_\bp_\bt_\b.   It  differs  in  its  error propagation


MIT Project Athena     Kerberos Version 4.0                     4


DES_CRYPT(3)         BSD Programmer's Manual         DES_CRYPT(3)


       characteristics.

       _\bd_\be_\bs_\b__\bp_\bc_\bb_\bc_\b__\be_\bn_\bc_\br_\by_\bp_\bt is highly recommended for most encryption
       purposes,  in  that  modification  of  a single bit of the
       ciphertext will  affect  ALL  the  subsequent  (decrypted)
       cleartext. Similarly, modifying a single bit of the clear-
       text will affect ALL the  subsequent  (encrypted)  cipher-
       text.  "PCBC" mode, on encryption, "xors" both the cleart-
       ext of block N and the ciphertext resulting from  block  N
       with the cleartext for block N+1 prior to encrypting block
       N+1.

       _\bd_\be_\bs_\b__\bc_\bb_\bc_\b__\bc_\bk_\bs_\bu_\bm produces an 8 byte cryptographic checksum by
       cipher-block-chain  encrypting  the cleartext data pointed
       to by the _\bi_\bn_\bp_\bu_\bt argument. All of the ciphertext output  is
       discarded,  except the last 8-byte ciphertext block, which
       is written into the area pointed to by  the  _\bo_\bu_\bt_\bp_\bu_\bt  argu-
       ment.   It uses the key schedule, provided by the _\bs_\bc_\bh_\be_\bd_\bu_\bl_\be
       argument and initialization vector provided  by  the  _\bi_\bv_\be_\bc
       argument.   If the _\bl_\be_\bn_\bg_\bt_\bh argument is not an integral mul-
       tiple of eight bytes, the last cleartext block  is  copied
       to a temp and zero filled (highest addresses).  The output
       is ALWAYS eight bytes.

       The routine also returns an unsigned long,  which  is  the
       last  (highest  address)  half of the 8 byte checksum com-
       puted.


       _\bq_\bu_\ba_\bd_\b__\bc_\bk_\bs_\bu_\bm produces a checksum by chaining quadratic oper-
       ations on the cleartext data pointed to by the _\bi_\bn_\bp_\bu_\bt argu-
       ment. The _\bl_\be_\bn_\bg_\bt_\bh argument  specifies  the  length  of  the
       input -- only exactly that many bytes are included for the
       checksum, without any padding.

       The algorithm may be iterated over the same input data, if
       the _\bo_\bu_\bt_\b__\bc_\bo_\bu_\bn_\bt argument is 2, 3 or 4, and the optional _\bo_\bu_\bt_\b-
       _\bp_\bu_\bt argument is a non-null pointer .  The default  is  one
       iteration, and it will not run more than 4 times. Multiple
       iterations run slower, but provide a  longer  checksum  if
       desired. The _\bs_\be_\be_\bd argument provides an 8-byte seed for the
       first iteration. If multiple iterations are requested, the
       results  of  one  iteration  are automatically used as the
       seed for the next iteration.

       It returns both an unsigned long checksum  value,  and  if
       the  _\bo_\bu_\bt_\bp_\bu_\bt argument is not a null pointer, up to 16 bytes
       of the computed checksum are written into the output.


MIT Project Athena     Kerberos Version 4.0                     5


DES_CRYPT(3)         BSD Programmer's Manual         DES_CRYPT(3)


F\bFI\bIL\bLE\bES\bS
       /usr/include/kerberosIV/des.h
       /usr/lib/libdes.a

S\bSE\bEE\bE A\bAL\bLS\bSO\bO
D\bDI\bIA\bAG\bGN\bNO\bOS\bST\bTI\bIC\bCS\bS
B\bBU\bUG\bGS\bS
       This software has not  yet  been  compiled  or  tested  on
       machines other than the VAX and the IBM PC.

A\bAU\bUT\bTH\bHO\bOR\bRS\bS
       Steve  Miller, MIT Project Athena/Digital Equipment Corpo-
       ration

R\bRE\bES\bST\bTR\bRI\bIC\bCT\bTI\bIO\bON\bNS\bS
       COPYRIGHT 1985,1986 Massachusetts Institute of Technology

       This software may not be exported outside of the US  with-
       out a special license from the US Dept of Commerce. It may
       be replaced by any secret  key  block  cipher  with  block
       length and key length of 8 bytes, as long as the interface
       is the same as described here.


MIT Project Athena     Kerberos Version 4.0                     6
Commit	Line	Data
b1052012 C	1
	2
	3
	4	DES_CRYPT(3) BSD Programmer's Manual DES_CRYPT(3)
	5
	6
	7	N\bNA\bAM\bME\bE
	8	des_read_password, des_string_to_key, des_random_key,
	9	des_set_key, des_ecb_encrypt, des_cbc_encrypt,
	10	des_pcbc_encrypt, des_cbc_cksum, des_quad_cksum, - (new)
	11	DES encryption
	12
	13	S\bSY\bYN\bNO\bOP\bPS\bSI\bIS\bS
	14	#\b#i\bin\bnc\bcl\blu\bud\bde\be <\b<k\bke\ber\brb\bbe\ber\bro\bos\bsI\bIV\bV/\b/d\bde\bes\bs.\b.h\bh>\b>
	15
	16	i\bin\bnt\bt d\bde\bes\bs_\b_r\bre\bea\bad\bd_\b_p\bpa\bas\bss\bsw\bwo\bor\brd\bd(\b(k\bke\bey\by,\b,p\bpr\bro\bom\bmp\bpt\bt,\b,v\bve\ber\bri\bif\bfy\by)\b)
	17	des_cblock *key;
	18	char *prompt;
	19	int verify;
	20
	21	i\bin\bnt\bt d\bde\bes\bs_\b_s\bst\btr\bri\bin\bng\bg_\b_t\bto\bo_\b_k\bke\bey\by(\b(s\bst\btr\br,\b,k\bke\bey\by)\b)
	22	c\bch\bha\bar\br \bs\bst\btr\br;\b;
	23	d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk k\bke\bey\by;\b;
	24
	25	i\bin\bnt\bt d\bde\bes\bs_\b_r\bra\ban\bnd\bdo\bom\bm_\b_k\bke\bey\by(\b(k\bke\bey\by)\b)
	26	d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk \bk\bke\bey\by;\b;
	27
	28	i\bin\bnt\bt d\bde\bes\bs_\b_s\bse\bet\bt_\b_k\bke\bey\by(\b(k\bke\bey\by,\b,s\bsc\bch\bhe\bed\bdu\bul\ble\be)\b)
	29	d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk \bk\bke\bey\by;\b;
	30	d\bde\bes\bs_\b_k\bke\bey\by_\b_s\bsc\bch\bhe\bed\bdu\bul\ble\be s\bsc\bch\bhe\bed\bdu\bul\ble\be;\b;
	31
	32	i\bin\bnt\bt d\bde\bes\bs_\b_e\bec\bcb\bb_\b_e\ben\bnc\bcr\bry\byp\bpt\bt(\b(i\bin\bnp\bpu\but\bt,\b,o\bou\but\btp\bpu\but\bt,\b,s\bsc\bch\bhe\bed\bdu\bul\ble\be,\b,e\ben\bnc\bcr\bry\byp\bpt\bt)\b)
	33	d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk \bi\bin\bnp\bpu\but\bt;\b;
	34	d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk \bo\bou\but\btp\bpu\but\bt;\b;
	35	d\bde\bes\bs_\b_k\bke\bey\by_\b_s\bsc\bch\bhe\bed\bdu\bul\ble\be s\bsc\bch\bhe\bed\bdu\bul\ble\be;\b;
	36	i\bin\bnt\bt e\ben\bnc\bcr\bry\byp\bpt\bt;\b;
	37
	38	i\bin\bnt\bt d\bde\bes\bs_\b_c\bcb\bbc\bc_\b_e\ben\bnc\bcr\bry\byp\bpt\bt(\b(i\bin\bnp\bpu\but\bt,\b,o\bou\but\btp\bpu\but\bt,\b,l\ble\ben\bng\bgt\bth\bh,\b,s\bsc\bch\bhe\bed\bdu\bul\ble\be,\b,i\biv\bve\bec\bc,\b,e\ben\bnc\bcr\bry\byp\bpt\bt)\b)
	39	d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk \bi\bin\bnp\bpu\but\bt;\b;
	40	d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk \bo\bou\but\btp\bpu\but\bt;\b;
	41	l\blo\bon\bng\bg l\ble\ben\bng\bgt\bth\bh;\b;
	42	d\bde\bes\bs_\b_k\bke\bey\by_\b_s\bsc\bch\bhe\bed\bdu\bul\ble\be s\bsc\bch\bhe\bed\bdu\bul\ble\be;\b;
	43	d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk \bi\biv\bve\bec\bc;\b;
	44	i\bin\bnt\bt e\ben\bnc\bcr\bry\byp\bpt\bt;\b;
	45
	46	i\bin\bnt\bt d\bde\bes\bs_\b_p\bpc\bcb\bbc\bc_\b_e\ben\bnc\bcr\bry\byp\bpt\bt(\b(i\bin\bnp\bpu\but\bt,\b,o\bou\but\btp\bpu\but\bt,\b,l\ble\ben\bng\bgt\bth\bh,\b,s\bsc\bch\bhe\bed\bdu\bul\ble\be,\b,i\biv\bve\bec\bc,\b,e\ben\bnc\bcr\bry\byp\bpt\bt)\b)
	47	d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk \bi\bin\bnp\bpu\but\bt;\b;
	48	d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk \bo\bou\but\btp\bpu\but\bt;\b;
	49	l\blo\bon\bng\bg l\ble\ben\bng\bgt\bth\bh;\b;
	50	d\bde\bes\bs_\b_k\bke\bey\by_\b_s\bsc\bch\bhe\bed\bdu\bul\ble\be s\bsc\bch\bhe\bed\bdu\bul\ble\be;\b;
	51	d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk \bi\biv\bve\bec\bc;\b;
	52	i\bin\bnt\bt e\ben\bnc\bcr\bry\byp\bpt\bt;\b;
	53
	54	u\bun\bns\bsi\big\bgn\bne\bed\bd l\blo\bon\bng\bg d\bde\bes\bs_\b_c\bcb\bbc\bc_\b_c\bck\bks\bsu\bum\bm(\b(i\bin\bnp\bpu\but\bt,\b,o\bou\but\btp\bpu\but\bt,\b,l\ble\ben\bng\bgt\bth\bh,\b,s\bsc\bch\bhe\bed\bdu\bul\ble\be,\b,i\biv\bve\bec\bc)\b)
	55	d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk \bi\bin\bnp\bpu\but\bt;\b;
	56	d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk \bo\bou\but\btp\bpu\but\bt;\b;
	57	l\blo\bon\bng\bg l\ble\ben\bng\bgt\bth\bh;\b;
	58
	59
	60
	61	MIT Project Athena Kerberos Version 4.0 1
	62
	63
	64
65
66
67
68
69
70	DES_CRYPT(3) BSD Programmer's Manual DES_CRYPT(3)
71
72
73	d\bde\bes\bs_\b_k\bke\bey\by_\b_s\bsc\bch\bhe\bed\bdu\bul\ble\be s\bsc\bch\bhe\bed\bdu\bul\ble\be;\b;
74	d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk \bi\biv\bve\bec\bc;\b;
75
76	u\bun\bns\bsi\big\bgn\bne\bed\bd l\blo\bon\bng\bg q\bqu\bua\bad\bd_\b_c\bck\bks\bsu\bum\bm(\b(i\bin\bnp\bpu\but\bt,\b,o\bou\but\btp\bpu\but\bt,\b,l\ble\ben\bng\bgt\bth\bh,\b,o\bou\but\bt_\b_c\bco\bou\bun\bnt\bt,\b,s\bse\bee\bed\bd)\b)
77	d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk \bi\bin\bnp\bpu\but\bt;\b;
78	d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk \bo\bou\but\btp\bpu\but\bt;\b;
79	l\blo\bon\bng\bg l\ble\ben\bng\bgt\bth\bh;\b;
80	i\bin\bnt\bt o\bou\but\bt_\b_c\bco\bou\bun\bnt\bt;\b;
81	d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk \bs\bse\bee\bed\bd;\b;
82
83
84	D\bDE\bES\bSC\bCR\bRI\bIP\bPT\bTI\bIO\bON\bN
85	This library supports various DES encryption related oper-
86	ations. It differs from the _\bc_\br_\by_\bp_\bt_\b, _\bs_\be_\bt_\bk_\be_\by_\b, _\ba_\bn_\bd _\be_\bn_\bc_\br_\by_\bp_\bt
87	library routines in that it provides a true DES encryp-
88	tion, without modifying the algorithm, and executes much
89	faster.
90
91	For each key that may be simultaneously active, create a
92	d\bde\bes\bs_\b_k\bke\bey\by_\b_s\bsc\bch\bhe\bed\bdu\bul\ble\be struct, defined in "des.h". Next, create
93	key schedules (from the 8-byte keys) as needed, via
94	_\bd_\be_\bs_\b__\bs_\be_\bt_\b__\bk_\be_\by_\b, prior to using the encryption or checksum
95	routines. Then setup the input and output areas. Make
96	sure to note the restrictions on lengths being multiples
97	of eight bytes. Finally, invoke the encryption/decryption
98	routines, _\bd_\be_\bs_\b__\be_\bc_\bb_\b__\be_\bn_\bc_\br_\by_\bp_\bt or _\bd_\be_\bs_\b__\bc_\bb_\bc_\b__\be_\bn_\bc_\br_\by_\bp_\bt or
99	_\bd_\be_\bs_\b__\bp_\bc_\bb_\bc_\b__\be_\bn_\bc_\br_\by_\bp_\bt_\b, or, to generate a cryptographic check-
100	sum, use _\bq_\bu_\ba_\bd_\b__\bc_\bk_\bs_\bu_\bm (fast) or _\bd_\be_\bs_\b__\bc_\bb_\bc_\b__\bc_\bk_\bs_\bu_\bm (slow).
101
102	A _\bd_\be_\bs_\b__\bc_\bb_\bl_\bo_\bc_\bk struct is an 8 byte block used as the funda-
103	mental unit for DES data and keys, and is defined as:
104
105	t\bty\byp\bpe\bed\bde\bef\bf u\bun\bns\bsi\big\bgn\bne\bed\bd c\bch\bha\bar\br d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk[\b[8\b8]\b];\b;
106
107	and a _\bd_\be_\bs_\b__\bk_\be_\by_\b__\bs_\bc_\bh_\be_\bd_\bu_\bl_\be_\b, is defined as:
108
109	t\bty\byp\bpe\bed\bde\bef\bf s\bst\btr\bru\buc\bct\bt d\bde\bes\bs_\b_k\bks\bs_\b_s\bst\btr\bru\buc\bct\bt {\b{d\bde\bes\bs_\b_c\bcb\bbl\blo\boc\bck\bk _\b_;\b;}\b}
110	d\bde\bes\bs_\b_k\bke\bey\by_\b_s\bsc\bch\bhe\bed\bdu\bul\ble\be[\b[1\b16\b6]\b];\b;
111
112	_\bd_\be_\bs_\b__\br_\be_\ba_\bd_\b__\bp_\ba_\bs_\bs_\bw_\bo_\br_\bd writes the string specified by _\bp_\br_\bo_\bm_\bp_\bt to
113	the standard output, turns off echo (if possible) and
114	reads an input string from standard input until terminated
115	with a newline. If _\bv_\be_\br_\bi_\bf_\by is non-zero, it prompts and
116	reads input again, for use in applications such as chang-
117	ing a password; both versions are compared, and the input
118	is requested repeatedly until they match. Then
119	_\bd_\be_\bs_\b__\br_\be_\ba_\bd_\b__\bp_\ba_\bs_\bs_\bw_\bo_\br_\bd converts the input string into a valid
120	DES key, internally using the _\bd_\be_\bs_\b__\bs_\bt_\br_\bi_\bn_\bg_\b__\bt_\bo_\b__\bk_\be_\by routine.
121	The newly created key is copied to the area pointed to by
122	the _\bk_\be_\by argument. _\bd_\be_\bs_\b__\br_\be_\ba_\bd_\b__\bp_\ba_\bs_\bs_\bw_\bo_\br_\bd returns a zero if no
123	errors occurred, or a -1 indicating that an error occurred
124
125
126
127	MIT Project Athena Kerberos Version 4.0 2
128
129
130
131
132
133
134
135
136	DES_CRYPT(3) BSD Programmer's Manual DES_CRYPT(3)
137
138
139	trying to manipulate the terminal echo.
140
141
142	_\bd_\be_\bs_\b__\bs_\bt_\br_\bi_\bn_\bg_\b__\bt_\bo_\b__\bk_\be_\by converts an arbitrary length null-
143	terminated string to an 8 byte DES key, with odd byte par-
144	ity, per FIPS specification. A one-way function is used
145	to convert the string to a key, making it very difficult
146	to reconstruct the string from the key. The _\bs_\bt_\br argument
147	is a pointer to the string, and _\bk_\be_\by should point to a
148	_\bd_\be_\bs_\b__\bc_\bb_\bl_\bo_\bc_\bk supplied by the caller to receive the generated
149	key. No meaningful value is returned. Void is not used
150	for compatibility with other compilers.
151
152
153	_\bd_\be_\bs_\b__\br_\ba_\bn_\bd_\bo_\bm_\b__\bk_\be_\by generates a random DES encryption key
154	(eight bytes), set to odd parity per FIPS specifications.
155	This routine uses the current time, process id, and a
156	counter as a seed for the random number generator. The
157	caller must supply space for the output key, pointed to
158	by argument _\bk_\be_\by_\b, then after calling _\bd_\be_\bs_\b__\br_\ba_\bn_\bd_\bo_\bm_\b__\bk_\be_\by should
159	call the _\bd_\be_\bs_\b__\bs_\be_\bt_\b__\bk_\be_\by routine when needed. No meaningful
160	value is returned. Void is not used for compatibility
161	with other compilers.
162
163
164	_\bd_\be_\bs_\b__\bs_\be_\bt_\b__\bk_\be_\by calculates a key schedule from all eight bytes
165	of the input key, pointed to by the _\bk_\be_\by argument, and out-
166	puts the schedule into the _\bd_\be_\bs_\b__\bk_\be_\by_\b__\bs_\bc_\bh_\be_\bd_\bu_\bl_\be indicated by
167	the _\bs_\bc_\bh_\be_\bd_\bu_\bl_\be argument. Make sure to pass a valid eight
168	byte key; no padding is done. The key schedule may then
169	be used in subsequent encryption/decryption/checksum oper-
170	ations. Many key schedules may be cached for later use.
171	The user is responsible to clear keys and schedules as
172	soon as no longer needed, to prevent their disclosure.
173	The routine also checks the key parity, and returns a zero
174	if the key parity is correct (odd), a -1 indicating a key
175	parity error, or a -2 indicating use of an illegal weak
176	key. If an error is returned, the key schedule was not
177	created.
178
179
180	_\bd_\be_\bs_\b__\be_\bc_\bb_\b__\be_\bn_\bc_\br_\by_\bp_\bt is the basic DES encryption routine that
181	encrypts or decrypts a single 8-byte block in e\bel\ble\bec\bct\btr\bro\bon\bni\bic\bc
182	c\bco\bod\bde\be b\bbo\boo\bok\bk mode. It always transforms the input data,
183	pointed to by _\bi_\bn_\bp_\bu_\bt_\b, into the output data, pointed to by
184	the _\bo_\bu_\bt_\bp_\bu_\bt argument.
185
186	If the _\be_\bn_\bc_\br_\by_\bp_\bt argument is non-zero, the _\bi_\bn_\bp_\bu_\bt (cleartext)
187	is encrypted into the _\bo_\bu_\bt_\bp_\bu_\bt (ciphertext) using the
188	key_schedule specified by the _\bs_\bc_\bh_\be_\bd_\bu_\bl_\be argument, previ-
189	ously set via _\bd_\be_\bs_\b__\bs_\be_\bt_\b__\bk_\be_\by
190
191
192
193	MIT Project Athena Kerberos Version 4.0 3
194
195
196
197
198
199
200
201
202	DES_CRYPT(3) BSD Programmer's Manual DES_CRYPT(3)
203
204
205	If encrypt is zero, the _\bi_\bn_\bp_\bu_\bt (now ciphertext) is
206	decrypted into the _\bo_\bu_\bt_\bp_\bu_\bt (now cleartext).
207
208	Input and output may overlap.
209
210	No meaningful value is returned. Void is not used for
211	compatibility with other compilers.
212
213
214	_\bd_\be_\bs_\b__\bc_\bb_\bc_\b__\be_\bn_\bc_\br_\by_\bp_\bt encrypts/decrypts using the c\bci\bip\bph\bhe\ber\br-\b-b\bbl\blo\boc\bck\bk-\b-
215	c\bch\bha\bai\bin\bni\bin\bng\bg m\bmo\bod\bde\be o\bof\bf D\bDE\bES\bS.\b. If the _\be_\bn_\bc_\br_\by_\bp_\bt argument is non-
216	zero, the routine cipher-block-chain encrypts the cleart-
217	ext data pointed to by the _\bi_\bn_\bp_\bu_\bt argument into the cipher-
218	text pointed to by the _\bo_\bu_\bt_\bp_\bu_\bt argument, using the key
219	schedule provided by the _\bs_\bc_\bh_\be_\bd_\bu_\bl_\be argument, and initial-
220	ization vector provided by the _\bi_\bv_\be_\bc argument. If the
221	_\bl_\be_\bn_\bg_\bt_\bh argument is not an integral multiple of eight
222	bytes, the last block is copied to a temp and zero filled
223	(highest addresses). The output is ALWAYS an integral
224	multiple of eight bytes.
225
226	If _\be_\bn_\bc_\br_\by_\bp_\bt is zero, the routine cipher-block chain
227	decrypts the (now) ciphertext data pointed to by the _\bi_\bn_\bp_\bu_\bt
228	argument into (now) cleartext pointed to by the _\bo_\bu_\bt_\bp_\bu_\bt
229	argument using the key schedule provided by the _\bs_\bc_\bh_\be_\bd_\bu_\bl_\be
230	argument, and initialization vector provided by the _\bi_\bv_\be_\bc
231	argument. Decryption ALWAYS operates on integral multiples
232	of 8 bytes, so it will round the _\bl_\be_\bn_\bg_\bt_\bh provided up to the
233	appropriate multiple. Consequently, it will always produce
234	the rounded-up number of bytes of output cleartext. The
235	application must determine if the output cleartext was
236	zero-padded due to original cleartext lengths that were
237	not integral multiples of 8.
238
239	No errors or meaningful values are returned. Void is not
240	used for compatibility with other compilers.
241
242	A characteristic of cbc mode is that changing a single bit
243	of the cleartext, then encrypting using cbc mode, affects
244	ALL the subsequent ciphertext. This makes cryptanalysis
245	much more difficult. However, modifying a single bit of
246	the ciphertext, then decrypting, only affects the result-
247	ing cleartext from the modified block and the succeeding
248	block. Therefore, _\bd_\be_\bs_\b__\bp_\bc_\bb_\bc_\b__\be_\bn_\bc_\br_\by_\bp_\bt is STRONGLY recom-
249	mended for applications where indefinite propagation of
250	errors is required in order to detect modifications.
251
252
253	_\bd_\be_\bs_\b__\bp_\bc_\bb_\bc_\b__\be_\bn_\bc_\br_\by_\bp_\bt encrypts/decrypts using a modified block
254	chaining mode. Its calling sequence is identical to
255	_\bd_\be_\bs_\b__\bc_\bb_\bc_\b__\be_\bn_\bc_\br_\by_\bp_\bt_\b. It differs in its error propagation
256
257
258
259	MIT Project Athena Kerberos Version 4.0 4
260
261
262
263
264
265
266
267
268	DES_CRYPT(3) BSD Programmer's Manual DES_CRYPT(3)
269
270
271	characteristics.
272
273	_\bd_\be_\bs_\b__\bp_\bc_\bb_\bc_\b__\be_\bn_\bc_\br_\by_\bp_\bt is highly recommended for most encryption
274	purposes, in that modification of a single bit of the
275	ciphertext will affect ALL the subsequent (decrypted)
276	cleartext. Similarly, modifying a single bit of the clear-
277	text will affect ALL the subsequent (encrypted) cipher-
278	text. "PCBC" mode, on encryption, "xors" both the cleart-
279	ext of block N and the ciphertext resulting from block N
280	with the cleartext for block N+1 prior to encrypting block
281	N+1.
282
283	_\bd_\be_\bs_\b__\bc_\bb_\bc_\b__\bc_\bk_\bs_\bu_\bm produces an 8 byte cryptographic checksum by
284	cipher-block-chain encrypting the cleartext data pointed
285	to by the _\bi_\bn_\bp_\bu_\bt argument. All of the ciphertext output is
286	discarded, except the last 8-byte ciphertext block, which
287	is written into the area pointed to by the _\bo_\bu_\bt_\bp_\bu_\bt argu-
288	ment. It uses the key schedule, provided by the _\bs_\bc_\bh_\be_\bd_\bu_\bl_\be
289	argument and initialization vector provided by the _\bi_\bv_\be_\bc
290	argument. If the _\bl_\be_\bn_\bg_\bt_\bh argument is not an integral mul-
291	tiple of eight bytes, the last cleartext block is copied
292	to a temp and zero filled (highest addresses). The output
293	is ALWAYS eight bytes.
294
295	The routine also returns an unsigned long, which is the
296	last (highest address) half of the 8 byte checksum com-
297	puted.
298
299
300	_\bq_\bu_\ba_\bd_\b__\bc_\bk_\bs_\bu_\bm produces a checksum by chaining quadratic oper-
301	ations on the cleartext data pointed to by the _\bi_\bn_\bp_\bu_\bt argu-
302	ment. The _\bl_\be_\bn_\bg_\bt_\bh argument specifies the length of the
303	input -- only exactly that many bytes are included for the
304	checksum, without any padding.
305
306	The algorithm may be iterated over the same input data, if
307	the _\bo_\bu_\bt_\b__\bc_\bo_\bu_\bn_\bt argument is 2, 3 or 4, and the optional _\bo_\bu_\bt_\b-
308	_\bp_\bu_\bt argument is a non-null pointer . The default is one
309	iteration, and it will not run more than 4 times. Multiple
310	iterations run slower, but provide a longer checksum if
311	desired. The _\bs_\be_\be_\bd argument provides an 8-byte seed for the
312	first iteration. If multiple iterations are requested, the
313	results of one iteration are automatically used as the
314	seed for the next iteration.
315
316	It returns both an unsigned long checksum value, and if
317	the _\bo_\bu_\bt_\bp_\bu_\bt argument is not a null pointer, up to 16 bytes
318	of the computed checksum are written into the output.
319
320
321
322
323
324
325	MIT Project Athena Kerberos Version 4.0 5
326
327
328
329
330
331
332
333
334	DES_CRYPT(3) BSD Programmer's Manual DES_CRYPT(3)
335
336
337	F\bFI\bIL\bLE\bES\bS
338	/usr/include/kerberosIV/des.h
339	/usr/lib/libdes.a
340
341	S\bSE\bEE\bE A\bAL\bLS\bSO\bO
342	D\bDI\bIA\bAG\bGN\bNO\bOS\bST\bTI\bIC\bCS\bS
343	B\bBU\bUG\bGS\bS
344	This software has not yet been compiled or tested on
345	machines other than the VAX and the IBM PC.
346
347	A\bAU\bUT\bTH\bHO\bOR\bRS\bS
348	Steve Miller, MIT Project Athena/Digital Equipment Corpo-
349	ration
350
351	R\bRE\bES\bST\bTR\bRI\bIC\bCT\bTI\bIO\bON\bNS\bS
352	COPYRIGHT 1985,1986 Massachusetts Institute of Technology
353
354	This software may not be exported outside of the US with-
355	out a special license from the US Dept of Commerce. It may
356	be replaced by any secret key block cipher with block
357	length and key length of 8 bytes, as long as the interface
358	is the same as described here.
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391	MIT Project Athena Kerberos Version 4.0 6
392
393
394
395
396