+.TH CRYPT 3
+.SH NAME
+crypt, setkey, encrypt \- DES encryption
+.SH SYNOPSIS
+.B char *crypt(key, salt)
+.br
+.B char *key, *salt;
+.PP
+.B setkey(key)
+.br
+.B char *key;
+.PP
+.B encrypt(block, edflag)
+.br
+.B char *block;
+.SH DESCRIPTION
+.I Crypt
+is the password encryption routine.
+It is based on the NBS Data Encryption Standard, with
+variations intended (among other things) to frustrate use of hardware
+implementations of the DES for key search.
+.PP
+The first argument to
+.I crypt
+is a user's typed password.
+The second is a 2-character string chosen from the
+set [a-zA-Z0-9./].
+The
+.I salt
+string is used to perturb the DES algorithm in one of 4096
+different ways, after which the password
+is used as the key to encrypt repeatedly a constant string.
+The returned value points to the encrypted password,
+in the same alphabet as the salt.
+The first two characters are the salt itself.
+.PP
+The other entries provide (rather primitive)
+access to the actual DES algorithm.
+The argument of
+.I setkey
+is a character array of length 64 containing only the characters
+with numerical value 0 and 1.
+If this string is divided into groups of 8,
+the low-order bit in each group is ignored,
+leading to a 56-bit key which is set into the machine.
+.PP
+The argument to the
+.I encrypt
+entry is likewise a character array of length 64
+containing 0's and 1's.
+The argument array is modified in place
+to a similar array
+representing the bits of the argument after having been
+subjected to the DES algorithm using the key set by
+.I setkey.
+If
+.I edflag
+is 0, the argument is encrypted;
+if non-zero,
+it is decrypted.
+.SH "SEE ALSO"
+passwd(1), passwd(5), login(1), getpass(3)
+.SH BUGS
+The return value
+points to static data whose content is overwritten
+by each call.
projects / unix-history / commitdiff