.\" Copyright (c) 1989, 1991 The Regents of the University of California. .\" All rights reserved. .\" .\" %sccs.include.redist.man% .\" .\" @(#)crypt.3 6.5 (Berkeley) 05/06/91 .\" .Dd .Dt CRYPT 3 .Os .Sh NAME .Nm crypt , .Nm setkey , .Nm encrypt , .Nm des_setkey , .Nm des_cipher .Nd DES encryption .Sh SYNOPSIS .Ft char .Fn *crypt "const char *key" "const char *setting" .Ft void .Fn setkey "char *key" .Ft void .Fn encrypt "char *block" "int flag" .Ft void .Fn des_setkey "const char *key" .Ft void .Fn des_cipher "const char *in" "char *out" "long salt" "int count" .Sh DESCRIPTION The .Xr crypt function performs password encryption. It is derived from the .Tn NBS Data Encryption Standard. Additional code has been added to deter key search attempts. The first argument to .Nm crypt is a .Dv NUL Ns -terminated string (normally a password typed by a user). The second is a character array, 9 bytes in length, consisting of an underscore (``_'') followed by 4 bytes of iteration count and 4 bytes of salt. Both the iteration .Fa count and the .Fa salt are encoded as follows: only 6 bits per character are used, with the least significant bits occurring first. The values 0 to 63 are encoded by the characters ``./0-9A-Za-z'', respectively. The .Fa salt is used to induce disorder in to the .Tn DES algorithm in one of 16777216 possible ways (specifically, if bit .Em N of the .Ar salt is set then bits .Em N and .Em N+24 are swapped in the .Tn DES ``E'' box output). Then the .Ar key is used to perform .Ar count cumulative encryptions of a 64-bit constant. The value returned is a character array, 20 bytes in length, consisting of the .Ar setting followed by the encoded 64-bit encryption. .Pp For compatibility with historical versions of .Xr crypt 3 , the .Ar setting may consist of 2 bytes of salt, encoded as above, in which case an iteration .Ar count of 25 is used, fewer perturbations of .Tn DES are available, at most 8 characters of .Ar key are used, and the returned value is a character array 13 bytes in length. .Pp The functions, .Fn encrypt , .Fn setkey , .Fn des_setkey and .Fn des_cipher allow limited access to the .Tn DES algorithm itself. The .Ar key argument to .Fn setkey is a 64 character array of .Tn ASCII binary values (0 or 1). A 56-bit key is derived from dividing this array by dividing the string into groups of 8 and ignoring the last bit in each group. .Pp The .Fn encrypt argument .Fa block is also a 64 character array of .Tn ASCII binary values. If the value of .Fa flag is 0, the argument .Fa block is encrypted, otherwise it is decrypted. The encryption or decryption is returned in the original array .Fa block after using the key specified by .Fn setkey to process it. .Pp The .Fn des_setkey and .Fn des_cipher functions are faster but less portable than .Fn setkey and .Fn encrypt . The argument to .Fn des_setkey is a character array of length 8. The .Em least significant bit in each character is ignored and the next 7 bits of each character are concatenated to yield a 56-bit key. The function .Fn des_cipher encrypts (or decrypts if .Fa count is negative) the 64-bits stored in the 8 characters at .Fa in using .Xr abs 3 of .Fa count iterations of .Tn DES and stores the 64-bit result in the 8 characters at .Fa out . The .Fa salt specifies perturbations to .Tn DES as described above. .Sh SEE ALSO .Xr login 1 , .Xr passwd 1 , .Xr getpass 3 , .Xr passwd 5 .sp .Rs .%T "Mathematical Cryptology for Computer Scientists and Mathematicians" .%A Wayne Patterson .%D 1987 .%N ISBN 0-8476-7438-X .Re .Rs .%T "Password Security: A Case History" .%A R. Morris .%A Ken Thompson .%J "Communications of the ACM" .%V vol. 22 .%P pp. 594-597 .%D Nov. 1979 .Re .Rs .%T "DES will be Totally Insecure within Ten Years" .%A M.E. Hellman .%J "IEEE Spectrum" .%V vol. 16 .%P pp. 32-39 .%D July 1979 .Re .Sh HISTORY A rotor-based .Fn crypt function appeared in .At v6 . The current style .Fn crypt first appeared in .At v7 . .Sh BUGS Dropping the .Em least significant bit in each character of the argument to .Fn des_setkey is ridiculous. .Pp The .Fn crypt function leaves its result in an internal static object and returns a pointer to that object. Subsequent calls to .Fn crypt will modify the same object.