xref: /386bsd/usr/share/man/cat3/crypt.0 (revision a2142627) 
1CRYPT(3)                  386BSD Programmer's Manual                  CRYPT(3)
2
3NNAAMMEE
4     ccrryypptt, sseettkkeeyy, eennccrryypptt, ddeess__sseettkkeeyy, ddeess__cciipphheerr - DES encryption
5
6SSYYNNOOPPSSIISS
7     _c_h_a_r
8     **ccrryypptt(_c_o_n_s_t _c_h_a_r *_k_e_y, _c_o_n_s_t _c_h_a_r *_s_e_t_t_i_n_g)
9
10     _i_n_t
11     sseettkkeeyy(_c_h_a_r *_k_e_y)
12
13     _i_n_t
14     eennccrryypptt(_c_h_a_r *_b_l_o_c_k, _i_n_t _f_l_a_g)
15
16     _i_n_t
17     ddeess__sseettkkeeyy(_c_o_n_s_t _c_h_a_r *_k_e_y)
18
19     _i_n_t
20     ddeess__cciipphheerr(_c_o_n_s_t _c_h_a_r *_i_n, _c_h_a_r *_o_u_t, _l_o_n_g _s_a_l_t, _i_n_t _c_o_u_n_t)
21
22DDEESSCCRRIIPPTTIIOONN
23     The crypt function performs password encryption.  It is derived from the
24     NBS Data Encryption Standard.  Additional code has been added to deter
25     key search attempts.  The first argument to ccrryypptt is a NUL-terminated
26     string (normally a password typed by a user).  The second is a character
27     array, 9 bytes in length, consisting of an underscore (``_'') followed by
28     4 bytes of iteration count and 4 bytes of salt.  Both the iteration _c_o_u_n_t
29     and the _s_a_l_t are encoded with 6 bits per character, least significant
30     bits first.  The values 0 to 63 are encoded by the characters ``./0-9A-
31     Za-z'', respectively.
32
33     The _s_a_l_t is used to induce disorder in to the DES algorithm in one of
34     16777216 possible ways (specifically, if bit _i of the _s_a_l_t is set then
35     bits _i and _i+_2_4 are swapped in the DES ``E'' box output).  The _k_e_y is
36     divided into groups of 8 characters (a short final group is null-padded)
37     and the low-order 7 bits of each each character (56 bits per group) are
38     used to form the DES key as follows: the first group of 56 bits becomes
39     the initial DES key.  For each additional group, the XOR of the group
40     bits and the encryption of the DES key with itself becomes the next DES
41     key.  Then the final DES key is used to perform _c_o_u_n_t cumulative
42     encryptions of a 64-bit constant.  The value returned is a NUL-terminated
43     string, 20 bytes in length, consisting of the _s_e_t_t_i_n_g followed by the
44     encoded 64-bit encryption.
45
46     For compatibility with historical versions of crypt(3),  the _s_e_t_t_i_n_g may
47     consist of 2 bytes of salt, encoded as above, in which case an iteration
48     _c_o_u_n_t of 25 is used, fewer perturbations of DES are available, at most 8
49     characters of _k_e_y are used, and the returned value is a NUL-terminated
50     string 13 bytes in length.
51
52     The functions, eennccrryypptt(), sseettkkeeyy(), ddeess__sseettkkeeyy() and ddeess__cciipphheerr() allow
53     limited access to the DES algorithm itself.  The _k_e_y argument to sseettkkeeyy()
54     is a 64 character array of binary values (numeric 0 or 1).  A 56-bit key
55     is derived from this array by dividing the array into groups of 8 and
56     ignoring the last bit in each group.
57
58     The eennccrryypptt() argument _b_l_o_c_k is also a 64 character array of binary
59     values.  If the value of _f_l_a_g is 0, the argument _b_l_o_c_k is encrypted,
60     otherwise it is decrypted.  The encryption or decryption is returned in
61     the original array _b_l_o_c_k after using the key specified by sseettkkeeyy() to
62     process it.
63
64     The ddeess__sseettkkeeyy() and ddeess__cciipphheerr() functions are faster but less portable
65     than sseettkkeeyy() and eennccrryypptt().  The argument to ddeess__sseettkkeeyy() is a character
66     array of length 8.  The _l_e_a_s_t significant bit in each character is
67     ignored and the next 7 bits of each character are concatenated to yield a
68     56-bit key.  The function ddeess__cciipphheerr() encrypts (or decrypts if _c_o_u_n_t is
69     negative) the 64-bits stored in the 8 characters at _i_n using abs(3) of
70     _c_o_u_n_t iterations of DES and stores the 64-bit result in the 8 characters
71     at _o_u_t. The _s_a_l_t specifies perturbations to DES as described above.
72
73     The function ccrryypptt() returns a pointer to the encrypted value on success
74     and NULL on failure.  The functions sseettkkeeyy(), eennccrryypptt(), ddeess__sseettkkeeyy(),
75     and ddeess__cciipphheerr() return 0 on success and 1 on failure.  Historically, the
76     functions sseettkkeeyy() and eennccrryypptt() did not return any value.  They have
77     been provided return values primarily to distinguish implementations
78     where hardware support is provided but not available or where the DES
79     encryption is not available due to the usual political silliness.
80
81SSEEEE AALLSSOO
82     login(1),  passwd(1),  getpass(3),  passwd(5)
83
84
85     Wayne Patterson, _M_a_t_h_e_m_a_t_i_c_a_l _C_r_y_p_t_o_l_o_g_y _f_o_r _C_o_m_p_u_t_e_r _S_c_i_e_n_t_i_s_t_s _a_n_d
86     _M_a_t_h_e_m_a_t_i_c_i_a_n_s, ISBN 0-8476-7438-X, 1987.
87
88     R. Morris, and Ken Thompson, "Password Security: A Case History",
89     _C_o_m_m_u_n_i_c_a_t_i_o_n_s _o_f _t_h_e _A_C_M, vol. 22, pp. 594-597, Nov. 1979.
90
91     M.E. Hellman, "DES will be Totally Insecure within Ten Years", _I_E_E_E
92     _S_p_e_c_t_r_u_m, vol. 16, pp. 32-39, July 1979.
93
94HHIISSTTOORRYY
95     A rotor-based ccrryypptt() function appeared in Version 6 AT&T UNIX.  The
96     current style ccrryypptt() first appeared in Version 7 AT&T UNIX.
97
98BBUUGGSS
99     Dropping the _l_e_a_s_t significant bit in each character of the argument to
100     ddeess__sseettkkeeyy() is ridiculous.
101
102     The ccrryypptt() function leaves its result in an internal static object and
103     returns a pointer to that object.  Subsequent calls to ccrryypptt() will
104     modify the same object.
105
106BSD Experimental                 May 21, 1991                                2
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133