1.\" Copyright (c) 1989, 1991 The Regents of the University of California. 2.\" All rights reserved. 3.\" 4.\" %sccs.include.redist.man% 5.\" 6.\" @(#)crypt.3 6.5 (Berkeley) 05/06/91 7.\" 8.Dd 9.Dt CRYPT 3 10.Os 11.Sh NAME 12.Nm crypt , 13.Nm setkey , 14.Nm encrypt , 15.Nm des_setkey , 16.Nm des_cipher 17.Nd DES encryption 18.Sh SYNOPSIS 19.Ft char 20.Fn *crypt "const char *key" "const char *setting" 21.Ft void 22.Fn setkey "char *key" 23.Ft void 24.Fn encrypt "char *block" "int flag" 25.Ft void 26.Fn des_setkey "const char *key" 27.Ft void 28.Fn des_cipher "const char *in" "char *out" "long salt" "int count" 29.Sh DESCRIPTION 30The 31.Xr crypt 32function 33performs password encryption. 34It is derived from the 35.Tn NBS 36Data Encryption Standard. 37Additional code has been added to deter 38key search attempts. 39The first argument to 40.Nm crypt 41is 42a 43.Dv NUL Ns -terminated 44string (normally a password typed by a user). 45The second is a character array, 9 bytes in length, consisting of an 46underscore (``_'') followed by 4 bytes of iteration count and 4 bytes 47of salt. 48Both the iteration 49.Fa count 50and the 51.Fa salt 52are encoded as follows: only 6 bits per character are used, with the least 53significant bits occurring first. 54The values 0 to 63 are encoded by the characters ``./0-9A-Za-z'', 55respectively. 56The 57.Fa salt 58is used to induce disorder in to the 59.Tn DES 60algorithm 61in one of 16777216 62possible ways 63(specifically, if bit 64.Em N 65of the 66.Ar salt 67is set then bits 68.Em N 69and 70.Em N+24 71are swapped in the 72.Tn DES 73``E'' box output). 74Then the 75.Ar key 76is used to perform 77.Ar count 78cumulative encryptions of a 64-bit constant. 79The value returned is a character array, 20 bytes in length, consisting 80of the 81.Ar setting 82followed by the encoded 64-bit encryption. 83.Pp 84For compatibility with historical versions of 85.Xr crypt 3 , 86the 87.Ar setting 88may consist of 2 bytes of salt, encoded as above, in which case an 89iteration 90.Ar count 91of 25 is used, fewer perturbations of 92.Tn DES 93are available, at most 8 94characters of 95.Ar key 96are used, and the returned value is a character array 13 bytes in length. 97.Pp 98The 99functions, 100.Fn encrypt , 101.Fn setkey , 102.Fn des_setkey 103and 104.Fn des_cipher 105allow limited access to the 106.Tn DES 107algorithm itself. 108The 109.Ar key 110argument to 111.Fn setkey 112is a 64 character array of 113.Tn ASCII 114binary values (0 or 1). 115A 56-bit key is derived from dividing this array by dividing the string 116into groups of 8 and ignoring the last bit in each group. 117.Pp 118The 119.Fn encrypt 120argument 121.Fa block 122is also a 64 character array of 123.Tn ASCII 124binary values. 125If the value of 126.Fa flag 127is 0, 128the argument 129.Fa block 130is encrypted, otherwise it 131is decrypted. 132The encryption or decryption is returned in the original 133array 134.Fa block 135after using the 136key specified 137by 138.Fn setkey 139to process it. 140.Pp 141The 142.Fn des_setkey 143and 144.Fn des_cipher 145functions are faster but less portable than 146.Fn setkey 147and 148.Fn encrypt . 149The argument to 150.Fn des_setkey 151is a character array of length 8. 152The 153.Em least 154significant bit in each character is ignored and the next 7 bits of each 155character are concatenated to yield a 56-bit key. 156The function 157.Fn des_cipher 158encrypts (or decrypts if 159.Fa count 160is negative) the 64-bits stored in the 8 characters at 161.Fa in 162using 163.Xr abs 3 164of 165.Fa count 166iterations of 167.Tn DES 168and stores the 64-bit result in the 8 characters at 169.Fa out . 170The 171.Fa salt 172specifies perturbations to 173.Tn DES 174as described above. 175.Sh SEE ALSO 176.Xr login 1 , 177.Xr passwd 1 , 178.Xr getpass 3 , 179.Xr passwd 5 180.sp 181.Rs 182.%T "Mathematical Cryptology for Computer Scientists and Mathematicians" 183.%A Wayne Patterson 184.%D 1987 185.%N ISBN 0-8476-7438-X 186.Re 187.Rs 188.%T "Password Security: A Case History" 189.%A R. Morris 190.%A Ken Thompson 191.%J "Communications of the ACM" 192.%V vol. 22 193.%P pp. 594-597 194.%D Nov. 1979 195.Re 196.Rs 197.%T "DES will be Totally Insecure within Ten Years" 198.%A M.E. Hellman 199.%J "IEEE Spectrum" 200.%V vol. 16 201.%P pp. 32-39 202.%D July 1979 203.Re 204.Sh HISTORY 205A rotor-based 206.Fn crypt 207function appeared in 208.At v6 . 209The current style 210.Fn crypt 211first appeared in 212.At v7 . 213.Sh BUGS 214Dropping the 215.Em least 216significant bit in each character of the argument to 217.Fn des_setkey 218is ridiculous. 219.Pp 220The 221.Fn crypt 222function leaves its result in an internal static object and returns 223a pointer to that object. Subsequent calls to 224.Fn crypt 225will modify the same object. 226