crypt, crypt16, setkey, encrypt - DES encryption
#include <unistd.h> #include <stdlib.h>
char *crypt(
const char *key,
const char *salt ); char *crypt16(
const char *key,
const char *salt ); void setkey(
const char *key );
The crypt() subroutine is the password encryption routine.
It is based on the NBS Data Encryption Standard, with
variations intended to frustrate use of hardware implementations
of the DES for key search.
The first argument to crypt() is normally a user's typed
password. The second is a 2-character string chosen from
the set [a-zA-Z0-9./]. The salt string is used to perturb
the DES algorithm in one of 4096 different ways, after
which the password is used as the key to encrypt repeatedly
a constant string. The returned value points to the
encrypted password, in the same alphabet as the salt. The
first two characters are the salt itself.
The crypt16() subroutine is identical to the crypt() function
except that it will accept a password up to sixteen
characters in length. It generates a longer encrypted
password for use with enhanced security features.
The other entries provide primitive access to the actual
DES algorithm. The argument of setkey() is a character
array of length 64 containing only the characters with
numerical value 0 and 1. If this string is divided into
groups of 8, the low-order bit in each group is ignored,
leading to a 56-bit key which is set into the machine.
The argument to the encrypt() entry is likewise a character
array of length 64 containing 0s and 1s. The argument
array is modified in place to a similar array representing
the bits of the argument after having been subjected to
the DES algorithm using the key set by setkey(). If edflag
is 0, the argument is encrypted; if non-zero, it is
decrypted.
The return values from crypt() and crypt16() point to
static data areas whose content is overwritten by each
call.
Default Environment [Toc] [Back]
In the default environment on systems that do not have the
optional encryption software installed the encrypt() function
expects exactly one argument, the data to be
encrypted. The edflag argument is not supplied and there
is no way to decrypt data. If the optional encryption
software is installed the encrypt() function behaves as it
does in the POSIX environment. The syntax for the default
environment follows: void encrypt(block) char *block;
POSIX Environment [Toc] [Back]
In the POSIX environment the encrypt function always
expects two arguments. The encrypt() function will set
errno to ENOSYS and return if edflag is non-zero and the
optional encryption software is not present. The syntax
for the POSIX environment follows: void encrypt(block,
edflag) char *block; int edflag;
In all cases the setkey() function will set errno to
ENOSYS and return if the optional encryption software is
not present.
login(1), passwd(1), yppasswd(1), getpass(3), passwd(4),
prpasswd(4)
crypt(3)
[ Back ] |