NAME

crypt, setkey, encrypt − DES encryption

SYNOPSIS

#include <unistd.h>
char ∗crypt(
const char ∗key,
const char ∗salt);

#include <stdlib.h>
void setkey(
const char ∗key);

#include <unistd.h>
void encrypt(
char ∗block,
int edflag);

DESCRIPTION

The crypt subroutine is the password encryption routine. It is based on the NBS Data Encryption Standard, with variations intended to frustrate use of hardware implementations of the DES for key search.

The first argument to crypt is normally a user’s typed password. The second is a 2-character string chosen from the set [a-zA-Z0-9./]. The salt string is used to perturb the DES algorithm in one of 4096 different ways, after which the password is used as the key to encrypt repeatedly a constant string.  The returned value points to the encrypted password, in the same alphabet as the salt.  The first two characters are the salt itself. 

The other entries provide primitive access to the actual DES algorithm.  The argument of setkey is a character array of length 64 containing only the characters with numerical value 0 and 1. If this string is divided into groups of 8, the low-order bit in each group is ignored, leading to a 56-bit key which is set into the machine. In all cases the setkey function will set errno to ENOSYS and return if the optional encryption software is not present. 

The argument to the encrypt entry is likewise a character array of length 64 containing 0s and 1s. The argument array is modified in place to a similar array representing the bits of the argument after having been subjected to the DES algorithm using the key set by setkey. The encrypt function will set errno to ENOSYS and return if edflag is non-zero and the optional encryption software is not present. 

RESTRICTIONS

The return value from crypt points to static data areas whose content is overwritten by each call.

RELATED INFORMATION

login(1), passwd(1), yppasswd(1), getpass(3), passwd(4)
Security