SysIII/usr/src/man/man3/crypt.3c

.TH CRYPT 3C
.SH NAME
crypt, setkey, encrypt \- \s-1DES\s+1 encryption
.SH SYNOPSIS
.B char \(**crypt (key, salt)
.br
.B char \(**key, \(**salt;
.PP
.B setkey (key)
.br
.B char \(**key;
.PP
.B encrypt (block, edflag)
.br
.B char \(**block;
.br
.B int edflag;
.SH DESCRIPTION
.I Crypt\^
is the password encryption routine.
It is based on the
.SM NBS
Data Encryption Standard (\s-1DES\s+1), with
variations intended (among other things) to frustrate use of hardware
implementations of the
.SM DES
for key search.
.PP
The first argument to
.I crypt\^
is a user's typed password.
The second is a 2-character string chosen from the
set [\f3a-zA-Z0-9./\fP];
this
.I salt\^
string is used to perturb the
.SM DES
algorithm in one of 4096
different ways, after which the password
is used as the key to encrypt repeatedly a constant string.
The returned value points to the encrypted password,
in the same alphabet as the salt.
The first two characters are the salt itself.
.PP
The
.I setkey\^
and
.I encrypt\^
entries provide (rather primitive)
access to the actual
.SM DES
algorithm.
The argument of
.I setkey\^
is a character array of length 64 containing only the characters
with numerical value 0 and 1.
If this string is divided into groups of 8,
the low-order bit in each group is ignored,
leading to a 56-bit key which is set into the machine.
.PP
The argument to the
.I encrypt\^
entry is likewise a character array of length 64
containing 0's and 1's.
The argument array is modified in place
to a similar array
representing the bits of the argument after having been
subjected to the
.SM DES
algorithm using the key set by
.IR setkey .
If
.I edflag\^
is 0, the argument is encrypted;
if non-zero,
it is decrypted.
.SH SEE ALSO
login(1), passwd(1), getpass(3C), passwd(5).
.SH BUGS
The return value
points to static data that are overwritten
by each call.