crypt(3)crypt(3)NAME
crypt, crypt16, setkey, encrypt - DES encryption
SYNOPSIS
#include <unistd.h> #include <stdlib.h>
char *crypt(
const char *key,
const char *salt ); char *crypt16(
const char *key,
const char *salt ); void setkey(
const char *key );
DESCRIPTION
The crypt() subroutine is the password encryption routine. It is based
on the NBS Data Encryption Standard, with variations intended to frus‐
trate use of hardware implementations of the DES for key search.
The first argument to crypt() is normally a user's typed password. The
second is a 2-character string chosen from the set [a-zA-Z0-9./]. The
salt string is used to perturb the DES algorithm in one of 4096 differ‐
ent ways, after which the password is used as the key to encrypt
repeatedly a constant string. The returned value points to the
encrypted password, in the same alphabet as the salt. The first two
characters are the salt itself.
The crypt16() subroutine is identical to the crypt() function except
that it will accept a password up to sixteen characters in length. It
generates a longer encrypted password for use with enhanced security
features.
The other entries provide primitive access to the actual DES algorithm.
The argument of setkey() is a character array of length 64 containing
only the characters with numerical value 0 and 1. If this string is
divided into groups of 8, the low-order bit in each group is ignored,
leading to a 56-bit key which is set into the machine.
The argument to the encrypt() entry is likewise a character array of
length 64 containing 0s and 1s. The argument array is modified in place
to a similar array representing the bits of the argument after having
been subjected to the DES algorithm using the key set by setkey(). If
edflag is 0, the argument is encrypted; if non-zero, it is decrypted.
RESTRICTIONS
The return values from crypt() and crypt16() point to static data areas
whose content is overwritten by each call.
ENVIRONMENT
Default Environment
In the default environment on systems that do not have the optional
encryption software installed the encrypt() function expects exactly
one argument, the data to be encrypted. The edflag argument is not sup‐
plied and there is no way to decrypt data. If the optional encryption
software is installed the encrypt() function behaves as it does in the
POSIX environment. The syntax for the default environment follows: void
encrypt(block) char *block;
POSIX Environment
In the POSIX environment the encrypt function always expects two argu‐
ments. The encrypt() function will set errno to ENOSYS and return if
edflag is non-zero and the optional encryption software is not present.
The syntax for the POSIX environment follows: void encrypt(block,
edflag) char *block; int edflag;
In all cases the setkey() function will set errno to ENOSYS and return
if the optional encryption software is not present.
SEE ALSOlogin(1), passwd(1), yppasswd(1), getpass(3), passwd(4), prpasswd(4)crypt(3)