mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-12-30 15:38:06 +01:00
237 lines
6.2 KiB
Groff
237 lines
6.2 KiB
Groff
|
.\" FreeSec: libcrypt for NetBSD
|
||
|
.\"
|
||
|
.\" Copyright (c) 1994 David Burren
|
||
|
.\" All rights reserved.
|
||
|
.\"
|
||
|
.\" Redistribution and use in source and binary forms, with or without
|
||
|
.\" modification, are permitted provided that the following conditions
|
||
|
.\" are met:
|
||
|
.\" 1. Redistributions of source code must retain the above copyright
|
||
|
.\" notice, this list of conditions and the following disclaimer.
|
||
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
||
|
.\" notice, this list of conditions and the following disclaimer in the
|
||
|
.\" documentation and/or other materials provided with the distribution.
|
||
|
.\" 4. Neither the name of the author nor the names of other contributors
|
||
|
.\" may be used to endorse or promote products derived from this software
|
||
|
.\" without specific prior written permission.
|
||
|
.\"
|
||
|
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
||
|
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||
|
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||
|
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||
|
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||
|
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||
|
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||
|
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||
|
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||
|
.\" SUCH DAMAGE.
|
||
|
.\"
|
||
|
.\" $Id: crypt.3,v 1.1 1994/09/07 08:55:24 g89r4222 Exp $
|
||
|
.\"
|
||
|
.\" Manual page, using -mandoc macros
|
||
|
.\"
|
||
|
.Dd March 9, 1994
|
||
|
.Dt CRYPT 3
|
||
|
.Os "FreeSec 1.0"
|
||
|
.Sh NAME
|
||
|
.Nm crypt ,
|
||
|
.Nm setkey ,
|
||
|
.Nm encrypt ,
|
||
|
.Nm des_setkey ,
|
||
|
.Nm des_cipher ,
|
||
|
.Nd DES encryption
|
||
|
.Sh SYNOPSIS
|
||
|
.Ft char
|
||
|
.Fn *crypt "const char *key" "const char *setting"
|
||
|
.Ft int
|
||
|
.Fn setkey "char *key"
|
||
|
.Ft int
|
||
|
.Fn encrypt "char *block" "int flag"
|
||
|
.Ft int
|
||
|
.Fn des_setkey "const char *key"
|
||
|
.Ft int
|
||
|
.Fn des_cipher "const char *in" "char *out" "long salt" "int count"
|
||
|
.Sh DESCRIPTION
|
||
|
The
|
||
|
.Fn crypt
|
||
|
function performs password encryption, based on the
|
||
|
.Tn NBS
|
||
|
Data Encryption Standard (DES).
|
||
|
Additional code has been added to deter key search attempts.
|
||
|
The first argument to
|
||
|
.Nm crypt
|
||
|
is a
|
||
|
.Dv null Ns -terminated
|
||
|
string, typically a user's typed password.
|
||
|
The second is in one of two forms:
|
||
|
if it begins with an underscore (``_'') then an extended format is used
|
||
|
in interpreting both the the key and the setting, as outlined below.
|
||
|
.Ss Extended crypt:
|
||
|
.Pp
|
||
|
The
|
||
|
.Ar key
|
||
|
is divided into groups of 8 characters (the last group is null-padded)
|
||
|
and the low-order 7 bits of each each character (56 bits per group) are
|
||
|
used to form the DES key as follows:
|
||
|
the first group of 56 bits becomes the initial DES key.
|
||
|
For each additional group, the XOR of the encryption of the current DES
|
||
|
key with itself and the group bits becomes the next DES key.
|
||
|
.Pp
|
||
|
The setting is a 9-character array consisting of an underscore followed
|
||
|
by 4 bytes of iteration count and 4 bytes of salt.
|
||
|
These are encoded as printable characters, 6 bits per character,
|
||
|
least significant character first.
|
||
|
The values 0 to 63 are encoded as ``./0-9A-Za-z''.
|
||
|
This allows 24 bits for both
|
||
|
.Fa count
|
||
|
and
|
||
|
.Fa salt .
|
||
|
.Ss "Traditional" crypt:
|
||
|
.Pp
|
||
|
The first 8 bytes of the key are null-padded, and the low-order 7 bits of
|
||
|
each character is used to form the 56-bit
|
||
|
.Tn DES
|
||
|
key.
|
||
|
.Pp
|
||
|
The setting is a 2-character array of the ASCII-encoded salt.
|
||
|
Thus only 12 bits of
|
||
|
.Fa salt
|
||
|
are used.
|
||
|
.Fa count
|
||
|
is set to 25.
|
||
|
.Ss Algorithm:
|
||
|
.Pp
|
||
|
The
|
||
|
.Fa salt
|
||
|
introduces disorder in the
|
||
|
.Tn DES
|
||
|
algorithm in one of 16777216 or 4096 possible ways
|
||
|
(ie. with 24 or 12 bits: if bit
|
||
|
.Em i
|
||
|
of the
|
||
|
.Ar salt
|
||
|
is set, then bits
|
||
|
.Em i
|
||
|
and
|
||
|
.Em i+24
|
||
|
are swapped in the
|
||
|
.Tn DES
|
||
|
E-box output).
|
||
|
.Pp
|
||
|
The DES key is used to encrypt a 64-bit constant using
|
||
|
.Ar count
|
||
|
iterations of
|
||
|
.Tn DES .
|
||
|
The value returned is a
|
||
|
.Dv null Ns -terminated
|
||
|
string, 20 or 13 bytes (plus null) in length, consisting of the
|
||
|
.Ar setting
|
||
|
followed by the encoded 64-bit encryption.
|
||
|
.Pp
|
||
|
The functions,
|
||
|
.Fn encrypt ,
|
||
|
.Fn setkey ,
|
||
|
.Fn des_setkey
|
||
|
and
|
||
|
.Fn des_cipher
|
||
|
provide access to the
|
||
|
.Tn DES
|
||
|
algorithm itself.
|
||
|
.Fn setkey
|
||
|
is passed a 64-byte array of binary values (numeric 0 or 1).
|
||
|
A 56-bit key is extracted from this array by dividing the
|
||
|
array into groups of 8, and ignoring the last bit in each group.
|
||
|
That bit is reserved for a byte parity check by DES, but is ignored
|
||
|
by these functions.
|
||
|
.Pp
|
||
|
The
|
||
|
.Fa block
|
||
|
argument to
|
||
|
.Fn encrypt
|
||
|
is also a 64-byte array of binary values.
|
||
|
If the value of
|
||
|
.Fa flag
|
||
|
is 0,
|
||
|
.Fa block
|
||
|
is encrypted otherwise it is decrypted.
|
||
|
The result is returned in the original array
|
||
|
.Fa block
|
||
|
after using the key specified by
|
||
|
.Fn setkey
|
||
|
to process it.
|
||
|
.Pp
|
||
|
The argument to
|
||
|
.Fn des_setkey
|
||
|
is a character array of length 8.
|
||
|
The least significant bit (the parity bit) in each character is ignored,
|
||
|
and the remaining bits are concatenated to form a 56-bit key.
|
||
|
The function
|
||
|
.Fn des_cipher
|
||
|
encrypts (or decrypts if
|
||
|
.Fa count
|
||
|
is negative) the 64-bits stored in the 8 characters at
|
||
|
.Fa in
|
||
|
using
|
||
|
.Xr abs 3
|
||
|
of
|
||
|
.Fa count
|
||
|
iterations of
|
||
|
.Tn DES
|
||
|
and stores the 64-bit result in the 8 characters at
|
||
|
.Fa out
|
||
|
(which may be the same as
|
||
|
.Fa in
|
||
|
).
|
||
|
The
|
||
|
.Fa salt
|
||
|
specifies perturbations to the
|
||
|
.Tn DES
|
||
|
E-box output as described above.
|
||
|
.Pp
|
||
|
The function
|
||
|
.Fn crypt
|
||
|
returns a pointer to the encrypted value on success, and NULL on failure.
|
||
|
The functions
|
||
|
.Fn setkey ,
|
||
|
.Fn encrypt ,
|
||
|
.Fn des_setkey ,
|
||
|
and
|
||
|
.Fn des_cipher
|
||
|
return 0 on success and 1 on failure.
|
||
|
.Pp
|
||
|
The
|
||
|
.Fn crypt ,
|
||
|
.Fn setkey
|
||
|
and
|
||
|
.Fn des_setkey
|
||
|
functions all manipulate the same key space.
|
||
|
.Sh SEE ALSO
|
||
|
.Xr login 1 ,
|
||
|
.Xr passwd 1 ,
|
||
|
.Xr getpass 3 ,
|
||
|
.Xr passwd 5
|
||
|
.Sh BUGS
|
||
|
The
|
||
|
.Fn crypt
|
||
|
function returns a pointer to static data, and subsequent calls to
|
||
|
.Fn crypt
|
||
|
will modify the same object.
|
||
|
.Sh HISTORY
|
||
|
A rotor-based
|
||
|
.Fn crypt
|
||
|
function appeared in
|
||
|
.At v6 .
|
||
|
The current style
|
||
|
.Fn crypt
|
||
|
first appeared in
|
||
|
.At v7 .
|
||
|
.Pp
|
||
|
This library (FreeSec 1.0) was developed outside the United States of America
|
||
|
as an unencumbered replacement for the U.S.-only NetBSD libcrypt encryption
|
||
|
library.
|
||
|
Users should be aware that this code (and programs staticly linked with it)
|
||
|
may not be exported from the U.S., although it apparently can be imported.
|
||
|
.Sh AUTHOR
|
||
|
David Burren <davidb@werj.com.au>
|