1997-05-28 07:00:11 +02:00
|
|
|
.\" @(#)des_crypt.3 2.1 88/08/11 4.0 RPCSRC; from 1.16 88/03/02 SMI;
|
1999-07-12 22:50:10 +02:00
|
|
|
.\" $Id$
|
|
|
|
.\"
|
1997-05-28 07:00:11 +02:00
|
|
|
.TH DES_CRYPT 3 "6 October 1987"
|
|
|
|
.SH NAME
|
|
|
|
des_crypt, ecb_crypt, cbc_crypt, des_setparity \- fast DES encryption
|
|
|
|
.SH SYNOPSIS
|
|
|
|
.nf
|
|
|
|
.B #include <des_crypt.h>
|
|
|
|
.LP
|
|
|
|
.B int ecb_crypt(key, data, datalen, mode)
|
|
|
|
.B char *key;
|
|
|
|
.B char *data;
|
|
|
|
.B unsigned datalen;
|
|
|
|
.B unsigned mode;
|
|
|
|
.LP
|
|
|
|
.B int cbc_crypt(key, data, datalen, mode, ivec)
|
|
|
|
.B char *key;
|
|
|
|
.B char *data;
|
|
|
|
.B unsigned datalen;
|
|
|
|
.B unsigned mode;
|
|
|
|
.B char *ivec;
|
|
|
|
.LP
|
|
|
|
.B void des_setparity(key)
|
|
|
|
.B char *key;
|
|
|
|
.fi
|
|
|
|
.SH DESCRIPTION
|
|
|
|
.IX encryption cbc_crypt "" \fLcbc_crypt\fP
|
|
|
|
.IX "des encryption" cbc_crypt "DES encryption" \fLcbc_crypt\fP
|
|
|
|
.IX encryption des_setparity "" \fLdes_setparity\fP
|
|
|
|
.IX "des encryption" des_setparity "DES encryption" \fLdes_setparity\fP
|
|
|
|
.B ecb_crypt(\|)
|
|
|
|
and
|
|
|
|
.B cbc_crypt(\|)
|
|
|
|
implement the
|
|
|
|
.SM NBS
|
|
|
|
.SM DES
|
|
|
|
(Data Encryption Standard).
|
|
|
|
These routines are faster and more general purpose than
|
|
|
|
.BR crypt (3).
|
|
|
|
They also are able to utilize
|
|
|
|
.SM DES
|
|
|
|
hardware if it is available.
|
|
|
|
.B ecb_crypt(\|)
|
|
|
|
encrypts in
|
|
|
|
.SM ECB
|
|
|
|
(Electronic Code Book)
|
|
|
|
mode, which encrypts blocks of data independently.
|
|
|
|
.B cbc_crypt(\|)
|
|
|
|
encrypts in
|
|
|
|
.SM CBC
|
|
|
|
(Cipher Block Chaining)
|
|
|
|
mode, which chains together
|
|
|
|
successive blocks.
|
|
|
|
.SM CBC
|
|
|
|
mode protects against insertions, deletions and
|
|
|
|
substitutions of blocks. Also, regularities in the clear text will
|
|
|
|
not appear in the cipher text.
|
|
|
|
.LP
|
|
|
|
Here is how to use these routines. The first parameter,
|
|
|
|
.IR key ,
|
|
|
|
is the 8-byte encryption key with parity.
|
|
|
|
To set the key's parity, which for
|
|
|
|
.SM DES
|
|
|
|
is in the low bit of each byte, use
|
|
|
|
.IR des_setparity .
|
|
|
|
The second parameter,
|
|
|
|
.IR data ,
|
|
|
|
contains the data to be encrypted or decrypted. The
|
|
|
|
third parameter,
|
|
|
|
.IR datalen ,
|
|
|
|
is the length in bytes of
|
|
|
|
.IR data ,
|
|
|
|
which must be a multiple of 8. The fourth parameter,
|
|
|
|
.IR mode ,
|
|
|
|
is formed by
|
|
|
|
.SM OR\s0'ing
|
|
|
|
together some things. For the encryption direction 'or' in either
|
|
|
|
.SM DES_ENCRYPT
|
|
|
|
or
|
|
|
|
.SM DES_DECRYPT\s0.
|
|
|
|
For software versus hardware
|
|
|
|
encryption, 'or' in either
|
|
|
|
.SM DES_HW
|
|
|
|
or
|
|
|
|
.SM DES_SW\s0.
|
|
|
|
If
|
|
|
|
.SM DES_HW
|
|
|
|
is specified, and there is no hardware, then the encryption is performed
|
|
|
|
in software and the routine returns
|
|
|
|
.SM DESERR_NOHWDEVICE\s0.
|
|
|
|
For
|
|
|
|
.IR cbc_crypt ,
|
|
|
|
the parameter
|
|
|
|
.I ivec
|
|
|
|
is the the 8-byte initialization
|
|
|
|
vector for the chaining. It is updated to the next initialization
|
|
|
|
vector upon return.
|
|
|
|
.LP
|
|
|
|
.SH "SEE ALSO"
|
|
|
|
.BR des (1),
|
|
|
|
.BR crypt (3)
|
|
|
|
.SH DIAGNOSTICS
|
|
|
|
.PD 0
|
|
|
|
.TP 20
|
|
|
|
.SM DESERR_NONE
|
|
|
|
No error.
|
|
|
|
.TP
|
|
|
|
.SM DESERR_NOHWDEVICE
|
|
|
|
Encryption succeeded, but done in software instead of the requested hardware.
|
|
|
|
.TP
|
|
|
|
.SM DESERR_HWERR
|
|
|
|
An error occurred in the hardware or driver.
|
|
|
|
.TP
|
|
|
|
.SM DESERR_BADPARAM
|
|
|
|
Bad parameter to routine.
|
|
|
|
.PD
|
|
|
|
.LP
|
|
|
|
Given a result status
|
|
|
|
.IR stat ,
|
|
|
|
the macro
|
|
|
|
.SM DES_FAILED\c
|
|
|
|
.BR ( stat )
|
|
|
|
is false only for the first two statuses.
|
|
|
|
.SH RESTRICTIONS
|
|
|
|
These routines are not available in RPCSRC 4.0.
|
|
|
|
This information is provided to describe the DES interface expected by
|
|
|
|
Secure RPC.
|