3 des_read_password, des_read_2password,
4 des_string_to_key, des_string_to_2key, des_read_pw_string,
5 des_random_key, des_set_key,
6 des_key_sched, des_ecb_encrypt, des_3ecb_encrypt, des_cbc_encrypt,
8 des_pcbc_encrypt, des_cfb_encrypt, des_ofb_encrypt,
9 des_cbc_cksum, des_quad_cksum,
10 des_enc_read, des_enc_write, des_set_odd_parity,
11 des_is_weak_key, crypt \- (non USA) DES encryption
18 .B int des_read_password(key,prompt,verify)
23 .B int des_read_2password(key1,key2,prompt,verify)
24 des_cblock *key1,*key2;
28 .B int des_string_to_key(str,key)
32 .B int des_string_to_2keys(str,key1,key2)
34 des_cblock *key1,*key2;
36 .B int des_read_pw_string(buf,length,prompt,verify)
42 .B int des_random_key(key)
45 .B int des_set_key(key,schedule)
47 des_key_schedule schedule;
49 .B int des_key_sched(key,schedule)
51 des_key_schedule schedule;
53 .B int des_ecb_encrypt(input,output,schedule,encrypt)
56 des_key_schedule schedule;
59 .B int des_3ecb_encrypt(input,output,ks1,ks2,encrypt)
62 des_key_schedule ks1,ks2;
65 .B int des_cbc_encrypt(input,output,length,schedule,ivec,encrypt)
69 des_key_schedule schedule;
73 .B int des_3cbc_encrypt(input,output,length,sk1,sk2,ivec1,ivec2,encrypt)
83 .B int des_pcbc_encrypt(input,output,length,schedule,ivec,encrypt)
87 des_key_schedule schedule;
91 .B int des_cfb_encrypt(input,output,numbits,length,schedule,ivec,encrypt)
93 unsigned char *output;
96 des_key_schedule schedule;
100 .B int des_ofb_encrypt(input,output,numbits,length,schedule,ivec)
101 unsigned char *input,*output;
104 des_key_schedule schedule;
107 .B unsigned long des_cbc_cksum(input,output,length,schedule,ivec)
111 des_key_schedule schedule;
114 .B unsigned long des_quad_cksum(input,output,length,out_count,seed)
121 .B int des_check_key;
123 .B int des_enc_read(fd,buf,len,sched,iv)
127 des_key_schedule sched;
130 .B int des_enc_write(fd,buf,len,sched,iv)
134 des_key_schedule sched;
137 .B extern int des_rw_mode;
139 .B void des_set_odd_parity(key)
142 .B int des_is_weak_key(key)
145 .B char *crypt(passwd,salt)
151 This library contains a fast implementation of the DES encryption
154 There are two phases to the use of DES encryption.
155 The first is the generation of a
158 the second is the actual encryption.
161 This type is made from 8 characters with odd parity.
162 The least significant bit in the character is the parity bit.
163 The key schedule is an expanded form of the key; it is used to speed the
167 writes the string specified by prompt to the standard output,
168 turns off echo and reads an input string from standard input
169 until terminated with a newline.
170 If verify is non-zero, it prompts and reads the input again and verifies
171 that both entered passwords are the same.
172 The entered string is converted into a des key by using the
175 The new key is placed in the
177 that was passed (by reference) to the routine.
178 If there were no errors,
181 -1 is returned if there was a terminal error and 1 is returned for
184 .I des_read_2password
185 operates in the same way as
187 except that it generates 2 keys by using the
188 .I des_string_to_2key
191 .I des_read_pw_string
194 to read and verify a string from a terminal device.
195 The string is returned in
199 is passed to the routine via the
204 converts a string into a valid des key.
206 .I des_string_to_2key
207 converts a string into 2 valid des keys.
208 This routine is best suited for used to generate keys for use with
212 returns a random key that is made of a combination of process id,
213 time and an increasing counter.
215 Before a des key can be used it is converted into a
224 will check that the key passed is of odd parity and is not a week or
226 If the parity is wrong,
228 If the key is a weak key,
230 If an error is returned,
231 the key schedule is not generated.
234 is another name for the
238 The following routines mostly operate on an input and output stream of
242 is the basic DES encryption routine that encrypts or decrypts a single 8-byte
245 .I electronic code book
247 It always transforms the input data, pointed to by
249 into the output data,
255 argument is non-zero (DES_ENCRYPT),
258 (cleartext) is encrypted in to the
260 (ciphertext) using the key_schedule specified by the
267 is zero (DES_DECRYPT),
271 is decrypted into the
274 Input and output may overlap.
275 No meaningful value is returned.
278 encrypts/decrypts the
280 block by using triple ecb DES encryption.
281 This involves encrypting the input with
283 decryption with the key schedule
285 and then encryption with the first again.
286 This routine greatly reduces the chances of brute force breaking of
287 DES and has the advantage of if
291 are the same, it is equivalent to just encryption using ecb mode and
296 encrypts/decrypts using the
297 .I cipher-block-chaining
301 argument is non-zero,
302 the routine cipher-block-chain encrypts the cleartext data pointed to by the
304 argument into the ciphertext pointed to by the
307 using the key schedule provided by the
310 and initialisation vector provided by the
315 argument is not an integral multiple of eight bytes,
316 the last block is copied to a temporary area and zero filled.
318 an integral multiple of eight bytes.
319 To make multiple cbc encrypt calls on a large amount of data appear to
324 of subsequent calls should be the last 8 bytes of the output.
327 encrypts/decrypts the
329 block by using triple cbc DES encryption.
330 This involves encrypting the input with key schedule
332 decryption with the key schedule
334 and then encryption with the first again.
335 2 initialisation vectors are required,
341 these initialisation vectors are modified by the subroutine.
342 This routine greatly reduces the chances of brute force breaking of
343 DES and has the advantage of if
347 are the same, it is equivalent to just encryption using cbc mode and
352 encrypt/decrypts using a modified block chaining mode.
353 It provides better error propagation characteristics than cbc
357 encrypt/decrypts using cipher feedback mode. This method takes an
358 array of characters as input and outputs and array of characters. It
359 does not require any padding to 8 character groups. Note: the ivec
360 variable is changed and the new changed value needs to be passed to
361 the next call to this function. Since this function runs a complete
362 DES ecb encryption per numbits, this function is only suggested for
363 use when sending small numbers of characters.
366 encrypt using output feedback mode. This method takes an
367 array of characters as input and outputs and array of characters. It
368 does not require any padding to 8 character groups. Note: the ivec
369 variable is changed and the new changed value needs to be passed to
370 the next call to this function. Since this function runs a complete
371 DES ecb encryption per numbits, this function is only suggested for
372 use when sending small numbers of characters.
375 produces an 8 byte checksum based on the input stream (via cbc encryption).
376 The last 4 bytes of the checksum is returned and the complete 8 bytes is
381 returns a 4 byte checksum from the input bytes.
382 The algorithm can be iterated over the input,
389 the 8 bytes generated by each pass are written into
400 The data is encrypted via
406 as a starting vector.
407 The actual data send down
409 consists of 4 bytes (in network byte order) containing the length of the
410 following encrypted data. The encrypted data then follows, padded with random
411 data out to a multiple of 8 bytes.
421 The data being read from
423 is assumed to have come from
425 and is decrypted using
427 for the key schedule and
429 for the initial vector.
431 .I des_enc_read/des_enc_write
432 pair can be used to read/write to files, pipes and sockets.
433 I have used them in implementing a version of rlogin in which all
437 is used to specify the encryption mode to use with
443 (the default), des_pcbc_encrypt is used.
446 des_cbc_encrypt is used.
447 These two routines and the variable are not part of the normal MIT library.
449 .I des_set_odd_parity
450 sets the parity of the passed
452 to odd. This routine is not part of the standard MIT library.
455 returns 1 is the passed key is a weak key (pick again :-),
457 This routine is not part of the standard MIT library.
460 is a replacement for the normal system crypt.
461 It is much faster than the system crypt.
468 The encryption routines have been tested on 16bit, 32bit and 64bit
469 machines of various endian and even works under VMS.
473 If you think this manual is sparse,
474 read the des_crypt(3) manual from the MIT kerberos (or bones outside
475 of the USA) distribution.
480 operates on input of 8 bits. What this means is that if you set
481 numbits to 12, and length to 2, the first 12 bits will come from the 1st
482 input byte and the low half of the second input byte. The second 12
483 bits will have the low 8 bits taken from the 3rd input byte and the
484 top 4 bits taken from the 4th input byte. The same holds for output.
485 This function has been implemented this way because most people will
486 be using a multiple of 8 and because once you get into pulling bytes input
487 bytes apart things get ugly!
489 .I des_read_pw_string
490 is the most machine/OS dependent function and normally generates the
491 most problems when porting this code.
494 is probably different from the MIT version since there are lots
495 of fun ways to implement one-way encryption of a text string.
497 The routines are optimised for 32 bit machines and so are not efficient
500 NOTE: extensive work has been done on this library since this document
501 was origionally written. Please try to read des.doc from the libdes
502 distribution since it is far more upto date and documents more of the
503 functions. Libdes is now also being shipped as part of SSLeay, a
504 general cryptographic library that amonst other things implements
505 netscapes SSL protocoll. The most recent version can be found in
506 SSLeay distributions.
508 Eric Young (eay@mincom.oz.au or eay@psych.psy.uq.oz.au)
projects / dragonfly.git / blob