

DES_CRYPT(3)                                                     DES_CRYPT(3)


NAME
  des_read_password, des_string_to_key, des_random_key, des_set_key,
  des_ecb_encrypt, des_cbc_encrypt, des_pcbc_encrypt, des_cbc_cksum,
  des_quad_cksum, - (new) DES encryption

SYNOPSIS
  ##iinncclluuddee <<ddeess..hh>>

  iinntt ddeess__rreeaadd__ppaasssswwoorrdd((kkeeyy,,pprroommpptt,,vveerriiffyy))
  des_cblock *key;
  char *prompt;
  int verify;

  iinntt ddeess__ssttrriinngg__ttoo__kkeeyy((ssttrr,,kkeeyy))
  cchhaarr **ssttrr;;
  ddeess__ccbblloocckk kkeeyy;;

  iinntt ddeess__rraannddoomm__kkeeyy((kkeeyy))
  ddeess__ccbblloocckk **kkeeyy;;

  iinntt ddeess__sseett__kkeeyy((kkeeyy,,sscchheedduullee))
  ddeess__ccbblloocckk **kkeeyy;;
  ddeess__kkeeyy__sscchheedduullee sscchheedduullee;;

  iinntt ddeess__eeccbb__eennccrryypptt((iinnppuutt,,oouuttppuutt,,sscchheedduullee,,eennccrryypptt))
  ddeess__ccbblloocckk **iinnppuutt;;
  ddeess__ccbblloocckk **oouuttppuutt;;
  ddeess__kkeeyy__sscchheedduullee sscchheedduullee;;
  iinntt eennccrryypptt;;

  iinntt ddeess__ccbbcc__eennccrryypptt((iinnppuutt,,oouuttppuutt,,lleennggtthh,,sscchheedduullee,,iivveecc,,eennccrryypptt))
  ddeess__ccbblloocckk **iinnppuutt;;
  ddeess__ccbblloocckk **oouuttppuutt;;
  lloonngg lleennggtthh;;
  ddeess__kkeeyy__sscchheedduullee sscchheedduullee;;
  ddeess__ccbblloocckk **iivveecc;;
  iinntt eennccrryypptt;;

  iinntt ddeess__ppccbbcc__eennccrryypptt((iinnppuutt,,oouuttppuutt,,lleennggtthh,,sscchheedduullee,,iivveecc,,eennccrryypptt))
  ddeess__ccbblloocckk **iinnppuutt;;
  ddeess__ccbblloocckk **oouuttppuutt;;
  lloonngg lleennggtthh;;
  ddeess__kkeeyy__sscchheedduullee sscchheedduullee;;
  ddeess__ccbblloocckk **iivveecc;;
  iinntt eennccrryypptt;;

  uunnssiiggnneedd lloonngg ddeess__ccbbcc__cckkssuumm((iinnppuutt,,oouuttppuutt,,lleennggtthh,,sscchheedduullee,,iivveecc))
  ddeess__ccbblloocckk **iinnppuutt;;
  ddeess__ccbblloocckk **oouuttppuutt;;
  lloonngg lleennggtthh;;
  ddeess__kkeeyy__sscchheedduullee sscchheedduullee;;
  ddeess__ccbblloocckk **iivveecc;;

  uunnssiiggnneedd lloonngg qquuaadd__cckkssuumm((iinnppuutt,,oouuttppuutt,,lleennggtthh,,oouutt__ccoouunntt,,sseeeedd))
  ddeess__ccbblloocckk **iinnppuutt;;
  ddeess__ccbblloocckk **oouuttppuutt;;
  lloonngg lleennggtthh;;
  iinntt oouutt__ccoouunntt;;
  ddeess__ccbblloocckk **sseeeedd;;

DESCRIPTION
  This library supports various DES encryption related operations. It differs
  from the _c_r_y_p_t_, _s_e_t_k_e_y_, _a_n_d _e_n_c_r_y_p_t library routines in that it provides a
  true DES encryption, without modifying the algorithm, and executes much
  faster.

  For each key that may be simultaneously active, create a ddeess__kkeeyy__sscchheedduullee
  struct, defined in "des.h". Next, create key schedules (from the 8-byte
  keys) as needed, via _d_e_s___s_e_t___k_e_y_, prior to using the encryption or checksum
  routines. Then setup the input and output areas.  Make sure to note the
  restrictions on lengths being multiples of eight bytes. Finally, invoke the
  encryption/decryption routines, _d_e_s___e_c_b___e_n_c_r_y_p_t or _d_e_s___c_b_c___e_n_c_r_y_p_t or
  _d_e_s___p_c_b_c___e_n_c_r_y_p_t_, or, to generate a cryptographic checksum, use _q_u_a_d___c_k_s_u_m
  (fast) or _d_e_s___c_b_c___c_k_s_u_m (slow).

  A _d_e_s___c_b_l_o_c_k struct is an 8 byte block used as the fundamental unit for DES
  data and keys, and is defined as:

  ttyyppeeddeeff uunnssiiggnneedd cchhaarr ddeess__ccbblloocckk[[88]];;

  and a _d_e_s___k_e_y___s_c_h_e_d_u_l_e_, is defined as:

  ttyyppeeddeeff ssttrruucctt ddeess__kkss__ssttrruucctt {{ddeess__ccbblloocckk __;;}} ddeess__kkeeyy__sscchheedduullee[[1166]];;

  _d_e_s___r_e_a_d___p_a_s_s_w_o_r_d writes the string specified by _p_r_o_m_p_t to the standard
  output, turns off echo (if possible) and reads an input string from stan-
  dard input until terminated with a newline.  If _v_e_r_i_f_y is non-zero, it
  prompts and reads input again, for use in applications such as changing a
  password; both versions are compared, and the input is requested repeatedly
  until they match.  Then _d_e_s___r_e_a_d___p_a_s_s_w_o_r_d converts the input string into a
  valid DES key, internally using the _d_e_s___s_t_r_i_n_g___t_o___k_e_y routine.  The newly
  created key is copied to the area pointed to by the _k_e_y argument.
  _d_e_s___r_e_a_d___p_a_s_s_w_o_r_d returns a zero if no errors occurred, or a -1 indicating
  that an error occurred trying to manipulate the terminal echo.

  _d_e_s___s_t_r_i_n_g___t_o___k_e_y converts an arbitrary length null-terminated string to an
  8 byte DES key, with odd byte parity, per FIPS specification.  A one-way
  function is used to convert the string to a key, making it very difficult
  to reconstruct the string from the key.  The _s_t_r argument is a pointer to
  the string, and _k_e_y should point to a _d_e_s___c_b_l_o_c_k supplied by the caller to
  receive the generated key.  No meaningful value is returned. Void is not
  used for compatibility with other compilers.

  _d_e_s___r_a_n_d_o_m___k_e_y generates a random DES encryption key (eight bytes), set to
  odd parity per FIPS specifications.  This routine uses the current time,
  process id, and a counter as a seed for the random number generator.  The
  caller must  supply space for the output key, pointed to by argument _k_e_y_,
  then after calling _d_e_s___r_a_n_d_o_m___k_e_y should call the _d_e_s___s_e_t___k_e_y routine when
  needed.  No meaningful value is returned.  Void is not used for compatibil-
  ity with other compilers.

  _d_e_s___s_e_t___k_e_y calculates a key schedule from all eight bytes of the input
  key, pointed to by the _k_e_y argument, and outputs the schedule into the
  _d_e_s___k_e_y___s_c_h_e_d_u_l_e indicated by the _s_c_h_e_d_u_l_e argument. Make sure to pass a
  valid eight byte key; no padding is done.  The key schedule may then be
  used in subsequent encryption/decryption/checksum operations.  Many key
  schedules may be cached for later use.  The user is responsible to clear
  keys and schedules as soon as no longer needed, to prevent their disclo-
  sure.  The routine also checks the key parity, and returns a zero if the
  key parity is correct (odd), a -1 indicating a key parity error, or a -2
  indicating use of an illegal weak key. If an error is returned, the key
  schedule was not created.

  _d_e_s___e_c_b___e_n_c_r_y_p_t is the basic DES encryption routine that encrypts or
  decrypts a single 8-byte block in eelleeccttrroonniicc ccooddee bbooookk mode.  It always
  transforms the input data, pointed to by _i_n_p_u_t_, into the output data,
  pointed to by the _o_u_t_p_u_t argument.

  If the _e_n_c_r_y_p_t argument is non-zero, the _i_n_p_u_t (cleartext) is encrypted
  into the _o_u_t_p_u_t (ciphertext) using the key_schedule specified by the _s_c_h_e_d_-
  _u_l_e argument, previously set via _d_e_s___s_e_t___k_e_y

  If encrypt is zero, the _i_n_p_u_t (now ciphertext) is decrypted into the _o_u_t_p_u_t
  (now cleartext).

  Input and output may overlap.

  No meaningful value is returned.  Void is not used for compatibility with
  other compilers.

  _d_e_s___c_b_c___e_n_c_r_y_p_t encrypts/decrypts using the cciipphheerr--bblloocckk--cchhaaiinniinngg mmooddee ooff
  DDEESS..  If the _e_n_c_r_y_p_t argument is non-zero, the routine cipher-block-chain
  encrypts the cleartext data pointed to by the _i_n_p_u_t argument into the
  ciphertext pointed to by the _o_u_t_p_u_t argument, using the key schedule pro-
  vided by the _s_c_h_e_d_u_l_e argument, and initialization vector provided by the
  _i_v_e_c argument.  If the _l_e_n_g_t_h argument is not an integral multiple of eight
  bytes, the last block is copied to a temp and zero filled (highest
  addresses).  The output is ALWAYS an integral multiple of eight bytes.

  If _e_n_c_r_y_p_t is zero, the routine cipher-block chain decrypts the (now)
  ciphertext data pointed to by the _i_n_p_u_t argument into (now) cleartext
  pointed to by the _o_u_t_p_u_t argument using the key schedule provided by the
  _s_c_h_e_d_u_l_e argument, and initialization vector provided by the _i_v_e_c argument.
  Decryption ALWAYS operates on integral multiples of 8 bytes, so it will
  round the _l_e_n_g_t_h provided up to the appropriate multiple. Consequently, it
  will always produce the rounded-up number of bytes of output cleartext. The
  application must determine if the output cleartext was zero-padded due to
  original cleartext lengths that were not integral multiples of 8.

  No errors or meaningful values are returned.  Void is not used for compati-
  bility with other compilers.

  A characteristic of cbc mode is that changing a single bit of the cleart-
  ext, then encrypting using cbc mode, affects ALL the subsequent ciphertext.
  This makes cryptanalysis much more difficult. However, modifying a single
  bit of the ciphertext, then decrypting, only affects the resulting cleart-
  ext from the modified block and the succeeding block.  Therefore,
  _d_e_s___p_c_b_c___e_n_c_r_y_p_t is STRONGLY recommended for applications where indefinite
  propagation of errors is required in order to detect modifications.

  _d_e_s___p_c_b_c___e_n_c_r_y_p_t encrypts/decrypts using a modified block chaining mode.
  Its calling sequence is identical to _d_e_s___c_b_c___e_n_c_r_y_p_t_.  It differs in its
  error propagation characteristics.

  _d_e_s___p_c_b_c___e_n_c_r_y_p_t is highly recommended for most encryption purposes, in
  that modification of a single bit of the ciphertext will affect ALL the
  subsequent (decrypted) cleartext. Similarly, modifying a single bit of the
  cleartext will affect ALL the subsequent (encrypted) ciphertext.  "PCBC"
  mode, on encryption, "xors" both the cleartext of block N and the cipher-
  text resulting from block N with the cleartext for block N+1 prior to
  encrypting block N+1.

  _d_e_s___c_b_c___c_k_s_u_m produces an 8 byte cryptographic checksum by cipher-block-
  chain encrypting the cleartext data pointed to by the _i_n_p_u_t argument. All
  of the ciphertext output is discarded, except the last 8-byte ciphertext
  block, which is written into the area pointed to by the _o_u_t_p_u_t argument.
  It uses the key schedule, provided by the _s_c_h_e_d_u_l_e argument and initializa-
  tion vector provided by the _i_v_e_c argument.  If the _l_e_n_g_t_h argument is not
  an integral multiple of eight bytes, the last cleartext block is copied to
  a temp and zero filled (highest addresses).  The output is ALWAYS eight
  bytes.

  The routine also returns an unsigned long, which is the last (highest
  address) half of the 8 byte checksum computed.

  _q_u_a_d___c_k_s_u_m produces a checksum by chaining quadratic operations on the
  cleartext data pointed to by the _i_n_p_u_t argument. The _l_e_n_g_t_h argument speci-
  fies the length of the input -- only exactly that many bytes are included
  for the checksum, without any padding.

  The algorithm may be iterated over the same input data, if the _o_u_t___c_o_u_n_t
  argument is 2, 3 or 4, and the optional _o_u_t_p_u_t argument is a non-null
  pointer .  The default is one iteration, and it will not run more than 4
  times. Multiple iterations run slower, but provide a longer checksum if
  desired. The _s_e_e_d argument provides an 8-byte seed for the first iteration.
  If multiple iterations are requested, the results of one iteration are
  automatically used as the seed for the next iteration.

  It returns both an unsigned long checksum value, and if the _o_u_t_p_u_t argument
  is not a null pointer, up to 16 bytes of the computed checksum are written
  into the output.

FILES
  /usr/include/des.h
  /usr/lib/libdes.a

SEE ALSO

DIAGNOSTICS

BUGS
  This software has not yet been compiled or tested on machines other than
  the VAX and the IBM PC.

AUTHORS
  Steve Miller, MIT Project Athena/Digital Equipment Corporation

RESTRICTIONS
  COPYRIGHT 1985,1986 Massachusetts Institute of Technology

  This software may not be exported outside of the US without a special
  license from the US Dept of Commerce. It may be replaced by any secret key
  block cipher with block length and key length of 8 bytes, as long as the
  interface is the same as described here.