crypt(3C) crypt(3C)
NAME
crypt, setkey, encrypt - generate encryption of strings
SYNOPSIS
#include <unistd.h>
char *crypt(const char *key, const char *salt);
void encrypt(char block[64], int edflag);
#include <stdlib.h>
void setkey(const char *key);
DESCRIPTION
crypt() is the password encryption function. It is based on a one-way
encryption algorithm with variations intended (among other things) to
frustrate use of hardware implementations of a key search.
key is the input string to encrypt, for instance, a user's typed pass-
word. Only the first eight characters are used; the rest are ignored.
salt is a two-character string chosen from the set a-zA-Z0-9./; this
string is used to perturb the hashing algorithm in one of 4096 dif-
ferent ways, after which the input string is used as the key to
encrypt repeatedly a constant string. The returned value points to the
encrypted input string. The first two characters of the return value
are the salt itself.
The setkey() and encrypt() functions provide (rather simple) access to
the implementation-dependent hashing algorithm. The argument of set-
key() is a character array of length 64 containing only the characters
with numerical value 0 and 1. This string is divided into groups of 8,
the low-order bit in each group is ignored; this gives a 56-bit key
that is set into the machine. This is the key that will be used with
the hashing algorithm to encrypt the string block with the encrypt()
function.
The block argument of encrypt() is a character array of length 64 con-
taining only the characters with numerical value 0 and 1. The argument
array is modified in place to a similar array representing the bits of
the argument after having been subjected to the hashing algorithm
using the key set by setkey(). If edflag is 0, the argument is
encoded. If edflag is 1, the argument may be decoded; if it is not,
errno will be set to ENOSYS.
Page 1 Reliant UNIX 5.44 Printed 11/98
crypt(3C) crypt(3C)
The functions will fail if
ENOSYS The functionality is not supported by the system.
RESULT
The return value for crypt() points to static data that is overwritten
by each call.
NOTES
As setkey() and encrypt() do not return a value, applications wishing
to check for errors should set errno to 0 and test errno. If it is
non-zero, an error must have occurred.
SEE ALSO
login(1), passwd(1), getpass(3C), crypt(3X), passwd(4).
Page 2 Reliant UNIX 5.44 Printed 11/98