crypt(3X) crypt(3X)
NAME
crypt - password and file encryption functions
SYNOPSIS
cc [flag . . . ] file . . . -lcrypt [library] . . .
#include <crypt.h>
char *crypt(const char *key, const char *salt);
void setkey(const char *key);
void encrypt(char *block, int flag);
char *des_crypt(const char *key, const char *salt);
void des_setkey(const char *key);
void des_encrypt(char *block, int flag);
int run_setkey(int *connection, const char *key);
int run_crypt(long offset, char *buffer, unsigned int count,
int *connection);
int crypt_close(int *connection);
DESCRIPTION
des_crypt is the password encryption function. It is based on
a one-way hashing encryption algorithm with variations
intended to frustrate use of hardware implementations of a key
search.
key is a user's typed password. salt is a two-character
string chosen from the set [a-zA-Z0-9./]; this string is used
to perturb the hashing algorithm in one of 4096 different
ways, after which the password is used as the key to encrypt
repeatedly a constant string. The returned value points to
the encrypted password. The first two characters are the salt
itself.
The des_setkey and des_encrypt entries provide access to the
hashing algorithm. The argument of des_setkey is a character
array of length 64 containing only the characters with
numerical value 0 and 1. If this string is divided into
groups of 8, the low-order bit in each group is ignored,
thereby creating a 56-bit key that is set into the machine.
This key is the key that will be used with the hashing
algorithm to encrypt the string block with the function
des_encrypt.
The argument to the des_encrypt entry is a character array of
length 64 containing only the characters with numerical value
0 and 1. The argument array is modified in place to a similar
array representing the bits of the argument after having been
subjected to the hashing algorithm using the key set by
Copyright 1994 Novell, Inc. Page 1
crypt(3X) crypt(3X)
des_setkey. If flag is zero, the argument is encrypted; if
non-zero, it is decrypted.
Note that decryption is not provided in the international
version of crypt. The international version is part of the C
Development Set, and the domestic version is part of the
Encryption Utilities. If decryption is attempted with the
international version of des_encrypt, an error message is
printed.
crypt, setkey, and encrypt are front-end routines that invoke
des_crypt, des_setkey, and des_encrypt respectively.
The routines run_setkey and run_crypt are designed for use by
applications that need cryptographic capabilities [such as
ed(1) and vi(1)] that must be compatible with the crypt(1)
user-level utility. run_setkey establishes a two-way pipe
connection with the crypt utility, using key as the password
argument. run_crypt takes a block of characters and
transforms the cleartext or ciphertext into their ciphertext
or cleartext using the crypt utility. offset is the relative
byte position from the beginning of the file that the block of
text provided in buffer is coming from. count is the number
of characters in buffer, and connection is an array containing
indices to a table of input and output file streams. When
encryption is finished, crypt_close is used to terminate the
connection with the crypt utility. crypt_close returns -1 if
it fails to terminate the connection with the crypt utility,
or a 0 if termination is successful.
run_setkey returns -1 if a connection with the crypt utility
cannot be established. This result will occur in
international versions of the UNIX system in which the crypt
utility is not available. If a null key is passed to
run_setkey, 0 is returned. Otherwise, 1 is returned.
run_crypt returns -1 if it cannot write output or read input
from the pipe attached to crypt. Otherwise it returns 0.
The program must be linked with the object file access routine
library libcrypt.
Internationalization
In the international version of crypt(3X), a flag argument of
1 to encrypt or des_encrypt is not accepted, and errno is set
to ENOSYS to indicate that the functionality is not available.
Copyright 1994 Novell, Inc. Page 2
crypt(3X) crypt(3X)
REFERENCES
crypt(1), getpass(3C), login(1), passwd(1), passwd(4)
NOTICES
The return value in crypt points to static data that are
overwritten by each call.
Copyright 1994 Novell, Inc. Page 3