| .TH ENCRYPT 3 |
| .SH NAME |
| encrypt, decrypt, netcrypt \- DES encryption |
| .SH SYNOPSIS |
| .B #include <u.h> |
| .br |
| .B #include <libc.h> |
| .PP |
| .B |
| int encrypt(void *key, void *data, int len) |
| .PP |
| .B |
| int decrypt(void *key, void *data, int len) |
| .PP |
| .B |
| int netcrypt(void *key, void *data) |
| .SH DESCRIPTION |
| .I Encrypt |
| and |
| .I decrypt |
| perform DES encryption and decryption. |
| .I Key |
| is an array of |
| .B DESKEYLEN |
| (defined as 7 in |
| .BR <auth.h> ) |
| bytes containing the encryption key. |
| .I Data |
| is an array of |
| .I len |
| bytes; |
| it must be at least 8 bytes long. |
| The bytes are encrypted or decrypted in place. |
| .PP |
| The DES algorithm encrypts an individual 8-byte block of data. |
| .I Encrypt |
| uses the following method to encrypt data longer than 8 bytes. |
| The first 8 bytes are encrypted as usual. |
| The last byte of the encrypted result |
| is prefixed to the next 7 unencrypted bytes to make the next 8 |
| bytes to encrypt. |
| This is repeated until fewer than 7 bytes remain unencrypted. |
| Any remaining unencrypted bytes are encrypted with enough of the preceding |
| encrypted bytes to make a full 8-byte block. |
| .I Decrypt |
| uses the inverse algorithm. |
| .PP |
| .I Netcrypt |
| performs the same encryption as a SecureNet Key. |
| .I Data |
| points to an |
| .SM ASCII |
| string of decimal digits with numeric value between 0 and 10000. |
| These digits are copied into an 8-byte buffer with trailing binary zero fill |
| and encrypted as one DES block. |
| The first four bytes are each formatted as two digit |
| .SM ASCII |
| hexadecimal numbers, |
| and the string is copied into |
| .IR data . |
| .SH SOURCE |
| .B \*9/src/lib9 |
| .SH DIAGNOSTICS |
| These routines return 1 if the data was encrypted, |
| and 0 if the encryption fails. |
| .I Encrypt |
| and |
| .I decrypt |
| fail if the data passed is less than 8 bytes long. |
| .I Netcrypt |
| can fail if it is passed invalid data. |
| .\" .SH SEE ALSO |
| .\" .IR securenet (8) |
| .SH BUGS |
| The implementation is broken in a way that makes |
| it unsuitable for anything but authentication. |
| .PP |
| To avoid name conflicts with the underlying system, |
| .IR encrypt |
| and |
| .IR decrypt |
| are preprocessor macros defined as |
| .IR p9encrypt |
| and |
| .IR p9decrypt ; |
| see |
| .IR intro (3). |