blob: 1f44689d3fdb7b818d5dd302e96eccfcc81346f4 [file] [log] [blame]
.TH ENCRYPT 3
.SH NAME
encrypt, decrypt, netcrypt \- DES encryption
.SH SYNOPSIS
.B #include <u.h>
.br
.B #include <libc.h>
.PP
.B
int encrypt(void *key, void *data, int len)
.PP
.B
int decrypt(void *key, void *data, int len)
.PP
.B
int netcrypt(void *key, void *data)
.SH DESCRIPTION
.I Encrypt
and
.I decrypt
perform DES encryption and decryption.
.I Key
is an array of
.B DESKEYLEN
(defined as 7 in
.BR <auth.h> )
bytes containing the encryption key.
.I Data
is an array of
.I len
bytes;
it must be at least 8 bytes long.
The bytes are encrypted or decrypted in place.
.PP
The DES algorithm encrypts an individual 8-byte block of data.
.I Encrypt
uses the following method to encrypt data longer than 8 bytes.
The first 8 bytes are encrypted as usual.
The last byte of the encrypted result
is prefixed to the next 7 unencrypted bytes to make the next 8
bytes to encrypt.
This is repeated until fewer than 7 bytes remain unencrypted.
Any remaining unencrypted bytes are encrypted with enough of the preceding
encrypted bytes to make a full 8-byte block.
.I Decrypt
uses the inverse algorithm.
.PP
.I Netcrypt
performs the same encryption as a SecureNet Key.
.I Data
points to an
.SM ASCII
string of decimal digits with numeric value between 0 and 10000.
These digits are copied into an 8-byte buffer with trailing binary zero fill
and encrypted as one DES block.
The first four bytes are each formatted as two digit
.SM ASCII
hexadecimal numbers,
and the string is copied into
.IR data .
.SH SOURCE
.B \*9/src/lib9
.SH DIAGNOSTICS
These routines return 1 if the data was encrypted,
and 0 if the encryption fails.
.I Encrypt
and
.I decrypt
fail if the data passed is less than 8 bytes long.
.I Netcrypt
can fail if it is passed invalid data.
.\" .SH SEE ALSO
.\" .IR securenet (8)
.SH BUGS
The implementation is broken in a way that makes
it unsuitable for anything but authentication.
.PP
To avoid name conflicts with the underlying system,
.IR encrypt
and
.IR decrypt
are preprocessor macros defined as
.IR p9encrypt
and
.IR p9decrypt ;
see
.IR intro (3).