|  | .TH ENCRYPT 3 | 
|  | .SH NAME | 
|  | encrypt, decrypt, netcrypt \- DES encryption | 
|  | .SH SYNOPSIS | 
|  | .B #include <u.h> | 
|  | .br | 
|  | .B #include <libc.h> | 
|  | .PP | 
|  | .B | 
|  | int	encrypt(void *key, void *data, int len) | 
|  | .PP | 
|  | .B | 
|  | int	decrypt(void *key, void *data, int len) | 
|  | .PP | 
|  | .B | 
|  | int	netcrypt(void *key, void *data) | 
|  | .SH DESCRIPTION | 
|  | .I Encrypt | 
|  | and | 
|  | .I decrypt | 
|  | perform DES encryption and decryption. | 
|  | .I Key | 
|  | is an array of | 
|  | .B DESKEYLEN | 
|  | (defined as 7 in | 
|  | .BR <auth.h> ) | 
|  | bytes containing the encryption key. | 
|  | .I Data | 
|  | is an array of | 
|  | .I len | 
|  | bytes; | 
|  | it must be at least 8 bytes long. | 
|  | The bytes are encrypted or decrypted in place. | 
|  | .PP | 
|  | The DES algorithm encrypts an individual 8-byte block of data. | 
|  | .I Encrypt | 
|  | uses the following method to encrypt data longer than 8 bytes. | 
|  | The first 8 bytes are encrypted as usual. | 
|  | The last byte of the encrypted result | 
|  | is prefixed to the next 7 unencrypted bytes to make the next 8 | 
|  | bytes to encrypt. | 
|  | This is repeated until fewer than 7 bytes remain unencrypted. | 
|  | Any remaining unencrypted bytes are encrypted with enough of the preceding | 
|  | encrypted bytes to make a full 8-byte block. | 
|  | .I Decrypt | 
|  | uses the inverse algorithm. | 
|  | .PP | 
|  | .I Netcrypt | 
|  | performs the same encryption as a SecureNet Key. | 
|  | .I Data | 
|  | points to an | 
|  | .SM ASCII | 
|  | string of decimal digits with numeric value between 0 and 10000. | 
|  | These digits are copied into an 8-byte buffer with trailing binary zero fill | 
|  | and encrypted as one DES block. | 
|  | The first four bytes are each formatted as two digit | 
|  | .SM ASCII | 
|  | hexadecimal numbers, | 
|  | and the string is copied into | 
|  | .IR data . | 
|  | .SH SOURCE | 
|  | .B \*9/src/lib9 | 
|  | .SH DIAGNOSTICS | 
|  | These routines return 1 if the data was encrypted, | 
|  | and 0 if the encryption fails. | 
|  | .I Encrypt | 
|  | and | 
|  | .I decrypt | 
|  | fail if the data passed is less than 8 bytes long. | 
|  | .I Netcrypt | 
|  | can fail if it is passed invalid data. | 
|  | .\" .SH SEE ALSO | 
|  | .\" .IR securenet (8) | 
|  | .SH BUGS | 
|  | The implementation is broken in a way that makes | 
|  | it unsuitable for anything but authentication. | 
|  | .PP | 
|  | To avoid name conflicts with the underlying system, | 
|  | .IR encrypt | 
|  | and | 
|  | .IR decrypt | 
|  | are preprocessor macros defined as | 
|  | .IR p9encrypt | 
|  | and | 
|  | .IR p9decrypt ; | 
|  | see | 
|  | .IR intro (3). |