| rsc | 83c4506 | 2005-02-11 19:43:43 +0000 | [diff] [blame] | 1 | .TH ENCRYPT 3 |
| rsc | d93fca6 | 2005-02-11 19:21:47 +0000 | [diff] [blame] | 2 | .SH NAME |
| 3 | encrypt, decrypt, netcrypt \- DES encryption |
| 4 | .SH SYNOPSIS |
| 5 | .B #include <u.h> |
| 6 | .br |
| 7 | .B #include <libc.h> |
| 8 | .PP |
| 9 | .B |
| 10 | int encrypt(void *key, void *data, int len) |
| 11 | .PP |
| 12 | .B |
| 13 | int decrypt(void *key, void *data, int len) |
| 14 | .PP |
| 15 | .B |
| 16 | int netcrypt(void *key, void *data) |
| 17 | .SH DESCRIPTION |
| 18 | .I Encrypt |
| 19 | and |
| 20 | .I decrypt |
| 21 | perform DES encryption and decryption. |
| 22 | .I Key |
| 23 | is an array of |
| 24 | .B DESKEYLEN |
| 25 | (defined as 7 in |
| 26 | .BR <auth.h> ) |
| 27 | bytes containing the encryption key. |
| 28 | .I Data |
| 29 | is an array of |
| 30 | .I len |
| 31 | bytes; |
| 32 | it must be at least 8 bytes long. |
| 33 | The bytes are encrypted or decrypted in place. |
| 34 | .PP |
| 35 | The DES algorithm encrypts an individual 8-byte block of data. |
| 36 | .I Encrypt |
| 37 | uses the following method to encrypt data longer than 8 bytes. |
| 38 | The first 8 bytes are encrypted as usual. |
| 39 | The last byte of the encrypted result |
| 40 | is prefixed to the next 7 unencrypted bytes to make the next 8 |
| 41 | bytes to encrypt. |
| 42 | This is repeated until fewer than 7 bytes remain unencrypted. |
| 43 | Any remaining unencrypted bytes are encrypted with enough of the preceding |
| 44 | encrypted bytes to make a full 8-byte block. |
| 45 | .I Decrypt |
| 46 | uses the inverse algorithm. |
| 47 | .PP |
| 48 | .I Netcrypt |
| 49 | performs the same encryption as a SecureNet Key. |
| 50 | .I Data |
| 51 | points to an |
| 52 | .SM ASCII |
| 53 | string of decimal digits with numeric value between 0 and 10000. |
| 54 | These digits are copied into an 8-byte buffer with trailing binary zero fill |
| 55 | and encrypted as one DES block. |
| 56 | The first four bytes are each formatted as two digit |
| 57 | .SM ASCII |
| 58 | hexadecimal numbers, |
| 59 | and the string is copied into |
| 60 | .IR data . |
| 61 | .SH SOURCE |
| rsc | 83c4506 | 2005-02-11 19:43:43 +0000 | [diff] [blame] | 62 | .B \*9/src/lib9 |
| rsc | d93fca6 | 2005-02-11 19:21:47 +0000 | [diff] [blame] | 63 | .SH DIAGNOSTICS |
| 64 | These routines return 1 if the data was encrypted, |
| 65 | and 0 if the encryption fails. |
| 66 | .I Encrypt |
| 67 | and |
| 68 | .I decrypt |
| 69 | fail if the data passed is less than 8 bytes long. |
| 70 | .I Netcrypt |
| 71 | can fail if it is passed invalid data. |
| 72 | .\" .SH SEE ALSO |
| 73 | .\" .IR securenet (8) |
| 74 | .SH BUGS |
| 75 | The implementation is broken in a way that makes |
| 76 | it unsuitable for anything but authentication. |
| 77 | .PP |
| 78 | To avoid name conflicts with the underlying system, |
| 79 | .IR encrypt |
| 80 | and |
| 81 | .IR decrypt |
| 82 | are preprocessor macros defined as |
| 83 | .IR p9encrypt |
| 84 | and |
| 85 | .IR p9decrypt ; |
| 86 | see |
| 87 | .IR intro (3). |
