crypt(3)crypt(3)Name
crypt, crypt16, setkey, encrypt - DES encryption
Syntax
char *crypt(key, salt)
char *key, *salt;
char *crypt16(key, salt)
char *key, *salt;
void setkey(key)
char *key;
Description
The subroutine is the password encryption routine. It is based on the
NBS Data Encryption Standard, with variations intended to frustrate use
of hardware implementations of the DES for key search.
The first argument to is normally a user's typed password. The second
is a 2-character string chosen from the set [a-zA-Z0-9./]. The salt
string is used to perturb the DES algorithm in one of 4096 different
ways, after which the password is used as the key to encrypt repeatedly
a constant string. The returned value points to the encrypted pass‐
word, in the same alphabet as the salt. The first two characters are
the salt itself.
The subroutine is identical to the function except that it will accept
a password up to sixteen characters in length. It generates a longer
encrypted password for use with enhanced security features.
The other entries provide primitive access to the actual DES algorithm.
The argument of is a character array of length 64 containing only the
characters with numerical value 0 and 1. If this string is divided
into groups of 8, the low-order bit in each group is ignored, leading
to a 56-bit key which is set into the machine.
The argument to the entry is likewise a character array of length 64
containing 0s and 1s. The argument array is modified in place to a
similar array representing the bits of the argument after having been
subjected to the DES algorithm using the key set by If edflag is 0, the
argument is encrypted; if non-zero, it is decrypted.
Restrictions
The return values from and point to static data areas whose content is
overwritten by each call.
Environment
Default Environment
In the default environment on systems that do not have the optional
encryption software installed the function expects exactly one argu‐
ment, the data to be encrypted. The edflag argument is not supplied and
there is no way to decrypt data. If the optional encryption software
is installed the function behaves as it does in the POSIX environment.
The syntax for the default environment follows:
void encrypt(block)
char *block;
POSIX Environment
In the POSIX environment the encrypt function always expects two argu‐
ments. The function will set errno to ENOSYS and return if edflag is
non-zero and the optional encryption software is not present. The syn‐
tax for the POSIX environment follows:
void encrypt(block, edflag)
char *block;
int edflag;
In all cases the function will set errno to ENOSYS and return if the
optional encryption software is not present.
See Alsologin(1), passwd(1), yppasswd(1yp), getpass(3), auth(5), passwd(5),
passwd(5yp)
ULTRIX Security Guide for Users and Programmers
crypt(3)