1DES_CRYPT(3)               Linux Programmer's Manual              DES_CRYPT(3)
2
3
4

NAME

6       des_crypt,  ecb_crypt,  cbc_crypt, des_setparity, DES_FAILED - fast DES
7       encryption
8

SYNOPSIS

10       #include <rpc/des_crypt.h>
11
12       int ecb_crypt(char *key, char *data, unsigned datalen,
13                     unsigned mode);
14
15       int cbc_crypt(char *key, char *data, unsigned datalen,
16                     unsigned mode, char *ivec);
17
18       void des_setparity(char *key);
19
20       int DES_FAILED(int status);
21

DESCRIPTION

23       ecb_crypt() and cbc_crypt() implement  the  NBS  DES  (Data  Encryption
24       Standard).   These  routines  are  faster and more general purpose than
25       crypt(3).  They also are able to utilize DES hardware if it  is  avail‐
26       able.   ecb_crypt()  encrypts in ECB (Electronic Code Book) mode, which
27       encrypts blocks of data independently.   cbc_crypt()  encrypts  in  CBC
28       (Cipher  Block Chaining) mode, which chains together successive blocks.
29       CBC mode protects against insertions, deletions  and  substitutions  of
30       blocks.   Also,  regularities  in the clear text will not appear in the
31       cipher text.
32
33       Here is how to use these routines.  The first  argument,  key,  is  the
34       8-byte  encryption key with parity.  To set the key's parity, which for
35       DES is in the low bit of each byte, use  des_setparity().   The  second
36       argument,  data,  contains  the data to be encrypted or decrypted.  The
37       third argument, datalen, is the length in bytes of data, which must  be
38       a  multiple  of  8.   The  fourth  argument,  mode,  is formed by ORing
39       together some things.   For  the  encryption  direction  OR  in  either
40       DES_ENCRYPT  or  DES_DECRYPT.  For software versus hardware encryption,
41       OR in either DES_HW or DES_SW.  If DES_HW is specified, and there is no
42       hardware,  then the encryption is performed in software and the routine
43       returns DESERR_NOHWDEVICE.  For cbc_crypt(), the argument ivec  is  the
44       8-byte  initialization  vector  for the chaining.  It is updated to the
45       next initialization vector upon return.
46

RETURN VALUE

48       DESERR_NONE         No error.
49       DESERR_NOHWDEVICE   Encryption succeeded, but done in software  instead
50                           of the requested hardware.
51       DESERR_HWERROR      An error occurred in the hardware or driver.
52       DESERR_BADPARAM     Bad argument to routine.
53
54       Given  a  result  status stat, the macro DES_FAILED(stat) is false only
55       for the first two statuses.
56

VERSIONS

58       These functions are present in glibc 2.1 and later.
59

VERSIONS

61       Because they employ the DES block cipher, which is no longer considered
62       secure,  ecb_crypt(),  ecb_crypt(), crypt_r(), and des_setparity() were
63       removed in glibc 2.28.  Applications should switch to a modern cryptog‐
64       raphy library, such as libgcrypt.
65

ATTRIBUTES

67       For   an   explanation   of   the  terms  used  in  this  section,  see
68       attributes(7).
69
70       ┌──────────────────────────┬───────────────┬─────────┐
71Interface                 Attribute     Value   
72       ├──────────────────────────┼───────────────┼─────────┤
73ecb_crypt(), cbc_crypt(), │ Thread safety │ MT-Safe │
74des_setparity()           │               │         │
75       └──────────────────────────┴───────────────┴─────────┘

CONFORMING TO

77       4.3BSD.  Not in POSIX.1.
78

SEE ALSO

80       des(1), crypt(3), xcrypt(3)
81

COLOPHON

83       This  page  is  part of release 5.02 of the Linux man-pages project.  A
84       description of the project, information about reporting bugs,  and  the
85       latest     version     of     this    page,    can    be    found    at
86       https://www.kernel.org/doc/man-pages/.
87
88
89
90                                  2019-03-06                      DES_CRYPT(3)
Impressum