1crypt(3EXT)               Extended Library Functions               crypt(3EXT)
2
3
4

NAME

6       crypt, setkey, encrypt, des_crypt, des_setkey, des_encrypt, run_setkey,
7       run_crypt, crypt_close - password and file encryption functions
8

SYNOPSIS

10       cc [ flag ... ] file ... -lcrypt [ library ... ]
11       #include <crypt.h>
12
13       char *crypt(const char *key, const char *salt);
14
15
16       void setkey(const char *key);
17
18
19       void encrypt(char *block, int flag);
20
21
22       char *des_crypt(const char *key, const char *salt);
23
24
25       void des_setkey(const char *key);
26
27
28       void des_encrypt(char *block, int flag);
29
30
31       int run_setkey(int *p, const char *key);
32
33
34       int run_crypt(long offset, char *buffer, unsigned int count,
35            int *p);
36
37
38       int crypt_close(int *p);
39
40

DESCRIPTION

42       des_crypt() is the password encryption function. It is based on a  one-
43       way  hashing encryption algorithm with variations intended (among other
44       things) to frustrate use of hardware implementations of a key search.
45
46
47       key is a user's typed password. salt is a two-character  string  chosen
48       from  the set [a-zA-Z0-9./]; this string is used to perturb the hashing
49       algorithm in one of 4096 different ways, after which  the  password  is
50       used  as  the key to encrypt repeatedly a constant string. The returned
51       value points to the encrypted password. The first  two  characters  are
52       the salt itself.
53
54
55       The  des_setkey()  and des_encrypt() entries provide (rather primitive)
56       access to the actual hashing algorithm. The argument of des_setkey() is
57       a  character  array  of  length  64 containing only the characters with
58       numerical value 0 and 1. If this string is divided into  groups  of  8,
59       the  low-order  bit in each group is ignored, thereby creating a 56-bit
60       key that is set into the machine. This key is the key that will be used
61       with  the  hashing algorithm to encrypt the string block with the func‐
62       tion des_encrypt().
63
64
65       The argument to the des_encrypt() entry is a character array of  length
66       64  containing  only  the  characters with numerical value 0 and 1. The
67       argument array is modified in place to a similar array representing the
68       bits  of  the argument after having been subjected to the hashing algo‐
69       rithm using the key set by des_setkey(). If  flag is zero, the argument
70       is encrypted; if non-zero, it is decrypted.
71
72
73       Note  that  decryption  is not provided in the international version of
74       crypt(). The international version is part of the  C  Development  Set,
75       and  the domestic version is part of the Security Administration Utili‐
76       ties.  If decryption is attempted with  the  international  version  of
77       des_encrypt(), an error message is printed.
78
79
80       crypt(),  setkey(),  and  encrypt()  are front-end routines that invoke
81       des_crypt(), des_setkey(), and des_encrypt() respectively.
82
83
84       The routines run_setkey() and  run_crypt()  are  designed  for  use  by
85       applications  that  need  cryptographic capabilities, such as ed(1) and
86       vi(1). run_setkey() establishes a  two-way  pipe  connection  with  the
87       crypt  utility, using key as the password argument. run_crypt() takes a
88       block of characters and transforms the  cleartext  or  ciphertext  into
89       their  ciphertext or cleartext using the crypt utility.   offset is the
90       relative byte position from the beginning of the file that the block of
91       text  provided  in block is coming from. count is the number of charac‐
92       ters in block, and connection  is an array containing indices to a  ta‐
93       ble  of  input  and output file streams.   When encryption is finished,
94       crypt_close() is used to terminate the connection with the crypt  util‐
95       ity.
96
97
98       run_setkey()  returns  −1 if a connection with the crypt utility cannot
99       be established. This result will occur in international versions of the
100       UNIX system in which the crypt utility is not available.  If a null key
101       is passed to run_setkey(), 0 is returned.  Otherwise,  1  is  returned.
102       run_crypt()  returns   −1  if it cannot write output or read input from
103       the pipe attached to crypt(). Otherwise it returns  0.
104
105
106       The program must be linked with the object file access routine  library
107       libcrypt.a.
108

RETURN VALUES

110       In  the  international  version  of  crypt(),  a flag argument of  1 to
111       encrypt() or des_encrypt() is not accepted, and errno is set to  ENOSYS
112       to indicate that the functionality is not available.
113

ATTRIBUTES

115       See attributes(5) for descriptions of the following attributes:
116
117
118
119
120       ┌─────────────────────────────┬─────────────────────────────┐
121       │      ATTRIBUTE TYPE         │      ATTRIBUTE VALUE        │
122       ├─────────────────────────────┼─────────────────────────────┤
123       │MT-Level                     │Unsafe                       │
124       └─────────────────────────────┴─────────────────────────────┘
125

SEE ALSO

127       ed(1),    login(1),    passwd(1),    vi(1),   getpass(3C),   passwd(4),
128       attributes(5)
129

NOTES

131       The return value in crypt() points to static data that are  overwritten
132       by each call.
133
134
135
136SunOS 5.11                        3 Mar 2008                       crypt(3EXT)
Impressum