CRYPT(3) UNIX Programmer's Manual CRYPT(3) NAME crypt, setkey, encrypt - DES encryption SYNOPSIS char *crypt(key, salt) char *key, *salt; setkey(key) char *key; encrypt(block, edflag) char *block; DESCRIPTION Crypt is the password encryption routine. It is based on the NBS Data Encryption Standard, with variations intended (among other things) to frustrate use of hardware implemen- tations of the DES for key search. The first argument to crypt is normally a user's typed pass- word. The second is a 2-character string chosen from the set [a-zA-Z0-9./]. The salt string is used to perturb the DES algorithm in one of 4096 different ways, after which the password is used as the key to encrypt repeatedly a constant string. The returned value points to the encrypted pass- word, in the same alphabet as the salt. The first two char- acters are the salt itself. The other entries provide (rather primitive) access to the actual DES algorithm. The argument of setkey is a character array of length 64 containing only the characters with numerical value 0 and 1. If this string is divided into groups of 8, the low-order bit in each group is ignored, leading to a 56-bit key which is set into the machine. The argument to the encrypt entry is likewise a character array of length 64 containing 0's and 1's. The argument array is modified in place to a similar array representing the bits of the argument after having been subjected to the DES algorithm using the key set by setkey. The edflag flag is ignored; the argument can only be encrypted. SEE ALSO passwd(1), passwd(5), login(1), getpass(3) BUGS The return value points to static data whose content is overwritten by each call. Printed 11/26/99 August 12, 1986 1