diff --git a/secure/lib/libcrypt/Makefile b/secure/lib/libcrypt/Makefile index e6a2a1e8d356..7963770ad376 100644 --- a/secure/lib/libcrypt/Makefile +++ b/secure/lib/libcrypt/Makefile @@ -1,5 +1,5 @@ # -# $Id: Makefile,v 1.8 1995/12/16 09:14:07 markm Exp $ +# $Id: Makefile,v 1.10 1996/03/24 07:30:27 markm Exp $ # LCRYPTBASE= libcrypt diff --git a/secure/lib/libcrypt/crypt.3 b/secure/lib/libcrypt/crypt.3 index 82ae9233846c..9eefd25bec4d 100644 --- a/secure/lib/libcrypt/crypt.3 +++ b/secure/lib/libcrypt/crypt.3 @@ -27,7 +27,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id$ +.\" $Id: crypt.3,v 1.5 1995/12/16 09:01:49 markm Exp $ .\" .\" Manual page, using -mandoc macros .\" @@ -35,23 +35,11 @@ .Dt CRYPT 3 .Os "FreeSec 1.0" .Sh NAME -.Nm crypt , -.Nm setkey , -.Nm encrypt , -.Nm des_setkey , -.Nm des_cipher , -.Nd DES encryption +.Nm crypt +.Nd DES trapdoor encryption .Sh SYNOPSIS .Ft char .Fn *crypt "const char *key" "const char *setting" -.Ft int -.Fn setkey "char *key" -.Ft int -.Fn encrypt "char *block" "int flag" -.Ft int -.Fn des_setkey "const char *key" -.Ft int -.Fn des_cipher "const char *in" "char *out" "long salt" "int count" .Sh DESCRIPTION The .Fn crypt @@ -64,9 +52,10 @@ The first argument to is a .Dv null Ns -terminated string, typically a user's typed password. -The second is in one of two forms: +The second is in one of three forms: if it begins with an underscore (``_'') then an extended format is used in interpreting both the the key and the setting, as outlined below. +if it begins with the string ``$1$'' then an exportable format is used. .Ss Extended crypt: .Pp The @@ -137,83 +126,9 @@ string, 20 or 13 bytes (plus null) in length, consisting of the .Ar setting followed by the encoded 64-bit encryption. .Pp -The functions, -.Fn encrypt , -.Fn setkey , -.Fn des_setkey -and -.Fn des_cipher -provide access to the -.Tn DES -algorithm itself. -.Fn setkey -is passed a 64-byte array of binary values (numeric 0 or 1). -A 56-bit key is extracted from this array by dividing the -array into groups of 8, and ignoring the last bit in each group. -That bit is reserved for a byte parity check by DES, but is ignored -by these functions. -.Pp -The -.Fa block -argument to -.Fn encrypt -is also a 64-byte array of binary values. -If the value of -.Fa flag -is 0, -.Fa block -is encrypted otherwise it is decrypted. -The result is returned in the original array -.Fa block -after using the key specified by -.Fn setkey -to process it. -.Pp -The argument to -.Fn des_setkey -is a character array of length 8. -The least significant bit (the parity bit) in each character is ignored, -and the remaining bits are concatenated to form a 56-bit key. -The function -.Fn des_cipher -encrypts (or decrypts if -.Fa count -is negative) the 64-bits stored in the 8 characters at -.Fa in -using -.Xr abs 3 -of -.Fa count -iterations of -.Tn DES -and stores the 64-bit result in the 8 characters at -.Fa out -(which may be the same as -.Fa in -). -The -.Fa salt -specifies perturbations to the -.Tn DES -E-box output as described above. -.Pp The function .Fn crypt returns a pointer to the encrypted value on success, and NULL on failure. -The functions -.Fn setkey , -.Fn encrypt , -.Fn des_setkey , -and -.Fn des_cipher -return 0 on success and 1 on failure. -.Pp -The -.Fn crypt , -.Fn setkey -and -.Fn des_setkey -functions all manipulate the same key space. .Sh SEE ALSO .Xr login 1 , .Xr passwd 1 ,