xref: /freebsd/crypto/heimdal/doc/doxyout/hcrypto/html/page_des.html (revision 6a068746777241722b2b32c5d0bc443a2a64d80b)

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
<title>Heimdal crypto library: DES - Data Encryption Standard crypto interface</title>
<link href="doxygen.css" rel="stylesheet" type="text/css">
<link href="tabs.css" rel="stylesheet" type="text/css">
</head><body>
<p>
<a href="http://www.h5l.org/"><img src="http://www.h5l.org/keyhole-heimdal.png" alt="keyhole logo"/></a>
</p>
<!-- end of header marker -->
<!-- Generated by Doxygen 1.5.6 -->
<div class="navigation" id="top">
  <div class="tabs">
    <ul>
      <li><a href="index.html"><span>Main&nbsp;Page</span></a></li>
      <li><a href="modules.html"><span>Modules</span></a></li>
      <li><a href="examples.html"><span>Examples</span></a></li>
    </ul>
  </div>
  <div class="navpath"><a class="el" href="index.html">Heimdal crypto library</a>
  </div>
</div>
<div class="contents">
<h1><a class="anchor" name="page_des">DES - Data Encryption Standard crypto interface </a></h1>See the library functions here: <a class="el" href="group__hcrypto__des.html">DES crypto functions</a><p>
DES was created by IBM, modififed by NSA and then adopted by NBS (now NIST) and published ad FIPS PUB 46 (updated by FIPS 46-1).<p>
Since the 19th May 2005 DES was withdrawn by NIST and should no longer be used. See <a class="el" href="page_evp.html">EVP - generic crypto interface</a> for replacement encryption algorithms and interfaces.<p>
Read more the iteresting history of DES on Wikipedia <a href="http://www.wikipedia.org/wiki/Data_Encryption_Standard">http://www.wikipedia.org/wiki/Data_Encryption_Standard</a> .<h2><a class="anchor" name="des_keygen">
DES key generation</a></h2>
To generate a DES key safely you have to use the code-snippet below. This is because the <a class="el" href="group__hcrypto__des.html#gd70d485549f7444589f3283e938c0258">DES_random_key()</a> can fail with an abort() in case of and failure to start the random generator.<p>
There is a replacement function <a class="el" href="group__hcrypto__des.html#gcd3642bcd8a7e93ea977786e5b540d5f">DES_new_random_key()</a>, however that function does not exists in OpenSSL.<p>
<div class="fragment"><pre class="fragment"> DES_cblock key;
 <span class="keywordflow">do</span> {
     <span class="keywordflow">if</span> (RAND_rand(&amp;key, <span class="keyword">sizeof</span>(key)) != 1)
          <span class="keywordflow">goto</span> failure;
     <a class="code" href="group__hcrypto__des.html#g4179bef43ceb72cc2034f39e7d2d5ae4">DES_set_odd_parity</a>(key);
 } <span class="keywordflow">while</span> (<a class="code" href="group__hcrypto__des.html#g0d8a49cafee4be6cd3922bfb6323fd2d">DES_is_weak_key</a>(&amp;key));
</pre></div><h2><a class="anchor" name="des_impl">
DES implementation history</a></h2>
There was no complete BSD licensed, fast, GPL compatible implementation of DES, so Love wrote the part that was missing, fast key schedule setup and adapted the interface to the orignal libdes.<p>
The document that got me started for real was "Efficient Implementation of the Data Encryption Standard" by Dag Arne Osvik. I never got to the PC1 transformation was working, instead I used table-lookup was used for all key schedule setup. The document was very useful since it de-mystified other implementations for me.<p>
The core DES function (SBOX + P transformation) is from Richard Outerbridge public domain DES implementation. My sanity is saved thanks to his work. Thank you Richard. </div>
<hr size="1"><address style="text-align: right;"><small>
Generated on Wed Jan 11 14:07:38 2012 for Heimdal crypto library by&nbsp;<a href="http://www.doxygen.org/index.html"><img src="doxygen.png" alt="doxygen" align="middle" border="0"></a> 1.5.6</small></address>
</body>
</html>