xref: /freebsd/lib/libc/rpc/des_crypt.3 (revision 5e3190f700637fcfc1a52daeaa4a031fdd2557c7)
1.\" @(#)des_crypt.3	2.1 88/08/11 4.0 RPCSRC; from 1.16 88/03/02 SMI;
2.\"
3.Dd October 6, 1987
4.Dt DES_CRYPT 3
5.Os
6.Sh NAME
7.Nm des_crypt , ecb_crypt , cbc_crypt , des_setparity
8.Nd "fast DES encryption"
9.Sh LIBRARY
10.Lb libc
11.Sh SYNOPSIS
12.In rpc/des_crypt.h
13.Ft int
14.Fn ecb_crypt "char *key" "char *data" "unsigned datalen" "unsigned mode"
15.Ft int
16.Fn cbc_crypt "char *key" "char *data" "unsigned datalen" "unsigned mode" "char *ivec"
17.Ft void
18.Fn des_setparity "char *key"
19.Sh DESCRIPTION
20The
21.Fn ecb_crypt
22and
23.Fn cbc_crypt
24functions
25implement the
26.Tn NBS
27.Tn DES
28(Data Encryption Standard).
29These routines are faster and more general purpose than
30.Xr crypt 3 .
31They also are able to utilize
32.Tn DES
33hardware if it is available.
34The
35.Fn ecb_crypt
36function
37encrypts in
38.Tn ECB
39(Electronic Code Book)
40mode, which encrypts blocks of data independently.
41The
42.Fn cbc_crypt
43function
44encrypts in
45.Tn CBC
46(Cipher Block Chaining)
47mode, which chains together
48successive blocks.
49.Tn CBC
50mode protects against insertions, deletions and
51substitutions of blocks.
52Also, regularities in the clear text will
53not appear in the cipher text.
54.Pp
55Here is how to use these routines.
56The first argument,
57.Fa key ,
58is the 8-byte encryption key with parity.
59To set the key's parity, which for
60.Tn DES
61is in the low bit of each byte, use
62.Fn des_setparity .
63The second argument,
64.Fa data ,
65contains the data to be encrypted or decrypted.
66The
67third argument,
68.Fa datalen ,
69is the length in bytes of
70.Fa data ,
71which must be a multiple of 8.
72The fourth argument,
73.Fa mode ,
74is formed by
75.Em OR Ns 'ing
76together some things.
77For the encryption direction
78.Em OR
79in either
80.Dv DES_ENCRYPT
81or
82.Dv DES_DECRYPT .
83For software versus hardware
84encryption,
85.Em OR
86in either
87.Dv DES_HW
88or
89.Dv DES_SW .
90If
91.Dv DES_HW
92is specified, and there is no hardware, then the encryption is performed
93in software and the routine returns
94.Er DESERR_NOHWDEVICE .
95For
96.Fn cbc_crypt ,
97the
98.Fa ivec
99argument
100is the 8-byte initialization
101vector for the chaining.
102It is updated to the next initialization
103vector upon return.
104.Sh ERRORS
105.Bl -tag -width [DESERR_NOHWDEVICE] -compact
106.It Bq Er DESERR_NONE
107No error.
108.It Bq Er DESERR_NOHWDEVICE
109Encryption succeeded, but done in software instead of the requested hardware.
110.It Bq Er DESERR_HWERROR
111An error occurred in the hardware or driver.
112.It Bq Er DESERR_BADPARAM
113Bad argument to routine.
114.El
115.Pp
116Given a result status
117.Va stat ,
118the macro
119.Fn DES_FAILED stat
120is false only for the first two statuses.
121.Sh SEE ALSO
122.\" .Xr des 1 ,
123.Xr crypt 3
124.Sh RESTRICTIONS
125These routines are not available in RPCSRC 4.0.
126This information is provided to describe the
127.Tn DES
128interface expected by
129Secure RPC.
130