506 lines
22 KiB
Groff
506 lines
22 KiB
Groff
.\" $NetBSD: openssl_des.3,v 1.15 2007/11/27 22:19:48 christos Exp $
|
|
.\"
|
|
.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.3
|
|
.\"
|
|
.\" Standard preamble:
|
|
.\" ========================================================================
|
|
.de Sh \" Subsection heading
|
|
.br
|
|
.if t .Sp
|
|
.ne 5
|
|
.PP
|
|
\fB\\$1\fR
|
|
.PP
|
|
..
|
|
.de Sp \" Vertical space (when we can't use .PP)
|
|
.if t .sp .5v
|
|
.if n .sp
|
|
..
|
|
.de Vb \" Begin verbatim text
|
|
.ft CW
|
|
.nf
|
|
.ne \\$1
|
|
..
|
|
.de Ve \" End verbatim text
|
|
.ft R
|
|
.fi
|
|
..
|
|
.\" Set up some character translations and predefined strings. \*(-- will
|
|
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
|
|
.\" double quote, and \*(R" will give a right double quote. | will give a
|
|
.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used to
|
|
.\" do unbreakable dashes and therefore won't be available. \*(C` and \*(C'
|
|
.\" expand to `' in nroff, nothing in troff, for use with C<>.
|
|
.tr \(*W-|\(bv\*(Tr
|
|
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
|
|
.ie n \{\
|
|
. ds -- \(*W-
|
|
. ds PI pi
|
|
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
|
|
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
|
|
. ds L" ""
|
|
. ds R" ""
|
|
. ds C` ""
|
|
. ds C' ""
|
|
'br\}
|
|
.el\{\
|
|
. ds -- \|\(em\|
|
|
. ds PI \(*p
|
|
. ds L" ``
|
|
. ds R" ''
|
|
'br\}
|
|
.\"
|
|
.\" If the F register is turned on, we'll generate index entries on stderr for
|
|
.\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index
|
|
.\" entries marked with X<> in POD. Of course, you'll have to process the
|
|
.\" output yourself in some meaningful fashion.
|
|
.if \nF \{\
|
|
. de IX
|
|
. tm Index:\\$1\t\\n%\t"\\$2"
|
|
..
|
|
. nr % 0
|
|
. rr F
|
|
.\}
|
|
.\"
|
|
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
|
|
.\" way too many mistakes in technical documents.
|
|
.hy 0
|
|
.if n .na
|
|
.\"
|
|
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
|
|
.\" Fear. Run. Save yourself. No user-serviceable parts.
|
|
. \" fudge factors for nroff and troff
|
|
.if n \{\
|
|
. ds #H 0
|
|
. ds #V .8m
|
|
. ds #F .3m
|
|
. ds #[ \f1
|
|
. ds #] \fP
|
|
.\}
|
|
.if t \{\
|
|
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
|
|
. ds #V .6m
|
|
. ds #F 0
|
|
. ds #[ \&
|
|
. ds #] \&
|
|
.\}
|
|
. \" simple accents for nroff and troff
|
|
.if n \{\
|
|
. ds ' \&
|
|
. ds ` \&
|
|
. ds ^ \&
|
|
. ds , \&
|
|
. ds ~ ~
|
|
. ds /
|
|
.\}
|
|
.if t \{\
|
|
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
|
|
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
|
|
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
|
|
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
|
|
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
|
|
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
|
|
.\}
|
|
. \" troff and (daisy-wheel) nroff accents
|
|
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
|
|
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
|
|
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
|
|
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
|
|
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
|
|
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
|
|
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
|
|
.ds ae a\h'-(\w'a'u*4/10)'e
|
|
.ds Ae A\h'-(\w'A'u*4/10)'E
|
|
. \" corrections for vroff
|
|
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
|
|
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
|
|
. \" for low resolution devices (crt and lpr)
|
|
.if \n(.H>23 .if \n(.V>19 \
|
|
\{\
|
|
. ds : e
|
|
. ds 8 ss
|
|
. ds o a
|
|
. ds d- d\h'-1'\(ga
|
|
. ds D- D\h'-1'\(hy
|
|
. ds th \o'bp'
|
|
. ds Th \o'LP'
|
|
. ds ae ae
|
|
. ds Ae AE
|
|
.\}
|
|
.rm #[ #] #H #V #F C
|
|
.\" ========================================================================
|
|
.\"
|
|
.IX Title "des 3"
|
|
.TH des 3 "2004-03-19" "0.9.8e" "OpenSSL"
|
|
.SH "NAME"
|
|
DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked,
|
|
DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key,
|
|
DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt,
|
|
DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt,
|
|
DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt,
|
|
DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt,
|
|
DES_ede3_cbcm_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt,
|
|
DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys,
|
|
DES_fcrypt, DES_crypt, DES_enc_read, DES_enc_write \- DES encryption
|
|
.SH "LIBRARY"
|
|
libcrypto, -lcrypto
|
|
.SH "SYNOPSIS"
|
|
.IX Header "SYNOPSIS"
|
|
.Vb 1
|
|
\& #include <openssl/des.h>
|
|
.Ve
|
|
.PP
|
|
.Vb 1
|
|
\& void DES_random_key(DES_cblock *ret);
|
|
.Ve
|
|
.PP
|
|
.Vb 6
|
|
\& int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
|
|
\& int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
|
|
\& int DES_set_key_checked(const_DES_cblock *key,
|
|
\& DES_key_schedule *schedule);
|
|
\& void DES_set_key_unchecked(const_DES_cblock *key,
|
|
\& DES_key_schedule *schedule);
|
|
.Ve
|
|
.PP
|
|
.Vb 2
|
|
\& void DES_set_odd_parity(DES_cblock *key);
|
|
\& int DES_is_weak_key(const_DES_cblock *key);
|
|
.Ve
|
|
.PP
|
|
.Vb 7
|
|
\& void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
|
|
\& DES_key_schedule *ks, int enc);
|
|
\& void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
|
|
\& DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
|
|
\& void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
|
|
\& DES_key_schedule *ks1, DES_key_schedule *ks2,
|
|
\& DES_key_schedule *ks3, int enc);
|
|
.Ve
|
|
.PP
|
|
.Vb 18
|
|
\& void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
|
|
\& long length, DES_key_schedule *schedule, DES_cblock *ivec,
|
|
\& int enc);
|
|
\& void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
|
|
\& int numbits, long length, DES_key_schedule *schedule,
|
|
\& DES_cblock *ivec, int enc);
|
|
\& void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
|
|
\& int numbits, long length, DES_key_schedule *schedule,
|
|
\& DES_cblock *ivec);
|
|
\& void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
|
|
\& long length, DES_key_schedule *schedule, DES_cblock *ivec,
|
|
\& int enc);
|
|
\& void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
|
|
\& long length, DES_key_schedule *schedule, DES_cblock *ivec,
|
|
\& int *num, int enc);
|
|
\& void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
|
|
\& long length, DES_key_schedule *schedule, DES_cblock *ivec,
|
|
\& int *num);
|
|
.Ve
|
|
.PP
|
|
.Vb 3
|
|
\& void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
|
|
\& long length, DES_key_schedule *schedule, DES_cblock *ivec,
|
|
\& const_DES_cblock *inw, const_DES_cblock *outw, int enc);
|
|
.Ve
|
|
.PP
|
|
.Vb 9
|
|
\& void DES_ede2_cbc_encrypt(const unsigned char *input,
|
|
\& unsigned char *output, long length, DES_key_schedule *ks1,
|
|
\& DES_key_schedule *ks2, DES_cblock *ivec, int enc);
|
|
\& void DES_ede2_cfb64_encrypt(const unsigned char *in,
|
|
\& unsigned char *out, long length, DES_key_schedule *ks1,
|
|
\& DES_key_schedule *ks2, DES_cblock *ivec, int *num, int enc);
|
|
\& void DES_ede2_ofb64_encrypt(const unsigned char *in,
|
|
\& unsigned char *out, long length, DES_key_schedule *ks1,
|
|
\& DES_key_schedule *ks2, DES_cblock *ivec, int *num);
|
|
.Ve
|
|
.PP
|
|
.Vb 15
|
|
\& void DES_ede3_cbc_encrypt(const unsigned char *input,
|
|
\& unsigned char *output, long length, DES_key_schedule *ks1,
|
|
\& DES_key_schedule *ks2, DES_key_schedule *ks3, DES_cblock *ivec,
|
|
\& int enc);
|
|
\& void DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
|
|
\& long length, DES_key_schedule *ks1, DES_key_schedule *ks2,
|
|
\& DES_key_schedule *ks3, DES_cblock *ivec1, DES_cblock *ivec2,
|
|
\& int enc);
|
|
\& void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
|
|
\& long length, DES_key_schedule *ks1, DES_key_schedule *ks2,
|
|
\& DES_key_schedule *ks3, DES_cblock *ivec, int *num, int enc);
|
|
\& void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
|
|
\& long length, DES_key_schedule *ks1,
|
|
\& DES_key_schedule *ks2, DES_key_schedule *ks3,
|
|
\& DES_cblock *ivec, int *num);
|
|
.Ve
|
|
.PP
|
|
.Vb 8
|
|
\& DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
|
|
\& long length, DES_key_schedule *schedule,
|
|
\& const_DES_cblock *ivec);
|
|
\& DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
|
|
\& long length, int out_count, DES_cblock *seed);
|
|
\& void DES_string_to_key(const char *str, DES_cblock *key);
|
|
\& void DES_string_to_2keys(const char *str, DES_cblock *key1,
|
|
\& DES_cblock *key2);
|
|
.Ve
|
|
.PP
|
|
.Vb 2
|
|
\& char *DES_fcrypt(const char *buf, const char *salt, char *ret);
|
|
\& char *DES_crypt(const char *buf, const char *salt);
|
|
.Ve
|
|
.PP
|
|
.Vb 4
|
|
\& int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
|
|
\& DES_cblock *iv);
|
|
\& int DES_enc_write(int fd, const void *buf, int len,
|
|
\& DES_key_schedule *sched, DES_cblock *iv);
|
|
.Ve
|
|
.SH "DESCRIPTION"
|
|
.IX Header "DESCRIPTION"
|
|
This library contains a fast implementation of the \s-1DES\s0 encryption
|
|
algorithm.
|
|
.PP
|
|
There are two phases to the use of \s-1DES\s0 encryption. The first is the
|
|
generation of a \fIDES_key_schedule\fR from a key, the second is the
|
|
actual encryption. A \s-1DES\s0 key is of type \fIDES_cblock\fR. This type is
|
|
consists of 8 bytes with odd parity. The least significant bit in
|
|
each byte is the parity bit. The key schedule is an expanded form of
|
|
the key; it is used to speed the encryption process.
|
|
.PP
|
|
\&\fIDES_random_key()\fR generates a random key. The \s-1PRNG\s0 must be seeded
|
|
prior to using this function (see \fIopenssl_rand\fR\|(3)). If the \s-1PRNG\s0
|
|
could not generate a secure key, 0 is returned.
|
|
.PP
|
|
Before a \s-1DES\s0 key can be used, it must be converted into the
|
|
architecture dependent \fIDES_key_schedule\fR via the
|
|
\&\fIDES_set_key_checked()\fR or \fIDES_set_key_unchecked()\fR function.
|
|
.PP
|
|
\&\fIDES_set_key_checked()\fR will check that the key passed is of odd parity
|
|
and is not a week or semi-weak key. If the parity is wrong, then \-1
|
|
is returned. If the key is a weak key, then \-2 is returned. If an
|
|
error is returned, the key schedule is not generated.
|
|
.PP
|
|
\&\fIDES_set_key()\fR works like
|
|
\&\fIDES_set_key_checked()\fR if the \fIDES_check_key\fR flag is non\-zero,
|
|
otherwise like \fIDES_set_key_unchecked()\fR. These functions are available
|
|
for compatibility; it is recommended to use a function that does not
|
|
depend on a global variable.
|
|
.PP
|
|
\&\fIDES_set_odd_parity()\fR sets the parity of the passed \fIkey\fR to odd.
|
|
.PP
|
|
\&\fIDES_is_weak_key()\fR returns 1 is the passed key is a weak key, 0 if it
|
|
is ok. The probability that a randomly generated key is weak is
|
|
1/2^52, so it is not really worth checking for them.
|
|
.PP
|
|
The following routines mostly operate on an input and output stream of
|
|
\&\fIDES_cblock\fRs.
|
|
.PP
|
|
\&\fIDES_ecb_encrypt()\fR is the basic \s-1DES\s0 encryption routine that encrypts or
|
|
decrypts a single 8\-byte \fIDES_cblock\fR in \fIelectronic code book\fR
|
|
(\s-1ECB\s0) mode. It always transforms the input data, pointed to by
|
|
\&\fIinput\fR, into the output data, pointed to by the \fIoutput\fR argument.
|
|
If the \fIencrypt\fR argument is non-zero (\s-1DES_ENCRYPT\s0), the \fIinput\fR
|
|
(cleartext) is encrypted in to the \fIoutput\fR (ciphertext) using the
|
|
key_schedule specified by the \fIschedule\fR argument, previously set via
|
|
\&\fIDES_set_key\fR. If \fIencrypt\fR is zero (\s-1DES_DECRYPT\s0), the \fIinput\fR (now
|
|
ciphertext) is decrypted into the \fIoutput\fR (now cleartext). Input
|
|
and output may overlap. \fIDES_ecb_encrypt()\fR does not return a value.
|
|
.PP
|
|
\&\fIDES_ecb3_encrypt()\fR encrypts/decrypts the \fIinput\fR block by using
|
|
three-key Triple-DES encryption in \s-1ECB\s0 mode. This involves encrypting
|
|
the input with \fIks1\fR, decrypting with the key schedule \fIks2\fR, and
|
|
then encrypting with \fIks3\fR. This routine greatly reduces the chances
|
|
of brute force breaking of \s-1DES\s0 and has the advantage of if \fIks1\fR,
|
|
\&\fIks2\fR and \fIks3\fR are the same, it is equivalent to just encryption
|
|
using \s-1ECB\s0 mode and \fIks1\fR as the key.
|
|
.PP
|
|
The macro \fIDES_ecb2_encrypt()\fR is provided to perform two-key Triple-DES
|
|
encryption by using \fIks1\fR for the final encryption.
|
|
.PP
|
|
\&\fIDES_ncbc_encrypt()\fR encrypts/decrypts using the \fIcipher-block-chaining\fR
|
|
(\s-1CBC\s0) mode of \s-1DES\s0. If the \fIencrypt\fR argument is non\-zero, the
|
|
routine cipher-block-chain encrypts the cleartext data pointed to by
|
|
the \fIinput\fR argument into the ciphertext pointed to by the \fIoutput\fR
|
|
argument, using the key schedule provided by the \fIschedule\fR argument,
|
|
and initialization vector provided by the \fIivec\fR argument. If the
|
|
\&\fIlength\fR argument is not an integral multiple of eight bytes, the
|
|
last block is copied to a temporary area and zero filled. The output
|
|
is always an integral multiple of eight bytes.
|
|
.PP
|
|
\&\fIDES_xcbc_encrypt()\fR is \s-1RSA\s0's \s-1DESX\s0 mode of \s-1DES\s0. It uses \fIinw\fR and
|
|
\&\fIoutw\fR to 'whiten' the encryption. \fIinw\fR and \fIoutw\fR are secret
|
|
(unlike the iv) and are as such, part of the key. So the key is sort
|
|
of 24 bytes. This is much better than \s-1CBC\s0 \s-1DES\s0.
|
|
.PP
|
|
\&\fIDES_ede3_cbc_encrypt()\fR implements outer triple \s-1CBC\s0 \s-1DES\s0 encryption with
|
|
three keys. This means that each \s-1DES\s0 operation inside the \s-1CBC\s0 mode is
|
|
really an \f(CW\*(C`C=E(ks3,D(ks2,E(ks1,M)))\*(C'\fR. This mode is used by \s-1SSL\s0.
|
|
.PP
|
|
The \fIDES_ede2_cbc_encrypt()\fR macro implements two-key Triple-DES by
|
|
reusing \fIks1\fR for the final encryption. \f(CW\*(C`C=E(ks1,D(ks2,E(ks1,M)))\*(C'\fR.
|
|
This form of Triple-DES is used by the \s-1RSAREF\s0 library.
|
|
.PP
|
|
\&\fIDES_pcbc_encrypt()\fR encrypt/decrypts using the propagating cipher block
|
|
chaining mode used by Kerberos v4. Its parameters are the same as
|
|
\&\fIDES_ncbc_encrypt()\fR.
|
|
.PP
|
|
\&\fIDES_cfb_encrypt()\fR encrypt/decrypts using cipher feedback mode. This
|
|
method takes an array of characters as input and outputs and array of
|
|
characters. It does not require any padding to 8 character groups.
|
|
Note: the \fIivec\fR variable is changed and the new changed value needs to
|
|
be passed to the next call to this function. Since this function runs
|
|
a complete \s-1DES\s0 \s-1ECB\s0 encryption per \fInumbits\fR, this function is only
|
|
suggested for use when sending small numbers of characters.
|
|
.PP
|
|
\&\fIDES_cfb64_encrypt()\fR
|
|
implements \s-1CFB\s0 mode of \s-1DES\s0 with 64bit feedback. Why is this
|
|
useful you ask? Because this routine will allow you to encrypt an
|
|
arbitrary number of bytes, no 8 byte padding. Each call to this
|
|
routine will encrypt the input bytes to output and then update ivec
|
|
and num. num contains 'how far' we are though ivec. If this does
|
|
not make much sense, read more about cfb mode of \s-1DES\s0 :\-).
|
|
.PP
|
|
\&\fIDES_ede3_cfb64_encrypt()\fR and \fIDES_ede2_cfb64_encrypt()\fR is the same as
|
|
\&\fIDES_cfb64_encrypt()\fR except that Triple-DES is used.
|
|
.PP
|
|
\&\fIDES_ofb_encrypt()\fR encrypts using output feedback mode. This method
|
|
takes an array of characters as input and outputs and array of
|
|
characters. It does not require any padding to 8 character groups.
|
|
Note: the \fIivec\fR variable is changed and the new changed value needs to
|
|
be passed to the next call to this function. Since this function runs
|
|
a complete \s-1DES\s0 \s-1ECB\s0 encryption per numbits, this function is only
|
|
suggested for use when sending small numbers of characters.
|
|
.PP
|
|
\&\fIDES_ofb64_encrypt()\fR is the same as \fIDES_cfb64_encrypt()\fR using Output
|
|
Feed Back mode.
|
|
.PP
|
|
\&\fIDES_ede3_ofb64_encrypt()\fR and \fIDES_ede2_ofb64_encrypt()\fR is the same as
|
|
\&\fIDES_ofb64_encrypt()\fR, using Triple\-DES.
|
|
.PP
|
|
The following functions are included in the \s-1DES\s0 library for
|
|
compatibility with the \s-1MIT\s0 Kerberos library.
|
|
.PP
|
|
\&\fIDES_cbc_cksum()\fR produces an 8 byte checksum based on the input stream
|
|
(via \s-1CBC\s0 encryption). The last 4 bytes of the checksum are returned
|
|
and the complete 8 bytes are placed in \fIoutput\fR. This function is
|
|
used by Kerberos v4. Other applications should use
|
|
\&\fIEVP_DigestInit\fR\|(3) etc. instead.
|
|
.PP
|
|
\&\fIDES_quad_cksum()\fR is a Kerberos v4 function. It returns a 4 byte
|
|
checksum from the input bytes. The algorithm can be iterated over the
|
|
input, depending on \fIout_count\fR, 1, 2, 3 or 4 times. If \fIoutput\fR is
|
|
non\-NULL, the 8 bytes generated by each pass are written into
|
|
\&\fIoutput\fR.
|
|
.PP
|
|
The following are DES-based transformations:
|
|
.PP
|
|
\&\fIDES_fcrypt()\fR is a fast version of the Unix \fIcrypt\fR\|(3) function. This
|
|
version takes only a small amount of space relative to other fast
|
|
\&\fIcrypt()\fR implementations. This is different to the normal crypt in
|
|
that the third parameter is the buffer that the return value is
|
|
written into. It needs to be at least 14 bytes long. This function
|
|
is thread safe, unlike the normal crypt.
|
|
.PP
|
|
\&\fIDES_crypt()\fR is a faster replacement for the normal system \fIcrypt()\fR.
|
|
This function calls \fIDES_fcrypt()\fR with a static array passed as the
|
|
third parameter. This emulates the normal non-thread safe semantics
|
|
of \fIcrypt\fR\|(3).
|
|
.PP
|
|
\&\fIDES_enc_write()\fR writes \fIlen\fR bytes to file descriptor \fIfd\fR from
|
|
buffer \fIbuf\fR. The data is encrypted via \fIpcbc_encrypt\fR (default)
|
|
using \fIsched\fR for the key and \fIiv\fR as a starting vector. The actual
|
|
data send down \fIfd\fR consists of 4 bytes (in network byte order)
|
|
containing the length of the following encrypted data. The encrypted
|
|
data then follows, padded with random data out to a multiple of 8
|
|
bytes.
|
|
.PP
|
|
\&\fIDES_enc_read()\fR is used to read \fIlen\fR bytes from file descriptor
|
|
\&\fIfd\fR into buffer \fIbuf\fR. The data being read from \fIfd\fR is assumed to
|
|
have come from \fIDES_enc_write()\fR and is decrypted using \fIsched\fR for
|
|
the key schedule and \fIiv\fR for the initial vector.
|
|
.PP
|
|
\&\fBWarning:\fR The data format used by \fIDES_enc_write()\fR and \fIDES_enc_read()\fR
|
|
has a cryptographic weakness: When asked to write more than \s-1MAXWRITE\s0
|
|
bytes, \fIDES_enc_write()\fR will split the data into several chunks that
|
|
are all encrypted using the same \s-1IV\s0. So don't use these functions
|
|
unless you are sure you know what you do (in which case you might not
|
|
want to use them anyway). They cannot handle non-blocking sockets.
|
|
\&\fIDES_enc_read()\fR uses an internal state and thus cannot be used on
|
|
multiple files.
|
|
.PP
|
|
\&\fIDES_rw_mode\fR is used to specify the encryption mode to use with
|
|
\&\fIDES_enc_read()\fR and \fIDES_end_write()\fR. If set to \fI\s-1DES_PCBC_MODE\s0\fR (the
|
|
default), DES_pcbc_encrypt is used. If set to \fI\s-1DES_CBC_MODE\s0\fR
|
|
DES_cbc_encrypt is used.
|
|
.SH "NOTES"
|
|
.IX Header "NOTES"
|
|
Single-key \s-1DES\s0 is insecure due to its short key size. \s-1ECB\s0 mode is
|
|
not suitable for most applications; see \fIdes_modes\fR\|(7).
|
|
.PP
|
|
The \fIopenssl_evp\fR\|(3) library provides higher-level encryption functions.
|
|
.SH "BUGS"
|
|
.IX Header "BUGS"
|
|
\&\fIDES_3cbc_encrypt()\fR is flawed and must not be used in applications.
|
|
.PP
|
|
\&\fIDES_cbc_encrypt()\fR does not modify \fBivec\fR; use \fIDES_ncbc_encrypt()\fR
|
|
instead.
|
|
.PP
|
|
\&\fIDES_cfb_encrypt()\fR and \fIDES_ofb_encrypt()\fR operates on input of 8 bits.
|
|
What this means is that if you set numbits to 12, and length to 2, the
|
|
first 12 bits will come from the 1st input byte and the low half of
|
|
the second input byte. The second 12 bits will have the low 8 bits
|
|
taken from the 3rd input byte and the top 4 bits taken from the 4th
|
|
input byte. The same holds for output. This function has been
|
|
implemented this way because most people will be using a multiple of 8
|
|
and because once you get into pulling bytes input bytes apart things
|
|
get ugly!
|
|
.PP
|
|
\&\fIDES_string_to_key()\fR is available for backward compatibility with the
|
|
\&\s-1MIT\s0 library. New applications should use a cryptographic hash function.
|
|
The same applies for \fIDES_string_to_2key()\fR.
|
|
.SH "CONFORMING TO"
|
|
.IX Header "CONFORMING TO"
|
|
\&\s-1ANSI\s0 X3.106
|
|
.PP
|
|
The \fBdes\fR library was written to be source code compatible with
|
|
the \s-1MIT\s0 Kerberos library.
|
|
.SH "SEE ALSO"
|
|
.IX Header "SEE ALSO"
|
|
\&\fIcrypt\fR\|(3), \fIdes_modes\fR\|(7), \fIopenssl_evp\fR\|(3), \fIopenssl_rand\fR\|(3)
|
|
.SH "HISTORY"
|
|
.IX Header "HISTORY"
|
|
In OpenSSL 0.9.7, all des_ functions were renamed to \s-1DES_\s0 to avoid
|
|
clashes with older versions of libdes. Compatibility des_ functions
|
|
are provided for a short while, as well as \fIcrypt()\fR.
|
|
Declarations for these are in <openssl/des_old.h>. There is no \s-1DES_\s0
|
|
variant for \fIdes_random_seed()\fR.
|
|
This will happen to other functions
|
|
as well if they are deemed redundant (\fIdes_random_seed()\fR just calls
|
|
\&\fIRAND_seed()\fR and is present for backward compatibility only), buggy or
|
|
already scheduled for removal.
|
|
.PP
|
|
\&\fIdes_cbc_cksum()\fR, \fIdes_cbc_encrypt()\fR, \fIdes_ecb_encrypt()\fR,
|
|
\&\fIdes_is_weak_key()\fR, \fIdes_key_sched()\fR, \fIdes_pcbc_encrypt()\fR,
|
|
\&\fIdes_quad_cksum()\fR, \fIdes_random_key()\fR and \fIdes_string_to_key()\fR
|
|
are available in the \s-1MIT\s0 Kerberos library;
|
|
\&\fIdes_check_key_parity()\fR, \fIdes_fixup_key_parity()\fR and \fIdes_is_weak_key()\fR
|
|
are available in newer versions of that library.
|
|
.PP
|
|
\&\fIdes_set_key_checked()\fR and \fIdes_set_key_unchecked()\fR were added in
|
|
OpenSSL 0.9.5.
|
|
.PP
|
|
\&\fIdes_generate_random_block()\fR, \fIdes_init_random_number_generator()\fR,
|
|
\&\fIdes_new_random_key()\fR, \fIdes_set_random_generator_seed()\fR and
|
|
\&\fIdes_set_sequence_number()\fR and \fIdes_rand_data()\fR are used in newer
|
|
versions of Kerberos but are not implemented here.
|
|
.PP
|
|
\&\fIdes_random_key()\fR generated cryptographically weak random data in
|
|
SSLeay and in OpenSSL prior version 0.9.5, as well as in the original
|
|
\&\s-1MIT\s0 library.
|
|
.SH "AUTHOR"
|
|
.IX Header "AUTHOR"
|
|
Eric Young (eay@cryptsoft.com). Modified for the OpenSSL project
|
|
(http://www.openssl.org).
|