MyWebUniversity.com Home Page
 



OpenSolaris man pages main menu 


Extended Library Functions                            crypt(3EXT)



NAME
     crypt, setkey, encrypt, descrypt, dessetkey,  desencrypt,
     runsetkey,  runcrypt,  cryptclose  -  password  and  file
     encryption functions

SYNOPSIS
     cc [ flag ... ] file ... -lcrypt [ library ... ]
     #include 

     char *crypt(const char *key, const char *salt);


     void setkey(const char *key);


     void encrypt(char *block, int flag);


     char *descrypt(const char *key, const char *salt);


     void dessetkey(const char *key);


     void desencrypt(char *block, int flag);


     int runsetkey(int *p, const char *key);


     int runcrypt(long offset, char *buffer, unsigned int count,
          int *p);


     int cryptclose(int *p);


DESCRIPTION
     descrypt() is the password encryption function. It is based
     on  a  one-way  hashing encryption algorithm with variations
     intended (among other things) to frustrate use  of  hardware
     implementations of a key search.


     key is a user's typed  password.  salt  is  a  two-character
     string  chosen  from  the  set [a-zA-Z0-9./]; this string is
     used to perturb the hashing algorithm in one  of  4096  dif-
     ferent  ways, after which the password is used as the key to
     encrypt repeatedly a constant  string.  The  returned  value
     points  to  the encrypted password. The first two characters
     are the salt itself.




SunOS 5.11           Last change: 3 Mar 2008                    1






Extended Library Functions                            crypt(3EXT)



     The dessetkey() and desencrypt() entries  provide  (rather
     primitive) access to the actual hashing algorithm. The argu-
     ment of dessetkey() is a character array of length 64  con-
     taining only the characters with numerical value 0 and 1. If
     this string is divided into groups of 8, the  low-order  bit
     in each group is ignored, thereby creating a 56-bit key that
     is set into the machine. This key is the key  that  will  be
     used  with the hashing algorithm to encrypt the string block
     with the function desencrypt().


     The argument to the desencrypt() entry is a character array
     of  length  64 containing only the characters with numerical
     value 0 and 1. The argument array is modified in place to  a
     similar  array  representing  the bits of the argument after
     having been subjected to the hashing algorithm using the key
     set  by  dessetkey().  If   flag  is  zero, the argument is
     encrypted; if non-zero, it is decrypted.


     Note that decryption is not provided  in  the  international
     version of crypt(). The international version is part of the
     C Development Set, and the domestic version is part  of  the
     Security   Administration   Utilities.    If  decryption  is
     attempted with the international version  of  desencrypt(),
     an error message is printed.


     crypt(), setkey(), and encrypt() are front-end routines that
     invoke  descrypt(), dessetkey(), and desencrypt() respec-
     tively.


     The routines runsetkey() and runcrypt() are  designed  for
     use  by  applications  that need cryptographic capabilities,
     such as ed(1) and vi(1). runsetkey() establishes a  two-way
     pipe  connection  with  the  crypt utility, using key as the
     password argument. runcrypt() takes a block  of  characters
     and  transforms  the  cleartext  or  ciphertext  into  their
     ciphertext or cleartext using the crypt utility.   offset is
     the  relative  byte  position from the beginning of the file
     that the block of text provided in  block  is  coming  from.
     count  is  the number of characters in block, and connection
     is an array containing indices to a table of input and  out-
     put   file   streams.     When   encryption   is   finished,
     cryptclose() is used to terminate the connection  with  the
     crypt utility.


     runsetkey() returns  -1 if  a  connection  with  the  crypt
     utility  cannot  be  established.  This result will occur in
     international versions of the UNIX system in which the crypt



SunOS 5.11           Last change: 3 Mar 2008                    2






Extended Library Functions                            crypt(3EXT)



     utility  is  not  available.   If  a  null  key is passed to
     runsetkey(), 0 is returned.   Otherwise,   1  is  returned.
     runcrypt()  returns   -1  if it cannot write output or read
     input from  the  pipe  attached  to  crypt().  Otherwise  it
     returns  0.


     The program must be linked with the object file access  rou-
     tine library libcrypt.a.

RETURN VALUES
     In the international version of crypt(), a flag argument  of
     1  to  encrypt() or desencrypt() is not accepted, and errno
     is set to ENOSYS to indicate that the functionality  is  not
     available.

ATRIBUTES
     See attributes(5) for descriptions of the  following  attri-
     butes:



     
           ATRIBUTE TYPE               ATRIBUTE VALUE       
    
     MT-Level                     Unsafe                      
    


SEE ALSO
     ed(1), login(1), passwd(1), vi(1),  getpass(3C),  passwd(4),
     attributes(5)

NOTES
     The return value in crypt() points to static data  that  are
     overwritten by each call.



















SunOS 5.11           Last change: 3 Mar 2008                    3
OpenSolaris man pages main menu
Contact us      |       About us      |       Term of use      |       Copyright © 2000-2010 MyWebUniversity.com ™