crypt, setkey, encrypt, des_crypt, des_setkey, des_encrypt, run_setkey,
run_crypt, crypt_close - password and file encryption functions
cc [ flag ... ] file ... -lcrypt [ library ... ]
char *crypt(const char *key, const char *salt);
void setkey(const char *key);
void encrypt(char *block, int flag);
char *des_crypt(const char *key, const char *salt);
void des_setkey(const char *key);
void des_encrypt(char *block, int flag);
int run_setkey(int *p, const char *key);
int run_crypt(long offset, char *buffer, unsigned int count,
int crypt_close(int *p);
DESCRIPTIONdes_crypt() is the password encryption function. It is based on a one-
way hashing encryption algorithm with variations intended (among other
things) to frustrate use of hardware implementations of a key search.
key is a user's typed password. salt is a two-character string chosen
from the set [a-zA-Z0-9./]; this string is used to perturb the hashing
algorithm in one of 4096 different ways, after which the password is
used as the key to encrypt repeatedly a constant string. The returned
value points to the encrypted password. The first two characters are
the salt itself.
The des_setkey() and des_encrypt() entries provide (rather primitive)
access to the actual hashing algorithm. The argument of des_setkey() is
a character array of length 64 containing only the characters with
numerical value 0 and 1. If this string is divided into groups of 8,
the low-order bit in each group is ignored, thereby creating a 56-bit
key that is set into the machine. This key is the key that will be used
with the hashing algorithm to encrypt the string block with the func‐
The argument to the des_encrypt() entry is a character array of length
64 containing only the characters with numerical value 0 and 1. The
argument array is modified in place to a similar array representing the
bits of the argument after having been subjected to the hashing algo‐
rithm using the key set by des_setkey(). If flag is zero, the argument
is encrypted; if non-zero, it is decrypted.
Note that decryption is not provided in the international version of
crypt(). The international version is part of the C Development Set,
and the domestic version is part of the Security Administration Utili‐
ties. If decryption is attempted with the international version of
des_encrypt(), an error message is printed.
crypt(), setkey(), and encrypt() are front-end routines that invoke
des_crypt(), des_setkey(), and des_encrypt() respectively.
The routines run_setkey() and run_crypt() are designed for use by
applications that need cryptographic capabilities, such as ed(1) and
vi(1). run_setkey() establishes a two-way pipe connection with the
crypt utility, using key as the password argument. run_crypt() takes a
block of characters and transforms the cleartext or ciphertext into
their ciphertext or cleartext using the crypt utility. offset is the
relative byte position from the beginning of the file that the block of
text provided in block is coming from. count is the number of charac‐
ters in block, and connection is an array containing indices to a ta‐
ble of input and output file streams. When encryption is finished,
crypt_close() is used to terminate the connection with the crypt util‐
run_setkey() returns −1 if a connection with the crypt utility cannot
be established. This result will occur in international versions of the
UNIX system in which the crypt utility is not available. If a null key
is passed to run_setkey(), 0 is returned. Otherwise, 1 is returned.
run_crypt() returns −1 if it cannot write output or read input from
the pipe attached to crypt(). Otherwise it returns 0.
The program must be linked with the object file access routine library
In the international version of crypt(), a flag argument of 1 to
encrypt() or des_encrypt() is not accepted, and errno is set to ENOSYS
to indicate that the functionality is not available.
See attributes(5) for descriptions of the following attributes:
│ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
│MT-Level │ Unsafe │
SEE ALSOed(1), login(1), passwd(1), vi(1), getpass(3C), passwd(4),
The return value in crypt() points to static data that are overwritten
by each call.
Mar 3, 2008 CRYPT(3EXT)