CRYPT(3)                                                 CRYPT(3)

     NAME
          crypt, setkey, encrypt - DES encryption

     SYNOPSIS
          char *crypt(key, salt)
          char *key, *salt;

          setkey(key)
          char *key;

          encrypt(block, edflag)
          char *block;

     DESCRIPTION
          Crypt is the password encryption routine.  It is based on
          the NBS Data Encryption Standard, with variations intended
          (among other things) to frustrate use of hardware implemen-
          tations of the DES for key search.

          The first argument to crypt is a user's typed password.  The
          second is a 2-character string chosen from the set [a-zA-
          Z0-9./].  The salt string is used to perturb the DES algo-
          rithm in one of 4096 different ways, after which the pass-
          word is used as the key to encrypt repeatedly a constant
          string.  The returned value points to the encrypted pass-
          word, in the same alphabet as the salt.  The first two char-
          acters are the salt itself.

          The other entries provide (rather primitive) access to the
          actual DES algorithm.  The argument of setkey is a character
          array of length 64 containing only the characters with
          numerical value 0 and 1.  If this string is divided into
          groups of 8, the low-order bit in each group is ignored,
          leading to a 56-bit key which is set into the machine.

          The argument to the encrypt entry is likewise a character
          array of length 64 containing 0's and 1's.  The argument
          array is modified in place to a similar array representing
          the bits of the argument after having been subjected to the
          DES algorithm using the key set by setkey. If edflag is 0,
          the argument is encrypted; if non-zero, it is decrypted.

     SEE ALSO
          crypt(1), passwd(1), passwd(5), getpass(3)

     BUGS
          The return value points to static data whose content is
          overwritten by each call.
          Crypt and encrypt are not available outside the United
          States and Canada.