X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=doc%2Fcrypto%2Fdes.pod;h=8f5321061db545486c05b57331acba0c720c1ea8;hp=b64bcecc18f0b0e646df0b8a2c6a66539f2b23d3;hb=1bc74519a2a57ef8e67484ca92890fa94d3dd66f;hpb=2a9aca32dcef75d3fec25250c16f9828397fe07c diff --git a/doc/crypto/des.pod b/doc/crypto/des.pod index b64bcecc18..8f5321061d 100644 --- a/doc/crypto/des.pod +++ b/doc/crypto/des.pod @@ -8,10 +8,9 @@ DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt, DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt, DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt, DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt, -DES_ede3_cbcm_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, -DES_read_password, DES_read_2passwords, DES_read_pw_string, +DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt, DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys, -DES_fcrypt, DES_crypt, DES_enc_read, DES_enc_write - DES encryption +DES_fcrypt, DES_crypt - DES encryption =head1 SYNOPSIS @@ -29,16 +28,16 @@ DES_fcrypt, DES_crypt, DES_enc_read, DES_enc_write - DES encryption void DES_set_odd_parity(DES_cblock *key); int DES_is_weak_key(const_DES_cblock *key); - void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output, + void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output, DES_key_schedule *ks, int enc); - void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output, + void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output, DES_key_schedule *ks1, DES_key_schedule *ks2, int enc); - void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output, - DES_key_schedule *ks1, DES_key_schedule *ks2, + void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output, + DES_key_schedule *ks1, DES_key_schedule *ks2, DES_key_schedule *ks3, int enc); - void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output, - long length, DES_key_schedule *schedule, DES_cblock *ivec, + void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output, + long length, DES_key_schedule *schedule, DES_cblock *ivec, int enc); void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits, long length, DES_key_schedule *schedule, @@ -46,8 +45,8 @@ DES_fcrypt, DES_crypt, DES_enc_read, DES_enc_write - DES encryption void DES_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits, long length, DES_key_schedule *schedule, DES_cblock *ivec); - void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output, - long length, DES_key_schedule *schedule, DES_cblock *ivec, + void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output, + long length, DES_key_schedule *schedule, DES_cblock *ivec, int enc); void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length, DES_key_schedule *schedule, DES_cblock *ivec, @@ -56,8 +55,8 @@ DES_fcrypt, DES_crypt, DES_enc_read, DES_enc_write - DES encryption long length, DES_key_schedule *schedule, DES_cblock *ivec, int *num); - void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output, - long length, DES_key_schedule *schedule, DES_cblock *ivec, + void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output, + long length, DES_key_schedule *schedule, DES_cblock *ivec, const_DES_cblock *inw, const_DES_cblock *outw, int enc); void DES_ede2_cbc_encrypt(const unsigned char *input, @@ -74,28 +73,18 @@ DES_fcrypt, DES_crypt, DES_enc_read, DES_enc_write - DES encryption unsigned char *output, long length, DES_key_schedule *ks1, DES_key_schedule *ks2, DES_key_schedule *ks3, DES_cblock *ivec, int enc); - void DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out, - long length, DES_key_schedule *ks1, DES_key_schedule *ks2, - DES_key_schedule *ks3, DES_cblock *ivec1, DES_cblock *ivec2, - int enc); - void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out, + void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length, DES_key_schedule *ks1, DES_key_schedule *ks2, DES_key_schedule *ks3, DES_cblock *ivec, int *num, int enc); - void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out, - long length, DES_key_schedule *ks1, - DES_key_schedule *ks2, DES_key_schedule *ks3, + void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out, + long length, DES_key_schedule *ks1, + DES_key_schedule *ks2, DES_key_schedule *ks3, DES_cblock *ivec, int *num); - int DES_read_password(DES_cblock *key, const char *prompt, int verify); - int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2, - const char *prompt, int verify); - int DES_read_pw_string(char *buf, int length, const char *prompt, - int verify); - - DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output, - long length, DES_key_schedule *schedule, + DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output, + long length, DES_key_schedule *schedule, const_DES_cblock *ivec); - DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[], + DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[], long length, int out_count, DES_cblock *seed); void DES_string_to_key(const char *str, DES_cblock *key); void DES_string_to_2keys(const char *str, DES_cblock *key1, @@ -104,11 +93,6 @@ DES_fcrypt, DES_crypt, DES_enc_read, DES_enc_write - DES encryption char *DES_fcrypt(const char *buf, const char *salt, char *ret); char *DES_crypt(const char *buf, const char *salt); - int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched, - DES_cblock *iv); - int DES_enc_write(int fd, const void *buf, int len, - DES_key_schedule *sched, DES_cblock *iv); - =head1 DESCRIPTION This library contains a fast implementation of the DES encryption @@ -122,9 +106,8 @@ each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process. DES_random_key() generates a random key. The PRNG must be seeded -prior to using this function (see L). If the PRNG -could not generate a secure key, 0 is returned. In earlier versions -of the library, DES_random_key() did not generate secure keys. +prior to using this function (see L). If the PRNG +could not generate a secure key, 0 is returned. Before a DES key can be used, it must be converted into the architecture dependent I via the @@ -135,18 +118,16 @@ and is not a week or semi-weak key. If the parity is wrong, then -1 is returned. If the key is a weak key, then -2 is returned. If an error is returned, the key schedule is not generated. -DES_set_key() (called DES_key_sched() in the MIT library) works like +DES_set_key() works like DES_set_key_checked() if the I flag is non-zero, otherwise like DES_set_key_unchecked(). These functions are available for compatibility; it is recommended to use a function that does not depend on a global variable. -DES_set_odd_parity() (called DES_fixup_key_parity() in the MIT -library) sets the parity of the passed I to odd. +DES_set_odd_parity() sets the parity of the passed I to odd. -DES_is_weak_key() returns 1 is the passed key is a weak key, 0 if it -is ok. The probability that a randomly generated key is weak is -1/2^52, so it is not really worth checking for them. +DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it +is ok. The following routines mostly operate on an input and output stream of Is. @@ -190,7 +171,7 @@ of 24 bytes. This is much better than CBC DES. DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with three keys. This means that each DES operation inside the CBC mode is -really an C. This mode is used by SSL. +an C. This mode is used by SSL. The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by reusing I for the final encryption. C. @@ -234,30 +215,13 @@ DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as DES_ofb64_encrypt(), using Triple-DES. The following functions are included in the DES library for -compatibility with the MIT Kerberos library. DES_read_pw_string() -is also available under the name EVP_read_pw_string(). - -DES_read_pw_string() writes the string specified by I to -standard output, turns echo off and reads in input string from the -terminal. The string is returned in I, which must have space for -at least I bytes. If I is set, the user is asked for -the password twice and unless the two copies match, an error is -returned. A return code of -1 indicates a system error, 1 failure due -to use interaction, and 0 is success. - -DES_read_password() does the same and converts the password to a DES -key by calling DES_string_to_key(); DES_read_2password() operates in -the same way as DES_read_password() except that it generates two keys -by using the DES_string_to_2key() function. DES_string_to_key() is -available for backward compatibility with the MIT library. New -applications should use a cryptographic hash function. The same -applies for DES_string_to_2key(). +compatibility with the MIT Kerberos library. DES_cbc_cksum() produces an 8 byte checksum based on the input stream (via CBC encryption). The last 4 bytes of the checksum are returned and the complete 8 bytes are placed in I. This function is used by Kerberos v4. Other applications should use -L etc. instead. +L etc. instead. DES_quad_cksum() is a Kerberos v4 function. It returns a 4 byte checksum from the input bytes. The algorithm can be iterated over the @@ -287,32 +251,6 @@ containing the length of the following encrypted data. The encrypted data then follows, padded with random data out to a multiple of 8 bytes. -DES_enc_read() is used to read I bytes from file descriptor -I into buffer I. The data being read from I is assumed to -have come from DES_enc_write() and is decrypted using I for -the key schedule and I for the initial vector. - -B The data format used by DES_enc_write() and DES_enc_read() -has a cryptographic weakness: When asked to write more than MAXWRITE -bytes, DES_enc_write() will split the data into several chunks that -are all encrypted using the same IV. So don't use these functions -unless you are sure you know what you do (in which case you might not -want to use them anyway). They cannot handle non-blocking sockets. -DES_enc_read() uses an internal state and thus cannot be used on -multiple files. - -I is used to specify the encryption mode to use with -DES_enc_read() and DES_end_write(). If set to I (the -default), DES_pcbc_encrypt is used. If set to I -DES_cbc_encrypt is used. - -=head1 NOTES - -Single-key DES is insecure due to its short key size. ECB mode is -not suitable for most applications; see L. - -The L library provides higher-level encryption functions. - =head1 BUGS DES_3cbc_encrypt() is flawed and must not be used in applications. @@ -330,8 +268,9 @@ implemented this way because most people will be using a multiple of 8 and because once you get into pulling bytes input bytes apart things get ugly! -DES_read_pw_string() is the most machine/OS dependent function and -normally generates the most problems when porting this code. +DES_string_to_key() is available for backward compatibility with the +MIT library. New applications should use a cryptographic hash function. +The same applies for DES_string_to_2key(). =head1 CONFORMING TO @@ -340,43 +279,29 @@ ANSI X3.106 The B library was written to be source code compatible with the MIT Kerberos library. -=head1 SEE ALSO - -crypt(3), L, L, L +=head1 NOTES -=head1 HISTORY +Applications should use the higher level functions +L etc. instead of calling these +functions directly. -In OpenSSL 0.9.7, all des_ functions were renamed to DES_ to avoid -clashes with older versions of libdes. Compatibility des_ functions -are provided for a short while, as well as crypt(). -Declarations for these are in . des_random_seed() -is were not kept as DES_ variants. This will happen to other functions -as well if they are deemed redundant (des_random_seed() just calls -RAND_seed() and is present for backward compatibility only), buggy or -already scheduled for removal. +Single-key DES is insecure due to its short key size. ECB mode is +not suitable for most applications; see L. -des_cbc_cksum(), des_cbc_encrypt(), des_ecb_encrypt(), -des_is_weak_key(), des_key_sched(), des_pcbc_encrypt(), -des_quad_cksum(), des_random_key(), des_read_password() and -des_string_to_key() are available in the MIT Kerberos library; -des_check_key_parity(), des_fixup_key_parity() and des_is_weak_key() -are available in newer versions of that library. +=head1 SEE ALSO -des_set_key_checked() and des_set_key_unchecked() were added in -OpenSSL 0.9.5. +L, +L -des_generate_random_block(), des_init_random_number_generator(), -des_new_random_key(), des_set_random_generator_seed() and -des_set_sequence_number() and des_rand_data() are used in newer -versions of Kerberos but are not implemented here. +=cut -des_random_key() generated cryptographically weak random data in -SSLeay and in OpenSSL prior version 0.9.5, as well as in the original -MIT library. +=head1 COPYRIGHT -=head1 AUTHOR +Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. -Eric Young (eay@cryptsoft.com). Modified for the OpenSSL project -(http://www.openssl.org). +Licensed under the OpenSSL license (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. =cut