#include <rpc/des_crypt.h> int ecb_crypt(char *key, char *data, unsigned datalen, unsigned mode); int cbc_crypt(char *key, char *data, unsigned datalen, unsigned mode, char *ivec); void des_setparity(char *key); int DES_FAILED(int status);
Here is how to use these routines. The first argument, key, is the 8-byte encryption key with parity. To set the key's parity, which for DES is in the low bit of each byte, use des_setparity(). The second argument, data, contains the data to be encrypted or decrypted. The third argument, datalen, is the length in bytes of data, which must be a multiple of 8. The fourth argument, mode, is formed by ORing together some things. For the encryption direction OR in either DES_ENCRYPT or DES_DECRYPT. For software versus hardware encryption, OR in either DES_HW or DES_SW. If DES_HW is specified, and there is no hardware, then the encryption is performed in software and the routine returns DESERR_NOHWDEVICE. For cbc_crypt(), the argument ivec is the 8-byte initialization vector for the chaining. It is updated to the next initialization vector upon return.
Given a result status stat, the macro DES_FAILED(stat) is false only for the first two statuses.
Because they employ the DES block cipher, which is no longer considered secure, ecb_crypt(), ecb_crypt(), crypt_r(), and des_setparity() were removed in glibc 2.28. Applications should switch to a modern cryptography library, such as libgcrypt.
Interface | Attribute | Value |
ecb_crypt(), cbc_crypt(), des_setparity() | Thread safety | MT-Safe |