encrypt, decrypt, netcrypt – DES encryption


#include <u.h>
#include <libc.h>

int encrypt(void *key, void *data, int len)

int decrypt(void *key, void *data, int len)

int netcrypt(void *key, void *data)


Encrypt and decrypt perform DES encryption and decryption. Key is an array of DESKEYLEN (defined as 7 in <auth.h>) bytes containing the encryption key. Data is an array of len bytes; it must be at least 8 bytes long. The bytes are encrypted or decrypted in place.

The DES algorithm encrypts an individual 8-byte block of data. Encrypt uses the following method to encrypt data longer than 8 bytes. The first 8 bytes are encrypted as usual. The last byte of the encrypted result is prefixed to the next 7 unencrypted bytes to make the next 8 bytes to encrypt. This is repeated until fewer than 7 bytes remain unencrypted. Any remaining unencrypted bytes are encrypted with enough of the preceding encrypted bytes to make a full 8-byte block. Decrypt uses the inverse algorithm.

Netcrypt performs the same encryption as a SecureNet Key. Data points to an ASCII string of decimal digits with numeric value between 0 and 10000. These digits are copied into an 8-byte buffer with trailing binary zero fill and encrypted as one DES block. The first four bytes are each formatted as two digit ASCII hexadecimal numbers, and the string is copied into data.




These routines return 1 if the data was encrypted, and 0 if the encryption fails. Encrypt and decrypt fail if the data passed is less than 8 bytes long. Netcrypt can fail if it is passed invalid data.




The implementation is broken in a way that makes it unsuitable for anything but authentication.