The DES library.
Please note that this library was originally written to operate with
eBones, a version of Kerberos that had had encryption removed when it left
the USA and then put back in. As such there are some routines that I will
advise not using but they are still in the library for historical reasons.
For all calls that have an 'input' and 'output' variables, they can be the
same.
This library requires the inclusion of 'des.h'.
All of the encryption functions take what is called a des_key_schedule as an
argument. A des_key_schedule is an expanded form of the des key.
A des_key is 8 bytes of odd parity, the type used to hold the key is a
des_cblock. A des_cblock is an array of 8 bytes, often in this library
description I will refer to input bytes when the function specifies
des_cblock's as input or output, this just means that the variable should
be a multiple of 8 bytes.
The define DES_ENCRYPT is passed to specify encryption, DES_DECRYPT to
specify decryption. The functions and global variable are as follows:
int des_check_key;
DES keys are supposed to be odd parity. If this variable is set to
a non-zero value, des_set_key() will check that the key has odd
parity and is not one of the known weak DES keys. By default this
variable is turned off;
void des_set_odd_parity(
des_cblock *key );
This function takes a DES key (8 bytes) and sets the parity to odd.
int des_is_weak_key(
des_cblock *key );
This function returns a non-zero value if the DES key passed is a
weak, DES key. If it is a weak key, don't use it, try a different
one. If you are using 'random' keys, the chances of hitting a weak
key are 1/2^52 so it is probably not worth checking for them.
int des_set_key(
des_cblock *key,
des_key_schedule schedule);
Des_set_key converts an 8 byte DES key into a des_key_schedule.
A des_key_schedule is an expanded form of the key which is used to
perform actual encryption. It can be regenerated from the DES key
so it only needs to be kept when encryption or decryption is about
to occur. Don't save or pass around des_key_schedule's since they
are CPU architecture dependent, DES keys are not. If des_check_key
is non zero, zero is returned if the key has the wrong parity or
the key is a weak key, else 1 is returned.
int des_key_sched(
des_cblock *key,
des_key_schedule schedule);
An alternative name for des_set_key().
int des_rw_mode; /* defaults to DES_PCBC_MODE */
This flag holds either DES_CBC_MODE or DES_PCBC_MODE (default).
This specifies the function to use in the enc_read() and enc_write()
functions.
void des_encrypt(
unsigned long *data,
des_key_schedule ks,