1 cfa37a7b 2004-04-10 devnull .TH DES 3
  2 cfa37a7b 2004-04-10 devnull .SH NAME
  3 cfa37a7b 2004-04-10 devnull setupDESstate, des_key_setup, block_cipher, desCBCencrypt, desCBCdecrypt, desECBencrypt, desECBdecrypt, des3CBCencrypt, des3CBCdecrypt, des3ECBencrypt, des3ECBdecrypt, key_setup, des56to64, des64to56, setupDES3state, triple_block_cipher,  - single and triple digital encryption standard
  4 cfa37a7b 2004-04-10 devnull .SH SYNOPSIS
  5 cfa37a7b 2004-04-10 devnull .B #include <u.h>
  6 cfa37a7b 2004-04-10 devnull .br
  7 cfa37a7b 2004-04-10 devnull .B #include <libc.h>
  8 cfa37a7b 2004-04-10 devnull .br
  9 cfa37a7b 2004-04-10 devnull .B #include <mp.h>
 10 cfa37a7b 2004-04-10 devnull .br
 11 cfa37a7b 2004-04-10 devnull .B #include <libsec.h>
 12 cfa37a7b 2004-04-10 devnull .PP
 13 cfa37a7b 2004-04-10 devnull .B
 14 cfa37a7b 2004-04-10 devnull void	des_key_setup(uchar key[8], ulong schedule[32])
 15 cfa37a7b 2004-04-10 devnull .PP
 16 cfa37a7b 2004-04-10 devnull .B
 17 cfa37a7b 2004-04-10 devnull void	block_cipher(ulong *schedule, uchar *data,
 18 cfa37a7b 2004-04-10 devnull .B
 19 cfa37a7b 2004-04-10 devnull 		int decrypting)
 20 cfa37a7b 2004-04-10 devnull .PP
 21 cfa37a7b 2004-04-10 devnull .B
 22 cfa37a7b 2004-04-10 devnull void	setupDESstate(DESstate *s, uchar key[8], uchar *ivec)
 23 cfa37a7b 2004-04-10 devnull .PP
 24 cfa37a7b 2004-04-10 devnull .B
 25 cfa37a7b 2004-04-10 devnull void	desCBCencrypt(uchar*, int, DESstate*)
 26 cfa37a7b 2004-04-10 devnull .PP
 27 cfa37a7b 2004-04-10 devnull .B
 28 cfa37a7b 2004-04-10 devnull void	desCBCdecrypt(uchar*, int, DESstate*)
 29 cfa37a7b 2004-04-10 devnull .PP
 30 cfa37a7b 2004-04-10 devnull .B
 31 cfa37a7b 2004-04-10 devnull void	desECBencrypt(uchar*, int, DESstate*)
 32 cfa37a7b 2004-04-10 devnull .PP
 33 cfa37a7b 2004-04-10 devnull .B
 34 cfa37a7b 2004-04-10 devnull void	desECBdecrypt(uchar*, int, DESstate*)
 35 cfa37a7b 2004-04-10 devnull .PP
 36 cfa37a7b 2004-04-10 devnull .B
 37 cfa37a7b 2004-04-10 devnull void	triple_block_cipher(ulong keys[3][32], uchar*, int)
 38 cfa37a7b 2004-04-10 devnull .PP
 39 cfa37a7b 2004-04-10 devnull .B
 40 cfa37a7b 2004-04-10 devnull void	setupDES3state(DES3state *s, uchar key[3][8],
 41 cfa37a7b 2004-04-10 devnull .B
 42 cfa37a7b 2004-04-10 devnull 			 uchar *ivec)
 43 cfa37a7b 2004-04-10 devnull .PP
 44 cfa37a7b 2004-04-10 devnull .B
 45 cfa37a7b 2004-04-10 devnull void	des3CBCencrypt(uchar*, int, DES3state*)
 46 cfa37a7b 2004-04-10 devnull .PP
 47 cfa37a7b 2004-04-10 devnull .B
 48 cfa37a7b 2004-04-10 devnull void	des3CBCdecrypt(uchar*, int, DES3state*)
 49 cfa37a7b 2004-04-10 devnull .PP
 50 cfa37a7b 2004-04-10 devnull .B
 51 cfa37a7b 2004-04-10 devnull void	des3ECBencrypt(uchar*, int, DES3state*)
 52 cfa37a7b 2004-04-10 devnull .PP
 53 cfa37a7b 2004-04-10 devnull .B
 54 cfa37a7b 2004-04-10 devnull void	des3ECBdecrypt(uchar*, int, DES3state*)
 55 cfa37a7b 2004-04-10 devnull .PP
 56 cfa37a7b 2004-04-10 devnull .B
 57 cfa37a7b 2004-04-10 devnull void	key_setup(uchar[7], ulong[32])
 58 cfa37a7b 2004-04-10 devnull .PP
 59 cfa37a7b 2004-04-10 devnull .B
 60 cfa37a7b 2004-04-10 devnull void	des56to64(uchar *k56, uchar *k64)
 61 cfa37a7b 2004-04-10 devnull .PP
 62 cfa37a7b 2004-04-10 devnull .B
 63 cfa37a7b 2004-04-10 devnull void	des64to56(uchar *k64, uchar *k56)
 64 cfa37a7b 2004-04-10 devnull .SH DESCRIPTION
 65 cfa37a7b 2004-04-10 devnull .PP
 66 cfa37a7b 2004-04-10 devnull The Digital Encryption Standard (DES)
 67 cfa37a7b 2004-04-10 devnull is a shared key or symmetric encryption using either
 68 cfa37a7b 2004-04-10 devnull a 56 bit key for single DES or three 56 bit keys for triple des.
 69 cfa37a7b 2004-04-10 devnull The keys are encoded into 64 bits where every eight bit
 70 cfa37a7b 2004-04-10 devnull is parity. 
 71 cfa37a7b 2004-04-10 devnull .PP
 72 cfa37a7b 2004-04-10 devnull The basic DES function,
 73 cfa37a7b 2004-04-10 devnull .IR block_cipher ,
 74 cfa37a7b 2004-04-10 devnull works on a block of 8 bytes, converting them in place.
 75 cfa37a7b 2004-04-10 devnull It takes a key schedule, a pointer to the block, and
 76 cfa37a7b 2004-04-10 devnull a flag indicating encrypting (0) or decrypting (1).
 77 cfa37a7b 2004-04-10 devnull The key schedule is created from the key using
 78 cfa37a7b 2004-04-10 devnull .IR des_key_setup .
 79 cfa37a7b 2004-04-10 devnull .PP
 80 cfa37a7b 2004-04-10 devnull Since it is a bit awkward,
 81 cfa37a7b 2004-04-10 devnull .I block_cipher
 82 cfa37a7b 2004-04-10 devnull is rarely called directly.  Instead, one normally uses
 83 cfa37a7b 2004-04-10 devnull routines that encrypt larger buffers of data and
 84 cfa37a7b 2004-04-10 devnull which may chain the encryption state from one buffer
 85 cfa37a7b 2004-04-10 devnull to the next.
 86 cfa37a7b 2004-04-10 devnull These routines keep track of the state of the
 87 cfa37a7b 2004-04-10 devnull encryption using a
 88 cfa37a7b 2004-04-10 devnull .B DESstate
 89 cfa37a7b 2004-04-10 devnull structure that contains the key schedule and any chained
 90 cfa37a7b 2004-04-10 devnull state.
 91 cfa37a7b 2004-04-10 devnull .I SetupDESstate
 92 cfa37a7b 2004-04-10 devnull sets up the
 93 cfa37a7b 2004-04-10 devnull .B DESstate
 94 cfa37a7b 2004-04-10 devnull structure using the key and an 8 byte initialization vector.
 95 cfa37a7b 2004-04-10 devnull .PP
 96 cfa37a7b 2004-04-10 devnull Electronic code book, using
 97 cfa37a7b 2004-04-10 devnull .I desECBencrypt
 98 cfa37a7b 2004-04-10 devnull and 
 99 cfa37a7b 2004-04-10 devnull .IR desECBdecrypt , 
100 cfa37a7b 2004-04-10 devnull is the less secure mode.  The encryption of each 8 bytes
101 cfa37a7b 2004-04-10 devnull does not depend on the encryption of any other.
102 cfa37a7b 2004-04-10 devnull Hence the encryption is a substitution
103 cfa37a7b 2004-04-10 devnull cipher using 64 bit characters.
104 cfa37a7b 2004-04-10 devnull .PP
105 cfa37a7b 2004-04-10 devnull Cipher block chaining mode, using
106 cfa37a7b 2004-04-10 devnull .I desCBCencrypt
107 cfa37a7b 2004-04-10 devnull and
108 cfa37a7b 2004-04-10 devnull .IR desCBCdecrypt ,
109 cfa37a7b 2004-04-10 devnull is more secure.  Every block encrypted depends on the initialization
110 cfa37a7b 2004-04-10 devnull vector and all blocks encrypted before it.
111 cfa37a7b 2004-04-10 devnull .PP
112 cfa37a7b 2004-04-10 devnull For both CBC and ECB modes, a stream of data can be encrypted as
113 cfa37a7b 2004-04-10 devnull multiple buffers.  However, all buffers except the last must
114 cfa37a7b 2004-04-10 devnull be a multiple of 8 bytes to ensure successful decryption of
115 cfa37a7b 2004-04-10 devnull the stream.
116 cfa37a7b 2004-04-10 devnull .PP
117 cfa37a7b 2004-04-10 devnull There are equivalent triple DES functions for each of the
118 cfa37a7b 2004-04-10 devnull DES functions.
119 cfa37a7b 2004-04-10 devnull .PP
120 cfa37a7b 2004-04-10 devnull In the past Plan 9 used a 56 bit or 7 byte
121 cfa37a7b 2004-04-10 devnull format for DES keys.  To be compatible with the rest
122 cfa37a7b 2004-04-10 devnull of the world, we've abandoned this format.
123 cfa37a7b 2004-04-10 devnull There are two functions:
124 cfa37a7b 2004-04-10 devnull .I des56to64
125 cfa37a7b 2004-04-10 devnull and
126 cfa37a7b 2004-04-10 devnull .I des64to56
127 cfa37a7b 2004-04-10 devnull to convert back and forth between the two formats.
128 cfa37a7b 2004-04-10 devnull Also a key schedule can be set up from the 7 byte format
129 cfa37a7b 2004-04-10 devnull using
130 cfa37a7b 2004-04-10 devnull .IR key_setup .
131 cfa37a7b 2004-04-10 devnull .PP
132 cfa37a7b 2004-04-10 devnull .SH SOURCE
133 c3674de4 2005-01-11 devnull .B \*9/src/libsec
134 cfa37a7b 2004-04-10 devnull .SH SEE ALSO
135 d32deab1 2020-08-16 rsc .MR mp (3) ,
136 d32deab1 2020-08-16 rsc .MR aes (3) ,
137 d32deab1 2020-08-16 rsc .MR blowfish (3) ,
138 d32deab1 2020-08-16 rsc .MR dsa (3) ,
139 d32deab1 2020-08-16 rsc .MR elgamal (3) ,
140 d32deab1 2020-08-16 rsc .MR rc4 (3) ,
141 d32deab1 2020-08-16 rsc .MR rsa (3) ,
142 d32deab1 2020-08-16 rsc .MR sechash (3) ,
143 d32deab1 2020-08-16 rsc .MR prime (3) ,
144 d32deab1 2020-08-16 rsc .MR rand (3)