b10a0accee
The functions encrypt, setkey, encrypt_r, setkey_r, cbc_crypt, ecb_crypt, and des_setparity should not be used in new programs, because they use the DES block cipher, which is unacceptably weak by modern standards. Demote all of them to compatibility symbols, and remove their prototypes from installed headers. cbc_crypt, ecb_crypt, and des_setparity were already compat symbols when glibc was configured with --disable-obsolete-rpc. POSIX requires encrypt and setkey to be available when _XOPEN_CRYPT is defined, so this change also removes the definition of X_OPEN_CRYPT from <unistd.h>. The entire "DES Encryption" section is dropped from the manual, as is the mention of AUTH_DES and FIPS 140-2 in the introduction to crypt.texi. The documentation of 'memfrob' cross-referenced the DES Encryption section, which is replaced by a hyperlink to libgcrypt, and while I was in there I spruced up the actual documentation of 'memfrob' and 'strfry' a little. It's still fairly jokey, because those functions _are_ jokes, but they do also have real use cases, so people trying to use them for real should have all the information they need. DES-based authentication for Sun RPC is also insecure and should be deprecated or even removed, but maybe that can be left as TI-RPC's problem.
60 lines
1.7 KiB
C
60 lines
1.7 KiB
C
/*
|
|
* UFC-crypt: ultra fast crypt(3) implementation
|
|
*
|
|
* Copyright (C) 1991-2018 Free Software Foundation, Inc.
|
|
*
|
|
* The GNU C Library is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
* License as published by the Free Software Foundation; either
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
*
|
|
* The GNU C Library is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
* Lesser General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
* License along with the GNU C Library; if not, see
|
|
* <http://www.gnu.org/licenses/>.
|
|
*
|
|
* @(#)crypt.h 1.5 12/20/96
|
|
*
|
|
*/
|
|
|
|
#ifndef _CRYPT_H
|
|
#define _CRYPT_H 1
|
|
|
|
#include <features.h>
|
|
|
|
__BEGIN_DECLS
|
|
|
|
/* Encrypt at most 8 characters from KEY using salt to perturb DES. */
|
|
extern char *crypt (const char *__key, const char *__salt)
|
|
__THROW __nonnull ((1, 2));
|
|
|
|
#ifdef __USE_GNU
|
|
/* Reentrant version of 'crypt'. The additional argument
|
|
points to a structure where the results are placed in. */
|
|
struct crypt_data
|
|
{
|
|
char keysched[16 * 8];
|
|
char sb0[32768];
|
|
char sb1[32768];
|
|
char sb2[32768];
|
|
char sb3[32768];
|
|
/* end-of-aligment-critical-data */
|
|
char crypt_3_buf[14];
|
|
char current_salt[2];
|
|
long int current_saltbits;
|
|
int direction, initialized;
|
|
};
|
|
|
|
extern char *crypt_r (const char *__key, const char *__salt,
|
|
struct crypt_data * __restrict __data)
|
|
__THROW __nonnull ((1, 2, 3));
|
|
#endif
|
|
|
|
__END_DECLS
|
|
|
|
#endif /* crypt.h */
|