aboutsummaryrefslogtreecommitdiff
path: root/secure/lib/libcrypto/man/des.3
diff options
context:
space:
mode:
Diffstat (limited to 'secure/lib/libcrypto/man/des.3')
-rw-r--r--secure/lib/libcrypto/man/des.354
1 files changed, 31 insertions, 23 deletions
diff --git a/secure/lib/libcrypto/man/des.3 b/secure/lib/libcrypto/man/des.3
index 47f7cd91f3ac..43b97f0b24e2 100644
--- a/secure/lib/libcrypto/man/des.3
+++ b/secure/lib/libcrypto/man/des.3
@@ -1,4 +1,4 @@
-.\" Automatically generated by Pod::Man 2.25 (Pod::Simple 3.23)
+.\" Automatically generated by Pod::Man 2.27 (Pod::Simple 3.28)
.\"
.\" Standard preamble:
.\" ========================================================================
@@ -38,6 +38,8 @@
. ds PI \(*p
. ds L" ``
. ds R" ''
+. ds C`
+. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
@@ -48,17 +50,24 @@
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
-.ie \nF \{\
-. de IX
-. tm Index:\\$1\t\\n%\t"\\$2"
+.\"
+.\" Avoid warning from groff about undefined register 'F'.
+.de IX
..
-. nr % 0
-. rr F
-.\}
-.el \{\
-. de IX
+.nr rF 0
+.if \n(.g .if rF .nr rF 1
+.if (\n(rF:(\n(.g==0)) \{
+. if \nF \{
+. de IX
+. tm Index:\\$1\t\\n%\t"\\$2"
..
+. if !\nF==2 \{
+. nr % 0
+. nr F 2
+. \}
+. \}
.\}
+.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
@@ -124,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "des 3"
-.TH des 3 "2013-02-11" "1.0.1e" "OpenSSL"
+.TH des 3 "2015-01-15" "1.0.1l" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -263,9 +272,8 @@ depend on a global variable.
.PP
\&\fIDES_set_odd_parity()\fR sets the parity of the passed \fIkey\fR to odd.
.PP
-\&\fIDES_is_weak_key()\fR returns 1 is the passed key is a weak key, 0 if it
-is ok. The probability that a randomly generated key is weak is
-1/2^52, so it is not really worth checking for them.
+\&\fIDES_is_weak_key()\fR returns 1 if the passed key is a weak key, 0 if it
+is ok.
.PP
The following routines mostly operate on an input and output stream of
\&\fIDES_cblock\fRs.
@@ -293,7 +301,7 @@ The macro \fIDES_ecb2_encrypt()\fR is provided to perform two-key Triple-DES
encryption by using \fIks1\fR for the final encryption.
.PP
\&\fIDES_ncbc_encrypt()\fR encrypts/decrypts using the \fIcipher-block-chaining\fR
-(\s-1CBC\s0) mode of \s-1DES\s0. If the \fIencrypt\fR argument is non-zero, the
+(\s-1CBC\s0) mode of \s-1DES. \s0 If the \fIencrypt\fR argument is non-zero, the
routine cipher-block-chain encrypts the cleartext data pointed to by
the \fIinput\fR argument into the ciphertext pointed to by the \fIoutput\fR
argument, using the key schedule provided by the \fIschedule\fR argument,
@@ -302,14 +310,14 @@ and initialization vector provided by the \fIivec\fR argument. If the
last block is copied to a temporary area and zero filled. The output
is always an integral multiple of eight bytes.
.PP
-\&\fIDES_xcbc_encrypt()\fR is \s-1RSA\s0's \s-1DESX\s0 mode of \s-1DES\s0. It uses \fIinw\fR and
+\&\fIDES_xcbc_encrypt()\fR is \s-1RSA\s0's \s-1DESX\s0 mode of \s-1DES. \s0 It uses \fIinw\fR and
\&\fIoutw\fR to 'whiten' the encryption. \fIinw\fR and \fIoutw\fR are secret
(unlike the iv) and are as such, part of the key. So the key is sort
-of 24 bytes. This is much better than \s-1CBC\s0 \s-1DES\s0.
+of 24 bytes. This is much better than \s-1CBC DES.\s0
.PP
-\&\fIDES_ede3_cbc_encrypt()\fR implements outer triple \s-1CBC\s0 \s-1DES\s0 encryption with
+\&\fIDES_ede3_cbc_encrypt()\fR implements outer triple \s-1CBC DES\s0 encryption with
three keys. This means that each \s-1DES\s0 operation inside the \s-1CBC\s0 mode is
-really an \f(CW\*(C`C=E(ks3,D(ks2,E(ks1,M)))\*(C'\fR. This mode is used by \s-1SSL\s0.
+an \f(CW\*(C`C=E(ks3,D(ks2,E(ks1,M)))\*(C'\fR. This mode is used by \s-1SSL.\s0
.PP
The \fIDES_ede2_cbc_encrypt()\fR macro implements two-key Triple-DES by
reusing \fIks1\fR for the final encryption. \f(CW\*(C`C=E(ks1,D(ks2,E(ks1,M)))\*(C'\fR.
@@ -324,7 +332,7 @@ method takes an array of characters as input and outputs and array of
characters. It does not require any padding to 8 character groups.
Note: the \fIivec\fR variable is changed and the new changed value needs to
be passed to the next call to this function. Since this function runs
-a complete \s-1DES\s0 \s-1ECB\s0 encryption per \fInumbits\fR, this function is only
+a complete \s-1DES ECB\s0 encryption per \fInumbits\fR, this function is only
suggested for use when sending small numbers of characters.
.PP
\&\fIDES_cfb64_encrypt()\fR
@@ -333,7 +341,7 @@ useful you ask? Because this routine will allow you to encrypt an
arbitrary number of bytes, no 8 byte padding. Each call to this
routine will encrypt the input bytes to output and then update ivec
and num. num contains 'how far' we are though ivec. If this does
-not make much sense, read more about cfb mode of \s-1DES\s0 :\-).
+not make much sense, read more about cfb mode of \s-1DES :\-\s0).
.PP
\&\fIDES_ede3_cfb64_encrypt()\fR and \fIDES_ede2_cfb64_encrypt()\fR is the same as
\&\fIDES_cfb64_encrypt()\fR except that Triple-DES is used.
@@ -343,7 +351,7 @@ takes an array of characters as input and outputs and array of
characters. It does not require any padding to 8 character groups.
Note: the \fIivec\fR variable is changed and the new changed value needs to
be passed to the next call to this function. Since this function runs
-a complete \s-1DES\s0 \s-1ECB\s0 encryption per numbits, this function is only
+a complete \s-1DES ECB\s0 encryption per numbits, this function is only
suggested for use when sending small numbers of characters.
.PP
\&\fIDES_ofb64_encrypt()\fR is the same as \fIDES_cfb64_encrypt()\fR using Output
@@ -397,7 +405,7 @@ the key schedule and \fIiv\fR for the initial vector.
\&\fBWarning:\fR The data format used by \fIDES_enc_write()\fR and \fIDES_enc_read()\fR
has a cryptographic weakness: When asked to write more than \s-1MAXWRITE\s0
bytes, \fIDES_enc_write()\fR will split the data into several chunks that
-are all encrypted using the same \s-1IV\s0. So don't use these functions
+are all encrypted using the same \s-1IV. \s0 So don't use these functions
unless you are sure you know what you do (in which case you might not
want to use them anyway). They cannot handle non-blocking sockets.
\&\fIDES_enc_read()\fR uses an internal state and thus cannot be used on
@@ -435,7 +443,7 @@ get ugly!
The same applies for \fIDES_string_to_2key()\fR.
.SH "CONFORMING TO"
.IX Header "CONFORMING TO"
-\&\s-1ANSI\s0 X3.106
+\&\s-1ANSI X3.106\s0
.PP
The \fBdes\fR library was written to be source code compatible with
the \s-1MIT\s0 Kerberos library.