convert DES and DH manuals from pod to mdoc

1 files changed, 697 insertions, 0 deletions

diff --git a/src/lib/libcrypto/man/DES_set_key.3 b/src/lib/libcrypto/man/DES_set_key.3
new file mode 100644
index 0000000000..9c33bf29e6
--- /dev/null
+++ b/src/lib/libcrypto/man/DES_set_key.3
@@ -0,0 +1,697 @@
+.Dd $Mdocdate: November 2 2016 $
+.Dt DES_SET_KEY 3
+.Os
+.Sh NAME
+.Nm DES_random_key ,
+.Nm DES_set_key ,
+.Nm DES_key_sched ,
+.Nm DES_set_key_checked ,
+.Nm DES_set_key_unchecked ,
+.Nm DES_set_odd_parity ,
+.Nm DES_is_weak_key ,
+.Nm DES_ecb_encrypt ,
+.Nm DES_ecb2_encrypt ,
+.Nm DES_ecb3_encrypt ,
+.Nm DES_ncbc_encrypt ,
+.Nm DES_cfb_encrypt ,
+.Nm DES_ofb_encrypt ,
+.Nm DES_pcbc_encrypt ,
+.Nm DES_cfb64_encrypt ,
+.Nm DES_ofb64_encrypt ,
+.Nm DES_xcbc_encrypt ,
+.Nm DES_ede2_cbc_encrypt ,
+.Nm DES_ede2_cfb64_encrypt ,
+.Nm DES_ede2_ofb64_encrypt ,
+.Nm DES_ede3_cbc_encrypt ,
+.Nm DES_ede3_cbcm_encrypt ,
+.Nm DES_ede3_cfb64_encrypt ,
+.Nm DES_ede3_ofb64_encrypt ,
+.Nm DES_cbc_cksum ,
+.Nm DES_quad_cksum ,
+.Nm DES_string_to_key ,
+.Nm DES_string_to_2keys ,
+.Nm DES_fcrypt ,
+.Nm DES_crypt ,
+.Nm DES_enc_read ,
+.Nm DES_enc_write
+.Nd DES encryption
+.Sh SYNOPSIS
+.In openssl/des.h
+.Ft void
+.Fo DES_random_key
+.Fa "DES_cblock *ret"
+.Fc
+.Ft int
+.Fo DES_set_key
+.Fa "const_DES_cblock *key"
+.Fa "DES_key_schedule *schedule"
+.Fc
+.Ft int
+.Fo DES_key_sched
+.Fa "const_DES_cblock *key"
+.Fa "DES_key_schedule *schedule"
+.Fc
+.Ft int
+.Fo DES_set_key_checked
+.Fa "const_DES_cblock *key"
+.Fa "DES_key_schedule *schedule"
+.Fc
+.Ft void
+.Fo DES_set_key_unchecked
+.Fa "const_DES_cblock *key"
+.Fa "DES_key_schedule *schedule"
+.Fc
+.Ft void
+.Fo DES_set_odd_parity
+.Fa "DES_cblock *key"
+.Fc
+.Ft int
+.Fo DES_is_weak_key
+.Fa "const_DES_cblock *key"
+.Fc
+.Ft void
+.Fo DES_ecb_encrypt
+.Fa "const_DES_cblock *input"
+.Fa "DES_cblock *output"
+.Fa "DES_key_schedule *ks"
+.Fa "int enc"
+.Fc
+.Ft void
+.Fo DES_ecb2_encrypt
+.Fa "const_DES_cblock *input"
+.Fa "DES_cblock *output"
+.Fa "DES_key_schedule *ks1"
+.Fa "DES_key_schedule *ks2"
+.Fa "int enc"
+.Fc
+.Ft void
+.Fo DES_ecb3_encrypt
+.Fa "const_DES_cblock *input"
+.Fa "DES_cblock *output"
+.Fa "DES_key_schedule *ks1"
+.Fa "DES_key_schedule *ks2"
+.Fa "DES_key_schedule *ks3"
+.Fa "int enc"
+.Fc
+.Ft void
+.Fo DES_ncbc_encrypt
+.Fa "const unsigned char *input"
+.Fa "unsigned char *output"
+.Fa "long length"
+.Fa "DES_key_schedule *schedule"
+.Fa "DES_cblock *ivec"
+.Fa "int enc"
+.Fc
+.Ft void
+.Fo DES_cfb_encrypt
+.Fa "const unsigned char *in"
+.Fa "unsigned char *out"
+.Fa "int numbits"
+.Fa "long length"
+.Fa "DES_key_schedule *schedule"
+.Fa "DES_cblock *ivec"
+.Fa "int enc"
+.Fc
+.Ft void
+.Fo DES_ofb_encrypt
+.Fa "const unsigned char *in"
+.Fa "unsigned char *out"
+.Fa "int numbits"
+.Fa "long length"
+.Fa "DES_key_schedule *schedule"
+.Fa "DES_cblock *ivec"
+.Fc
+.Ft void
+.Fo DES_pcbc_encrypt
+.Fa "const unsigned char *input"
+.Fa "unsigned char *output"
+.Fa "long length"
+.Fa "DES_key_schedule *schedule"
+.Fa "DES_cblock *ivec"
+.Fa "int enc"
+.Fc
+.Ft void
+.Fo DES_cfb64_encrypt
+.Fa "const unsigned char *in"
+.Fa "unsigned char *out"
+.Fa "long length"
+.Fa "DES_key_schedule *schedule"
+.Fa "DES_cblock *ivec"
+.Fa "int *num"
+.Fa "int enc"
+.Fc
+.Ft void
+.Fo DES_ofb64_encrypt
+.Fa "const unsigned char *in"
+.Fa "unsigned char *out"
+.Fa "long length"
+.Fa "DES_key_schedule *schedule"
+.Fa "DES_cblock *ivec"
+.Fa "int *num"
+.Fc
+.Ft void
+.Fo DES_xcbc_encrypt
+.Fa "const unsigned char *input"
+.Fa "unsigned char *output"
+.Fa "long length"
+.Fa "DES_key_schedule *schedule"
+.Fa "DES_cblock *ivec"
+.Fa "const_DES_cblock *inw"
+.Fa "const_DES_cblock *outw"
+.Fa "int enc"
+.Fc
+.Ft void
+.Fo DES_ede2_cbc_encrypt
+.Fa "const unsigned char *input"
+.Fa "unsigned char *output"
+.Fa "long length"
+.Fa "DES_key_schedule *ks1"
+.Fa "DES_key_schedule *ks2"
+.Fa "DES_cblock *ivec"
+.Fa "int enc"
+.Fc
+.Ft void
+.Fo DES_ede2_cfb64_encrypt
+.Fa "const unsigned char *in"
+.Fa "unsigned char *out"
+.Fa "long length"
+.Fa "DES_key_schedule *ks1"
+.Fa "DES_key_schedule *ks2"
+.Fa "DES_cblock *ivec"
+.Fa "int *num"
+.Fa "int enc"
+.Fc
+.Ft void
+.Fo DES_ede2_ofb64_encrypt
+.Fa "const unsigned char *in"
+.Fa "unsigned char *out"
+.Fa "long length"
+.Fa "DES_key_schedule *ks1"
+.Fa "DES_key_schedule *ks2"
+.Fa "DES_cblock *ivec"
+.Fa "int *num"
+.Fc
+.Ft void
+.Fo DES_ede3_cbc_encrypt
+.Fa "const unsigned char *input"
+.Fa "unsigned char *output"
+.Fa "long length"
+.Fa "DES_key_schedule *ks1"
+.Fa "DES_key_schedule *ks2"
+.Fa "DES_key_schedule *ks3"
+.Fa "DES_cblock *ivec"
+.Fa "int enc"
+.Fc
+.Ft void
+.Fo DES_ede3_cbcm_encrypt
+.Fa "const unsigned char *in"
+.Fa "unsigned char *out"
+.Fa "long length"
+.Fa "DES_key_schedule *ks1"
+.Fa "DES_key_schedule *ks2"
+.Fa "DES_key_schedule *ks3"
+.Fa "DES_cblock *ivec1"
+.Fa "DES_cblock *ivec2"
+.Fa "int enc"
+.Fc
+.Ft void
+.Fo DES_ede3_cfb64_encrypt
+.Fa "const unsigned char *in"
+.Fa "unsigned char *out"
+.Fa "long length"
+.Fa "DES_key_schedule *ks1"
+.Fa "DES_key_schedule *ks2"
+.Fa "DES_key_schedule *ks3"
+.Fa "DES_cblock *ivec"
+.Fa "int *num"
+.Fa "int enc"
+.Fc
+.Ft void
+.Fo DES_ede3_ofb64_encrypt
+.Fa "const unsigned char *in"
+.Fa "unsigned char *out"
+.Fa "long length"
+.Fa "DES_key_schedule *ks1"
+.Fa "DES_key_schedule *ks2"
+.Fa "DES_key_schedule *ks3"
+.Fa "DES_cblock *ivec"
+.Fa "int *num"
+.Fc
+.Ft DES_LONG
+.Fo DES_cbc_cksum
+.Fa "const unsigned char *input"
+.Fa "DES_cblock *output"
+.Fa "long length"
+.Fa "DES_key_schedule *schedule"
+.Fa "const_DES_cblock *ivec"
+.Fc
+.Ft DES_LONG
+.Fo DES_quad_cksum
+.Fa "const unsigned char *input"
+.Fa "DES_cblock output[]"
+.Fa "long length"
+.Fa "int out_count"
+.Fa "DES_cblock *seed"
+.Fc
+.Ft void
+.Fo DES_string_to_key
+.Fa "const char *str"
+.Fa "DES_cblock *key"
+.Fc
+.Ft void
+.Fo DES_string_to_2keys
+.Fa "const char *str"
+.Fa "DES_cblock *key1"
+.Fa "DES_cblock *key2"
+.Fc
+.Ft char *
+.Fo DES_fcrypt
+.Fa "const char *buf"
+.Fa "const char *salt"
+.Fa "char *ret"
+.Fc
+.Ft char *
+.Fo DES_crypt
+.Fa "const char *buf"
+.Fa "const char *salt"
+.Fc
+.Ft int
+.Fo DES_enc_read
+.Fa "int fd"
+.Fa "void *buf"
+.Fa "int len"
+.Fa "DES_key_schedule *sched"
+.Fa "DES_cblock *iv"
+.Fc
+.Ft int
+.Fo DES_enc_write
+.Fa "int fd"
+.Fa "const void *buf"
+.Fa "int len"
+.Fa "DES_key_schedule *sched"
+.Fa "DES_cblock *iv"
+.Fc
+.Sh DESCRIPTION
+This library contains a fast implementation of the DES encryption
+algorithm.
+.Pp
+There are two phases to the use of DES encryption.
+The first is the generation of a
+.Vt DES_key_schedule
+from a key, the second is the actual encryption.
+A DES key is of type
+.Vt DES_cblock .
+This type is consists of 8 bytes with odd parity.
+The least significant bit in each byte is the parity bit.
+The key schedule is an expanded form of the key; it is used to speed the
+encryption process.
+.Pp
+.Fn DES_random_key
+generates a random key in odd parity.
+.Pp
+Before a DES key can be used, it must be converted into the architecture
+dependent
+.Vt DES_key_schedule
+via the
+.Fn DES_set_key_checked
+or
+.Fn DES_set_key_unchecked
+function.
+.Pp
+.Fn DES_set_key_checked
+will check that the key passed is of odd parity and is not a week or
+semi-weak key.
+If the parity is wrong, then -1 is returned.
+If the key is a weak key, then -2 is returned.
+If an error is returned, the key schedule is not generated.
+.Pp
+.Fn DES_set_key
+works like
+.Fn DES_set_key_checked
+if the
+.Em DES_check_key
+flag is non-zero, otherwise like
+.Fn DES_set_key_unchecked .
+These functions are available for compatibility; it is recommended to
+use a function that does not depend on a global variable.
+.Pp
+.Fn DES_set_odd_parity
+sets the parity of the passed
+.Fa key
+to odd.
+.Pp
+.Fn DES_is_weak_key
+returns 1 is the passed key is a weak key, 0 if it is ok.
+.Pp
+The following routines mostly operate on an input and output stream of
+.Vt DES_cblock Ns s.
+.Pp
+.Fn DES_ecb_encrypt
+is the basic DES encryption routine that encrypts or decrypts a single
+8-byte
+.Vt DES_cblock
+in electronic code book (ECB) mode.
+It always transforms the input data, pointed to by
+.Fa input ,
+into the output data, pointed to by the
+.Fa output
+argument.
+If the
+.Fa enc
+argument is non-zero
+.Pq Dv DES_ENCRYPT ,
+the
+.Fa input
+(cleartext) is encrypted in to the
+.Fa output
+(ciphertext) using the key_schedule specified by the
+.Fa schedule
+argument, previously set via
+.Fn DES_set_key .
+If
+.Fa enc
+is zero
+.Pq Dv DES_DECRYPT ,
+the
+.Fa input
+(now ciphertext) is decrypted into the
+.Fa output
+(now cleartext).
+Input and output may overlap.
+.Fn DES_ecb_encrypt
+does not return a value.
+.Pp
+.Fn DES_ecb3_encrypt
+encrypts/decrypts the
+.Fa input
+block by using three-key Triple-DES encryption in ECB mode.
+This involves encrypting the input with
+.Fa ks1 ,
+decrypting with the key schedule
+.Fa ks2 ,
+and then encrypting with
+.Fa ks3 .
+This routine greatly reduces the chances of brute force breaking of DES
+and has the advantage of if
+.Fa ks1 ,
+.Fa ks2 ,
+and
+.Fa ks3
+are the same, it is equivalent to just encryption using ECB mode and
+.Fa ks1
+as the key.
+.Pp
+The macro
+.Fn DES_ecb2_encrypt
+is provided to perform two-key Triple-DES encryption by using
+.Fa ks1
+for the final encryption.
+.Pp
+.Fn DES_ncbc_encrypt
+encrypts/decrypts using the cipher-block-chaining (CBC) mode of DES.
+If the
+.Fa enc
+argument is non-zero, the routine cipher-block-chain encrypts the
+cleartext data pointed to by the
+.Fa input
+argument into the ciphertext pointed to by the
+.Fa output
+argument, using the key schedule provided by the
+.Fa schedule
+argument, and initialization vector provided by the
+.Fa ivec
+argument.
+If the
+.Fa length
+argument is not an integral multiple of eight bytes, the last block is
+copied to a temporary area and zero filled.
+The output is always an integral multiple of eight bytes.
+.Pp
+.Fn DES_xcbc_encrypt
+is RSA's DESX mode of DES.
+It uses
+.Fa inw
+and
+.Fa outw
+to 'whiten' the encryption.
+.Fa inw
+and
+.Fa outw
+are secret (unlike the iv) and are as such, part of the key.
+So the key is sort of 24 bytes.
+This is much better than CBC DES.
+.Pp
+.Fn DES_ede3_cbc_encrypt
+implements outer triple CBC DES encryption with three keys.
+This means that each DES operation inside the CBC mode is really an
+.Qq Li C=E(ks3,D(ks2,E(ks1,M))) .
+This mode is used by SSL.
+.Pp
+The
+.Fn DES_ede2_cbc_encrypt
+macro implements two-key Triple-DES by reusing
+.Fa ks1
+for the final encryption.
+.Qq Li C=E(ks1,D(ks2,E(ks1,M))) .
+This form of Triple-DES is used by the RSAREF library.
+.Pp
+.Fn DES_pcbc_encrypt
+encrypt/decrypts using the propagating cipher block chaining mode used
+by Kerberos v4.
+Its parameters are the same as
+.Fn DES_ncbc_encrypt .
+.Pp
+.Fn DES_cfb_encrypt
+encrypt/decrypts using cipher feedback mode.
+This method takes an array of characters as input and outputs and array
+of characters.
+It does not require any padding to 8 character groups.
+Note: the
+.Fa ivec
+variable is changed and the new changed value needs to be passed to the
+next call to this function.
+Since this function runs a complete DES ECB encryption per
+.Fa numbits ,
+this function is only suggested for use when sending small numbers of
+characters.
+.Pp
+.Fn DES_cfb64_encrypt
+implements CFB mode of DES with 64bit feedback.
+Why is this useful you ask?
+Because this routine will allow you to encrypt an arbitrary number of
+bytes, no 8 byte padding.
+Each call to this routine will encrypt the input bytes to output and
+then update ivec and num.
+num contains 'how far' we are though ivec.
+If this does not make much sense, read more about cfb mode of DES :-).
+.Pp
+.Fn DES_ede3_cfb64_encrypt
+and
+.Fn DES_ede2_cfb64_encrypt
+is the same as
+.Fn DES_cfb64_encrypt
+except that Triple-DES is used.
+.Pp
+.Fn DES_ofb_encrypt
+encrypts using output feedback mode.
+This method takes an array of characters as input and outputs and array
+of characters.
+It does not require any padding to 8 character groups.
+Note: the
+.Fa ivec
+variable is changed and the new changed value needs to be passed to the
+next call to this function.
+Since this function runs a complete DES ECB encryption per numbits, this
+function is only suggested for use when sending small numbers of
+characters.
+.Pp
+.Fn DES_ofb64_encrypt
+is the same as
+.Fn DES_cfb64_encrypt
+using Output Feed Back mode.
+.Pp
+.Fn DES_ede3_ofb64_encrypt
+and
+.Fn DES_ede2_ofb64_encrypt
+is the same as
+.Fn DES_ofb64_encrypt ,
+using Triple-DES.
+.Pp
+The following functions are included in the DES library for
+compatibility with the MIT Kerberos library.
+.Pp
+.Fn DES_cbc_cksum
+produces an 8 byte checksum based on the input stream (via CBC
+encryption).
+The last 4 bytes of the checksum are returned and the complete 8 bytes
+are placed in
+.Fa output .
+This function is used by Kerberos v4.
+Other applications should use
+.Xr EVP_DigestInit 3
+etc. instead.
+.Pp
+.Fn DES_quad_cksum
+is a Kerberos v4 function.
+It returns a 4 byte checksum from the input bytes.
+The algorithm can be iterated over the input, depending on
+.Fa out_count ,
+1, 2, 3 or 4 times.
+If
+.Fa output
+is
+.Pf non- Dv NULL ,
+the 8 bytes generated by each pass are written into
+.Fa output .
+.Pp
+The following are DES-based transformations:
+.Pp
+.Fn DES_fcrypt
+is a fast version of the Unix
+.Xr crypt 3
+function.
+This version takes only a small amount of space relative to other
+fast crypt implementations.
+This is different to the normal crypt in that the third parameter is the
+buffer that the return value is written into.
+It needs to be at least 14 bytes long.
+This function is thread safe, unlike the normal crypt.
+.Pp
+.Fn DES_crypt
+is a faster replacement for the normal system
+.Xr crypt 3 .
+This function calls
+.Fn DES_fcrypt
+with a static array passed as the third parameter.
+This emulates the normal non-thread safe semantics of
+.Xr crypt 3 .
+.Pp
+.Fn DES_enc_write
+writes
+.Fa len
+bytes to file descriptor
+.Fa fd
+from buffer
+.Fa buf .
+The data is encrypted via
+.Em pcbc_encrypt
+(default) using
+.Fa sched
+for the key and
+.Fa iv
+as a starting vector.
+The actual data send down
+.Fa fd
+consists of 4 bytes (in network byte order) containing the length of the
+following encrypted data.
+The encrypted data then follows, padded with random data out to a
+multiple of 8 bytes.
+.Pp
+.Fn DES_enc_read
+is used to read
+.Fa len
+bytes from file descriptor
+.Fa fd
+into buffer
+.Fa buf .
+The data being read from
+.Fa fd
+is assumed to have come from
+.Fn DES_enc_write
+and is decrypted using
+.Fa sched
+for the key schedule and
+.Fa iv
+for the initial vector.
+.Pp
+.Sy Warning:
+The data format used by
+.Fn DES_enc_write
+and
+.Fn DES_enc_read
+has a cryptographic weakness: When asked to write more than
+.Dv MAXWRITE
+bytes,
+.Fn DES_enc_write
+will split the data into several chunks that are all encrypted using the
+same IV.
+So don't use these functions unless you are sure you know what
+you do (in which case you might not want to use them anyway).
+They cannot handle non-blocking sockets.
+.Fn DES_enc_read
+uses an internal state and thus cannot be used on multiple files.
+.Pp
+.Em DES_rw_mode
+is used to specify the encryption mode to use with
+.Fn DES_enc_read .
+If set to
+.Dv DES_PCBC_MODE
+(the default), DES_pcbc_encrypt is used.
+If set to
+.Dv DES_CBC_MODE
+DES_cbc_encrypt is used.
+.Sh SEE ALSO
+.Xr crypt 3 ,
+.Xr rand 3
+.Pp
+The
+.Xr evp 3
+library provides higher-level encryption functions.
+.Sh STANDARDS
+ANSI X3.106
+.Pp
+The DES library was initially written to be source code compatible
+with the MIT Kerberos library.
+.Sh HISTORY
+In OpenSSL 0.9.7, all des_ functions were renamed to DES_ to avoid
+clashes with older versions of libdes.
+.Pp
+.Fn DES_set_key_checked
+and
+.Fn DES_set_key_unchecked
+were added in OpenSSL 0.9.5.
+.Pp
+.Fn des_generate_random_block ,
+.Fn des_init_random_number_generator ,
+.Fn des_new_random_key ,
+.Fn des_set_random_generator_seed ,
+.Xr des_set_sequence_number ,
+and
+.Fn des_rand_data 3
+are used in newer versions of Kerberos but are not implemented here.
+.Pp
+.Fn DES_random_key
+generated cryptographically weak random data in SSLeay and in OpenSSL
+prior version 0.9.5, as well as in the original MIT library.
+.Sh AUTHORS
+.An Eric Young Aq Mt eay@cryptsoft.com
+.Sh CAVEATS
+Single-key DES is insecure due to its short key size.
+ECB mode is not suitable for most applications.
+.Sh BUGS
+.Xr DES_cbc_encrypt 3
+does not modify
+.Fa ivec ;
+use
+.Fn DES_ncbc_encrypt
+instead.
+.Pp
+.Fn DES_cfb_encrypt
+and
+.Fn DES_ofb_encrypt
+operates on input of 8 bits.
+What this means is that if you set numbits to 12, and length to 2, the
+first 12 bits will come from the 1st input byte and the low half of the
+second input byte.
+The second 12 bits will have the low 8 bits taken from the 3rd input
+byte and the top 4 bits taken from the 4th input byte.
+The same holds for output.
+This function has been implemented this way because most people will be
+using a multiple of 8 and because once you get into pulling bytes input
+bytes apart things get ugly!
+.Pp
+.Fn DES_string_to_key
+is available for backward compatibility with the MIT library.
+New applications should use a cryptographic hash function.
+The same applies for
+.Fn DES_string_to_2key .