desinit(mode) int mode;
setkey(key) char *key;
endes(block) char *block;
dedes(block) char *block;
0 - Standard, vanilla DES.
1 - DES with the initial and final permutations removed. As these permutations do not strengthen the algorithm, they are widely regarded as having no purpose other than to slow down software implementations. Removing them speeds it up but of course the algorithm is no longer standard and it will not be compatible with hardware DES chips.
2 - DES with the initial and final permutations removed, and with independent 48-bit subkeys for each of the 16 rounds. Needless to say this is even less standard than mode 1, but if properly used (randomize ALL key bytes -- no padding!) it should strengthen the algorithm.
After calling desinit the user next calls setkey. In modes 0 and 1, 8 key bytes are expected, with the low order bit of each key byte ignored (parity is not checked). This gives a 56-bit key. In mode 2, 128 key bytes are expected; the high order 2 bits of each byte are ignored, giving a 768 bit key. In this mode, the first 8 bytes will be used in the first round, the second 8 bytes in the second round, and so on.
Once the key is set, the user may perform in-place encryption and decryption of 8-byte blocks of data with calls to endes and dedes.
To free up memory dynamically allocated by desinit the user may call desdone. If further encryption or decryption is to be done, desinit and setkey must be called again.