4 sha1, sha2_224, sha2_256, sha2_384, sha2_512,
5 hmac_x, hmac_md5, hmac_sha1, hmac_sha2_224, hmac_sha2_256, hmac_sha2_384, hmac_sha2_512,
6 poly1305 \- cryptographically secure hashes
10 .ta \n(Wdu \w'\fLSHA1state* \fP'u +\n(Wdu +\n(Wdu +\n(Wdu +\n(Wdu
26 #define DS DigestState /* only to abbreviate SYNOPSIS */
30 DS* md4(uchar *data, ulong dlen, uchar *digest, DS *state)
32 DS* md5(uchar *data, ulong dlen, uchar *digest, DS *state)
34 DS* ripemd160(uchar *data, ulong dlen, uchar *digest, DS *state)
36 DS* sha1(uchar *data, ulong dlen, uchar *digest, DS *state)
38 DS* sha2_224(uchar *data, ulong dlen, uchar *digest, DS *state)
40 DS* sha2_256(uchar *data, ulong dlen, uchar *digest, DS *state)
42 DS* sha2_384(uchar *data, ulong dlen, uchar *digest, DS *state)
44 DS* sha2_512(uchar *data, ulong dlen, uchar *digest, DS *state)
46 DS* hmac_x(uchar *p, ulong len, uchar *key, ulong klen, uchar *digest, DS *s, DS*(*x)(uchar*, ulong, uchar*, DS*), int xlen)
48 DS* hmac_md5(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DS *state)
50 DS* hmac_sha1(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DS *state)
52 DS* hmac_sha2_224(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DS *state)
54 DS* hmac_sha2_256(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DS *state)
56 DS* hmac_sha2_384(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DS *state)
58 DS* hmac_sha2_512(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DS *state)
60 DS* poly1305(uchar *p, ulong len, uchar *key, ulong klen, uchar *digest, DS *state)
63 The output of a hash is called a
65 A hash is secure if, given the hashed data and the digest,
66 it is difficult to predict the change to the digest resulting
67 from some change to the data without rehashing
68 the whole data. Therefore, if a secret is part of the hashed
69 data, the digest can be used as an integrity check of the data
70 by anyone possessing the secret.
81 differ only in the length of the resulting digest
82 and in the security of the hash.
86 are the SHA-2 functions; the number after the final underscore
87 is the number of bits in the resulting digest.
88 Usage for each is the same.
89 The first call to the routine should have
93 parameter. This call returns a state which can be used to chain
95 The last call should have digest
98 must point to a buffer of at least the size of the digest produced.
99 This last call will free the state and copy the result into
113 define the lengths of the digests.
123 are used slightly differently. These hash algorithms are keyed and require
124 a key to be specified on every call.
125 The digest lengths for these hashes are the obvious ones from
126 the above list of length constants.
133 is not intended for general use.
136 is a one-time authenticator designed by D. J. Bernstein is documented in
138 It takes a 32-byte one-time key and a message and produces a 16-byte tag.
140 To hash a single buffer using
144 uchar digest[MD5dlen];
146 md5(data, len, digest, nil);
149 To chain a number of buffers together,
150 bounded on each end by some secret:
154 uchar digest[MD5dlen];
157 s = md5("my password", 11, nil, nil);
158 while((n = read(fd, buf, 256)) > 0)
160 md5("drowssap ym", 11, digest, s);