4 sha1, sha2_224, sha2_256, sha2_384, sha2_512,
6 hmac_sha1, hmac_sha2_224, hmac_sha2_256, hmac_sha2_384, hmac_sha2_512,
7 hmac_aes, md5pickle, md5unpickle,
8 sha1pickle, sha1unpickle \- cryptographically secure hashes
10 .nr Wd \w'\fLDS* \fP'u
11 .nr In \w'\fLDS* \fP'u
12 .ta \n(Wdu \w'\fLSHA1state* \fP'u +\n(Wdu +\n(Wdu +\n(Wdu +\n(Wdu
28 #define DS DigestState /* only to abbreviate SYNOPSIS */
32 DS* md4(uchar *data, ulong dlen, uchar *digest, DS *state)
34 DS* md5(uchar *data, ulong dlen, uchar *digest, DS *state)
37 char* md5pickle(MD5state *state)
40 MD5state* md5unpickle(char *p);
42 DS* sha1(uchar *data, ulong dlen, uchar *digest, DS *state)
45 char* sha1pickle(SHA1state *state)
48 SHA1state* sha1unpickle(char *p);
50 DS* sha2_224(uchar *data, ulong dlen, uchar *digest, DS *state)
52 DS* sha2_256(uchar *data, ulong dlen, uchar *digest, DS *state)
54 DS* sha2_384(uchar *data, ulong dlen, uchar *digest, DS *state)
56 DS* sha2_512(uchar *data, ulong dlen, uchar *digest, DS *state)
58 DS* aes(uchar *data, ulong dlen, uchar *digest, DS *state)
60 DS* hmac_x(uchar *p, ulong len, uchar *key, ulong klen, uchar *digest, DS *s, DS*(*x)(uchar*, ulong, uchar*, DS*), int xlen)
62 DS* hmac_md5(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DS *state)
64 DS* hmac_sha1(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DS *state)
66 DS* hmac_sha2_224(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DS *state)
68 DS* hmac_sha2_256(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DS *state)
70 DS* hmac_sha2_384(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DS *state)
72 DS* hmac_sha2_512(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DS *state)
74 DS* hmac_aes(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DS *state)
77 We support several secure hash functions. The output of a
80 A hash is secure if, given the hashed data and the digest,
81 it is difficult to predict the change to the digest resulting
82 from some change to the data without rehashing
83 the whole data. Therefore, if a secret is part of the hashed
84 data, the digest can be used as an integrity check of the data by anyone
85 possessing the secret.
104 differ only in the length of the resulting digest
105 and in the security of the hash.
109 are the SHA-2 functions; the number after the final underscore
110 is the number of bits in the resulting digest.
111 Usage for each is the same.
112 The first call to the routine should have
116 parameter. This call returns a state which can be used to chain
118 The last call should have digest
121 must point to a buffer of at least the size of the digest produced.
122 This last call will free the state and copy the result into
135 define the lengths of the digests.
145 are used slightly differently. These hash algorithms are keyed and require
146 a key to be specified on every call.
147 The digest lengths for these hashes are the obvious ones from
148 the above list of length constants.
149 These routines all call
153 is not intended for general use.
159 marshal the state of a digest for transmission.
163 unmarshal a pickled digest.
164 All four routines return a pointer to a newly
168 To hash a single buffer using
172 uchar digest[MD5dlen];
174 md5(data, len, digest, nil);
177 To chain a number of buffers together,
178 bounded on each end by some secret:
182 uchar digest[MD5dlen];
185 s = md5("my password", 11, nil, nil);
186 while((n = read(fd, buf, 256)) > 0)
188 md5("drowssap ym", 11, digest, s);