4 sha1, sha2_224, sha2_256, sha2_384, sha2_512,
7 hmac_sha1, hmac_sha2_224, hmac_sha2_256, hmac_sha2_384, hmac_sha2_512,
8 md5pickle, md5unpickle,
9 sha1pickle, sha1unpickle \- cryptographically secure hashes
11 .nr Wd \w'\fLDS* \fP'u
12 .nr In \w'\fLDS* \fP'u
13 .ta \n(Wdu \w'\fLSHA1state* \fP'u +\n(Wdu +\n(Wdu +\n(Wdu +\n(Wdu
29 #define DS DigestState /* only to abbreviate SYNOPSIS */
33 DS* md4(uchar *data, ulong dlen, uchar *digest, DS *state)
35 DS* md5(uchar *data, ulong dlen, uchar *digest, DS *state)
38 char* md5pickle(MD5state *state)
41 MD5state* md5unpickle(char *p);
43 DS* sha1(uchar *data, ulong dlen, uchar *digest, DS *state)
46 char* sha1pickle(SHA1state *state)
49 SHA1state* sha1unpickle(char *p);
51 DS* sha2_224(uchar *data, ulong dlen, uchar *digest, DS *state)
53 DS* sha2_256(uchar *data, ulong dlen, uchar *digest, DS *state)
55 DS* sha2_384(uchar *data, ulong dlen, uchar *digest, DS *state)
57 DS* sha2_512(uchar *data, ulong dlen, uchar *digest, DS *state)
59 DS* ripemd160(uchar *data, ulong dlen, uchar *digest, DS *state)
61 DS* hmac_x(uchar *p, ulong len, uchar *key, ulong klen, uchar *digest, DS *s, DS*(*x)(uchar*, ulong, uchar*, DS*), int xlen)
63 DS* hmac_md5(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DS *state)
65 DS* hmac_sha1(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DS *state)
67 DS* hmac_sha2_224(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DS *state)
69 DS* hmac_sha2_256(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DS *state)
71 DS* hmac_sha2_384(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DS *state)
73 DS* hmac_sha2_512(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DS *state)
76 We support several secure hash functions. The output of a
79 A hash is secure if, given the hashed data and the digest,
80 it is difficult to predict the change to the digest resulting
81 from some change to the data without rehashing
82 the whole data. Therefore, if a secret is part of the hashed
83 data, the digest can be used as an integrity check of the data by anyone
84 possessing the secret.
102 differ only in the length of the resulting digest
103 and in the security of the hash.
107 are the SHA-2 functions; the number after the final underscore
108 is the number of bits in the resulting digest.
109 Usage for each is the same.
110 The first call to the routine should have
114 parameter. This call returns a state which can be used to chain
116 The last call should have digest
119 must point to a buffer of at least the size of the digest produced.
120 This last call will free the state and copy the result into
133 define the lengths of the digests.
142 are used slightly differently. These hash algorithms are keyed and require
143 a key to be specified on every call.
144 The digest lengths for these hashes are the obvious ones from
145 the above list of length constants.
146 These routines all call
150 is not intended for general use.
156 marshal the state of a digest for transmission.
160 unmarshal a pickled digest.
161 All four routines return a pointer to a newly
165 To hash a single buffer using
169 uchar digest[MD5dlen];
171 md5(data, len, digest, nil);
174 To chain a number of buffers together,
175 bounded on each end by some secret:
179 uchar digest[MD5dlen];
182 s = md5("my password", 11, nil, nil);
183 while((n = read(fd, buf, 256)) > 0)
185 md5("drowssap ym", 11, digest, s);