Plan 9 from Bell Labs 2010-03-26

lib/face/48x48x4/.dict

@@ -9,6 +9,7 @@ alcatel-lucent.com/ram r/ram.1
 alcatel-lucent.com/ronald.malic r/ram.1
 alcatel-lucent.com/sjf s/sjf.1
 alcatel-lucent.com/smullender s/sape.1
+alcatel-lucent.com/steven.fortune s/sjf.1
 alcatel-lucent.com/trickey h/howard.1
 amazon.com.uk/unkown u/book.1
 amazon.com/unkown u/book.1

sys/include/libsec.h

@@ -138,6 +138,10 @@ void	des3ECBdecrypt(uchar*, int, DES3state*);
 enum
 {
 	SHA1dlen=	20,	/* SHA digest length */
+	SHA2_224dlen=	28,	/* SHA-224 digest length */
+	SHA2_256dlen=	32,	/* SHA-256 digest length */
+	SHA2_384dlen=	48,	/* SHA-384 digest length */
+	SHA2_512dlen=	64,	/* SHA-512 digest length */
 	MD4dlen=	16,	/* MD4 digest length */
 	MD5dlen=	16,	/* MD5 digest length */
 	AESdlen=	16,	/* TODO: see rfc */
@@ -149,14 +153,21 @@ typedef struct DigestState DigestState;
 struct DigestState
 {
 	uvlong	len;
-	u32int	state[5];
-	uchar	buf[128];
+	union {
+		u32int	state[8];
+		u64int	bstate[8];
+	};
+	uchar	buf[256];
 	int	blen;
 	char	malloced;
 	char	seeded;
 };
 typedef struct DigestState SHAstate;	/* obsolete name */
 typedef struct DigestState SHA1state;
+typedef struct DigestState SHA2_224state;
+typedef struct DigestState SHA2_256state;
+typedef struct DigestState SHA2_384state;
+typedef struct DigestState SHA2_512state;
 typedef struct DigestState MD5state;
 typedef struct DigestState MD4state;
 typedef struct DigestState AEShstate;
@@ -164,6 +175,10 @@ typedef struct DigestState AEShstate;
 DigestState*	md4(uchar*, ulong, uchar*, DigestState*);
 DigestState*	md5(uchar*, ulong, uchar*, DigestState*);
 DigestState*	sha1(uchar*, ulong, uchar*, DigestState*);
+DigestState*	sha2_224(uchar*, ulong, uchar*, DigestState*);
+DigestState*	sha2_256(uchar*, ulong, uchar*, DigestState*);
+DigestState*	sha2_384(uchar*, ulong, uchar*, DigestState*);
+DigestState*	sha2_512(uchar*, ulong, uchar*, DigestState*);
 DigestState*	aes(uchar*, ulong, uchar*, DigestState*);
 DigestState*	hmac_x(uchar *p, ulong len, uchar *key, ulong klen,
 			uchar *digest, DigestState *s,
@@ -171,6 +186,10 @@ DigestState*	hmac_x(uchar *p, ulong len, uchar *key, ulong klen,
 			int xlen);
 DigestState*	hmac_md5(uchar*, ulong, uchar*, ulong, uchar*, DigestState*);
 DigestState*	hmac_sha1(uchar*, ulong, uchar*, ulong, uchar*, DigestState*);
+DigestState*	hmac_sha2_224(uchar*, ulong, uchar*, ulong, uchar*, DigestState*);
+DigestState*	hmac_sha2_256(uchar*, ulong, uchar*, ulong, uchar*, DigestState*);
+DigestState*	hmac_sha2_384(uchar*, ulong, uchar*, ulong, uchar*, DigestState*);
+DigestState*	hmac_sha2_512(uchar*, ulong, uchar*, ulong, uchar*, DigestState*);
 DigestState*	hmac_aes(uchar*, ulong, uchar*, ulong, uchar*, DigestState*);
 char*		md5pickle(MD5state*);
 MD5state*	md5unpickle(char*);

sys/include/realtime.h

@@ -1,30 +0,0 @@
-typedef vlong				Time;
-typedef uvlong				Ticks;
-typedef struct Schedevent	Schedevent;
-
-enum {
-	Onemicrosecond =	1000ULL,
-	Onemillisecond =	1000000ULL,
-	Onesecond =		1000000000ULL,
-};
-
-typedef enum SEvent {
-	SAdmit,		/* new proc arrives*/
-	SRelease,		/* released, but not yet scheduled (on qreleased) */
-	SRun,		/* one of this task's procs started running */
-	SPreempt,		/* the running proc was preempted */
-	SBlock,		/* none of the procs are runnable as a result of sleeping */
-	SResume,		/* one or more procs became runnable */
-	SDeadline,	/* proc's deadline */
-	SYield,		/* proc reached voluntary early deadline */
-	SSlice,		/* slice exhausted */
-	SExpel,		/* proc is gone */
-	SResacq,		/* acquire resource */
-	SResrel,		/* release resource */
-} SEvent;
-
-struct Schedevent {
-	ushort	tid;		/* Task ID */
-	SEvent	etype;	/* Event type */
-	Time		ts;		/* Event time */
-};

sys/man/2/sechash

@@ -1,63 +1,79 @@
 .TH SECHASH 2
 .SH NAME
-md4, md5, sha1, aes, hmac_x, hmac_md5, hmac_sha1, hmac_aes, md5pickle, md5unpickle, sha1pickle, sha1unpickle \- cryptographically secure hashes
+md4, md5,
+sha1, sha2_224, sha2_256, sha2_384, sha2_512,
+aes, hmac_x, hmac_md5,
+hmac_sha1, hmac_sha2_224, hmac_sha2_256, hmac_sha2_384, hmac_sha2_512,
+hmac_aes, md5pickle, md5unpickle,
+sha1pickle, sha1unpickle \- cryptographically secure hashes
 .SH SYNOPSIS
+.nr Wd \w'\fLDS* \fP'u
+.nr In \w'\fLDS*   \fP'u
+.ta \n(Wdu \w'\fLSHA1state* \fP'u +\n(Wdu +\n(Wdu +\n(Wdu +\n(Wdu
+.
 .de Ti
-.in +0.5i
-.ti -0.5i
-..
-.B #include <u.h>
-.br
-.B #include <libc.h>
-.br
-.B #include <mp.h>
-.br
-.B #include <libsec.h>
 .PP
-.Ti
+.in +\\n(Inu
+.ti -\\n(Inu
 .B
-DigestState*	md4(uchar *data, ulong dlen, uchar *digest, DigestState *state)
-.PP
+.nh
+..
+.
+.ft L
+.nf
+#include <u.h>
+#include <libc.h>
+#include <mp.h>
+#include <libsec.h>
+#define DS DigestState	/* only to abbreviate SYNOPSIS */
+.fi
+.
 .Ti
-.B
-DigestState*	md5(uchar *data, ulong dlen, uchar *digest, DigestState *state)
+DS*	md4(uchar *data, ulong dlen, uchar *digest, DS *state)
+.Ti
+DS*	md5(uchar *data, ulong dlen, uchar *digest, DS *state)
 .PP
 .B
-char*		md5pickle(MD5state *state)
+char*	md5pickle(MD5state *state)
 .PP
 .B
 MD5state*	md5unpickle(char *p);
-.PP
 .Ti
-.B
-DigestState*	sha1(uchar *data, ulong dlen, uchar *digest, DigestState *state)
+DS*	sha1(uchar *data, ulong dlen, uchar *digest, DS *state)
 .PP
 .B
-char*		sha1pickle(SHA1state *state)
+char*	sha1pickle(SHA1state *state)
 .PP
 .B
 SHA1state*	sha1unpickle(char *p);
-.PP
 .Ti
-.B
-DigestState*	aes(uchar *data, ulong dlen, uchar *digest, DigestState *state)
-.PP
+DS*	sha2_224(uchar *data, ulong dlen, uchar *digest, DS *state)
 .Ti
-.B
-DigestState*	hmac_x(uchar *p, ulong len, uchar *key, ulong klen, uchar *digest, DigestState *s, DigestState*(*x)(uchar*, ulong, uchar*, DigestState*), int xlen)
-.PP
+DS*	sha2_256(uchar *data, ulong dlen, uchar *digest, DS *state)
 .Ti
-.B
-DigestState*	hmac_md5(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DigestState *state)
-.PP
+DS*	sha2_384(uchar *data, ulong dlen, uchar *digest, DS *state)
 .Ti
-.B
-DigestState*	hmac_sha1(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DigestState *state)
-.PP
+DS*	sha2_512(uchar *data, ulong dlen, uchar *digest, DS *state)
 .Ti
-.B
-DigestState*	hmac_aes(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DigestState *state)
+DS*	aes(uchar *data, ulong dlen, uchar *digest, DS *state)
+.Ti
+DS*	hmac_x(uchar *p, ulong len, uchar *key, ulong klen, uchar *digest, DS *s, DS*(*x)(uchar*, ulong, uchar*, DS*), int xlen)
+.Ti
+DS*	hmac_md5(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DS *state)
+.Ti
+DS*	hmac_sha1(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DS *state)
+.Ti
+DS*	hmac_sha2_224(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DS *state)
+.Ti
+DS*	hmac_sha2_256(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DS *state)
+.Ti
+DS*	hmac_sha2_384(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DS *state)
+.Ti
+DS*	hmac_sha2_512(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DS *state)
+.Ti
+DS*	hmac_aes(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DS *state)
 .SH DESCRIPTION
+.DT
 We support several secure hash functions.  The output of a
 hash is called a
 .IR digest .
@@ -72,13 +88,27 @@ The routines
 .IR md4 ,
 .IR md5 ,
 .IR sha1 ,
+.IR sha2_224 ,
+.IR sha2_256 ,
+.IR sha2_384 ,
+.IR sha2_512 ,
 .IR aes ,
 .IR hmac_md5 ,
 .IR hmac_sha1 ,
+.IR hmac_sha2_224 ,
+.IR hmac_sha2_256 ,
+.IR hmac_sha2_384 ,
+.IR hmac_sha2_512 ,
 and
 .I hmac_aes
 differ only in the length of the resulting digest
-and in the security of the hash.  Usage for each is the same.
+and in the security of the hash.
+.I Sha2_*
+and
+.I hmac_sha2_*
+are the SHA-2 functions; the number after the final underscore
+is the number of bits in the resulting digest.
+Usage for each is the same.
 The first call to the routine should have
 .B nil
 as the
@@ -96,22 +126,26 @@ The constants
 .IR MD4dlen ,
 .IR MD5dlen ,
 .IR SHA1dlen ,
+.IR SHA2_224dlen ,
+.IR SHA2_256dlen ,
+.IR SHA2_384dlen,
+.IR SHA2_512dlen ,
 and
 .I AESdlen
 define the lengths of the digests.
 .PP
 .IR Hmac_md5 ,
-.IR hmac_sha1 .
+.IR hmac_sha1 ,
+.IR hmac_sha2_224 ,
+.IR hmac_sha2_256 ,
+.IR hmac_sha2_384 ,
+.IR hmac_sha2_512 ,
 and
 .I hmac_aes
 are used slightly differently.  These hash algorithms are keyed and require
 a key to be specified on every call.
-The digest lengths for these hashes are
-.IR MD5dlen ,
-.IR SHA1dlen ,
-and
-.I AESdlen
-respectively.
+The digest lengths for these hashes are the obvious ones from
+the above list of length constants.
 These routines all call
 .I hmac_x
 internally, but
@@ -162,5 +196,8 @@ md5("drowssap ym", 11, digest, s);
 .IR elgamal (2),
 .IR rc4 (2),
 .IR rsa (2)
-.br
+.PD 0
+.TF /lib/rfc/rfc2104
+.TP
 .B /lib/rfc/rfc2104
+HMAC specification

sys/src/cmd/ndb/dns.c

@@ -171,9 +171,12 @@ main(int argc, char *argv[])
 	case 'z':
 		zonerefreshprogram = EARGF(usage());
 		break;
+	default:
+		usage();
+		break;
 	}ARGEND
-	USED(argc);
-	USED(argv);
+	if(argc != 0)
+		usage();
 
 	if(testing)
 		mainmem->flags |= POOL_NOREUSE | POOL_ANTAGONISM;

sys/src/libsec/port/mkfile

@@ -5,12 +5,16 @@ LIB=/$objtype/lib/libsec.a
 CFILES = des.c desmodes.c desECB.c desCBC.c des3ECB.c des3CBC.c\
 	aes.c blowfish.c \
 	hmac.c md5.c md5block.c md4.c sha1.c sha1block.c\
+	sha2_64.c sha2_128.c sha2block64.c sha2block128.c\
 	sha1pickle.c md5pickle.c\
 	rc4.c\
 	genrandom.c prng.c fastrand.c nfastrand.c\
-	probably_prime.c smallprimetest.c genprime.c dsaprimes.c gensafeprime.c genstrongprime.c\
-	rsagen.c rsafill.c rsaencrypt.c rsadecrypt.c rsaalloc.c rsaprivtopub.c x509.c decodepem.c \
-	eggen.c egencrypt.c egdecrypt.c egalloc.c egprivtopub.c egsign.c egverify.c \
+	probably_prime.c smallprimetest.c genprime.c dsaprimes.c\
+	gensafeprime.c genstrongprime.c\
+	rsagen.c rsafill.c rsaencrypt.c rsadecrypt.c rsaalloc.c \
+	rsaprivtopub.c x509.c decodepem.c \
+	eggen.c egencrypt.c egdecrypt.c egalloc.c egprivtopub.c \
+	egsign.c egverify.c \
 	dsagen.c dsaalloc.c dsaprivtopub.c dsasign.c dsaverify.c \
 	tlshand.c thumb.c readcert.c \