Browse Source

Plan 9 from Bell Labs 2007-08-29

David du Colombier 16 years ago
parent
commit
d21f824a81

+ 13 - 13
dist/replica/_plan9.db

@@ -552,7 +552,7 @@
 386/lib/libauthsrv.a - 664 sys sys 1181621143 35878
 386/lib/libbin.a - 664 sys sys 1168402363 2534
 386/lib/libbio.a - 664 sys sys 1168402363 25980
-386/lib/libc.a - 664 sys sys 1181332906 502352
+386/lib/libc.a - 664 sys sys 1188328125 502352
 386/lib/libcomplete.a - 664 sys sys 1168402364 6372
 386/lib/libcontrol.a - 664 sys sys 1184529909 274388
 386/lib/libdisk.a - 664 sys sys 1168402365 42368
@@ -561,22 +561,22 @@
 386/lib/libframe.a - 664 sys sys 1184529910 66398
 386/lib/libgeometry.a - 664 sys sys 1168402366 50470
 386/lib/libhtml.a - 664 sys sys 1186370975 229202
-386/lib/libhttpd.a - 664 sys sys 1181332906 99734
+386/lib/libhttpd.a - 664 sys sys 1188328127 99734
 386/lib/libip.a - 664 sys sys 1187061208 34710
 386/lib/libl.a - 664 sys sys 1168402367 5372
 386/lib/libmach.a - 664 sys sys 1184380786 807390
 386/lib/libmemdraw.a - 664 sys sys 1168402369 284092
 386/lib/libmemlayer.a - 664 sys sys 1168402369 47360
-386/lib/libmp.a - 664 sys sys 1181332906 79978
+386/lib/libmp.a - 664 sys sys 1188328130 79978
 386/lib/libndb.a - 664 sys sys 1187061208 64470
 386/lib/libplumb.a - 664 sys sys 1168402370 19408
 386/lib/libregexp.a - 664 sys sys 1181507273 37290
 386/lib/libscribble.a - 664 sys sys 1175972562 107238
-386/lib/libsec.a - 664 sys sys 1187380500 646784
+386/lib/libsec.a - 664 sys sys 1188328145 647066
 386/lib/libstdio.a - 664 sys sys 1176432133 126062
 386/lib/libsunrpc.a - 664 sys sys 1187061209 353148
 386/lib/libthread.a - 664 sys sys 1184731247 71918
-386/lib/libventi.a - 664 sys sys 1181332909 97858
+386/lib/libventi.a - 664 sys sys 1188328148 97858
 386/mbr - 775 sys sys 1131317338 407
 386/mkfile - 664 sys sys 948141303 46
 386/pbs - 775 sys sys 1143465402 495
@@ -6085,7 +6085,7 @@ sys/include/httpd.h - 664 sys sys 1177187803 5794
 sys/include/ip.h - 664 sys sys 1187047442 4383
 sys/include/keyboard.h - 664 sys sys 1131637696 865
 sys/include/libc.h - 664 sys sys 1168306860 19851
-sys/include/libsec.h - 664 sys sys 1181273373 8263
+sys/include/libsec.h - 664 sys sys 1188328413 8684
 sys/include/mach.h - 664 sys sys 1178892102 8758
 sys/include/memdraw.h - 664 sys sys 1091904419 5645
 sys/include/memlayer.h - 664 sys sys 1051031022 1851
@@ -7497,7 +7497,7 @@ sys/man/2/abort - 664 sys sys 944959693 331
 sys/man/2/abs - 664 sys sys 944959693 461
 sys/man/2/access - 664 sys sys 1046657167 1102
 sys/man/2/addpt - 664 sys sys 958249501 2964
-sys/man/2/aes - 664 sys sys 1188253121 1057
+sys/man/2/aes - 664 sys sys 1188280234 1149
 sys/man/2/allocimage - 664 sys sys 1046787977 7304
 sys/man/2/arg - 664 sys sys 1139744263 2184
 sys/man/2/arith3 - 664 sys sys 1162102967 4393
@@ -7520,7 +7520,7 @@ sys/man/2/cputime - 664 sys sys 1015091518 713
 sys/man/2/ctime - 664 sys sys 954378853 2547
 sys/man/2/ctype - 664 sys sys 1079535676 2611
 sys/man/2/debugger - 664 sys sys 944959696 8629
-sys/man/2/des - 664 sys sys 1188253121 3609
+sys/man/2/des - 664 sys sys 1188278025 3901
 sys/man/2/dial - 664 sys sys 1175725019 6594
 sys/man/2/dirread - 664 sys sys 1015091519 1901
 sys/man/2/disk - 664 sys sys 1015091519 3188
@@ -7611,7 +7611,7 @@ sys/man/2/rune - 664 sys sys 1143079849 3086
 sys/man/2/runestrcat - 664 sys sys 969499889 1086
 sys/man/2/scribble - 664 sys sys 985638584 3847
 sys/man/2/scsi - 664 sys sys 1170885103 3203
-sys/man/2/sechash - 664 sys sys 1046042040 3016
+sys/man/2/sechash - 664 sys sys 1188328413 3537
 sys/man/2/seek - 664 sys sys 944959696 671
 sys/man/2/segattach - 664 sys sys 1135487945 4166
 sys/man/2/segbrk - 664 sys sys 1165622575 1211
@@ -15638,7 +15638,7 @@ sys/src/libsec/mips/mkfile - 664 sys sys 1032061452 227
 sys/src/libsec/mips/sha1block.s - 664 sys sys 985124884 4143
 sys/src/libsec/mkfile - 664 sys sys 1134426497 554
 sys/src/libsec/port - 20000000775 sys sys 1123099027 0
-sys/src/libsec/port/aes.c - 664 sys sys 1187327457 63962
+sys/src/libsec/port/aes.c - 664 sys sys 1188328427 64086
 sys/src/libsec/port/blowfish.c - 664 sys sys 1016466467 19676
 sys/src/libsec/port/decodepem.c - 664 sys sys 1084318869 1831
 sys/src/libsec/port/des.c - 664 sys sys 1015013579 17496
@@ -15666,11 +15666,11 @@ sys/src/libsec/port/genprime.c - 664 sys sys 984710521 535
 sys/src/libsec/port/genrandom.c - 664 sys sys 984710521 1171
 sys/src/libsec/port/gensafeprime.c - 664 sys sys 1027629124 741
 sys/src/libsec/port/genstrongprime.c - 664 sys sys 984710522 1039
-sys/src/libsec/port/hmac.c - 664 sys sys 1140694284 1183
+sys/src/libsec/port/hmac.c - 664 sys sys 1188328428 885
 sys/src/libsec/port/hmactest.c - 664 sys sys 984710522 344
 sys/src/libsec/port/md4.c - 664 sys sys 1015013579 4260
 sys/src/libsec/port/md4test.c - 664 sys sys 984710522 537
-sys/src/libsec/port/md5.c - 664 sys sys 1084318868 3254
+sys/src/libsec/port/md5.c - 664 sys sys 1188328428 3418
 sys/src/libsec/port/md5block.c - 664 sys sys 985124885 5015
 sys/src/libsec/port/md5pickle.c - 664 sys sys 1104105067 716
 sys/src/libsec/port/mkfile - 664 sys sys 1044931345 879
@@ -15688,7 +15688,7 @@ sys/src/libsec/port/rsafill.c - 664 sys sys 1045502171 1104
 sys/src/libsec/port/rsagen.c - 664 sys sys 1084318869 1462
 sys/src/libsec/port/rsaprivtopub.c - 664 sys sys 984710525 237
 sys/src/libsec/port/rsatest.c - 664 sys sys 984710525 1095
-sys/src/libsec/port/sha1.c - 664 sys sys 985124885 2279
+sys/src/libsec/port/sha1.c - 664 sys sys 1188328426 2446
 sys/src/libsec/port/sha1block.c - 664 sys sys 1015013580 4673
 sys/src/libsec/port/sha1pickle.c - 664 sys sys 988225292 717
 sys/src/libsec/port/smallprimes.c - 664 sys sys 984710525 6851

+ 13 - 13
dist/replica/plan9.db

@@ -552,7 +552,7 @@
 386/lib/libauthsrv.a - 664 sys sys 1181621143 35878
 386/lib/libbin.a - 664 sys sys 1168402363 2534
 386/lib/libbio.a - 664 sys sys 1168402363 25980
-386/lib/libc.a - 664 sys sys 1181332906 502352
+386/lib/libc.a - 664 sys sys 1188328125 502352
 386/lib/libcomplete.a - 664 sys sys 1168402364 6372
 386/lib/libcontrol.a - 664 sys sys 1184529909 274388
 386/lib/libdisk.a - 664 sys sys 1168402365 42368
@@ -561,22 +561,22 @@
 386/lib/libframe.a - 664 sys sys 1184529910 66398
 386/lib/libgeometry.a - 664 sys sys 1168402366 50470
 386/lib/libhtml.a - 664 sys sys 1186370975 229202
-386/lib/libhttpd.a - 664 sys sys 1181332906 99734
+386/lib/libhttpd.a - 664 sys sys 1188328127 99734
 386/lib/libip.a - 664 sys sys 1187061208 34710
 386/lib/libl.a - 664 sys sys 1168402367 5372
 386/lib/libmach.a - 664 sys sys 1184380786 807390
 386/lib/libmemdraw.a - 664 sys sys 1168402369 284092
 386/lib/libmemlayer.a - 664 sys sys 1168402369 47360
-386/lib/libmp.a - 664 sys sys 1181332906 79978
+386/lib/libmp.a - 664 sys sys 1188328130 79978
 386/lib/libndb.a - 664 sys sys 1187061208 64470
 386/lib/libplumb.a - 664 sys sys 1168402370 19408
 386/lib/libregexp.a - 664 sys sys 1181507273 37290
 386/lib/libscribble.a - 664 sys sys 1175972562 107238
-386/lib/libsec.a - 664 sys sys 1187380500 646784
+386/lib/libsec.a - 664 sys sys 1188328145 647066
 386/lib/libstdio.a - 664 sys sys 1176432133 126062
 386/lib/libsunrpc.a - 664 sys sys 1187061209 353148
 386/lib/libthread.a - 664 sys sys 1184731247 71918
-386/lib/libventi.a - 664 sys sys 1181332909 97858
+386/lib/libventi.a - 664 sys sys 1188328148 97858
 386/mbr - 775 sys sys 1131317338 407
 386/mkfile - 664 sys sys 948141303 46
 386/pbs - 775 sys sys 1143465402 495
@@ -6085,7 +6085,7 @@ sys/include/httpd.h - 664 sys sys 1177187803 5794
 sys/include/ip.h - 664 sys sys 1187047442 4383
 sys/include/keyboard.h - 664 sys sys 1131637696 865
 sys/include/libc.h - 664 sys sys 1168306860 19851
-sys/include/libsec.h - 664 sys sys 1181273373 8263
+sys/include/libsec.h - 664 sys sys 1188328413 8684
 sys/include/mach.h - 664 sys sys 1178892102 8758
 sys/include/memdraw.h - 664 sys sys 1091904419 5645
 sys/include/memlayer.h - 664 sys sys 1051031022 1851
@@ -7497,7 +7497,7 @@ sys/man/2/abort - 664 sys sys 944959693 331
 sys/man/2/abs - 664 sys sys 944959693 461
 sys/man/2/access - 664 sys sys 1046657167 1102
 sys/man/2/addpt - 664 sys sys 958249501 2964
-sys/man/2/aes - 664 sys sys 1188253121 1057
+sys/man/2/aes - 664 sys sys 1188280234 1149
 sys/man/2/allocimage - 664 sys sys 1046787977 7304
 sys/man/2/arg - 664 sys sys 1139744263 2184
 sys/man/2/arith3 - 664 sys sys 1162102967 4393
@@ -7520,7 +7520,7 @@ sys/man/2/cputime - 664 sys sys 1015091518 713
 sys/man/2/ctime - 664 sys sys 954378853 2547
 sys/man/2/ctype - 664 sys sys 1079535676 2611
 sys/man/2/debugger - 664 sys sys 944959696 8629
-sys/man/2/des - 664 sys sys 1188253121 3609
+sys/man/2/des - 664 sys sys 1188278025 3901
 sys/man/2/dial - 664 sys sys 1175725019 6594
 sys/man/2/dirread - 664 sys sys 1015091519 1901
 sys/man/2/disk - 664 sys sys 1015091519 3188
@@ -7611,7 +7611,7 @@ sys/man/2/rune - 664 sys sys 1143079849 3086
 sys/man/2/runestrcat - 664 sys sys 969499889 1086
 sys/man/2/scribble - 664 sys sys 985638584 3847
 sys/man/2/scsi - 664 sys sys 1170885103 3203
-sys/man/2/sechash - 664 sys sys 1046042040 3016
+sys/man/2/sechash - 664 sys sys 1188328413 3537
 sys/man/2/seek - 664 sys sys 944959696 671
 sys/man/2/segattach - 664 sys sys 1135487945 4166
 sys/man/2/segbrk - 664 sys sys 1165622575 1211
@@ -15638,7 +15638,7 @@ sys/src/libsec/mips/mkfile - 664 sys sys 1032061452 227
 sys/src/libsec/mips/sha1block.s - 664 sys sys 985124884 4143
 sys/src/libsec/mkfile - 664 sys sys 1134426497 554
 sys/src/libsec/port - 20000000775 sys sys 1123099027 0
-sys/src/libsec/port/aes.c - 664 sys sys 1187327457 63962
+sys/src/libsec/port/aes.c - 664 sys sys 1188328427 64086
 sys/src/libsec/port/blowfish.c - 664 sys sys 1016466467 19676
 sys/src/libsec/port/decodepem.c - 664 sys sys 1084318869 1831
 sys/src/libsec/port/des.c - 664 sys sys 1015013579 17496
@@ -15666,11 +15666,11 @@ sys/src/libsec/port/genprime.c - 664 sys sys 984710521 535
 sys/src/libsec/port/genrandom.c - 664 sys sys 984710521 1171
 sys/src/libsec/port/gensafeprime.c - 664 sys sys 1027629124 741
 sys/src/libsec/port/genstrongprime.c - 664 sys sys 984710522 1039
-sys/src/libsec/port/hmac.c - 664 sys sys 1140694284 1183
+sys/src/libsec/port/hmac.c - 664 sys sys 1188328428 885
 sys/src/libsec/port/hmactest.c - 664 sys sys 984710522 344
 sys/src/libsec/port/md4.c - 664 sys sys 1015013579 4260
 sys/src/libsec/port/md4test.c - 664 sys sys 984710522 537
-sys/src/libsec/port/md5.c - 664 sys sys 1084318868 3254
+sys/src/libsec/port/md5.c - 664 sys sys 1188328428 3418
 sys/src/libsec/port/md5block.c - 664 sys sys 985124885 5015
 sys/src/libsec/port/md5pickle.c - 664 sys sys 1104105067 716
 sys/src/libsec/port/mkfile - 664 sys sys 1044931345 879
@@ -15688,7 +15688,7 @@ sys/src/libsec/port/rsafill.c - 664 sys sys 1045502171 1104
 sys/src/libsec/port/rsagen.c - 664 sys sys 1084318869 1462
 sys/src/libsec/port/rsaprivtopub.c - 664 sys sys 984710525 237
 sys/src/libsec/port/rsatest.c - 664 sys sys 984710525 1095
-sys/src/libsec/port/sha1.c - 664 sys sys 985124885 2279
+sys/src/libsec/port/sha1.c - 664 sys sys 1188328426 2446
 sys/src/libsec/port/sha1block.c - 664 sys sys 1015013580 4673
 sys/src/libsec/port/sha1pickle.c - 664 sys sys 988225292 717
 sys/src/libsec/port/smallprimes.c - 664 sys sys 984710525 6851

+ 19 - 0
dist/replica/plan9.log

@@ -50043,3 +50043,22 @@
 1188252005 0 c sys/src/libsec/port/des3ECB.c - 664 sys sys 988225292 917
 1188253803 0 c sys/man/2/aes - 664 sys sys 1188253121 1057
 1188253803 1 c sys/man/2/des - 664 sys sys 1188253121 3609
+1188275404 0 c sys/man/2/aes - 664 sys sys 1188275399 1060
+1188275404 1 c sys/man/2/des - 664 sys sys 1188275391 3620
+1188279004 0 c sys/man/2/aes - 664 sys sys 1188278092 1060
+1188279004 1 c sys/man/2/des - 664 sys sys 1188278025 3901
+1188280804 0 c sys/man/2/aes - 664 sys sys 1188280234 1149
+1188280804 1 c sys/man/2/sechash - 664 sys sys 1188280835 2992
+1188282604 0 c sys/include/libsec.h - 664 sys sys 1188281853 8513
+1188282604 1 c sys/src/libsec/port/hmac.c - 664 sys sys 1188281866 1387
+1188329404 0 c 386/lib/libc.a - 664 sys sys 1188328125 502352
+1188329404 1 c 386/lib/libhttpd.a - 664 sys sys 1188328127 99734
+1188329404 2 c 386/lib/libmp.a - 664 sys sys 1188328130 79978
+1188329404 3 c 386/lib/libsec.a - 664 sys sys 1188328145 647066
+1188329404 4 c 386/lib/libventi.a - 664 sys sys 1188328148 97858
+1188329404 5 c sys/include/libsec.h - 664 sys sys 1188328413 8684
+1188329404 6 c sys/man/2/sechash - 664 sys sys 1188328413 3537
+1188329404 7 c sys/src/libsec/port/aes.c - 664 sys sys 1188328427 64086
+1188329404 8 c sys/src/libsec/port/hmac.c - 664 sys sys 1188328428 885
+1188329404 9 c sys/src/libsec/port/md5.c - 664 sys sys 1188328428 3418
+1188329404 10 c sys/src/libsec/port/sha1.c - 664 sys sys 1188328426 2446

+ 11 - 1
sys/include/libsec.h

@@ -127,7 +127,10 @@ enum
 {
 	SHA1dlen=	20,	/* SHA digest length */
 	MD4dlen=	16,	/* MD4 digest length */
-	MD5dlen=	16	/* MD5 digest length */
+	MD5dlen=	16,	/* MD5 digest length */
+	AESdlen=	16,	/* TODO: see rfc */
+
+	Hmacblksz	= 64,	/* in bytes; from rfc2104 */
 };
 
 typedef struct DigestState DigestState;
@@ -144,12 +147,19 @@ typedef struct DigestState SHAstate;	/* obsolete name */
 typedef struct DigestState SHA1state;
 typedef struct DigestState MD5state;
 typedef struct DigestState MD4state;
+typedef struct DigestState AEShstate;
 
 DigestState*	md4(uchar*, ulong, uchar*, DigestState*);
 DigestState*	md5(uchar*, ulong, uchar*, DigestState*);
 DigestState*	sha1(uchar*, ulong, uchar*, DigestState*);
+DigestState*	aes(uchar*, ulong, uchar*, DigestState*);
+DigestState*	hmac_x(uchar *p, ulong len, uchar *key, ulong klen,
+			uchar *digest, DigestState *s,
+			DigestState*(*x)(uchar*, ulong, uchar*, DigestState*),
+			int xlen);
 DigestState*	hmac_md5(uchar*, ulong, uchar*, ulong, uchar*, DigestState*);
 DigestState*	hmac_sha1(uchar*, ulong, uchar*, ulong, uchar*, DigestState*);
+DigestState*	hmac_aes(uchar*, ulong, uchar*, ulong, uchar*, DigestState*);
 char*		md5pickle(MD5state*);
 MD5state*	md5unpickle(char*);
 char*		sha1pickle(SHA1state*);

+ 6 - 2
sys/man/2/aes

@@ -23,18 +23,20 @@ void	aesCBCdecrypt(uchar *p, int len, AESstate *s)
 .SH DESCRIPTION
 DES is being replaced by Rijndael, also known as AES, as the preferred
 block cipher.
-.IR setupAESstate ,
+.IR SetupAESstate ,
 .IR aesCBCencrypt ,
 and
 .I aesCBCdecrypt
 implement cipher block chaining encryption.
+All ciphering is performed in place.
 .I Keybytes
 should be 16, 24, or 32.
 The initialization vector
 .I ivec
 of
 .I AESbsize
-bytes should random enough to be unlikely to be reused but does not need to be
+bytes should be random enough to be unlikely to be reused
+but does not need to be
 cryptographically strongly unpredictable.
 .SH SOURCE
 .B /sys/src/libsec
@@ -52,3 +54,5 @@ in
 .IR sechash (2),
 .IR prime (2),
 .IR rand (2)
+.br
+.B http://csrc.nist.gov/encryption/aes/rijndael

+ 19 - 12
sys/man/2/des

@@ -1,6 +1,6 @@
 .TH DES 2
 .SH NAME
-setupDESstate, des_key_setup, block_cipher, desCBCencrypt, desCBCdecrypt, desECBencrypt, desECBdecrypt, des3CBCencrypt, des3CBCdecrypt, des3ECBencrypt, des3ECBdecrypt, key_setup, des56to64, des64to56, setupDES3state, triple_block_cipher,  - single and triple digital encryption standard
+setupDESstate, des_key_setup, block_cipher, desCBCencrypt, desCBCdecrypt, desECBencrypt, desECBdecrypt, des3CBCencrypt, des3CBCdecrypt, des3ECBencrypt, des3ECBdecrypt, key_setup, des56to64, des64to56, setupDES3state, triple_block_cipher  - single and triple digital encryption standard
 .SH SYNOPSIS
 .B #include <u.h>
 .br
@@ -60,10 +60,9 @@ void	des56to64(uchar *k56, uchar *k64)
 .B
 void	des64to56(uchar *k64, uchar *k56)
 .SH DESCRIPTION
-.PP
 The Digital Encryption Standard (DES)
-is a shared key or symmetric encryption using either
-a 56 bit key for single DES or three 56 bit keys for triple des.
+is a shared-key or symmetric encryption algorithm using either
+a 56-bit key for single DES or three 56-bit keys for triple DES.
 The keys are encoded into 64 bits where every eight bit
 is parity. 
 .PP
@@ -89,7 +88,7 @@ state.
 .I SetupDESstate
 sets up the
 .B DESstate
-structure using the key and an 8 byte initialization vector.
+structure using the key and an 8-byte initialization vector.
 .PP
 Electronic code book, using
 .I desECBencrypt
@@ -112,21 +111,19 @@ multiple buffers.  However, all buffers except the last must
 be a multiple of 8 bytes to ensure successful decryption of
 the stream.
 .PP
-There are equivalent triple DES functions for each of the
+There are equivalent triple-DES (DES3-EDE) functions for each of the
 DES functions.
 .PP
-In the past Plan 9 used a 56 bit or 7 byte
+In the past, Plan 9 used a 56-bit or 7-byte
 format for DES keys.  To be compatible with the rest
 of the world, we've abandoned this format.
-There are two functions:
+There are two functions,
 .I des56to64
 and
-.I des64to56
+.IR des64to56 ,
 to convert back and forth between the two formats.
-Also a key schedule can be set up from the 7 byte format
-using
+Also a key schedule can be set up from the 7-byte format using
 .IR key_setup .
-.PP
 .SH SOURCE
 .B /sys/src/libsec
 .SH SEE ALSO
@@ -140,3 +137,13 @@ using
 .IR sechash (2),
 .IR prime (2),
 .IR rand (2)
+.br
+.IR "Breaking DES" ,
+Electronic Frontier Foundation,
+O'Reilly, 1998
+.SH BUGS
+Single DES can be realistically broken by brute-force;
+its 56-bit key is just too short.
+It should not be used in new code, which should probably use
+.IR aes (2)
+instead, or at least triple DES.

+ 64 - 51
sys/man/2/sechash

@@ -1,7 +1,11 @@
 .TH SECHASH 2
 .SH NAME
-md4, md5, sha1, hmac_md5, hmac_sha1, md5pickle, md5unpickle, sha1pickle, sha1unpickle \- cryptographically secure hashes
+md4, md5, sha1, aes, hmac_md5, hmac_sha1, hmac_aes, md5pickle, md5unpickle, sha1pickle, sha1unpickle \- cryptographically secure hashes
 .SH SYNOPSIS
+.de Ti
+.in +0.5i
+.ti -0.5i
+..
 .B #include <u.h>
 .br
 .B #include <libc.h>
@@ -10,15 +14,13 @@ md4, md5, sha1, hmac_md5, hmac_sha1, md5pickle, md5unpickle, sha1pickle, sha1unp
 .br
 .B #include <libsec.h>
 .PP
+.Ti
 .B
-DigestState*	md4(uchar *data, ulong dlen, uchar *digest,
-.B
-			 DigestState *state)
+DigestState*	md4(uchar *data, ulong dlen, uchar *digest, DigestState *state)
 .PP
+.Ti
 .B
-DigestState*	md5(uchar *data, ulong dlen, uchar *digest,
-.B
-			 DigestState *state)
+DigestState*	md5(uchar *data, ulong dlen, uchar *digest, DigestState *state)
 .PP
 .B
 char*		md5pickle(MD5state *state)
@@ -26,10 +28,9 @@ char*		md5pickle(MD5state *state)
 .B
 MD5state*	md5unpickle(char *p);
 .PP
+.Ti
 .B
-DigestState*	sha1(uchar *data, ulong dlen, uchar *digest,
-.B
-			 DigestState *state)
+DigestState*	sha1(uchar *data, ulong dlen, uchar *digest, DigestState *state)
 .PP
 .B
 char*		sha1pickle(MD5state *state)
@@ -37,26 +38,27 @@ char*		sha1pickle(MD5state *state)
 .B
 MD5state*	sha1unpickle(char *p);
 .PP
+.Ti
 .B
-DigestState*	hmac_md5(uchar *data, ulong dlen,
-.br
-.B
-			 uchar *key, ulong klen,
-.br
+DigestState*	aes(uchar *data, ulong dlen, uchar *digest, DigestState *state)
+.PP
+.Ti
 .B
-			 uchar *digest, DigestState *state)
+DigestState*	hmac_x(uchar *p, ulong len, uchar *key, ulong klen, uchar *digest, DigestState *s, DigestState*(*x)(uchar*, ulong, uchar*, DigestState*), int xlen)
 .PP
+.Ti
 .B
-DigestState*	hmac_sha1(uchar *data, ulong dlen,
-.br
+DigestState*	hmac_md5(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DigestState *state)
+.PP
+.Ti
 .B
-			 uchar *key, ulong klen,
-.br
+DigestState*	hmac_sha1(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DigestState *state)
+.PP
+.Ti
 .B
-			 uchar *digest, DigestState *state)
+DigestState*	hmac_aes(uchar *data, ulong dlen, uchar *key, ulong klen, uchar *digest, DigestState *state)
 .SH DESCRIPTION
-.PP
-We support several secure hash functions.  The output of the
+We support several secure hash functions.  The output of a
 hash is called a
 .IR digest .
 A hash is secure if, given the hashed data and the digest,
@@ -70,9 +72,11 @@ The routines
 .IR md4 ,
 .IR md5 ,
 .IR sha1 ,
+.IR aes ,
 .IR hmac_md5 ,
+.IR hmac_sha1 ,
 and
-.I hmac_sha1
+.I hmac_aes
 differ only in the length of the resulting digest
 and in the security of the hash.  Usage for each is the same.
 The first call to the routine should have
@@ -81,33 +85,12 @@ as the
 .I state
 parameter.  This call returns a state which can be used to chain
 subsequent calls.
-The last call should have digest non-\fBnil\fR.
+The last call should have digest
+.RL non- nil .
 .I Digest
 must point to a buffer of at least the size of the digest produced.
 This last call will free the state and copy the result into
 .IR digest .
-For example, to hash a single buffer using
-.IR md5 :
-.EX
-
-	uchar digest[MD5dlen];
-
-	md5(data, len, digest, nil);
-.EE
-.PP
-To chain a number of buffers together,
-bounded on each end by some secret:
-.EX
-
-	char buf[256];
-	uchar digest[MD5dlen];
-	DigestState *s;
-
-	s = md5("my password", 11, nil, nil);
-	while((n = read(fd, buf, 256)) > 0)
-		md5(buf, n, nil, s);
-	md5("drowssap ym", 11, digest, s);
-.EE
 .PP
 The constants
 .IR MD4dlen ,
@@ -116,16 +99,23 @@ and
 .I SHA1dlen
 define the lengths of the digests.
 .PP
-.I Hmac_md5
+.IR Hmac_md5 ,
+.IR hmac_sha1 .
 and
-.I hmac_sha1
+.I hmac_aes
 are used slightly differently.  These hash algorithms are keyed and require
 a key to be specified on every call.
 The digest lengths for these hashes are
-.I MD5dlen
+.IR MD5dlen ,
+.IR SHA1dlen ,
 and
-.I SHA1dlen
+.I AESdlen
 respectively.
+These routines all call
+.I hmac_x
+internally, but
+.I hmac_x
+is not intended for general use.
 .PP
 The functions
 .I md5pickle
@@ -139,6 +129,29 @@ unmarshal a pickled digest.
 All four routines return a pointer to a newly
 .IR malloc (2)'d
 object.
+.SH EXAMPLES
+To hash a single buffer using
+.IR md5 :
+.IP
+.EX
+uchar digest[MD5dlen];
+
+md5(data, len, digest, nil);
+.EE
+.PP
+To chain a number of buffers together,
+bounded on each end by some secret:
+.IP
+.EX
+char buf[256];
+uchar digest[MD5dlen];
+DigestState *s;
+
+s = md5("my password", 11, nil, nil);
+while((n = read(fd, buf, 256)) > 0)
+	md5(buf, n, nil, s);
+md5("drowssap ym", 11, digest, s);
+.EE
 .SH SOURCE
 .B /sys/src/libsec
 .SH SEE ALSO

+ 18 - 8
sys/src/libsec/port/aes.c

@@ -123,6 +123,22 @@ aesCBCdecrypt(uchar *p, int len, AESstate *s)
 	}
 }
 
+AEShstate*
+aes(uchar *p, ulong len, uchar *digest, AEShstate *s)
+{
+	USED(p, len, digest, s);
+	return nil;		/* TODO: compute aes hash for ipsec */
+}
+
+DigestState*
+hmac_aes(uchar *p, ulong len, uchar *key, ulong klen, uchar *digest,
+	DigestState *s)
+{
+	return hmac_x(p, len, key, klen, digest, s, aes, AESdlen);
+}
+
+
+
 /*
  * this function has been changed for plan 9.
  * Expand the cipher key into the encryption and decryption key schedules.
@@ -178,6 +194,7 @@ rijndaelKeySetup(u32 erk[/* 4*(Nr + 1) */], u32 drk[/* 4*(Nr + 1) */],
 	return Nr;
 }
 
+
 /*
 Te0[x] = S [x].[02, 01, 01, 03];
 Te1[x] = S [x].[03, 02, 01, 01];
@@ -861,17 +878,10 @@ static const u32 rcon[] = {
 	/* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
 };
 
-#define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00)
-
-#ifdef _MSC_VER
-#define GETU32(p) SWAP(*((u32 *)(p)))
-#define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); }
-#else
 #define GETU32(pt) (((u32)(pt)[0]<<24) ^ ((u32)(pt)[1]<<16) ^ \
-			((u32)(pt)[2]<<8) ^ ((u32)(pt)[3]))
+		    ((u32)(pt)[2]<< 8) ^ ((u32)(pt)[3]))
 #define PUTU32(ct, st) { (ct)[0] = (u8)((st)>>24); (ct)[1] = (u8)((st)>>16); \
 			 (ct)[2] = (u8)((st)>> 8); (ct)[3] = (u8)(st); }
-#endif
 
 /*
  * Expand the cipher key into the encryption key schedule.

+ 11 - 26
sys/src/libsec/port/hmac.c

@@ -2,27 +2,25 @@
 #include <libsec.h>
 
 /* rfc2104 */
-static DigestState*
+DigestState*
 hmac_x(uchar *p, ulong len, uchar *key, ulong klen, uchar *digest, DigestState *s,
 	DigestState*(*x)(uchar*, ulong, uchar*, DigestState*), int xlen)
 {
 	int i;
-	uchar pad[65], innerdigest[256];
+	uchar pad[Hmacblksz+1], innerdigest[256];
 
 	if(xlen > sizeof(innerdigest))
 		return nil;
-
-	if(klen>64)
+	if(klen > Hmacblksz)
 		return nil;
 
 	/* first time through */
 	if(s == nil || s->seeded == 0){
-		for(i=0; i<64; i++)
-			pad[i] = 0x36;
-		pad[64] = 0;
-		for(i=0; i<klen; i++)
+		memset(pad, 0x36, Hmacblksz);
+		pad[Hmacblksz] = 0;
+		for(i = 0; i < klen; i++)
 			pad[i] ^= key[i];
-		s = (*x)(pad, 64, nil, s);
+		s = (*x)(pad, Hmacblksz, nil, s);
 		if(s == nil)
 			return nil;
 	}
@@ -32,25 +30,12 @@ hmac_x(uchar *p, ulong len, uchar *key, ulong klen, uchar *digest, DigestState *
 		return s;
 
 	/* last time through */
-	for(i=0; i<64; i++)
-		pad[i] = 0x5c;
-	pad[64] = 0;
-	for(i=0; i<klen; i++)
+	memset(pad, 0x5c, Hmacblksz);
+	pad[Hmacblksz] = 0;
+	for(i = 0; i < klen; i++)
 		pad[i] ^= key[i];
 	(*x)(nil, 0, innerdigest, s);
-	s = (*x)(pad, 64, nil, nil);
+	s = (*x)(pad, Hmacblksz, nil, nil);
 	(*x)(innerdigest, xlen, digest, s);
 	return nil;
 }
-
-DigestState*
-hmac_sha1(uchar *p, ulong len, uchar *key, ulong klen, uchar *digest, DigestState *s)
-{
-	return hmac_x(p, len, key, klen, digest, s, sha1, SHA1dlen);
-}
-
-DigestState*
-hmac_md5(uchar *p, ulong len, uchar *key, ulong klen, uchar *digest, DigestState *s)
-{
-	return hmac_x(p, len, key, klen, digest, s, md5, MD5dlen);
-}

+ 7 - 0
sys/src/libsec/port/md5.c

@@ -145,3 +145,10 @@ encode(uchar *output, u32int *input, ulong len)
 		*output++ = x >> 24;
 	}
 }
+
+DigestState*
+hmac_md5(uchar *p, ulong len, uchar *key, ulong klen, uchar *digest,
+	DigestState *s)
+{
+	return hmac_x(p, len, key, klen, digest, s, md5, MD5dlen);
+}

+ 7 - 0
sys/src/libsec/port/sha1.c

@@ -125,3 +125,10 @@ encode(uchar *output, u32int *input, ulong len)
 		*output++ = x;
 	}
 }
+
+DigestState*
+hmac_sha1(uchar *p, ulong len, uchar *key, ulong klen, uchar *digest,
+	DigestState *s)
+{
+	return hmac_x(p, len, key, klen, digest, s, sha1, SHA1dlen);
+}