123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150 |
- .TH SECHASH 2
- .SH NAME
- md4, md5, sha1, hmac_md5, hmac_sha1, md5pickle, md5unpickle, sha1pickle, sha1unpickle \- cryptographically secure hashes
- .SH SYNOPSIS
- .B #include <u.h>
- .br
- .B #include <libc.h>
- .br
- .B #include <mp.h>
- .br
- .B #include <libsec.h>
- .PP
- .B
- DigestState* md4(uchar *data, ulong dlen, uchar *digest,
- .B
- DigestState *state)
- .PP
- .B
- DigestState* md5(uchar *data, ulong dlen, uchar *digest,
- .B
- DigestState *state)
- .PP
- .B
- char* md5pickle(MD5state *state)
- .PP
- .B
- MD5state* md5unpickle(char *p);
- .PP
- .B
- DigestState* sha1(uchar *data, ulong dlen, uchar *digest,
- .B
- DigestState *state)
- .PP
- .B
- char* sha1pickle(MD5state *state)
- .PP
- .B
- MD5state* sha1unpickle(char *p);
- .PP
- .B
- DigestState* hmac_md5(uchar *data, ulong dlen,
- .br
- .B
- uchar *key, ulong klen,
- .br
- .B
- uchar *digest, DigestState *state)
- .PP
- .B
- DigestState* hmac_sha1(uchar *data, ulong dlen,
- .br
- .B
- uchar *key, ulong klen,
- .br
- .B
- uchar *digest, DigestState *state)
- .SH DESCRIPTION
- .PP
- We support several secure hash functions. The output of the
- hash is called a
- .IR digest .
- A hash is secure if, given the hashed data and the digest,
- it is difficult to predict the change to the digest resulting
- from some change to the data without rehashing
- the whole data. Therefore, if a secret is part of the hashed
- data, the digest can be used as an integrity check of the data by anyone
- possessing the secret.
- .PP
- The routines
- .IR md4 ,
- .IR md5 ,
- .IR sha1 ,
- .IR hmac_md5 ,
- and
- .I hmac_sha1
- differ only in the length of the resulting digest
- and in the security of the hash. Usage for each is the same.
- The first call to the routine should have
- .B nil
- as the
- .I state
- parameter. This call returns a state which can be used to chain
- subsequent calls.
- The last call should have digest non-\fBnil\fR.
- .I Digest
- must point to a buffer of at least the size of the digest produced.
- This last call will free the state and copy the result into
- .IR digest .
- For example, to hash a single buffer using
- .IR md5 :
- .EX
- uchar digest[MD5dlen];
- md5(data, len, digest, nil);
- .EE
- .PP
- To chain a number of buffers together,
- bounded on each end by some secret:
- .EX
- char buf[256];
- uchar digest[MD5dlen];
- DigestState *s;
- s = md5("my password", 11, nil, nil);
- while((n = read(fd, buf, 256)) > 0)
- md5(buf, n, nil, s);
- md5("drowssap ym", 11, digest, s);
- .EE
- .PP
- The constants
- .IR MD4dlen ,
- .IR MD5dlen ,
- and
- .I SHA1dlen
- define the lengths of the digests.
- .PP
- .I Hmac_md5
- and
- .I hmac_sha1
- are used slightly differently. These hash algorithms are keyed and require
- a key to be specified on every call.
- The digest lengths for these hashes are
- .I MD5dlen
- and
- .I SHA1dlen
- respectively.
- .PP
- The functions
- .I md5pickle
- and
- .I sha1pickle
- marshal the state of a digest for transmission.
- .I Md5unpickle
- and
- .I sha1unpickle
- unmarshal a pickled digest.
- All four routines return a pointer to a newly
- .IR malloc (2)'d
- object.
- .SH SOURCE
- .B /sys/src/libsec
- .SH SEE ALSO
- .IR aes (2)
- .IR blowfish (2),
- .IR des (2),
- .IR elgamal (2),
- .IR rc4 (2),
- .IR rsa (2)
|