Google Git
Sign in
plan9port / plan9 / e7588227e6af76943c91edba92a5d288a5b0b931 / . / man / man3 / sechash.3
blob: 9f9f58e32ab05203b3ead40abdcb9240aab1aeda [file] [log] [blame]
rsccfa37a72004-04-10 18:53:55 +0000[diff] [blame]1.TH SECHASH 3
2.SH NAME
3md4, md5, sha1, hmac_md5, hmac_sha1, md5pickle, md5unpickle, sha1pickle, sha1unpickle \- cryptographically secure hashes
4.SH SYNOPSIS
5.B #include <u.h>
6.br
7.B #include <libc.h>
8.br
9.B #include <mp.h>
10.br
11.B #include <libsec.h>
12.PP
13.B
14DigestState* md4(uchar *data, ulong dlen, uchar *digest,
15.B
16 DigestState *state)
17.PP
18.B
19DigestState* md5(uchar *data, ulong dlen, uchar *digest,
20.B
21 DigestState *state)
22.PP
23.B
24char* md5pickle(MD5state *state)
25.PP
26.B
27MD5state* md5unpickle(char *p);
28.PP
29.B
30DigestState* sha1(uchar *data, ulong dlen, uchar *digest,
31.B
32 DigestState *state)
33.PP
34.B
35char* sha1pickle(MD5state *state)
36.PP
37.B
38MD5state* sha1unpickle(char *p);
39.PP
40.B
41DigestState* hmac_md5(uchar *data, ulong dlen,
42.br
43.B
44 uchar *key, ulong klen,
45.br
46.B
47 uchar *digest, DigestState *state)
48.PP
49.B
50DigestState* hmac_sha1(uchar *data, ulong dlen,
51.br
52.B
53 uchar *key, ulong klen,
54.br
55.B
56 uchar *digest, DigestState *state)
57.SH DESCRIPTION
58.PP
59We support several secure hash functions. The output of the
60hash is called a
61.IR digest .
62A hash is secure if, given the hashed data and the digest,
63it is difficult to predict the change to the digest resulting
64from some change to the data without rehashing
65the whole data. Therefore, if a secret is part of the hashed
66data, the digest can be used as an integrity check of the data by anyone
67possessing the secret.
68.PP
69The routines
70.IR md4 ,
71.IR md5 ,
72.IR sha1 ,
73.IR hmac_md5 ,
74and
75.I hmac_sha1
76differ only in the length of the resulting digest
77and in the security of the hash. Usage for each is the same.
78The first call to the routine should have
79.B nil
80as the
81.I state
82parameter. This call returns a state which can be used to chain
83subsequent calls.
84The last call should have digest non-\fBnil\fR.
85.I Digest
86must point to a buffer of at least the size of the digest produced.
87This last call will free the state and copy the result into
88.IR digest .
89For example, to hash a single buffer using
90.IR md5 :
91.EX
92
93 uchar digest[MD5dlen];
94
95 md5(data, len, digest, nil);
96.EE
97.PP
98To chain a number of buffers together,
99bounded on each end by some secret:
100.EX
101
102 char buf[256];
103 uchar digest[MD5dlen];
104 DigestState *s;
105
106 s = md5("my password", 11, nil, nil);
107 while((n = read(fd, buf, 256)) > 0)
108 md5(buf, n, nil, s);
109 md5("drowssap ym", 11, digest, s);
110.EE
111.PP
112The constants
113.IR MD4dlen ,
114.IR MD5dlen ,
115and
116.I SHA1dlen
117define the lengths of the digests.
118.PP
119.I Hmac_md5
120and
121.I hmac_sha1
122are used slightly differently. These hash algorithms are keyed and require
123a key to be specified on every call.
124The digest lengths for these hashes are
125.I MD5dlen
126and
127.I SHA1dlen
128respectively.
129.PP
130The functions
131.I md5pickle
132and
133.I sha1pickle
134marshal the state of a digest for transmission.
135.I Md5unpickle
136and
137.I sha1unpickle
138unmarshal a pickled digest.
139All four routines return a pointer to a newly
rscbf8a59f2004-04-11 03:42:27 +0000[diff] [blame]140.IR malloc (3)'d
rsccfa37a72004-04-10 18:53:55 +0000[diff] [blame]141object.
142.SH SOURCE
rscb5fdffe2004-04-19 19:22:56 +0000[diff] [blame]143.B /usr/local/plan9/src/libsec
rsccfa37a72004-04-10 18:53:55 +0000[diff] [blame]144.SH SEE ALSO
rscbf8a59f2004-04-11 03:42:27 +0000[diff] [blame]145.IR aes (3),
146.IR blowfish (3),
147.IR des (3),
148.IR elgamal (3),
149.IR rc4 (3),
150.IR rsa (3)