From owner-freebsd-audit@FreeBSD.ORG Thu Mar 17 11:05:41 2005 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BAF8316A4CE; Thu, 17 Mar 2005 11:05:41 +0000 (GMT) Received: from heechee.tobez.org (heechee.tobez.org [217.157.39.226]) by mx1.FreeBSD.org (Postfix) with ESMTP id 436BB43D6A; Thu, 17 Mar 2005 11:05:40 +0000 (GMT) (envelope-from tobez@tobez.org) Received: by heechee.tobez.org (Postfix, from userid 1001) id 61509125465; Thu, 17 Mar 2005 12:05:38 +0100 (CET) Date: Thu, 17 Mar 2005 12:05:38 +0100 From: Anton Berezin To: freebsd-audit@freebsd.org Message-ID: <20050317110538.GA61247@heechee.tobez.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.1i X-Powered-By: FreeBSD http://www.freebsd.org/ cc: phk@FreeBSD.org cc: cperciva@FreeBSD.org Subject: [PATCH] review requested, add sha256 to mtree + small fixes X-BeenThere: freebsd-audit@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Security Audit List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Mar 2005 11:05:41 -0000 Since we now have sha256 in libmd, I think it is time to add it to mtree(1). The patch against fresh HEAD does the following: - adds sha256 support; - makes recommended procedure for integrity checking consistent; - fixes a bug with -f spec1 -f spec2 comparison, which prevented test/tes03.sh from running successfully. I would like to commit it and MFC it after sha256 is MFCed. Index: Makefile =================================================================== RCS file: /home/ncvs/src/usr.sbin/mtree/Makefile,v retrieving revision 1.26 diff -u -r1.26 Makefile --- Makefile 5 Nov 2003 22:26:07 -0000 1.26 +++ Makefile 17 Mar 2005 10:18:59 -0000 @@ -10,7 +10,7 @@ WARNS?= 4 -CFLAGS+= -DMD5 -DSHA1 -DRMD160 +CFLAGS+= -DMD5 -DSHA1 -DRMD160 -DSHA256 DPADD= ${LIBMD} LDADD= -lmd Index: compare.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/mtree/compare.c,v retrieving revision 1.33 diff -u -r1.33 compare.c --- compare.c 11 Jan 2004 19:25:56 -0000 1.33 +++ compare.c 17 Mar 2005 10:21:56 -0000 @@ -52,6 +52,9 @@ #ifdef SHA1 #include #endif +#ifdef SHA256 +#include +#endif #include #include #include @@ -294,6 +297,24 @@ } } #endif /* RMD160 */ +#ifdef SHA256 + if (s->flags & F_SHA256) { + char *new_digest, buf[65]; + + new_digest = SHA256_File(p->fts_accpath, buf); + if (!new_digest) { + LABEL; + printf("%sSHA-256: %s: %s\n", tab, p->fts_accpath, + strerror(errno)); + tab = "\t"; + } else if (strcmp(new_digest, s->sha256digest)) { + LABEL; + printf("%sSHA-256 expected %s found %s\n", + tab, s->sha256digest, new_digest); + tab = "\t"; + } + } +#endif /* SHA256 */ if (s->flags & F_SLINK && strcmp(cp = rlink(p->fts_accpath), s->slink)) { Index: create.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/mtree/create.c,v retrieving revision 1.36 diff -u -r1.36 create.c --- create.c 11 Jan 2004 19:38:48 -0000 1.36 +++ create.c 17 Mar 2005 10:22:58 -0000 @@ -52,6 +52,9 @@ #ifdef RMD160 #include #endif +#ifdef SHA256 +#include +#endif #include #include #include @@ -249,6 +252,16 @@ output(indent, &offset, "ripemd160digest=%s", digest); } #endif /* RMD160 */ +#ifdef SHA256 + if (keys & F_SHA256 && S_ISREG(p->fts_statp->st_mode)) { + char *digest, buf[65]; + + digest = SHA256_File(p->fts_accpath, buf); + if (!digest) + err(1, "%s", p->fts_accpath); + output(indent, &offset, "sha256digest=%s", digest); + } +#endif /* SHA256 */ if (keys & F_SLINK && (p->fts_info == FTS_SL || p->fts_info == FTS_SLNONE)) output(indent, &offset, "link=%s", rlink(p->fts_accpath)); Index: misc.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/mtree/misc.c,v retrieving revision 1.15 diff -u -r1.15 misc.c --- misc.c 11 Jan 2004 19:25:56 -0000 1.15 +++ misc.c 17 Mar 2005 10:23:14 -0000 @@ -72,6 +72,9 @@ #ifdef SHA1 {"sha1digest", F_SHA1, NEEDVALUE}, #endif +#ifdef SHA256 + {"sha256digest", F_SHA256, NEEDVALUE}, +#endif {"size", F_SIZE, NEEDVALUE}, {"time", F_TIME, NEEDVALUE}, {"type", F_TYPE, NEEDVALUE}, Index: mtree.8 =================================================================== RCS file: /home/ncvs/src/usr.sbin/mtree/mtree.8,v retrieving revision 1.50 diff -u -r1.50 mtree.8 --- mtree.8 13 Feb 2005 22:25:29 -0000 1.50 +++ mtree.8 17 Mar 2005 10:27:57 -0000 @@ -204,6 +204,12 @@ 160-1 .Pq Dq Tn SHA-1 message digest of the file. +.It Cm sha256digest +The +.Tn FIPS +180-2 +.Pq Dq Tn SHA-256 +message digest of the file. .It Cm ripemd160digest The .Tn RIPEMD160 @@ -317,21 +323,21 @@ that .Nm .Fl K -.Cm sha1digest +.Cm sha256digest be run on the file systems, and a copy of the results stored on a different machine, or, at least, in encrypted form. The output file itself should be digested using the -.Xr md5 1 +.Xr sha256 1 utility. Then, periodically, .Nm and -.Xr md5 1 +.Xr sha256 1 should be run against the on-line specifications. While it is possible for the bad guys to change the on-line specifications to conform to their modified binaries, it is believed to be impractical for them to create a modified specification which has -the same MD5 digest as the original. +the same SHA-256 digest as the original. .Pp The .Fl d @@ -372,6 +378,10 @@ .Fx 4.0 , as new attacks have demonstrated weaknesses in .Tn MD5 . +The +.Tn SHA-256 +digest was added in +.Fx 6.0 . Support for file flags was added in .Fx 4.0 , and mostly comes from Index: mtree.h =================================================================== RCS file: /home/ncvs/src/usr.sbin/mtree/mtree.h,v retrieving revision 1.6 diff -u -r1.6 mtree.h --- mtree.h 21 Oct 2003 08:27:05 -0000 1.6 +++ mtree.h 17 Mar 2005 10:29:34 -0000 @@ -46,6 +46,7 @@ u_long cksum; /* check sum */ char *md5digest; /* MD5 digest */ char *sha1digest; /* SHA-1 digest */ + char *sha256digest; /* SHA-256 digest */ char *rmd160digest; /* RIPEMD160 digest */ char *slink; /* symbolic link reference */ uid_t st_uid; /* uid */ @@ -76,6 +77,7 @@ #define F_SHA1 0x20000 /* SHA-1 digest */ #define F_RMD160 0x40000 /* RIPEMD160 digest */ #define F_FLAGS 0x80000 /* file flags */ +#define F_SHA256 0x100000 /* SHA-256 digest */ u_int flags; /* items set */ #define F_BLOCK 0x001 /* block special */ Index: spec.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/mtree/spec.c,v retrieving revision 1.21 diff -u -r1.21 spec.c --- spec.c 19 Nov 2003 15:28:21 -0000 1.21 +++ spec.c 17 Mar 2005 10:30:01 -0000 @@ -194,6 +194,11 @@ if(!ip->sha1digest) errx(1, "strdup"); break; + case F_SHA256: + ip->sha256digest = strdup(val); + if(!ip->sha256digest) + errx(1, "strdup"); + break; case F_RMD160: ip->rmd160digest = strdup(val); if(!ip->rmd160digest) Index: specspec.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/mtree/specspec.c,v retrieving revision 1.5 diff -u -r1.5 specspec.c --- specspec.c 7 Aug 2004 10:04:29 -0000 1.5 +++ specspec.c 17 Mar 2005 10:58:15 -0000 @@ -82,6 +82,8 @@ printf(" sha1digest=%s", n->sha1digest); if (f & F_RMD160) printf(" rmd160digest=%s", n->rmd160digest); + if (f & F_SHA256) + printf(" sha256digest=%s", n->sha256digest); if (f & F_FLAGS) printf(" flags=%s", flags_to_string(n->st_flags)); printf("\n"); @@ -160,6 +162,8 @@ differs |= F_SHA1; if (FS(n1, n2, F_RMD160, rmd160digest)) differs |= F_RMD160; + if (FS(n1, n2, F_SHA256, sha256digest)) + differs |= F_SHA256; if (FF(n1, n2, F_FLAGS, st_flags)) differs |= F_FLAGS; if (differs) { @@ -213,19 +217,19 @@ asprintf(&np, "%s%s/", path, c2->name); i = walk_in_the_forest(c1, c2, np); free(np); - i = compare_nodes(c1, c2, path); + i += compare_nodes(c1, c2, path); } else if (c2 == NULL && c1->type == F_DIR) { asprintf(&np, "%s%s/", path, c1->name); i = walk_in_the_forest(c1, c2, np); free(np); - i = compare_nodes(c1, c2, path); + i += compare_nodes(c1, c2, path); } else if (c1 == NULL || c2 == NULL) { i = compare_nodes(c1, c2, path); } else if (c1->type == F_DIR && c2->type == F_DIR) { asprintf(&np, "%s%s/", path, c1->name); i = walk_in_the_forest(c1, c2, np); free(np); - i = compare_nodes(c1, c2, path); + i += compare_nodes(c1, c2, path); } else { i = compare_nodes(c1, c2, path); } Index: test/test03.sh =================================================================== RCS file: /home/ncvs/src/usr.sbin/mtree/test/test03.sh,v retrieving revision 1.1 diff -u -r1.1 test03.sh --- test/test03.sh 5 Nov 2003 22:26:39 -0000 1.1 +++ test/test03.sh 17 Mar 2005 10:31:11 -0000 @@ -15,7 +15,7 @@ rm -rf ${TMP} mkdir -p ${TMP} -K=uid,uname,gid,gname,flags,md5digest,size,ripemd160digest,sha1digest,cksum +K=uid,uname,gid,gname,flags,md5digest,size,ripemd160digest,sha1digest,sha256digest,cksum rm -rf _FOO mkdir _FOO Cheers, \Anton. -- The moronity of the universe is a monotonically increasing function. -- Jarkko Hietaniemi From owner-freebsd-audit@FreeBSD.ORG Thu Mar 17 13:46:19 2005 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2376916A4CE; Thu, 17 Mar 2005 13:46:19 +0000 (GMT) Received: from ss.eunet.cz (ss.eunet.cz [193.85.228.13]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4AAC143D5D; Thu, 17 Mar 2005 13:46:18 +0000 (GMT) (envelope-from mime@traveller.cz) Received: from localhost.i.cz (ss.eunet.cz [193.85.228.13]) by ss.eunet.cz (8.13.1/8.13.1) with ESMTP id j2HDkEev064035; Thu, 17 Mar 2005 14:46:14 +0100 (CET) (envelope-from mime@traveller.cz) From: Michal Mertl To: Anton Berezin In-Reply-To: <20050317110538.GA61247@heechee.tobez.org> References: <20050317110538.GA61247@heechee.tobez.org> Content-Type: text/plain Date: Thu, 17 Mar 2005 14:46:13 +0100 Message-Id: <1111067173.670.14.camel@genius2.i.cz> Mime-Version: 1.0 X-Mailer: Evolution 2.0.4 FreeBSD GNOME Team Port Content-Transfer-Encoding: 7bit cc: cperciva@freebsd.org cc: freebsd-audit@freebsd.org Subject: Re: [PATCH] review requested, add sha256 to mtree + small fixes X-BeenThere: freebsd-audit@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Security Audit List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Mar 2005 13:46:19 -0000 Anton Berezin wrote: > Since we now have sha256 in libmd, I think it is time to add it to > mtree(1). I think all longer sha variants should be added at the same time. There are implementations of SHA-384 a SHA-512 already available in src/sys/crypto/sha2. ISTR someone is working at the moment on the cleanup of crypto algorithms' implementations in the tree so that there's only one copy of each or at most two (openssl and small-util/kernel one). Colin's sha256 implementation is IMHO a step in the wrong direction. He admitted he hadn't known about the other implementation in the tree, otherwise he probably wouldn't have written the new one in libmd. I haven't looked at your patch, sorry. Just my 2 cents. Michal Mertl