From owner-svn-src-head@freebsd.org Mon Jul 9 08:19:07 2018 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2977F102E5E5; Mon, 9 Jul 2018 08:19:07 +0000 (UTC) (envelope-from cem@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id CD1288A059; Mon, 9 Jul 2018 08:19:06 +0000 (UTC) (envelope-from cem@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 935D012728; Mon, 9 Jul 2018 08:19:06 +0000 (UTC) (envelope-from cem@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w698J6x0051857; Mon, 9 Jul 2018 08:19:06 GMT (envelope-from cem@FreeBSD.org) Received: (from cem@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w698J5tN051850; Mon, 9 Jul 2018 08:19:05 GMT (envelope-from cem@FreeBSD.org) Message-Id: <201807090819.w698J5tN051850@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: cem set sender to cem@FreeBSD.org using -f From: Conrad Meyer Date: Mon, 9 Jul 2018 08:19:05 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r336126 - in head: lib/libcrypt lib/libmd sbin/md5 X-SVN-Group: head X-SVN-Commit-Author: cem X-SVN-Commit-Paths: in head: lib/libcrypt lib/libmd sbin/md5 X-SVN-Commit-Revision: 336126 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Jul 2018 08:19:07 -0000 Author: cem Date: Mon Jul 9 08:19:04 2018 New Revision: 336126 URL: https://svnweb.freebsd.org/changeset/base/336126 Log: Integrate SHA2-224 with userspace components The double compilation of the kernel sources in libmd and libcrypt is baffling, but add yet another define hack to prevent duplicate symbols. Add documentation and SHA2-224 test cases to libmd. Integrate with the md5(1) command, document, and add more test cases; self-tests pass. Modified: head/lib/libcrypt/Makefile head/lib/libmd/Makefile head/lib/libmd/sha256.3 head/lib/libmd/shadriver.c head/sbin/md5/Makefile head/sbin/md5/md5.1 head/sbin/md5/md5.c Modified: head/lib/libcrypt/Makefile ============================================================================== --- head/lib/libcrypt/Makefile Mon Jul 9 07:28:13 2018 (r336125) +++ head/lib/libcrypt/Makefile Mon Jul 9 08:19:04 2018 (r336126) @@ -31,6 +31,7 @@ CFLAGS+= -I${.CURDIR} -DHAS_DES -DHAS_BLOWFISH .for sym in MD4Init MD4Final MD4Update MD4Pad \ MD5Init MD5Final MD5Update MD5Pad \ + SHA224_Init SHA224_Final SHA224_Update \ SHA256_Init SHA256_Final SHA256_Update \ SHA512_224_Init SHA512_224_Final SHA512_224_Update \ SHA512_256_Init SHA512_256_Final SHA512_256_Update \ Modified: head/lib/libmd/Makefile ============================================================================== --- head/lib/libmd/Makefile Mon Jul 9 07:28:13 2018 (r336125) +++ head/lib/libmd/Makefile Mon Jul 9 08:19:04 2018 (r336126) @@ -7,13 +7,13 @@ SHLIBDIR?= /lib SRCS= md4c.c md5c.c md4hl.c md5hl.c \ rmd160c.c rmd160hl.c \ sha0c.c sha0hl.c sha1c.c sha1hl.c \ - sha256c.c sha256hl.c \ + sha224hl.c sha256c.c sha256hl.c \ sha384hl.c \ sha512c.c sha512hl.c sha512thl.c \ skein.c skein_block.c \ skein256hl.c skein512hl.c skein1024hl.c -INCS= md4.h md5.h ripemd.h sha.h sha256.h sha384.h sha512.h sha512t.h \ - skein.h skein_port.h skein_freebsd.h skein_iv.h +INCS= md4.h md5.h ripemd.h sha.h sha224.h sha256.h sha384.h sha512.h \ + sha512t.h skein.h skein_port.h skein_freebsd.h skein_iv.h WARNS?= 0 @@ -34,6 +34,10 @@ MLINKS+=sha.3 SHA_Data.3 MLINKS+=sha.3 SHA1_Init.3 sha.3 SHA1_Update.3 sha.3 SHA1_Final.3 MLINKS+=sha.3 SHA1_End.3 sha.3 SHA1_File.3 sha.3 SHA1_FileChunk.3 MLINKS+=sha.3 SHA1_Data.3 +MLINKS+=sha256.3 SHA224_Init.3 sha256.3 SHA224_Update.3 +MLINKS+=sha256.3 SHA224_Final.3 sha256.3 SHA224_End.3 +MLINKS+=sha256.3 SHA224_File.3 sha256.3 SHA224_FileChunk.3 +MLINKS+=sha256.3 SHA224_Data.3 MLINKS+=sha256.3 SHA256_Init.3 sha256.3 SHA256_Update.3 MLINKS+=sha256.3 SHA256_Final.3 sha256.3 SHA256_End.3 MLINKS+=sha256.3 SHA256_File.3 sha256.3 SHA256_FileChunk.3 @@ -66,7 +70,8 @@ MLINKS+=skein.3 SKEIN1024_Data.3 skein.3 skein1024.3 CLEANFILES+= md[245]hl.c md[245].ref md[245].3 mddriver \ rmd160.ref rmd160hl.c rmddriver \ sha0.ref sha0hl.c sha1.ref sha1hl.c shadriver \ - sha256.ref sha256hl.c sha384hl.c sha384.ref \ + sha224.ref sha256.ref sha224hl.c sha256hl.c \ + sha384hl.c sha384.ref \ sha512.ref sha512hl.c sha512t256.ref sha512thl.c \ skein256hl.c skein512hl.c skein1024hl.c \ skein256.ref skein512.ref skein1024.ref \ @@ -130,6 +135,12 @@ sha1hl.c: mdXhl.c sed -e 's/mdX/sha/g' -e 's/MDX/SHA1_/g' -e 's/SHA1__/SHA1_/g' \ ${.ALLSRC}) > ${.TARGET} +sha224hl.c: mdXhl.c + (echo '#define LENGTH 28'; \ + sed -e 's/mdX/sha224/g' -e 's/MDX/SHA224_/g' \ + -e 's/SHA224__/SHA224_/g' \ + ${.ALLSRC}) > ${.TARGET} + sha256hl.c: mdXhl.c (echo '#define LENGTH 32'; \ sed -e 's/mdX/sha256/g' -e 's/MDX/SHA256_/g' \ @@ -234,6 +245,20 @@ sha1.ref: @echo 'SHA-1 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \ '50abf5706a150990a08b2c5ea40fa0e585554732' >> ${.TARGET} +sha224.ref: + echo 'SHA-224 test suite:' > ${.TARGET} + @echo 'SHA-224 ("") = d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f' >> ${.TARGET} + @echo 'SHA-224 ("abc") =' \ + '23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7' >> ${.TARGET} + @echo 'SHA-224 ("message digest") =' \ + '2cb21c83ae2f004de7e81c3c7019cbcb65b71ab656b22d6d0c39b8eb' >> ${.TARGET} + @echo 'SHA-224 ("abcdefghijklmnopqrstuvwxyz") =' \ + '45a5f72c39c5cff2522eb3429799e49e5f44b356ef926bcf390dccc2' >> ${.TARGET} + @echo 'SHA-224 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \ + 'bff72b4fcb7d75e5632900ac5f90d219e05e97a7bde72e740db393d9' >> ${.TARGET} + @echo 'SHA-224 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \ + 'b50aecbe4e9bb0b57bc5f3ae760a8e01db24f203fb3cdcd13148046e' >> ${.TARGET} + sha256.ref: echo 'SHA-256 test suite:' > ${.TARGET} @echo 'SHA-256 ("") = e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855' >> ${.TARGET} @@ -349,7 +374,7 @@ skein1024.ref: @echo 'SKEIN1024 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \ 'cf21a613620e6c119eca31fdfaad449a8e02f95ca256c21d2a105f8e4157048f9fe1e897893ea18b64e0e37cb07d5ac947f27ba544caf7cbc1ad094e675aed77a366270f7eb7f46543bccfa61c526fd628408058ed00ed566ac35a9761d002e629c4fb0d430b2f4ad016fcc49c44d2981c4002da0eecc42144160e2eaea4855a' >> ${.TARGET} -test: md4.ref md5.ref sha0.ref rmd160.ref sha1.ref sha256.ref sha384.ref \ +test: md4.ref md5.ref sha0.ref rmd160.ref sha1.ref sha224.ref sha256.ref sha384.ref \ sha512.ref sha512t256.ref skein256.ref skein512.ref skein1024.ref @${ECHO} if any of these test fail, the code produces wrong results @${ECHO} and should NOT be used. @@ -370,6 +395,9 @@ test: md4.ref md5.ref sha0.ref rmd160.ref sha1.ref sha ${CC} ${CFLAGS} ${LDFLAGS} -DSHA=1 -o shadriver ${.CURDIR}/shadriver.c libmd.a ./shadriver | cmp sha1.ref - @${ECHO} SHA-1 passed test + ${CC} ${CFLAGS} ${LDFLAGS} -DSHA=224 -o shadriver ${.CURDIR}/shadriver.c libmd.a + ./shadriver | cmp sha224.ref - + @${ECHO} SHA-224 passed test ${CC} ${CFLAGS} ${LDFLAGS} -DSHA=256 -o shadriver ${.CURDIR}/shadriver.c libmd.a ./shadriver | cmp sha256.ref - @${ECHO} SHA-256 passed test Modified: head/lib/libmd/sha256.3 ============================================================================== --- head/lib/libmd/sha256.3 Mon Jul 9 07:28:13 2018 (r336125) +++ head/lib/libmd/sha256.3 Mon Jul 9 08:19:04 2018 (r336126) @@ -9,10 +9,17 @@ .\" From: Id: mdX.3,v 1.14 1999/02/11 20:31:49 wollman Exp .\" $FreeBSD$ .\" -.Dd April 26, 2016 +.Dd July 9, 2018 .Dt SHA256 3 .Os .Sh NAME +.Nm SHA224_Init , +.Nm SHA224_Update , +.Nm SHA224_Final , +.Nm SHA224_End , +.Nm SHA224_File , +.Nm SHA224_FileChunk , +.Nm SHA224_Data , .Nm SHA256_Init , .Nm SHA256_Update , .Nm SHA256_Final , @@ -20,11 +27,26 @@ .Nm SHA256_File , .Nm SHA256_FileChunk , .Nm SHA256_Data -.Nd calculate the FIPS 180-2 ``SHA-256'' message digest +.Nd calculate the FIPS 180-2 ``SHA-256'' (or SHA-224) message digest .Sh LIBRARY .Lb libmd .Sh SYNOPSIS .In sys/types.h +.In sha224.h +.Ft void +.Fn SHA224_Init "SHA224_CTX *context" +.Ft void +.Fn SHA224_Update "SHA224_CTX *context" "const unsigned char *data" "size_t len" +.Ft void +.Fn SHA224_Final "unsigned char digest[32]" "SHA224_CTX *context" +.Ft "char *" +.Fn SHA224_End "SHA224_CTX *context" "char *buf" +.Ft "char *" +.Fn SHA224_File "const char *filename" "char *buf" +.Ft "char *" +.Fn SHA224_FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length" +.Ft "char *" +.Fn SHA224_Data "const unsigned char *data" "unsigned int len" "char *buf" .In sha256.h .Ft void .Fn SHA256_Init "SHA256_CTX *context" @@ -119,12 +141,14 @@ after use. If the .Fa buf argument is non-null it must point to at least 65 characters of buffer space. +.Pp +SHA224 is identical SHA256, except it has slightly different initialization +vectors, and is truncated to a shorter digest. .Sh SEE ALSO .Xr md4 3 , .Xr md5 3 , .Xr ripemd 3 , .Xr sha 3 , -.Xr sha256 3 , .Xr sha512 3 , .Xr skein 3 .Sh HISTORY Modified: head/lib/libmd/shadriver.c ============================================================================== --- head/lib/libmd/shadriver.c Mon Jul 9 07:28:13 2018 (r336125) +++ head/lib/libmd/shadriver.c Mon Jul 9 08:19:04 2018 (r336126) @@ -24,6 +24,7 @@ __FBSDID("$FreeBSD$"); #include #include "sha.h" +#include "sha224.h" #include "sha256.h" #include "sha384.h" #include "sha512.h" @@ -38,6 +39,9 @@ __FBSDID("$FreeBSD$"); #if SHA == 1 #undef SHA_Data #define SHA_Data SHA1_Data +#elif SHA == 224 +#undef SHA_Data +#define SHA_Data SHA224_Data #elif SHA == 256 #undef SHA_Data #define SHA_Data SHA256_Data Modified: head/sbin/md5/Makefile ============================================================================== --- head/sbin/md5/Makefile Mon Jul 9 07:28:13 2018 (r336125) +++ head/sbin/md5/Makefile Mon Jul 9 08:19:04 2018 (r336126) @@ -6,6 +6,7 @@ PROG= md5 LINKS= ${BINDIR}/md5 ${BINDIR}/rmd160 \ ${BINDIR}/md5 ${BINDIR}/sha1 \ + ${BINDIR}/md5 ${BINDIR}/sha224 \ ${BINDIR}/md5 ${BINDIR}/sha256 \ ${BINDIR}/md5 ${BINDIR}/sha384 \ ${BINDIR}/md5 ${BINDIR}/sha512 \ @@ -16,6 +17,7 @@ LINKS= ${BINDIR}/md5 ${BINDIR}/rmd160 \ MLINKS= md5.1 rmd160.1 \ md5.1 sha1.1 \ + md5.1 sha224.1 \ md5.1 sha256.1 \ md5.1 sha384.1 \ md5.1 sha512.1 \ Modified: head/sbin/md5/md5.1 ============================================================================== --- head/sbin/md5/md5.1 Mon Jul 9 07:28:13 2018 (r336125) +++ head/sbin/md5/md5.1 Mon Jul 9 08:19:04 2018 (r336126) @@ -1,65 +1,22 @@ .\" $FreeBSD$ -.Dd March 2, 2017 +.Dd July 9, 2018 .Dt MD5 1 .Os .Sh NAME -.Nm md5 , sha1 , sha256 , sha384 , sha512 , sha512t256 , rmd160 , +.Nm md5 , sha1 , sha224 , sha256 , sha384 , sha512 , sha512t256 , rmd160 , .Nm skein256 , skein512 , skein1024 .Nd calculate a message-digest fingerprint (checksum) for a file .Sh SYNOPSIS -.Nm md5 +.Nm .Op Fl pqrtx .Op Fl c Ar string .Op Fl s Ar string .Op Ar -.Nm sha1 -.Op Fl pqrtx -.Op Fl c Ar string -.Op Fl s Ar string -.Op Ar -.Nm sha256 -.Op Fl pqrtx -.Op Fl c Ar string -.Op Fl s Ar string -.Op Ar -.Nm sha384 -.Op Fl pqrtx -.Op Fl c Ar string -.Op Fl s Ar string -.Op Ar -.Nm sha512 -.Op Fl pqrtx -.Op Fl c Ar string -.Op Fl s Ar string -.Op Ar -.Nm sha512t256 -.Op Fl pqrtx -.Op Fl c Ar string -.Op Fl s Ar string -.Op Ar -.Nm rmd160 -.Op Fl pqrtx -.Op Fl c Ar string -.Op Fl s Ar string -.Op Ar -.Nm skein256 -.Op Fl pqrtx -.Op Fl c Ar string -.Op Fl s Ar string -.Op Ar -.Nm skein512 -.Op Fl pqrtx -.Op Fl c Ar string -.Op Fl s Ar string -.Op Ar -.Nm skein1024 -.Op Fl pqrtx -.Op Fl c Ar string -.Op Fl s Ar string -.Op Ar +.Pp +(All other hashes have the same options and usage.) .Sh DESCRIPTION The -.Nm md5 , sha1 , sha256 , sha384 , sha512, sha512t256, rmd160, +.Nm md5 , sha1 , sha224 , sha256 , sha384 , sha512, sha512t256, rmd160, .Nm skein256, skein512, and .Nm skein1024 @@ -73,7 +30,7 @@ It is conjectured that it is computationally infeasibl produce two messages having the same message digest, or to produce any message having a given prespecified target message digest. The -.Tn MD5 , SHA-1 , SHA-256 , SHA-384 , SHA-512, RIPEMD-160, +.Tn SHA-224 , SHA-256 , SHA-384 , SHA-512, RIPEMD-160, and .Tn SKEIN algorithms are intended for digital signature applications, where a @@ -89,8 +46,8 @@ The and .Tn SHA-1 algorithms have been proven to be vulnerable to practical collision -attacks and should not be relied upon to produce unique outputs, nor -should they be used as part of a cryptographic signature scheme. +attacks and should not be relied upon to produce unique outputs, +.Em nor should they be used as part of a cryptographic signature scheme. As of 2017-03-02, there is no publicly known method to .Em reverse either algorithm, i.e. to find an input that produces a specific @@ -143,8 +100,8 @@ Run a built-in test script. .El .Sh EXIT STATUS The -.Nm md5 , sha1 , sha256 , sha512, sha512t256, rmd160, -.Nm skein256, skein512, +.Nm md5 , sha1 , sha224 , sha256 , sha512 , sha512t256 , rmd160 , +.Nm skein256 , skein512, and .Nm skein1024 utilities exit 0 on success, @@ -157,6 +114,7 @@ option. .Xr md5 3 , .Xr ripemd 3 , .Xr sha 3 , +.Xr sha224 3 , .Xr sha256 3 , .Xr sha384 3 , .Xr sha512 3 , Modified: head/sbin/md5/md5.c ============================================================================== --- head/sbin/md5/md5.c Mon Jul 9 07:28:13 2018 (r336125) +++ head/sbin/md5/md5.c Mon Jul 9 08:19:04 2018 (r336126) @@ -29,6 +29,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include #include @@ -59,6 +60,7 @@ typedef char *(DIGEST_End)(void *, char *); extern const char *MD5TestOutput[MDTESTCOUNT]; extern const char *SHA1_TestOutput[MDTESTCOUNT]; +extern const char *SHA224_TestOutput[MDTESTCOUNT]; extern const char *SHA256_TestOutput[MDTESTCOUNT]; extern const char *SHA384_TestOutput[MDTESTCOUNT]; extern const char *SHA512_TestOutput[MDTESTCOUNT]; @@ -89,6 +91,7 @@ static void usage(const Algorithm_t *); typedef union { MD5_CTX md5; SHA1_CTX sha1; + SHA224_CTX sha224; SHA256_CTX sha256; SHA384_CTX sha384; SHA512_CTX sha512; @@ -112,6 +115,9 @@ static const struct Algorithm_t Algorithm[] = { { "sha1", "SHA1", &SHA1_TestOutput, (DIGEST_Init*)&SHA1_Init, (DIGEST_Update*)&SHA1_Update, (DIGEST_End*)&SHA1_End, &SHA1_Data, &SHA1_Fd }, + { "sha224", "SHA224", &SHA224_TestOutput, (DIGEST_Init*)&SHA224_Init, + (DIGEST_Update*)&SHA224_Update, (DIGEST_End*)&SHA224_End, + &SHA224_Data, &SHA224_Fd }, { "sha256", "SHA256", &SHA256_TestOutput, (DIGEST_Init*)&SHA256_Init, (DIGEST_Update*)&SHA256_Update, (DIGEST_End*)&SHA256_End, &SHA256_Data, &SHA256_Fd }, @@ -366,6 +372,17 @@ const char *SHA1_TestOutput[MDTESTCOUNT] = { "761c457bf73b14d27e9e9265c46f4b4dda11f940", "50abf5706a150990a08b2c5ea40fa0e585554732", "18eca4333979c4181199b7b4fab8786d16cf2846" +}; + +const char *SHA224_TestOutput[MDTESTCOUNT] = { + "d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f", + "abd37534c7d9a2efb9465de931cd7055ffdb8879563ae98078d6d6d5", + "23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7", + "2cb21c83ae2f004de7e81c3c7019cbcb65b71ab656b22d6d0c39b8eb", + "45a5f72c39c5cff2522eb3429799e49e5f44b356ef926bcf390dccc2", + "bff72b4fcb7d75e5632900ac5f90d219e05e97a7bde72e740db393d9", + "b50aecbe4e9bb0b57bc5f3ae760a8e01db24f203fb3cdcd13148046e", + "5ae55f3779c8a1204210d7ed7689f661fbe140f96f272ab79e19d470" }; const char *SHA256_TestOutput[MDTESTCOUNT] = {