From owner-svn-src-head@FreeBSD.ORG Sat Apr 28 02:48:52 2012 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id A4004106566B; Sat, 28 Apr 2012 02:48:52 +0000 (UTC) (envelope-from obrien@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 843C28FC08; Sat, 28 Apr 2012 02:48:52 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id q3S2mqMo038158; Sat, 28 Apr 2012 02:48:52 GMT (envelope-from obrien@svn.freebsd.org) Received: (from obrien@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id q3S2mqnH038154; Sat, 28 Apr 2012 02:48:52 GMT (envelope-from obrien@svn.freebsd.org) Message-Id: <201204280248.q3S2mqnH038154@svn.freebsd.org> From: "David E. O'Brien" Date: Sat, 28 Apr 2012 02:48:52 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r234746 - in head: . lib/libmd X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 28 Apr 2012 02:48:52 -0000 Author: obrien Date: Sat Apr 28 02:48:51 2012 New Revision: 234746 URL: http://svn.freebsd.org/changeset/base/234746 Log: Remove the RFC 1319 MD2 Message-Digest Algorithm routines from libmd. 1. The licensing terms for the MD2 routines from RFC is not under a BSD-like license. Instead it is only granted for non-commercial Internet Privacy-Enhanced Mail. 2. MD2 is quite deprecated as it is no longer considered a cryptographically strong algorithm. Discussed with: so (cperciva), core Deleted: head/lib/libmd/md2.copyright head/lib/libmd/md2.h head/lib/libmd/md2c.c Modified: head/ObsoleteFiles.inc head/lib/libmd/Makefile head/lib/libmd/mdX.3 Modified: head/ObsoleteFiles.inc ============================================================================== --- head/ObsoleteFiles.inc Sat Apr 28 00:12:23 2012 (r234745) +++ head/ObsoleteFiles.inc Sat Apr 28 02:48:51 2012 (r234746) @@ -582,6 +582,7 @@ OLD_LIBS+=lib/libipx.so.4 OLD_LIBS+=lib/libkiconv.so.3 OLD_LIBS+=lib/libkvm.so.4 OLD_LIBS+=lib/libmd.so.4 +OLD_LIBS+=lib/libmd.so.5 OLD_LIBS+=lib/libncurses.so.7 OLD_LIBS+=lib/libncursesw.so.7 OLD_LIBS+=lib/libnvpair.so.1 Modified: head/lib/libmd/Makefile ============================================================================== --- head/lib/libmd/Makefile Sat Apr 28 00:12:23 2012 (r234745) +++ head/lib/libmd/Makefile Sat Apr 28 02:48:51 2012 (r234746) @@ -1,20 +1,18 @@ # $FreeBSD$ LIB= md +SHLIB_MAJOR= 6 SHLIBDIR?= /lib -SRCS= md2c.c md4c.c md5c.c md2hl.c md4hl.c md5hl.c \ +SRCS= md4c.c md5c.c md4hl.c md5hl.c \ rmd160c.c rmd160hl.c \ sha0c.c sha0hl.c sha1c.c sha1hl.c \ sha256c.c sha256hl.c \ sha512c.c sha512hl.c -INCS= md2.h md4.h md5.h ripemd.h sha.h sha256.h sha512.h +INCS= md4.h md5.h ripemd.h sha.h sha256.h sha512.h WARNS?= 0 -MAN+= md2.3 md4.3 md5.3 ripemd.3 sha.3 sha256.3 sha512.3 -MLINKS+=md2.3 MD2Init.3 md2.3 MD2Update.3 md2.3 MD2Final.3 -MLINKS+=md2.3 MD2End.3 md2.3 MD2File.3 md2.3 MD2FileChunk.3 -MLINKS+=md2.3 MD2Data.3 +MAN+= md4.3 md5.3 ripemd.3 sha.3 sha256.3 sha512.3 MLINKS+=md4.3 MD4Init.3 md4.3 MD4Update.3 md4.3 MD4Final.3 MLINKS+=md4.3 MD4End.3 md4.3 MD4File.3 md4.3 MD4FileChunk.3 MLINKS+=md4.3 MD4Data.3 @@ -59,10 +57,6 @@ CFLAGS+= -DRMD160_ASM ACFLAGS+= -DELF -Wa,--noexecstack .endif -md2hl.c: mdXhl.c - (echo '#define LENGTH 16'; \ - sed -e 's/mdX/md2/g' -e 's/MDX/MD2/g' ${.ALLSRC}) > ${.TARGET} - md4hl.c: mdXhl.c (echo '#define LENGTH 16'; \ sed -e 's/mdX/md4/g' -e 's/MDX/MD4/g' ${.ALLSRC}) > ${.TARGET} @@ -105,16 +99,6 @@ md${i}.3: ${.CURDIR}/mdX.3 cat ${.CURDIR}/md${i}.copyright >> ${.TARGET} .endfor -md2.ref: - echo 'MD2 test suite:' > ${.TARGET} - @echo 'MD2 ("") = 8350e5a3e24c153df2275c9f80692773' >> ${.TARGET} - @echo 'MD2 ("a") = 32ec01ec4a6dac72c0ab96fb34c0b5d1' >> ${.TARGET} - @echo 'MD2 ("abc") = da853b0d3f88d99b30283a69e6ded6bb' >> ${.TARGET} - @echo 'MD2 ("message digest") = ab4f496bfb2a530b219ff33031fe06b0' >> ${.TARGET} - @echo 'MD2 ("abcdefghijklmnopqrstuvwxyz") = 4e8ddff3650292ab5a4108c3aa47940b' >> ${.TARGET} - @echo 'MD2 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") = da33def2a42df13975352846c30338cd' >> ${.TARGET} - @echo 'MD2 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") = d5976f79d83d3a0dc9806c3c66f3efd8' >> ${.TARGET} - md4.ref: echo 'MD4 test suite:' > ${.TARGET} @echo 'MD4 ("") = 31d6cfe0d16ae931b73c59d7e0c089c0' >> ${.TARGET} @@ -205,12 +189,9 @@ rmd160.ref: @echo 'RIPEMD160 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \ '9b752e45573d4b39f4dbd3323cab82bf63326bfb' >> ${.TARGET} -test: md2.ref md4.ref md5.ref sha0.ref rmd160.ref sha1.ref sha256.ref sha512.ref +test: md4.ref md5.ref sha0.ref rmd160.ref sha1.ref sha256.ref sha512.ref @${ECHO} if any of these test fail, the code produces wrong results @${ECHO} and should NOT be used. - ${CC} ${CFLAGS} ${LDFLAGS} -DMD=2 -o mddriver ${.CURDIR}/mddriver.c ./libmd.a - ./mddriver | cmp md2.ref - - @${ECHO} MD2 passed test ${CC} ${CFLAGS} ${LDFLAGS} -DMD=4 -o mddriver ${.CURDIR}/mddriver.c libmd.a ./mddriver | cmp md4.ref - @${ECHO} MD4 passed test Modified: head/lib/libmd/mdX.3 ============================================================================== --- head/lib/libmd/mdX.3 Sat Apr 28 00:12:23 2012 (r234745) +++ head/lib/libmd/mdX.3 Sat Apr 28 02:48:51 2012 (r234746) @@ -52,8 +52,7 @@ This net result is a .Dq fingerprint of the input-data, which does not disclose the actual input. .Pp -MD2 is the slowest, MD4 is the fastest and MD5 is somewhere in the middle. -MD2 can only be used for Privacy-Enhanced Mail. +MD4 is the fastest and MD5 is somewhat slower. MD4 has now been broken; it should only be used where necessary for backward compatibility. MD5 has not yet (1999-02-11) been broken, but sufficient attacks have been @@ -144,16 +143,10 @@ If the .Fa buf argument is non-null it must point to at least 33 characters of buffer space. .Sh SEE ALSO -.Xr md2 3 , .Xr md4 3 , .Xr md5 3 , .Xr sha 3 .Rs -.%A B. Kaliski -.%T The MD2 Message-Digest Algorithm -.%O RFC 1319 -.Re -.Rs .%A R. Rivest .%T The MD4 Message-Digest Algorithm .%O RFC 1186 @@ -192,6 +185,3 @@ Phk ristede runen. No method is known to exist which finds two files having the same hash value, nor to find a file with a specific hash value. There is on the other hand no guarantee that such a method does not exist. -.Pp -MD2 has only been licensed for use in Privacy Enhanced Mail. -Use MD4 or MD5 if that is not what you are doing.