svn commit: r336126 - in head: lib/libcrypt lib/libmd sbin/md5
Conrad Meyer
cem at FreeBSD.org
Mon Jul 9 08:19:07 UTC 2018
Author: cem
Date: Mon Jul 9 08:19:04 2018
New Revision: 336126
URL: https://svnweb.freebsd.org/changeset/base/336126
Log:
Integrate SHA2-224 with userspace components
The double compilation of the kernel sources in libmd and libcrypt is
baffling, but add yet another define hack to prevent duplicate symbols.
Add documentation and SHA2-224 test cases to libmd.
Integrate with the md5(1) command, document, and add more test cases;
self-tests pass.
Modified:
head/lib/libcrypt/Makefile
head/lib/libmd/Makefile
head/lib/libmd/sha256.3
head/lib/libmd/shadriver.c
head/sbin/md5/Makefile
head/sbin/md5/md5.1
head/sbin/md5/md5.c
Modified: head/lib/libcrypt/Makefile
==============================================================================
--- head/lib/libcrypt/Makefile Mon Jul 9 07:28:13 2018 (r336125)
+++ head/lib/libcrypt/Makefile Mon Jul 9 08:19:04 2018 (r336126)
@@ -31,6 +31,7 @@ CFLAGS+= -I${.CURDIR} -DHAS_DES -DHAS_BLOWFISH
.for sym in MD4Init MD4Final MD4Update MD4Pad \
MD5Init MD5Final MD5Update MD5Pad \
+ SHA224_Init SHA224_Final SHA224_Update \
SHA256_Init SHA256_Final SHA256_Update \
SHA512_224_Init SHA512_224_Final SHA512_224_Update \
SHA512_256_Init SHA512_256_Final SHA512_256_Update \
Modified: head/lib/libmd/Makefile
==============================================================================
--- head/lib/libmd/Makefile Mon Jul 9 07:28:13 2018 (r336125)
+++ head/lib/libmd/Makefile Mon Jul 9 08:19:04 2018 (r336126)
@@ -7,13 +7,13 @@ SHLIBDIR?= /lib
SRCS= md4c.c md5c.c md4hl.c md5hl.c \
rmd160c.c rmd160hl.c \
sha0c.c sha0hl.c sha1c.c sha1hl.c \
- sha256c.c sha256hl.c \
+ sha224hl.c sha256c.c sha256hl.c \
sha384hl.c \
sha512c.c sha512hl.c sha512thl.c \
skein.c skein_block.c \
skein256hl.c skein512hl.c skein1024hl.c
-INCS= md4.h md5.h ripemd.h sha.h sha256.h sha384.h sha512.h sha512t.h \
- skein.h skein_port.h skein_freebsd.h skein_iv.h
+INCS= md4.h md5.h ripemd.h sha.h sha224.h sha256.h sha384.h sha512.h \
+ sha512t.h skein.h skein_port.h skein_freebsd.h skein_iv.h
WARNS?= 0
@@ -34,6 +34,10 @@ MLINKS+=sha.3 SHA_Data.3
MLINKS+=sha.3 SHA1_Init.3 sha.3 SHA1_Update.3 sha.3 SHA1_Final.3
MLINKS+=sha.3 SHA1_End.3 sha.3 SHA1_File.3 sha.3 SHA1_FileChunk.3
MLINKS+=sha.3 SHA1_Data.3
+MLINKS+=sha256.3 SHA224_Init.3 sha256.3 SHA224_Update.3
+MLINKS+=sha256.3 SHA224_Final.3 sha256.3 SHA224_End.3
+MLINKS+=sha256.3 SHA224_File.3 sha256.3 SHA224_FileChunk.3
+MLINKS+=sha256.3 SHA224_Data.3
MLINKS+=sha256.3 SHA256_Init.3 sha256.3 SHA256_Update.3
MLINKS+=sha256.3 SHA256_Final.3 sha256.3 SHA256_End.3
MLINKS+=sha256.3 SHA256_File.3 sha256.3 SHA256_FileChunk.3
@@ -66,7 +70,8 @@ MLINKS+=skein.3 SKEIN1024_Data.3 skein.3 skein1024.3
CLEANFILES+= md[245]hl.c md[245].ref md[245].3 mddriver \
rmd160.ref rmd160hl.c rmddriver \
sha0.ref sha0hl.c sha1.ref sha1hl.c shadriver \
- sha256.ref sha256hl.c sha384hl.c sha384.ref \
+ sha224.ref sha256.ref sha224hl.c sha256hl.c \
+ sha384hl.c sha384.ref \
sha512.ref sha512hl.c sha512t256.ref sha512thl.c \
skein256hl.c skein512hl.c skein1024hl.c \
skein256.ref skein512.ref skein1024.ref \
@@ -130,6 +135,12 @@ sha1hl.c: mdXhl.c
sed -e 's/mdX/sha/g' -e 's/MDX/SHA1_/g' -e 's/SHA1__/SHA1_/g' \
${.ALLSRC}) > ${.TARGET}
+sha224hl.c: mdXhl.c
+ (echo '#define LENGTH 28'; \
+ sed -e 's/mdX/sha224/g' -e 's/MDX/SHA224_/g' \
+ -e 's/SHA224__/SHA224_/g' \
+ ${.ALLSRC}) > ${.TARGET}
+
sha256hl.c: mdXhl.c
(echo '#define LENGTH 32'; \
sed -e 's/mdX/sha256/g' -e 's/MDX/SHA256_/g' \
@@ -234,6 +245,20 @@ sha1.ref:
@echo 'SHA-1 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \
'50abf5706a150990a08b2c5ea40fa0e585554732' >> ${.TARGET}
+sha224.ref:
+ echo 'SHA-224 test suite:' > ${.TARGET}
+ @echo 'SHA-224 ("") = d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f' >> ${.TARGET}
+ @echo 'SHA-224 ("abc") =' \
+ '23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7' >> ${.TARGET}
+ @echo 'SHA-224 ("message digest") =' \
+ '2cb21c83ae2f004de7e81c3c7019cbcb65b71ab656b22d6d0c39b8eb' >> ${.TARGET}
+ @echo 'SHA-224 ("abcdefghijklmnopqrstuvwxyz") =' \
+ '45a5f72c39c5cff2522eb3429799e49e5f44b356ef926bcf390dccc2' >> ${.TARGET}
+ @echo 'SHA-224 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \
+ 'bff72b4fcb7d75e5632900ac5f90d219e05e97a7bde72e740db393d9' >> ${.TARGET}
+ @echo 'SHA-224 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \
+ 'b50aecbe4e9bb0b57bc5f3ae760a8e01db24f203fb3cdcd13148046e' >> ${.TARGET}
+
sha256.ref:
echo 'SHA-256 test suite:' > ${.TARGET}
@echo 'SHA-256 ("") = e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855' >> ${.TARGET}
@@ -349,7 +374,7 @@ skein1024.ref:
@echo 'SKEIN1024 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \
'cf21a613620e6c119eca31fdfaad449a8e02f95ca256c21d2a105f8e4157048f9fe1e897893ea18b64e0e37cb07d5ac947f27ba544caf7cbc1ad094e675aed77a366270f7eb7f46543bccfa61c526fd628408058ed00ed566ac35a9761d002e629c4fb0d430b2f4ad016fcc49c44d2981c4002da0eecc42144160e2eaea4855a' >> ${.TARGET}
-test: md4.ref md5.ref sha0.ref rmd160.ref sha1.ref sha256.ref sha384.ref \
+test: md4.ref md5.ref sha0.ref rmd160.ref sha1.ref sha224.ref sha256.ref sha384.ref \
sha512.ref sha512t256.ref skein256.ref skein512.ref skein1024.ref
@${ECHO} if any of these test fail, the code produces wrong results
@${ECHO} and should NOT be used.
@@ -370,6 +395,9 @@ test: md4.ref md5.ref sha0.ref rmd160.ref sha1.ref sha
${CC} ${CFLAGS} ${LDFLAGS} -DSHA=1 -o shadriver ${.CURDIR}/shadriver.c libmd.a
./shadriver | cmp sha1.ref -
@${ECHO} SHA-1 passed test
+ ${CC} ${CFLAGS} ${LDFLAGS} -DSHA=224 -o shadriver ${.CURDIR}/shadriver.c libmd.a
+ ./shadriver | cmp sha224.ref -
+ @${ECHO} SHA-224 passed test
${CC} ${CFLAGS} ${LDFLAGS} -DSHA=256 -o shadriver ${.CURDIR}/shadriver.c libmd.a
./shadriver | cmp sha256.ref -
@${ECHO} SHA-256 passed test
Modified: head/lib/libmd/sha256.3
==============================================================================
--- head/lib/libmd/sha256.3 Mon Jul 9 07:28:13 2018 (r336125)
+++ head/lib/libmd/sha256.3 Mon Jul 9 08:19:04 2018 (r336126)
@@ -9,10 +9,17 @@
.\" From: Id: mdX.3,v 1.14 1999/02/11 20:31:49 wollman Exp
.\" $FreeBSD$
.\"
-.Dd April 26, 2016
+.Dd July 9, 2018
.Dt SHA256 3
.Os
.Sh NAME
+.Nm SHA224_Init ,
+.Nm SHA224_Update ,
+.Nm SHA224_Final ,
+.Nm SHA224_End ,
+.Nm SHA224_File ,
+.Nm SHA224_FileChunk ,
+.Nm SHA224_Data ,
.Nm SHA256_Init ,
.Nm SHA256_Update ,
.Nm SHA256_Final ,
@@ -20,11 +27,26 @@
.Nm SHA256_File ,
.Nm SHA256_FileChunk ,
.Nm SHA256_Data
-.Nd calculate the FIPS 180-2 ``SHA-256'' message digest
+.Nd calculate the FIPS 180-2 ``SHA-256'' (or SHA-224) message digest
.Sh LIBRARY
.Lb libmd
.Sh SYNOPSIS
.In sys/types.h
+.In sha224.h
+.Ft void
+.Fn SHA224_Init "SHA224_CTX *context"
+.Ft void
+.Fn SHA224_Update "SHA224_CTX *context" "const unsigned char *data" "size_t len"
+.Ft void
+.Fn SHA224_Final "unsigned char digest[32]" "SHA224_CTX *context"
+.Ft "char *"
+.Fn SHA224_End "SHA224_CTX *context" "char *buf"
+.Ft "char *"
+.Fn SHA224_File "const char *filename" "char *buf"
+.Ft "char *"
+.Fn SHA224_FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length"
+.Ft "char *"
+.Fn SHA224_Data "const unsigned char *data" "unsigned int len" "char *buf"
.In sha256.h
.Ft void
.Fn SHA256_Init "SHA256_CTX *context"
@@ -119,12 +141,14 @@ after use.
If the
.Fa buf
argument is non-null it must point to at least 65 characters of buffer space.
+.Pp
+SHA224 is identical SHA256, except it has slightly different initialization
+vectors, and is truncated to a shorter digest.
.Sh SEE ALSO
.Xr md4 3 ,
.Xr md5 3 ,
.Xr ripemd 3 ,
.Xr sha 3 ,
-.Xr sha256 3 ,
.Xr sha512 3 ,
.Xr skein 3
.Sh HISTORY
Modified: head/lib/libmd/shadriver.c
==============================================================================
--- head/lib/libmd/shadriver.c Mon Jul 9 07:28:13 2018 (r336125)
+++ head/lib/libmd/shadriver.c Mon Jul 9 08:19:04 2018 (r336126)
@@ -24,6 +24,7 @@ __FBSDID("$FreeBSD$");
#include <string.h>
#include "sha.h"
+#include "sha224.h"
#include "sha256.h"
#include "sha384.h"
#include "sha512.h"
@@ -38,6 +39,9 @@ __FBSDID("$FreeBSD$");
#if SHA == 1
#undef SHA_Data
#define SHA_Data SHA1_Data
+#elif SHA == 224
+#undef SHA_Data
+#define SHA_Data SHA224_Data
#elif SHA == 256
#undef SHA_Data
#define SHA_Data SHA256_Data
Modified: head/sbin/md5/Makefile
==============================================================================
--- head/sbin/md5/Makefile Mon Jul 9 07:28:13 2018 (r336125)
+++ head/sbin/md5/Makefile Mon Jul 9 08:19:04 2018 (r336126)
@@ -6,6 +6,7 @@ PROG= md5
LINKS= ${BINDIR}/md5 ${BINDIR}/rmd160 \
${BINDIR}/md5 ${BINDIR}/sha1 \
+ ${BINDIR}/md5 ${BINDIR}/sha224 \
${BINDIR}/md5 ${BINDIR}/sha256 \
${BINDIR}/md5 ${BINDIR}/sha384 \
${BINDIR}/md5 ${BINDIR}/sha512 \
@@ -16,6 +17,7 @@ LINKS= ${BINDIR}/md5 ${BINDIR}/rmd160 \
MLINKS= md5.1 rmd160.1 \
md5.1 sha1.1 \
+ md5.1 sha224.1 \
md5.1 sha256.1 \
md5.1 sha384.1 \
md5.1 sha512.1 \
Modified: head/sbin/md5/md5.1
==============================================================================
--- head/sbin/md5/md5.1 Mon Jul 9 07:28:13 2018 (r336125)
+++ head/sbin/md5/md5.1 Mon Jul 9 08:19:04 2018 (r336126)
@@ -1,65 +1,22 @@
.\" $FreeBSD$
-.Dd March 2, 2017
+.Dd July 9, 2018
.Dt MD5 1
.Os
.Sh NAME
-.Nm md5 , sha1 , sha256 , sha384 , sha512 , sha512t256 , rmd160 ,
+.Nm md5 , sha1 , sha224 , sha256 , sha384 , sha512 , sha512t256 , rmd160 ,
.Nm skein256 , skein512 , skein1024
.Nd calculate a message-digest fingerprint (checksum) for a file
.Sh SYNOPSIS
-.Nm md5
+.Nm
.Op Fl pqrtx
.Op Fl c Ar string
.Op Fl s Ar string
.Op Ar
-.Nm sha1
-.Op Fl pqrtx
-.Op Fl c Ar string
-.Op Fl s Ar string
-.Op Ar
-.Nm sha256
-.Op Fl pqrtx
-.Op Fl c Ar string
-.Op Fl s Ar string
-.Op Ar
-.Nm sha384
-.Op Fl pqrtx
-.Op Fl c Ar string
-.Op Fl s Ar string
-.Op Ar
-.Nm sha512
-.Op Fl pqrtx
-.Op Fl c Ar string
-.Op Fl s Ar string
-.Op Ar
-.Nm sha512t256
-.Op Fl pqrtx
-.Op Fl c Ar string
-.Op Fl s Ar string
-.Op Ar
-.Nm rmd160
-.Op Fl pqrtx
-.Op Fl c Ar string
-.Op Fl s Ar string
-.Op Ar
-.Nm skein256
-.Op Fl pqrtx
-.Op Fl c Ar string
-.Op Fl s Ar string
-.Op Ar
-.Nm skein512
-.Op Fl pqrtx
-.Op Fl c Ar string
-.Op Fl s Ar string
-.Op Ar
-.Nm skein1024
-.Op Fl pqrtx
-.Op Fl c Ar string
-.Op Fl s Ar string
-.Op Ar
+.Pp
+(All other hashes have the same options and usage.)
.Sh DESCRIPTION
The
-.Nm md5 , sha1 , sha256 , sha384 , sha512, sha512t256, rmd160,
+.Nm md5 , sha1 , sha224 , sha256 , sha384 , sha512, sha512t256, rmd160,
.Nm skein256, skein512,
and
.Nm skein1024
@@ -73,7 +30,7 @@ It is conjectured that it is computationally infeasibl
produce two messages having the same message digest, or to produce any
message having a given prespecified target message digest.
The
-.Tn MD5 , SHA-1 , SHA-256 , SHA-384 , SHA-512, RIPEMD-160,
+.Tn SHA-224 , SHA-256 , SHA-384 , SHA-512, RIPEMD-160,
and
.Tn SKEIN
algorithms are intended for digital signature applications, where a
@@ -89,8 +46,8 @@ The
and
.Tn SHA-1
algorithms have been proven to be vulnerable to practical collision
-attacks and should not be relied upon to produce unique outputs, nor
-should they be used as part of a cryptographic signature scheme.
+attacks and should not be relied upon to produce unique outputs,
+.Em nor should they be used as part of a cryptographic signature scheme.
As of 2017-03-02, there is no publicly known method to
.Em reverse
either algorithm, i.e. to find an input that produces a specific
@@ -143,8 +100,8 @@ Run a built-in test script.
.El
.Sh EXIT STATUS
The
-.Nm md5 , sha1 , sha256 , sha512, sha512t256, rmd160,
-.Nm skein256, skein512,
+.Nm md5 , sha1 , sha224 , sha256 , sha512 , sha512t256 , rmd160 ,
+.Nm skein256 , skein512,
and
.Nm skein1024
utilities exit 0 on success,
@@ -157,6 +114,7 @@ option.
.Xr md5 3 ,
.Xr ripemd 3 ,
.Xr sha 3 ,
+.Xr sha224 3 ,
.Xr sha256 3 ,
.Xr sha384 3 ,
.Xr sha512 3 ,
Modified: head/sbin/md5/md5.c
==============================================================================
--- head/sbin/md5/md5.c Mon Jul 9 07:28:13 2018 (r336125)
+++ head/sbin/md5/md5.c Mon Jul 9 08:19:04 2018 (r336126)
@@ -29,6 +29,7 @@ __FBSDID("$FreeBSD$");
#include <md5.h>
#include <ripemd.h>
#include <sha.h>
+#include <sha224.h>
#include <sha256.h>
#include <sha384.h>
#include <sha512.h>
@@ -59,6 +60,7 @@ typedef char *(DIGEST_End)(void *, char *);
extern const char *MD5TestOutput[MDTESTCOUNT];
extern const char *SHA1_TestOutput[MDTESTCOUNT];
+extern const char *SHA224_TestOutput[MDTESTCOUNT];
extern const char *SHA256_TestOutput[MDTESTCOUNT];
extern const char *SHA384_TestOutput[MDTESTCOUNT];
extern const char *SHA512_TestOutput[MDTESTCOUNT];
@@ -89,6 +91,7 @@ static void usage(const Algorithm_t *);
typedef union {
MD5_CTX md5;
SHA1_CTX sha1;
+ SHA224_CTX sha224;
SHA256_CTX sha256;
SHA384_CTX sha384;
SHA512_CTX sha512;
@@ -112,6 +115,9 @@ static const struct Algorithm_t Algorithm[] = {
{ "sha1", "SHA1", &SHA1_TestOutput, (DIGEST_Init*)&SHA1_Init,
(DIGEST_Update*)&SHA1_Update, (DIGEST_End*)&SHA1_End,
&SHA1_Data, &SHA1_Fd },
+ { "sha224", "SHA224", &SHA224_TestOutput, (DIGEST_Init*)&SHA224_Init,
+ (DIGEST_Update*)&SHA224_Update, (DIGEST_End*)&SHA224_End,
+ &SHA224_Data, &SHA224_Fd },
{ "sha256", "SHA256", &SHA256_TestOutput, (DIGEST_Init*)&SHA256_Init,
(DIGEST_Update*)&SHA256_Update, (DIGEST_End*)&SHA256_End,
&SHA256_Data, &SHA256_Fd },
@@ -366,6 +372,17 @@ const char *SHA1_TestOutput[MDTESTCOUNT] = {
"761c457bf73b14d27e9e9265c46f4b4dda11f940",
"50abf5706a150990a08b2c5ea40fa0e585554732",
"18eca4333979c4181199b7b4fab8786d16cf2846"
+};
+
+const char *SHA224_TestOutput[MDTESTCOUNT] = {
+ "d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f",
+ "abd37534c7d9a2efb9465de931cd7055ffdb8879563ae98078d6d6d5",
+ "23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7",
+ "2cb21c83ae2f004de7e81c3c7019cbcb65b71ab656b22d6d0c39b8eb",
+ "45a5f72c39c5cff2522eb3429799e49e5f44b356ef926bcf390dccc2",
+ "bff72b4fcb7d75e5632900ac5f90d219e05e97a7bde72e740db393d9",
+ "b50aecbe4e9bb0b57bc5f3ae760a8e01db24f203fb3cdcd13148046e",
+ "5ae55f3779c8a1204210d7ed7689f661fbe140f96f272ab79e19d470"
};
const char *SHA256_TestOutput[MDTESTCOUNT] = {
More information about the svn-src-head
mailing list