diff --git a/lib/libmd/Makefile b/lib/libmd/Makefile index 8d3a05279004..94f38732872c 100644 --- a/lib/libmd/Makefile +++ b/lib/libmd/Makefile @@ -1,450 +1,482 @@ # $FreeBSD$ SHLIBDIR?= /lib .include .include PACKAGE= runtime LIB= md SHLIB_MAJOR= 6 SRCS= md4c.c md5c.c md4hl.c md5hl.c \ rmd160c.c rmd160hl.c \ sha0c.c sha0hl.c sha1c.c sha1hl.c \ sha224hl.c sha256c.c sha256hl.c \ sha384hl.c \ - sha512c.c sha512hl.c sha512thl.c \ + sha512c.c sha512hl.c sha512t224hl.c sha512t256hl.c \ skein.c skein_block.c \ skein256hl.c skein512hl.c skein1024hl.c INCS= md4.h md5.h ripemd.h sha.h sha224.h sha256.h sha384.h sha512.h \ sha512t.h skein.h skein_port.h skein_freebsd.h skein_iv.h WARNS?= 0 MAN+= md4.3 md5.3 ripemd.3 sha.3 sha256.3 sha512.3 skein.3 MLINKS+=md4.3 MD4Init.3 md4.3 MD4Update.3 md4.3 MD4Final.3 MLINKS+=md4.3 MD4End.3 md4.3 MD4File.3 md4.3 MD4FileChunk.3 MLINKS+=md4.3 MD4Data.3 MLINKS+=md5.3 MD5Init.3 md5.3 MD5Update.3 md5.3 MD5Final.3 MLINKS+=md5.3 MD5End.3 md5.3 MD5File.3 md5.3 MD5FileChunk.3 MLINKS+=md5.3 MD5Data.3 MLINKS+=ripemd.3 RIPEMD160_Init.3 ripemd.3 RIPEMD160_Update.3 MLINKS+=ripemd.3 RIPEMD160_Final.3 ripemd.3 RIPEMD160_Data.3 MLINKS+=ripemd.3 RIPEMD160_End.3 ripemd.3 RIPEMD160_File.3 MLINKS+=ripemd.3 RIPEMD160_FileChunk.3 MLINKS+=sha.3 SHA_Init.3 sha.3 SHA_Update.3 sha.3 SHA_Final.3 MLINKS+=sha.3 SHA_End.3 sha.3 SHA_File.3 sha.3 SHA_FileChunk.3 MLINKS+=sha.3 SHA_Data.3 MLINKS+=sha.3 SHA1_Init.3 sha.3 SHA1_Update.3 sha.3 SHA1_Final.3 MLINKS+=sha.3 SHA1_End.3 sha.3 SHA1_File.3 sha.3 SHA1_FileChunk.3 MLINKS+=sha.3 SHA1_Data.3 MLINKS+=sha256.3 SHA224_Init.3 sha256.3 SHA224_Update.3 MLINKS+=sha256.3 SHA224_Final.3 sha256.3 SHA224_End.3 MLINKS+=sha256.3 SHA224_File.3 sha256.3 SHA224_FileChunk.3 MLINKS+=sha256.3 SHA224_Data.3 MLINKS+=sha256.3 SHA256_Init.3 sha256.3 SHA256_Update.3 MLINKS+=sha256.3 SHA256_Final.3 sha256.3 SHA256_End.3 MLINKS+=sha256.3 SHA256_File.3 sha256.3 SHA256_FileChunk.3 MLINKS+=sha256.3 SHA256_Data.3 MLINKS+=sha512.3 SHA384_Init.3 sha512.3 SHA384_Update.3 MLINKS+=sha512.3 SHA384_Final.3 sha512.3 SHA384_End.3 MLINKS+=sha512.3 SHA384_File.3 sha512.3 SHA384_FileChunk.3 MLINKS+=sha512.3 SHA384_Data.3 sha512.3 sha384.3 MLINKS+=sha512.3 SHA512_Init.3 sha512.3 SHA512_Update.3 MLINKS+=sha512.3 SHA512_Final.3 sha512.3 SHA512_End.3 MLINKS+=sha512.3 SHA512_File.3 sha512.3 SHA512_FileChunk.3 MLINKS+=sha512.3 SHA512_Data.3 +MLINKS+=sha512.3 SHA512_224_Init.3 sha512.3 SHA512_224_Update.3 +MLINKS+=sha512.3 SHA512_224_Final.3 sha512.3 SHA512_224_End.3 +MLINKS+=sha512.3 SHA512_224_File.3 sha512.3 SHA512_224_FileChunk.3 +MLINKS+=sha512.3 SHA512_224_Data.3 MLINKS+=sha512.3 SHA512_256_Init.3 sha512.3 SHA512_256_Update.3 MLINKS+=sha512.3 SHA512_256_Final.3 sha512.3 SHA512_256_End.3 MLINKS+=sha512.3 SHA512_256_File.3 sha512.3 SHA512_256_FileChunk.3 MLINKS+=sha512.3 SHA512_256_Data.3 MLINKS+=skein.3 SKEIN256_Init.3 skein.3 SKEIN256_Update.3 MLINKS+=skein.3 SKEIN256_Final.3 skein.3 SKEIN256_End.3 MLINKS+=skein.3 SKEIN256_File.3 skein.3 SKEIN256_FileChunk.3 MLINKS+=skein.3 SKEIN256_Data.3 skein.3 skein256.3 MLINKS+=skein.3 SKEIN512_Init.3 skein.3 SKEIN512_Update.3 MLINKS+=skein.3 SKEIN512_Final.3 skein.3 SKEIN512_End.3 MLINKS+=skein.3 SKEIN512_File.3 skein.3 SKEIN512_FileChunk.3 MLINKS+=skein.3 SKEIN512_Data.3 skein.3 skein512.3 MLINKS+=skein.3 SKEIN1024_Init.3 skein.3 SKEIN1024_Update.3 MLINKS+=skein.3 SKEIN1024_Final.3 skein.3 SKEIN1024_End.3 MLINKS+=skein.3 SKEIN1024_File.3 skein.3 SKEIN1024_FileChunk.3 MLINKS+=skein.3 SKEIN1024_Data.3 skein.3 skein1024.3 CLEANFILES+= md[245]hl.c md[245].ref md[245].3 mddriver \ rmd160.ref rmd160hl.c rmddriver \ sha0.ref sha0hl.c sha1.ref sha1hl.c shadriver \ sha224.ref sha256.ref sha224hl.c sha256hl.c \ sha384hl.c sha384.ref \ - sha512.ref sha512hl.c sha512t256.ref sha512thl.c \ + sha512.ref sha512hl.c \ + sha512t224.ref sha512t224hl.c \ + sha512t256.ref sha512t256hl.c \ skein256hl.c skein512hl.c skein1024hl.c \ skein256.ref skein512.ref skein1024.ref \ skeindriver # Need src tree sys/md5.h for MD5FileChunk prototype on older systems. SRCS+= sys/md5.h CLEANDIRS= sys CFLAGS+= -I. sys/md5.h: ${SRCTOP}/sys/${.TARGET} .NOMETA ln -sf ${.ALLSRC} ${.TARGET} # Define WEAK_REFS to provide weak aliases for libmd symbols # # Note that the same sources are also used internally by libcrypt, # in which case: # * macros are used to rename symbols to libcrypt internal names # * no weak aliases are generated CFLAGS+= -I${.CURDIR} -I${SRCTOP}/sys/crypto/sha2 CFLAGS+= -I${SRCTOP}/sys/crypto/skein CFLAGS+= -DWEAK_REFS # unroll the 256 and 512 loops, half unroll the 1024 CFLAGS.skein_block.c+= -DSKEIN_LOOP=995 .PATH: ${.CURDIR}/${MACHINE_ARCH} ${SRCTOP}/sys/crypto/sha2 .PATH: ${SRCTOP}/sys/crypto/skein ${SRCTOP}/sys/crypto/skein/${MACHINE_ARCH} USE_ASM_SOURCES?=1 .if defined(BOOTSTRAPPING) || ${MK_MACHDEP_OPTIMIZATIONS} == no # Don't build ASM sources when bootstrapping to avoid toolchain dependencies USE_ASM_SOURCES:=0 .endif .if ${USE_ASM_SOURCES} != 0 .if exists(${MACHINE_ARCH}/sha.S) SRCS+= sha.S CFLAGS+= -DSHA1_ASM .endif .if exists(${MACHINE_ARCH}/rmd160.S) SRCS+= rmd160.S CFLAGS+= -DRMD160_ASM .endif .if exists(${MACHINE_ARCH}/skein_block_asm.S) # Fully unroll all loops in the assembly optimized version ACFLAGS+= -DSKEIN_LOOP=0 SRCS+= skein_block_asm.S CFLAGS+= -DSKEIN_ASM -DSKEIN_USE_ASM=1792 # list of block functions to replace with assembly: 256+512+1024 = 1792 # 20201002 Add explict Makefile dependency for r366344 (reenabled assembly # optimized version). SKEIN_USE_ASM determines which routines should come from # the assembly vs C versions, and skein_block needs to be rebuilt if it changes. skein_block.o skein_block.pico: Makefile .endif .if exists(${MACHINE_ARCH}/sha.S) || exists(${MACHINE_ARCH}/rmd160.S) || exists(${MACHINE_ARCH}/skein_block_asm.S) ACFLAGS+= -DELF -Wa,--noexecstack .endif .if ${MACHINE_CPUARCH} == "aarch64" SRCS+= sha256c_arm64.c CFLAGS+= -DARM64_SHA2 CFLAGS.sha256c_arm64.c+= -march=armv8-a+crypto .if ${COMPILER_FEATURES:Maarch64-sha512} SRCS+= sha512c_arm64.c CFLAGS+= -DARM64_SHA512 CFLAGS.sha512c_arm64.c+= -march=armv8.2-a+sha3 .endif # aarch64-sha512 .endif .endif # ${USE_ASM_SOURCES} != 0 md4hl.c: mdXhl.c (echo '#define LENGTH 16'; \ sed -e 's/mdX/md4/g' -e 's/MDX/MD4/g' ${.ALLSRC}) > ${.TARGET} md5hl.c: mdXhl.c (echo '#define LENGTH 16'; \ sed -e 's/mdX/md5/g' -e 's/MDX/MD5/g' ${.ALLSRC}) > ${.TARGET} sha0hl.c: mdXhl.c (echo '#define LENGTH 20'; \ sed -e 's/mdX/sha/g' -e 's/MDX/SHA_/g' -e 's/SHA__/SHA_/g' \ ${.ALLSRC}) > ${.TARGET} sha1hl.c: mdXhl.c (echo '#define LENGTH 20'; \ sed -e 's/mdX/sha/g' -e 's/MDX/SHA1_/g' -e 's/SHA1__/SHA1_/g' \ ${.ALLSRC}) > ${.TARGET} sha224hl.c: mdXhl.c (echo '#define LENGTH 28'; \ sed -e 's/mdX/sha224/g' -e 's/MDX/SHA224_/g' \ -e 's/SHA224__/SHA224_/g' \ ${.ALLSRC}) > ${.TARGET} sha256hl.c: mdXhl.c (echo '#define LENGTH 32'; \ sed -e 's/mdX/sha256/g' -e 's/MDX/SHA256_/g' \ -e 's/SHA256__/SHA256_/g' \ ${.ALLSRC}) > ${.TARGET} sha384hl.c: mdXhl.c (echo '#define LENGTH 48'; \ sed -e 's/mdX/sha384/g' -e 's/MDX/SHA384_/g' \ -e 's/SHA384__/SHA384_/g' \ ${.ALLSRC}) > ${.TARGET} sha512hl.c: mdXhl.c (echo '#define LENGTH 64'; \ sed -e 's/mdX/sha512/g' -e 's/MDX/SHA512_/g' \ -e 's/SHA512__/SHA512_/g' \ ${.ALLSRC}) > ${.TARGET} -sha512thl.c: mdXhl.c +sha512t224hl.c: mdXhl.c + (echo '#define LENGTH 28'; \ + sed -e 's/mdX/sha512t/g' -e 's/MDX/SHA512_224_/g' \ + -e 's/SHA512_224__/SHA512_224_/g' \ + -e 's/SHA512_224_CTX/SHA512_CTX/g' \ + ${.ALLSRC}) > ${.TARGET} + +sha512t256hl.c: mdXhl.c (echo '#define LENGTH 32'; \ sed -e 's/mdX/sha512t/g' -e 's/MDX/SHA512_256_/g' \ -e 's/SHA512_256__/SHA512_256_/g' \ -e 's/SHA512_256_CTX/SHA512_CTX/g' \ ${.ALLSRC}) > ${.TARGET} rmd160hl.c: mdXhl.c (echo '#define LENGTH 20'; \ sed -e 's/mdX/ripemd/g' -e 's/MDX/RIPEMD160_/g' \ -e 's/RIPEMD160__/RIPEMD160_/g' \ ${.ALLSRC}) > ${.TARGET} skein256hl.c: mdXhl.c (echo '#define LENGTH 32'; \ sed -e 's/mdX/skein/g' -e 's/MDX/SKEIN256_/g' \ -e 's/SKEIN256__/SKEIN256_/g' \ ${.ALLSRC}) > ${.TARGET} skein512hl.c: mdXhl.c (echo '#define LENGTH 64'; \ sed -e 's/mdX/skein/g' -e 's/MDX/SKEIN512_/g' \ -e 's/SKEIN512__/SKEIN512_/g' \ ${.ALLSRC}) > ${.TARGET} skein1024hl.c: mdXhl.c (echo '#define LENGTH 128'; \ sed -e 's/mdX/skein/g' -e 's/MDX/SKEIN1024_/g' \ -e 's/SKEIN1024__/SKEIN1024_/g' \ ${.ALLSRC}) > ${.TARGET} .for i in 2 4 5 md${i}.3: ${.CURDIR}/mdX.3 sed -e "s/mdX/md${i}/g" -e "s/MDX/MD${i}/g" ${.ALLSRC} > ${.TARGET} cat ${.CURDIR}/md${i}.copyright >> ${.TARGET} .endfor md4.ref: echo 'MD4 test suite:' > ${.TARGET} @echo 'MD4 ("") = 31d6cfe0d16ae931b73c59d7e0c089c0' >> ${.TARGET} @echo 'MD4 ("a") = bde52cb31de33e46245e05fbdbd6fb24' >> ${.TARGET} @echo 'MD4 ("abc") = a448017aaf21d8525fc10ae87aa6729d' >> ${.TARGET} @echo 'MD4 ("message digest") = d9130a8164549fe818874806e1c7014b' >> ${.TARGET} @echo 'MD4 ("abcdefghijklmnopqrstuvwxyz") = d79e1c308aa5bbcdeea8ed63df412da9' >> ${.TARGET} @echo 'MD4 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \ '043f8582f241db351ce627e153e7f0e4' >> ${.TARGET} @echo 'MD4 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \ 'e33b4ddc9c38f2199c3e7b164fcc0536' >> ${.TARGET} md5.ref: echo 'MD5 test suite:' > ${.TARGET} @echo 'MD5 ("") = d41d8cd98f00b204e9800998ecf8427e' >> ${.TARGET} @echo 'MD5 ("a") = 0cc175b9c0f1b6a831c399e269772661' >> ${.TARGET} @echo 'MD5 ("abc") = 900150983cd24fb0d6963f7d28e17f72' >> ${.TARGET} @echo 'MD5 ("message digest") = f96b697d7cb7938d525a2f31aaf161d0' >> ${.TARGET} @echo 'MD5 ("abcdefghijklmnopqrstuvwxyz") = c3fcd3d76192e4007dfb496cca67e13b' >> ${.TARGET} @echo 'MD5 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") = d174ab98d277d9f5a5611c2c9f419d9f' >> ${.TARGET} @echo 'MD5 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") = 57edf4a22be3c955ac49da2e2107b67a' >> ${.TARGET} sha0.ref: echo 'SHA-0 test suite:' > ${.TARGET} @echo 'SHA-0 ("") = f96cea198ad1dd5617ac084a3d92c6107708c0ef' >> ${.TARGET} @echo 'SHA-0 ("abc") = 0164b8a914cd2a5e74c4f7ff082c4d97f1edf880' >> ${.TARGET} @echo 'SHA-0 ("message digest") =' \ 'c1b0f222d150ebb9aa36a40cafdc8bcbed830b14' >> ${.TARGET} @echo 'SHA-0 ("abcdefghijklmnopqrstuvwxyz") =' \ 'b40ce07a430cfd3c033039b9fe9afec95dc1bdcd' >> ${.TARGET} @echo 'SHA-0 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \ '79e966f7a3a990df33e40e3d7f8f18d2caebadfa' >> ${.TARGET} @echo 'SHA-0 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \ '4aa29d14d171522ece47bee8957e35a41f3e9cff' >> ${.TARGET} sha1.ref: echo 'SHA-1 test suite:' > ${.TARGET} @echo 'SHA-1 ("") = da39a3ee5e6b4b0d3255bfef95601890afd80709' >> ${.TARGET} @echo 'SHA-1 ("abc") = a9993e364706816aba3e25717850c26c9cd0d89d' >> ${.TARGET} @echo 'SHA-1 ("message digest") =' \ 'c12252ceda8be8994d5fa0290a47231c1d16aae3' >> ${.TARGET} @echo 'SHA-1 ("abcdefghijklmnopqrstuvwxyz") =' \ '32d10c7b8cf96570ca04ce37f2a19d84240d3a89' >> ${.TARGET} @echo 'SHA-1 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \ '761c457bf73b14d27e9e9265c46f4b4dda11f940' >> ${.TARGET} @echo 'SHA-1 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \ '50abf5706a150990a08b2c5ea40fa0e585554732' >> ${.TARGET} sha224.ref: echo 'SHA-224 test suite:' > ${.TARGET} @echo 'SHA-224 ("") = d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f' >> ${.TARGET} @echo 'SHA-224 ("abc") =' \ '23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7' >> ${.TARGET} @echo 'SHA-224 ("message digest") =' \ '2cb21c83ae2f004de7e81c3c7019cbcb65b71ab656b22d6d0c39b8eb' >> ${.TARGET} @echo 'SHA-224 ("abcdefghijklmnopqrstuvwxyz") =' \ '45a5f72c39c5cff2522eb3429799e49e5f44b356ef926bcf390dccc2' >> ${.TARGET} @echo 'SHA-224 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \ 'bff72b4fcb7d75e5632900ac5f90d219e05e97a7bde72e740db393d9' >> ${.TARGET} @echo 'SHA-224 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \ 'b50aecbe4e9bb0b57bc5f3ae760a8e01db24f203fb3cdcd13148046e' >> ${.TARGET} sha256.ref: echo 'SHA-256 test suite:' > ${.TARGET} @echo 'SHA-256 ("") = e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855' >> ${.TARGET} @echo 'SHA-256 ("abc") =' \ 'ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad' >> ${.TARGET} @echo 'SHA-256 ("message digest") =' \ 'f7846f55cf23e14eebeab5b4e1550cad5b509e3348fbc4efa3a1413d393cb650' >> ${.TARGET} @echo 'SHA-256 ("abcdefghijklmnopqrstuvwxyz") =' \ '71c480df93d6ae2f1efad1447c66c9525e316218cf51fc8d9ed832f2daf18b73' >> ${.TARGET} @echo 'SHA-256 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \ 'db4bfcbd4da0cd85a60c3c37d3fbd8805c77f15fc6b1fdfe614ee0a7c8fdb4c0' >> ${.TARGET} @echo 'SHA-256 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \ 'f371bc4a311f2b009eef952dd83ca80e2b60026c8e935592d0f9c308453c813e' >> ${.TARGET} sha384.ref: echo 'SHA-384 test suite:' > ${.TARGET} @echo 'SHA-384 ("") =' \ '38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b' >> ${.TARGET} @echo 'SHA-384 ("abc") =' \ 'cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed8086072ba1e7cc2358baeca134c825a7' >> ${.TARGET} @echo 'SHA-384 ("message digest") =' \ '473ed35167ec1f5d8e550368a3db39be54639f828868e9454c239fc8b52e3c61dbd0d8b4de1390c256dcbb5d5fd99cd5' >> ${.TARGET} @echo 'SHA-384 ("abcdefghijklmnopqrstuvwxyz") =' \ 'feb67349df3db6f5924815d6c3dc133f091809213731fe5c7b5f4999e463479ff2877f5f2936fa63bb43784b12f3ebb4' >> ${.TARGET} @echo 'SHA-384 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \ '1761336e3f7cbfe51deb137f026f89e01a448e3b1fafa64039c1464ee8732f11a5341a6f41e0c202294736ed64db1a84' >> ${.TARGET} @echo 'SHA-384 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \ 'b12932b0627d1c060942f5447764155655bd4da0c9afa6dd9b9ef53129af1b8fb0195996d2de9ca0df9d821ffee67026' >> ${.TARGET} sha512.ref: echo 'SHA-512 test suite:' > ${.TARGET} @echo 'SHA-512 ("") =' \ 'cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e' >> ${.TARGET} @echo 'SHA-512 ("abc") =' \ 'ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f' >> ${.TARGET} @echo 'SHA-512 ("message digest") =' \ '107dbf389d9e9f71a3a95f6c055b9251bc5268c2be16d6c13492ea45b0199f3309e16455ab1e96118e8a905d5597b72038ddb372a89826046de66687bb420e7c' >> ${.TARGET} @echo 'SHA-512 ("abcdefghijklmnopqrstuvwxyz") =' \ '4dbff86cc2ca1bae1e16468a05cb9881c97f1753bce3619034898faa1aabe429955a1bf8ec483d7421fe3c1646613a59ed5441fb0f321389f77f48a879c7b1f1' >> ${.TARGET} @echo 'SHA-512 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \ '1e07be23c26a86ea37ea810c8ec7809352515a970e9253c26f536cfc7a9996c45c8370583e0a78fa4a90041d71a4ceab7423f19c71b9d5a3e01249f0bebd5894' >> ${.TARGET} @echo 'SHA-512 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \ '72ec1ef1124a45b047e8b7c75a932195135bb61de24ec0d1914042246e0aec3a2354e093d76f3048b456764346900cb130d2a4fd5dd16abb5e30bcb850dee843' >> ${.TARGET} +sha512t224.ref: + echo 'SHA-512224 test suite:' > ${.TARGET} + @echo 'SHA-512224 ("") =' \ + '6ed0dd02806fa89e25de060c19d3ac86cabb87d6a0ddd05c333b84f4' >> ${.TARGET} + @echo 'SHA-512224 ("abc") =' \ + '4634270f707b6a54daae7530460842e20e37ed265ceee9a43e8924aa' >> ${.TARGET} + @echo 'SHA-512224 ("message digest") =' \ + 'ad1a4db188fe57064f4f24609d2a83cd0afb9b398eb2fcaeaae2c564' >> ${.TARGET} + @echo 'SHA-512224 ("abcdefghijklmnopqrstuvwxyz") =' \ + 'ff83148aa07ec30655c1b40aff86141c0215fe2a54f767d3f38743d8' >> ${.TARGET} + @echo 'SHA-512224 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \ + 'a8b4b9174b99ffc67d6f49be9981587b96441051e16e6dd036b140d3' >> ${.TARGET} + @echo 'SHA-512224 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \ + 'ae988faaa47e401a45f704d1272d99702458fea2ddc6582827556dd2' >> ${.TARGET} + sha512t256.ref: echo 'SHA-512256 test suite:' > ${.TARGET} @echo 'SHA-512256 ("") =' \ 'c672b8d1ef56ed28ab87c3622c5114069bdd3ad7b8f9737498d0c01ecef0967a' >> ${.TARGET} @echo 'SHA-512256 ("abc") =' \ '53048e2681941ef99b2e29b76b4c7dabe4c2d0c634fc6d46e0e2f13107e7af23' >> ${.TARGET} @echo 'SHA-512256 ("message digest") =' \ '0cf471fd17ed69d990daf3433c89b16d63dec1bb9cb42a6094604ee5d7b4e9fb' >> ${.TARGET} @echo 'SHA-512256 ("abcdefghijklmnopqrstuvwxyz") =' \ 'fc3189443f9c268f626aea08a756abe7b726b05f701cb08222312ccfd6710a26' >> ${.TARGET} @echo 'SHA-512256 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \ 'cdf1cc0effe26ecc0c13758f7b4a48e000615df241284185c39eb05d355bb9c8' >> ${.TARGET} @echo 'SHA-512256 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \ '2c9fdbc0c90bdd87612ee8455474f9044850241dc105b1e8b94b8ddf5fac9148' >> ${.TARGET} rmd160.ref: echo 'RIPEMD160 test suite:' > ${.TARGET} @echo 'RIPEMD160 ("") = 9c1185a5c5e9fc54612808977ee8f548b2258d31' >> ${.TARGET} @echo 'RIPEMD160 ("abc") = 8eb208f7e05d987a9b044a8e98c6b087f15a0bfc' >> ${.TARGET} @echo 'RIPEMD160 ("message digest") =' \ '5d0689ef49d2fae572b881b123a85ffa21595f36' >> ${.TARGET} @echo 'RIPEMD160 ("abcdefghijklmnopqrstuvwxyz") =' \ 'f71c27109c692c1b56bbdceb5b9d2865b3708dbc' >> ${.TARGET} @echo 'RIPEMD160 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \ 'b0e20b6e3116640286ed3a87a5713079b21f5189' >> ${.TARGET} @echo 'RIPEMD160 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \ '9b752e45573d4b39f4dbd3323cab82bf63326bfb' >> ${.TARGET} skein256.ref: echo 'SKEIN256 test suite:' > ${.TARGET} @echo 'SKEIN256 ("") = c8877087da56e072870daa843f176e9453115929094c3a40c463a196c29bf7ba' >> ${.TARGET} @echo 'SKEIN256 ("abc") = 258bdec343b9fde1639221a5ae0144a96e552e5288753c5fec76c05fc2fc1870' >> ${.TARGET} @echo 'SKEIN256 ("message digest") =' \ '4d2ce0062b5eb3a4db95bc1117dd8aa014f6cd50fdc8e64f31f7d41f9231e488' >> ${.TARGET} @echo 'SKEIN256 ("abcdefghijklmnopqrstuvwxyz") =' \ '46d8440685461b00e3ddb891b2ecc6855287d2bd8834a95fb1c1708b00ea5e82' >> ${.TARGET} @echo 'SKEIN256 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \ '7c5eb606389556b33d34eb2536459528dc0af97adbcd0ce273aeb650f598d4b2' >> ${.TARGET} @echo 'SKEIN256 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \ '4def7a7e5464a140ae9c3a80279fbebce4bd00f9faad819ab7e001512f67a10d' >> ${.TARGET} skein512.ref: echo 'SKEIN512 test suite:' > ${.TARGET} @echo 'SKEIN512 ("") =' \ 'bc5b4c50925519c290cc634277ae3d6257212395cba733bbad37a4af0fa06af41fca7903d06564fea7a2d3730dbdb80c1f85562dfcc070334ea4d1d9e72cba7a' >> ${.TARGET} @echo 'SKEIN512 ("abc") =' \ '8f5dd9ec798152668e35129496b029a960c9a9b88662f7f9482f110b31f9f93893ecfb25c009baad9e46737197d5630379816a886aa05526d3a70df272d96e75' >> ${.TARGET} @echo 'SKEIN512 ("message digest") =' \ '15b73c158ffb875fed4d72801ded0794c720b121c0c78edf45f900937e6933d9e21a3a984206933d504b5dbb2368000411477ee1b204c986068df77886542fcc' >> ${.TARGET} @echo 'SKEIN512 ("abcdefghijklmnopqrstuvwxyz") =' \ '23793ad900ef12f9165c8080da6fdfd2c8354a2929b8aadf83aa82a3c6470342f57cf8c035ec0d97429b626c4d94f28632c8f5134fd367dca5cf293d2ec13f8c' >> ${.TARGET} @echo 'SKEIN512 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \ '0c6bed927e022f5ddcf81877d42e5f75798a9f8fd3ede3d83baac0a2f364b082e036c11af35fe478745459dd8f5c0b73efe3c56ba5bb2009208d5a29cc6e469c' >> ${.TARGET} @echo 'SKEIN512 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \ '2ca9fcffb3456f297d1b5f407014ecb856f0baac8eb540f534b1f187196f21e88f31103128c2f03fcc9857d7a58eb66f9525e2302d88833ee069295537a434ce' >> ${.TARGET} skein1024.ref: echo 'SKEIN1024 test suite:' > ${.TARGET} @echo 'SKEIN1024 ("") =' \ '0fff9563bb3279289227ac77d319b6fff8d7e9f09da1247b72a0a265cd6d2a62645ad547ed8193db48cff847c06494a03f55666d3b47eb4c20456c9373c86297d630d5578ebd34cb40991578f9f52b18003efa35d3da6553ff35db91b81ab890bec1b189b7f52cb2a783ebb7d823d725b0b4a71f6824e88f68f982eefc6d19c6' >> ${.TARGET} @echo 'SKEIN1024 ("abc") =' \ '35a599a0f91abcdb4cb73c19b8cb8d947742d82c309137a7caed29e8e0a2ca7a9ff9a90c34c1908cc7e7fd99bb15032fb86e76df21b72628399b5f7c3cc209d7bb31c99cd4e19465622a049afbb87c03b5ce3888d17e6e667279ec0aa9b3e2712624c01b5f5bbe1a564220bdcf6990af0c2539019f313fdd7406cca3892a1f1f' >> ${.TARGET} @echo 'SKEIN1024 ("message digest") =' \ 'ea891f5268acd0fac97467fc1aa89d1ce8681a9992a42540e53babee861483110c2d16f49e73bac27653ff173003e40cfb08516cd34262e6af95a5d8645c9c1abb3e813604d508b8511b30f9a5c1b352aa0791c7d2f27b2706dccea54bc7de6555b5202351751c3299f97c09cf89c40f67187e2521c0fad82b30edbb224f0458' >> ${.TARGET} @echo 'SKEIN1024 ("abcdefghijklmnopqrstuvwxyz") =' \ 'f23d95c2a25fbcd0e797cd058fec39d3c52d2b5afd7a9af1df934e63257d1d3dcf3246e7329c0f1104c1e51e3d22e300507b0c3b9f985bb1f645ef49835080536becf83788e17fed09c9982ba65c3cb7ffe6a5f745b911c506962adf226e435c42f6f6bc08d288f9c810e807e3216ef444f3db22744441deefa4900982a1371f' >> ${.TARGET} @echo 'SKEIN1024 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \ 'cf3889e8a8d11bfd3938055d7d061437962bc5eac8ae83b1b71c94be201b8cf657fdbfc38674997a008c0c903f56a23feb3ae30e012377f1cfa080a9ca7fe8b96138662653fb3335c7d06595bf8baf65e215307532094cfdfa056bd8052ab792a3944a2adaa47b30335b8badb8fe9eb94fe329cdca04e58bbc530f0af709f469' >> ${.TARGET} @echo 'SKEIN1024 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \ 'cf21a613620e6c119eca31fdfaad449a8e02f95ca256c21d2a105f8e4157048f9fe1e897893ea18b64e0e37cb07d5ac947f27ba544caf7cbc1ad094e675aed77a366270f7eb7f46543bccfa61c526fd628408058ed00ed566ac35a9761d002e629c4fb0d430b2f4ad016fcc49c44d2981c4002da0eecc42144160e2eaea4855a' >> ${.TARGET} test: md4.ref md5.ref sha0.ref rmd160.ref sha1.ref sha224.ref sha256.ref sha384.ref \ - sha512.ref sha512t256.ref skein256.ref skein512.ref skein1024.ref + sha512.ref sha512t224.ref sha512t256.ref skein256.ref skein512.ref skein1024.ref @${ECHO} if any of these test fail, the code produces wrong results @${ECHO} and should NOT be used. ${CC} ${CFLAGS} ${LDFLAGS} -DMD=4 -o mddriver ${.CURDIR}/mddriver.c libmd.a ./mddriver | cmp md4.ref - @${ECHO} MD4 passed test ${CC} ${CFLAGS} ${LDFLAGS} -DMD=5 -o mddriver ${.CURDIR}/mddriver.c libmd.a ./mddriver | cmp md5.ref - @${ECHO} MD5 passed test -rm -f mddriver ${CC} ${CFLAGS} ${LDFLAGS} -o rmddriver ${.CURDIR}/rmddriver.c libmd.a ./rmddriver | cmp rmd160.ref - @${ECHO} RIPEMD160 passed test -rm -f rmddriver ${CC} ${CFLAGS} ${LDFLAGS} -DSHA=0 -o shadriver ${.CURDIR}/shadriver.c libmd.a ./shadriver | cmp sha0.ref - @${ECHO} SHA-0 passed test ${CC} ${CFLAGS} ${LDFLAGS} -DSHA=1 -o shadriver ${.CURDIR}/shadriver.c libmd.a ./shadriver | cmp sha1.ref - @${ECHO} SHA-1 passed test ${CC} ${CFLAGS} ${LDFLAGS} -DSHA=224 -o shadriver ${.CURDIR}/shadriver.c libmd.a ./shadriver | cmp sha224.ref - @${ECHO} SHA-224 passed test ${CC} ${CFLAGS} ${LDFLAGS} -DSHA=256 -o shadriver ${.CURDIR}/shadriver.c libmd.a ./shadriver | cmp sha256.ref - @${ECHO} SHA-256 passed test ${CC} ${CFLAGS} ${LDFLAGS} -DSHA=384 -o shadriver ${.CURDIR}/shadriver.c libmd.a ./shadriver | cmp sha384.ref - @${ECHO} SHA-384 passed test ${CC} ${CFLAGS} ${LDFLAGS} -DSHA=512 -o shadriver ${.CURDIR}/shadriver.c libmd.a ./shadriver | cmp sha512.ref - @${ECHO} SHA-512 passed test + ${CC} ${CFLAGS} ${LDFLAGS} -DSHA=512224 -o shadriver ${.CURDIR}/shadriver.c libmd.a + ./shadriver | cmp sha512t224.ref - + @${ECHO} SHA-512t224 passed test + -rm -f shadriver ${CC} ${CFLAGS} ${LDFLAGS} -DSHA=512256 -o shadriver ${.CURDIR}/shadriver.c libmd.a ./shadriver | cmp sha512t256.ref - @${ECHO} SHA-512t256 passed test -rm -f shadriver ${CC} ${CFLAGS} ${LDFLAGS} -DSKEIN=256 -o skeindriver ${.CURDIR}/skeindriver.c libmd.a ./skeindriver | cmp skein256.ref - @${ECHO} SKEIN256 passed test ${CC} ${CFLAGS} ${LDFLAGS} -DSKEIN=512 -o skeindriver ${.CURDIR}/skeindriver.c libmd.a ./skeindriver | cmp skein512.ref - @${ECHO} SKEIN512 passed test ${CC} ${CFLAGS} ${LDFLAGS} -DSKEIN=1024 -o skeindriver ${.CURDIR}/skeindriver.c libmd.a ./skeindriver | cmp skein1024.ref - @${ECHO} SKEIN1024 passed test -rm -f skeindriver .include diff --git a/lib/libmd/mdX.3 b/lib/libmd/mdX.3 index 30e6f367c662..50c0090921be 100644 --- a/lib/libmd/mdX.3 +++ b/lib/libmd/mdX.3 @@ -1,215 +1,211 @@ .\" .\" ---------------------------------------------------------------------------- .\" "THE BEER-WARE LICENSE" (Revision 42): .\" wrote this file. As long as you retain this notice you .\" can do whatever you want with this stuff. If we meet some day, and you think .\" this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp .\" ---------------------------------------------------------------------------- .\" .\" $FreeBSD$ .\" .Dd May 21, 2019 .Dt MDX 3 .Os .Sh NAME .Nm MDXInit , .Nm MDXUpdate , .Nm MDXPad , .Nm MDXFinal , .Nm MDXEnd , .Nm MDXFile , .Nm MDXFileChunk , .Nm MDXData .Nd calculate the RSA Data Security, Inc., ``MDX'' message digest .Sh LIBRARY .Lb libmd .Sh SYNOPSIS .In sys/types.h .In mdX.h .Ft void .Fn MDXInit "MDX_CTX *context" .Ft void .Fn MDXUpdate "MDX_CTX *context" "const void *data" "unsigned int len" .Ft void .Fn MDXPad "MDX_CTX *context" .Ft void .Fn MDXFinal "unsigned char digest[16]" "MDX_CTX *context" .Ft "char *" .Fn MDXEnd "MDX_CTX *context" "char *buf" .Ft "char *" .Fn MDXFile "const char *filename" "char *buf" .Ft "char *" .Fn MDXFileChunk "const char *filename" "char *buf" "off_t offset" "off_t length" .Ft "char *" .Fn MDXData "const void *data" "unsigned int len" "char *buf" .Sh DESCRIPTION The MDX functions calculate a 128-bit cryptographic checksum (digest) for any number of input bytes. A cryptographic checksum is a one-way hash-function, that is, you cannot find (except by exhaustive search) the input corresponding to a particular output. This net result is a .Dq fingerprint of the input-data, which does not disclose the actual input. .Pp MD4 is the fastest and MD5 is somewhat slower. MD4 has now been broken; it should only be used where necessary for backward compatibility. MD5 has not yet (1999-02-11) been broken, but sufficient attacks have been made that its security is in some doubt. The attacks on both MD4 and MD5 are both in the nature of finding .Dq collisions \[en] that is, multiple inputs which hash to the same value; it is still unlikely for an attacker to be able to determine the exact original input given a hash value. .Pp The .Fn MDXInit , .Fn MDXUpdate , and .Fn MDXFinal functions are the core functions. Allocate an .Vt MDX_CTX , initialize it with .Fn MDXInit , run over the data with .Fn MDXUpdate , and finally extract the result using .Fn MDXFinal , which will also erase the .Vt MDX_CTX . .Pp The .Fn MDXPad function can be used to pad message data in same way as done by .Fn MDXFinal without terminating calculation. .Pp The .Fn MDXEnd function is a wrapper for .Fn MDXFinal which converts the return value to a 33-character (including the terminating '\e0') -.Tn ASCII -string which represents the 128 bits in hexadecimal. +ASCII string which represents the 128 bits in hexadecimal. .Pp The .Fn MDXFile function calculates the digest of a file, and uses .Fn MDXEnd to return the result. If the file cannot be opened, a null pointer is returned. The .Fn MDXFileChunk function is similar to .Fn MDXFile , but it only calculates the digest over a byte-range of the file specified, starting at .Fa offset and spanning .Fa length bytes. If the .Fa length parameter is specified as 0, or more than the length of the remaining part of the file, .Fn MDXFileChunk calculates the digest from .Fa offset to the end of file. The .Fn MDXData function calculates the digest of a chunk of data in memory, and uses .Fn MDXEnd to return the result. .Pp When using .Fn MDXEnd , .Fn MDXFile , or .Fn MDXData , the .Fa buf argument can be a null pointer, in which case the returned string is allocated with .Xr malloc 3 and subsequently must be explicitly deallocated using .Xr free 3 after use. If the .Fa buf argument is non-null it must point to at least 33 characters of buffer space. .Sh ERRORS The .Fn MDXEnd function called with a null buf argument may fail and return NULL if: .Bl -tag -width Er .It Bq Er ENOMEM Insufficient storage space is available. .El .Pp The .Fn MDXFile and .Fn MDXFileChunk may return NULL when underlying .Xr open 2 , .Xr fstat 2 , .Xr lseek 2 , or .Xr MDXEnd 2 fail. .Sh SEE ALSO .Xr md4 3 , .Xr md5 3 , .Xr ripemd 3 , .Xr sha 3 , .Xr sha256 3 , .Xr sha512 3 , .Xr skein 3 .Rs .%A R. Rivest .%T The MD4 Message-Digest Algorithm .%O RFC 1186 .Re .Rs .%A R. Rivest .%T The MD5 Message-Digest Algorithm .%O RFC 1321 .Re .Rs .%A H. Dobbertin .%T Alf Swindles Ann .%J CryptoBytes .%N 1(3):5 .%D 1995 .Re .Rs .%A MJ. B. Robshaw .%T On Recent Results for MD2, MD4 and MD5 .%J RSA Laboratories Bulletin .%N 4 .%D November 12, 1996 .Re .Sh HISTORY These functions appeared in .Fx 2.0 . .Sh AUTHORS The original MDX routines were developed by -.Tn RSA -Data Security, Inc., and published in the above references. +RSA Data Security, Inc., and published in the above references. This code is derived directly from these implementations by .An Poul-Henning Kamp Aq Mt phk@FreeBSD.org . .Pp Phk ristede runen. .Sh BUGS -The -.Tn MD5 -algorithm has been proven to be vulnerable to practical collision +The MD5 algorithm has been proven to be vulnerable to practical collision attacks and should not be relied upon to produce unique outputs, .Em nor should they be used as part of a cryptographic signature scheme. diff --git a/lib/libmd/ripemd.3 b/lib/libmd/ripemd.3 index d868ae12827b..cfe04ff140b7 100644 --- a/lib/libmd/ripemd.3 +++ b/lib/libmd/ripemd.3 @@ -1,165 +1,162 @@ .\" .\" ---------------------------------------------------------------------------- .\" "THE BEER-WARE LICENSE" (Revision 42): .\" wrote this file. As long as you retain this notice you .\" can do whatever you want with this stuff. If we meet some day, and you think .\" this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp .\" ---------------------------------------------------------------------------- .\" .\" From: Id: mdX.3,v 1.14 1999/02/11 20:31:49 wollman Exp .\" $FreeBSD$ .\" .Dd July 20, 2018 .Dt RIPEMD 3 .Os .Sh NAME .Nm RIPEMD160_Init , .Nm RIPEMD160_Update , .Nm RIPEMD160_Final , .Nm RIPEMD160_End , .Nm RIPEMD160_File , .Nm RIPEMD160_FileChunk , .Nm RIPEMD160_Data .Nd calculate the RIPEMD160 message digest .Sh LIBRARY .Lb libmd .Sh SYNOPSIS .In sys/types.h .In ripemd.h .Ft void .Fn RIPEMD160_Init "RIPEMD160_CTX *context" .Ft void .Fn RIPEMD160_Update "RIPEMD160_CTX *context" "const unsigned char *data" "unsigned int len" .Ft void .Fn RIPEMD160_Final "unsigned char digest[20]" "RIPEMD160_CTX *context" .Ft "char *" .Fn RIPEMD160_End "RIPEMD160_CTX *context" "char *buf" .Ft "char *" .Fn RIPEMD160_File "const char *filename" "char *buf" .Ft "char *" .Fn RIPEMD160_FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length" .Ft "char *" .Fn RIPEMD160_Data "const unsigned char *data" "unsigned int len" "char *buf" .Sh DESCRIPTION The .Li RIPEMD160_ functions calculate a 160-bit cryptographic checksum (digest) for any number of input bytes. A cryptographic checksum is a one-way hash function; that is, it is computationally impractical to find the input corresponding to a particular output. This net result is a .Dq fingerprint of the input-data, which does not disclose the actual input. .Pp The .Fn RIPEMD160_Init , .Fn RIPEMD160_Update , and .Fn RIPEMD160_Final functions are the core functions. Allocate an .Vt RIPEMD160_CTX , initialize it with .Fn RIPEMD160_Init , run over the data with .Fn RIPEMD160_Update , and finally extract the result using .Fn RIPEMD160_Final , which will also erase the .Vt RIPEMD160_CTX . .Pp The .Fn RIPEMD160_End function is a wrapper for .Fn RIPEMD160_Final which converts the return value to a 41-character (including the terminating '\e0') -.Tn ASCII -string which represents the 160 bits in hexadecimal. +ASCII string which represents the 160 bits in hexadecimal. .Pp The .Fn RIPEMD160_File function calculates the digest of a file, and uses .Fn RIPEMD160_End to return the result. If the file cannot be opened, a null pointer is returned. The .Fn RIPEMD160_FileChunk function is similar to .Fn RIPEMD160_File , but it only calculates the digest over a byte-range of the file specified, starting at .Fa offset and spanning .Fa length bytes. If the .Fa length parameter is specified as 0, or more than the length of the remaining part of the file, .Fn RIPEMD160_FileChunk calculates the digest from .Fa offset to the end of file. The .Fn RIPEMD160_Data function calculates the digest of a chunk of data in memory, and uses .Fn RIPEMD160_End to return the result. .Pp When using .Fn RIPEMD160_End , .Fn RIPEMD160_File , or .Fn RIPEMD160_Data , the .Fa buf argument can be a null pointer, in which case the returned string is allocated with .Xr malloc 3 and subsequently must be explicitly deallocated using .Xr free 3 after use. If the .Fa buf argument is non-null it must point to at least 41 characters of buffer space. .Sh ERRORS The .Fn RIPEMD160_End function called with a null buf argument may fail and return NULL if: .Bl -tag -width Er .It Bq Er ENOMEM Insufficient storage space is available. .El .Pp The .Fn RIPEMD160_File and .Fn RIPEMD160_FileChunk may return NULL when underlying .Xr open 2 , .Xr fstat 2 , .Xr lseek 2 , or .Xr RIPEMD160_End 2 fail. .Sh SEE ALSO .Xr md4 3 , .Xr md5 3 , .Xr sha 3 , .Xr sha256 3 , .Xr sha512 3 , .Xr skein 3 .Sh HISTORY These functions appeared in .Fx 4.0 . .Sh AUTHORS The core hash routines were implemented by Eric Young based on the -published -.Tn RIPEMD160 -specification. +published RIPEMD160 specification. .Sh BUGS No method is known to exist which finds two files having the same hash value, nor to find a file with a specific hash value. There is on the other hand no guarantee that such a method does not exist. diff --git a/lib/libmd/sha.3 b/lib/libmd/sha.3 index 20a1e5639dde..d304644511e3 100644 --- a/lib/libmd/sha.3 +++ b/lib/libmd/sha.3 @@ -1,210 +1,187 @@ .\" .\" ---------------------------------------------------------------------------- .\" "THE BEER-WARE LICENSE" (Revision 42): .\" wrote this file. As long as you retain this notice you .\" can do whatever you want with this stuff. If we meet some day, and you think .\" this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp .\" ---------------------------------------------------------------------------- .\" .\" From: Id: mdX.3,v 1.14 1999/02/11 20:31:49 wollman Exp .\" $FreeBSD$ .\" -.Dd May 21, 2019 +.Dd February 6, 2023 .Dt SHA 3 .Os .Sh NAME .Nm SHA_Init , .Nm SHA_Update , .Nm SHA_Final , .Nm SHA_End , .Nm SHA_File , .Nm SHA_FileChunk , .Nm SHA_Data , .Nm SHA1_Init , .Nm SHA1_Update , .Nm SHA1_Final , .Nm SHA1_End , .Nm SHA1_File , .Nm SHA1_FileChunk , .Nm SHA1_Data .Nd calculate the FIPS 160 and 160-1 ``SHA'' message digests .Sh LIBRARY .Lb libmd .Sh SYNOPSIS .In sys/types.h .In sha.h .Ft void .Fn SHA_Init "SHA_CTX *context" .Ft void .Fn SHA_Update "SHA_CTX *context" "const unsigned char *data" "size_t len" .Ft void .Fn SHA_Final "unsigned char digest[20]" "SHA_CTX *context" .Ft "char *" .Fn SHA_End "SHA_CTX *context" "char *buf" .Ft "char *" .Fn SHA_File "const char *filename" "char *buf" .Ft "char *" .Fn SHA_FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length" .Ft "char *" .Fn SHA_Data "const unsigned char *data" "unsigned int len" "char *buf" .Ft void .Fn SHA1_Init "SHA_CTX *context" .Ft void .Fn SHA1_Update "SHA_CTX *context" "const unsigned char *data" "size_t len" .Ft void .Fn SHA1_Final "unsigned char digest[20]" "SHA_CTX *context" .Ft "char *" .Fn SHA1_End "SHA_CTX *context" "char *buf" .Ft "char *" .Fn SHA1_File "const char *filename" "char *buf" .Ft "char *" .Fn SHA1_FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length" .Ft "char *" .Fn SHA1_Data "const unsigned char *data" "unsigned int len" "char *buf" .Sh DESCRIPTION The .Li SHA_ and .Li SHA1_ functions calculate a 160-bit cryptographic checksum (digest) for any number of input bytes. A cryptographic checksum is a one-way hash function; that is, it is computationally impractical to find the input corresponding to a particular output. This net result is a .Dq fingerprint of the input-data, which does not disclose the actual input. .Pp -.Tn SHA -(or -.Tn SHA-0 ) -is the original Secure Hash Algorithm specified in -.Tn FIPS -160. -It was quickly proven insecure, and has been superseded by -.Tn SHA-1 . -.Tn SHA-0 -is included for compatibility purposes only. +SHA (or SHA-0) is the original Secure Hash Algorithm specified in FIPS 160. +It was quickly proven insecure, and has been superseded by SHA-1. +SHA-0 is included for compatibility purposes only. .Pp The .Fn SHA1_Init , .Fn SHA1_Update , and .Fn SHA1_Final functions are the core functions. Allocate an .Vt SHA_CTX , initialize it with .Fn SHA1_Init , run over the data with .Fn SHA1_Update , and finally extract the result using .Fn SHA1_Final , which will also erase the .Vt SHA_CTX . .Pp .Fn SHA1_End is a wrapper for .Fn SHA1_Final which converts the return value to a 41-character (including the terminating '\e0') -.Tn ASCII -string which represents the 160 bits in hexadecimal. +ASCII string which represents the 160 bits in hexadecimal. .Pp .Fn SHA1_File calculates the digest of a file, and uses .Fn SHA1_End to return the result. If the file cannot be opened, a null pointer is returned. .Fn SHA1_FileChunk is similar to .Fn SHA1_File , but it only calculates the digest over a byte-range of the file specified, starting at .Fa offset and spanning .Fa length bytes. If the .Fa length parameter is specified as 0, or more than the length of the remaining part of the file, .Fn SHA1_FileChunk calculates the digest from .Fa offset to the end of file. .Fn SHA1_Data calculates the digest of a chunk of data in memory, and uses .Fn SHA1_End to return the result. .Pp When using .Fn SHA1_End , .Fn SHA1_File , or .Fn SHA1_Data , the .Fa buf argument can be a null pointer, in which case the returned string is allocated with .Xr malloc 3 and subsequently must be explicitly deallocated using .Xr free 3 after use. If the .Fa buf argument is non-null it must point to at least 41 characters of buffer space. .Sh ERRORS The .Fn SHA1_End function called with a null buf argument may fail and return NULL if: .Bl -tag -width Er .It Bq Er ENOMEM Insufficient storage space is available. .El .Pp The .Fn SHA1_File and .Fn SHA1_FileChunk may return NULL when underlying .Xr open 2 , .Xr fstat 2 , .Xr lseek 2 , or .Xr SHA1_End 2 fail. .Sh SEE ALSO .Xr md4 3 , .Xr md5 3 , .Xr ripemd 3 , .Xr sha256 3 , .Xr sha512 3 , .Xr skein 3 .Sh HISTORY These functions appeared in .Fx 4.0 . .Sh AUTHORS The core hash routines were implemented by Eric Young based on the published -.Tn FIPS -standards. +FIPS standards. .Sh BUGS -The -.Tn SHA1 -algorithm has been proven to be vulnerable to practical collision +The SHA1 algorithm has been proven to be vulnerable to practical collision attacks and should not be relied upon to produce unique outputs, .Em nor should it be used as part of a new cryptographic signature scheme. -.Pp -The -.Tn IA32 -(Intel) implementation of -.Tn SHA-1 -makes heavy use of the -.Ql bswapl -instruction, which is not present on the original 80386. -Attempts to use -.Tn SHA-1 -on those processors will cause an illegal instruction trap. -(Arguably, the kernel should simply emulate this instruction.) diff --git a/lib/libmd/sha256.3 b/lib/libmd/sha256.3 index d11f2f783557..2cd9d66e7b8c 100644 --- a/lib/libmd/sha256.3 +++ b/lib/libmd/sha256.3 @@ -1,187 +1,184 @@ .\" .\" ---------------------------------------------------------------------------- .\" "THE BEER-WARE LICENSE" (Revision 42): .\" wrote this file. As long as you retain this notice you .\" can do whatever you want with this stuff. If we meet some day, and you think .\" this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp .\" ---------------------------------------------------------------------------- .\" .\" From: Id: mdX.3,v 1.14 1999/02/11 20:31:49 wollman Exp .\" $FreeBSD$ .\" .Dd July 20, 2018 .Dt SHA256 3 .Os .Sh NAME .Nm SHA224_Init , .Nm SHA224_Update , .Nm SHA224_Final , .Nm SHA224_End , .Nm SHA224_File , .Nm SHA224_FileChunk , .Nm SHA224_Data , .Nm SHA256_Init , .Nm SHA256_Update , .Nm SHA256_Final , .Nm SHA256_End , .Nm SHA256_File , .Nm SHA256_FileChunk , .Nm SHA256_Data .Nd calculate the FIPS 180-2 ``SHA-256'' (or SHA-224) message digest .Sh LIBRARY .Lb libmd .Sh SYNOPSIS .In sys/types.h .In sha224.h .Ft void .Fn SHA224_Init "SHA224_CTX *context" .Ft void .Fn SHA224_Update "SHA224_CTX *context" "const unsigned char *data" "size_t len" .Ft void .Fn SHA224_Final "unsigned char digest[32]" "SHA224_CTX *context" .Ft "char *" .Fn SHA224_End "SHA224_CTX *context" "char *buf" .Ft "char *" .Fn SHA224_File "const char *filename" "char *buf" .Ft "char *" .Fn SHA224_FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length" .Ft "char *" .Fn SHA224_Data "const unsigned char *data" "unsigned int len" "char *buf" .In sha256.h .Ft void .Fn SHA256_Init "SHA256_CTX *context" .Ft void .Fn SHA256_Update "SHA256_CTX *context" "const unsigned char *data" "size_t len" .Ft void .Fn SHA256_Final "unsigned char digest[32]" "SHA256_CTX *context" .Ft "char *" .Fn SHA256_End "SHA256_CTX *context" "char *buf" .Ft "char *" .Fn SHA256_File "const char *filename" "char *buf" .Ft "char *" .Fn SHA256_FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length" .Ft "char *" .Fn SHA256_Data "const unsigned char *data" "unsigned int len" "char *buf" .Sh DESCRIPTION The .Li SHA256_ functions calculate a 256-bit cryptographic checksum (digest) for any number of input bytes. A cryptographic checksum is a one-way hash function; that is, it is computationally impractical to find the input corresponding to a particular output. This net result is a .Dq fingerprint of the input-data, which does not disclose the actual input. .Pp The .Fn SHA256_Init , .Fn SHA256_Update , and .Fn SHA256_Final functions are the core functions. Allocate an .Vt SHA256_CTX , initialize it with .Fn SHA256_Init , run over the data with .Fn SHA256_Update , and finally extract the result using .Fn SHA256_Final , which will also erase the .Vt SHA256_CTX . .Pp .Fn SHA256_End is a wrapper for .Fn SHA256_Final which converts the return value to a 65-character (including the terminating '\e0') -.Tn ASCII -string which represents the 256 bits in hexadecimal. +ASCII string which represents the 256 bits in hexadecimal. .Pp .Fn SHA256_File calculates the digest of a file, and uses .Fn SHA256_End to return the result. If the file cannot be opened, a null pointer is returned. .Fn SHA256_FileChunk is similar to .Fn SHA256_File , but it only calculates the digest over a byte-range of the file specified, starting at .Fa offset and spanning .Fa length bytes. If the .Fa length parameter is specified as 0, or more than the length of the remaining part of the file, .Fn SHA256_FileChunk calculates the digest from .Fa offset to the end of file. .Fn SHA256_Data calculates the digest of a chunk of data in memory, and uses .Fn SHA256_End to return the result. .Pp When using .Fn SHA256_End , .Fn SHA256_File , or .Fn SHA256_Data , the .Fa buf argument can be a null pointer, in which case the returned string is allocated with .Xr malloc 3 and subsequently must be explicitly deallocated using .Xr free 3 after use. If the .Fa buf argument is non-null it must point to at least 65 characters of buffer space. .Pp SHA224 is identical SHA256, except it has slightly different initialization vectors, and is truncated to a shorter digest. .Sh ERRORS The .Fn SHA256_End function called with a null buf argument may fail and return NULL if: .Bl -tag -width Er .It Bq Er ENOMEM Insufficient storage space is available. .El .Pp The .Fn SHA256_File and .Fn SHA256_FileChunk may return NULL when underlying .Xr open 2 , .Xr fstat 2 , .Xr lseek 2 , or .Xr SHA256_End 2 fail. .Sh SEE ALSO .Xr md4 3 , .Xr md5 3 , .Xr ripemd 3 , .Xr sha 3 , .Xr sha512 3 , .Xr skein 3 .Sh HISTORY These functions appeared in .Fx 6.0 . .Sh AUTHORS The core hash routines were implemented by Colin Percival based on -the published -.Tn FIPS 180-2 -standard. +the published FIPS 180-2 standard. .Sh BUGS No method is known to exist which finds two files having the same hash value, nor to find a file with a specific hash value. There is on the other hand no guarantee that such a method does not exist. diff --git a/lib/libmd/sha512.3 b/lib/libmd/sha512.3 index 6a5ed6f887d9..196fbd4eeb79 100644 --- a/lib/libmd/sha512.3 +++ b/lib/libmd/sha512.3 @@ -1,232 +1,264 @@ .\" .\" ---------------------------------------------------------------------------- .\" "THE BEER-WARE LICENSE" (Revision 42): .\" wrote this file. As long as you retain this notice you .\" can do whatever you want with this stuff. If we meet some day, and you think .\" this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp .\" ---------------------------------------------------------------------------- .\" .\" From: Id: mdX.3,v 1.14 1999/02/11 20:31:49 wollman Exp .\" $FreeBSD$ .\" -.Dd May 21, 2019 +.Dd February 3, 2023 .Dt SHA512 3 .Os .Sh NAME .Nm SHA512_Init , .Nm SHA512_Update , .Nm SHA512_Final , .Nm SHA512_End , .Nm SHA512_File , .Nm SHA512_FileChunk , .Nm SHA512_Data , .Nm SHA384_Init , .Nm SHA384_Update , .Nm SHA384_Final , .Nm SHA384_End , .Nm SHA384_File , .Nm SHA384_FileChunk , .Nm SHA384_Data , +.Nm SHA512_224_Init , +.Nm SHA512_224_Update , +.Nm SHA512_224_Final , +.Nm SHA512_224_End , +.Nm SHA512_224_File , +.Nm SHA512_224_FileChunk , +.Nm SHA512_224_Data .Nm SHA512_256_Init , .Nm SHA512_256_Update , .Nm SHA512_256_Final , .Nm SHA512_256_End , .Nm SHA512_256_File , .Nm SHA512_256_FileChunk , .Nm SHA512_256_Data .Nd calculate the FIPS 180-4 ``SHA-512'' family of message digests .Sh LIBRARY .Lb libmd .Sh SYNOPSIS .In sys/types.h .In sha512.h .Ft void .Fn SHA512_Init "SHA512_CTX *context" .Ft void .Fn SHA512_Update "SHA512_CTX *context" "const unsigned char *data" "size_t len" .Ft void .Fn SHA512_Final "unsigned char digest[64]" "SHA512_CTX *context" .Ft "char *" .Fn SHA512_End "SHA512_CTX *context" "char *buf" .Ft "char *" .Fn SHA512_File "const char *filename" "char *buf" .Ft "char *" .Fn SHA512_FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length" .Ft "char *" .Fn SHA512_Data "const unsigned char *data" "unsigned int len" "char *buf" .In sha384.h .Ft void .Fn SHA384_Init "SHA384_CTX *context" .Ft void .Fn SHA384_Update "SHA384_CTX *context" "const unsigned char *data" "size_t len" .Ft void .Fn SHA384_Final "unsigned char digest[48]" "SHA384_CTX *context" .Ft "char *" .Fn SHA384_End "SHA384_CTX *context" "char *buf" .Ft "char *" .Fn SHA384_File "const char *filename" "char *buf" .Ft "char *" .Fn SHA384_FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length" .Ft "char *" .Fn SHA384_Data "const unsigned char *data" "unsigned int len" "char *buf" .In sha512t.h .Ft void +.Fn SHA512_224_Init "SHA512_CTX *context" +.Ft void +.Fn SHA512_224_Update "SHA512_CTX *context" "const unsigned char *data" "size_t len" +.Ft void +.Fn SHA512_224_Final "unsigned char digest[32]" "SHA512_CTX *context" +.Ft "char *" +.Fn SHA512_224_End "SHA512_CTX *context" "char *buf" +.Ft "char *" +.Fn SHA512_224_File "const char *filename" "char *buf" +.Ft "char *" +.Fn SHA512_224_FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length" +.Ft "char *" +.Fn SHA512_224_Data "const unsigned char *data" "unsigned int len" "char *buf" +.Ft void .Fn SHA512_256_Init "SHA512_CTX *context" .Ft void .Fn SHA512_256_Update "SHA512_CTX *context" "const unsigned char *data" "size_t len" .Ft void .Fn SHA512_256_Final "unsigned char digest[32]" "SHA512_CTX *context" .Ft "char *" .Fn SHA512_256_End "SHA512_CTX *context" "char *buf" .Ft "char *" .Fn SHA512_256_File "const char *filename" "char *buf" .Ft "char *" .Fn SHA512_256_FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length" .Ft "char *" .Fn SHA512_256_Data "const unsigned char *data" "unsigned int len" "char *buf" .Sh DESCRIPTION The .Li SHA512_ functions calculate a 512-bit cryptographic checksum (digest) for any number of input bytes. A cryptographic checksum is a one-way hash function; that is, it is computationally impractical to find the input corresponding to a particular output. This net result is a .Dq fingerprint of the input-data, which does not disclose the actual input. .Pp The .Fn SHA512_Init , .Fn SHA512_Update , and .Fn SHA512_Final functions are the core functions. Allocate an .Vt SHA512_CTX , initialize it with .Fn SHA512_Init , run over the data with .Fn SHA512_Update , and finally extract the result using .Fn SHA512_Final , which will also erase the .Vt SHA512_CTX . .Pp .Fn SHA512_End is a wrapper for .Fn SHA512_Final which converts the return value to a 129-character (including the terminating '\e0') -.Tn ASCII -string which represents the 512 bits in hexadecimal. +ASCII string which represents the 512 bits in hexadecimal. .Pp .Fn SHA512_File calculates the digest of a file, and uses .Fn SHA512_End to return the result. If the file cannot be opened, a null pointer is returned. .Fn SHA512_FileChunk is similar to .Fn SHA512_File , but it only calculates the digest over a byte-range of the file specified, starting at .Fa offset and spanning .Fa length bytes. If the .Fa length parameter is specified as 0, or more than the length of the remaining part of the file, .Fn SHA512_FileChunk calculates the digest from .Fa offset to the end of file. .Fn SHA512_Data calculates the digest of a chunk of data in memory, and uses .Fn SHA512_End to return the result. .Pp When using .Fn SHA512_End , .Fn SHA512_File , or .Fn SHA512_Data , the .Fa buf argument can be a null pointer, in which case the returned string is allocated with .Xr malloc 3 and subsequently must be explicitly deallocated using .Xr free 3 after use. If the .Fa buf argument is non-null it must point to at least 129 characters of buffer space. .Pp The -.Li SHA384_ +.Li SHA384_ , +.Li SHA512_224 , and .Li SHA512_256_ functions are identical to the .Li SHA512_ functions except they use a different initial hash value and the output is -truncated to 384 bits and 256 bits respectively. +truncated to 384, 224, and 256 bits respectively. .Pp .Fn SHA384_End is a wrapper for .Fn SHA384_Final which converts the return value to a 97-character (including the terminating '\e0') +ASCII string which represents the 384 bits in hexadecimal. +.Pp +.Fn SHA512_224_End +is a wrapper for +.Fn SHA512_Final +which converts the return value to a 57-character +(including the terminating '\e0') +ASCII string which represents the 224 bits in hexadecimal. +.Pp +.Fn SHA512_224_End +is a wrapper for +.Fn SHA512_Final +which converts the return value to a 57-character +(including the terminating '\e0') .Tn ASCII -string which represents the 384 bits in hexadecimal. +string which represents the 224 bits in hexadecimal. .Pp .Fn SHA512_256_End is a wrapper for .Fn SHA512_Final which converts the return value to a 65-character (including the terminating '\e0') -.Tn ASCII -string which represents the 256 bits in hexadecimal. +ASCII string which represents the 256 bits in hexadecimal. .Sh ERRORS The .Fn SHA512_End function called with a null buf argument may fail and return NULL if: .Bl -tag -width Er .It Bq Er ENOMEM Insufficient storage space is available. .El .Pp The .Fn SHA512_File and .Fn SHA512_FileChunk may return NULL when underlying .Xr open 2 , .Xr fstat 2 , .Xr lseek 2 , or .Xr SHA512_End 2 fail. .Sh SEE ALSO .Xr md4 3 , .Xr md5 3 , .Xr ripemd 3 , .Xr sha 3 , .Xr sha256 3 , .Xr sha512 3 , .Xr skein 3 .Sh HISTORY These functions appeared in .Fx 9.0 . .Sh AUTHORS The core hash routines were implemented by Colin Percival based on -the published -.Tn FIPS 180-2 -standard. +the published FIPS 180-2 standard. .Sh BUGS No method is known to exist which finds two files having the same hash value, nor to find a file with a specific hash value. There is on the other hand no guarantee that such a method does not exist. diff --git a/lib/libmd/shadriver.c b/lib/libmd/shadriver.c index f5026eb3cc5d..3664eab9dbaa 100644 --- a/lib/libmd/shadriver.c +++ b/lib/libmd/shadriver.c @@ -1,85 +1,88 @@ /* SHADRIVER.C - test driver for SHA-1 (and SHA-2) */ /*- * SPDX-License-Identifier: RSA-MD * * Copyright (C) 1990-2, RSA Data Security, Inc. Created 1990. All rights * reserved. * * RSA Data Security, Inc. makes no representations concerning either the * merchantability of this software or the suitability of this software for * any particular purpose. It is provided "as is" without express or implied * warranty of any kind. * * These notices must be retained in any copies of any part of this * documentation and/or software. */ #include __FBSDID("$FreeBSD$"); #include #include #include #include #include "sha.h" #include "sha224.h" #include "sha256.h" #include "sha384.h" #include "sha512.h" #include "sha512t.h" /* The following makes SHA default to SHA-1 if it has not already been * defined with C compiler flags. */ #ifndef SHA #define SHA 1 #endif #if SHA == 1 #undef SHA_Data #define SHA_Data SHA1_Data #elif SHA == 224 #undef SHA_Data #define SHA_Data SHA224_Data #elif SHA == 256 #undef SHA_Data #define SHA_Data SHA256_Data #elif SHA == 384 #undef SHA_Data #define SHA_Data SHA384_Data #elif SHA == 512 #undef SHA_Data #define SHA_Data SHA512_Data +#elif SHA == 512224 +#undef SHA_Data +#define SHA_Data SHA512_224_Data #elif SHA == 512256 #undef SHA_Data #define SHA_Data SHA512_256_Data #endif /* Digests a string and prints the result. */ static void SHAString(char *string) { char buf[2*64 + 1]; printf("SHA-%d (\"%s\") = %s\n", SHA, string, SHA_Data(string, strlen(string), buf)); } /* Digests a reference suite of strings and prints the results. */ int main(void) { printf("SHA-%d test suite:\n", SHA); SHAString(""); SHAString("abc"); SHAString("message digest"); SHAString("abcdefghijklmnopqrstuvwxyz"); SHAString("ABCDEFGHIJKLMNOPQRSTUVWXYZ" "abcdefghijklmnopqrstuvwxyz0123456789"); SHAString("1234567890123456789012345678901234567890" "1234567890123456789012345678901234567890"); return 0; } diff --git a/lib/libmd/skein.3 b/lib/libmd/skein.3 index 325a1ab4874b..034a76700bdc 100644 --- a/lib/libmd/skein.3 +++ b/lib/libmd/skein.3 @@ -1,236 +1,235 @@ .\"- .\" Copyright (c) 2016 Allan Jude .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" .\" $FreeBSD$ .\" .Dd May 21, 2019 .Dt SKEIN 3 .Os .Sh NAME .Nm SKEIN256_Init , .Nm SKEIN256_Update , .Nm SKEIN256_Final , .Nm SKEIN256_End , .Nm SKEIN256_File , .Nm SKEIN256_FileChunk , .Nm SKEIN256_Data , .Nm SKEIN512_Init , .Nm SKEIN512_Update , .Nm SKEIN512_Final , .Nm SKEIN512_End , .Nm SKEIN512_File , .Nm SKEIN512_FileChunk , .Nm SKEIN512_Data , .Nm SKEIN1024_Init , .Nm SKEIN1024_Update , .Nm SKEIN1024_Final , .Nm SKEIN1024_End , .Nm SKEIN1024_File , .Nm SKEIN1024_FileChunk , .Nm SKEIN1024_Data .Nd calculate the ``SKEIN'' family of message digests .Sh LIBRARY .Lb libmd .Sh SYNOPSIS .In sys/types.h .In skein.h .Ft void .Fn SKEIN256_Init "SKEIN256_CTX *context" .Ft void .Fn SKEIN256_Update "SKEIN256_CTX *context" "const unsigned char *data" "size_t len" .Ft void .Fn SKEIN256_Final "unsigned char digest[32]" "SKEIN256_CTX *context" .Ft "char *" .Fn SKEIN256_End "SKEIN256_CTX *context" "char *buf" .Ft "char *" .Fn SKEIN256_File "const char *filename" "char *buf" .Ft "char *" .Fn SKEIN256_FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length" .Ft "char *" .Fn SKEIN256_Data "const unsigned char *data" "unsigned int len" "char *buf" .Ft void .Fn SKEIN512_Init "SKEIN512_CTX *context" .Ft void .Fn SKEIN512_Update "SKEIN512_CTX *context" "const unsigned char *data" "size_t len" .Ft void .Fn SKEIN512_Final "unsigned char digest[64]" "SKEIN512_CTX *context" .Ft "char *" .Fn SKEIN512_End "SKEIN512_CTX *context" "char *buf" .Ft "char *" .Fn SKEIN512_File "const char *filename" "char *buf" .Ft "char *" .Fn SKEIN512_FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length" .Ft "char *" .Fn SKEIN512_Data "const unsigned char *data" "unsigned int len" "char *buf" .Ft void .Fn SKEIN1024_Init "SKEIN1024_CTX *context" .Ft void .Fn SKEIN1024_Update "SKEIN1024_CTX *context" "const unsigned char *data" "size_t len" .Ft void .Fn SKEIN1024_Final "unsigned char digest[128]" "SKEIN1024_CTX *context" .Ft "char *" .Fn SKEIN1024_End "SKEIN1024_CTX *context" "char *buf" .Ft "char *" .Fn SKEIN1024_File "const char *filename" "char *buf" .Ft "char *" .Fn SKEIN1024_FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length" .Ft "char *" .Fn SKEIN1024_Data "const unsigned char *data" "unsigned int len" "char *buf" .Sh DESCRIPTION .Li Skein is a new family of cryptographic hash functions based on the .Li Threefish large-block cipher. Its design combines speed, security, simplicity, and a great deal of flexibility in a modular package that is easy to analyze. .Li Skein is defined for three different internal state sizes\(em256 bits, 512 bits, and 1024 bits\(emand any output size. This allows Skein to be a drop-in replacement for the entire SHA family of hash functions. .Pp The .Fn SKEIN256_Init , .Fn SKEIN256_Update , and .Fn SKEIN256_Final functions are the core functions. Allocate an .Vt SKEIN256_CTX , initialize it with .Fn SKEIN256_Init , run over the data with .Fn SKEIN256_Update , and finally extract the result using .Fn SKEIN256_Final , which will also erase the .Vt SKEIN256_CTX . .Pp .Fn SKEIN256_End is a wrapper for .Fn SKEIN256_Final which converts the return value to a 33-character (including the terminating '\e0') -.Tn ASCII -string which represents the 256 bits in hexadecimal. +ASCII string which represents the 256 bits in hexadecimal. .Pp .Fn SKEIN256_File calculates the digest of a file, and uses .Fn SKEIN256_End to return the result. If the file cannot be opened, a null pointer is returned. .Fn SKEIN256_FileChunk is similar to .Fn SKEIN256_File , but it only calculates the digest over a byte-range of the file specified, starting at .Fa offset and spanning .Fa length bytes. If the .Fa length parameter is specified as 0, or more than the length of the remaining part of the file, .Fn SKEIN256_FileChunk calculates the digest from .Fa offset to the end of file. .Fn SKEIN256_Data calculates the digest of a chunk of data in memory, and uses .Fn SKEIN256_End to return the result. .Pp When using .Fn SKEIN256_End , .Fn SKEIN256_File , or .Fn SKEIN256_Data , the .Fa buf argument can be a null pointer, in which case the returned string is allocated with .Xr malloc 3 and subsequently must be explicitly deallocated using .Xr free 3 after use. If the .Fa buf argument is non-null it must point to at least 33 characters of buffer space. .Pp The .Li SKEIN512_ and .Li SKEIN1024_ functions are similar to the .Li SKEIN256_ functions except they produce a 512-bit, 65 character, or 1024-bit, 129 character, output. .Sh ERRORS The .Fn SKEIN256_End function called with a null buf argument may fail and return NULL if: .Bl -tag -width Er .It Bq Er ENOMEM Insufficient storage space is available. .El .Pp The .Fn SKEIN256_File and .Fn SKEIN256_FileChunk may return NULL when underlying .Xr open 2 , .Xr fstat 2 , .Xr lseek 2 , or .Xr SKEIN256_End 2 fail. .Sh SEE ALSO .Xr md4 3 , .Xr md5 3 , .Xr ripemd 3 , .Xr sha 3 , .Xr sha256 3 , .Xr sha512 3 .Sh HISTORY These functions appeared in .Fx 11.0 . .Sh AUTHORS .An -nosplit The core hash routines were imported from version 1.3 of the optimized Skein reference implementation written by .An Doug Whiting as submitted to the NSA SHA-3 contest. The algorithms were developed by .An Niels Ferguson , .An Stefan Lucks , .An Bruce Schneier , .An Doug Whiting , .An Mihir Bellare , .An Tadayoshi Kohno , .An Jon Callas, and .An Jesse Walker . diff --git a/sbin/md5/Makefile b/sbin/md5/Makefile index e499967d23d5..6bda75437275 100644 --- a/sbin/md5/Makefile +++ b/sbin/md5/Makefile @@ -1,66 +1,70 @@ # @(#)Makefile 8.1 (Berkeley) 6/9/93 # $FreeBSD$ PACKAGE=runtime PROG= md5 LINKS= ${BINDIR}/md5 ${BINDIR}/md5sum \ ${BINDIR}/md5 ${BINDIR}/rmd160 \ ${BINDIR}/md5 ${BINDIR}/rmd160sum \ ${BINDIR}/md5 ${BINDIR}/sha1 \ ${BINDIR}/md5 ${BINDIR}/sha1sum \ ${BINDIR}/md5 ${BINDIR}/sha224 \ ${BINDIR}/md5 ${BINDIR}/sha224sum \ ${BINDIR}/md5 ${BINDIR}/sha256 \ ${BINDIR}/md5 ${BINDIR}/sha256sum \ ${BINDIR}/md5 ${BINDIR}/sha384 \ ${BINDIR}/md5 ${BINDIR}/sha384sum \ ${BINDIR}/md5 ${BINDIR}/sha512 \ ${BINDIR}/md5 ${BINDIR}/sha512sum \ + ${BINDIR}/md5 ${BINDIR}/sha512t224 \ + ${BINDIR}/md5 ${BINDIR}/sha512t224sum \ ${BINDIR}/md5 ${BINDIR}/sha512t256 \ ${BINDIR}/md5 ${BINDIR}/sha512t256sum \ ${BINDIR}/md5 ${BINDIR}/skein256 \ ${BINDIR}/md5 ${BINDIR}/skein256sum \ ${BINDIR}/md5 ${BINDIR}/skein512 \ ${BINDIR}/md5 ${BINDIR}/skein512sum \ ${BINDIR}/md5 ${BINDIR}/skein1024 \ ${BINDIR}/md5 ${BINDIR}/skein1024sum MLINKS= md5.1 md5sum.1 \ md5.1 rmd160.1 \ md5.1 rmd160sum.1 \ md5.1 sha1.1 \ md5.1 sha1sum.1 \ md5.1 sha224.1 \ md5.1 sha224sum.1 \ md5.1 sha256.1 \ md5.1 sha256sum.1 \ md5.1 sha384.1 \ md5.1 sha384sum.1 \ md5.1 sha512.1 \ md5.1 sha512sum.1 \ + md5.1 sha512t224.1 \ + md5.1 sha512t224sum.1 \ md5.1 sha512t256.1 \ md5.1 sha512t256sum.1 \ md5.1 skein256.1 \ md5.1 skein256sum.1 \ md5.1 skein512.1 \ md5.1 skein512sum.1 \ md5.1 skein1024.1 \ md5.1 skein1024sum.1 LIBADD= md .ifndef(BOOTSTRAPPING) # Avoid depending on capsicum during bootstrap. caph_limit_stdout() is not # available when building for Linux/MacOS or older FreeBSD hosts. # We need to bootstrap md5 when building on Linux since the md5sum command there # produces different output. CFLAGS+=-DHAVE_CAPSICUM .endif .include HAS_TESTS= SUBDIR.${MK_TESTS}+= tests .include diff --git a/sbin/md5/md5.1 b/sbin/md5/md5.1 index a3db48596606..ba654e131c3c 100644 --- a/sbin/md5/md5.1 +++ b/sbin/md5/md5.1 @@ -1,259 +1,264 @@ .\" $FreeBSD$ -.Dd July 26, 2022 +.Dd February 6, 2023 .Dt MD5 1 .Os .Sh NAME -.Nm md5 , sha1 , sha224 , sha256 , sha384 , sha512 , sha512t256 , rmd160 , -.Nm skein256 , skein512 , skein1024 , -.Nm md5sum , sha1sum , sha224sum , sha256sum , sha384sum , sha512sum , -.Nm sha512t256sum , rmd160sum , skein256sum , skein512sum , skein1024sum +.Nm md5 , sha1 , sha224 , sha256 , sha384 , +.Nm sha512 , sha512t224 , sha512t256 , +.Nm rmd160 , skein256 , skein512 , skein1024 , +.Nm md5sum , sha1sum , sha224sum , sha256sum , sha384sum , +.Nm sha512sum , sha512t224sum , sha512t256sum , +.Nm rmd160sum , skein256sum , skein512sum , skein1024sum .Nd calculate a message-digest fingerprint (checksum) for a file .Sh SYNOPSIS .Nm .Op Fl pqrtx .Op Fl c Ar string .Op Fl s Ar string .Op Ar .Pp .Nm md5sum .Op Fl pqrtx .Op Fl c Ar file .Op Fl s Ar string .Op Ar .Pp (All other hashes have the same options and usage.) .Sh DESCRIPTION The -.Nm md5 , sha1 , sha224 , sha256 , sha384 , sha512 , sha512t256 , rmd160 , -.Nm skein256 , skein512 , +.Nm md5 , sha1 , sha224 , sha256 , sha384 , sha512 , sha512t224 , sha512t256 , +.Nm rmd160 , skein256 , skein512 , and .Nm skein1024 utilities take as input a message of arbitrary length and produce as output a .Dq fingerprint or .Dq message digest of the input. The .Nm md5sum , sha1sum , sha224sum , sha256sum , sha384sum , sha512sum , -.Nm sha512t256sum , rmd160sum , skein256sum , skein512sum , +.Nm sha512t224sum , sha512t256sum , rmd160sum , skein256sum , skein512sum , and .Nm skein1024sum utilities do the same, but default to the reversed format of the .Fl r flag. It is conjectured that it is computationally infeasible to produce two messages having the same message digest, or to produce any message having a given prespecified target message digest. The SHA-224 , SHA-256 , SHA-384 , SHA-512, RIPEMD-160, and SKEIN algorithms are intended for digital signature applications, where a large file must be .Dq compressed in a secure manner before being encrypted with a private (secret) key under a public-key cryptosystem such as RSA. .Pp The MD5 and SHA-1 algorithms have been proven to be vulnerable to practical collision attacks and should not be relied upon to produce unique outputs, .Em nor should they be used as part of a cryptographic signature scheme. As of 2017-03-02, there is no publicly known method to .Em reverse either algorithm, i.e., to find an input that produces a specific output. .Pp SHA-512t256 is a version of SHA-512 truncated to only 256 bits. On 64-bit hardware, this algorithm is approximately 50% faster than SHA-256 but with the same level of security. The hashes are not interchangeable. .Pp +SHA-512t224 is identical to SHA-512t256, but with the digest truncated +to 224 bits. +.Pp It is recommended that all new applications use SHA-512 or SKEIN-512 instead of one of the other hash functions. .Pp The following options may be used in any combination and must precede any files named on the command line. The hexadecimal checksum of each file listed on the command line is printed after the options are processed. .Bl -tag -width indent .It Fl b Make the .Nm -sum programs separate hash and digest with a blank followed by an asterisk instead of by 2 blank characters for full compatibility with the output generated by the coreutils versions of these programs. .It Fl c Ar string If the program was called with a name that does not end in .Nm sum , compare the digest of the file against this string. If combined with the .Fl q option, the calculated digest is printed in addition to the exit status being set. .Pq Note that this option is not yet useful if multiple files are specified. .It Fl c Ar file If the program was called with a name that does end in .Nm sum , the file passed as argument must contain digest lines generated by the same digest algorithm with or without the .Fl r option .Pq i.e., in either classical BSD format or in GNU coreutils format . A line with the file name followed by a colon .Dq ":" and either OK or FAILED is written for each well-formed line in the digest file. If applicable, the number of failed comparisons and the number of lines that were skipped since they were not well-formed are printed at the end. The .Fl q option can be used to quiesce the output unless there are mismatched entries in the digest. .Pp .It Fl s Ar string Print a checksum of the given .Ar string . .It Fl p Echo stdin to stdout and append the checksum to stdout. .It Fl q Quiet mode \(em only the checksum is printed out. Overrides the .Fl r option. .It Fl r Reverses the format of the output. This helps with visual diffs. Does nothing when combined with the .Fl ptx options. .It Fl t Run a built-in time trial. For the .Nm -sum versions, this is a nop for compatibility with coreutils. .It Fl x Run a built-in test script. .El .Sh EXIT STATUS The .Nm md5 , sha1 , sha224 , sha256 , sha512 , sha512t256 , rmd160 , .Nm skein256 , skein512 , and .Nm skein1024 utilities exit 0 on success, 1 if at least one of the input files could not be read, and 2 if at least one file does not have the same hash as the .Fl c option. .Sh EXAMPLES Calculate the MD5 checksum of the string .Dq Hello . .Bd -literal -offset indent $ md5 -s Hello MD5 ("Hello") = 8b1a9953c4611296a827abf8c47804d7 .Ed .Pp Same as above, but note the absence of the newline character in the input string: .Bd -literal -offset indent $ echo -n Hello | md5 8b1a9953c4611296a827abf8c47804d7 .Ed .Pp Calculate the checksum of multiple files reversing the output: .Bd -literal -offset indent $ md5 -r /boot/loader.conf /etc/rc.conf ada5f60f23af88ff95b8091d6d67bef6 /boot/loader.conf d80bf36c332dc0fdc479366ec3fa44cd /etc/rc.conf .Pd The .Nm -sum variants put 2 blank characters between hash and file name for full compatibility with the coreutils versions of these commands. .Ed .Pp Write the digest for .Pa /boot/loader.conf in a file named .Pa digest . Then calculate the checksum again and validate it against the checksum string extracted from the .Pa digest file: .Bd -literal -offset indent $ md5 /boot/loader.conf > digest && md5 -c $(cut -f2 -d= digest) /boot/loader.conf MD5 (/boot/loader.conf) = ada5f60f23af88ff95b8091d6d67bef6 .Ed .Pp Same as above but comparing the digest against an invalid string .Pq Dq randomstring , which results in a failure. .Bd -literal -offset indent $ md5 -c randomstring /boot/loader.conf MD5 (/boot/loader.conf) = ada5f60f23af88ff95b8091d6d67bef6 [ Failed ] .Ed .Pp If invoked with a name ending in .Nm -sum the .Fl c option does not compare against a hash string passed as parameter. Instead, it expects a digest file, as created under the name .Pa digest for .Pa /boot/loader.conf in the example above. .Bd -literal -offset indent $ md5 -c digest /boot/loader.conf /boot/loader.conf: OK .Ed .Pp The digest file may contain any number of lines in the format generated with or without the .Fl r option .Pq i.e., in either classical BSD format or in GNU coreutils format . If a hash value does not match the file, FAILED is printed instead of OK. .Sh SEE ALSO .Xr cksum 1 , .Xr md5 3 , .Xr ripemd 3 , .Xr sha 3 , .Xr sha256 3 , .Xr sha384 3 , .Xr sha512 3 , .Xr skein 3 .Rs .%A R. Rivest .%T The MD5 Message-Digest Algorithm .%O RFC1321 .Re .Rs .%A J. Burrows .%T The Secure Hash Standard .%O FIPS PUB 180-2 .Re .Rs .%A D. Eastlake and P. Jones .%T US Secure Hash Algorithm 1 .%O RFC 3174 .Re .Pp RIPEMD-160 is part of the ISO draft standard .Qq ISO/IEC DIS 10118-3 on dedicated hash functions. .Pp Secure Hash Standard (SHS): .Pa https://www.nist.gov/publications/secure-hash-standard-shs .Pp The RIPEMD-160 page: .Pa https://homes.esat.kuleuven.be/~bosselae/ripemd160.html .Sh BUGS All of the utilities that end in .Sq sum are intended to be compatible with the GNU coreutils programs. However, the long option functionality is not provided. .Sh ACKNOWLEDGMENTS This program is placed in the public domain for free general use by RSA Data Security. .Pp Support for SHA-1 and RIPEMD-160 has been added by .An Oliver Eikemeier Aq Mt eik@FreeBSD.org . diff --git a/sbin/md5/md5.c b/sbin/md5/md5.c index 97c587efd63c..db4cdd7da1ff 100644 --- a/sbin/md5/md5.c +++ b/sbin/md5/md5.c @@ -1,693 +1,708 @@ /* * Derived from: * * MDDRIVER.C - test driver for MD2, MD4 and MD5 */ /* * Copyright (C) 1990-2, RSA Data Security, Inc. Created 1990. All * rights reserved. * * RSA Data Security, Inc. makes no representations concerning either * the merchantability of this software or the suitability of this * software for any particular purpose. It is provided "as is" * without express or implied warranty of any kind. * * These notices must be retained in any copies of any part of this * documentation and/or software. */ #include __FBSDID("$FreeBSD$"); -#include #include #include #include + #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #ifdef HAVE_CAPSICUM #include #include #endif /* * Length of test block, number of test blocks. */ #define TEST_BLOCK_LEN 10000 #define TEST_BLOCK_COUNT 100000 #define MDTESTCOUNT 8 static int bflag; static int cflag; static int pflag; static int qflag; static int rflag; static int sflag; static int skip; static char* checkAgainst; static int checksFailed; static int failed; typedef void (DIGEST_Init)(void *); typedef void (DIGEST_Update)(void *, const unsigned char *, size_t); typedef char *(DIGEST_End)(void *, char *); extern const char *MD5TestOutput[MDTESTCOUNT]; extern const char *SHA1_TestOutput[MDTESTCOUNT]; extern const char *SHA224_TestOutput[MDTESTCOUNT]; extern const char *SHA256_TestOutput[MDTESTCOUNT]; extern const char *SHA384_TestOutput[MDTESTCOUNT]; extern const char *SHA512_TestOutput[MDTESTCOUNT]; +extern const char *SHA512t224_TestOutput[MDTESTCOUNT]; extern const char *SHA512t256_TestOutput[MDTESTCOUNT]; extern const char *RIPEMD160_TestOutput[MDTESTCOUNT]; extern const char *SKEIN256_TestOutput[MDTESTCOUNT]; extern const char *SKEIN512_TestOutput[MDTESTCOUNT]; extern const char *SKEIN1024_TestOutput[MDTESTCOUNT]; typedef struct Algorithm_t { const char *progname; const char *name; const char *(*TestOutput)[MDTESTCOUNT]; DIGEST_Init *Init; DIGEST_Update *Update; DIGEST_End *End; char *(*Data)(const void *, unsigned int, char *); char *(*Fd)(int, char *); } Algorithm_t; static void MD5_Update(MD5_CTX *, const unsigned char *, size_t); static void MDOutput(const Algorithm_t *, char *, char **); static void MDTimeTrial(const Algorithm_t *); static void MDTestSuite(const Algorithm_t *); static char *MDFilter(const Algorithm_t *, char*, int); static void usage(const Algorithm_t *); typedef union { MD5_CTX md5; SHA1_CTX sha1; SHA224_CTX sha224; SHA256_CTX sha256; SHA384_CTX sha384; SHA512_CTX sha512; RIPEMD160_CTX ripemd160; SKEIN256_CTX skein256; SKEIN512_CTX skein512; SKEIN1024_CTX skein1024; } DIGEST_CTX; /* max(MD5_DIGEST_LENGTH, SHA_DIGEST_LENGTH, SHA256_DIGEST_LENGTH, SHA512_DIGEST_LENGTH, RIPEMD160_DIGEST_LENGTH, SKEIN1024_DIGEST_LENGTH)*2+1 */ #define HEX_DIGEST_LENGTH 257 /* algorithm function table */ static const struct Algorithm_t Algorithm[] = { { "md5", "MD5", &MD5TestOutput, (DIGEST_Init*)&MD5Init, (DIGEST_Update*)&MD5_Update, (DIGEST_End*)&MD5End, &MD5Data, &MD5Fd }, { "sha1", "SHA1", &SHA1_TestOutput, (DIGEST_Init*)&SHA1_Init, (DIGEST_Update*)&SHA1_Update, (DIGEST_End*)&SHA1_End, &SHA1_Data, &SHA1_Fd }, { "sha224", "SHA224", &SHA224_TestOutput, (DIGEST_Init*)&SHA224_Init, (DIGEST_Update*)&SHA224_Update, (DIGEST_End*)&SHA224_End, &SHA224_Data, &SHA224_Fd }, { "sha256", "SHA256", &SHA256_TestOutput, (DIGEST_Init*)&SHA256_Init, (DIGEST_Update*)&SHA256_Update, (DIGEST_End*)&SHA256_End, &SHA256_Data, &SHA256_Fd }, { "sha384", "SHA384", &SHA384_TestOutput, (DIGEST_Init*)&SHA384_Init, (DIGEST_Update*)&SHA384_Update, (DIGEST_End*)&SHA384_End, &SHA384_Data, &SHA384_Fd }, { "sha512", "SHA512", &SHA512_TestOutput, (DIGEST_Init*)&SHA512_Init, (DIGEST_Update*)&SHA512_Update, (DIGEST_End*)&SHA512_End, &SHA512_Data, &SHA512_Fd }, + { "sha512t224", "SHA512t224", &SHA512t224_TestOutput, (DIGEST_Init*)&SHA512_224_Init, + (DIGEST_Update*)&SHA512_224_Update, (DIGEST_End*)&SHA512_224_End, + &SHA512_224_Data, &SHA512_224_Fd }, { "sha512t256", "SHA512t256", &SHA512t256_TestOutput, (DIGEST_Init*)&SHA512_256_Init, (DIGEST_Update*)&SHA512_256_Update, (DIGEST_End*)&SHA512_256_End, &SHA512_256_Data, &SHA512_256_Fd }, { "rmd160", "RMD160", &RIPEMD160_TestOutput, (DIGEST_Init*)&RIPEMD160_Init, (DIGEST_Update*)&RIPEMD160_Update, (DIGEST_End*)&RIPEMD160_End, &RIPEMD160_Data, &RIPEMD160_Fd }, { "skein256", "Skein256", &SKEIN256_TestOutput, (DIGEST_Init*)&SKEIN256_Init, (DIGEST_Update*)&SKEIN256_Update, (DIGEST_End*)&SKEIN256_End, &SKEIN256_Data, &SKEIN256_Fd }, { "skein512", "Skein512", &SKEIN512_TestOutput, (DIGEST_Init*)&SKEIN512_Init, (DIGEST_Update*)&SKEIN512_Update, (DIGEST_End*)&SKEIN512_End, &SKEIN512_Data, &SKEIN512_Fd }, { "skein1024", "Skein1024", &SKEIN1024_TestOutput, (DIGEST_Init*)&SKEIN1024_Init, (DIGEST_Update*)&SKEIN1024_Update, (DIGEST_End*)&SKEIN1024_End, &SKEIN1024_Data, &SKEIN1024_Fd } }; static unsigned digest; static unsigned malformed; static bool gnu_emu = false; static void MD5_Update(MD5_CTX *c, const unsigned char *data, size_t len) { MD5Update(c, data, len); } struct chksumrec { char *filename; char *chksum; struct chksumrec *next; }; static struct chksumrec *head = NULL; static struct chksumrec **next = &head; #define PADDING 7 /* extra padding for "SHA512t256 (...) = ...\n" style */ #define CHKFILELINELEN (HEX_DIGEST_LENGTH + MAXPATHLEN + PADDING) static int gnu_check(const char *checksumsfile) { FILE *inp; char linebuf[CHKFILELINELEN]; int linelen; int lineno; char *filename; char *hashstr; struct chksumrec *rec; const char *digestname; int digestnamelen; int hashstrlen; if ((inp = fopen(checksumsfile, "r")) == NULL) err(1, "%s", checksumsfile); digestname = Algorithm[digest].name; digestnamelen = strlen(digestname); hashstrlen = strlen(*(Algorithm[digest].TestOutput[0])); lineno = 1; while (fgets(linebuf, sizeof(linebuf), inp) != NULL) { linelen = strlen(linebuf) - 1; if (linelen <= 0) break; if (linebuf[linelen] != '\n') errx(1, "malformed input line %d (len=%d)", lineno, linelen); linebuf[linelen] = '\0'; filename = linebuf + digestnamelen + 2; hashstr = linebuf + linelen - hashstrlen; /* * supported formats: * BSD: (): * GNU: [ *] */ if (linelen >= digestnamelen + hashstrlen + 6 && strncmp(linebuf, digestname, digestnamelen) == 0 && strncmp(filename - 2, " (", 2) == 0 && strncmp(hashstr - 4, ") = ", 4) == 0) { *(hashstr - 4) = '\0'; } else if (linelen >= hashstrlen + 3 && linebuf[hashstrlen] == ' ') { linebuf[hashstrlen] = '\0'; hashstr = linebuf; filename = linebuf + hashstrlen + 1; if (*filename == ' ' || *filename == '*') filename++; } else { malformed++; continue; } rec = malloc(sizeof (*rec)); if (rec == NULL) errx(1, "malloc failed"); rec->chksum = strdup(hashstr); rec->filename = strdup(filename); if (rec->chksum == NULL || rec->filename == NULL) errx(1, "malloc failed"); rec->next = NULL; *next = rec; next = &rec->next; lineno++; } fclose(inp); return (lineno - 1); } /* Main driver. Arguments (may be any combination): -sstring - digests string -t - runs time trial -x - runs test script filename - digests file (none) - digests standard input */ int main(int argc, char *argv[]) { #ifdef HAVE_CAPSICUM cap_rights_t rights; #endif int ch, fd; char *p, *string; char buf[HEX_DIGEST_LENGTH]; size_t len; char *progname; struct chksumrec *rec; int numrecs; if ((progname = strrchr(argv[0], '/')) == NULL) progname = argv[0]; else progname++; /* * GNU coreutils has a number of programs named *sum. These produce * similar results to the BSD version, but in a different format, * similar to BSD's -r flag. We install links to this program with * ending 'sum' to provide this compatibility. Check here to see if the * name of the program ends in 'sum', set the flag and drop the 'sum' so * the digest lookup works. Also, make -t a nop when running in this mode * since that means 'text file' there (though it's a nop in coreutils * on unix-like systems). The -c flag conflicts, so it's just disabled * in this mode (though in the future it might be implemented). */ len = strlen(progname); if (len > 3 && strcmp(progname + len - 3, "sum") == 0) { len -= 3; rflag = 1; gnu_emu = true; } for (digest = 0; digest < sizeof(Algorithm)/sizeof(*Algorithm); digest++) if (strncasecmp(Algorithm[digest].progname, progname, len) == 0) break; if (digest == sizeof(Algorithm)/sizeof(*Algorithm)) digest = 0; failed = 0; checkAgainst = NULL; checksFailed = 0; skip = 0; while ((ch = getopt(argc, argv, "bc:pqrs:tx")) != -1) switch (ch) { case 'b': bflag = 1; break; case 'c': cflag = 1; if (gnu_emu) numrecs = gnu_check(optarg); else checkAgainst = optarg; break; case 'p': pflag = 1; break; case 'q': qflag = 1; break; case 'r': rflag = 1; break; case 's': sflag = 1; string = optarg; break; case 't': if (!gnu_emu) { MDTimeTrial(&Algorithm[digest]); skip = 1; } /* else: text mode is a nop */ break; case 'x': MDTestSuite(&Algorithm[digest]); skip = 1; break; default: usage(&Algorithm[digest]); } argc -= optind; argv += optind; #ifdef HAVE_CAPSICUM if (caph_limit_stdout() < 0 || caph_limit_stderr() < 0) err(1, "unable to limit rights for stdio"); #endif if (cflag && gnu_emu) { /* * Replace argv by an array of filenames from the digest file */ argc = 0; argv = (char**)calloc(sizeof(char *), numrecs + 1); for (rec = head; rec != NULL; rec = rec->next) { argv[argc] = rec->filename; argc++; } argv[argc] = NULL; rec = head; } if (*argv) { do { if ((fd = open(*argv, O_RDONLY)) < 0) { warn("%s", *argv); failed++; continue; } /* * XXX Enter capability mode on the last argv file. * When a casper file service or other approach is * available, switch to that and enter capability mode * earlier. */ if (*(argv + 1) == NULL) { #ifdef HAVE_CAPSICUM cap_rights_init(&rights, CAP_READ); if (caph_rights_limit(fd, &rights) < 0 || caph_enter() < 0) err(1, "capsicum"); #endif } if (cflag && gnu_emu) { checkAgainst = rec->chksum; rec = rec->next; } p = Algorithm[digest].Fd(fd, buf); (void)close(fd); MDOutput(&Algorithm[digest], p, argv); } while (*++argv); } else if (!cflag && !sflag && !skip) { #ifdef HAVE_CAPSICUM if (caph_limit_stdin() < 0 || caph_enter() < 0) err(1, "capsicum"); #endif p = MDFilter(&Algorithm[digest], (char *)&buf, pflag); MDOutput(&Algorithm[digest], p, NULL); } else if (sflag) { len = strlen(string); p = Algorithm[digest].Data(string, len, buf); MDOutput(&Algorithm[digest], p, &string); } if (gnu_emu) { if (malformed > 0) warnx("WARNING: %d lines are improperly formatted", malformed); if (checksFailed > 0) warnx("WARNING: %d computed checksums did NOT match", checksFailed); } if (failed != 0) return (1); if (checksFailed != 0) return (2); return (0); } /* * Common output handling */ static void MDOutput(const Algorithm_t *alg, char *p, char *argv[]) { bool checkfailed = false; if (p == NULL) { warn("%s", *argv); failed++; } else { /* * If argv is NULL we are reading from stdin, where the output * format has always been just the hash. */ if (cflag && gnu_emu) { checkfailed = strcasecmp(checkAgainst, p) != 0; if (!qflag || checkfailed) printf("%s: %s\n", *argv, checkfailed ? "FAILED" : "OK"); } else if (qflag || argv == NULL) { printf("%s\n", p); if (cflag) checkfailed = strcasecmp(checkAgainst, p) != 0; } else { if (rflag) if (gnu_emu) if (bflag) printf("%s *%s", p, *argv); else printf("%s %s", p, *argv); else printf("%s %s", p, *argv); else printf("%s (%s) = %s", alg->name, *argv, p); if (checkAgainst) { checkfailed = strcasecmp(checkAgainst, p) != 0; if (!qflag && checkfailed) printf(" [ Failed ]"); } printf("\n"); } } if (checkfailed) checksFailed++; } /* * Measures the time to digest TEST_BLOCK_COUNT TEST_BLOCK_LEN-byte blocks. */ static void MDTimeTrial(const Algorithm_t *alg) { DIGEST_CTX context; struct rusage before, after; struct timeval total; float seconds; unsigned char block[TEST_BLOCK_LEN]; unsigned int i; char *p, buf[HEX_DIGEST_LENGTH]; printf("%s time trial. Digesting %d %d-byte blocks ...", alg->name, TEST_BLOCK_COUNT, TEST_BLOCK_LEN); fflush(stdout); /* Initialize block */ for (i = 0; i < TEST_BLOCK_LEN; i++) block[i] = (unsigned char) (i & 0xff); /* Start timer */ getrusage(RUSAGE_SELF, &before); /* Digest blocks */ alg->Init(&context); for (i = 0; i < TEST_BLOCK_COUNT; i++) alg->Update(&context, block, TEST_BLOCK_LEN); p = alg->End(&context, buf); /* Stop timer */ getrusage(RUSAGE_SELF, &after); timersub(&after.ru_utime, &before.ru_utime, &total); seconds = total.tv_sec + (float) total.tv_usec / 1000000; printf(" done\n"); printf("Digest = %s", p); printf("\nTime = %f seconds\n", seconds); printf("Speed = %f MiB/second\n", (float) TEST_BLOCK_LEN * (float) TEST_BLOCK_COUNT / seconds / (1 << 20)); } /* * Digests a reference suite of strings and prints the results. */ static const char *MDTestInput[MDTESTCOUNT] = { "", "a", "abc", "message digest", "abcdefghijklmnopqrstuvwxyz", "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", "12345678901234567890123456789012345678901234567890123456789012345678901234567890", "MD5 has not yet (2001-09-03) been broken, but sufficient attacks have been made \ that its security is in some doubt" }; const char *MD5TestOutput[MDTESTCOUNT] = { "d41d8cd98f00b204e9800998ecf8427e", "0cc175b9c0f1b6a831c399e269772661", "900150983cd24fb0d6963f7d28e17f72", "f96b697d7cb7938d525a2f31aaf161d0", "c3fcd3d76192e4007dfb496cca67e13b", "d174ab98d277d9f5a5611c2c9f419d9f", "57edf4a22be3c955ac49da2e2107b67a", "b50663f41d44d92171cb9976bc118538" }; const char *SHA1_TestOutput[MDTESTCOUNT] = { "da39a3ee5e6b4b0d3255bfef95601890afd80709", "86f7e437faa5a7fce15d1ddcb9eaeaea377667b8", "a9993e364706816aba3e25717850c26c9cd0d89d", "c12252ceda8be8994d5fa0290a47231c1d16aae3", "32d10c7b8cf96570ca04ce37f2a19d84240d3a89", "761c457bf73b14d27e9e9265c46f4b4dda11f940", "50abf5706a150990a08b2c5ea40fa0e585554732", "18eca4333979c4181199b7b4fab8786d16cf2846" }; const char *SHA224_TestOutput[MDTESTCOUNT] = { "d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f", "abd37534c7d9a2efb9465de931cd7055ffdb8879563ae98078d6d6d5", "23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7", "2cb21c83ae2f004de7e81c3c7019cbcb65b71ab656b22d6d0c39b8eb", "45a5f72c39c5cff2522eb3429799e49e5f44b356ef926bcf390dccc2", "bff72b4fcb7d75e5632900ac5f90d219e05e97a7bde72e740db393d9", "b50aecbe4e9bb0b57bc5f3ae760a8e01db24f203fb3cdcd13148046e", "5ae55f3779c8a1204210d7ed7689f661fbe140f96f272ab79e19d470" }; const char *SHA256_TestOutput[MDTESTCOUNT] = { "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", "ca978112ca1bbdcafac231b39a23dc4da786eff8147c4e72b9807785afee48bb", "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad", "f7846f55cf23e14eebeab5b4e1550cad5b509e3348fbc4efa3a1413d393cb650", "71c480df93d6ae2f1efad1447c66c9525e316218cf51fc8d9ed832f2daf18b73", "db4bfcbd4da0cd85a60c3c37d3fbd8805c77f15fc6b1fdfe614ee0a7c8fdb4c0", "f371bc4a311f2b009eef952dd83ca80e2b60026c8e935592d0f9c308453c813e", "e6eae09f10ad4122a0e2a4075761d185a272ebd9f5aa489e998ff2f09cbfdd9f" }; const char *SHA384_TestOutput[MDTESTCOUNT] = { "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b", "54a59b9f22b0b80880d8427e548b7c23abd873486e1f035dce9cd697e85175033caa88e6d57bc35efae0b5afd3145f31", "cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed8086072ba1e7cc2358baeca134c825a7", "473ed35167ec1f5d8e550368a3db39be54639f828868e9454c239fc8b52e3c61dbd0d8b4de1390c256dcbb5d5fd99cd5", "feb67349df3db6f5924815d6c3dc133f091809213731fe5c7b5f4999e463479ff2877f5f2936fa63bb43784b12f3ebb4", "1761336e3f7cbfe51deb137f026f89e01a448e3b1fafa64039c1464ee8732f11a5341a6f41e0c202294736ed64db1a84", "b12932b0627d1c060942f5447764155655bd4da0c9afa6dd9b9ef53129af1b8fb0195996d2de9ca0df9d821ffee67026", "99428d401bf4abcd4ee0695248c9858b7503853acfae21a9cffa7855f46d1395ef38596fcd06d5a8c32d41a839cc5dfb" }; const char *SHA512_TestOutput[MDTESTCOUNT] = { "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e", "1f40fc92da241694750979ee6cf582f2d5d7d28e18335de05abc54d0560e0f5302860c652bf08d560252aa5e74210546f369fbbbce8c12cfc7957b2652fe9a75", "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f", "107dbf389d9e9f71a3a95f6c055b9251bc5268c2be16d6c13492ea45b0199f3309e16455ab1e96118e8a905d5597b72038ddb372a89826046de66687bb420e7c", "4dbff86cc2ca1bae1e16468a05cb9881c97f1753bce3619034898faa1aabe429955a1bf8ec483d7421fe3c1646613a59ed5441fb0f321389f77f48a879c7b1f1", "1e07be23c26a86ea37ea810c8ec7809352515a970e9253c26f536cfc7a9996c45c8370583e0a78fa4a90041d71a4ceab7423f19c71b9d5a3e01249f0bebd5894", "72ec1ef1124a45b047e8b7c75a932195135bb61de24ec0d1914042246e0aec3a2354e093d76f3048b456764346900cb130d2a4fd5dd16abb5e30bcb850dee843", "e8a835195e039708b13d9131e025f4441dbdc521ce625f245a436dcd762f54bf5cb298d96235e6c6a304e087ec8189b9512cbdf6427737ea82793460c367b9c3" }; +const char *SHA512t224_TestOutput[MDTESTCOUNT] = { + "6ed0dd02806fa89e25de060c19d3ac86cabb87d6a0ddd05c333b84f4", + "d5cdb9ccc769a5121d4175f2bfdd13d6310e0d3d361ea75d82108327", + "4634270f707b6a54daae7530460842e20e37ed265ceee9a43e8924aa", + "ad1a4db188fe57064f4f24609d2a83cd0afb9b398eb2fcaeaae2c564", + "ff83148aa07ec30655c1b40aff86141c0215fe2a54f767d3f38743d8", + "a8b4b9174b99ffc67d6f49be9981587b96441051e16e6dd036b140d3", + "ae988faaa47e401a45f704d1272d99702458fea2ddc6582827556dd2", + "b3c3b945249b0c8c94aba76ea887bcaad5401665a1fbeb384af4d06b" +}; + const char *SHA512t256_TestOutput[MDTESTCOUNT] = { "c672b8d1ef56ed28ab87c3622c5114069bdd3ad7b8f9737498d0c01ecef0967a", "455e518824bc0601f9fb858ff5c37d417d67c2f8e0df2babe4808858aea830f8", "53048e2681941ef99b2e29b76b4c7dabe4c2d0c634fc6d46e0e2f13107e7af23", "0cf471fd17ed69d990daf3433c89b16d63dec1bb9cb42a6094604ee5d7b4e9fb", "fc3189443f9c268f626aea08a756abe7b726b05f701cb08222312ccfd6710a26", "cdf1cc0effe26ecc0c13758f7b4a48e000615df241284185c39eb05d355bb9c8", "2c9fdbc0c90bdd87612ee8455474f9044850241dc105b1e8b94b8ddf5fac9148", "dd095fc859b336c30a52548b3dc59fcc0d1be8616ebcf3368fad23107db2d736" }; const char *RIPEMD160_TestOutput[MDTESTCOUNT] = { "9c1185a5c5e9fc54612808977ee8f548b2258d31", "0bdc9d2d256b3ee9daae347be6f4dc835a467ffe", "8eb208f7e05d987a9b044a8e98c6b087f15a0bfc", "5d0689ef49d2fae572b881b123a85ffa21595f36", "f71c27109c692c1b56bbdceb5b9d2865b3708dbc", "b0e20b6e3116640286ed3a87a5713079b21f5189", "9b752e45573d4b39f4dbd3323cab82bf63326bfb", "5feb69c6bf7c29d95715ad55f57d8ac5b2b7dd32" }; const char *SKEIN256_TestOutput[MDTESTCOUNT] = { "c8877087da56e072870daa843f176e9453115929094c3a40c463a196c29bf7ba", "7fba44ff1a31d71a0c1f82e6e82fb5e9ac6c92a39c9185b9951fed82d82fe635", "258bdec343b9fde1639221a5ae0144a96e552e5288753c5fec76c05fc2fc1870", "4d2ce0062b5eb3a4db95bc1117dd8aa014f6cd50fdc8e64f31f7d41f9231e488", "46d8440685461b00e3ddb891b2ecc6855287d2bd8834a95fb1c1708b00ea5e82", "7c5eb606389556b33d34eb2536459528dc0af97adbcd0ce273aeb650f598d4b2", "4def7a7e5464a140ae9c3a80279fbebce4bd00f9faad819ab7e001512f67a10d", "d9c017dbe355f318d036469eb9b5fbe129fc2b5786a9dc6746a516eab6fe0126" }; const char *SKEIN512_TestOutput[MDTESTCOUNT] = { "bc5b4c50925519c290cc634277ae3d6257212395cba733bbad37a4af0fa06af41fca7903d06564fea7a2d3730dbdb80c1f85562dfcc070334ea4d1d9e72cba7a", "b1cd8d33f61b3737adfd59bb13ad82f4a9548e92f22956a8976cca3fdb7fee4fe91698146c4197cec85d38b83c5d93bdba92c01fd9a53870d0c7f967bc62bdce", "8f5dd9ec798152668e35129496b029a960c9a9b88662f7f9482f110b31f9f93893ecfb25c009baad9e46737197d5630379816a886aa05526d3a70df272d96e75", "15b73c158ffb875fed4d72801ded0794c720b121c0c78edf45f900937e6933d9e21a3a984206933d504b5dbb2368000411477ee1b204c986068df77886542fcc", "23793ad900ef12f9165c8080da6fdfd2c8354a2929b8aadf83aa82a3c6470342f57cf8c035ec0d97429b626c4d94f28632c8f5134fd367dca5cf293d2ec13f8c", "0c6bed927e022f5ddcf81877d42e5f75798a9f8fd3ede3d83baac0a2f364b082e036c11af35fe478745459dd8f5c0b73efe3c56ba5bb2009208d5a29cc6e469c", "2ca9fcffb3456f297d1b5f407014ecb856f0baac8eb540f534b1f187196f21e88f31103128c2f03fcc9857d7a58eb66f9525e2302d88833ee069295537a434ce", "1131f2aaa0e97126c9314f9f968cc827259bbfabced2943bb8c9274448998fb3b78738b4580dd500c76105fd3c03e465e1414f2c29664286b1f79d3e51128125" }; const char *SKEIN1024_TestOutput[MDTESTCOUNT] = { "0fff9563bb3279289227ac77d319b6fff8d7e9f09da1247b72a0a265cd6d2a62645ad547ed8193db48cff847c06494a03f55666d3b47eb4c20456c9373c86297d630d5578ebd34cb40991578f9f52b18003efa35d3da6553ff35db91b81ab890bec1b189b7f52cb2a783ebb7d823d725b0b4a71f6824e88f68f982eefc6d19c6", "6ab4c4ba9814a3d976ec8bffa7fcc638ceba0544a97b3c98411323ffd2dc936315d13dc93c13c4e88cda6f5bac6f2558b2d8694d3b6143e40d644ae43ca940685cb37f809d3d0550c56cba8036dee729a4f8fb960732e59e64d57f7f7710f8670963cdcdc95b41daab4855fcf8b6762a64b173ee61343a2c7689af1d293eba97", "35a599a0f91abcdb4cb73c19b8cb8d947742d82c309137a7caed29e8e0a2ca7a9ff9a90c34c1908cc7e7fd99bb15032fb86e76df21b72628399b5f7c3cc209d7bb31c99cd4e19465622a049afbb87c03b5ce3888d17e6e667279ec0aa9b3e2712624c01b5f5bbe1a564220bdcf6990af0c2539019f313fdd7406cca3892a1f1f", "ea891f5268acd0fac97467fc1aa89d1ce8681a9992a42540e53babee861483110c2d16f49e73bac27653ff173003e40cfb08516cd34262e6af95a5d8645c9c1abb3e813604d508b8511b30f9a5c1b352aa0791c7d2f27b2706dccea54bc7de6555b5202351751c3299f97c09cf89c40f67187e2521c0fad82b30edbb224f0458", "f23d95c2a25fbcd0e797cd058fec39d3c52d2b5afd7a9af1df934e63257d1d3dcf3246e7329c0f1104c1e51e3d22e300507b0c3b9f985bb1f645ef49835080536becf83788e17fed09c9982ba65c3cb7ffe6a5f745b911c506962adf226e435c42f6f6bc08d288f9c810e807e3216ef444f3db22744441deefa4900982a1371f", "cf3889e8a8d11bfd3938055d7d061437962bc5eac8ae83b1b71c94be201b8cf657fdbfc38674997a008c0c903f56a23feb3ae30e012377f1cfa080a9ca7fe8b96138662653fb3335c7d06595bf8baf65e215307532094cfdfa056bd8052ab792a3944a2adaa47b30335b8badb8fe9eb94fe329cdca04e58bbc530f0af709f469", "cf21a613620e6c119eca31fdfaad449a8e02f95ca256c21d2a105f8e4157048f9fe1e897893ea18b64e0e37cb07d5ac947f27ba544caf7cbc1ad094e675aed77a366270f7eb7f46543bccfa61c526fd628408058ed00ed566ac35a9761d002e629c4fb0d430b2f4ad016fcc49c44d2981c4002da0eecc42144160e2eaea4855a", "e6799b78db54085a2be7ff4c8007f147fa88d326abab30be0560b953396d8802feee9a15419b48a467574e9283be15685ca8a079ee52b27166b64dd70b124b1d4e4f6aca37224c3f2685e67e67baef9f94b905698adc794a09672aba977a61b20966912acdb08c21a2c37001785355dc884751a21f848ab36e590331ff938138" }; static void MDTestSuite(const Algorithm_t *alg) { int i; char buffer[HEX_DIGEST_LENGTH]; printf("%s test suite:\n", alg->name); for (i = 0; i < MDTESTCOUNT; i++) { (*alg->Data)(MDTestInput[i], strlen(MDTestInput[i]), buffer); printf("%s (\"%s\") = %s", alg->name, MDTestInput[i], buffer); if (strcmp(buffer, (*alg->TestOutput)[i]) == 0) { printf(" - verified correct\n"); } else { printf(" - INCORRECT RESULT!\n"); failed++; } } } /* * Digests the standard input and prints the result. */ static char * MDFilter(const Algorithm_t *alg, char *buf, int tee) { DIGEST_CTX context; unsigned int len; unsigned char buffer[BUFSIZ]; char *p; alg->Init(&context); while ((len = fread(buffer, 1, BUFSIZ, stdin))) { if (tee && len != fwrite(buffer, 1, len, stdout)) err(1, "stdout"); alg->Update(&context, buffer, len); } p = alg->End(&context, buf); return (p); } static void usage(const Algorithm_t *alg) { if (gnu_emu) fprintf(stderr, "usage: %ssum [-pqrtx] [-c file] [-s string] [files ...]\n", alg->progname); else fprintf(stderr, "usage: %s [-pqrtx] [-c string] [-s string] [files ...]\n", alg->progname); exit(1); } diff --git a/sbin/md5/tests/algorithms.txt b/sbin/md5/tests/algorithms.txt index 88f0ff5b783a..304d86bd4d4c 100644 --- a/sbin/md5/tests/algorithms.txt +++ b/sbin/md5/tests/algorithms.txt @@ -1,11 +1,12 @@ md5 rmd160 sha1 sha224 sha256 sha384 sha512 +sha512t224 sha512t256 skein1024 skein256 skein512 diff --git a/sbin/md5/tests/self-test.sha512t224.chk b/sbin/md5/tests/self-test.sha512t224.chk new file mode 100644 index 000000000000..d0549199f76b --- /dev/null +++ b/sbin/md5/tests/self-test.sha512t224.chk @@ -0,0 +1,9 @@ +SHA512t224 test suite: +SHA512t224 ("") = 6ed0dd02806fa89e25de060c19d3ac86cabb87d6a0ddd05c333b84f4 - verified correct +SHA512t224 ("a") = d5cdb9ccc769a5121d4175f2bfdd13d6310e0d3d361ea75d82108327 - verified correct +SHA512t224 ("abc") = 4634270f707b6a54daae7530460842e20e37ed265ceee9a43e8924aa - verified correct +SHA512t224 ("message digest") = ad1a4db188fe57064f4f24609d2a83cd0afb9b398eb2fcaeaae2c564 - verified correct +SHA512t224 ("abcdefghijklmnopqrstuvwxyz") = ff83148aa07ec30655c1b40aff86141c0215fe2a54f767d3f38743d8 - verified correct +SHA512t224 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") = a8b4b9174b99ffc67d6f49be9981587b96441051e16e6dd036b140d3 - verified correct +SHA512t224 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") = ae988faaa47e401a45f704d1272d99702458fea2ddc6582827556dd2 - verified correct +SHA512t224 ("MD5 has not yet (2001-09-03) been broken, but sufficient attacks have been made that its security is in some doubt") = b3c3b945249b0c8c94aba76ea887bcaad5401665a1fbeb384af4d06b - verified correct diff --git a/sbin/md5/tests/sha512t224.digest b/sbin/md5/tests/sha512t224.digest new file mode 100644 index 000000000000..34ad437ed15d --- /dev/null +++ b/sbin/md5/tests/sha512t224.digest @@ -0,0 +1,8 @@ +SHA512t224 (1.inp) = 6ed0dd02806fa89e25de060c19d3ac86cabb87d6a0ddd05c333b84f4 +SHA512t224 (2.inp) = d5cdb9ccc769a5121d4175f2bfdd13d6310e0d3d361ea75d82108327 +SHA512t224 (3.inp) = 4634270f707b6a54daae7530460842e20e37ed265ceee9a43e8924aa +SHA512t224 (4.inp) = ad1a4db188fe57064f4f24609d2a83cd0afb9b398eb2fcaeaae2c564 +SHA512t224 (5.inp) = ff83148aa07ec30655c1b40aff86141c0215fe2a54f767d3f38743d8 +SHA512t224 (6.inp) = a8b4b9174b99ffc67d6f49be9981587b96441051e16e6dd036b140d3 +SHA512t224 (7.inp) = ae988faaa47e401a45f704d1272d99702458fea2ddc6582827556dd2 +SHA512t224 (8.inp) = b3c3b945249b0c8c94aba76ea887bcaad5401665a1fbeb384af4d06b diff --git a/sbin/md5/tests/sha512t224sum.digest b/sbin/md5/tests/sha512t224sum.digest new file mode 100644 index 000000000000..36459078a7b2 --- /dev/null +++ b/sbin/md5/tests/sha512t224sum.digest @@ -0,0 +1,8 @@ +6ed0dd02806fa89e25de060c19d3ac86cabb87d6a0ddd05c333b84f4 1.inp +d5cdb9ccc769a5121d4175f2bfdd13d6310e0d3d361ea75d82108327 2.inp +4634270f707b6a54daae7530460842e20e37ed265ceee9a43e8924aa 3.inp +ad1a4db188fe57064f4f24609d2a83cd0afb9b398eb2fcaeaae2c564 4.inp +ff83148aa07ec30655c1b40aff86141c0215fe2a54f767d3f38743d8 5.inp +a8b4b9174b99ffc67d6f49be9981587b96441051e16e6dd036b140d3 6.inp +ae988faaa47e401a45f704d1272d99702458fea2ddc6582827556dd2 7.inp +b3c3b945249b0c8c94aba76ea887bcaad5401665a1fbeb384af4d06b 8.inp