Index: stable/10/lib/libmd/Makefile =================================================================== --- stable/10/lib/libmd/Makefile (revision 314183) +++ stable/10/lib/libmd/Makefile (revision 314184) @@ -1,220 +1,226 @@ # $FreeBSD$ LIB= md SHLIB_MAJOR= 6 SHLIBDIR?= /lib SRCS= md4c.c md5c.c md4hl.c md5hl.c \ rmd160c.c rmd160hl.c \ sha0c.c sha0hl.c sha1c.c sha1hl.c \ sha256c.c sha256hl.c \ sha512c.c sha512hl.c INCS= md4.h md5.h ripemd.h sha.h sha256.h sha512.h WARNS?= 0 MAN+= md4.3 md5.3 ripemd.3 sha.3 sha256.3 sha512.3 MLINKS+=md4.3 MD4Init.3 md4.3 MD4Update.3 md4.3 MD4Final.3 MLINKS+=md4.3 MD4End.3 md4.3 MD4File.3 md4.3 MD4FileChunk.3 MLINKS+=md4.3 MD4Data.3 MLINKS+=md5.3 MD5Init.3 md5.3 MD5Update.3 md5.3 MD5Final.3 MLINKS+=md5.3 MD5End.3 md5.3 MD5File.3 md5.3 MD5FileChunk.3 MLINKS+=md5.3 MD5Data.3 MLINKS+=ripemd.3 RIPEMD160_Init.3 ripemd.3 RIPEMD160_Update.3 MLINKS+=ripemd.3 RIPEMD160_Final.3 ripemd.3 RIPEMD160_Data.3 MLINKS+=ripemd.3 RIPEMD160_End.3 ripemd.3 RIPEMD160_File.3 MLINKS+=ripemd.3 RIPEMD160_FileChunk.3 MLINKS+=sha.3 SHA_Init.3 sha.3 SHA_Update.3 sha.3 SHA_Final.3 MLINKS+=sha.3 SHA_End.3 sha.3 SHA_File.3 sha.3 SHA_FileChunk.3 MLINKS+=sha.3 SHA_Data.3 MLINKS+=sha.3 SHA1_Init.3 sha.3 SHA1_Update.3 sha.3 SHA1_Final.3 MLINKS+=sha.3 SHA1_End.3 sha.3 SHA1_File.3 sha.3 SHA1_FileChunk.3 MLINKS+=sha.3 SHA1_Data.3 MLINKS+=sha256.3 SHA256_Init.3 sha256.3 SHA256_Update.3 MLINKS+=sha256.3 SHA256_Final.3 sha256.3 SHA256_End.3 MLINKS+=sha256.3 SHA256_File.3 sha256.3 SHA256_FileChunk.3 MLINKS+=sha256.3 SHA256_Data.3 MLINKS+=sha512.3 SHA512_Init.3 sha512.3 SHA512_Update.3 MLINKS+=sha512.3 SHA512_Final.3 sha512.3 SHA512_End.3 MLINKS+=sha512.3 SHA512_File.3 sha512.3 SHA512_FileChunk.3 MLINKS+=sha512.3 SHA512_Data.3 CLEANFILES+= md[245]hl.c md[245].ref md[245].3 mddriver \ rmd160.ref rmd160hl.c rmddriver \ sha0.ref sha0hl.c sha1.ref sha1hl.c shadriver \ sha256.ref sha256hl.c sha512.ref sha512hl.c -CFLAGS+= -I${.CURDIR} +# Define WEAK_REFS to provide weak aliases for libmd symbols +# +# Note that the same sources are also used internally by libcrypt, +# in which case: +# * macros are used to rename symbols to libcrypt internal names +# * no weak aliases are generated +CFLAGS+= -I${.CURDIR} -DWEAK_REFS .PATH: ${.CURDIR}/${MACHINE_ARCH} ${.CURDIR}/../../sys/crypto/sha2 .if exists(${MACHINE_ARCH}/sha.S) SRCS+= sha.S CFLAGS+= -DSHA1_ASM .endif .if exists(${MACHINE_ARCH}/rmd160.S) SRCS+= rmd160.S CFLAGS+= -DRMD160_ASM .endif .if exists(${MACHINE_ARCH}/sha.S) || exists(${MACHINE_ARCH}/rmd160.S) ACFLAGS+= -DELF -Wa,--noexecstack .endif md4hl.c: mdXhl.c (echo '#define LENGTH 16'; \ sed -e 's/mdX/md4/g' -e 's/MDX/MD4/g' ${.ALLSRC}) > ${.TARGET} md5hl.c: mdXhl.c (echo '#define LENGTH 16'; \ sed -e 's/mdX/md5/g' -e 's/MDX/MD5/g' ${.ALLSRC}) > ${.TARGET} sha0hl.c: mdXhl.c (echo '#define LENGTH 20'; \ sed -e 's/mdX/sha/g' -e 's/MDX/SHA_/g' -e 's/SHA__/SHA_/g' \ ${.ALLSRC}) > ${.TARGET} sha1hl.c: mdXhl.c (echo '#define LENGTH 20'; \ sed -e 's/mdX/sha/g' -e 's/MDX/SHA1_/g' -e 's/SHA1__/SHA1_/g' \ ${.ALLSRC}) > ${.TARGET} sha256hl.c: mdXhl.c (echo '#define LENGTH 32'; \ sed -e 's/mdX/sha256/g' -e 's/MDX/SHA256_/g' \ -e 's/SHA256__/SHA256_/g' \ ${.ALLSRC}) > ${.TARGET} sha512hl.c: mdXhl.c (echo '#define LENGTH 64'; \ sed -e 's/mdX/sha512/g' -e 's/MDX/SHA512_/g' \ -e 's/SHA512__/SHA512_/g' \ ${.ALLSRC}) > ${.TARGET} rmd160hl.c: mdXhl.c (echo '#define LENGTH 20'; \ sed -e 's/mdX/ripemd/g' -e 's/MDX/RIPEMD160_/g' \ -e 's/RIPEMD160__/RIPEMD160_/g' \ ${.ALLSRC}) > ${.TARGET} .for i in 2 4 5 md${i}.3: ${.CURDIR}/mdX.3 sed -e "s/mdX/md${i}/g" -e "s/MDX/MD${i}/g" ${.ALLSRC} > ${.TARGET} cat ${.CURDIR}/md${i}.copyright >> ${.TARGET} .endfor md4.ref: echo 'MD4 test suite:' > ${.TARGET} @echo 'MD4 ("") = 31d6cfe0d16ae931b73c59d7e0c089c0' >> ${.TARGET} @echo 'MD4 ("a") = bde52cb31de33e46245e05fbdbd6fb24' >> ${.TARGET} @echo 'MD4 ("abc") = a448017aaf21d8525fc10ae87aa6729d' >> ${.TARGET} @echo 'MD4 ("message digest") = d9130a8164549fe818874806e1c7014b' >> ${.TARGET} @echo 'MD4 ("abcdefghijklmnopqrstuvwxyz") = d79e1c308aa5bbcdeea8ed63df412da9' >> ${.TARGET} @echo 'MD4 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \ '043f8582f241db351ce627e153e7f0e4' >> ${.TARGET} @echo 'MD4 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \ 'e33b4ddc9c38f2199c3e7b164fcc0536' >> ${.TARGET} md5.ref: echo 'MD5 test suite:' > ${.TARGET} @echo 'MD5 ("") = d41d8cd98f00b204e9800998ecf8427e' >> ${.TARGET} @echo 'MD5 ("a") = 0cc175b9c0f1b6a831c399e269772661' >> ${.TARGET} @echo 'MD5 ("abc") = 900150983cd24fb0d6963f7d28e17f72' >> ${.TARGET} @echo 'MD5 ("message digest") = f96b697d7cb7938d525a2f31aaf161d0' >> ${.TARGET} @echo 'MD5 ("abcdefghijklmnopqrstuvwxyz") = c3fcd3d76192e4007dfb496cca67e13b' >> ${.TARGET} @echo 'MD5 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") = d174ab98d277d9f5a5611c2c9f419d9f' >> ${.TARGET} @echo 'MD5 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") = 57edf4a22be3c955ac49da2e2107b67a' >> ${.TARGET} sha0.ref: echo 'SHA-0 test suite:' > ${.TARGET} @echo 'SHA-0 ("") = f96cea198ad1dd5617ac084a3d92c6107708c0ef' >> ${.TARGET} @echo 'SHA-0 ("abc") = 0164b8a914cd2a5e74c4f7ff082c4d97f1edf880' >> ${.TARGET} @echo 'SHA-0 ("message digest") =' \ 'c1b0f222d150ebb9aa36a40cafdc8bcbed830b14' >> ${.TARGET} @echo 'SHA-0 ("abcdefghijklmnopqrstuvwxyz") =' \ 'b40ce07a430cfd3c033039b9fe9afec95dc1bdcd' >> ${.TARGET} @echo 'SHA-0 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \ '79e966f7a3a990df33e40e3d7f8f18d2caebadfa' >> ${.TARGET} @echo 'SHA-0 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \ '4aa29d14d171522ece47bee8957e35a41f3e9cff' >> ${.TARGET} sha1.ref: echo 'SHA-1 test suite:' > ${.TARGET} @echo 'SHA-1 ("") = da39a3ee5e6b4b0d3255bfef95601890afd80709' >> ${.TARGET} @echo 'SHA-1 ("abc") = a9993e364706816aba3e25717850c26c9cd0d89d' >> ${.TARGET} @echo 'SHA-1 ("message digest") =' \ 'c12252ceda8be8994d5fa0290a47231c1d16aae3' >> ${.TARGET} @echo 'SHA-1 ("abcdefghijklmnopqrstuvwxyz") =' \ '32d10c7b8cf96570ca04ce37f2a19d84240d3a89' >> ${.TARGET} @echo 'SHA-1 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \ '761c457bf73b14d27e9e9265c46f4b4dda11f940' >> ${.TARGET} @echo 'SHA-1 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \ '50abf5706a150990a08b2c5ea40fa0e585554732' >> ${.TARGET} sha256.ref: echo 'SHA-256 test suite:' > ${.TARGET} @echo 'SHA-256 ("") = e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855' >> ${.TARGET} @echo 'SHA-256 ("abc") =' \ 'ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad' >> ${.TARGET} @echo 'SHA-256 ("message digest") =' \ 'f7846f55cf23e14eebeab5b4e1550cad5b509e3348fbc4efa3a1413d393cb650' >> ${.TARGET} @echo 'SHA-256 ("abcdefghijklmnopqrstuvwxyz") =' \ '71c480df93d6ae2f1efad1447c66c9525e316218cf51fc8d9ed832f2daf18b73' >> ${.TARGET} @echo 'SHA-256 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \ 'db4bfcbd4da0cd85a60c3c37d3fbd8805c77f15fc6b1fdfe614ee0a7c8fdb4c0' >> ${.TARGET} @echo 'SHA-256 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \ 'f371bc4a311f2b009eef952dd83ca80e2b60026c8e935592d0f9c308453c813e' >> ${.TARGET} sha512.ref: echo 'SHA-512 test suite:' > ${.TARGET} @echo 'SHA-512 ("") =' \ 'cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e' >> ${.TARGET} @echo 'SHA-512 ("abc") =' \ 'ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f' >> ${.TARGET} @echo 'SHA-512 ("message digest") =' \ '107dbf389d9e9f71a3a95f6c055b9251bc5268c2be16d6c13492ea45b0199f3309e16455ab1e96118e8a905d5597b72038ddb372a89826046de66687bb420e7c' >> ${.TARGET} @echo 'SHA-512 ("abcdefghijklmnopqrstuvwxyz") =' \ '4dbff86cc2ca1bae1e16468a05cb9881c97f1753bce3619034898faa1aabe429955a1bf8ec483d7421fe3c1646613a59ed5441fb0f321389f77f48a879c7b1f1' >> ${.TARGET} @echo 'SHA-512 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \ '1e07be23c26a86ea37ea810c8ec7809352515a970e9253c26f536cfc7a9996c45c8370583e0a78fa4a90041d71a4ceab7423f19c71b9d5a3e01249f0bebd5894' >> ${.TARGET} @echo 'SHA-512 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \ '72ec1ef1124a45b047e8b7c75a932195135bb61de24ec0d1914042246e0aec3a2354e093d76f3048b456764346900cb130d2a4fd5dd16abb5e30bcb850dee843' >> ${.TARGET} rmd160.ref: echo 'RIPEMD160 test suite:' > ${.TARGET} @echo 'RIPEMD160 ("") = 9c1185a5c5e9fc54612808977ee8f548b2258d31' >> ${.TARGET} @echo 'RIPEMD160 ("abc") = 8eb208f7e05d987a9b044a8e98c6b087f15a0bfc' >> ${.TARGET} @echo 'RIPEMD160 ("message digest") =' \ '5d0689ef49d2fae572b881b123a85ffa21595f36' >> ${.TARGET} @echo 'RIPEMD160 ("abcdefghijklmnopqrstuvwxyz") =' \ 'f71c27109c692c1b56bbdceb5b9d2865b3708dbc' >> ${.TARGET} @echo 'RIPEMD160 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \ 'b0e20b6e3116640286ed3a87a5713079b21f5189' >> ${.TARGET} @echo 'RIPEMD160 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \ '9b752e45573d4b39f4dbd3323cab82bf63326bfb' >> ${.TARGET} test: md4.ref md5.ref sha0.ref rmd160.ref sha1.ref sha256.ref sha512.ref @${ECHO} if any of these test fail, the code produces wrong results @${ECHO} and should NOT be used. ${CC} ${CFLAGS} ${LDFLAGS} -DMD=4 -o mddriver ${.CURDIR}/mddriver.c libmd.a ./mddriver | cmp md4.ref - @${ECHO} MD4 passed test ${CC} ${CFLAGS} ${LDFLAGS} -DMD=5 -o mddriver ${.CURDIR}/mddriver.c libmd.a ./mddriver | cmp md5.ref - @${ECHO} MD5 passed test -rm -f mddriver ${CC} ${CFLAGS} ${LDFLAGS} -o rmddriver ${.CURDIR}/rmddriver.c libmd.a ./rmddriver | cmp rmd160.ref - @${ECHO} RIPEMD160 passed test -rm -f rmddriver ${CC} ${CFLAGS} ${LDFLAGS} -DSHA=0 -o shadriver ${.CURDIR}/shadriver.c libmd.a ./shadriver | cmp sha0.ref - @${ECHO} SHA-0 passed test ${CC} ${CFLAGS} ${LDFLAGS} -DSHA=1 -o shadriver ${.CURDIR}/shadriver.c libmd.a ./shadriver | cmp sha1.ref - @${ECHO} SHA-1 passed test ${CC} ${CFLAGS} ${LDFLAGS} -DSHA=256 -o shadriver ${.CURDIR}/shadriver.c libmd.a ./shadriver | cmp sha256.ref - @${ECHO} SHA-256 passed test ${CC} ${CFLAGS} ${LDFLAGS} -DSHA=512 -o shadriver ${.CURDIR}/shadriver.c libmd.a ./shadriver | cmp sha512.ref - @${ECHO} SHA-512 passed test -rm -f shadriver .include Index: stable/10/lib/libmd/md4c.c =================================================================== --- stable/10/lib/libmd/md4c.c (revision 314183) +++ stable/10/lib/libmd/md4c.c (revision 314184) @@ -1,301 +1,307 @@ /* MD4C.C - RSA Data Security, Inc., MD4 message-digest algorithm */ #include __FBSDID("$FreeBSD$"); /* Copyright (C) 1990-2, RSA Data Security, Inc. All rights reserved. License to copy and use this software is granted provided that it is identified as the "RSA Data Security, Inc. MD4 Message-Digest Algorithm" in all material mentioning or referencing this software or this function. License is also granted to make and use derivative works provided that such works are identified as "derived from the RSA Data Security, Inc. MD4 Message-Digest Algorithm" in all material mentioning or referencing the derived work. RSA Data Security, Inc. makes no representations concerning either the merchantability of this software or the suitability of this software for any particular purpose. It is provided "as is" without express or implied warranty of any kind. These notices must be retained in any copies of any part of this documentation and/or software. */ #include #include #include "md4.h" typedef unsigned char *POINTER; typedef const unsigned char *CONST_POINTER; typedef u_int16_t UINT2; typedef u_int32_t UINT4; #define PROTO_LIST(list) list /* Constants for MD4Transform routine. */ #define S11 3 #define S12 7 #define S13 11 #define S14 19 #define S21 3 #define S22 5 #define S23 9 #define S24 13 #define S31 3 #define S32 9 #define S33 11 #define S34 15 static void MD4Transform PROTO_LIST ((UINT4 [4], const unsigned char [64])); static void Encode PROTO_LIST ((unsigned char *, UINT4 *, unsigned int)); static void Decode PROTO_LIST ((UINT4 *, const unsigned char *, unsigned int)); static unsigned char PADDING[64] = { 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }; /* F, G and H are basic MD4 functions. */ #define F(x, y, z) (((x) & (y)) | ((~x) & (z))) #define G(x, y, z) (((x) & (y)) | ((x) & (z)) | ((y) & (z))) #define H(x, y, z) ((x) ^ (y) ^ (z)) /* ROTATE_LEFT rotates x left n bits. */ #define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n)))) /* FF, GG and HH are transformations for rounds 1, 2 and 3 */ /* Rotation is separate from addition to prevent recomputation */ #define FF(a, b, c, d, x, s) { \ (a) += F ((b), (c), (d)) + (x); \ (a) = ROTATE_LEFT ((a), (s)); \ } #define GG(a, b, c, d, x, s) { \ (a) += G ((b), (c), (d)) + (x) + (UINT4)0x5a827999; \ (a) = ROTATE_LEFT ((a), (s)); \ } #define HH(a, b, c, d, x, s) { \ (a) += H ((b), (c), (d)) + (x) + (UINT4)0x6ed9eba1; \ (a) = ROTATE_LEFT ((a), (s)); \ } /* MD4 initialization. Begins an MD4 operation, writing a new context. */ void MD4Init (context) MD4_CTX *context; /* context */ { context->count[0] = context->count[1] = 0; /* Load magic initialization constants. */ context->state[0] = 0x67452301; context->state[1] = 0xefcdab89; context->state[2] = 0x98badcfe; context->state[3] = 0x10325476; } /* MD4 block update operation. Continues an MD4 message-digest operation, processing another message block, and updating the context. */ void MD4Update (context, in, inputLen) MD4_CTX *context; /* context */ const void *in; /* input block */ unsigned int inputLen; /* length of input block */ { unsigned int i, idx, partLen; const unsigned char *input = in; /* Compute number of bytes mod 64 */ idx = (unsigned int)((context->count[0] >> 3) & 0x3F); /* Update number of bits */ if ((context->count[0] += ((UINT4)inputLen << 3)) < ((UINT4)inputLen << 3)) context->count[1]++; context->count[1] += ((UINT4)inputLen >> 29); partLen = 64 - idx; /* Transform as many times as possible. */ if (inputLen >= partLen) { memcpy ((POINTER)&context->buffer[idx], (CONST_POINTER)input, partLen); MD4Transform (context->state, context->buffer); for (i = partLen; i + 63 < inputLen; i += 64) MD4Transform (context->state, &input[i]); idx = 0; } else i = 0; /* Buffer remaining input */ memcpy ((POINTER)&context->buffer[idx], (CONST_POINTER)&input[i], inputLen-i); } /* MD4 padding. */ void MD4Pad (context) MD4_CTX *context; /* context */ { unsigned char bits[8]; unsigned int idx, padLen; /* Save number of bits */ Encode (bits, context->count, 8); /* Pad out to 56 mod 64. */ idx = (unsigned int)((context->count[0] >> 3) & 0x3f); padLen = (idx < 56) ? (56 - idx) : (120 - idx); MD4Update (context, PADDING, padLen); /* Append length (before padding) */ MD4Update (context, bits, 8); } /* MD4 finalization. Ends an MD4 message-digest operation, writing the the message digest and zeroizing the context. */ void MD4Final (digest, context) unsigned char digest[16]; /* message digest */ MD4_CTX *context; /* context */ { /* Do padding */ MD4Pad (context); /* Store state in digest */ Encode (digest, context->state, 16); /* Zeroize sensitive information. */ memset ((POINTER)context, 0, sizeof (*context)); } /* MD4 basic transformation. Transforms state based on block. */ static void MD4Transform (state, block) UINT4 state[4]; const unsigned char block[64]; { UINT4 a = state[0], b = state[1], c = state[2], d = state[3], x[16]; Decode (x, block, 64); /* Round 1 */ FF (a, b, c, d, x[ 0], S11); /* 1 */ FF (d, a, b, c, x[ 1], S12); /* 2 */ FF (c, d, a, b, x[ 2], S13); /* 3 */ FF (b, c, d, a, x[ 3], S14); /* 4 */ FF (a, b, c, d, x[ 4], S11); /* 5 */ FF (d, a, b, c, x[ 5], S12); /* 6 */ FF (c, d, a, b, x[ 6], S13); /* 7 */ FF (b, c, d, a, x[ 7], S14); /* 8 */ FF (a, b, c, d, x[ 8], S11); /* 9 */ FF (d, a, b, c, x[ 9], S12); /* 10 */ FF (c, d, a, b, x[10], S13); /* 11 */ FF (b, c, d, a, x[11], S14); /* 12 */ FF (a, b, c, d, x[12], S11); /* 13 */ FF (d, a, b, c, x[13], S12); /* 14 */ FF (c, d, a, b, x[14], S13); /* 15 */ FF (b, c, d, a, x[15], S14); /* 16 */ /* Round 2 */ GG (a, b, c, d, x[ 0], S21); /* 17 */ GG (d, a, b, c, x[ 4], S22); /* 18 */ GG (c, d, a, b, x[ 8], S23); /* 19 */ GG (b, c, d, a, x[12], S24); /* 20 */ GG (a, b, c, d, x[ 1], S21); /* 21 */ GG (d, a, b, c, x[ 5], S22); /* 22 */ GG (c, d, a, b, x[ 9], S23); /* 23 */ GG (b, c, d, a, x[13], S24); /* 24 */ GG (a, b, c, d, x[ 2], S21); /* 25 */ GG (d, a, b, c, x[ 6], S22); /* 26 */ GG (c, d, a, b, x[10], S23); /* 27 */ GG (b, c, d, a, x[14], S24); /* 28 */ GG (a, b, c, d, x[ 3], S21); /* 29 */ GG (d, a, b, c, x[ 7], S22); /* 30 */ GG (c, d, a, b, x[11], S23); /* 31 */ GG (b, c, d, a, x[15], S24); /* 32 */ /* Round 3 */ HH (a, b, c, d, x[ 0], S31); /* 33 */ HH (d, a, b, c, x[ 8], S32); /* 34 */ HH (c, d, a, b, x[ 4], S33); /* 35 */ HH (b, c, d, a, x[12], S34); /* 36 */ HH (a, b, c, d, x[ 2], S31); /* 37 */ HH (d, a, b, c, x[10], S32); /* 38 */ HH (c, d, a, b, x[ 6], S33); /* 39 */ HH (b, c, d, a, x[14], S34); /* 40 */ HH (a, b, c, d, x[ 1], S31); /* 41 */ HH (d, a, b, c, x[ 9], S32); /* 42 */ HH (c, d, a, b, x[ 5], S33); /* 43 */ HH (b, c, d, a, x[13], S34); /* 44 */ HH (a, b, c, d, x[ 3], S31); /* 45 */ HH (d, a, b, c, x[11], S32); /* 46 */ HH (c, d, a, b, x[ 7], S33); /* 47 */ HH (b, c, d, a, x[15], S34); /* 48 */ state[0] += a; state[1] += b; state[2] += c; state[3] += d; /* Zeroize sensitive information. */ memset ((POINTER)x, 0, sizeof (x)); } /* Encodes input (UINT4) into output (unsigned char). Assumes len is a multiple of 4. */ static void Encode (output, input, len) unsigned char *output; UINT4 *input; unsigned int len; { unsigned int i, j; for (i = 0, j = 0; j < len; i++, j += 4) { output[j] = (unsigned char)(input[i] & 0xff); output[j+1] = (unsigned char)((input[i] >> 8) & 0xff); output[j+2] = (unsigned char)((input[i] >> 16) & 0xff); output[j+3] = (unsigned char)((input[i] >> 24) & 0xff); } } /* Decodes input (unsigned char) into output (UINT4). Assumes len is a multiple of 4. */ static void Decode (output, input, len) UINT4 *output; const unsigned char *input; unsigned int len; { unsigned int i, j; for (i = 0, j = 0; j < len; i++, j += 4) output[i] = ((UINT4)input[j]) | (((UINT4)input[j+1]) << 8) | (((UINT4)input[j+2]) << 16) | (((UINT4)input[j+3]) << 24); } +#ifdef WEAK_REFS +/* When building libmd, provide weak references. Note: this is not + activated in the context of compiling these sources for internal + use in libcrypt. + */ #undef MD4Init __weak_reference(_libmd_MD4Init, MD4Init); #undef MD4Update __weak_reference(_libmd_MD4Update, MD4Update); #undef MD4Pad __weak_reference(_libmd_MD4Pad, MD4Pad); #undef MD4Final __weak_reference(_libmd_MD4Final, MD4Final); +#endif Index: stable/10/lib/libmd/md5c.c =================================================================== --- stable/10/lib/libmd/md5c.c (revision 314183) +++ stable/10/lib/libmd/md5c.c (revision 314184) @@ -1,348 +1,354 @@ /* * MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm * * Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All * rights reserved. * * License to copy and use this software is granted provided that it * is identified as the "RSA Data Security, Inc. MD5 Message-Digest * Algorithm" in all material mentioning or referencing this software * or this function. * * License is also granted to make and use derivative works provided * that such works are identified as "derived from the RSA Data * Security, Inc. MD5 Message-Digest Algorithm" in all material * mentioning or referencing the derived work. * * RSA Data Security, Inc. makes no representations concerning either * the merchantability of this software or the suitability of this * software for any particular purpose. It is provided "as is" * without express or implied warranty of any kind. * * These notices must be retained in any copies of any part of this * documentation and/or software. * * This code is the same as the code published by RSA Inc. It has been * edited for clarity and style only. */ #include __FBSDID("$FreeBSD$"); #include #ifdef _KERNEL #include #else #include #endif #include #include #include "md5.h" static void MD5Transform(u_int32_t [4], const unsigned char [64]); #ifdef _KERNEL #define memset(x,y,z) bzero(x,z); #define memcpy(x,y,z) bcopy(y, x, z) #endif #if (BYTE_ORDER == LITTLE_ENDIAN) #define Encode memcpy #define Decode memcpy #else /* * Encodes input (u_int32_t) into output (unsigned char). Assumes len is * a multiple of 4. */ static void Encode (unsigned char *output, u_int32_t *input, unsigned int len) { unsigned int i; u_int32_t *op = (u_int32_t *)output; for (i = 0; i < len / 4; i++) op[i] = htole32(input[i]); } /* * Decodes input (unsigned char) into output (u_int32_t). Assumes len is * a multiple of 4. */ static void Decode (u_int32_t *output, const unsigned char *input, unsigned int len) { unsigned int i; const u_int32_t *ip = (const u_int32_t *)input; for (i = 0; i < len / 4; i++) output[i] = le32toh(ip[i]); } #endif static unsigned char PADDING[64] = { 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }; /* F, G, H and I are basic MD5 functions. */ #define F(x, y, z) (((x) & (y)) | ((~x) & (z))) #define G(x, y, z) (((x) & (z)) | ((y) & (~z))) #define H(x, y, z) ((x) ^ (y) ^ (z)) #define I(x, y, z) ((y) ^ ((x) | (~z))) /* ROTATE_LEFT rotates x left n bits. */ #define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n)))) /* * FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4. * Rotation is separate from addition to prevent recomputation. */ #define FF(a, b, c, d, x, s, ac) { \ (a) += F ((b), (c), (d)) + (x) + (u_int32_t)(ac); \ (a) = ROTATE_LEFT ((a), (s)); \ (a) += (b); \ } #define GG(a, b, c, d, x, s, ac) { \ (a) += G ((b), (c), (d)) + (x) + (u_int32_t)(ac); \ (a) = ROTATE_LEFT ((a), (s)); \ (a) += (b); \ } #define HH(a, b, c, d, x, s, ac) { \ (a) += H ((b), (c), (d)) + (x) + (u_int32_t)(ac); \ (a) = ROTATE_LEFT ((a), (s)); \ (a) += (b); \ } #define II(a, b, c, d, x, s, ac) { \ (a) += I ((b), (c), (d)) + (x) + (u_int32_t)(ac); \ (a) = ROTATE_LEFT ((a), (s)); \ (a) += (b); \ } /* MD5 initialization. Begins an MD5 operation, writing a new context. */ void MD5Init (context) MD5_CTX *context; { context->count[0] = context->count[1] = 0; /* Load magic initialization constants. */ context->state[0] = 0x67452301; context->state[1] = 0xefcdab89; context->state[2] = 0x98badcfe; context->state[3] = 0x10325476; } /* * MD5 block update operation. Continues an MD5 message-digest * operation, processing another message block, and updating the * context. */ void MD5Update (context, in, inputLen) MD5_CTX *context; const void *in; unsigned int inputLen; { unsigned int i, idx, partLen; const unsigned char *input = in; /* Compute number of bytes mod 64 */ idx = (unsigned int)((context->count[0] >> 3) & 0x3F); /* Update number of bits */ if ((context->count[0] += ((u_int32_t)inputLen << 3)) < ((u_int32_t)inputLen << 3)) context->count[1]++; context->count[1] += ((u_int32_t)inputLen >> 29); partLen = 64 - idx; /* Transform as many times as possible. */ if (inputLen >= partLen) { memcpy((void *)&context->buffer[idx], (const void *)input, partLen); MD5Transform (context->state, context->buffer); for (i = partLen; i + 63 < inputLen; i += 64) MD5Transform (context->state, &input[i]); idx = 0; } else i = 0; /* Buffer remaining input */ memcpy ((void *)&context->buffer[idx], (const void *)&input[i], inputLen-i); } /* * MD5 padding. Adds padding followed by original length. */ void MD5Pad (context) MD5_CTX *context; { unsigned char bits[8]; unsigned int idx, padLen; /* Save number of bits */ Encode (bits, context->count, 8); /* Pad out to 56 mod 64. */ idx = (unsigned int)((context->count[0] >> 3) & 0x3f); padLen = (idx < 56) ? (56 - idx) : (120 - idx); MD5Update (context, PADDING, padLen); /* Append length (before padding) */ MD5Update (context, bits, 8); } /* * MD5 finalization. Ends an MD5 message-digest operation, writing the * the message digest and zeroizing the context. */ void MD5Final (digest, context) unsigned char digest[16]; MD5_CTX *context; { /* Do padding. */ MD5Pad (context); /* Store state in digest */ Encode (digest, context->state, 16); /* Zeroize sensitive information. */ memset ((void *)context, 0, sizeof (*context)); } /* MD5 basic transformation. Transforms state based on block. */ static void MD5Transform (state, block) u_int32_t state[4]; const unsigned char block[64]; { u_int32_t a = state[0], b = state[1], c = state[2], d = state[3], x[16]; Decode (x, block, 64); /* Round 1 */ #define S11 7 #define S12 12 #define S13 17 #define S14 22 FF (a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */ FF (d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */ FF (c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */ FF (b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */ FF (a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */ FF (d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */ FF (c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */ FF (b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */ FF (a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */ FF (d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */ FF (c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */ FF (b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */ FF (a, b, c, d, x[12], S11, 0x6b901122); /* 13 */ FF (d, a, b, c, x[13], S12, 0xfd987193); /* 14 */ FF (c, d, a, b, x[14], S13, 0xa679438e); /* 15 */ FF (b, c, d, a, x[15], S14, 0x49b40821); /* 16 */ /* Round 2 */ #define S21 5 #define S22 9 #define S23 14 #define S24 20 GG (a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */ GG (d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */ GG (c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */ GG (b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */ GG (a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */ GG (d, a, b, c, x[10], S22, 0x2441453); /* 22 */ GG (c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */ GG (b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */ GG (a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */ GG (d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */ GG (c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */ GG (b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */ GG (a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */ GG (d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */ GG (c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */ GG (b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */ /* Round 3 */ #define S31 4 #define S32 11 #define S33 16 #define S34 23 HH (a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */ HH (d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */ HH (c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */ HH (b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */ HH (a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */ HH (d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */ HH (c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */ HH (b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */ HH (a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */ HH (d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */ HH (c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */ HH (b, c, d, a, x[ 6], S34, 0x4881d05); /* 44 */ HH (a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */ HH (d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */ HH (c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */ HH (b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */ /* Round 4 */ #define S41 6 #define S42 10 #define S43 15 #define S44 21 II (a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */ II (d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */ II (c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */ II (b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */ II (a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */ II (d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */ II (c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */ II (b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */ II (a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */ II (d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */ II (c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */ II (b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */ II (a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */ II (d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */ II (c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */ II (b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */ state[0] += a; state[1] += b; state[2] += c; state[3] += d; /* Zeroize sensitive information. */ memset ((void *)x, 0, sizeof (x)); } +#ifdef WEAK_REFS +/* When building libmd, provide weak references. Note: this is not + activated in the context of compiling these sources for internal + use in libcrypt. + */ #undef MD5Init __weak_reference(_libmd_MD5Init, MD5Init); #undef MD5Update __weak_reference(_libmd_MD5Update, MD5Update); #undef MD5Pad __weak_reference(_libmd_MD5Pad, MD5Pad); #undef MD5Final __weak_reference(_libmd_MD5Final, MD5Final); #undef MD5Transform __weak_reference(_libmd_MD5Transform, MD5Transform); +#endif Index: stable/10/lib/libmd/mdXhl.c =================================================================== --- stable/10/lib/libmd/mdXhl.c (revision 314183) +++ stable/10/lib/libmd/mdXhl.c (revision 314184) @@ -1,107 +1,113 @@ /* mdXhl.c * ---------------------------------------------------------------------------- * "THE BEER-WARE LICENSE" (Revision 42): * wrote this file. As long as you retain this notice you * can do whatever you want with this stuff. If we meet some day, and you think * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp * ---------------------------------------------------------------------------- */ #include __FBSDID("$FreeBSD$"); #include #include #include #include #include #include #include #include "mdX.h" char * MDXEnd(MDX_CTX *ctx, char *buf) { int i; unsigned char digest[LENGTH]; static const char hex[]="0123456789abcdef"; if (!buf) buf = malloc(2*LENGTH + 1); if (!buf) return 0; MDXFinal(digest, ctx); for (i = 0; i < LENGTH; i++) { buf[i+i] = hex[digest[i] >> 4]; buf[i+i+1] = hex[digest[i] & 0x0f]; } buf[i+i] = '\0'; return buf; } char * MDXFile(const char *filename, char *buf) { return (MDXFileChunk(filename, buf, 0, 0)); } char * MDXFileChunk(const char *filename, char *buf, off_t ofs, off_t len) { unsigned char buffer[BUFSIZ]; MDX_CTX ctx; struct stat stbuf; int f, i, e; off_t n; MDXInit(&ctx); f = open(filename, O_RDONLY); if (f < 0) return 0; if (fstat(f, &stbuf) < 0) return 0; if (ofs > stbuf.st_size) ofs = stbuf.st_size; if ((len == 0) || (len > stbuf.st_size - ofs)) len = stbuf.st_size - ofs; if (lseek(f, ofs, SEEK_SET) < 0) return 0; n = len; i = 0; while (n > 0) { if (n > sizeof(buffer)) i = read(f, buffer, sizeof(buffer)); else i = read(f, buffer, n); if (i <= 0) break; MDXUpdate(&ctx, buffer, i); n -= i; } e = errno; close(f); errno = e; if (i < 0) return 0; return (MDXEnd(&ctx, buf)); } char * MDXData (const void *data, unsigned int len, char *buf) { MDX_CTX ctx; MDXInit(&ctx); MDXUpdate(&ctx,data,len); return (MDXEnd(&ctx, buf)); } +#ifdef WEAK_REFS +/* When building libmd, provide weak references. Note: this is not + activated in the context of compiling these sources for internal + use in libcrypt. + */ #undef MDXEnd __weak_reference(_libmd_MDXEnd, MDXEnd); #undef MDXFile __weak_reference(_libmd_MDXFile, MDXFile); #undef MDXFileChunk __weak_reference(_libmd_MDXFileChunk, MDXFileChunk); #undef MDXData __weak_reference(_libmd_MDXData, MDXData); +#endif Index: stable/10/lib/libmd/rmd160c.c =================================================================== --- stable/10/lib/libmd/rmd160c.c (revision 314183) +++ stable/10/lib/libmd/rmd160c.c (revision 314184) @@ -1,560 +1,566 @@ /* crypto/ripemd/rmd_dgst.c */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). * The implementation was written so as to conform with Netscapes SSL. * * This library is free for commercial and non-commercial use as long as * the following conditions are aheared to. The following conditions * apply to all code found in this distribution, be it the RC4, RSA, * lhash, DES, etc., code; not just the SSL code. The SSL documentation * included with this distribution is covered by the same copyright terms * except that the holder is Tim Hudson (tjh@cryptsoft.com). * * Copyright remains Eric Young's, and as such any Copyright notices in * the code are not to be removed. * If this package is used in a product, Eric Young should be given attribution * as the author of the parts of the library used. * This can be in the form of a textual message at program startup or * in documentation (online or textual) provided with the package. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * "This product includes cryptographic software written by * Eric Young (eay@cryptsoft.com)" * The word 'cryptographic' can be left out if the rouines from the library * being used are not cryptographic related :-). * 4. If you include any Windows specific code (or a derivative thereof) from * the apps directory (application code) you must include an acknowledgement: * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" * * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence * [including the GNU Public Licence.] */ #include __FBSDID("$FreeBSD$"); #include #include #include #if 0 #include /* we use the __ variants of bit-sized types */ #endif #include #include "rmd_locl.h" /* * The assembly-language code is not position-independent, so don't * try to use it in a shared library. */ #ifdef PIC #undef RMD160_ASM #endif char *RMD160_version="RIPEMD160 part of SSLeay 0.9.0b 11-Oct-1998"; #ifdef RMD160_ASM void ripemd160_block_x86(RIPEMD160_CTX *c, const u_int32_t *p,int num); #define ripemd160_block ripemd160_block_x86 #else void ripemd160_block(RIPEMD160_CTX *c, const u_int32_t *p,int num); #endif void RIPEMD160_Init(c) RIPEMD160_CTX *c; { c->A=RIPEMD160_A; c->B=RIPEMD160_B; c->C=RIPEMD160_C; c->D=RIPEMD160_D; c->E=RIPEMD160_E; c->Nl=0; c->Nh=0; c->num=0; } void RIPEMD160_Update(c, in, len) RIPEMD160_CTX *c; const void *in; size_t len; { u_int32_t *p; int sw,sc; u_int32_t l; const unsigned char *data = in; if (len == 0) return; l=(c->Nl+(len<<3))&0xffffffffL; if (l < c->Nl) /* overflow */ c->Nh++; c->Nh+=(len>>29); c->Nl=l; if (c->num != 0) { p=c->data; sw=c->num>>2; sc=c->num&0x03; if ((c->num+len) >= RIPEMD160_CBLOCK) { l= p[sw]; p_c2l(data,l,sc); p[sw++]=l; for (; swnum); ripemd160_block(c,p,64); c->num=0; /* drop through and do the rest */ } else { int ew,ec; c->num+=(int)len; if ((sc+len) < 4) /* ugly, add char's to a word */ { l= p[sw]; p_c2l_p(data,l,sc,len); p[sw]=l; } else { ew=(c->num>>2); ec=(c->num&0x03); l= p[sw]; p_c2l(data,l,sc); p[sw++]=l; for (; sw < ew; sw++) { c2l(data,l); p[sw]=l; } if (ec) { c2l_p(data,l,ec); p[sw]=l; } } return; } } /* we now can process the input data in blocks of RIPEMD160_CBLOCK * chars and save the leftovers to c->data. */ #if BYTE_ORDER == LITTLE_ENDIAN if ((((unsigned long)data)%sizeof(u_int32_t)) == 0) { sw=(int)len/RIPEMD160_CBLOCK; if (sw > 0) { sw*=RIPEMD160_CBLOCK; ripemd160_block(c,(u_int32_t *)data,sw); data+=sw; len-=sw; } } #endif p=c->data; while (len >= RIPEMD160_CBLOCK) { #if BYTE_ORDER == LITTLE_ENDIAN || BYTE_ORDER == BIG_ENDIAN if (p != (u_int32_t *)data) memcpy(p,data,RIPEMD160_CBLOCK); data+=RIPEMD160_CBLOCK; #if BYTE_ORDER == BIG_ENDIAN for (sw=(RIPEMD160_LBLOCK/4); sw; sw--) { Endian_Reverse32(p[0]); Endian_Reverse32(p[1]); Endian_Reverse32(p[2]); Endian_Reverse32(p[3]); p+=4; } #endif #else for (sw=(RIPEMD160_LBLOCK/4); sw; sw--) { c2l(data,l); *(p++)=l; c2l(data,l); *(p++)=l; c2l(data,l); *(p++)=l; c2l(data,l); *(p++)=l; } #endif p=c->data; ripemd160_block(c,p,64); len-=RIPEMD160_CBLOCK; } sc=(int)len; c->num=sc; if (sc) { sw=sc>>2; /* words to copy */ #if BYTE_ORDER == LITTLE_ENDIAN p[sw]=0; memcpy(p,data,sc); #else sc&=0x03; for ( ; sw; sw--) { c2l(data,l); *(p++)=l; } c2l_p(data,l,sc); *p=l; #endif } } void RIPEMD160_Transform(c,b) RIPEMD160_CTX *c; unsigned char *b; { u_int32_t p[16]; #if BYTE_ORDER != LITTLE_ENDIAN u_int32_t *q; int i; #endif #if BYTE_ORDER == BIG_ENDIAN || BYTE_ORDER == LITTLE_ENDIAN memcpy(p,b,64); #if BYTE_ORDER == BIG_ENDIAN q=p; for (i=(RIPEMD160_LBLOCK/4); i; i--) { Endian_Reverse32(q[0]); Endian_Reverse32(q[1]); Endian_Reverse32(q[2]); Endian_Reverse32(q[3]); q+=4; } #endif #else q=p; for (i=(RIPEMD160_LBLOCK/4); i; i--) { u_int32_t l; c2l(b,l); *(q++)=l; c2l(b,l); *(q++)=l; c2l(b,l); *(q++)=l; c2l(b,l); *(q++)=l; } #endif ripemd160_block(c,p,64); } #ifndef RMD160_ASM void ripemd160_block(ctx, X, num) RIPEMD160_CTX *ctx; const u_int32_t *X; int num; { u_int32_t A,B,C,D,E; u_int32_t a,b,c,d,e; for (;;) { A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E; RIP1(A,B,C,D,E,WL00,SL00); RIP1(E,A,B,C,D,WL01,SL01); RIP1(D,E,A,B,C,WL02,SL02); RIP1(C,D,E,A,B,WL03,SL03); RIP1(B,C,D,E,A,WL04,SL04); RIP1(A,B,C,D,E,WL05,SL05); RIP1(E,A,B,C,D,WL06,SL06); RIP1(D,E,A,B,C,WL07,SL07); RIP1(C,D,E,A,B,WL08,SL08); RIP1(B,C,D,E,A,WL09,SL09); RIP1(A,B,C,D,E,WL10,SL10); RIP1(E,A,B,C,D,WL11,SL11); RIP1(D,E,A,B,C,WL12,SL12); RIP1(C,D,E,A,B,WL13,SL13); RIP1(B,C,D,E,A,WL14,SL14); RIP1(A,B,C,D,E,WL15,SL15); RIP2(E,A,B,C,D,WL16,SL16,KL1); RIP2(D,E,A,B,C,WL17,SL17,KL1); RIP2(C,D,E,A,B,WL18,SL18,KL1); RIP2(B,C,D,E,A,WL19,SL19,KL1); RIP2(A,B,C,D,E,WL20,SL20,KL1); RIP2(E,A,B,C,D,WL21,SL21,KL1); RIP2(D,E,A,B,C,WL22,SL22,KL1); RIP2(C,D,E,A,B,WL23,SL23,KL1); RIP2(B,C,D,E,A,WL24,SL24,KL1); RIP2(A,B,C,D,E,WL25,SL25,KL1); RIP2(E,A,B,C,D,WL26,SL26,KL1); RIP2(D,E,A,B,C,WL27,SL27,KL1); RIP2(C,D,E,A,B,WL28,SL28,KL1); RIP2(B,C,D,E,A,WL29,SL29,KL1); RIP2(A,B,C,D,E,WL30,SL30,KL1); RIP2(E,A,B,C,D,WL31,SL31,KL1); RIP3(D,E,A,B,C,WL32,SL32,KL2); RIP3(C,D,E,A,B,WL33,SL33,KL2); RIP3(B,C,D,E,A,WL34,SL34,KL2); RIP3(A,B,C,D,E,WL35,SL35,KL2); RIP3(E,A,B,C,D,WL36,SL36,KL2); RIP3(D,E,A,B,C,WL37,SL37,KL2); RIP3(C,D,E,A,B,WL38,SL38,KL2); RIP3(B,C,D,E,A,WL39,SL39,KL2); RIP3(A,B,C,D,E,WL40,SL40,KL2); RIP3(E,A,B,C,D,WL41,SL41,KL2); RIP3(D,E,A,B,C,WL42,SL42,KL2); RIP3(C,D,E,A,B,WL43,SL43,KL2); RIP3(B,C,D,E,A,WL44,SL44,KL2); RIP3(A,B,C,D,E,WL45,SL45,KL2); RIP3(E,A,B,C,D,WL46,SL46,KL2); RIP3(D,E,A,B,C,WL47,SL47,KL2); RIP4(C,D,E,A,B,WL48,SL48,KL3); RIP4(B,C,D,E,A,WL49,SL49,KL3); RIP4(A,B,C,D,E,WL50,SL50,KL3); RIP4(E,A,B,C,D,WL51,SL51,KL3); RIP4(D,E,A,B,C,WL52,SL52,KL3); RIP4(C,D,E,A,B,WL53,SL53,KL3); RIP4(B,C,D,E,A,WL54,SL54,KL3); RIP4(A,B,C,D,E,WL55,SL55,KL3); RIP4(E,A,B,C,D,WL56,SL56,KL3); RIP4(D,E,A,B,C,WL57,SL57,KL3); RIP4(C,D,E,A,B,WL58,SL58,KL3); RIP4(B,C,D,E,A,WL59,SL59,KL3); RIP4(A,B,C,D,E,WL60,SL60,KL3); RIP4(E,A,B,C,D,WL61,SL61,KL3); RIP4(D,E,A,B,C,WL62,SL62,KL3); RIP4(C,D,E,A,B,WL63,SL63,KL3); RIP5(B,C,D,E,A,WL64,SL64,KL4); RIP5(A,B,C,D,E,WL65,SL65,KL4); RIP5(E,A,B,C,D,WL66,SL66,KL4); RIP5(D,E,A,B,C,WL67,SL67,KL4); RIP5(C,D,E,A,B,WL68,SL68,KL4); RIP5(B,C,D,E,A,WL69,SL69,KL4); RIP5(A,B,C,D,E,WL70,SL70,KL4); RIP5(E,A,B,C,D,WL71,SL71,KL4); RIP5(D,E,A,B,C,WL72,SL72,KL4); RIP5(C,D,E,A,B,WL73,SL73,KL4); RIP5(B,C,D,E,A,WL74,SL74,KL4); RIP5(A,B,C,D,E,WL75,SL75,KL4); RIP5(E,A,B,C,D,WL76,SL76,KL4); RIP5(D,E,A,B,C,WL77,SL77,KL4); RIP5(C,D,E,A,B,WL78,SL78,KL4); RIP5(B,C,D,E,A,WL79,SL79,KL4); a=A; b=B; c=C; d=D; e=E; /* Do other half */ A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E; RIP5(A,B,C,D,E,WR00,SR00,KR0); RIP5(E,A,B,C,D,WR01,SR01,KR0); RIP5(D,E,A,B,C,WR02,SR02,KR0); RIP5(C,D,E,A,B,WR03,SR03,KR0); RIP5(B,C,D,E,A,WR04,SR04,KR0); RIP5(A,B,C,D,E,WR05,SR05,KR0); RIP5(E,A,B,C,D,WR06,SR06,KR0); RIP5(D,E,A,B,C,WR07,SR07,KR0); RIP5(C,D,E,A,B,WR08,SR08,KR0); RIP5(B,C,D,E,A,WR09,SR09,KR0); RIP5(A,B,C,D,E,WR10,SR10,KR0); RIP5(E,A,B,C,D,WR11,SR11,KR0); RIP5(D,E,A,B,C,WR12,SR12,KR0); RIP5(C,D,E,A,B,WR13,SR13,KR0); RIP5(B,C,D,E,A,WR14,SR14,KR0); RIP5(A,B,C,D,E,WR15,SR15,KR0); RIP4(E,A,B,C,D,WR16,SR16,KR1); RIP4(D,E,A,B,C,WR17,SR17,KR1); RIP4(C,D,E,A,B,WR18,SR18,KR1); RIP4(B,C,D,E,A,WR19,SR19,KR1); RIP4(A,B,C,D,E,WR20,SR20,KR1); RIP4(E,A,B,C,D,WR21,SR21,KR1); RIP4(D,E,A,B,C,WR22,SR22,KR1); RIP4(C,D,E,A,B,WR23,SR23,KR1); RIP4(B,C,D,E,A,WR24,SR24,KR1); RIP4(A,B,C,D,E,WR25,SR25,KR1); RIP4(E,A,B,C,D,WR26,SR26,KR1); RIP4(D,E,A,B,C,WR27,SR27,KR1); RIP4(C,D,E,A,B,WR28,SR28,KR1); RIP4(B,C,D,E,A,WR29,SR29,KR1); RIP4(A,B,C,D,E,WR30,SR30,KR1); RIP4(E,A,B,C,D,WR31,SR31,KR1); RIP3(D,E,A,B,C,WR32,SR32,KR2); RIP3(C,D,E,A,B,WR33,SR33,KR2); RIP3(B,C,D,E,A,WR34,SR34,KR2); RIP3(A,B,C,D,E,WR35,SR35,KR2); RIP3(E,A,B,C,D,WR36,SR36,KR2); RIP3(D,E,A,B,C,WR37,SR37,KR2); RIP3(C,D,E,A,B,WR38,SR38,KR2); RIP3(B,C,D,E,A,WR39,SR39,KR2); RIP3(A,B,C,D,E,WR40,SR40,KR2); RIP3(E,A,B,C,D,WR41,SR41,KR2); RIP3(D,E,A,B,C,WR42,SR42,KR2); RIP3(C,D,E,A,B,WR43,SR43,KR2); RIP3(B,C,D,E,A,WR44,SR44,KR2); RIP3(A,B,C,D,E,WR45,SR45,KR2); RIP3(E,A,B,C,D,WR46,SR46,KR2); RIP3(D,E,A,B,C,WR47,SR47,KR2); RIP2(C,D,E,A,B,WR48,SR48,KR3); RIP2(B,C,D,E,A,WR49,SR49,KR3); RIP2(A,B,C,D,E,WR50,SR50,KR3); RIP2(E,A,B,C,D,WR51,SR51,KR3); RIP2(D,E,A,B,C,WR52,SR52,KR3); RIP2(C,D,E,A,B,WR53,SR53,KR3); RIP2(B,C,D,E,A,WR54,SR54,KR3); RIP2(A,B,C,D,E,WR55,SR55,KR3); RIP2(E,A,B,C,D,WR56,SR56,KR3); RIP2(D,E,A,B,C,WR57,SR57,KR3); RIP2(C,D,E,A,B,WR58,SR58,KR3); RIP2(B,C,D,E,A,WR59,SR59,KR3); RIP2(A,B,C,D,E,WR60,SR60,KR3); RIP2(E,A,B,C,D,WR61,SR61,KR3); RIP2(D,E,A,B,C,WR62,SR62,KR3); RIP2(C,D,E,A,B,WR63,SR63,KR3); RIP1(B,C,D,E,A,WR64,SR64); RIP1(A,B,C,D,E,WR65,SR65); RIP1(E,A,B,C,D,WR66,SR66); RIP1(D,E,A,B,C,WR67,SR67); RIP1(C,D,E,A,B,WR68,SR68); RIP1(B,C,D,E,A,WR69,SR69); RIP1(A,B,C,D,E,WR70,SR70); RIP1(E,A,B,C,D,WR71,SR71); RIP1(D,E,A,B,C,WR72,SR72); RIP1(C,D,E,A,B,WR73,SR73); RIP1(B,C,D,E,A,WR74,SR74); RIP1(A,B,C,D,E,WR75,SR75); RIP1(E,A,B,C,D,WR76,SR76); RIP1(D,E,A,B,C,WR77,SR77); RIP1(C,D,E,A,B,WR78,SR78); RIP1(B,C,D,E,A,WR79,SR79); D =ctx->B+c+D; ctx->B=ctx->C+d+E; ctx->C=ctx->D+e+A; ctx->D=ctx->E+a+B; ctx->E=ctx->A+b+C; ctx->A=D; X+=16; num-=64; if (num <= 0) break; } } #endif void RIPEMD160_Final(md, c) unsigned char *md; RIPEMD160_CTX *c; { int i,j; u_int32_t l; u_int32_t *p; static unsigned char end[4]={0x80,0x00,0x00,0x00}; unsigned char *cp=end; /* c->num should definitly have room for at least one more byte. */ p=c->data; j=c->num; i=j>>2; /* purify often complains about the following line as an * Uninitialized Memory Read. While this can be true, the * following p_c2l macro will reset l when that case is true. * This is because j&0x03 contains the number of 'valid' bytes * already in p[i]. If and only if j&0x03 == 0, the UMR will * occur but this is also the only time p_c2l will do * l= *(cp++) instead of l|= *(cp++) * Many thanks to Alex Tang for pickup this * 'potential bug' */ #ifdef PURIFY if ((j&0x03) == 0) p[i]=0; #endif l=p[i]; p_c2l(cp,l,j&0x03); p[i]=l; i++; /* i is the next 'undefined word' */ if (c->num >= RIPEMD160_LAST_BLOCK) { for (; iNl; p[RIPEMD160_LBLOCK-1]=c->Nh; ripemd160_block(c,p,64); cp=md; l=c->A; l2c(l,cp); l=c->B; l2c(l,cp); l=c->C; l2c(l,cp); l=c->D; l2c(l,cp); l=c->E; l2c(l,cp); /* clear stuff, ripemd160_block may be leaving some stuff on the stack * but I'm not worried :-) */ c->num=0; /* memset((char *)&c,0,sizeof(c));*/ } #ifdef undef int printit(l) unsigned long *l; { int i,ii; for (i=0; i<2; i++) { for (ii=0; ii<8; ii++) { fprintf(stderr,"%08lx ",l[i*8+ii]); } fprintf(stderr,"\n"); } } #endif +#ifdef WEAK_REFS +/* When building libmd, provide weak references. Note: this is not + activated in the context of compiling these sources for internal + use in libcrypt. + */ #undef RIPEMD160_Init __weak_reference(_libmd_RIPEMD160_Init, RIPEMD160_Init); #undef RIPEMD160_Update __weak_reference(_libmd_RIPEMD160_Update, RIPEMD160_Update); #undef RIPEMD160_Final __weak_reference(_libmd_RIPEMD160_Final, RIPEMD160_Final); #undef RIPEMD160_Transform __weak_reference(_libmd_RIPEMD160_Transform, RIPEMD160_Transform); #undef RMD160_version __weak_reference(_libmd_RMD160_version, RMD160_version); #undef ripemd160_block __weak_reference(_libmd_ripemd160_block, ripemd160_block); +#endif Index: stable/10/lib/libmd/sha1c.c =================================================================== --- stable/10/lib/libmd/sha1c.c (revision 314183) +++ stable/10/lib/libmd/sha1c.c (revision 314184) @@ -1,515 +1,520 @@ /* crypto/sha/sha1dgst.c */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). * The implementation was written so as to conform with Netscapes SSL. * * This library is free for commercial and non-commercial use as long as * the following conditions are aheared to. The following conditions * apply to all code found in this distribution, be it the RC4, RSA, * lhash, DES, etc., code; not just the SSL code. The SSL documentation * included with this distribution is covered by the same copyright terms * except that the holder is Tim Hudson (tjh@cryptsoft.com). * * Copyright remains Eric Young's, and as such any Copyright notices in * the code are not to be removed. * If this package is used in a product, Eric Young should be given attribution * as the author of the parts of the library used. * This can be in the form of a textual message at program startup or * in documentation (online or textual) provided with the package. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * "This product includes cryptographic software written by * Eric Young (eay@cryptsoft.com)" * The word 'cryptographic' can be left out if the rouines from the library * being used are not cryptographic related :-). * 4. If you include any Windows specific code (or a derivative thereof) from * the apps directory (application code) you must include an acknowledgement: * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" * * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence * [including the GNU Public Licence.] */ #include __FBSDID("$FreeBSD$"); #include #include #include #if 0 #include /* we use the __ variants of bit-sized types */ #endif #include #undef SHA_0 #define SHA_1 #include "sha.h" #include "sha_locl.h" /* * The assembly-language code is not position-independent, so don't * try to use it in a shared library. */ #ifdef PIC #undef SHA1_ASM #endif char *SHA1_version="SHA1 part of SSLeay 0.9.0b 11-Oct-1998"; /* Implemented from SHA-1 document - The Secure Hash Algorithm */ #define INIT_DATA_h0 (unsigned long)0x67452301L #define INIT_DATA_h1 (unsigned long)0xefcdab89L #define INIT_DATA_h2 (unsigned long)0x98badcfeL #define INIT_DATA_h3 (unsigned long)0x10325476L #define INIT_DATA_h4 (unsigned long)0xc3d2e1f0L #define K_00_19 0x5a827999L #define K_20_39 0x6ed9eba1L #define K_40_59 0x8f1bbcdcL #define K_60_79 0xca62c1d6L #ifndef NOPROTO # ifdef SHA1_ASM void sha1_block_x86(SHA_CTX *c, const u_int32_t *p, int num); # define sha1_block sha1_block_x86 # else void sha1_block(SHA_CTX *c, const u_int32_t *p, int num); # endif #else # ifdef SHA1_ASM void sha1_block_x86(); # define sha1_block sha1_block_x86 # else void sha1_block(); # endif #endif #if BYTE_ORDER == LITTLE_ENDIAN && defined(SHA1_ASM) # define M_c2nl c2l # define M_p_c2nl p_c2l # define M_c2nl_p c2l_p # define M_p_c2nl_p p_c2l_p # define M_nl2c l2c #else # define M_c2nl c2nl # define M_p_c2nl p_c2nl # define M_c2nl_p c2nl_p # define M_p_c2nl_p p_c2nl_p # define M_nl2c nl2c #endif void SHA1_Init(c) SHA_CTX *c; { c->h0=INIT_DATA_h0; c->h1=INIT_DATA_h1; c->h2=INIT_DATA_h2; c->h3=INIT_DATA_h3; c->h4=INIT_DATA_h4; c->Nl=0; c->Nh=0; c->num=0; } void SHA1_Update(c, in, len) SHA_CTX *c; const void *in; size_t len; { u_int32_t *p; int ew,ec,sw,sc; u_int32_t l; const unsigned char *data = in; if (len == 0) return; l=(c->Nl+(len<<3))&0xffffffffL; if (l < c->Nl) /* overflow */ c->Nh++; c->Nh+=(len>>29); c->Nl=l; if (c->num != 0) { p=c->data; sw=c->num>>2; sc=c->num&0x03; if ((c->num+len) >= SHA_CBLOCK) { l= p[sw]; M_p_c2nl(data,l,sc); p[sw++]=l; for (; swnum); sha1_block(c,p,64); c->num=0; /* drop through and do the rest */ } else { c->num+=(int)len; if ((sc+len) < 4) /* ugly, add char's to a word */ { l= p[sw]; M_p_c2nl_p(data,l,sc,len); p[sw]=l; } else { ew=(c->num>>2); ec=(c->num&0x03); l= p[sw]; M_p_c2nl(data,l,sc); p[sw++]=l; for (; sw < ew; sw++) { M_c2nl(data,l); p[sw]=l; } if (ec) { M_c2nl_p(data,l,ec); p[sw]=l; } } return; } } /* We can only do the following code for assember, the reason * being that the sha1_block 'C' version changes the values * in the 'data' array. The assember code avoids this and * copies it to a local array. I should be able to do this for * the C version as well.... */ #if 1 #if BYTE_ORDER == BIG_ENDIAN || defined(SHA1_ASM) if ((((unsigned int)data)%sizeof(u_int32_t)) == 0) { sw=len/SHA_CBLOCK; if (sw) { sw*=SHA_CBLOCK; sha1_block(c,(u_int32_t *)data,sw); data+=sw; len-=sw; } } #endif #endif /* we now can process the input data in blocks of SHA_CBLOCK * chars and save the leftovers to c->data. */ p=c->data; while (len >= SHA_CBLOCK) { #if BYTE_ORDER == BIG_ENDIAN || BYTE_ORDER == LITTLE_ENDIAN if (p != (u_int32_t *)data) memcpy(p,data,SHA_CBLOCK); data+=SHA_CBLOCK; # if BYTE_ORDER == LITTLE_ENDIAN # ifndef SHA1_ASM /* Will not happen */ for (sw=(SHA_LBLOCK/4); sw; sw--) { Endian_Reverse32(p[0]); Endian_Reverse32(p[1]); Endian_Reverse32(p[2]); Endian_Reverse32(p[3]); p+=4; } p=c->data; # endif # endif #else for (sw=(SHA_BLOCK/4); sw; sw--) { M_c2nl(data,l); *(p++)=l; M_c2nl(data,l); *(p++)=l; M_c2nl(data,l); *(p++)=l; M_c2nl(data,l); *(p++)=l; } p=c->data; #endif sha1_block(c,p,64); len-=SHA_CBLOCK; } ec=(int)len; c->num=ec; ew=(ec>>2); ec&=0x03; for (sw=0; sw < ew; sw++) { M_c2nl(data,l); p[sw]=l; } M_c2nl_p(data,l,ec); p[sw]=l; } void SHA1_Transform(c,b) SHA_CTX *c; unsigned char *b; { u_int32_t p[16]; #if BYTE_ORDER != BIG_ENDIAN u_int32_t *q; int i; #endif #if BYTE_ORDER == BIG_ENDIAN || BYTE_ORDER == LITTLE_ENDIAN memcpy(p,b,64); #if BYTE_ORDER == LITTLE_ENDIAN q=p; for (i=(SHA_LBLOCK/4); i; i--) { Endian_Reverse32(q[0]); Endian_Reverse32(q[1]); Endian_Reverse32(q[2]); Endian_Reverse32(q[3]); q+=4; } #endif #else q=p; for (i=(SHA_LBLOCK/4); i; i--) { u_int32_t l; c2nl(b,l); *(q++)=l; c2nl(b,l); *(q++)=l; c2nl(b,l); *(q++)=l; c2nl(b,l); *(q++)=l; } #endif sha1_block(c,p,64); } #ifndef SHA1_ASM void sha1_block(c, W, num) SHA_CTX *c; const u_int32_t *W; int num; { u_int32_t A,B,C,D,E,T; u_int32_t X[16]; A=c->h0; B=c->h1; C=c->h2; D=c->h3; E=c->h4; for (;;) { BODY_00_15( 0,A,B,C,D,E,T,W); BODY_00_15( 1,T,A,B,C,D,E,W); BODY_00_15( 2,E,T,A,B,C,D,W); BODY_00_15( 3,D,E,T,A,B,C,W); BODY_00_15( 4,C,D,E,T,A,B,W); BODY_00_15( 5,B,C,D,E,T,A,W); BODY_00_15( 6,A,B,C,D,E,T,W); BODY_00_15( 7,T,A,B,C,D,E,W); BODY_00_15( 8,E,T,A,B,C,D,W); BODY_00_15( 9,D,E,T,A,B,C,W); BODY_00_15(10,C,D,E,T,A,B,W); BODY_00_15(11,B,C,D,E,T,A,W); BODY_00_15(12,A,B,C,D,E,T,W); BODY_00_15(13,T,A,B,C,D,E,W); BODY_00_15(14,E,T,A,B,C,D,W); BODY_00_15(15,D,E,T,A,B,C,W); BODY_16_19(16,C,D,E,T,A,B,W,W,W,W); BODY_16_19(17,B,C,D,E,T,A,W,W,W,W); BODY_16_19(18,A,B,C,D,E,T,W,W,W,W); BODY_16_19(19,T,A,B,C,D,E,W,W,W,X); BODY_20_31(20,E,T,A,B,C,D,W,W,W,X); BODY_20_31(21,D,E,T,A,B,C,W,W,W,X); BODY_20_31(22,C,D,E,T,A,B,W,W,W,X); BODY_20_31(23,B,C,D,E,T,A,W,W,W,X); BODY_20_31(24,A,B,C,D,E,T,W,W,X,X); BODY_20_31(25,T,A,B,C,D,E,W,W,X,X); BODY_20_31(26,E,T,A,B,C,D,W,W,X,X); BODY_20_31(27,D,E,T,A,B,C,W,W,X,X); BODY_20_31(28,C,D,E,T,A,B,W,W,X,X); BODY_20_31(29,B,C,D,E,T,A,W,W,X,X); BODY_20_31(30,A,B,C,D,E,T,W,X,X,X); BODY_20_31(31,T,A,B,C,D,E,W,X,X,X); BODY_32_39(32,E,T,A,B,C,D,X); BODY_32_39(33,D,E,T,A,B,C,X); BODY_32_39(34,C,D,E,T,A,B,X); BODY_32_39(35,B,C,D,E,T,A,X); BODY_32_39(36,A,B,C,D,E,T,X); BODY_32_39(37,T,A,B,C,D,E,X); BODY_32_39(38,E,T,A,B,C,D,X); BODY_32_39(39,D,E,T,A,B,C,X); BODY_40_59(40,C,D,E,T,A,B,X); BODY_40_59(41,B,C,D,E,T,A,X); BODY_40_59(42,A,B,C,D,E,T,X); BODY_40_59(43,T,A,B,C,D,E,X); BODY_40_59(44,E,T,A,B,C,D,X); BODY_40_59(45,D,E,T,A,B,C,X); BODY_40_59(46,C,D,E,T,A,B,X); BODY_40_59(47,B,C,D,E,T,A,X); BODY_40_59(48,A,B,C,D,E,T,X); BODY_40_59(49,T,A,B,C,D,E,X); BODY_40_59(50,E,T,A,B,C,D,X); BODY_40_59(51,D,E,T,A,B,C,X); BODY_40_59(52,C,D,E,T,A,B,X); BODY_40_59(53,B,C,D,E,T,A,X); BODY_40_59(54,A,B,C,D,E,T,X); BODY_40_59(55,T,A,B,C,D,E,X); BODY_40_59(56,E,T,A,B,C,D,X); BODY_40_59(57,D,E,T,A,B,C,X); BODY_40_59(58,C,D,E,T,A,B,X); BODY_40_59(59,B,C,D,E,T,A,X); BODY_60_79(60,A,B,C,D,E,T,X); BODY_60_79(61,T,A,B,C,D,E,X); BODY_60_79(62,E,T,A,B,C,D,X); BODY_60_79(63,D,E,T,A,B,C,X); BODY_60_79(64,C,D,E,T,A,B,X); BODY_60_79(65,B,C,D,E,T,A,X); BODY_60_79(66,A,B,C,D,E,T,X); BODY_60_79(67,T,A,B,C,D,E,X); BODY_60_79(68,E,T,A,B,C,D,X); BODY_60_79(69,D,E,T,A,B,C,X); BODY_60_79(70,C,D,E,T,A,B,X); BODY_60_79(71,B,C,D,E,T,A,X); BODY_60_79(72,A,B,C,D,E,T,X); BODY_60_79(73,T,A,B,C,D,E,X); BODY_60_79(74,E,T,A,B,C,D,X); BODY_60_79(75,D,E,T,A,B,C,X); BODY_60_79(76,C,D,E,T,A,B,X); BODY_60_79(77,B,C,D,E,T,A,X); BODY_60_79(78,A,B,C,D,E,T,X); BODY_60_79(79,T,A,B,C,D,E,X); c->h0=(c->h0+E)&0xffffffffL; c->h1=(c->h1+T)&0xffffffffL; c->h2=(c->h2+A)&0xffffffffL; c->h3=(c->h3+B)&0xffffffffL; c->h4=(c->h4+C)&0xffffffffL; num-=64; if (num <= 0) break; A=c->h0; B=c->h1; C=c->h2; D=c->h3; E=c->h4; W+=16; } } #endif void SHA1_Final(md, c) unsigned char *md; SHA_CTX *c; { int i,j; u_int32_t l; u_int32_t *p; static unsigned char end[4]={0x80,0x00,0x00,0x00}; unsigned char *cp=end; /* c->num should definitly have room for at least one more byte. */ p=c->data; j=c->num; i=j>>2; #ifdef PURIFY if ((j&0x03) == 0) p[i]=0; #endif l=p[i]; M_p_c2nl(cp,l,j&0x03); p[i]=l; i++; /* i is the next 'undefined word' */ if (c->num >= SHA_LAST_BLOCK) { for (; iNh; p[SHA_LBLOCK-1]=c->Nl; #if BYTE_ORDER == LITTLE_ENDIAN && defined(SHA1_ASM) Endian_Reverse32(p[SHA_LBLOCK-2]); Endian_Reverse32(p[SHA_LBLOCK-1]); #endif sha1_block(c,p,64); cp=md; l=c->h0; nl2c(l,cp); l=c->h1; nl2c(l,cp); l=c->h2; nl2c(l,cp); l=c->h3; nl2c(l,cp); l=c->h4; nl2c(l,cp); /* clear stuff, sha1_block may be leaving some stuff on the stack * but I'm not worried :-) */ c->num=0; /* memset((char *)&c,0,sizeof(c));*/ } - +#ifdef WEAK_REFS +/* When building libmd, provide weak references. Note: this is not + activated in the context of compiling these sources for internal + use in libcrypt. + */ #undef SHA_Init __weak_reference(_libmd_SHA_Init, SHA_Init); #undef SHA_Update __weak_reference(_libmd_SHA_Update, SHA_Update); #undef SHA_Final __weak_reference(_libmd_SHA_Final, SHA_Final); #undef SHA_Transform __weak_reference(_libmd_SHA_Transform, SHA_Transform); #undef SHA_version __weak_reference(_libmd_SHA_version, SHA_version); #undef sha_block __weak_reference(_libmd_sha_block, sha_block); #undef SHA1_Init __weak_reference(_libmd_SHA1_Init, SHA1_Init); #undef SHA1_Update __weak_reference(_libmd_SHA1_Update, SHA1_Update); #undef SHA1_Final __weak_reference(_libmd_SHA1_Final, SHA1_Final); #undef SHA1_Transform __weak_reference(_libmd_SHA1_Transform, SHA1_Transform); #undef SHA1_version __weak_reference(_libmd_SHA1_version, SHA1_version); #undef sha1_block __weak_reference(_libmd_sha1_block, sha1_block); +#endif Index: stable/10/lib/libmd/sha512c.c =================================================================== --- stable/10/lib/libmd/sha512c.c (revision 314183) +++ stable/10/lib/libmd/sha512c.c (revision 314184) @@ -1,331 +1,335 @@ /*- * Copyright 2005 Colin Percival * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include __FBSDID("$FreeBSD$"); #include #include #include #include "sha512.h" #if BYTE_ORDER == BIG_ENDIAN /* Copy a vector of big-endian uint64_t into a vector of bytes */ #define be64enc_vect(dst, src, len) \ memcpy((void *)dst, (const void *)src, (size_t)len) /* Copy a vector of bytes into a vector of big-endian uint64_t */ #define be64dec_vect(dst, src, len) \ memcpy((void *)dst, (const void *)src, (size_t)len) #else /* BYTE_ORDER != BIG_ENDIAN */ /* * Encode a length len/4 vector of (uint64_t) into a length len vector of * (unsigned char) in big-endian form. Assumes len is a multiple of 8. */ static void be64enc_vect(unsigned char *dst, const uint64_t *src, size_t len) { size_t i; for (i = 0; i < len / 8; i++) be64enc(dst + i * 8, src[i]); } /* * Decode a big-endian length len vector of (unsigned char) into a length * len/4 vector of (uint64_t). Assumes len is a multiple of 8. */ static void be64dec_vect(uint64_t *dst, const unsigned char *src, size_t len) { size_t i; for (i = 0; i < len / 8; i++) dst[i] = be64dec(src + i * 8); } #endif /* BYTE_ORDER != BIG_ENDIAN */ /* Elementary functions used by SHA512 */ #define Ch(x, y, z) ((x & (y ^ z)) ^ z) #define Maj(x, y, z) ((x & (y | z)) | (y & z)) #define SHR(x, n) (x >> n) #define ROTR(x, n) ((x >> n) | (x << (64 - n))) #define S0(x) (ROTR(x, 28) ^ ROTR(x, 34) ^ ROTR(x, 39)) #define S1(x) (ROTR(x, 14) ^ ROTR(x, 18) ^ ROTR(x, 41)) #define s0(x) (ROTR(x, 1) ^ ROTR(x, 8) ^ SHR(x, 7)) #define s1(x) (ROTR(x, 19) ^ ROTR(x, 61) ^ SHR(x, 6)) /* SHA512 round function */ #define RND(a, b, c, d, e, f, g, h, k) \ t0 = h + S1(e) + Ch(e, f, g) + k; \ t1 = S0(a) + Maj(a, b, c); \ d += t0; \ h = t0 + t1; /* Adjusted round function for rotating state */ #define RNDr(S, W, i, k) \ RND(S[(80 - i) % 8], S[(81 - i) % 8], \ S[(82 - i) % 8], S[(83 - i) % 8], \ S[(84 - i) % 8], S[(85 - i) % 8], \ S[(86 - i) % 8], S[(87 - i) % 8], \ W[i] + k) /* * SHA512 block compression function. The 512-bit state is transformed via * the 512-bit input block to produce a new state. */ static void SHA512_Transform(uint64_t * state, const unsigned char block[128]) { uint64_t W[80]; uint64_t S[8]; uint64_t t0, t1; int i; /* 1. Prepare message schedule W. */ be64dec_vect(W, block, 128); for (i = 16; i < 80; i++) W[i] = s1(W[i - 2]) + W[i - 7] + s0(W[i - 15]) + W[i - 16]; /* 2. Initialize working variables. */ memcpy(S, state, 64); /* 3. Mix. */ RNDr(S, W, 0, 0x428a2f98d728ae22ULL); RNDr(S, W, 1, 0x7137449123ef65cdULL); RNDr(S, W, 2, 0xb5c0fbcfec4d3b2fULL); RNDr(S, W, 3, 0xe9b5dba58189dbbcULL); RNDr(S, W, 4, 0x3956c25bf348b538ULL); RNDr(S, W, 5, 0x59f111f1b605d019ULL); RNDr(S, W, 6, 0x923f82a4af194f9bULL); RNDr(S, W, 7, 0xab1c5ed5da6d8118ULL); RNDr(S, W, 8, 0xd807aa98a3030242ULL); RNDr(S, W, 9, 0x12835b0145706fbeULL); RNDr(S, W, 10, 0x243185be4ee4b28cULL); RNDr(S, W, 11, 0x550c7dc3d5ffb4e2ULL); RNDr(S, W, 12, 0x72be5d74f27b896fULL); RNDr(S, W, 13, 0x80deb1fe3b1696b1ULL); RNDr(S, W, 14, 0x9bdc06a725c71235ULL); RNDr(S, W, 15, 0xc19bf174cf692694ULL); RNDr(S, W, 16, 0xe49b69c19ef14ad2ULL); RNDr(S, W, 17, 0xefbe4786384f25e3ULL); RNDr(S, W, 18, 0x0fc19dc68b8cd5b5ULL); RNDr(S, W, 19, 0x240ca1cc77ac9c65ULL); RNDr(S, W, 20, 0x2de92c6f592b0275ULL); RNDr(S, W, 21, 0x4a7484aa6ea6e483ULL); RNDr(S, W, 22, 0x5cb0a9dcbd41fbd4ULL); RNDr(S, W, 23, 0x76f988da831153b5ULL); RNDr(S, W, 24, 0x983e5152ee66dfabULL); RNDr(S, W, 25, 0xa831c66d2db43210ULL); RNDr(S, W, 26, 0xb00327c898fb213fULL); RNDr(S, W, 27, 0xbf597fc7beef0ee4ULL); RNDr(S, W, 28, 0xc6e00bf33da88fc2ULL); RNDr(S, W, 29, 0xd5a79147930aa725ULL); RNDr(S, W, 30, 0x06ca6351e003826fULL); RNDr(S, W, 31, 0x142929670a0e6e70ULL); RNDr(S, W, 32, 0x27b70a8546d22ffcULL); RNDr(S, W, 33, 0x2e1b21385c26c926ULL); RNDr(S, W, 34, 0x4d2c6dfc5ac42aedULL); RNDr(S, W, 35, 0x53380d139d95b3dfULL); RNDr(S, W, 36, 0x650a73548baf63deULL); RNDr(S, W, 37, 0x766a0abb3c77b2a8ULL); RNDr(S, W, 38, 0x81c2c92e47edaee6ULL); RNDr(S, W, 39, 0x92722c851482353bULL); RNDr(S, W, 40, 0xa2bfe8a14cf10364ULL); RNDr(S, W, 41, 0xa81a664bbc423001ULL); RNDr(S, W, 42, 0xc24b8b70d0f89791ULL); RNDr(S, W, 43, 0xc76c51a30654be30ULL); RNDr(S, W, 44, 0xd192e819d6ef5218ULL); RNDr(S, W, 45, 0xd69906245565a910ULL); RNDr(S, W, 46, 0xf40e35855771202aULL); RNDr(S, W, 47, 0x106aa07032bbd1b8ULL); RNDr(S, W, 48, 0x19a4c116b8d2d0c8ULL); RNDr(S, W, 49, 0x1e376c085141ab53ULL); RNDr(S, W, 50, 0x2748774cdf8eeb99ULL); RNDr(S, W, 51, 0x34b0bcb5e19b48a8ULL); RNDr(S, W, 52, 0x391c0cb3c5c95a63ULL); RNDr(S, W, 53, 0x4ed8aa4ae3418acbULL); RNDr(S, W, 54, 0x5b9cca4f7763e373ULL); RNDr(S, W, 55, 0x682e6ff3d6b2b8a3ULL); RNDr(S, W, 56, 0x748f82ee5defb2fcULL); RNDr(S, W, 57, 0x78a5636f43172f60ULL); RNDr(S, W, 58, 0x84c87814a1f0ab72ULL); RNDr(S, W, 59, 0x8cc702081a6439ecULL); RNDr(S, W, 60, 0x90befffa23631e28ULL); RNDr(S, W, 61, 0xa4506cebde82bde9ULL); RNDr(S, W, 62, 0xbef9a3f7b2c67915ULL); RNDr(S, W, 63, 0xc67178f2e372532bULL); RNDr(S, W, 64, 0xca273eceea26619cULL); RNDr(S, W, 65, 0xd186b8c721c0c207ULL); RNDr(S, W, 66, 0xeada7dd6cde0eb1eULL); RNDr(S, W, 67, 0xf57d4f7fee6ed178ULL); RNDr(S, W, 68, 0x06f067aa72176fbaULL); RNDr(S, W, 69, 0x0a637dc5a2c898a6ULL); RNDr(S, W, 70, 0x113f9804bef90daeULL); RNDr(S, W, 71, 0x1b710b35131c471bULL); RNDr(S, W, 72, 0x28db77f523047d84ULL); RNDr(S, W, 73, 0x32caab7b40c72493ULL); RNDr(S, W, 74, 0x3c9ebe0a15c9bebcULL); RNDr(S, W, 75, 0x431d67c49c100d4cULL); RNDr(S, W, 76, 0x4cc5d4becb3e42b6ULL); RNDr(S, W, 77, 0x597f299cfc657e2aULL); RNDr(S, W, 78, 0x5fcb6fab3ad6faecULL); RNDr(S, W, 79, 0x6c44198c4a475817ULL); /* 4. Mix local working variables into global state */ for (i = 0; i < 8; i++) state[i] += S[i]; } static unsigned char PAD[128] = { 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }; /* Add padding and terminating bit-count. */ static void SHA512_Pad(SHA512_CTX * ctx) { unsigned char len[16]; uint64_t r, plen; /* * Convert length to a vector of bytes -- we do this now rather * than later because the length will change after we pad. */ be64enc_vect(len, ctx->count, 16); /* Add 1--128 bytes so that the resulting length is 112 mod 128 */ r = (ctx->count[1] >> 3) & 0x7f; plen = (r < 112) ? (112 - r) : (240 - r); SHA512_Update(ctx, PAD, (size_t)plen); /* Add the terminating bit-count */ SHA512_Update(ctx, len, 16); } /* SHA-512 initialization. Begins a SHA-512 operation. */ void SHA512_Init(SHA512_CTX * ctx) { /* Zero bits processed so far */ ctx->count[0] = ctx->count[1] = 0; /* Magic initialization constants */ ctx->state[0] = 0x6a09e667f3bcc908ULL; ctx->state[1] = 0xbb67ae8584caa73bULL; ctx->state[2] = 0x3c6ef372fe94f82bULL; ctx->state[3] = 0xa54ff53a5f1d36f1ULL; ctx->state[4] = 0x510e527fade682d1ULL; ctx->state[5] = 0x9b05688c2b3e6c1fULL; ctx->state[6] = 0x1f83d9abfb41bd6bULL; ctx->state[7] = 0x5be0cd19137e2179ULL; } /* Add bytes into the hash */ void SHA512_Update(SHA512_CTX * ctx, const void *in, size_t len) { uint64_t bitlen[2]; uint64_t r; const unsigned char *src = in; /* Number of bytes left in the buffer from previous updates */ r = (ctx->count[1] >> 3) & 0x7f; /* Convert the length into a number of bits */ bitlen[1] = ((uint64_t)len) << 3; bitlen[0] = ((uint64_t)len) >> 61; /* Update number of bits */ if ((ctx->count[1] += bitlen[1]) < bitlen[1]) ctx->count[0]++; ctx->count[0] += bitlen[0]; /* Handle the case where we don't need to perform any transforms */ if (len < 128 - r) { memcpy(&ctx->buf[r], src, len); return; } /* Finish the current block */ memcpy(&ctx->buf[r], src, 128 - r); SHA512_Transform(ctx->state, ctx->buf); src += 128 - r; len -= 128 - r; /* Perform complete blocks */ while (len >= 128) { SHA512_Transform(ctx->state, src); src += 128; len -= 128; } /* Copy left over data into buffer */ memcpy(ctx->buf, src, len); } /* * SHA-512 finalization. Pads the input data, exports the hash value, * and clears the context state. */ void SHA512_Final(unsigned char digest[64], SHA512_CTX * ctx) { /* Add padding */ SHA512_Pad(ctx); /* Write the hash */ be64enc_vect(digest, ctx->state, 64); /* Clear the context state */ memset((void *)ctx, 0, sizeof(*ctx)); } +#ifdef WEAK_REFS +/* When building libmd, provide weak references. Note: this is not + activated in the context of compiling these sources for internal + use in libcrypt. + */ #undef SHA512_Init __weak_reference(_libmd_SHA512_Init, SHA512_Init); #undef SHA512_Update __weak_reference(_libmd_SHA512_Update, SHA512_Update); #undef SHA512_Final __weak_reference(_libmd_SHA512_Final, SHA512_Final); #undef SHA512_Transform __weak_reference(_libmd_SHA512_Transform, SHA512_Transform); -#undef SHA512_version -__weak_reference(_libmd_SHA512_version, SHA512_version); +#endif Index: stable/10 =================================================================== --- stable/10 (revision 314183) +++ stable/10 (revision 314184) Property changes on: stable/10 ___________________________________________________________________ Modified: svn:mergeinfo ## -0,0 +0,1 ## Merged /head:r282774