aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAllan Jude <allanjude@FreeBSD.org>2016-05-28 16:06:07 +0000
committerAllan Jude <allanjude@FreeBSD.org>2016-05-28 16:06:07 +0000
commit1780e407158ada85e454b24960b83a4f8e35cc25 (patch)
treefb7b8495c2429cb7c5e5287882efd1fd12bb6120
parent7bc7e3cd65d0b399c04578b46ca7e0536e09b45e (diff)
downloadsrc-1780e407158ada85e454b24960b83a4f8e35cc25.tar.gz
src-1780e407158ada85e454b24960b83a4f8e35cc25.zip
Implement SHA-512 truncated (224 and 256 bits)
This implements SHA-512/256, which generates a 256 bit hash by calculating the SHA-512 then truncating the result. A different initial value is used, making the result different from the first 256 bits of the SHA-512 of the same input. SHA-512 is ~50% faster than SHA-256 on 64bit platforms, so the result is a faster 256 bit hash. The main goal of this implementation is to enable support for this faster hashing algorithm in ZFS. The feature was introduced into ZFS in r289422, but is disconnected because SHA-512/256 support was missing. A further commit will enable it in ZFS. This is the follow on to r292782 Reviewed by: cem Sponsored by: ScaleEngine Inc. Differential Revision: https://reviews.freebsd.org/D6061
Notes
Notes: svn path=/head/; revision=300903
-rw-r--r--lib/libcrypt/Makefile2
-rw-r--r--lib/libmd/Makefile37
-rw-r--r--lib/libmd/sha512.345
-rw-r--r--lib/libmd/shadriver.c4
-rw-r--r--sbin/md5/Makefile6
-rw-r--r--sbin/md5/md5.124
-rw-r--r--sbin/md5/md5.c16
-rw-r--r--sys/crypto/sha2/sha512c.c98
-rw-r--r--sys/crypto/sha2/sha512t.h125
9 files changed, 340 insertions, 17 deletions
diff --git a/lib/libcrypt/Makefile b/lib/libcrypt/Makefile
index c1f8542bc7b8..3b982a3a62b7 100644
--- a/lib/libcrypt/Makefile
+++ b/lib/libcrypt/Makefile
@@ -31,6 +31,8 @@ CFLAGS+= -I${.CURDIR} -DHAS_DES -DHAS_BLOWFISH
.for sym in MD4Init MD4Final MD4Update MD4Pad \
MD5Init MD5Final MD5Update MD5Pad \
SHA256_Init SHA256_Final SHA256_Update \
+ SHA512_224_Init SHA512_224_Final SHA512_224_Update \
+ SHA512_256_Init SHA512_256_Final SHA512_256_Update \
SHA384_Init SHA384_Final SHA384_Update \
SHA512_Init SHA512_Final SHA512_Update
CFLAGS+= -D${sym}=__${sym}
diff --git a/lib/libmd/Makefile b/lib/libmd/Makefile
index bde4fb5c0a9e..111a9f433b45 100644
--- a/lib/libmd/Makefile
+++ b/lib/libmd/Makefile
@@ -9,8 +9,8 @@ SRCS= md4c.c md5c.c md4hl.c md5hl.c \
sha0c.c sha0hl.c sha1c.c sha1hl.c \
sha256c.c sha256hl.c \
sha384hl.c \
- sha512c.c sha512hl.c
-INCS= md4.h md5.h ripemd.h sha.h sha256.h sha384.h sha512.h
+ sha512c.c sha512hl.c sha512thl.c
+INCS= md4.h md5.h ripemd.h sha.h sha256.h sha384.h sha512.h sha512t.h
WARNS?= 0
@@ -43,11 +43,15 @@ MLINKS+=sha512.3 SHA512_Init.3 sha512.3 SHA512_Update.3
MLINKS+=sha512.3 SHA512_Final.3 sha512.3 SHA512_End.3
MLINKS+=sha512.3 SHA512_File.3 sha512.3 SHA512_FileChunk.3
MLINKS+=sha512.3 SHA512_Data.3
+MLINKS+=sha512.3 SHA512_256_Init.3 sha512.3 SHA512_256_Update.3
+MLINKS+=sha512.3 SHA512_256_Final.3 sha512.3 SHA512_256_End.3
+MLINKS+=sha512.3 SHA512_256_File.3 sha512.3 SHA512_256_FileChunk.3
+MLINKS+=sha512.3 SHA512_256_Data.3
CLEANFILES+= md[245]hl.c md[245].ref md[245].3 mddriver \
rmd160.ref rmd160hl.c rmddriver \
sha0.ref sha0hl.c sha1.ref sha1hl.c shadriver \
sha256.ref sha256hl.c sha384hl.c sha384.ref \
- sha512.ref sha512hl.c
+ sha512.ref sha512hl.c sha512t256.ref sha512thl.c
# Define WEAK_REFS to provide weak aliases for libmd symbols
#
@@ -107,6 +111,13 @@ sha512hl.c: mdXhl.c
-e 's/SHA512__/SHA512_/g' \
${.ALLSRC}) > ${.TARGET}
+sha512thl.c: mdXhl.c
+ (echo '#define LENGTH 32'; \
+ sed -e 's/mdX/sha512t/g' -e 's/MDX/SHA512_256_/g' \
+ -e 's/SHA512_256__/SHA512_256_/g' \
+ -e 's/SHA512_256_CTX/SHA512_CTX/g' \
+ ${.ALLSRC}) > ${.TARGET}
+
rmd160hl.c: mdXhl.c
(echo '#define LENGTH 20'; \
sed -e 's/mdX/ripemd/g' -e 's/MDX/RIPEMD160_/g' \
@@ -211,6 +222,21 @@ sha512.ref:
@echo 'SHA-512 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \
'72ec1ef1124a45b047e8b7c75a932195135bb61de24ec0d1914042246e0aec3a2354e093d76f3048b456764346900cb130d2a4fd5dd16abb5e30bcb850dee843' >> ${.TARGET}
+sha512t256.ref:
+ echo 'SHA-512256 test suite:' > ${.TARGET}
+ @echo 'SHA-512256 ("") =' \
+ 'c672b8d1ef56ed28ab87c3622c5114069bdd3ad7b8f9737498d0c01ecef0967a' >> ${.TARGET}
+ @echo 'SHA-512256 ("abc") =' \
+ '53048e2681941ef99b2e29b76b4c7dabe4c2d0c634fc6d46e0e2f13107e7af23' >> ${.TARGET}
+ @echo 'SHA-512256 ("message digest") =' \
+ '0cf471fd17ed69d990daf3433c89b16d63dec1bb9cb42a6094604ee5d7b4e9fb' >> ${.TARGET}
+ @echo 'SHA-512256 ("abcdefghijklmnopqrstuvwxyz") =' \
+ 'fc3189443f9c268f626aea08a756abe7b726b05f701cb08222312ccfd6710a26' >> ${.TARGET}
+ @echo 'SHA-512256 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \
+ 'cdf1cc0effe26ecc0c13758f7b4a48e000615df241284185c39eb05d355bb9c8' >> ${.TARGET}
+ @echo 'SHA-512256 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \
+ '2c9fdbc0c90bdd87612ee8455474f9044850241dc105b1e8b94b8ddf5fac9148' >> ${.TARGET}
+
rmd160.ref:
echo 'RIPEMD160 test suite:' > ${.TARGET}
@echo 'RIPEMD160 ("") = 9c1185a5c5e9fc54612808977ee8f548b2258d31' >> ${.TARGET}
@@ -225,7 +251,7 @@ rmd160.ref:
'9b752e45573d4b39f4dbd3323cab82bf63326bfb' >> ${.TARGET}
test: md4.ref md5.ref sha0.ref rmd160.ref sha1.ref sha256.ref sha384.ref \
- sha512.ref
+ sha512.ref sha512t256.ref
@${ECHO} if any of these test fail, the code produces wrong results
@${ECHO} and should NOT be used.
${CC} ${CFLAGS} ${LDFLAGS} -DMD=4 -o mddriver ${.CURDIR}/mddriver.c libmd.a
@@ -254,6 +280,9 @@ test: md4.ref md5.ref sha0.ref rmd160.ref sha1.ref sha256.ref sha384.ref \
${CC} ${CFLAGS} ${LDFLAGS} -DSHA=512 -o shadriver ${.CURDIR}/shadriver.c libmd.a
./shadriver | cmp sha512.ref -
@${ECHO} SHA-512 passed test
+ ${CC} ${CFLAGS} ${LDFLAGS} -DSHA=512256 -o shadriver ${.CURDIR}/shadriver.c libmd.a
+ ./shadriver | cmp sha512t256.ref -
+ @${ECHO} SHA-512t256 passed test
-rm -f shadriver
.include <bsd.lib.mk>
diff --git a/lib/libmd/sha512.3 b/lib/libmd/sha512.3
index d6b3aaf452a2..2eb58509cdae 100644
--- a/lib/libmd/sha512.3
+++ b/lib/libmd/sha512.3
@@ -9,7 +9,7 @@
.\" From: Id: mdX.3,v 1.14 1999/02/11 20:31:49 wollman Exp
.\" $FreeBSD$
.\"
-.Dd October 17, 2015
+.Dd April 22, 2016
.Dt SHA512 3
.Os
.Sh NAME
@@ -26,7 +26,14 @@
.Nm SHA384_End ,
.Nm SHA384_File ,
.Nm SHA384_FileChunk ,
-.Nm SHA384_Data
+.Nm SHA384_Data,
+.Nm SHA512_256_Init ,
+.Nm SHA512_256_Update ,
+.Nm SHA512_256_Final ,
+.Nm SHA512_256_End ,
+.Nm SHA512_256_File ,
+.Nm SHA512_256_FileChunk ,
+.Nm SHA512_256_Data
.Nd calculate the FIPS 180-4 ``SHA-512'' family of message digests
.Sh LIBRARY
.Lb libmd
@@ -47,6 +54,7 @@
.Fn SHA512_FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length"
.Ft "char *"
.Fn SHA512_Data "const unsigned char *data" "unsigned int len" "char *buf"
+.In sha384.h
.Ft void
.Fn SHA384_Init "SHA384_CTX *context"
.Ft void
@@ -61,6 +69,21 @@
.Fn SHA384_FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length"
.Ft "char *"
.Fn SHA384_Data "const unsigned char *data" "unsigned int len" "char *buf"
+.In sha512t.h
+.Ft void
+.Fn SHA512_256_Init "SHA512_CTX *context"
+.Ft void
+.Fn SHA512_256_Update "SHA512_CTX *context" "const unsigned char *data" "size_t len"
+.Ft void
+.Fn SHA512_256_Final "unsigned char digest[32]" "SHA512_CTX *context"
+.Ft "char *"
+.Fn SHA512_256_End "SHA512_CTX *context" "char *buf"
+.Ft "char *"
+.Fn SHA512_256_File "const char *filename" "char *buf"
+.Ft "char *"
+.Fn SHA512_256_FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length"
+.Ft "char *"
+.Fn SHA512_256_Data "const unsigned char *data" "unsigned int len" "char *buf"
.Sh DESCRIPTION
The
.Li SHA512_
@@ -92,7 +115,7 @@ and finally extract the result using
.Fn SHA512_End
is a wrapper for
.Fn SHA512_Final
-which converts the return value to a 65-character
+which converts the return value to a 129-character
(including the terminating '\e0')
.Tn ASCII
string which represents the 512 bits in hexadecimal.
@@ -139,22 +162,32 @@ and subsequently must be explicitly deallocated using
after use.
If the
.Fa buf
-argument is non-null it must point to at least 65 characters of buffer space.
+argument is non-null it must point to at least 129 characters of buffer space.
.Pp
The
.Li SHA384_
+and
+.Li SHA512_256_
functions are identical to the
.Li SHA512_
functions except they use a different initial hash value and the output is
-truncated to 384 bits.
+truncated to 384 bits and 256 bits respectively.
.Pp
.Fn SHA384_End
is a wrapper for
.Fn SHA384_Final
-which converts the return value to a 49-character
+which converts the return value to a 97-character
(including the terminating '\e0')
.Tn ASCII
string which represents the 384 bits in hexadecimal.
+.Pp
+.Fn SHA512_256_End
+is a wrapper for
+.Fn SHA512_Final
+which converts the return value to a 65-character
+(including the terminating '\e0')
+.Tn ASCII
+string which represents the 256 bits in hexadecimal.
.Sh SEE ALSO
.Xr md4 3 ,
.Xr md5 3 ,
diff --git a/lib/libmd/shadriver.c b/lib/libmd/shadriver.c
index e7e7b5d152d0..b643f964802a 100644
--- a/lib/libmd/shadriver.c
+++ b/lib/libmd/shadriver.c
@@ -24,6 +24,7 @@ __FBSDID("$FreeBSD$");
#include "sha256.h"
#include "sha384.h"
#include "sha512.h"
+#include "sha512t.h"
/* The following makes SHA default to SHA-1 if it has not already been
* defined with C compiler flags. */
@@ -43,6 +44,9 @@ __FBSDID("$FreeBSD$");
#elif SHA == 512
#undef SHA_Data
#define SHA_Data SHA512_Data
+#elif SHA == 512256
+#undef SHA_Data
+#define SHA_Data SHA512_256_Data
#endif
/* Digests a string and prints the result. */
diff --git a/sbin/md5/Makefile b/sbin/md5/Makefile
index 6b651725f7c9..99402158e4a5 100644
--- a/sbin/md5/Makefile
+++ b/sbin/md5/Makefile
@@ -8,13 +8,15 @@ LINKS= ${BINDIR}/md5 ${BINDIR}/rmd160 \
${BINDIR}/md5 ${BINDIR}/sha1 \
${BINDIR}/md5 ${BINDIR}/sha256 \
${BINDIR}/md5 ${BINDIR}/sha384 \
- ${BINDIR}/md5 ${BINDIR}/sha512
+ ${BINDIR}/md5 ${BINDIR}/sha512 \
+ ${BINDIR}/md5 ${BINDIR}/sha512t256
MLINKS= md5.1 rmd160.1 \
md5.1 sha1.1 \
md5.1 sha256.1 \
md5.1 sha384.1 \
- md5.1 sha512.1
+ md5.1 sha512.1 \
+ md5.1 sha512t256.1
LIBADD= md
diff --git a/sbin/md5/md5.1 b/sbin/md5/md5.1
index 94cdf8495719..6fa039377b43 100644
--- a/sbin/md5/md5.1
+++ b/sbin/md5/md5.1
@@ -1,9 +1,9 @@
.\" $FreeBSD$
-.Dd October 17, 2015
+.Dd April 22, 2016
.Dt MD5 1
.Os
.Sh NAME
-.Nm md5 , sha1 , sha256 , sha384 , sha512, rmd160
+.Nm md5 , sha1 , sha256 , sha384 , sha512, sha512t256, rmd160
.Nd calculate a message-digest fingerprint (checksum) for a file
.Sh SYNOPSIS
.Nm md5
@@ -31,6 +31,11 @@
.Op Fl c Ar string
.Op Fl s Ar string
.Op Ar
+.Nm sha512t256
+.Op Fl pqrtx
+.Op Fl c Ar string
+.Op Fl s Ar string
+.Op Ar
.Nm rmd160
.Op Fl pqrtx
.Op Fl c Ar string
@@ -38,7 +43,7 @@
.Op Ar
.Sh DESCRIPTION
The
-.Nm md5 , sha1 , sha256 , sha384 , sha512
+.Nm md5 , sha1 , sha256 , sha384 , sha512, sha512t256
and
.Nm rmd160
utilities take as input a message of arbitrary length and produce as
@@ -78,8 +83,17 @@ found which is faster than a brute-force search, placing the security of
.Tn SHA-1
in doubt.
.Pp
-It is recommended that all new applications use
+.Tn SHA-512t256
+is a version of
+.Tn SHA-512
+truncated to only 256 bits.
+On 64-bit hardware, this algorithm is approximately 50% faster than
.Tn SHA-256
+but with the same level of security.
+The hashes are not interchangeable.
+.Pp
+It is recommended that all new applications use
+.Tn SHA-512
instead of one of the other hash functions.
.Pp
The following options may be used in any combination and must
@@ -114,7 +128,7 @@ Run a built-in test script.
.El
.Sh EXIT STATUS
The
-.Nm md5 , sha1 , sha256 , sha512
+.Nm md5 , sha1 , sha256 , sha512, sha512t256
and
.Nm rmd160
utilities exit 0 on success,
diff --git a/sbin/md5/md5.c b/sbin/md5/md5.c
index 1172f25727c2..4f9792b2926b 100644
--- a/sbin/md5/md5.c
+++ b/sbin/md5/md5.c
@@ -30,6 +30,7 @@ __FBSDID("$FreeBSD$");
#include <sha256.h>
#include <sha384.h>
#include <sha512.h>
+#include <sha512t.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -58,6 +59,7 @@ extern const char *SHA1_TestOutput[MDTESTCOUNT];
extern const char *SHA256_TestOutput[MDTESTCOUNT];
extern const char *SHA384_TestOutput[MDTESTCOUNT];
extern const char *SHA512_TestOutput[MDTESTCOUNT];
+extern const char *SHA512t256_TestOutput[MDTESTCOUNT];
extern const char *RIPEMD160_TestOutput[MDTESTCOUNT];
typedef struct Algorithm_t {
@@ -110,6 +112,9 @@ static const struct Algorithm_t Algorithm[] = {
{ "sha512", "SHA512", &SHA512_TestOutput, (DIGEST_Init*)&SHA512_Init,
(DIGEST_Update*)&SHA512_Update, (DIGEST_End*)&SHA512_End,
&SHA512_Data, &SHA512_File },
+ { "sha512t256", "SHA512t256", &SHA512t256_TestOutput, (DIGEST_Init*)&SHA512_256_Init,
+ (DIGEST_Update*)&SHA512_256_Update, (DIGEST_End*)&SHA512_256_End,
+ &SHA512_256_Data, &SHA512_256_File },
{ "rmd160", "RMD160", &RIPEMD160_TestOutput,
(DIGEST_Init*)&RIPEMD160_Init, (DIGEST_Update*)&RIPEMD160_Update,
(DIGEST_End*)&RIPEMD160_End, &RIPEMD160_Data, &RIPEMD160_File }
@@ -355,6 +360,17 @@ const char *SHA512_TestOutput[MDTESTCOUNT] = {
"e8a835195e039708b13d9131e025f4441dbdc521ce625f245a436dcd762f54bf5cb298d96235e6c6a304e087ec8189b9512cbdf6427737ea82793460c367b9c3"
};
+const char *SHA512t256_TestOutput[MDTESTCOUNT] = {
+ "c672b8d1ef56ed28ab87c3622c5114069bdd3ad7b8f9737498d0c01ecef0967a",
+ "455e518824bc0601f9fb858ff5c37d417d67c2f8e0df2babe4808858aea830f8",
+ "53048e2681941ef99b2e29b76b4c7dabe4c2d0c634fc6d46e0e2f13107e7af23",
+ "0cf471fd17ed69d990daf3433c89b16d63dec1bb9cb42a6094604ee5d7b4e9fb",
+ "fc3189443f9c268f626aea08a756abe7b726b05f701cb08222312ccfd6710a26",
+ "cdf1cc0effe26ecc0c13758f7b4a48e000615df241284185c39eb05d355bb9c8",
+ "2c9fdbc0c90bdd87612ee8455474f9044850241dc105b1e8b94b8ddf5fac9148",
+ "dd095fc859b336c30a52548b3dc59fcc0d1be8616ebcf3368fad23107db2d736"
+};
+
const char *RIPEMD160_TestOutput[MDTESTCOUNT] = {
"9c1185a5c5e9fc54612808977ee8f548b2258d31",
"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe",
diff --git a/sys/crypto/sha2/sha512c.c b/sys/crypto/sha2/sha512c.c
index 5c107ea8c66d..5e23949f8e0e 100644
--- a/sys/crypto/sha2/sha512c.c
+++ b/sys/crypto/sha2/sha512c.c
@@ -1,5 +1,6 @@
/*-
* Copyright 2005 Colin Percival
+ * Copyright (c) 2015 Allan Jude <allanjude@FreeBSD.org>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -37,6 +38,7 @@ __FBSDID("$FreeBSD$");
#endif
#include "sha512.h"
+#include "sha512t.h"
#include "sha384.h"
#if BYTE_ORDER == BIG_ENDIAN
@@ -324,6 +326,88 @@ SHA512_Final(unsigned char digest[static SHA512_DIGEST_LENGTH], SHA512_CTX *ctx)
memset(ctx, 0, sizeof(*ctx));
}
+/*** SHA-512t: *********************************************************/
+/*
+ * the SHA512t transforms are identical to SHA512 so reuse the existing function
+ */
+void
+SHA512_224_Init(SHA512_CTX * ctx)
+{
+
+ /* Zero bits processed so far */
+ ctx->count[0] = ctx->count[1] = 0;
+
+ /* Magic initialization constants */
+ ctx->state[0] = 0x8c3d37c819544da2ULL;
+ ctx->state[1] = 0x73e1996689dcd4d6ULL;
+ ctx->state[2] = 0x1dfab7ae32ff9c82ULL;
+ ctx->state[3] = 0x679dd514582f9fcfULL;
+ ctx->state[4] = 0x0f6d2b697bd44da8ULL;
+ ctx->state[5] = 0x77e36f7304c48942ULL;
+ ctx->state[6] = 0x3f9d85a86a1d36c8ULL;
+ ctx->state[7] = 0x1112e6ad91d692a1ULL;
+}
+
+void
+SHA512_224_Update(SHA512_CTX * ctx, const void *in, size_t len)
+{
+
+ SHA512_Update(ctx, in, len);
+}
+
+void
+SHA512_224_Final(unsigned char digest[static SHA512_224_DIGEST_LENGTH], SHA512_CTX * ctx)
+{
+
+ /* Add padding */
+ SHA512_Pad(ctx);
+
+ /* Write the hash */
+ be64enc_vect(digest, ctx->state, SHA512_224_DIGEST_LENGTH);
+
+ /* Clear the context state */
+ memset(ctx, 0, sizeof(*ctx));
+}
+
+void
+SHA512_256_Init(SHA512_CTX * ctx)
+{
+
+ /* Zero bits processed so far */
+ ctx->count[0] = ctx->count[1] = 0;
+
+ /* Magic initialization constants */
+ ctx->state[0] = 0x22312194fc2bf72cULL;
+ ctx->state[1] = 0x9f555fa3c84c64c2ULL;
+ ctx->state[2] = 0x2393b86b6f53b151ULL;
+ ctx->state[3] = 0x963877195940eabdULL;
+ ctx->state[4] = 0x96283ee2a88effe3ULL;
+ ctx->state[5] = 0xbe5e1e2553863992ULL;
+ ctx->state[6] = 0x2b0199fc2c85b8aaULL;
+ ctx->state[7] = 0x0eb72ddc81c52ca2ULL;
+}
+
+void
+SHA512_256_Update(SHA512_CTX * ctx, const void *in, size_t len)
+{
+
+ SHA512_Update(ctx, in, len);
+}
+
+void
+SHA512_256_Final(unsigned char digest[static SHA512_256_DIGEST_LENGTH], SHA512_CTX * ctx)
+{
+
+ /* Add padding */
+ SHA512_Pad(ctx);
+
+ /* Write the hash */
+ be64enc_vect(digest, ctx->state, SHA512_256_DIGEST_LENGTH);
+
+ /* Clear the context state */
+ memset(ctx, 0, sizeof(*ctx));
+}
+
/*** SHA-384: *********************************************************/
/*
* the SHA384 and SHA512 transforms are identical, so SHA384 is skipped
@@ -388,6 +472,20 @@ __weak_reference(_libmd_SHA512_Final, SHA512_Final);
#undef SHA512_Transform
__weak_reference(_libmd_SHA512_Transform, SHA512_Transform);
+#undef SHA512_224_Init
+__weak_reference(_libmd_SHA512_224_Init, SHA512_224_Init);
+#undef SHA512_224_Update
+__weak_reference(_libmd_SHA512_224_Update, SHA512_224_Update);
+#undef SHA512_224_Final
+__weak_reference(_libmd_SHA512_224_Final, SHA512_224_Final);
+
+#undef SHA512_256_Init
+__weak_reference(_libmd_SHA512_256_Init, SHA512_256_Init);
+#undef SHA512_256_Update
+__weak_reference(_libmd_SHA512_256_Update, SHA512_256_Update);
+#undef SHA512_256_Final
+__weak_reference(_libmd_SHA512_256_Final, SHA512_256_Final);
+
#undef SHA384_Init
__weak_reference(_libmd_SHA384_Init, SHA384_Init);
#undef SHA384_Update
diff --git a/sys/crypto/sha2/sha512t.h b/sys/crypto/sha2/sha512t.h
new file mode 100644
index 000000000000..3f0c921f9208
--- /dev/null
+++ b/sys/crypto/sha2/sha512t.h
@@ -0,0 +1,125 @@
+/*-
+ * Copyright (c) 2015 Allan Jude <allanjude@FreeBSD.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+#ifndef _SHA512T_H_
+#define _SHA512T_H_
+
+#include "sha512.h"
+
+#ifndef _KERNEL
+#include <sys/types.h>
+#endif
+
+#define SHA512_224_DIGEST_LENGTH 28
+#define SHA512_224_DIGEST_STRING_LENGTH (SHA512_224_DIGEST_LENGTH * 2 + 1)
+#define SHA512_256_DIGEST_LENGTH 32
+#define SHA512_256_DIGEST_STRING_LENGTH (SHA512_256_DIGEST_LENGTH * 2 + 1)
+
+__BEGIN_DECLS
+
+/* Ensure libmd symbols do not clash with libcrypto */
+#ifndef SHA512_224_Init
+#define SHA512_224_Init _libmd_SHA512_224_Init
+#endif
+#ifndef SHA512_224_Update
+#define SHA512_224_Update _libmd_SHA512_224_Update
+#endif
+#ifndef SHA512_224_Final
+#define SHA512_224_Final _libmd_SHA512_224_Final
+#endif
+#ifndef SHA512_224_End
+#define SHA512_224_End _libmd_SHA512_224_End
+#endif
+#ifndef SHA512_224_File
+#define SHA512_224_File _libmd_SHA512_224_File
+#endif
+#ifndef SHA512_224_FileChunk
+#define SHA512_224_FileChunk _libmd_SHA512_224_FileChunk
+#endif
+#ifndef SHA512_224_Data
+#define SHA512_224_Data _libmd_SHA512_224_Data
+#endif
+
+#ifndef SHA512_224_Transform
+#define SHA512_224_Transform _libmd_SHA512_224_Transform
+#endif
+#ifndef SHA512_224_version
+#define SHA512_224_version _libmd_SHA512_224_version
+#endif
+
+#ifndef SHA512_256_Init
+#define SHA512_256_Init _libmd_SHA512_256_Init
+#endif
+#ifndef SHA512_256_Update
+#define SHA512_256_Update _libmd_SHA512_256_Update
+#endif
+#ifndef SHA512_256_Final
+#define SHA512_256_Final _libmd_SHA512_256_Final
+#endif
+#ifndef SHA512_256_End
+#define SHA512_256_End _libmd_SHA512_256_End
+#endif
+#ifndef SHA512_256_File
+#define SHA512_256_File _libmd_SHA512_256_File
+#endif
+#ifndef SHA512_256_FileChunk
+#define SHA512_256_FileChunk _libmd_SHA512_256_FileChunk
+#endif
+#ifndef SHA512_256_Data
+#define SHA512_256_Data _libmd_SHA512_256_Data
+#endif
+
+#ifndef SHA512_256_Transform
+#define SHA512_256_Transform _libmd_SHA512_256_Transform
+#endif
+#ifndef SHA512_256_version
+#define SHA512_256_version _libmd_SHA512_256_version
+#endif
+
+void SHA512_224_Init(SHA512_CTX *);
+void SHA512_224_Update(SHA512_CTX *, const void *, size_t);
+void SHA512_224_Final(unsigned char [static SHA512_224_DIGEST_LENGTH], SHA512_CTX *);
+#ifndef _KERNEL
+char *SHA512_224_End(SHA512_CTX *, char *);
+char *SHA512_224_Data(const void *, unsigned int, char *);
+char *SHA512_224_File(const char *, char *);
+char *SHA512_224_FileChunk(const char *, char *, off_t, off_t);
+#endif
+void SHA512_256_Init(SHA512_CTX *);
+void SHA512_256_Update(SHA512_CTX *, const void *, size_t);
+void SHA512_256_Final(unsigned char [static SHA512_256_DIGEST_LENGTH], SHA512_CTX *);
+#ifndef _KERNEL
+char *SHA512_256_End(SHA512_CTX *, char *);
+char *SHA512_256_Data(const void *, unsigned int, char *);
+char *SHA512_256_File(const char *, char *);
+char *SHA512_256_FileChunk(const char *, char *, off_t, off_t);
+#endif
+
+__END_DECLS
+
+#endif /* !_SHA512T_H_ */