aboutsummaryrefslogtreecommitdiff
path: root/sbin/md5
diff options
context:
space:
mode:
authorAllan Jude <allanjude@FreeBSD.org>2016-05-28 16:06:07 +0000
committerAllan Jude <allanjude@FreeBSD.org>2016-05-28 16:06:07 +0000
commit1780e407158ada85e454b24960b83a4f8e35cc25 (patch)
treefb7b8495c2429cb7c5e5287882efd1fd12bb6120 /sbin/md5
parent7bc7e3cd65d0b399c04578b46ca7e0536e09b45e (diff)
downloadsrc-1780e407158ada85e454b24960b83a4f8e35cc25.tar.gz
src-1780e407158ada85e454b24960b83a4f8e35cc25.zip
Implement SHA-512 truncated (224 and 256 bits)
This implements SHA-512/256, which generates a 256 bit hash by calculating the SHA-512 then truncating the result. A different initial value is used, making the result different from the first 256 bits of the SHA-512 of the same input. SHA-512 is ~50% faster than SHA-256 on 64bit platforms, so the result is a faster 256 bit hash. The main goal of this implementation is to enable support for this faster hashing algorithm in ZFS. The feature was introduced into ZFS in r289422, but is disconnected because SHA-512/256 support was missing. A further commit will enable it in ZFS. This is the follow on to r292782 Reviewed by: cem Sponsored by: ScaleEngine Inc. Differential Revision: https://reviews.freebsd.org/D6061
Notes
Notes: svn path=/head/; revision=300903
Diffstat (limited to 'sbin/md5')
-rw-r--r--sbin/md5/Makefile6
-rw-r--r--sbin/md5/md5.124
-rw-r--r--sbin/md5/md5.c16
3 files changed, 39 insertions, 7 deletions
diff --git a/sbin/md5/Makefile b/sbin/md5/Makefile
index 6b651725f7c9..99402158e4a5 100644
--- a/sbin/md5/Makefile
+++ b/sbin/md5/Makefile
@@ -8,13 +8,15 @@ LINKS= ${BINDIR}/md5 ${BINDIR}/rmd160 \
${BINDIR}/md5 ${BINDIR}/sha1 \
${BINDIR}/md5 ${BINDIR}/sha256 \
${BINDIR}/md5 ${BINDIR}/sha384 \
- ${BINDIR}/md5 ${BINDIR}/sha512
+ ${BINDIR}/md5 ${BINDIR}/sha512 \
+ ${BINDIR}/md5 ${BINDIR}/sha512t256
MLINKS= md5.1 rmd160.1 \
md5.1 sha1.1 \
md5.1 sha256.1 \
md5.1 sha384.1 \
- md5.1 sha512.1
+ md5.1 sha512.1 \
+ md5.1 sha512t256.1
LIBADD= md
diff --git a/sbin/md5/md5.1 b/sbin/md5/md5.1
index 94cdf8495719..6fa039377b43 100644
--- a/sbin/md5/md5.1
+++ b/sbin/md5/md5.1
@@ -1,9 +1,9 @@
.\" $FreeBSD$
-.Dd October 17, 2015
+.Dd April 22, 2016
.Dt MD5 1
.Os
.Sh NAME
-.Nm md5 , sha1 , sha256 , sha384 , sha512, rmd160
+.Nm md5 , sha1 , sha256 , sha384 , sha512, sha512t256, rmd160
.Nd calculate a message-digest fingerprint (checksum) for a file
.Sh SYNOPSIS
.Nm md5
@@ -31,6 +31,11 @@
.Op Fl c Ar string
.Op Fl s Ar string
.Op Ar
+.Nm sha512t256
+.Op Fl pqrtx
+.Op Fl c Ar string
+.Op Fl s Ar string
+.Op Ar
.Nm rmd160
.Op Fl pqrtx
.Op Fl c Ar string
@@ -38,7 +43,7 @@
.Op Ar
.Sh DESCRIPTION
The
-.Nm md5 , sha1 , sha256 , sha384 , sha512
+.Nm md5 , sha1 , sha256 , sha384 , sha512, sha512t256
and
.Nm rmd160
utilities take as input a message of arbitrary length and produce as
@@ -78,8 +83,17 @@ found which is faster than a brute-force search, placing the security of
.Tn SHA-1
in doubt.
.Pp
-It is recommended that all new applications use
+.Tn SHA-512t256
+is a version of
+.Tn SHA-512
+truncated to only 256 bits.
+On 64-bit hardware, this algorithm is approximately 50% faster than
.Tn SHA-256
+but with the same level of security.
+The hashes are not interchangeable.
+.Pp
+It is recommended that all new applications use
+.Tn SHA-512
instead of one of the other hash functions.
.Pp
The following options may be used in any combination and must
@@ -114,7 +128,7 @@ Run a built-in test script.
.El
.Sh EXIT STATUS
The
-.Nm md5 , sha1 , sha256 , sha512
+.Nm md5 , sha1 , sha256 , sha512, sha512t256
and
.Nm rmd160
utilities exit 0 on success,
diff --git a/sbin/md5/md5.c b/sbin/md5/md5.c
index 1172f25727c2..4f9792b2926b 100644
--- a/sbin/md5/md5.c
+++ b/sbin/md5/md5.c
@@ -30,6 +30,7 @@ __FBSDID("$FreeBSD$");
#include <sha256.h>
#include <sha384.h>
#include <sha512.h>
+#include <sha512t.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -58,6 +59,7 @@ extern const char *SHA1_TestOutput[MDTESTCOUNT];
extern const char *SHA256_TestOutput[MDTESTCOUNT];
extern const char *SHA384_TestOutput[MDTESTCOUNT];
extern const char *SHA512_TestOutput[MDTESTCOUNT];
+extern const char *SHA512t256_TestOutput[MDTESTCOUNT];
extern const char *RIPEMD160_TestOutput[MDTESTCOUNT];
typedef struct Algorithm_t {
@@ -110,6 +112,9 @@ static const struct Algorithm_t Algorithm[] = {
{ "sha512", "SHA512", &SHA512_TestOutput, (DIGEST_Init*)&SHA512_Init,
(DIGEST_Update*)&SHA512_Update, (DIGEST_End*)&SHA512_End,
&SHA512_Data, &SHA512_File },
+ { "sha512t256", "SHA512t256", &SHA512t256_TestOutput, (DIGEST_Init*)&SHA512_256_Init,
+ (DIGEST_Update*)&SHA512_256_Update, (DIGEST_End*)&SHA512_256_End,
+ &SHA512_256_Data, &SHA512_256_File },
{ "rmd160", "RMD160", &RIPEMD160_TestOutput,
(DIGEST_Init*)&RIPEMD160_Init, (DIGEST_Update*)&RIPEMD160_Update,
(DIGEST_End*)&RIPEMD160_End, &RIPEMD160_Data, &RIPEMD160_File }
@@ -355,6 +360,17 @@ const char *SHA512_TestOutput[MDTESTCOUNT] = {
"e8a835195e039708b13d9131e025f4441dbdc521ce625f245a436dcd762f54bf5cb298d96235e6c6a304e087ec8189b9512cbdf6427737ea82793460c367b9c3"
};
+const char *SHA512t256_TestOutput[MDTESTCOUNT] = {
+ "c672b8d1ef56ed28ab87c3622c5114069bdd3ad7b8f9737498d0c01ecef0967a",
+ "455e518824bc0601f9fb858ff5c37d417d67c2f8e0df2babe4808858aea830f8",
+ "53048e2681941ef99b2e29b76b4c7dabe4c2d0c634fc6d46e0e2f13107e7af23",
+ "0cf471fd17ed69d990daf3433c89b16d63dec1bb9cb42a6094604ee5d7b4e9fb",
+ "fc3189443f9c268f626aea08a756abe7b726b05f701cb08222312ccfd6710a26",
+ "cdf1cc0effe26ecc0c13758f7b4a48e000615df241284185c39eb05d355bb9c8",
+ "2c9fdbc0c90bdd87612ee8455474f9044850241dc105b1e8b94b8ddf5fac9148",
+ "dd095fc859b336c30a52548b3dc59fcc0d1be8616ebcf3368fad23107db2d736"
+};
+
const char *RIPEMD160_TestOutput[MDTESTCOUNT] = {
"9c1185a5c5e9fc54612808977ee8f548b2258d31",
"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe",