aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--lib/libcrypt/Makefile1
-rw-r--r--lib/libmd/Makefile38
-rw-r--r--lib/libmd/sha256.330
-rw-r--r--lib/libmd/shadriver.c4
-rw-r--r--sbin/md5/Makefile2
-rw-r--r--sbin/md5/md5.166
-rw-r--r--sbin/md5/md5.c17
7 files changed, 96 insertions, 62 deletions
diff --git a/lib/libcrypt/Makefile b/lib/libcrypt/Makefile
index 611b42ab038c..1aa4c66d9cc7 100644
--- a/lib/libcrypt/Makefile
+++ b/lib/libcrypt/Makefile
@@ -31,6 +31,7 @@ CFLAGS+= -I${.CURDIR} -DHAS_DES -DHAS_BLOWFISH
.for sym in MD4Init MD4Final MD4Update MD4Pad \
MD5Init MD5Final MD5Update MD5Pad \
+ SHA224_Init SHA224_Final SHA224_Update \
SHA256_Init SHA256_Final SHA256_Update \
SHA512_224_Init SHA512_224_Final SHA512_224_Update \
SHA512_256_Init SHA512_256_Final SHA512_256_Update \
diff --git a/lib/libmd/Makefile b/lib/libmd/Makefile
index 98c352917dba..2fc24d90043d 100644
--- a/lib/libmd/Makefile
+++ b/lib/libmd/Makefile
@@ -7,13 +7,13 @@ SHLIBDIR?= /lib
SRCS= md4c.c md5c.c md4hl.c md5hl.c \
rmd160c.c rmd160hl.c \
sha0c.c sha0hl.c sha1c.c sha1hl.c \
- sha256c.c sha256hl.c \
+ sha224hl.c sha256c.c sha256hl.c \
sha384hl.c \
sha512c.c sha512hl.c sha512thl.c \
skein.c skein_block.c \
skein256hl.c skein512hl.c skein1024hl.c
-INCS= md4.h md5.h ripemd.h sha.h sha256.h sha384.h sha512.h sha512t.h \
- skein.h skein_port.h skein_freebsd.h skein_iv.h
+INCS= md4.h md5.h ripemd.h sha.h sha224.h sha256.h sha384.h sha512.h \
+ sha512t.h skein.h skein_port.h skein_freebsd.h skein_iv.h
WARNS?= 0
@@ -34,6 +34,10 @@ MLINKS+=sha.3 SHA_Data.3
MLINKS+=sha.3 SHA1_Init.3 sha.3 SHA1_Update.3 sha.3 SHA1_Final.3
MLINKS+=sha.3 SHA1_End.3 sha.3 SHA1_File.3 sha.3 SHA1_FileChunk.3
MLINKS+=sha.3 SHA1_Data.3
+MLINKS+=sha256.3 SHA224_Init.3 sha256.3 SHA224_Update.3
+MLINKS+=sha256.3 SHA224_Final.3 sha256.3 SHA224_End.3
+MLINKS+=sha256.3 SHA224_File.3 sha256.3 SHA224_FileChunk.3
+MLINKS+=sha256.3 SHA224_Data.3
MLINKS+=sha256.3 SHA256_Init.3 sha256.3 SHA256_Update.3
MLINKS+=sha256.3 SHA256_Final.3 sha256.3 SHA256_End.3
MLINKS+=sha256.3 SHA256_File.3 sha256.3 SHA256_FileChunk.3
@@ -66,7 +70,8 @@ MLINKS+=skein.3 SKEIN1024_Data.3 skein.3 skein1024.3
CLEANFILES+= md[245]hl.c md[245].ref md[245].3 mddriver \
rmd160.ref rmd160hl.c rmddriver \
sha0.ref sha0hl.c sha1.ref sha1hl.c shadriver \
- sha256.ref sha256hl.c sha384hl.c sha384.ref \
+ sha224.ref sha256.ref sha224hl.c sha256hl.c \
+ sha384hl.c sha384.ref \
sha512.ref sha512hl.c sha512t256.ref sha512thl.c \
skein256hl.c skein512hl.c skein1024hl.c \
skein256.ref skein512.ref skein1024.ref \
@@ -130,6 +135,12 @@ sha1hl.c: mdXhl.c
sed -e 's/mdX/sha/g' -e 's/MDX/SHA1_/g' -e 's/SHA1__/SHA1_/g' \
${.ALLSRC}) > ${.TARGET}
+sha224hl.c: mdXhl.c
+ (echo '#define LENGTH 28'; \
+ sed -e 's/mdX/sha224/g' -e 's/MDX/SHA224_/g' \
+ -e 's/SHA224__/SHA224_/g' \
+ ${.ALLSRC}) > ${.TARGET}
+
sha256hl.c: mdXhl.c
(echo '#define LENGTH 32'; \
sed -e 's/mdX/sha256/g' -e 's/MDX/SHA256_/g' \
@@ -234,6 +245,20 @@ sha1.ref:
@echo 'SHA-1 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \
'50abf5706a150990a08b2c5ea40fa0e585554732' >> ${.TARGET}
+sha224.ref:
+ echo 'SHA-224 test suite:' > ${.TARGET}
+ @echo 'SHA-224 ("") = d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f' >> ${.TARGET}
+ @echo 'SHA-224 ("abc") =' \
+ '23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7' >> ${.TARGET}
+ @echo 'SHA-224 ("message digest") =' \
+ '2cb21c83ae2f004de7e81c3c7019cbcb65b71ab656b22d6d0c39b8eb' >> ${.TARGET}
+ @echo 'SHA-224 ("abcdefghijklmnopqrstuvwxyz") =' \
+ '45a5f72c39c5cff2522eb3429799e49e5f44b356ef926bcf390dccc2' >> ${.TARGET}
+ @echo 'SHA-224 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \
+ 'bff72b4fcb7d75e5632900ac5f90d219e05e97a7bde72e740db393d9' >> ${.TARGET}
+ @echo 'SHA-224 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \
+ 'b50aecbe4e9bb0b57bc5f3ae760a8e01db24f203fb3cdcd13148046e' >> ${.TARGET}
+
sha256.ref:
echo 'SHA-256 test suite:' > ${.TARGET}
@echo 'SHA-256 ("") = e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855' >> ${.TARGET}
@@ -349,7 +374,7 @@ skein1024.ref:
@echo 'SKEIN1024 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \
'cf21a613620e6c119eca31fdfaad449a8e02f95ca256c21d2a105f8e4157048f9fe1e897893ea18b64e0e37cb07d5ac947f27ba544caf7cbc1ad094e675aed77a366270f7eb7f46543bccfa61c526fd628408058ed00ed566ac35a9761d002e629c4fb0d430b2f4ad016fcc49c44d2981c4002da0eecc42144160e2eaea4855a' >> ${.TARGET}
-test: md4.ref md5.ref sha0.ref rmd160.ref sha1.ref sha256.ref sha384.ref \
+test: md4.ref md5.ref sha0.ref rmd160.ref sha1.ref sha224.ref sha256.ref sha384.ref \
sha512.ref sha512t256.ref skein256.ref skein512.ref skein1024.ref
@${ECHO} if any of these test fail, the code produces wrong results
@${ECHO} and should NOT be used.
@@ -370,6 +395,9 @@ test: md4.ref md5.ref sha0.ref rmd160.ref sha1.ref sha256.ref sha384.ref \
${CC} ${CFLAGS} ${LDFLAGS} -DSHA=1 -o shadriver ${.CURDIR}/shadriver.c libmd.a
./shadriver | cmp sha1.ref -
@${ECHO} SHA-1 passed test
+ ${CC} ${CFLAGS} ${LDFLAGS} -DSHA=224 -o shadriver ${.CURDIR}/shadriver.c libmd.a
+ ./shadriver | cmp sha224.ref -
+ @${ECHO} SHA-224 passed test
${CC} ${CFLAGS} ${LDFLAGS} -DSHA=256 -o shadriver ${.CURDIR}/shadriver.c libmd.a
./shadriver | cmp sha256.ref -
@${ECHO} SHA-256 passed test
diff --git a/lib/libmd/sha256.3 b/lib/libmd/sha256.3
index 530c64416df0..25bbb1220486 100644
--- a/lib/libmd/sha256.3
+++ b/lib/libmd/sha256.3
@@ -9,10 +9,17 @@
.\" From: Id: mdX.3,v 1.14 1999/02/11 20:31:49 wollman Exp
.\" $FreeBSD$
.\"
-.Dd April 26, 2016
+.Dd July 9, 2018
.Dt SHA256 3
.Os
.Sh NAME
+.Nm SHA224_Init ,
+.Nm SHA224_Update ,
+.Nm SHA224_Final ,
+.Nm SHA224_End ,
+.Nm SHA224_File ,
+.Nm SHA224_FileChunk ,
+.Nm SHA224_Data ,
.Nm SHA256_Init ,
.Nm SHA256_Update ,
.Nm SHA256_Final ,
@@ -20,11 +27,26 @@
.Nm SHA256_File ,
.Nm SHA256_FileChunk ,
.Nm SHA256_Data
-.Nd calculate the FIPS 180-2 ``SHA-256'' message digest
+.Nd calculate the FIPS 180-2 ``SHA-256'' (or SHA-224) message digest
.Sh LIBRARY
.Lb libmd
.Sh SYNOPSIS
.In sys/types.h
+.In sha224.h
+.Ft void
+.Fn SHA224_Init "SHA224_CTX *context"
+.Ft void
+.Fn SHA224_Update "SHA224_CTX *context" "const unsigned char *data" "size_t len"
+.Ft void
+.Fn SHA224_Final "unsigned char digest[32]" "SHA224_CTX *context"
+.Ft "char *"
+.Fn SHA224_End "SHA224_CTX *context" "char *buf"
+.Ft "char *"
+.Fn SHA224_File "const char *filename" "char *buf"
+.Ft "char *"
+.Fn SHA224_FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length"
+.Ft "char *"
+.Fn SHA224_Data "const unsigned char *data" "unsigned int len" "char *buf"
.In sha256.h
.Ft void
.Fn SHA256_Init "SHA256_CTX *context"
@@ -119,12 +141,14 @@ after use.
If the
.Fa buf
argument is non-null it must point to at least 65 characters of buffer space.
+.Pp
+SHA224 is identical SHA256, except it has slightly different initialization
+vectors, and is truncated to a shorter digest.
.Sh SEE ALSO
.Xr md4 3 ,
.Xr md5 3 ,
.Xr ripemd 3 ,
.Xr sha 3 ,
-.Xr sha256 3 ,
.Xr sha512 3 ,
.Xr skein 3
.Sh HISTORY
diff --git a/lib/libmd/shadriver.c b/lib/libmd/shadriver.c
index a0472f016364..f5026eb3cc5d 100644
--- a/lib/libmd/shadriver.c
+++ b/lib/libmd/shadriver.c
@@ -24,6 +24,7 @@ __FBSDID("$FreeBSD$");
#include <string.h>
#include "sha.h"
+#include "sha224.h"
#include "sha256.h"
#include "sha384.h"
#include "sha512.h"
@@ -38,6 +39,9 @@ __FBSDID("$FreeBSD$");
#if SHA == 1
#undef SHA_Data
#define SHA_Data SHA1_Data
+#elif SHA == 224
+#undef SHA_Data
+#define SHA_Data SHA224_Data
#elif SHA == 256
#undef SHA_Data
#define SHA_Data SHA256_Data
diff --git a/sbin/md5/Makefile b/sbin/md5/Makefile
index cb643ea18bef..c284be13161b 100644
--- a/sbin/md5/Makefile
+++ b/sbin/md5/Makefile
@@ -6,6 +6,7 @@ PROG= md5
LINKS= ${BINDIR}/md5 ${BINDIR}/rmd160 \
${BINDIR}/md5 ${BINDIR}/sha1 \
+ ${BINDIR}/md5 ${BINDIR}/sha224 \
${BINDIR}/md5 ${BINDIR}/sha256 \
${BINDIR}/md5 ${BINDIR}/sha384 \
${BINDIR}/md5 ${BINDIR}/sha512 \
@@ -16,6 +17,7 @@ LINKS= ${BINDIR}/md5 ${BINDIR}/rmd160 \
MLINKS= md5.1 rmd160.1 \
md5.1 sha1.1 \
+ md5.1 sha224.1 \
md5.1 sha256.1 \
md5.1 sha384.1 \
md5.1 sha512.1 \
diff --git a/sbin/md5/md5.1 b/sbin/md5/md5.1
index 2c2566b71aab..1cf0db333b74 100644
--- a/sbin/md5/md5.1
+++ b/sbin/md5/md5.1
@@ -1,65 +1,22 @@
.\" $FreeBSD$
-.Dd March 2, 2017
+.Dd July 9, 2018
.Dt MD5 1
.Os
.Sh NAME
-.Nm md5 , sha1 , sha256 , sha384 , sha512 , sha512t256 , rmd160 ,
+.Nm md5 , sha1 , sha224 , sha256 , sha384 , sha512 , sha512t256 , rmd160 ,
.Nm skein256 , skein512 , skein1024
.Nd calculate a message-digest fingerprint (checksum) for a file
.Sh SYNOPSIS
-.Nm md5
-.Op Fl pqrtx
-.Op Fl c Ar string
-.Op Fl s Ar string
-.Op Ar
-.Nm sha1
-.Op Fl pqrtx
-.Op Fl c Ar string
-.Op Fl s Ar string
-.Op Ar
-.Nm sha256
-.Op Fl pqrtx
-.Op Fl c Ar string
-.Op Fl s Ar string
-.Op Ar
-.Nm sha384
-.Op Fl pqrtx
-.Op Fl c Ar string
-.Op Fl s Ar string
-.Op Ar
-.Nm sha512
-.Op Fl pqrtx
-.Op Fl c Ar string
-.Op Fl s Ar string
-.Op Ar
-.Nm sha512t256
-.Op Fl pqrtx
-.Op Fl c Ar string
-.Op Fl s Ar string
-.Op Ar
-.Nm rmd160
-.Op Fl pqrtx
-.Op Fl c Ar string
-.Op Fl s Ar string
-.Op Ar
-.Nm skein256
-.Op Fl pqrtx
-.Op Fl c Ar string
-.Op Fl s Ar string
-.Op Ar
-.Nm skein512
-.Op Fl pqrtx
-.Op Fl c Ar string
-.Op Fl s Ar string
-.Op Ar
-.Nm skein1024
+.Nm
.Op Fl pqrtx
.Op Fl c Ar string
.Op Fl s Ar string
.Op Ar
+.Pp
+(All other hashes have the same options and usage.)
.Sh DESCRIPTION
The
-.Nm md5 , sha1 , sha256 , sha384 , sha512, sha512t256, rmd160,
+.Nm md5 , sha1 , sha224 , sha256 , sha384 , sha512, sha512t256, rmd160,
.Nm skein256, skein512,
and
.Nm skein1024
@@ -73,7 +30,7 @@ It is conjectured that it is computationally infeasible to
produce two messages having the same message digest, or to produce any
message having a given prespecified target message digest.
The
-.Tn MD5 , SHA-1 , SHA-256 , SHA-384 , SHA-512, RIPEMD-160,
+.Tn SHA-224 , SHA-256 , SHA-384 , SHA-512, RIPEMD-160,
and
.Tn SKEIN
algorithms are intended for digital signature applications, where a
@@ -89,8 +46,8 @@ The
and
.Tn SHA-1
algorithms have been proven to be vulnerable to practical collision
-attacks and should not be relied upon to produce unique outputs, nor
-should they be used as part of a cryptographic signature scheme.
+attacks and should not be relied upon to produce unique outputs,
+.Em nor should they be used as part of a cryptographic signature scheme.
As of 2017-03-02, there is no publicly known method to
.Em reverse
either algorithm, i.e. to find an input that produces a specific
@@ -143,8 +100,8 @@ Run a built-in test script.
.El
.Sh EXIT STATUS
The
-.Nm md5 , sha1 , sha256 , sha512, sha512t256, rmd160,
-.Nm skein256, skein512,
+.Nm md5 , sha1 , sha224 , sha256 , sha512 , sha512t256 , rmd160 ,
+.Nm skein256 , skein512,
and
.Nm skein1024
utilities exit 0 on success,
@@ -157,6 +114,7 @@ option.
.Xr md5 3 ,
.Xr ripemd 3 ,
.Xr sha 3 ,
+.Xr sha224 3 ,
.Xr sha256 3 ,
.Xr sha384 3 ,
.Xr sha512 3 ,
diff --git a/sbin/md5/md5.c b/sbin/md5/md5.c
index 06f322a65fb1..9880c77ae0d5 100644
--- a/sbin/md5/md5.c
+++ b/sbin/md5/md5.c
@@ -29,6 +29,7 @@ __FBSDID("$FreeBSD$");
#include <md5.h>
#include <ripemd.h>
#include <sha.h>
+#include <sha224.h>
#include <sha256.h>
#include <sha384.h>
#include <sha512.h>
@@ -59,6 +60,7 @@ typedef char *(DIGEST_End)(void *, char *);
extern const char *MD5TestOutput[MDTESTCOUNT];
extern const char *SHA1_TestOutput[MDTESTCOUNT];
+extern const char *SHA224_TestOutput[MDTESTCOUNT];
extern const char *SHA256_TestOutput[MDTESTCOUNT];
extern const char *SHA384_TestOutput[MDTESTCOUNT];
extern const char *SHA512_TestOutput[MDTESTCOUNT];
@@ -89,6 +91,7 @@ static void usage(const Algorithm_t *);
typedef union {
MD5_CTX md5;
SHA1_CTX sha1;
+ SHA224_CTX sha224;
SHA256_CTX sha256;
SHA384_CTX sha384;
SHA512_CTX sha512;
@@ -112,6 +115,9 @@ static const struct Algorithm_t Algorithm[] = {
{ "sha1", "SHA1", &SHA1_TestOutput, (DIGEST_Init*)&SHA1_Init,
(DIGEST_Update*)&SHA1_Update, (DIGEST_End*)&SHA1_End,
&SHA1_Data, &SHA1_Fd },
+ { "sha224", "SHA224", &SHA224_TestOutput, (DIGEST_Init*)&SHA224_Init,
+ (DIGEST_Update*)&SHA224_Update, (DIGEST_End*)&SHA224_End,
+ &SHA224_Data, &SHA224_Fd },
{ "sha256", "SHA256", &SHA256_TestOutput, (DIGEST_Init*)&SHA256_Init,
(DIGEST_Update*)&SHA256_Update, (DIGEST_End*)&SHA256_End,
&SHA256_Data, &SHA256_Fd },
@@ -368,6 +374,17 @@ const char *SHA1_TestOutput[MDTESTCOUNT] = {
"18eca4333979c4181199b7b4fab8786d16cf2846"
};
+const char *SHA224_TestOutput[MDTESTCOUNT] = {
+ "d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f",
+ "abd37534c7d9a2efb9465de931cd7055ffdb8879563ae98078d6d6d5",
+ "23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7",
+ "2cb21c83ae2f004de7e81c3c7019cbcb65b71ab656b22d6d0c39b8eb",
+ "45a5f72c39c5cff2522eb3429799e49e5f44b356ef926bcf390dccc2",
+ "bff72b4fcb7d75e5632900ac5f90d219e05e97a7bde72e740db393d9",
+ "b50aecbe4e9bb0b57bc5f3ae760a8e01db24f203fb3cdcd13148046e",
+ "5ae55f3779c8a1204210d7ed7689f661fbe140f96f272ab79e19d470"
+};
+
const char *SHA256_TestOutput[MDTESTCOUNT] = {
"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
"ca978112ca1bbdcafac231b39a23dc4da786eff8147c4e72b9807785afee48bb",
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-24 07:54:58 +0000