lobase

Linux port of OpenBSDs userland.
Log | Files | Refs | README

commit f528adf1001d83a72368e185a28c1ea51e07073d
parent f546fc87998793ec49a1e17cc3015c667b7bc926
Author: Duncaen <mail@duncano.de>
Date:   Wed,  8 Mar 2017 19:18:15 +0100

lib/libopenbsd: update hash

Diffstat:
lib/libopenbsd/hash/Makefile.inc | 46++++++++++++++++++++++++++++++++++++++++++++++
lib/libopenbsd/hash/helper.c | 6+++---
lib/libopenbsd/hash/sha1.3 | 11++---------
lib/libopenbsd/hash/sha2.3 | 44+++++++++++++++++++++++++++++++++-----------
lib/libopenbsd/hash/sha2.c | 51++++++++++++++++++++++++++++++++++++++++++++++++++-
5 files changed, 134 insertions(+), 24 deletions(-)

diff --git a/lib/libopenbsd/hash/Makefile.inc b/lib/libopenbsd/hash/Makefile.inc @@ -0,0 +1,46 @@ +# $OpenBSD: Makefile.inc,v 1.24 2016/09/03 16:25:03 tedu Exp $ + +# hash functions +VPATH+= ${LIBCSRCDIR}/hash + +HELPER= md5hl.c rmd160hl.c sha1hl.c sha224hl.c sha256hl.c sha384hl.c sha512hl.c sha512_256hl.c +SRCS+= md5.c rmd160.c sha1.c sha2.c $(HELPER) +MAN+= md5.3 rmd160.3 sha1.3 sha2.3 + +CLEANFILES+= ${HELPER} + +md5hl.c: helper.c + sed -e 's/hashinc/md5.h/g' -e 's/HASH/MD5/g' $< > $@ + +rmd160hl.c: helper.c + sed -e 's/hashinc/rmd160.h/g' -e 's/HASH/RMD160/g' $< > $@ + +sha1hl.c: helper.c + sed -e 's/hashinc/sha1.h/g' -e 's/HASH/SHA1/g' $< > $@ + +sha224hl.c: helper.c + sed -e 's/hashinc/sha2.h/g' \ + -e 's/HASH/SHA224/g' \ + -e 's/SHA[0-9][0-9][0-9]_CTX/SHA2_CTX/g' $< > $@ + +sha256hl.c: helper.c + sed -e 's/hashinc/sha2.h/g' \ + -e 's/HASH/SHA256/g' \ + -e 's/SHA[0-9][0-9][0-9]_CTX/SHA2_CTX/g' $< > $@ + +sha384hl.c: helper.c + sed -e 's/hashinc/sha2.h/g' \ + -e 's/HASH/SHA384/g' \ + -e 's/SHA[0-9][0-9][0-9]_CTX/SHA2_CTX/g' $< > $@ + +sha512hl.c: helper.c + sed -e 's/hashinc/sha2.h/g' \ + -e 's/HASH/SHA512/g' \ + -e 's/SHA[0-9][0-9][0-9]_CTX/SHA2_CTX/g' $< > $@ + +sha512_256hl.c: helper.c + sed -e 's/hashinc/sha2.h/g' \ + -e 's/HASH/SHA512_256/g' \ + -e 's/SHA512_256_CTX/SHA2_CTX/g' $< > $@ + +beforedepend: md5hl.c rmd160hl.c sha1hl.c sha256hl.c sha384hl.c sha512hl.c sha512_256hl.c diff --git a/lib/libopenbsd/hash/helper.c b/lib/libopenbsd/hash/helper.c @@ -1,4 +1,4 @@ -/* $OpenBSD: helper.c,v 1.15 2015/11/01 03:45:29 guenther Exp $ */ +/* $OpenBSD: helper.c,v 1.16 2016/09/21 04:38:57 guenther Exp $ */ /* * Copyright (c) 2000 Poul-Henning Kamp <phk@FreeBSD.org> @@ -82,7 +82,7 @@ HASHFileChunk(const char *filename, char *buf, off_t off, off_t len) } while ((nr = read(fd, buffer, MINIMUM(sizeof(buffer), len))) > 0) { - HASHUpdate(&ctx, buffer, (size_t)nr); + HASHUpdate(&ctx, buffer, nr); if (len > 0 && (len -= nr) == 0) break; } @@ -97,7 +97,7 @@ DEF_WEAK(HASHFileChunk); char * HASHFile(const char *filename, char *buf) { - return (HASHFileChunk(filename, buf, (off_t)0, (off_t)0)); + return (HASHFileChunk(filename, buf, 0, 0)); } DEF_WEAK(HASHFile); diff --git a/lib/libopenbsd/hash/sha1.3 b/lib/libopenbsd/hash/sha1.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sha1.3,v 1.43 2016/03/10 08:41:12 jmc Exp $ +.\" $OpenBSD: sha1.3,v 1.44 2016/09/04 09:24:38 tedu Exp $ .\" .\" Copyright (c) 1997, 2004 Todd C. Miller <Todd.Miller@courtesan.com> .\" @@ -17,7 +17,7 @@ .\" See http://csrc.nist.gov/publications/fips/fips180-1/fip180-1.txt .\" for the detailed standard .\" -.Dd $Mdocdate: March 10 2016 $ +.Dd $Mdocdate: September 4 2016 $ .Dt SHA1INIT 3 .Os .Sh NAME @@ -234,10 +234,3 @@ and .Fn SHA1Data helper functions are derived from code written by .An Poul-Henning Kamp . -.Sh CAVEATS -This implementation of SHA-1 has not been validated by NIST -and as such is not in official compliance with the standard. -.Pp -If a message digest is to be copied to a multi-byte type (ie: -an array of five 32-bit integers) it will be necessary to -perform byte swapping on little endian machines such as the i386 and alpha. diff --git a/lib/libopenbsd/hash/sha2.3 b/lib/libopenbsd/hash/sha2.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sha2.3,v 1.24 2016/03/10 08:41:12 jmc Exp $ +.\" $OpenBSD: sha2.3,v 1.26 2016/09/04 09:28:12 tedu Exp $ .\" .\" Copyright (c) 2003, 2004 Todd C. Miller <Todd.Miller@courtesan.com> .\" @@ -20,7 +20,7 @@ .\" .\" See http://www.nist.gov/sha/ for the detailed standard .\" -.Dd $Mdocdate: March 10 2016 $ +.Dd $Mdocdate: September 4 2016 $ .Dt SHA256INIT 3 .Os .Sh NAME @@ -59,7 +59,16 @@ .Nm SHA512End , .Nm SHA512File , .Nm SHA512FileChunk , -.Nm SHA512Data +.Nm SHA512Data , +.Nm SHA512_256Init , +.Nm SHA512_256Update , +.Nm SHA512_256Pad , +.Nm SHA512_256Final , +.Nm SHA512_256Transform , +.Nm SHA512_256End , +.Nm SHA512_256File , +.Nm SHA512_256FileChunk , +.Nm SHA512_256Data .Nd calculate the NIST Secure Hash Standard (version 2) .Sh SYNOPSIS .In sys/types.h @@ -136,6 +145,24 @@ .Fn SHA512FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length" .Ft "char *" .Fn SHA512Data "const u_int8_t *data" "size_t len" "char *buf" +.Ft void +.Fn SHA512_256Init "SHA2_CTX *context" +.Ft void +.Fn SHA512_256Update "SHA2_CTX *context" "const u_int8_t *data" "size_t len" +.Ft void +.Fn SHA512_256Pad "SHA2_CTX *context" +.Ft void +.Fn SHA512_256Final "u_int8_t digest[SHA512_256_DIGEST_LENGTH]" "SHA2_CTX *context" +.Ft void +.Fn SHA512_256Transform "u_int64_t state[8]" "const u_int8_t buffer[SHA512_256_BLOCK_LENGTH]" +.Ft "char *" +.Fn SHA512_256End "SHA2_CTX *context" "char *buf" +.Ft "char *" +.Fn SHA512_256File "const char *filename" "char *buf" +.Ft "char *" +.Fn SHA512_256FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length" +.Ft "char *" +.Fn SHA512_256Data "const u_int8_t *data" "size_t len" "char *buf" .Sh DESCRIPTION The SHA2 functions implement the NIST Secure Hash Standard, FIPS PUB 180-2. @@ -152,6 +179,7 @@ The SHA2 functions are considered to be more secure than the .Xr sha1 3 functions with which they share a similar interface. The 224, 256, 384, and 512-bit versions of SHA2 share the same interface. +SHA512/256, a truncated version of SHA512, is also supported. For brevity, only the 256-bit variants are described below. .Pp The @@ -252,8 +280,9 @@ parameter should either be a string large enough to hold the resulting digest .Dv SHA224_DIGEST_STRING_LENGTH , .Dv SHA256_DIGEST_STRING_LENGTH , .Dv SHA384_DIGEST_STRING_LENGTH , -or .Dv SHA512_DIGEST_STRING_LENGTH , +or +.Dv SHA512_256_DIGEST_STRING_LENGTH , depending on the function being used) or a .Dv NULL @@ -319,10 +348,3 @@ and .Fn SHA256Data helper functions are derived from code written by .An Poul-Henning Kamp . -.Sh CAVEATS -This implementation of the Secure Hash Standard has not been validated by -NIST and as such is not in official compliance with the standard. -.Pp -If a message digest is to be copied to a multi-byte type (i.e.\& -an array of 32-bit integers) it will be necessary to -perform byte swapping on little endian machines such as the i386 and alpha. diff --git a/lib/libopenbsd/hash/sha2.c b/lib/libopenbsd/hash/sha2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sha2.c,v 1.24 2015/09/11 09:18:27 guenther Exp $ */ +/* $OpenBSD: sha2.c,v 1.25 2016/09/03 16:25:03 tedu Exp $ */ /* * FILE: sha2.c @@ -288,6 +288,18 @@ static const u_int64_t sha384_initial_hash_value[8] = { 0x47b5481dbefa4fa4ULL }; +/* Initial hash value H for SHA-512-256 */ +static const u_int64_t sha512_256_initial_hash_value[8] = { + 0x22312194fc2bf72cULL, + 0x9f555fa3c84c64c2ULL, + 0x2393b86b6f53b151ULL, + 0x963877195940eabdULL, + 0x96283ee2a88effe3ULL, + 0xbe5e1e2553863992ULL, + 0x2b0199fc2c85b8aaULL, + 0x0eb72ddc81c52ca2ULL +}; + /*** SHA-224: *********************************************************/ void SHA224Init(SHA2_CTX *context) @@ -923,4 +935,41 @@ SHA384Final(u_int8_t digest[SHA384_DIGEST_LENGTH], SHA2_CTX *context) explicit_bzero(context, sizeof(*context)); } DEF_WEAK(SHA384Final); + +/*** SHA-512/256: *********************************************************/ +void +SHA512_256Init(SHA2_CTX *context) +{ + memcpy(context->state.st64, sha512_256_initial_hash_value, + sizeof(sha512_256_initial_hash_value)); + memset(context->buffer, 0, sizeof(context->buffer)); + context->bitcount[0] = context->bitcount[1] = 0; +} +DEF_WEAK(SHA512_256Init); + +MAKE_CLONE(SHA512_256Transform, SHA512Transform); +MAKE_CLONE(SHA512_256Update, SHA512Update); +MAKE_CLONE(SHA512_256Pad, SHA512Pad); +DEF_WEAK(SHA512_256Transform); +DEF_WEAK(SHA512_256Update); +DEF_WEAK(SHA512_256Pad); + +void +SHA512_256Final(u_int8_t digest[SHA512_256_DIGEST_LENGTH], SHA2_CTX *context) +{ + SHA512_256Pad(context); + +#if BYTE_ORDER == LITTLE_ENDIAN + int i; + + /* Convert TO host byte order */ + for (i = 0; i < 4; i++) + BE_64_TO_8(digest + i * 8, context->state.st64[i]); +#else + memcpy(digest, context->state.st64, SHA512_256_DIGEST_LENGTH); +#endif + /* Zero out state data */ + explicit_bzero(context, sizeof(*context)); +} +DEF_WEAK(SHA512_256Final); #endif /* !defined(SHA2_SMALL) */