Module Name: src Committed By: snj Date: Tue Jul 14 19:35:24 UTC 2009
Modified Files: src/common/lib/libc/hash/sha2 [netbsd-5-0]: sha2.c src/crypto/dist/openssl/crypto/evp [netbsd-5-0]: m_sha1.c src/distrib/sets/lists/base [netbsd-5-0]: md.amd64 md.sparc64 shl.mi src/distrib/sets/lists/comp [netbsd-5-0]: mi src/lib/libc [netbsd-5-0]: shlib_version src/lib/libc/hash/sha2 [netbsd-5-0]: Makefile.inc sha2.3 src/lib/libc/include [netbsd-5-0]: namespace.h src/lib/libcrypto [netbsd-5-0]: sha.inc shlib_version src/sys/sys [netbsd-5-0]: sha2.h Added Files: src/lib/libc/hash/sha2 [netbsd-5-0]: sha224hl.c src/lib/libcrypto [netbsd-5-0]: libc-sha256.c libc-sha512.c Log Message: Pull up following revisions (requested by joerg in ticket #855): common/lib/libc/hash/sha2/sha2.c: revisions 1.8-1.18 via patch crypto/dist/openssl/crypto/evp/m_sha1.c: revisions 1.2-1.3 via patch distrib/sets/lists/base/md.amd64: revision 1.51 via patch distrib/sets/lists/base/md.sparc64: revision 1.46 via patch distrib/sets/lists/base/shl.mi: revision 1.474 via patch distrib/sets/lists/comp/mi: revision 1.1263 via patch lib/libc/shlib_version: patch lib/libc/hash/sha2/Makefile.inc: revision 1.4 via patch lib/libc/hash/sha2/sha2.3: revision 1.5 via patch lib/libc/hash/sha2/sha224hl.c: revision 1.1 via patch lib/libc/include/namespace.h: revision 1.138 via patch lib/libcrypto/libc-sha256.c: revision 1.1 via patch lib/libcrypto/libc-sha512.c: revision 1.1 via patch lib/libcrypto/sha.inc: revision 1.10 via patch lib/libcrypto/shlib_version: patch sys/lib/libkern/arch/vax/Makefile.inc: revision 1.21 via patch sys/sys/sha2.h: revision 1.3 via patch Add SHA224 implementation to libc. Make libcrypto use the SHA2 implementation of libc. Bump minor versions of libc and libcrypto. To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.7.14.1 src/common/lib/libc/hash/sha2/sha2.c cvs rdiff -u -r1.1.1.5 -r1.1.1.5.8.1 \ src/crypto/dist/openssl/crypto/evp/m_sha1.c cvs rdiff -u -r1.25.2.2 -r1.25.2.2.2.1 src/distrib/sets/lists/base/md.amd64 cvs rdiff -u -r1.23.2.2 -r1.23.2.2.2.1 src/distrib/sets/lists/base/md.sparc64 cvs rdiff -u -r1.450.2.1 -r1.450.2.1.2.1 src/distrib/sets/lists/base/shl.mi cvs rdiff -u -r1.1201.2.9 -r1.1201.2.9.2.1 src/distrib/sets/lists/comp/mi cvs rdiff -u -r1.204 -r1.204.8.1 src/lib/libc/shlib_version cvs rdiff -u -r1.3 -r1.3.34.1 src/lib/libc/hash/sha2/Makefile.inc cvs rdiff -u -r1.4 -r1.4.32.1 src/lib/libc/hash/sha2/sha2.3 cvs rdiff -u -r0 -r1.1.2.2 src/lib/libc/hash/sha2/sha224hl.c cvs rdiff -u -r1.133 -r1.133.6.1 src/lib/libc/include/namespace.h cvs rdiff -u -r0 -r1.1.2.2 src/lib/libcrypto/libc-sha256.c \ src/lib/libcrypto/libc-sha512.c cvs rdiff -u -r1.9 -r1.9.16.1 src/lib/libcrypto/sha.inc cvs rdiff -u -r1.14 -r1.14.6.1 src/lib/libcrypto/shlib_version cvs rdiff -u -r1.2 -r1.2.26.1 src/sys/sys/sha2.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/common/lib/libc/hash/sha2/sha2.c diff -u src/common/lib/libc/hash/sha2/sha2.c:1.7 src/common/lib/libc/hash/sha2/sha2.c:1.7.14.1 --- src/common/lib/libc/hash/sha2/sha2.c:1.7 Sat Feb 16 17:15:32 2008 +++ src/common/lib/libc/hash/sha2/sha2.c Tue Jul 14 19:35:22 2009 @@ -1,4 +1,4 @@ -/* $NetBSD: sha2.c,v 1.7 2008/02/16 17:15:32 apb Exp $ */ +/* $NetBSD: sha2.c,v 1.7.14.1 2009/07/14 19:35:22 snj Exp $ */ /* $KAME: sha2.c,v 1.9 2003/07/20 00:28:38 itojun Exp $ */ /* @@ -36,114 +36,76 @@ * */ +#if HAVE_NBTOOL_CONFIG_H +#include "nbtool_config.h" +#endif + #include <sys/cdefs.h> #if defined(_KERNEL) || defined(_STANDALONE) -__KERNEL_RCSID(0, "$NetBSD: sha2.c,v 1.7 2008/02/16 17:15:32 apb Exp $"); +__KERNEL_RCSID(0, "$NetBSD: sha2.c,v 1.7.14.1 2009/07/14 19:35:22 snj Exp $"); +#include <sys/param.h> /* XXX: to pull <machine/macros.h> for vax memset(9) */ #include <lib/libkern/libkern.h> #else #if defined(LIBC_SCCS) && !defined(lint) -__RCSID("$NetBSD: sha2.c,v 1.7 2008/02/16 17:15:32 apb Exp $"); +__RCSID("$NetBSD: sha2.c,v 1.7.14.1 2009/07/14 19:35:22 snj Exp $"); #endif /* LIBC_SCCS and not lint */ #include "namespace.h" -#include <assert.h> #include <string.h> #endif #include <sys/types.h> -#include <sys/param.h> #include <sys/sha2.h> -/* - * ASSERT NOTE: - * Some sanity checking code is included using assert(). On my FreeBSD - * system, this additional code can be removed by compiling with NDEBUG - * defined. Check your own systems manpage on assert() to see how to - * compile WITHOUT the sanity checking code on your system. - * - * UNROLLED TRANSFORM LOOP NOTE: - * You can define SHA2_UNROLL_TRANSFORM to use the unrolled transform - * loop version for the hash transform rounds (defined using macros - * later in this file). Either define on the command line, for example: - * - * cc -DSHA2_UNROLL_TRANSFORM -o sha2 sha2.c sha2prog.c - * - * or define below: - * - * #define SHA2_UNROLL_TRANSFORM - * - */ - -#if defined(__bsdi__) || defined(__FreeBSD__) -#define assert(x) -#endif +#if HAVE_NBTOOL_CONFIG_H +# if HAVE_SYS_ENDIAN_H +# include <sys/endian.h> +# else +# undef htobe32 +# undef htobe64 +# undef be32toh +# undef be64toh +static uint32_t +htobe32(uint32_t x) +{ + uint8_t p[4]; + memcpy(p, &x, 4); -/*** SHA-256/384/512 Machine Architecture Definitions *****************/ -/* - * BYTE_ORDER NOTE: - * - * Please make sure that your system defines BYTE_ORDER. If your - * architecture is little-endian, make sure it also defines - * LITTLE_ENDIAN and that the two (BYTE_ORDER and LITTLE_ENDIAN) are - * equivilent. - * - * If your system does not define the above, then you can do so by - * hand like this: - * - * #define LITTLE_ENDIAN 1234 - * #define BIG_ENDIAN 4321 - * - * And for little-endian machines, add: - * - * #define BYTE_ORDER LITTLE_ENDIAN - * - * Or for big-endian machines: - * - * #define BYTE_ORDER BIG_ENDIAN - * - * The FreeBSD machine this was written on defines BYTE_ORDER - * appropriately by including <sys/types.h> (which in turn includes - * <machine/endian.h> where the appropriate definitions are actually - * made). - */ -#if !defined(BYTE_ORDER) || (BYTE_ORDER != LITTLE_ENDIAN && BYTE_ORDER != BIG_ENDIAN) -#error Define BYTE_ORDER to be equal to either LITTLE_ENDIAN or BIG_ENDIAN -#endif - -/* - * Define the followingsha2_* types to types of the correct length on - * the native archtecture. Most BSD systems and Linux define u_intXX_t - * types. Machines with recent ANSI C headers, can use the standard C99 - * uintXX_t definintions from inttypes.h by defining SHA2_USE_INTTYPES_H - * during compile or in the sha.h header file. - * - * Machines that support neither u_intXX_t nor inttypes.h's uintXX_t - * will need to define these three typedefs below (and the appropriate - * ones in sha.h too) by hand according to their system architecture. - * - * Thank you, Jun-ichiro itojun Hagino, for suggesting using u_intXX_t - * types and pointing out recent ANSI C support for uintXX_t in inttypes.h. - */ -#if 1 /*def SHA2_USE_INTTYPES_H*/ + return ((p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]); +} -typedef uint8_t sha2_byte; /* Exactly 1 byte */ -typedef uint32_t sha2_word32; /* Exactly 4 bytes */ -typedef uint64_t sha2_word64; /* Exactly 8 bytes */ +static uint64_t +htobe64(uint64_t x) +{ + uint8_t p[8]; + uint32_t u, v; + memcpy(p, &x, 8); -#else /* SHA2_USE_INTTYPES_H */ + u = ((p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]); + v = ((p[4] << 24) | (p[5] << 16) | (p[6] << 8) | p[7]); -typedef u_int8_t sha2_byte; /* Exactly 1 byte */ -typedef u_int32_t sha2_word32; /* Exactly 4 bytes */ -typedef u_int64_t sha2_word64; /* Exactly 8 bytes */ + return ((((uint64_t)u) << 32) | v); +} -#endif /* SHA2_USE_INTTYPES_H */ +static uint32_t +be32toh(uint32_t x) +{ + return htobe32(x); +} +static uint64_t +be64toh(uint64_t x) +{ + return htobe64(x); +} +# endif +#endif /*** SHA-256/384/512 Various Length Definitions ***********************/ /* NOTE: Most of these are in sha2.h */ @@ -151,31 +113,13 @@ #define SHA384_SHORT_BLOCK_LENGTH (SHA384_BLOCK_LENGTH - 16) #define SHA512_SHORT_BLOCK_LENGTH (SHA512_BLOCK_LENGTH - 16) - -/*** ENDIAN REVERSAL MACROS *******************************************/ -#if BYTE_ORDER == LITTLE_ENDIAN -#define REVERSE32(w,x) { \ - sha2_word32 tmp = (w); \ - tmp = (tmp >> 16) | (tmp << 16); \ - (x) = (sha2_word32)(((tmp & 0xff00ff00UL) >> 8) | ((tmp & 0x00ff00ffUL) << 8)); \ -} -#define REVERSE64(w,x) { \ - sha2_word64 tmp = (w); \ - tmp = (tmp >> 32) | (tmp << 32); \ - tmp = (sha2_word64)(((tmp & 0xff00ff00ff00ff00ULL) >> 8) | \ - ((tmp & 0x00ff00ff00ff00ffULL) << 8)); \ - (x) = (sha2_word64)(((tmp & 0xffff0000ffff0000ULL) >> 16) | \ - ((tmp & 0x0000ffff0000ffffULL) << 16)); \ -} -#endif /* BYTE_ORDER == LITTLE_ENDIAN */ - /* * Macro for incrementally adding the unsigned 64-bit integer n to the * unsigned 128-bit integer (represented using a two-element array of * 64-bit words): */ #define ADDINC128(w,n) { \ - (w)[0] += (sha2_word64)(n); \ + (w)[0] += (uint64_t)(n); \ if ((w)[0] < (n)) { \ (w)[1]++; \ } \ @@ -218,15 +162,16 @@ * library -- they are intended for private internal visibility/use * only. */ -static void SHA512_Last(SHA512_CTX*); -void SHA256_Transform(SHA256_CTX*, const sha2_word32*); -void SHA384_Transform(SHA384_CTX*, const sha2_word64*); -void SHA512_Transform(SHA512_CTX*, const sha2_word64*); +static void SHA512_Last(SHA512_CTX *); +void SHA224_Transform(SHA224_CTX *, const uint32_t*); +void SHA256_Transform(SHA256_CTX *, const uint32_t*); +void SHA384_Transform(SHA384_CTX *, const uint64_t*); +void SHA512_Transform(SHA512_CTX *, const uint64_t*); /*** SHA-XYZ INITIAL HASH VALUES AND CONSTANTS ************************/ /* Hash constant words K for SHA-256: */ -static const sha2_word32 K256[64] = { +static const uint32_t K256[64] = { 0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL, 0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL, 0xd807aa98UL, 0x12835b01UL, 0x243185beUL, 0x550c7dc3UL, @@ -245,8 +190,20 @@ 0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL }; +/* Initial hash value H for SHA-224: */ +static const uint32_t sha224_initial_hash_value[8] = { + 0xc1059ed8UL, + 0x367cd507UL, + 0x3070dd17UL, + 0xf70e5939UL, + 0xffc00b31UL, + 0x68581511UL, + 0x64f98fa7UL, + 0xbefa4fa4UL +}; + /* Initial hash value H for SHA-256: */ -static const sha2_word32 sha256_initial_hash_value[8] = { +static const uint32_t sha256_initial_hash_value[8] = { 0x6a09e667UL, 0xbb67ae85UL, 0x3c6ef372UL, @@ -258,7 +215,7 @@ }; /* Hash constant words K for SHA-384 and SHA-512: */ -static const sha2_word64 K512[80] = { +static const uint64_t K512[80] = { 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, 0xb5c0fbcfec4d3b2fULL, 0xe9b5dba58189dbbcULL, 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL, @@ -302,7 +259,7 @@ }; /* Initial hash value H for SHA-384 */ -static const sha2_word64 sha384_initial_hash_value[8] = { +static const uint64_t sha384_initial_hash_value[8] = { 0xcbbb9d5dc1059ed8ULL, 0x629a292a367cd507ULL, 0x9159015a3070dd17ULL, @@ -314,7 +271,7 @@ }; /* Initial hash value H for SHA-512 */ -static const sha2_word64 sha512_initial_hash_value[8] = { +static const uint64_t sha512_initial_hash_value[8] = { 0x6a09e667f3bcc908ULL, 0xbb67ae8584caa73bULL, 0x3c6ef372fe94f82bULL, @@ -326,6 +283,11 @@ }; #if !defined(_KERNEL) && defined(__weak_alias) +__weak_alias(SHA224_Init,_SHA224_Init) +__weak_alias(SHA224_Update,_SHA224_Update) +__weak_alias(SHA224_Final,_SHA224_Final) +__weak_alias(SHA224_Transform,_SHA224_Transform) + __weak_alias(SHA256_Init,_SHA256_Init) __weak_alias(SHA256_Update,_SHA256_Update) __weak_alias(SHA256_Final,_SHA256_Final) @@ -343,41 +305,33 @@ #endif /*** SHA-256: *********************************************************/ -void SHA256_Init(SHA256_CTX* context) { - if (context == (SHA256_CTX*)0) { - return; - } - memcpy(context->state, sha256_initial_hash_value, (size_t)(SHA256_DIGEST_LENGTH)); +int +SHA256_Init(SHA256_CTX *context) +{ + if (context == NULL) + return 1; + + memcpy(context->state, sha256_initial_hash_value, + (size_t)(SHA256_DIGEST_LENGTH)); memset(context->buffer, 0, (size_t)(SHA256_BLOCK_LENGTH)); context->bitcount = 0; + + return 1; } #ifdef SHA2_UNROLL_TRANSFORM /* Unrolled SHA-256 round macros: */ -#if BYTE_ORDER == LITTLE_ENDIAN - #define ROUND256_0_TO_15(a,b,c,d,e,f,g,h) \ - REVERSE32(*data++, W256[j]); \ + W256[j] = be32toh(*data); \ + ++data; \ T1 = (h) + Sigma1_256(e) + Ch((e), (f), (g)) + \ K256[j] + W256[j]; \ (d) += T1; \ (h) = T1 + Sigma0_256(a) + Maj((a), (b), (c)); \ j++ - -#else /* BYTE_ORDER == LITTLE_ENDIAN */ - -#define ROUND256_0_TO_15(a,b,c,d,e,f,g,h) \ - T1 = (h) + Sigma1_256(e) + Ch((e), (f), (g)) + \ - K256[j] + (W256[j] = *data++); \ - (d) += T1; \ - (h) = T1 + Sigma0_256(a) + Maj((a), (b), (c)); \ - j++ - -#endif /* BYTE_ORDER == LITTLE_ENDIAN */ - #define ROUND256(a,b,c,d,e,f,g,h) \ s0 = W256[(j+1)&0x0f]; \ s0 = sigma0_256(s0); \ @@ -389,12 +343,14 @@ (h) = T1 + Sigma0_256(a) + Maj((a), (b), (c)); \ j++ -void SHA256_Transform(SHA256_CTX* context, const sha2_word32* data) { - sha2_word32 a, b, c, d, e, f, g, h, s0, s1; - sha2_word32 T1, *W256; +void +SHA256_Transform(SHA256_CTX *context, const uint32_t *data) +{ + uint32_t a, b, c, d, e, f, g, h, s0, s1; + uint32_t T1, *W256; int j; - W256 = (sha2_word32*)context->buffer; + W256 = (uint32_t *)context->buffer; /* Initialize registers with the prev. intermediate value */ a = context->state[0]; @@ -447,12 +403,14 @@ #else /* SHA2_UNROLL_TRANSFORM */ -void SHA256_Transform(SHA256_CTX* context, const sha2_word32* data) { - sha2_word32 a, b, c, d, e, f, g, h, s0, s1; - sha2_word32 T1, T2, *W256; +void +SHA256_Transform(SHA256_CTX *context, const uint32_t *data) +{ + uint32_t a, b, c, d, e, f, g, h, s0, s1; + uint32_t T1, T2, *W256; int j; - W256 = (sha2_word32*)(void *)context->buffer; + W256 = (uint32_t *)(void *)context->buffer; /* Initialize registers with the prev. intermediate value */ a = context->state[0]; @@ -466,15 +424,10 @@ j = 0; do { -#if BYTE_ORDER == LITTLE_ENDIAN - /* Copy data while converting to host byte order */ - REVERSE32(*data++,W256[j]); + W256[j] = be32toh(*data); + ++data; /* Apply the SHA-256 compression function to update a..h */ T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] + W256[j]; -#else /* BYTE_ORDER == LITTLE_ENDIAN */ - /* Apply the SHA-256 compression function to update a..h with copy */ - T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] + (W256[j] = *data++); -#endif /* BYTE_ORDER == LITTLE_ENDIAN */ T2 = Sigma0_256(a) + Maj(a, b, c); h = g; g = f; @@ -527,17 +480,16 @@ #endif /* SHA2_UNROLL_TRANSFORM */ -void SHA256_Update(SHA256_CTX* context, const sha2_byte *data, size_t len) { +int +SHA256_Update(SHA256_CTX *context, const uint8_t *data, size_t len) +{ unsigned int freespace, usedspace; if (len == 0) { /* Calling with no data is valid - we do nothing */ - return; + return 1; } - /* Sanity check: */ - assert(context != (SHA256_CTX*)0 && data != (sha2_byte*)0); - usedspace = (unsigned int)((context->bitcount >> 3) % SHA256_BLOCK_LENGTH); if (usedspace > 0) { @@ -546,18 +498,20 @@ if (len >= freespace) { /* Fill the buffer completely and process it */ - memcpy(&context->buffer[usedspace], data, (size_t)(freespace)); + memcpy(&context->buffer[usedspace], data, + (size_t)(freespace)); context->bitcount += freespace << 3; len -= freespace; data += freespace; - SHA256_Transform(context, (sha2_word32*)(void *)context->buffer); + SHA256_Transform(context, + (uint32_t *)(void *)context->buffer); } else { /* The buffer is not yet full */ memcpy(&context->buffer[usedspace], data, len); context->bitcount += len << 3; /* Clean up: */ usedspace = freespace = 0; - return; + return 1; } } /* @@ -570,7 +524,7 @@ if ((uintptr_t)data % 4 == 0) { while (len >= SHA256_BLOCK_LENGTH) { SHA256_Transform(context, - (const sha2_word32 *)(const void *)data); + (const uint32_t *)(const void *)data); context->bitcount += SHA256_BLOCK_LENGTH << 3; len -= SHA256_BLOCK_LENGTH; data += SHA256_BLOCK_LENGTH; @@ -579,7 +533,7 @@ while (len >= SHA256_BLOCK_LENGTH) { memcpy(context->buffer, data, SHA256_BLOCK_LENGTH); SHA256_Transform(context, - (const sha2_word32 *)(const void *)context->buffer); + (const uint32_t *)(const void *)context->buffer); context->bitcount += SHA256_BLOCK_LENGTH << 3; len -= SHA256_BLOCK_LENGTH; data += SHA256_BLOCK_LENGTH; @@ -592,106 +546,139 @@ } /* Clean up: */ usedspace = freespace = 0; + + return 1; } -void SHA256_Final(sha2_byte digest[], SHA256_CTX* context) { - sha2_word32 *d = (void *)digest; +static int +SHA224_256_Final(uint8_t digest[], SHA256_CTX *context, size_t len) +{ + uint32_t *d = (void *)digest; unsigned int usedspace; - - /* Sanity check: */ - assert(context != (SHA256_CTX*)0); + size_t i; /* If no digest buffer is passed, we don't bother doing this: */ - if (digest != (sha2_byte*)0) { - usedspace = (unsigned int)((context->bitcount >> 3) % SHA256_BLOCK_LENGTH); -#if BYTE_ORDER == LITTLE_ENDIAN - /* Convert FROM host byte order */ - REVERSE64(context->bitcount,context->bitcount); -#endif + if (digest != NULL) { + usedspace = (unsigned int)((context->bitcount >> 3) % + SHA256_BLOCK_LENGTH); + context->bitcount = htobe64(context->bitcount); if (usedspace > 0) { /* Begin padding with a 1 bit: */ context->buffer[usedspace++] = 0x80; if (usedspace <= SHA256_SHORT_BLOCK_LENGTH) { /* Set-up for the last transform: */ - memset(&context->buffer[usedspace], 0, (size_t)(SHA256_SHORT_BLOCK_LENGTH - usedspace)); + memset(&context->buffer[usedspace], 0, + (size_t)(SHA256_SHORT_BLOCK_LENGTH - + usedspace)); } else { if (usedspace < SHA256_BLOCK_LENGTH) { - memset(&context->buffer[usedspace], 0, (size_t)(SHA256_BLOCK_LENGTH - usedspace)); + memset(&context->buffer[usedspace], 0, + (size_t)(SHA256_BLOCK_LENGTH - + usedspace)); } /* Do second-to-last transform: */ - SHA256_Transform(context, (sha2_word32*)(void *)context->buffer); + SHA256_Transform(context, + (uint32_t *)(void *)context->buffer); /* And set-up for the last transform: */ - memset(context->buffer, 0, (size_t)(SHA256_SHORT_BLOCK_LENGTH)); + memset(context->buffer, 0, + (size_t)(SHA256_SHORT_BLOCK_LENGTH)); } } else { /* Set-up for the last transform: */ - memset(context->buffer, 0, (size_t)(SHA256_SHORT_BLOCK_LENGTH)); + memset(context->buffer, 0, + (size_t)(SHA256_SHORT_BLOCK_LENGTH)); /* Begin padding with a 1 bit: */ *context->buffer = 0x80; } /* Set the bit count: */ - *(sha2_word64*)(void *)&context->buffer[SHA256_SHORT_BLOCK_LENGTH] = context->bitcount; + memcpy(&context->buffer[SHA256_SHORT_BLOCK_LENGTH], + &context->bitcount, sizeof(context->bitcount)); /* Final transform: */ - SHA256_Transform(context, (sha2_word32*)(void *)context->buffer); + SHA256_Transform(context, (uint32_t *)(void *)context->buffer); -#if BYTE_ORDER == LITTLE_ENDIAN - { - /* Convert TO host byte order */ - int j; - for (j = 0; j < 8; j++) { - REVERSE32(context->state[j],context->state[j]); - *d++ = context->state[j]; - } - } -#else - memcpy(d, context->state, SHA256_DIGEST_LENGTH); -#endif + for (i = 0; i < len / 4; i++) + d[i] = htobe32(context->state[i]); } /* Clean up state data: */ memset(context, 0, sizeof(*context)); usedspace = 0; + + return 1; +} + +int +SHA256_Final(uint8_t digest[], SHA256_CTX *context) +{ + return SHA224_256_Final(digest, context, SHA256_DIGEST_LENGTH); +} + +/*** SHA-224: *********************************************************/ +int +SHA224_Init(SHA224_CTX *context) +{ + if (context == NULL) + return 1; + + /* The state and buffer size are driven by SHA256, not by SHA224. */ + memcpy(context->state, sha224_initial_hash_value, + (size_t)(SHA256_DIGEST_LENGTH)); + memset(context->buffer, 0, (size_t)(SHA256_BLOCK_LENGTH)); + context->bitcount = 0; + + return 1; +} + +int +SHA224_Update(SHA224_CTX *context, const uint8_t *data, size_t len) +{ + return SHA256_Update((SHA256_CTX *)context, data, len); +} + +void +SHA224_Transform(SHA224_CTX *context, const uint32_t *data) +{ + SHA256_Transform((SHA256_CTX *)context, data); +} + +int +SHA224_Final(uint8_t digest[], SHA224_CTX *context) +{ + return SHA224_256_Final(digest, (SHA256_CTX *)context, + SHA224_DIGEST_LENGTH); } /*** SHA-512: *********************************************************/ -void SHA512_Init(SHA512_CTX* context) { - if (context == (SHA512_CTX*)0) { - return; - } - memcpy(context->state, sha512_initial_hash_value, (size_t)(SHA512_DIGEST_LENGTH)); +int +SHA512_Init(SHA512_CTX *context) +{ + if (context == NULL) + return 1; + + memcpy(context->state, sha512_initial_hash_value, + (size_t)(SHA512_DIGEST_LENGTH)); memset(context->buffer, 0, (size_t)(SHA512_BLOCK_LENGTH)); context->bitcount[0] = context->bitcount[1] = 0; + + return 1; } #ifdef SHA2_UNROLL_TRANSFORM /* Unrolled SHA-512 round macros: */ -#if BYTE_ORDER == LITTLE_ENDIAN - #define ROUND512_0_TO_15(a,b,c,d,e,f,g,h) \ - REVERSE64(*data++, W512[j]); \ + W512[j] = be64toh(*data); \ + ++data; \ T1 = (h) + Sigma1_512(e) + Ch((e), (f), (g)) + \ K512[j] + W512[j]; \ (d) += T1, \ (h) = T1 + Sigma0_512(a) + Maj((a), (b), (c)), \ j++ - -#else /* BYTE_ORDER == LITTLE_ENDIAN */ - -#define ROUND512_0_TO_15(a,b,c,d,e,f,g,h) \ - T1 = (h) + Sigma1_512(e) + Ch((e), (f), (g)) + \ - K512[j] + (W512[j] = *data++); \ - (d) += T1; \ - (h) = T1 + Sigma0_512(a) + Maj((a), (b), (c)); \ - j++ - -#endif /* BYTE_ORDER == LITTLE_ENDIAN */ - #define ROUND512(a,b,c,d,e,f,g,h) \ s0 = W512[(j+1)&0x0f]; \ s0 = sigma0_512(s0); \ @@ -703,9 +690,11 @@ (h) = T1 + Sigma0_512(a) + Maj((a), (b), (c)); \ j++ -void SHA512_Transform(SHA512_CTX* context, const sha2_word64* data) { - sha2_word64 a, b, c, d, e, f, g, h, s0, s1; - sha2_word64 T1, *W512 = (sha2_word64*)context->buffer; +void +SHA512_Transform(SHA512_CTX *context, const uint64_t *data) +{ + uint64_t a, b, c, d, e, f, g, h, s0, s1; + uint64_t T1, *W512 = (uint64_t *)context->buffer; int j; /* Initialize registers with the prev. intermediate value */ @@ -758,9 +747,11 @@ #else /* SHA2_UNROLL_TRANSFORM */ -void SHA512_Transform(SHA512_CTX* context, const sha2_word64* data) { - sha2_word64 a, b, c, d, e, f, g, h, s0, s1; - sha2_word64 T1, T2, *W512 = (void *)context->buffer; +void +SHA512_Transform(SHA512_CTX *context, const uint64_t *data) +{ + uint64_t a, b, c, d, e, f, g, h, s0, s1; + uint64_t T1, T2, *W512 = (void *)context->buffer; int j; /* Initialize registers with the prev. intermediate value */ @@ -775,15 +766,10 @@ j = 0; do { -#if BYTE_ORDER == LITTLE_ENDIAN - /* Convert TO host byte order */ - REVERSE64(*data++, W512[j]); + W512[j] = be64toh(*data); + ++data; /* Apply the SHA-512 compression function to update a..h */ T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + W512[j]; -#else /* BYTE_ORDER == LITTLE_ENDIAN */ - /* Apply the SHA-512 compression function to update a..h with copy */ - T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + (W512[j] = *data++); -#endif /* BYTE_ORDER == LITTLE_ENDIAN */ T2 = Sigma0_512(a) + Maj(a, b, c); h = g; g = f; @@ -836,36 +822,38 @@ #endif /* SHA2_UNROLL_TRANSFORM */ -void SHA512_Update(SHA512_CTX* context, const sha2_byte *data, size_t len) { +int +SHA512_Update(SHA512_CTX *context, const uint8_t *data, size_t len) +{ unsigned int freespace, usedspace; if (len == 0) { /* Calling with no data is valid - we do nothing */ - return; + return 1; } - /* Sanity check: */ - assert(context != (SHA512_CTX*)0 && data != (sha2_byte*)0); - - usedspace = (unsigned int)((context->bitcount[0] >> 3) % SHA512_BLOCK_LENGTH); + usedspace = (unsigned int)((context->bitcount[0] >> 3) % + SHA512_BLOCK_LENGTH); if (usedspace > 0) { /* Calculate how much free space is available in the buffer */ freespace = SHA512_BLOCK_LENGTH - usedspace; if (len >= freespace) { /* Fill the buffer completely and process it */ - memcpy(&context->buffer[usedspace], data, (size_t)(freespace)); + memcpy(&context->buffer[usedspace], data, + (size_t)(freespace)); ADDINC128(context->bitcount, freespace << 3); len -= freespace; data += freespace; - SHA512_Transform(context, (sha2_word64*)(void *)context->buffer); + SHA512_Transform(context, + (uint64_t *)(void *)context->buffer); } else { /* The buffer is not yet full */ memcpy(&context->buffer[usedspace], data, len); ADDINC128(context->bitcount, len << 3); /* Clean up: */ usedspace = freespace = 0; - return; + return 1; } } /* @@ -878,7 +866,7 @@ if ((uintptr_t)data % 8 == 0) { while (len >= SHA512_BLOCK_LENGTH) { SHA512_Transform(context, - (const sha2_word64*)(const void *)data); + (const uint64_t*)(const void *)data); ADDINC128(context->bitcount, SHA512_BLOCK_LENGTH << 3); len -= SHA512_BLOCK_LENGTH; data += SHA512_BLOCK_LENGTH; @@ -900,33 +888,38 @@ } /* Clean up: */ usedspace = freespace = 0; + + return 1; } -static void SHA512_Last(SHA512_CTX* context) { +static void +SHA512_Last(SHA512_CTX *context) +{ unsigned int usedspace; usedspace = (unsigned int)((context->bitcount[0] >> 3) % SHA512_BLOCK_LENGTH); -#if BYTE_ORDER == LITTLE_ENDIAN - /* Convert FROM host byte order */ - REVERSE64(context->bitcount[0],context->bitcount[0]); - REVERSE64(context->bitcount[1],context->bitcount[1]); -#endif + context->bitcount[0] = htobe64(context->bitcount[0]); + context->bitcount[1] = htobe64(context->bitcount[1]); if (usedspace > 0) { /* Begin padding with a 1 bit: */ context->buffer[usedspace++] = 0x80; if (usedspace <= SHA512_SHORT_BLOCK_LENGTH) { /* Set-up for the last transform: */ - memset(&context->buffer[usedspace], 0, (size_t)(SHA512_SHORT_BLOCK_LENGTH - usedspace)); + memset(&context->buffer[usedspace], 0, + (size_t)(SHA512_SHORT_BLOCK_LENGTH - usedspace)); } else { if (usedspace < SHA512_BLOCK_LENGTH) { - memset(&context->buffer[usedspace], 0, (size_t)(SHA512_BLOCK_LENGTH - usedspace)); + memset(&context->buffer[usedspace], 0, + (size_t)(SHA512_BLOCK_LENGTH - usedspace)); } /* Do second-to-last transform: */ - SHA512_Transform(context, (sha2_word64*)(void *)context->buffer); + SHA512_Transform(context, + (uint64_t *)(void *)context->buffer); /* And set-up for the last transform: */ - memset(context->buffer, 0, (size_t)(SHA512_BLOCK_LENGTH - 2)); + memset(context->buffer, 0, + (size_t)(SHA512_BLOCK_LENGTH - 2)); } } else { /* Prepare for final transform: */ @@ -936,85 +929,80 @@ *context->buffer = 0x80; } /* Store the length of input data (in bits): */ - *(sha2_word64*)(void *)&context->buffer[SHA512_SHORT_BLOCK_LENGTH] = context->bitcount[1]; - *(sha2_word64*)(void *)&context->buffer[SHA512_SHORT_BLOCK_LENGTH+8] = context->bitcount[0]; + memcpy(&context->buffer[SHA512_SHORT_BLOCK_LENGTH], + &context->bitcount[1], sizeof(context->bitcount[1])); + memcpy(&context->buffer[SHA512_SHORT_BLOCK_LENGTH + 8], + &context->bitcount[0], sizeof(context->bitcount[0])); /* Final transform: */ - SHA512_Transform(context, (sha2_word64*)(void *)context->buffer); + SHA512_Transform(context, (uint64_t *)(void *)context->buffer); } -void SHA512_Final(sha2_byte digest[], SHA512_CTX* context) { - sha2_word64 *d = (void *)digest; - - /* Sanity check: */ - assert(context != (SHA512_CTX*)0); +int +SHA512_Final(uint8_t digest[], SHA512_CTX *context) +{ + uint64_t *d = (void *)digest; + size_t i; /* If no digest buffer is passed, we don't bother doing this: */ - if (digest != (sha2_byte*)0) { + if (digest != NULL) { SHA512_Last(context); /* Save the hash data for output: */ -#if BYTE_ORDER == LITTLE_ENDIAN - { - /* Convert TO host byte order */ - int j; - for (j = 0; j < 8; j++) { - REVERSE64(context->state[j],context->state[j]); - *d++ = context->state[j]; - } - } -#else - memcpy(d, context->state, SHA512_DIGEST_LENGTH); -#endif + for (i = 0; i < 8; ++i) + d[i] = htobe64(context->state[i]); } /* Zero out state data */ memset(context, 0, sizeof(*context)); + + return 1; } /*** SHA-384: *********************************************************/ -void SHA384_Init(SHA384_CTX* context) { - if (context == (SHA384_CTX*)0) { - return; - } - memcpy(context->state, sha384_initial_hash_value, (size_t)(SHA512_DIGEST_LENGTH)); +int +SHA384_Init(SHA384_CTX *context) +{ + if (context == NULL) + return 1; + + memcpy(context->state, sha384_initial_hash_value, + (size_t)(SHA512_DIGEST_LENGTH)); memset(context->buffer, 0, (size_t)(SHA384_BLOCK_LENGTH)); context->bitcount[0] = context->bitcount[1] = 0; -} -void SHA384_Update(SHA384_CTX* context, const sha2_byte* data, size_t len) { - SHA512_Update((SHA512_CTX*)context, data, len); + return 1; } -void SHA384_Transform(SHA512_CTX* context, const sha2_word64* data) { - SHA512_Transform((SHA512_CTX*)context, data); +int +SHA384_Update(SHA384_CTX *context, const uint8_t *data, size_t len) +{ + return SHA512_Update((SHA512_CTX *)context, data, len); } -void SHA384_Final(sha2_byte digest[], SHA384_CTX* context) { - sha2_word64 *d = (void *)digest; +void +SHA384_Transform(SHA512_CTX *context, const uint64_t *data) +{ + SHA512_Transform((SHA512_CTX *)context, data); +} - /* Sanity check: */ - assert(context != (SHA384_CTX*)0); +int +SHA384_Final(uint8_t digest[], SHA384_CTX *context) +{ + uint64_t *d = (void *)digest; + size_t i; /* If no digest buffer is passed, we don't bother doing this: */ - if (digest != (sha2_byte*)0) { - SHA512_Last((SHA512_CTX*)context); + if (digest != NULL) { + SHA512_Last((SHA512_CTX *)context); /* Save the hash data for output: */ -#if BYTE_ORDER == LITTLE_ENDIAN - { - /* Convert TO host byte order */ - int j; - for (j = 0; j < 6; j++) { - REVERSE64(context->state[j],context->state[j]); - *d++ = context->state[j]; - } - } -#else - memcpy(d, context->state, SHA384_DIGEST_LENGTH); -#endif + for (i = 0; i < 6; ++i) + d[i] = be64toh(context->state[i]); } /* Zero out state data */ memset(context, 0, sizeof(*context)); + + return 1; } Index: src/crypto/dist/openssl/crypto/evp/m_sha1.c diff -u src/crypto/dist/openssl/crypto/evp/m_sha1.c:1.1.1.5 src/crypto/dist/openssl/crypto/evp/m_sha1.c:1.1.1.5.8.1 --- src/crypto/dist/openssl/crypto/evp/m_sha1.c:1.1.1.5 Fri May 9 21:34:29 2008 +++ src/crypto/dist/openssl/crypto/evp/m_sha1.c Tue Jul 14 19:35:22 2009 @@ -104,13 +104,12 @@ { return SHA224_Init(ctx->md_data); } static int init256(EVP_MD_CTX *ctx) { return SHA256_Init(ctx->md_data); } -/* - * Even though there're separate SHA224_[Update|Final], we call - * SHA256 functions even in SHA224 context. This is what happens - * there anyway, so we can spare few CPU cycles:-) - */ +static int update224(EVP_MD_CTX *ctx,const void *data,size_t count) + { return SHA224_Update(ctx->md_data,data,count); } static int update256(EVP_MD_CTX *ctx,const void *data,size_t count) { return SHA256_Update(ctx->md_data,data,count); } +static int final224(EVP_MD_CTX *ctx,unsigned char *md) + { return SHA224_Final(md,ctx->md_data); } static int final256(EVP_MD_CTX *ctx,unsigned char *md) { return SHA256_Final(md,ctx->md_data); } @@ -121,8 +120,8 @@ SHA224_DIGEST_LENGTH, EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT, init224, - update256, - final256, + update224, + final224, NULL, NULL, EVP_PKEY_RSA_method, Index: src/distrib/sets/lists/base/md.amd64 diff -u src/distrib/sets/lists/base/md.amd64:1.25.2.2 src/distrib/sets/lists/base/md.amd64:1.25.2.2.2.1 --- src/distrib/sets/lists/base/md.amd64:1.25.2.2 Fri Jan 16 21:41:06 2009 +++ src/distrib/sets/lists/base/md.amd64 Tue Jul 14 19:35:22 2009 @@ -1,4 +1,4 @@ -# $NetBSD: md.amd64,v 1.25.2.2 2009/01/16 21:41:06 bouyer Exp $ +# $NetBSD: md.amd64,v 1.25.2.2.2.1 2009/07/14 19:35:22 snj Exp $ ./@MODULEDIR@/adosfs base-kernel-modules ./@MODULEDIR@/adosfs/adosfs.kmod base-kernel-modules ./@MODULEDIR@/azalia base-kernel-modules @@ -125,13 +125,13 @@ ./usr/lib/i386/libbz2.so.1 base-compat-shlib compat,pic ./usr/lib/i386/libbz2.so.1.1 base-compat-shlib compat,pic ./usr/lib/i386/libc.so.12 base-compat-shlib compat,pic -./usr/lib/i386/libc.so.12.163 base-compat-shlib compat,pic +./usr/lib/i386/libc.so.12.164 base-compat-shlib compat,pic ./usr/lib/i386/libcom_err.so.5 base-compat-shlib compat,pic ./usr/lib/i386/libcom_err.so.5.0 base-compat-shlib compat,pic ./usr/lib/i386/libcrypt.so.0 base-compat-shlib compat,pic ./usr/lib/i386/libcrypt.so.0.2 base-compat-shlib compat,pic ./usr/lib/i386/libcrypto.so.4 base-compat-shlib compat,pic -./usr/lib/i386/libcrypto.so.4.1 base-compat-shlib compat,pic +./usr/lib/i386/libcrypto.so.4.2 base-compat-shlib compat,pic ./usr/lib/i386/librefuse.so.0 base-compat-shlib compat,pic ./usr/lib/i386/librefuse.so.0.0 base-compat-shlib compat,pic ./usr/lib/i386/libp2k.so.0 base-compat-shlib compat,pic Index: src/distrib/sets/lists/base/md.sparc64 diff -u src/distrib/sets/lists/base/md.sparc64:1.23.2.2 src/distrib/sets/lists/base/md.sparc64:1.23.2.2.2.1 --- src/distrib/sets/lists/base/md.sparc64:1.23.2.2 Fri Jan 16 21:41:06 2009 +++ src/distrib/sets/lists/base/md.sparc64 Tue Jul 14 19:35:22 2009 @@ -1,4 +1,4 @@ -# $NetBSD: md.sparc64,v 1.23.2.2 2009/01/16 21:41:06 bouyer Exp $ +# $NetBSD: md.sparc64,v 1.23.2.2.2.1 2009/07/14 19:35:22 snj Exp $ ./sbin/edlabel base-sysutil-root ./usr/bin/fdformat base-util-bin ./usr/lib/sparc base-compat-lib compat @@ -62,13 +62,13 @@ ./usr/lib/sparc/libbz2.so.1 base-compat-shlib compat,pic ./usr/lib/sparc/libbz2.so.1.1 base-compat-shlib compat,pic ./usr/lib/sparc/libc.so.12 base-compat-shlib compat,pic -./usr/lib/sparc/libc.so.12.163 base-compat-shlib compat,pic +./usr/lib/sparc/libc.so.12.164 base-compat-shlib compat,pic ./usr/lib/sparc/libcom_err.so.5 base-compat-shlib compat,pic ./usr/lib/sparc/libcom_err.so.5.0 base-compat-shlib compat,pic ./usr/lib/sparc/libcrypt.so.0 base-compat-shlib compat,pic ./usr/lib/sparc/libcrypt.so.0.2 base-compat-shlib compat,pic ./usr/lib/sparc/libcrypto.so.4 base-compat-shlib compat,pic -./usr/lib/sparc/libcrypto.so.4.1 base-compat-shlib compat,pic +./usr/lib/sparc/libcrypto.so.4.2 base-compat-shlib compat,pic ./usr/lib/sparc/libcurses.so.6 base-compat-shlib compat,pic ./usr/lib/sparc/libcurses.so.6.4 base-compat-shlib compat,pic ./usr/lib/sparc/libdes.so.7 base-compat-shlib compat,pic Index: src/distrib/sets/lists/base/shl.mi diff -u src/distrib/sets/lists/base/shl.mi:1.450.2.1 src/distrib/sets/lists/base/shl.mi:1.450.2.1.2.1 --- src/distrib/sets/lists/base/shl.mi:1.450.2.1 Fri Jan 16 21:41:07 2009 +++ src/distrib/sets/lists/base/shl.mi Tue Jul 14 19:35:22 2009 @@ -1,4 +1,4 @@ -# $NetBSD: shl.mi,v 1.450.2.1 2009/01/16 21:41:07 bouyer Exp $ +# $NetBSD: shl.mi,v 1.450.2.1.2.1 2009/07/14 19:35:22 snj Exp $ # # Note: Don't delete entries from here - mark them as "obsolete" instead, # unless otherwise stated below. @@ -13,9 +13,9 @@ # # Note: libtermcap and libtermlib are hardlinked and share the same version. # -./lib/libc.so.12.163 base-sys-shlib dynamicroot +./lib/libc.so.12.164 base-sys-shlib dynamicroot ./lib/libcrypt.so.0.2 base-sys-shlib dynamicroot -./lib/libcrypto.so.4.1 base-crypto-shlib crypto,dynamicroot +./lib/libcrypto.so.4.2 base-crypto-shlib crypto,dynamicroot ./lib/libedit.so.2.11 base-sys-shlib dynamicroot ./lib/libevent.so.2.0 base-sys-shlib dynamicroot ./lib/libipsec.so.2.2 base-net-shlib dynamicroot @@ -58,10 +58,10 @@ ./usr/lib/libbluetooth.so.3.0 base-sys-shlib ./usr/lib/libbsdmalloc.so.0.0 base-sys-shlib ./usr/lib/libbz2.so.1.1 base-sys-shlib -./usr/lib/libc.so.12.163 base-sys-shlib +./usr/lib/libc.so.12.164 base-sys-shlib ./usr/lib/libcom_err.so.5.0 base-krb5-shlib kerberos ./usr/lib/libcrypt.so.0.2 base-sys-shlib -./usr/lib/libcrypto.so.4.1 base-crypto-shlib crypto +./usr/lib/libcrypto.so.4.2 base-crypto-shlib crypto ./usr/lib/libcurses.so.6.4 base-sys-shlib ./usr/lib/libdes.so.7.0 base-crypto-shlib crypto ./usr/lib/libdns.so.1.1 base-bind-shlib Index: src/distrib/sets/lists/comp/mi diff -u src/distrib/sets/lists/comp/mi:1.1201.2.9 src/distrib/sets/lists/comp/mi:1.1201.2.9.2.1 --- src/distrib/sets/lists/comp/mi:1.1201.2.9 Fri Jan 16 21:41:07 2009 +++ src/distrib/sets/lists/comp/mi Tue Jul 14 19:35:22 2009 @@ -1,4 +1,4 @@ -# $NetBSD: mi,v 1.1201.2.9 2009/01/16 21:41:07 bouyer Exp $ +# $NetBSD: mi,v 1.1201.2.9.2.1 2009/07/14 19:35:22 snj Exp $ # # Note: don't delete entries from here - mark them as "obsolete" instead. # @@ -4278,6 +4278,14 @@ ./usr/share/man/cat3/SHA1Init.0 comp-c-catman .cat ./usr/share/man/cat3/SHA1Transform.0 comp-c-catman .cat ./usr/share/man/cat3/SHA1Update.0 comp-c-catman .cat +./usr/share/man/cat3/SHA224_Data.0 comp-c-catman .cat +./usr/share/man/cat3/SHA224_End.0 comp-c-catman .cat +./usr/share/man/cat3/SHA224_File.0 comp-c-catman .cat +./usr/share/man/cat3/SHA224_FileChunk.0 comp-c-catman .cat +./usr/share/man/cat3/SHA224_Final.0 comp-c-catman .cat +./usr/share/man/cat3/SHA224_Init.0 comp-c-catman .cat +./usr/share/man/cat3/SHA224_Transform.0 comp-c-catman .cat +./usr/share/man/cat3/SHA224_Update.0 comp-c-catman .cat ./usr/share/man/cat3/SHA256_Data.0 comp-c-catman .cat ./usr/share/man/cat3/SHA256_End.0 comp-c-catman .cat ./usr/share/man/cat3/SHA256_File.0 comp-c-catman .cat @@ -9660,6 +9668,14 @@ ./usr/share/man/html3/SHA1Init.html comp-c-htmlman html ./usr/share/man/html3/SHA1Transform.html comp-c-htmlman html ./usr/share/man/html3/SHA1Update.html comp-c-htmlman html +./usr/share/man/html3/SHA224_Data.html comp-c-htmlman html +./usr/share/man/html3/SHA224_End.html comp-c-htmlman html +./usr/share/man/html3/SHA224_File.html comp-c-htmlman html +./usr/share/man/html3/SHA224_FileChunk.html comp-c-htmlman html +./usr/share/man/html3/SHA224_Final.html comp-c-htmlman html +./usr/share/man/html3/SHA224_Init.html comp-c-htmlman html +./usr/share/man/html3/SHA224_Transform.html comp-c-htmlman html +./usr/share/man/html3/SHA224_Update.html comp-c-htmlman html ./usr/share/man/html3/SHA256_Data.html comp-c-htmlman html ./usr/share/man/html3/SHA256_End.html comp-c-htmlman html ./usr/share/man/html3/SHA256_File.html comp-c-htmlman html @@ -14841,6 +14857,14 @@ ./usr/share/man/man3/SHA1Init.3 comp-c-man .man ./usr/share/man/man3/SHA1Transform.3 comp-c-man .man ./usr/share/man/man3/SHA1Update.3 comp-c-man .man +./usr/share/man/man3/SHA224_Data.3 comp-c-man .man +./usr/share/man/man3/SHA224_End.3 comp-c-man .man +./usr/share/man/man3/SHA224_File.3 comp-c-man .man +./usr/share/man/man3/SHA224_FileChunk.3 comp-c-man .man +./usr/share/man/man3/SHA224_Final.3 comp-c-man .man +./usr/share/man/man3/SHA224_Init.3 comp-c-man .man +./usr/share/man/man3/SHA224_Transform.3 comp-c-man .man +./usr/share/man/man3/SHA224_Update.3 comp-c-man .man ./usr/share/man/man3/SHA256_Data.3 comp-c-man .man ./usr/share/man/man3/SHA256_End.3 comp-c-man .man ./usr/share/man/man3/SHA256_File.3 comp-c-man .man Index: src/lib/libc/shlib_version diff -u src/lib/libc/shlib_version:1.204 src/lib/libc/shlib_version:1.204.8.1 --- src/lib/libc/shlib_version:1.204 Mon Aug 4 21:29:27 2008 +++ src/lib/libc/shlib_version Tue Jul 14 19:35:23 2009 @@ -1,4 +1,4 @@ -# $NetBSD: shlib_version,v 1.204 2008/08/04 21:29:27 matt Exp $ +# $NetBSD: shlib_version,v 1.204.8.1 2009/07/14 19:35:23 snj Exp $ # Remember to update distrib/sets/lists/base/shl.* when changing # # things we wish to do on next major version bump: @@ -26,4 +26,4 @@ # - remove frexp, ldexp, modf: they belong to libm. # - make sure we can support thread local [on arm don't use r9 for example] major=12 -minor=163 +minor=164 Index: src/lib/libc/hash/sha2/Makefile.inc diff -u src/lib/libc/hash/sha2/Makefile.inc:1.3 src/lib/libc/hash/sha2/Makefile.inc:1.3.34.1 --- src/lib/libc/hash/sha2/Makefile.inc:1.3 Tue Aug 23 17:49:27 2005 +++ src/lib/libc/hash/sha2/Makefile.inc Tue Jul 14 19:35:23 2009 @@ -1,12 +1,15 @@ -# $NetBSD: Makefile.inc,v 1.3 2005/08/23 17:49:27 elad Exp $ +# $NetBSD: Makefile.inc,v 1.3.34.1 2009/07/14 19:35:23 snj Exp $ # hash functions .PATH: ${.CURDIR}/hash/sha2 -SRCS+= sha2.c sha256hl.c sha384hl.c sha512hl.c +SRCS+= sha2.c sha224hl.c sha256hl.c sha384hl.c sha512hl.c MAN+= sha2.3 +MLINKS+=sha2.3 SHA224_Init.3 sha2.3 SHA224_Update.3 sha2.3 SHA224_Final.3 +MLINKS+=sha2.3 SHA224_End.3 sha2.3 SHA224_File.3 sha2.3 SHA224_Data.3 +MLINKS+=sha2.3 SHA224_Transform.3 sha2.3 SHA224_FileChunk.3 MLINKS+=sha2.3 SHA256_Init.3 sha2.3 SHA256_Update.3 sha2.3 SHA256_Final.3 MLINKS+=sha2.3 SHA256_End.3 sha2.3 SHA256_File.3 sha2.3 SHA256_Data.3 MLINKS+=sha2.3 SHA256_Transform.3 sha2.3 SHA256_FileChunk.3 Index: src/lib/libc/hash/sha2/sha2.3 diff -u src/lib/libc/hash/sha2/sha2.3:1.4 src/lib/libc/hash/sha2/sha2.3:1.4.32.1 --- src/lib/libc/hash/sha2/sha2.3:1.4 Mon Dec 26 19:40:15 2005 +++ src/lib/libc/hash/sha2/sha2.3 Tue Jul 14 19:35:23 2009 @@ -1,4 +1,4 @@ -.\" $NetBSD: sha2.3,v 1.4 2005/12/26 19:40:15 perry Exp $ +.\" $NetBSD: sha2.3,v 1.4.32.1 2009/07/14 19:35:23 snj Exp $ .\" $OpenBSD: sha2.3,v 1.11 2004/06/22 01:57:29 jfb Exp $ .\" .\" Copyright (c) 2003, 2004 Todd C. Miller <todd.mil...@courtesan.com> @@ -21,7 +21,7 @@ .\" .\" See http://www.nist.gov/sha/ for the detailed standard .\" -.Dd April 24, 2003 +.Dd May 20, 2009 .Dt SHA2 3 .Os .Sh NAME @@ -39,6 +39,24 @@ .In sys/types.h .In sha2.h .Ft void +.Fn SHA224_Init "SHA224_CTX *context" +.Ft void +.Fn SHA224_Update "SHA224_CTX *context" "const uint8_t *data" "size_t len" +.Ft void +.Fn SHA224_Pad "SHA224_CTX *context" +.Ft void +.Fn SHA224_Final "uint8_t digest[SHA224_DIGEST_LENGTH]" "SHA224_CTX *context" +.Ft void +.Fn SHA224_Transform "uint32_t state[8]" "const uint8_t buffer[SHA224_BLOCK_LENGTH]" +.Ft "char *" +.Fn SHA224_End "SHA224_CTX *context" "char *buf" +.Ft "char *" +.Fn SHA224_File "const char *filename" "char *buf" +.Ft "char *" +.Fn SHA224_FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length" +.Ft "char *" +.Fn SHA224_Data "uint8_t *data" "size_t len" "char *buf" +.Ft void .Fn SHA256_Init "SHA256_CTX *context" .Ft void .Fn SHA256_Update "SHA256_CTX *context" "const uint8_t *data" "size_t len" @@ -97,9 +115,9 @@ FIPS PUB 180-2. The SHA2 functions are used to generate a condensed representation of a message called a message digest, suitable for use as a digital signature. -There are three families of functions, with names corresponding to +There are four families of functions, with names corresponding to the number of bits in the resulting message digest. -The SHA-256 functions are limited to processing a message of less +The SHA-224 and SHA-256 functions are limited to processing a message of less than 2^64 bits as input. The SHA-384 and SHA-512 functions can process a message of at most 2^128 - 1 bits as input. @@ -107,7 +125,7 @@ The SHA2 functions are considered to be more secure than the .Xr sha1 3 functions with which they share a similar interface. -The 256, 384, and 512-bit versions of SHA2 share the same interface. +The 224, 256, 384, and 512-bit versions of SHA2 share the same interface. For brevity, only the 256-bit variants are described below. .Pp The @@ -205,6 +223,7 @@ .Ar buf parameter should either be a string large enough to hold the resulting digest (e.g., +.Ev SHA224_DIGEST_STRING_LENGTH , .Ev SHA256_DIGEST_STRING_LENGTH , .Ev SHA384_DIGEST_STRING_LENGTH , or Index: src/lib/libc/include/namespace.h diff -u src/lib/libc/include/namespace.h:1.133 src/lib/libc/include/namespace.h:1.133.6.1 --- src/lib/libc/include/namespace.h:1.133 Mon Aug 4 21:29:27 2008 +++ src/lib/libc/include/namespace.h Tue Jul 14 19:35:23 2009 @@ -1,4 +1,4 @@ -/* $NetBSD: namespace.h,v 1.133 2008/08/04 21:29:27 matt Exp $ */ +/* $NetBSD: namespace.h,v 1.133.6.1 2009/07/14 19:35:23 snj Exp $ */ /*- * Copyright (c) 1997-2004 The NetBSD Foundation, Inc. @@ -115,6 +115,14 @@ #define SHA1Init _SHA1Init #define SHA1Transform _SHA1Transform #define SHA1Update _SHA1Update +#define SHA224_Data _SHA224_Data +#define SHA224_End _SHA224_End +#define SHA224_FileChunk _SHA224_FileChunk +#define SHA224_File _SHA224_File +#define SHA224_Final _SHA224_Final +#define SHA224_Init _SHA224_Init +#define SHA224_Transform _SHA224_Transform +#define SHA224_Update _SHA224_Update #define SHA256_Data _SHA256_Data #define SHA256_End _SHA256_End #define SHA256_FileChunk _SHA256_FileChunk Index: src/lib/libcrypto/sha.inc diff -u src/lib/libcrypto/sha.inc:1.9 src/lib/libcrypto/sha.inc:1.9.16.1 --- src/lib/libcrypto/sha.inc:1.9 Sun Dec 9 22:44:21 2007 +++ src/lib/libcrypto/sha.inc Tue Jul 14 19:35:24 2009 @@ -1,4 +1,4 @@ -# $NetBSD: sha.inc,v 1.9 2007/12/09 22:44:21 adrianp Exp $ +# $NetBSD: sha.inc,v 1.9.16.1 2009/07/14 19:35:24 snj Exp $ # # @(#) Copyright (c) 1995 Simon J. Gerraty # @@ -8,7 +8,11 @@ .PATH: ${OPENSSLSRC}/crypto/sha -SHA_SRCS = sha_dgst.c sha1dgst.c sha_one.c sha1_one.c sha256.c sha512.c +SHA_SRCS = sha_dgst.c sha1dgst.c sha_one.c sha1_one.c + +# Replaced OpenSSL version to avoid overlap with libc +SHA_SRCS+= libc-sha512.c libc-sha256.c + SRCS += ${SHA_SRCS} .for cryptosrc in ${SHA_SRCS} Index: src/lib/libcrypto/shlib_version diff -u src/lib/libcrypto/shlib_version:1.14 src/lib/libcrypto/shlib_version:1.14.6.1 --- src/lib/libcrypto/shlib_version:1.14 Mon May 26 16:51:07 2008 +++ src/lib/libcrypto/shlib_version Tue Jul 14 19:35:24 2009 @@ -1,5 +1,7 @@ -# $NetBSD: shlib_version,v 1.14 2008/05/26 16:51:07 christos Exp $ +# $NetBSD: shlib_version,v 1.14.6.1 2009/07/14 19:35:24 snj Exp $ # Remember to update distrib/sets/lists/base/shl.* when changing # +# Things to do on the next major bump: +# - Make openssl/sha.h and sha2.h compatible. major=4 -minor=1 +minor=2 Index: src/sys/sys/sha2.h diff -u src/sys/sys/sha2.h:1.2 src/sys/sys/sha2.h:1.2.26.1 --- src/sys/sys/sha2.h:1.2 Sat Feb 16 17:37:13 2008 +++ src/sys/sys/sha2.h Tue Jul 14 19:35:24 2009 @@ -1,4 +1,4 @@ -/* $NetBSD: sha2.h,v 1.2 2008/02/16 17:37:13 apb Exp $ */ +/* $NetBSD: sha2.h,v 1.2.26.1 2009/07/14 19:35:24 snj Exp $ */ /* $KAME: sha2.h,v 1.4 2003/07/20 00:28:38 itojun Exp $ */ /* @@ -42,7 +42,10 @@ #include <sys/types.h> #include <sys/cdefs.h> -/*** SHA-256/384/512 Various Length Definitions ***********************/ +/*** SHA-224/256/384/512 Various Length Definitions ***********************/ +#define SHA224_BLOCK_LENGTH 64 +#define SHA224_DIGEST_LENGTH 28 +#define SHA224_DIGEST_STRING_LENGTH (SHA224_DIGEST_LENGTH * 2 + 1) #define SHA256_BLOCK_LENGTH 64 #define SHA256_DIGEST_LENGTH 32 #define SHA256_DIGEST_STRING_LENGTH (SHA256_DIGEST_LENGTH * 2 + 1) @@ -60,20 +63,32 @@ uint64_t bitcount; uint8_t buffer[SHA256_BLOCK_LENGTH]; } SHA256_CTX; + typedef struct _SHA512_CTX { uint64_t state[8]; uint64_t bitcount[2]; uint8_t buffer[SHA512_BLOCK_LENGTH]; } SHA512_CTX; +typedef SHA256_CTX SHA224_CTX; typedef SHA512_CTX SHA384_CTX; /*** SHA-256/384/512 Function Prototypes ******************************/ __BEGIN_DECLS -void SHA256_Init(SHA256_CTX *); -void SHA256_Update(SHA256_CTX*, const uint8_t*, size_t); -void SHA256_Final(uint8_t[SHA256_DIGEST_LENGTH], SHA256_CTX*); +int SHA224_Init(SHA224_CTX *); +int SHA224_Update(SHA224_CTX*, const uint8_t*, size_t); +int SHA224_Final(uint8_t[SHA224_DIGEST_LENGTH], SHA224_CTX*); +#ifndef _KERNEL +char *SHA224_End(SHA224_CTX *, char[SHA224_DIGEST_STRING_LENGTH]); +char *SHA224_FileChunk(const char *, char *, off_t, off_t); +char *SHA224_File(const char *, char *); +char *SHA224_Data(const uint8_t *, size_t, char[SHA224_DIGEST_STRING_LENGTH]); +#endif /* !_KERNEL */ + +int SHA256_Init(SHA256_CTX *); +int SHA256_Update(SHA256_CTX*, const uint8_t*, size_t); +int SHA256_Final(uint8_t[SHA256_DIGEST_LENGTH], SHA256_CTX*); #ifndef _KERNEL char *SHA256_End(SHA256_CTX *, char[SHA256_DIGEST_STRING_LENGTH]); char *SHA256_FileChunk(const char *, char *, off_t, off_t); @@ -81,9 +96,9 @@ char *SHA256_Data(const uint8_t *, size_t, char[SHA256_DIGEST_STRING_LENGTH]); #endif /* !_KERNEL */ -void SHA384_Init(SHA384_CTX*); -void SHA384_Update(SHA384_CTX*, const uint8_t*, size_t); -void SHA384_Final(uint8_t[SHA384_DIGEST_LENGTH], SHA384_CTX*); +int SHA384_Init(SHA384_CTX*); +int SHA384_Update(SHA384_CTX*, const uint8_t*, size_t); +int SHA384_Final(uint8_t[SHA384_DIGEST_LENGTH], SHA384_CTX*); #ifndef _KERNEL char *SHA384_End(SHA384_CTX *, char[SHA384_DIGEST_STRING_LENGTH]); char *SHA384_FileChunk(const char *, char *, off_t, off_t); @@ -91,9 +106,9 @@ char *SHA384_Data(const uint8_t *, size_t, char[SHA384_DIGEST_STRING_LENGTH]); #endif /* !_KERNEL */ -void SHA512_Init(SHA512_CTX*); -void SHA512_Update(SHA512_CTX*, const uint8_t*, size_t); -void SHA512_Final(uint8_t[SHA512_DIGEST_LENGTH], SHA512_CTX*); +int SHA512_Init(SHA512_CTX*); +int SHA512_Update(SHA512_CTX*, const uint8_t*, size_t); +int SHA512_Final(uint8_t[SHA512_DIGEST_LENGTH], SHA512_CTX*); #ifndef _KERNEL char *SHA512_End(SHA512_CTX *, char[SHA512_DIGEST_STRING_LENGTH]); char *SHA512_FileChunk(const char *, char *, off_t, off_t); Added files: Index: src/lib/libc/hash/sha2/sha224hl.c diff -u /dev/null src/lib/libc/hash/sha2/sha224hl.c:1.1.2.2 --- /dev/null Tue Jul 14 19:35:24 2009 +++ src/lib/libc/hash/sha2/sha224hl.c Tue Jul 14 19:35:23 2009 @@ -0,0 +1,16 @@ +/* $NetBSD */ + +/* + * Derived from code written by Jason R. Thorpe <thor...@netbsd.org>, + * May 20, 2009. + * Public domain. + */ + +#include <sys/cdefs.h> +__RCSID("$NetBSD: sha224hl.c,v 1.1.2.2 2009/07/14 19:35:23 snj Exp $"); + +#define HASH_ALGORITHM SHA224 +#define HASH_FNPREFIX SHA224_ +#define HASH_INCLUDE <sys/sha2.h> + +#include "../hashhl.c" Index: src/lib/libcrypto/libc-sha256.c diff -u /dev/null src/lib/libcrypto/libc-sha256.c:1.1.2.2 --- /dev/null Tue Jul 14 19:35:24 2009 +++ src/lib/libcrypto/libc-sha256.c Tue Jul 14 19:35:24 2009 @@ -0,0 +1,49 @@ +/* + * Special version of sha256.c that uses the libc SHA256 implementation + * of libc. + */ + +/* crypto/sha/sha256.c */ +/* ==================================================================== + * Copyright (c) 2004 The OpenSSL Project. All rights reserved + * according to the OpenSSL license [found in ../../LICENSE]. + * ==================================================================== + */ +#include <openssl/opensslconf.h> + +#include <stdlib.h> +#include <string.h> + +#include <openssl/crypto.h> +#include <openssl/sha.h> +#include <openssl/opensslv.h> + +#include "cryptlib.h" + +const char SHA256_version[]="SHA-256" OPENSSL_VERSION_PTEXT; + +unsigned char *SHA224(const unsigned char *d, size_t n, unsigned char *md) + { + SHA256_CTX c; + static unsigned char m[SHA224_DIGEST_LENGTH]; + + if (md == NULL) md=m; + SHA224_Init(&c); + SHA224_Update(&c,d,n); + SHA224_Final(md,&c); + OPENSSL_cleanse(&c,sizeof(c)); + return(md); + } + +unsigned char *SHA256(const unsigned char *d, size_t n, unsigned char *md) + { + SHA256_CTX c; + static unsigned char m[SHA256_DIGEST_LENGTH]; + + if (md == NULL) md=m; + SHA256_Init(&c); + SHA256_Update(&c,d,n); + SHA256_Final(md,&c); + OPENSSL_cleanse(&c,sizeof(c)); + return(md); + } Index: src/lib/libcrypto/libc-sha512.c diff -u /dev/null src/lib/libcrypto/libc-sha512.c:1.1.2.2 --- /dev/null Tue Jul 14 19:35:24 2009 +++ src/lib/libcrypto/libc-sha512.c Tue Jul 14 19:35:24 2009 @@ -0,0 +1,49 @@ +/* + * Special version of sha512.c that uses the libc SHA512 implementation + * of libc. + */ + +/* crypto/sha/sha512.c */ +/* ==================================================================== + * Copyright (c) 2004 The OpenSSL Project. All rights reserved + * according to the OpenSSL license [found in ../../LICENSE]. + * ==================================================================== + */ +#include <openssl/opensslconf.h> + +#include <stdlib.h> +#include <string.h> + +#include <openssl/crypto.h> +#include <openssl/sha.h> +#include <openssl/opensslv.h> + +#include "cryptlib.h" + +const char SHA512_version[]="SHA-512" OPENSSL_VERSION_PTEXT; + +unsigned char *SHA384(const unsigned char *d, size_t n, unsigned char *md) + { + SHA512_CTX c; + static unsigned char m[SHA384_DIGEST_LENGTH]; + + if (md == NULL) md=m; + SHA384_Init(&c); + SHA384_Update(&c,d,n); + SHA384_Final(md,&c); + OPENSSL_cleanse(&c,sizeof(c)); + return(md); + } + +unsigned char *SHA512(const unsigned char *d, size_t n, unsigned char *md) + { + SHA512_CTX c; + static unsigned char m[SHA512_DIGEST_LENGTH]; + + if (md == NULL) md=m; + SHA512_Init(&c); + SHA512_Update(&c,d,n); + SHA512_Final(md,&c); + OPENSSL_cleanse(&c,sizeof(c)); + return(md); + }