142 Commits

Author SHA1 Message Date
Allan Jude
1780e40715 Implement SHA-512 truncated (224 and 256 bits)
This implements SHA-512/256, which generates a 256 bit hash by
calculating the SHA-512 then truncating the result. A different initial
value is used, making the result different from the first 256 bits of
the SHA-512 of the same input. SHA-512 is ~50% faster than SHA-256 on
64bit platforms, so the result is a faster 256 bit hash.

The main goal of this implementation is to enable support for this
faster hashing algorithm in ZFS. The feature was introduced into ZFS
in r289422, but is disconnected because SHA-512/256 support was missing.
A further commit will enable it in ZFS.

This is the follow on to r292782

Reviewed by:	cem
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D6061
2016-05-28 16:06:07 +00:00
Conrad Meyer
c6b03be14b libmd: Work around C++'s inability to understand C
Reported by:	antoine@ (x265)
2016-05-27 05:31:14 +00:00
Glen Barber
52259a98ad MFH
Sponsored by:	The FreeBSD Foundation
2016-03-02 16:14:46 +00:00
Bryan Drewery
bd18fd57db DIRDEPS_BUILD: Regenerate without local dependencies.
These are no longer needed after the recent 'beforebuild: depend' changes
and hooking DIRDEPS_BUILD into a subset of FAST_DEPEND which supports
skipping 'make depend'.

Sponsored by:	EMC / Isilon Storage Division
2016-02-24 17:20:11 +00:00
Glen Barber
a70cba9582 First pass through library packaging.
Sponsored by:	The FreeBSD Foundation
2016-02-04 21:16:35 +00:00
Jonathan T. Looney
492e9ee5a9 Improvements to the MDXFileChunk() template function:
- Remove unneeded fstat()/lseek() calls.
- Return NULL and set errno to EINVAL on negative length.
- Fix small style problems and expand variable names.

After this change, it is possible to use this code for some irregular
files. For example, 'md5 /dev/md0' should now succeed.

Differential Revision:	https://reviews.freebsd.org/D4748
Suggested by:	bde
Reviewed by:	bde, allanjude, delphij
2016-01-14 21:08:23 +00:00
Bryan Drewery
e3ebb82118 DIRDEPS_BUILD: Update dependencies.
Sponsored by:	EMC / Isilon Storage Division
2016-01-07 19:58:23 +00:00
Jonathan T. Looney
8d03d93fb7 Fix a file descriptor leak in mdXhl.c (which is used by numerous hashing
algorithms.

CID:	1305669,1305611,1305663,1305603,1305584,1305639,1346865,1305601
Differential Revision:	https://reviews.freebsd.org/D4732
Reviewed by:	allanjude, delphij
MFC after:	2 weeks
Sponsored by:	Juniper Networks
2015-12-30 18:04:50 +00:00
Allan Jude
7a3f5d11fb Replace sys/crypto/sha2/sha2.c with lib/libmd/sha512c.c
cperciva's libmd implementation is 5-30% faster

The same was done for SHA256 previously in r263218

cperciva's implementation was lacking SHA-384 which I implemented, validated against OpenSSL and the NIST documentation

Extend sbin/md5 to create sha384(1)

Chase dependancies on sys/crypto/sha2/sha2.{c,h} and replace them with sha512{c.c,.h}

Reviewed by:	cperciva, des, delphij
Approved by:	secteam, bapt (mentor)
MFC after:	2 weeks
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D3929
2015-12-27 17:33:59 +00:00
Bryan Drewery
5a0d38b3aa META MODE: Remove unneeded libmd.host dependency for xinstall.host.
This is chasing r291026.

Sponsored by:	EMC / Isilon Storage Division
2015-11-25 19:44:55 +00:00
Bryan Drewery
4aa63711a7 META MODE: Fix 'make bootstrap-tools'.
The main problem was bitrot after elftoolchain being swapped in for the
GNU toolchain.

This also reworks how the list of 'host allowed' libraries is determined
to only allow INTERNALLIBs, which is needed for libelftc to come in.

For usr.bin/readelf use the same hack, as libelf and libdward, to bring in
the needed sys/ headers for host builds.  This has not yet been a problem due
to readelf not being built as a host tool in buildworld.  This is possible
in the meta build though when building the toolchain.

Sponsored by:	EMC / Isilon Storage Division
2015-11-25 19:44:51 +00:00
Bryan Drewery
7b3ea376a2 META MODE: Prefer INSTALL=tools/install.sh to lessen the need for xinstall.host.
This both avoids some dependencies on xinstall.host and allows
bootstrapping on older releases to work due to lack of at least 'install -l'
support.

Sponsored by:	EMC / Isilon Storage Division
2015-11-25 19:10:28 +00:00
Craig Rodrigues
3a6dcb1fad Add new include path for sha256.h
This fixes the bootstrap build on FreeBSD 10.

Submitted by:	andrew
2015-07-12 03:39:36 +00:00
John-Mark Gurney
2ff9c4f915 Complete the move that was started w/ r263218.. For some reason I
didn't delete the files, so that means we need to bring the changes in
r282726 to the correct files..

make tinderbox completed with this patch...
2015-07-11 03:12:34 +00:00
John-Mark Gurney
7b7254e71f increase buffer size to significantly increase performance...
see:
https://docs.freebsd.org/cgi/mid.cgi?20150513080342.GE37063@funkthat.com

for benchmarks...
2015-07-09 16:13:05 +00:00
Simon J. Gerraty
2ef6d5a7b9 new depends 2015-06-16 23:37:19 +00:00
Baptiste Daroussin
18b2ee82db Revert r284417 it is not necessary anymore 2015-06-15 19:28:07 +00:00
Baptiste Daroussin
4232f82668 Enforce overwritting SHLIBDIR
Since METAMODE has been added, sys.mk loads bsd.mkopt.mk which ends load loading
bsd.own.mk which then defines SHLIBDIR before all the Makefile.inc everywhere.

This makes /lib being populated again.

Reported by:	many
2015-06-15 15:34:20 +00:00
Simon J. Gerraty
ccfb965433 Add META_MODE support.
Off by default, build behaves normally.
WITH_META_MODE we get auto objdir creation, the ability to
start build from anywhere in the tree.

Still need to add real targets under targets/ to build packages.

Differential Revision:       D2796
Reviewed by: brooks imp
2015-06-13 19:20:56 +00:00
Simon J. Gerraty
44d314f704 dirdeps.mk now sets DEP_RELDIR 2015-06-08 23:35:17 +00:00
Simon J. Gerraty
98e0ffaefb Merge sync of head 2015-05-27 01:19:58 +00:00
Thomas Quinot
2dd0a89c26 Unbreak MIPS build following rev. 282726
Introduce further adjustments to the renaming of libmd
symbols: make sure that we do not generate dangling weak
aliases, as this causes build failures on MIPS.

Tested by:	sbruno
2015-05-11 16:45:33 +00:00
Thomas Quinot
55b130956d Unbreak build following rev. 282726
(Makefile.inc1): add dependency of xinstall on libmd to
avoid failure of parallel bootstrap.

(lib/libmd/*.h): do not redefine symbols if already
defined as macros (libcrypt uses the same sources internally,
redefining symbols with a prefix of its own).

Fixes build failures caused by previous change to libmd.

Reported by: ian
Pointy hat to: thomas
2015-05-10 21:21:52 +00:00
Thomas Quinot
9d8b66868a Ensure libmd symbols do not clash with libcrypto
Add a prefix to all symbols in libmd to avoid incompatibilites
with same-named, but not binary compatible, symbols from libcrypto.

Also introduce Weak aliases to avoid the need to rebuild dependent
binaries and a major version bump.

PR:		199119
Differential Revision:	D2216
Reviewed by:	roberto, delphij
MFC after:	2 weeks
2015-05-10 13:21:36 +00:00
Enji Cooper
6eec0f2bda Avoid an infinite loop by ensuring that the amount of bytes read is greater
than 0 in MDXFileChunk when calculating the checksum

This edgecase can be triggered if the file is truncated while the checksum
is being calculated (i.e. the EOF is reached)

Differential Revision: https://reviews.freebsd.org/D2351 (patch by darius)
PR: 196694
Reviewed by: delphij, ngie
Submitted by: Daniel O'Connor <darius@dons.net.au>
Sponsored by: EMC / Isilon Storage Division
2015-04-24 11:03:47 +00:00
Ed Maste
294246bb7d Revert r274772: it is not valid on MIPS
Reported by:	sbruno
2014-11-25 03:50:31 +00:00
Ed Maste
688fd61ae8 Use canonical __PIC__ flag
It is automatically set when -fPIC is passed to the compiler.

Reviewed by:	dim, kib
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D1179
2014-11-21 02:05:48 +00:00
Simon J. Gerraty
ee7b0571c2 Merge head from 7/28 2014-08-19 06:50:54 +00:00
Baptiste Daroussin
2b7af31cf5 use .Mt to mark up email addresses consistently (part3)
PR:		191174
Submitted by:	Franco Fichtner  <franco at lastsummer.de>
2014-06-23 08:23:05 +00:00
Simon J. Gerraty
fae50821ae Updated dependencies 2014-05-16 14:09:51 +00:00
Simon J. Gerraty
76b28ad6ab Updated dependencies 2014-05-10 05:16:28 +00:00
Simon J. Gerraty
3b8f084595 Merge head 2014-04-28 07:50:45 +00:00
Glen Barber
9180554666 Dereference nonexistent md2(3) manual.
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2014-03-28 04:19:06 +00:00
John-Mark Gurney
8083f14fc2 replace the kernel's version w/ cperciva's implementation... In all
my tests, it is faster ~20%, even on an old IXP425 533MHz it is ~45%
faster...  This is partly due to loop unrolling, so the code size does
significantly increase...  I do plan on committing a version that
rolls up the loops again for smaller code size for embedded systems
where size is more important than absolute performance (it'll save ~6k
code)...

The kernel implementation is now shared w/ userland's libcrypt and
libmd...

We drop support for sha256 from sha2.c, so now sha2.c only contains
sha384 and sha512...

Reviewed by:	secteam@
2014-03-16 01:43:23 +00:00
John-Mark Gurney
fd9e2c6a4a use a real uint64_t instead of writing code to emulate one..
I verified w/ a:
dd if=/dev/zero bs=1m count=5000 | sha256
a33351fafd00e4c4bcdee2a1c5d019026500f8cdfeaf91a9b8dbbb2619429659

Reviewed by:	cperciva
MFC after:	1 week
2014-01-11 20:49:22 +00:00
Simon J. Gerraty
7cf3a1c6b2 Updated dependencies 2013-03-11 17:21:52 +00:00
Simon J. Gerraty
f5f7c05209 Updated dependencies 2013-02-16 01:23:54 +00:00
Simon J. Gerraty
7cd2dcf076 Updated/new Makefile.depend 2012-11-08 21:24:17 +00:00
Marcel Moolenaar
7750ad47a9 Sync FreeBSD's bmake branch with Juniper's internal bmake branch.
Requested by: Simon Gerraty <sjg@juniper.net>
2012-08-22 19:25:57 +00:00
David E. O'Brien
9b9c301802 Remove the RFC 1319 MD2 Message-Digest Algorithm routines from libmd.
1. The licensing terms for the MD2 routines from RFC is not under a BSD-like
   license.  Instead it is only granted for non-commercial Internet
   Privacy-Enhanced Mail.
2. MD2 is quite deprecated as it is no longer considered a cryptographically
   strong algorithm.

Discussed with:	so (cperciva), core
2012-04-28 02:48:51 +00:00
Colin Percival
02d98cd4da Rewrite HISTORY: The SHA256 code first appeared in 6.0, and the SHA512
code in 9.0; neither existed in FreeBSD 4.0.
2011-06-27 02:10:10 +00:00
Mark Murray
3b50f6bf83 Add SHA512 (Actually, this is Colin Percival's code for SHA256, with
relevant constants changed).

While I'm here clean up the tests and Makefile.

PR:		misc/124164
Submitted by:	KIMURA Yasuhiro < yasu utahime org >
MFC after:	1 month
2011-04-09 13:56:29 +00:00
Dimitry Andric
152e60f2fe Fix some leftover binaries and shared libraries in the system that still
have an executable stack, due to linking in hand-assembled .S or .s
files, that have no .GNU-stack sections:

RWX --- ---  /lib/libcrypto.so.6
RWX --- ---  /lib/libmd.so.5
RWX --- ---  /lib/libz.so.6
RWX --- ---  /lib/libzpool.so.2
RWX --- ---  /usr/lib/liblzma.so.5

These were found using scanelf, from the sysutils/pax-utils port.

Reviewed by:	kib
2011-02-15 22:03:09 +00:00
Ed Schouten
daaf575910 Build lib/ with WARNS=6 by default.
Similar to libexec/, do the same with lib/. Make WARNS=6 the norm and
lower it when needed.

I'm setting WARNS?=0 for secure/. It seems secure/ includes the
Makefile.inc provided by lib/. I'm not going to touch that directory.
Most of the code there is contributed anyway.
2010-01-02 09:58:07 +00:00
Poul-Henning Kamp
2eecaf226b Remove reference to no longer existing document.
Spotted by:	Bjoern Voigt <bjoern@cs.tu-berlin.de>
2009-01-09 11:45:13 +00:00
Poul-Henning Kamp
8372089626 Make the "test" target test the compiled version, instead of the
installed version of the md library.
2008-12-02 19:49:41 +00:00
Colin Percival
23f6784297 Use unsigned comparisons. Prior to this commit, SHA1_Update and
RIPEMD160_Update were broken when all of the following conditions
applied:
(1) The platform is i386.
(2) The program calling *_Update is statically linked to libmd.
(3) The buffer provided to *_Update is aligned modulo 4 bytes.
(4) The buffer extends beyond 2GB.

Due to the design of this code, SHA1_Update and RIPEMD160_Update will
still be broken if conditions (1)-(3) apply AND the buffer extends
beyond 4GB (i.e., there is an integer overflow in computing "data + len").
Since this remaining bug simply replaces SIGSEGV with a bogus hash (and
non-broken programs should never provide such operands) I don't consider
it to be a serious problem.

MFC After:      1 week
PR:             kern/102795
2007-05-14 05:00:37 +00:00
Poul-Henning Kamp
25a14196dd Fix an 11 year old mistake: Let the hash functions take a void* instead
of unsigned char* argument.
2006-01-17 15:35:57 +00:00
Ruslan Ermilov
110e1704d3 -mdoc sweep. 2005-11-17 13:00:00 +00:00
Pawel Jakub Dawidek
febd1f4df1 Correct type.
OK'ed by:	cperciva
2005-09-14 10:42:51 +00:00