Adds sha256 support. While it is a good idea to also add sha384 and

sha512, I did not do that since it is not entirely clear where "the one
true place" to hold their implementations is going to be.  Sha256 is
different since mtree already links against libmd.

Make recommended procedure for integrity checking in the manpage
consistent.

Fix a bug with -f spec1 -f spec2 comparison, which prevented
test/tes03.sh from running successfully.

Reviewed by:	phk, cperciva
This commit is contained in:
Anton Berezin 2005-03-29 11:44:17 +00:00
parent 59d2e1b826
commit b6a9d20adc
9 changed files with 67 additions and 9 deletions

View File

@ -10,7 +10,7 @@ SRCS+= specspec.c
WARNS?= 4
CFLAGS+= -DMD5 -DSHA1 -DRMD160
CFLAGS+= -DMD5 -DSHA1 -DRMD160 -DSHA256
DPADD= ${LIBMD}
LDADD= -lmd

View File

@ -52,6 +52,9 @@ __FBSDID("$FreeBSD$");
#ifdef SHA1
#include <sha.h>
#endif
#ifdef SHA256
#include <sha256.h>
#endif
#include <stdint.h>
#include <stdio.h>
#include <time.h>
@ -294,6 +297,24 @@ typeerr: LABEL;
}
}
#endif /* RMD160 */
#ifdef SHA256
if (s->flags & F_SHA256) {
char *new_digest, buf[65];
new_digest = SHA256_File(p->fts_accpath, buf);
if (!new_digest) {
LABEL;
printf("%sSHA-256: %s: %s\n", tab, p->fts_accpath,
strerror(errno));
tab = "\t";
} else if (strcmp(new_digest, s->sha256digest)) {
LABEL;
printf("%sSHA-256 expected %s found %s\n",
tab, s->sha256digest, new_digest);
tab = "\t";
}
}
#endif /* SHA256 */
if (s->flags & F_SLINK &&
strcmp(cp = rlink(p->fts_accpath), s->slink)) {

View File

@ -52,6 +52,9 @@ __FBSDID("$FreeBSD$");
#ifdef RMD160
#include <ripemd.h>
#endif
#ifdef SHA256
#include <sha256.h>
#endif
#include <pwd.h>
#include <stdint.h>
#include <stdio.h>
@ -249,6 +252,16 @@ statf(int indent, FTSENT *p)
output(indent, &offset, "ripemd160digest=%s", digest);
}
#endif /* RMD160 */
#ifdef SHA256
if (keys & F_SHA256 && S_ISREG(p->fts_statp->st_mode)) {
char *digest, buf[65];
digest = SHA256_File(p->fts_accpath, buf);
if (!digest)
err(1, "%s", p->fts_accpath);
output(indent, &offset, "sha256digest=%s", digest);
}
#endif /* SHA256 */
if (keys & F_SLINK &&
(p->fts_info == FTS_SL || p->fts_info == FTS_SLNONE))
output(indent, &offset, "link=%s", rlink(p->fts_accpath));

View File

@ -71,6 +71,9 @@ static KEY keylist[] = {
#endif
#ifdef SHA1
{"sha1digest", F_SHA1, NEEDVALUE},
#endif
#ifdef SHA256
{"sha256digest", F_SHA256, NEEDVALUE},
#endif
{"size", F_SIZE, NEEDVALUE},
{"time", F_TIME, NEEDVALUE},

View File

@ -204,6 +204,12 @@ The
160-1
.Pq Dq Tn SHA-1
message digest of the file.
.It Cm sha256digest
The
.Tn FIPS
180-2
.Pq Dq Tn SHA-256
message digest of the file.
.It Cm ripemd160digest
The
.Tn RIPEMD160
@ -317,21 +323,21 @@ To detect system binaries that have been ``trojan horsed'', it is recommended
that
.Nm
.Fl K
.Cm sha1digest
.Cm sha256digest
be run on the file systems, and a copy of the results stored on a different
machine, or, at least, in encrypted form.
The output file itself should be digested using the
.Xr md5 1
.Xr sha256 1
utility.
Then, periodically,
.Nm
and
.Xr md5 1
.Xr sha256 1
should be run against the on-line specifications.
While it is possible for the bad guys to change the on-line specifications
to conform to their modified binaries, it is believed to be
impractical for them to create a modified specification which has
the same MD5 digest as the original.
the same SHA-256 digest as the original.
.Pp
The
.Fl d
@ -372,6 +378,10 @@ digests were added in
.Fx 4.0 ,
as new attacks have demonstrated weaknesses in
.Tn MD5 .
The
.Tn SHA-256
digest was added in
.Fx 6.0 .
Support for file flags was added in
.Fx 4.0 ,
and mostly comes from

View File

@ -46,6 +46,7 @@ typedef struct _node {
u_long cksum; /* check sum */
char *md5digest; /* MD5 digest */
char *sha1digest; /* SHA-1 digest */
char *sha256digest; /* SHA-256 digest */
char *rmd160digest; /* RIPEMD160 digest */
char *slink; /* symbolic link reference */
uid_t st_uid; /* uid */
@ -76,6 +77,7 @@ typedef struct _node {
#define F_SHA1 0x20000 /* SHA-1 digest */
#define F_RMD160 0x40000 /* RIPEMD160 digest */
#define F_FLAGS 0x80000 /* file flags */
#define F_SHA256 0x100000 /* SHA-256 digest */
u_int flags; /* items set */
#define F_BLOCK 0x001 /* block special */

View File

@ -194,6 +194,11 @@ set(char *t, NODE *ip)
if(!ip->sha1digest)
errx(1, "strdup");
break;
case F_SHA256:
ip->sha256digest = strdup(val);
if(!ip->sha256digest)
errx(1, "strdup");
break;
case F_RMD160:
ip->rmd160digest = strdup(val);
if(!ip->rmd160digest)

View File

@ -82,6 +82,8 @@ shownode(NODE *n, int f, char const *path)
printf(" sha1digest=%s", n->sha1digest);
if (f & F_RMD160)
printf(" rmd160digest=%s", n->rmd160digest);
if (f & F_SHA256)
printf(" sha256digest=%s", n->sha256digest);
if (f & F_FLAGS)
printf(" flags=%s", flags_to_string(n->st_flags));
printf("\n");
@ -160,6 +162,8 @@ compare_nodes(NODE *n1, NODE *n2, char const *path)
differs |= F_SHA1;
if (FS(n1, n2, F_RMD160, rmd160digest))
differs |= F_RMD160;
if (FS(n1, n2, F_SHA256, sha256digest))
differs |= F_SHA256;
if (FF(n1, n2, F_FLAGS, st_flags))
differs |= F_FLAGS;
if (differs) {
@ -213,19 +217,19 @@ walk_in_the_forest(NODE *t1, NODE *t2, char const *path)
asprintf(&np, "%s%s/", path, c2->name);
i = walk_in_the_forest(c1, c2, np);
free(np);
i = compare_nodes(c1, c2, path);
i += compare_nodes(c1, c2, path);
} else if (c2 == NULL && c1->type == F_DIR) {
asprintf(&np, "%s%s/", path, c1->name);
i = walk_in_the_forest(c1, c2, np);
free(np);
i = compare_nodes(c1, c2, path);
i += compare_nodes(c1, c2, path);
} else if (c1 == NULL || c2 == NULL) {
i = compare_nodes(c1, c2, path);
} else if (c1->type == F_DIR && c2->type == F_DIR) {
asprintf(&np, "%s%s/", path, c1->name);
i = walk_in_the_forest(c1, c2, np);
free(np);
i = compare_nodes(c1, c2, path);
i += compare_nodes(c1, c2, path);
} else {
i = compare_nodes(c1, c2, path);
}

View File

@ -15,7 +15,7 @@ TMP=/tmp/mtree.$$
rm -rf ${TMP}
mkdir -p ${TMP}
K=uid,uname,gid,gname,flags,md5digest,size,ripemd160digest,sha1digest,cksum
K=uid,uname,gid,gname,flags,md5digest,size,ripemd160digest,sha1digest,sha256digest,cksum
rm -rf _FOO
mkdir _FOO