Commit Graph

146 Commits

Author SHA1 Message Date
asomers
1bd8919011 Fix C++ includability of crypto headers with static array sizes
C99 allows array function parameters to use the static keyword for their
sizes. This tells the compiler that the parameter will have at least the
specified size, and calling code will fail to compile if that guarantee is
not met. However, this syntax is not legal in C++.

This commit reverts r300824, which worked around the problem for
sys/sys/md5.h only, and introduces a new macro: min_size(). min_size(x) can
be used in headers as a static array size, but will still compile in C++
mode.

Reviewed by:	cem, ed
MFC after:	4 weeks
Sponsored by:	Spectra Logic Corp
Differential Revision:	https://reviews.freebsd.org/D8277
2016-10-18 23:20:49 +00:00
emaste
b76d29a58e libmd: introduce functions that operate on an fd instead of filename
Reviewed by:	allanjude, cem
MFC after:	2 months
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D8264
2016-10-17 13:47:22 +00:00
emaste
860980172e libmd: strip local absolute symbols (to link with lld)
Old versions of gas produce an invalid section index. That is ignored by
old versions of ld, but prevents a link with lld.

Submitted by:	Rafael Ávila de Espíndola (earlier version)
Reviewed by:	allanjude
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D6789
2016-07-21 18:47:51 +00:00
allanjude
6d6e6f6722 Import the skein hashing algorithm, based on the threefish block cipher
Connect it to userland (libmd, libcrypt, sbin/md5) and kernel (crypto.ko)

Support for skein as a ZFS checksum algorithm was introduced in r289422
but is disconnected because FreeBSD lacked a Skein implementation.

A further commit will enable it in ZFS.

Reviewed by:	cem
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D6166
2016-05-29 01:15:36 +00:00
allanjude
4581e38971 Implement SHA-512 truncated (224 and 256 bits)
This implements SHA-512/256, which generates a 256 bit hash by
calculating the SHA-512 then truncating the result. A different initial
value is used, making the result different from the first 256 bits of
the SHA-512 of the same input. SHA-512 is ~50% faster than SHA-256 on
64bit platforms, so the result is a faster 256 bit hash.

The main goal of this implementation is to enable support for this
faster hashing algorithm in ZFS. The feature was introduced into ZFS
in r289422, but is disconnected because SHA-512/256 support was missing.
A further commit will enable it in ZFS.

This is the follow on to r292782

Reviewed by:	cem
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D6061
2016-05-28 16:06:07 +00:00
cem
8a77f26386 libmd: Work around C++'s inability to understand C
Reported by:	antoine@ (x265)
2016-05-27 05:31:14 +00:00
gjb
955ce29ea3 MFH
Sponsored by:	The FreeBSD Foundation
2016-03-02 16:14:46 +00:00
bdrewery
2a891f1feb DIRDEPS_BUILD: Regenerate without local dependencies.
These are no longer needed after the recent 'beforebuild: depend' changes
and hooking DIRDEPS_BUILD into a subset of FAST_DEPEND which supports
skipping 'make depend'.

Sponsored by:	EMC / Isilon Storage Division
2016-02-24 17:20:11 +00:00
gjb
fef2698edf First pass through library packaging.
Sponsored by:	The FreeBSD Foundation
2016-02-04 21:16:35 +00:00
jtl
71d3115e20 Improvements to the MDXFileChunk() template function:
- Remove unneeded fstat()/lseek() calls.
- Return NULL and set errno to EINVAL on negative length.
- Fix small style problems and expand variable names.

After this change, it is possible to use this code for some irregular
files. For example, 'md5 /dev/md0' should now succeed.

Differential Revision:	https://reviews.freebsd.org/D4748
Suggested by:	bde
Reviewed by:	bde, allanjude, delphij
2016-01-14 21:08:23 +00:00
bdrewery
d6b33ca987 DIRDEPS_BUILD: Update dependencies.
Sponsored by:	EMC / Isilon Storage Division
2016-01-07 19:58:23 +00:00
jtl
df8d88f0e5 Fix a file descriptor leak in mdXhl.c (which is used by numerous hashing
algorithms.

CID:	1305669,1305611,1305663,1305603,1305584,1305639,1346865,1305601
Differential Revision:	https://reviews.freebsd.org/D4732
Reviewed by:	allanjude, delphij
MFC after:	2 weeks
Sponsored by:	Juniper Networks
2015-12-30 18:04:50 +00:00
allanjude
c7c2f2dfab Replace sys/crypto/sha2/sha2.c with lib/libmd/sha512c.c
cperciva's libmd implementation is 5-30% faster

The same was done for SHA256 previously in r263218

cperciva's implementation was lacking SHA-384 which I implemented, validated against OpenSSL and the NIST documentation

Extend sbin/md5 to create sha384(1)

Chase dependancies on sys/crypto/sha2/sha2.{c,h} and replace them with sha512{c.c,.h}

Reviewed by:	cperciva, des, delphij
Approved by:	secteam, bapt (mentor)
MFC after:	2 weeks
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D3929
2015-12-27 17:33:59 +00:00
bdrewery
d9de886cd4 META MODE: Remove unneeded libmd.host dependency for xinstall.host.
This is chasing r291026.

Sponsored by:	EMC / Isilon Storage Division
2015-11-25 19:44:55 +00:00
bdrewery
cbc5242afd META MODE: Fix 'make bootstrap-tools'.
The main problem was bitrot after elftoolchain being swapped in for the
GNU toolchain.

This also reworks how the list of 'host allowed' libraries is determined
to only allow INTERNALLIBs, which is needed for libelftc to come in.

For usr.bin/readelf use the same hack, as libelf and libdward, to bring in
the needed sys/ headers for host builds.  This has not yet been a problem due
to readelf not being built as a host tool in buildworld.  This is possible
in the meta build though when building the toolchain.

Sponsored by:	EMC / Isilon Storage Division
2015-11-25 19:44:51 +00:00
bdrewery
e13d6f8b3f META MODE: Prefer INSTALL=tools/install.sh to lessen the need for xinstall.host.
This both avoids some dependencies on xinstall.host and allows
bootstrapping on older releases to work due to lack of at least 'install -l'
support.

Sponsored by:	EMC / Isilon Storage Division
2015-11-25 19:10:28 +00:00
rodrigc
ff453892a2 Add new include path for sha256.h
This fixes the bootstrap build on FreeBSD 10.

Submitted by:	andrew
2015-07-12 03:39:36 +00:00
jmg
ec1fe94d10 Complete the move that was started w/ r263218.. For some reason I
didn't delete the files, so that means we need to bring the changes in
r282726 to the correct files..

make tinderbox completed with this patch...
2015-07-11 03:12:34 +00:00
jmg
9b2d45a850 increase buffer size to significantly increase performance...
see:
https://docs.freebsd.org/cgi/mid.cgi?20150513080342.GE37063@funkthat.com

for benchmarks...
2015-07-09 16:13:05 +00:00
sjg
852129abd1 new depends 2015-06-16 23:37:19 +00:00
bapt
594e07bd1b Revert r284417 it is not necessary anymore 2015-06-15 19:28:07 +00:00
bapt
9fb85ece8b Enforce overwritting SHLIBDIR
Since METAMODE has been added, sys.mk loads bsd.mkopt.mk which ends load loading
bsd.own.mk which then defines SHLIBDIR before all the Makefile.inc everywhere.

This makes /lib being populated again.

Reported by:	many
2015-06-15 15:34:20 +00:00
sjg
008d7c831f Add META_MODE support.
Off by default, build behaves normally.
WITH_META_MODE we get auto objdir creation, the ability to
start build from anywhere in the tree.

Still need to add real targets under targets/ to build packages.

Differential Revision:       D2796
Reviewed by: brooks imp
2015-06-13 19:20:56 +00:00
sjg
75a137820d dirdeps.mk now sets DEP_RELDIR 2015-06-08 23:35:17 +00:00
sjg
65145fa4c8 Merge sync of head 2015-05-27 01:19:58 +00:00
thomas
bc9bb928c8 Unbreak MIPS build following rev. 282726
Introduce further adjustments to the renaming of libmd
symbols: make sure that we do not generate dangling weak
aliases, as this causes build failures on MIPS.

Tested by:	sbruno
2015-05-11 16:45:33 +00:00
thomas
6d811dd541 Unbreak build following rev. 282726
(Makefile.inc1): add dependency of xinstall on libmd to
avoid failure of parallel bootstrap.

(lib/libmd/*.h): do not redefine symbols if already
defined as macros (libcrypt uses the same sources internally,
redefining symbols with a prefix of its own).

Fixes build failures caused by previous change to libmd.

Reported by: ian
Pointy hat to: thomas
2015-05-10 21:21:52 +00:00
thomas
398e09896a Ensure libmd symbols do not clash with libcrypto
Add a prefix to all symbols in libmd to avoid incompatibilites
with same-named, but not binary compatible, symbols from libcrypto.

Also introduce Weak aliases to avoid the need to rebuild dependent
binaries and a major version bump.

PR:		199119
Differential Revision:	D2216
Reviewed by:	roberto, delphij
MFC after:	2 weeks
2015-05-10 13:21:36 +00:00
ngie
2aab358f3c Avoid an infinite loop by ensuring that the amount of bytes read is greater
than 0 in MDXFileChunk when calculating the checksum

This edgecase can be triggered if the file is truncated while the checksum
is being calculated (i.e. the EOF is reached)

Differential Revision: https://reviews.freebsd.org/D2351 (patch by darius)
PR: 196694
Reviewed by: delphij, ngie
Submitted by: Daniel O'Connor <darius@dons.net.au>
Sponsored by: EMC / Isilon Storage Division
2015-04-24 11:03:47 +00:00
emaste
fda27c9937 Revert r274772: it is not valid on MIPS
Reported by:	sbruno
2014-11-25 03:50:31 +00:00
emaste
c7e313326d Use canonical __PIC__ flag
It is automatically set when -fPIC is passed to the compiler.

Reviewed by:	dim, kib
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D1179
2014-11-21 02:05:48 +00:00
sjg
d7cd1d425c Merge head from 7/28 2014-08-19 06:50:54 +00:00
bapt
1f77f137dc use .Mt to mark up email addresses consistently (part3)
PR:		191174
Submitted by:	Franco Fichtner  <franco at lastsummer.de>
2014-06-23 08:23:05 +00:00
sjg
5860f0d106 Updated dependencies 2014-05-16 14:09:51 +00:00
sjg
1a7e48acf1 Updated dependencies 2014-05-10 05:16:28 +00:00
sjg
5e568154a0 Merge head 2014-04-28 07:50:45 +00:00
gjb
37accaf4d8 Dereference nonexistent md2(3) manual.
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2014-03-28 04:19:06 +00:00
jmg
eab153cc9d replace the kernel's version w/ cperciva's implementation... In all
my tests, it is faster ~20%, even on an old IXP425 533MHz it is ~45%
faster...  This is partly due to loop unrolling, so the code size does
significantly increase...  I do plan on committing a version that
rolls up the loops again for smaller code size for embedded systems
where size is more important than absolute performance (it'll save ~6k
code)...

The kernel implementation is now shared w/ userland's libcrypt and
libmd...

We drop support for sha256 from sha2.c, so now sha2.c only contains
sha384 and sha512...

Reviewed by:	secteam@
2014-03-16 01:43:23 +00:00
jmg
761960c8d5 use a real uint64_t instead of writing code to emulate one..
I verified w/ a:
dd if=/dev/zero bs=1m count=5000 | sha256
a33351fafd00e4c4bcdee2a1c5d019026500f8cdfeaf91a9b8dbbb2619429659

Reviewed by:	cperciva
MFC after:	1 week
2014-01-11 20:49:22 +00:00
sjg
6d37b86f2b Updated dependencies 2013-03-11 17:21:52 +00:00
sjg
0ee5295509 Updated dependencies 2013-02-16 01:23:54 +00:00
sjg
9f7bd28e77 Updated/new Makefile.depend 2012-11-08 21:24:17 +00:00
marcel
9dd41e3647 Sync FreeBSD's bmake branch with Juniper's internal bmake branch.
Requested by: Simon Gerraty <sjg@juniper.net>
2012-08-22 19:25:57 +00:00
obrien
62cedd908a Remove the RFC 1319 MD2 Message-Digest Algorithm routines from libmd.
1. The licensing terms for the MD2 routines from RFC is not under a BSD-like
   license.  Instead it is only granted for non-commercial Internet
   Privacy-Enhanced Mail.
2. MD2 is quite deprecated as it is no longer considered a cryptographically
   strong algorithm.

Discussed with:	so (cperciva), core
2012-04-28 02:48:51 +00:00
cperciva
22d4b198f7 Rewrite HISTORY: The SHA256 code first appeared in 6.0, and the SHA512
code in 9.0; neither existed in FreeBSD 4.0.
2011-06-27 02:10:10 +00:00
markm
4f5a8eb04f Add SHA512 (Actually, this is Colin Percival's code for SHA256, with
relevant constants changed).

While I'm here clean up the tests and Makefile.

PR:		misc/124164
Submitted by:	KIMURA Yasuhiro < yasu utahime org >
MFC after:	1 month
2011-04-09 13:56:29 +00:00
dim
f58eeaae2e Fix some leftover binaries and shared libraries in the system that still
have an executable stack, due to linking in hand-assembled .S or .s
files, that have no .GNU-stack sections:

RWX --- ---  /lib/libcrypto.so.6
RWX --- ---  /lib/libmd.so.5
RWX --- ---  /lib/libz.so.6
RWX --- ---  /lib/libzpool.so.2
RWX --- ---  /usr/lib/liblzma.so.5

These were found using scanelf, from the sysutils/pax-utils port.

Reviewed by:	kib
2011-02-15 22:03:09 +00:00
ed
09818ac28e Build lib/ with WARNS=6 by default.
Similar to libexec/, do the same with lib/. Make WARNS=6 the norm and
lower it when needed.

I'm setting WARNS?=0 for secure/. It seems secure/ includes the
Makefile.inc provided by lib/. I'm not going to touch that directory.
Most of the code there is contributed anyway.
2010-01-02 09:58:07 +00:00
phk
6d87547e6f Remove reference to no longer existing document.
Spotted by:	Bjoern Voigt <bjoern@cs.tu-berlin.de>
2009-01-09 11:45:13 +00:00
phk
94db7634b6 Make the "test" target test the compiled version, instead of the
installed version of the md library.
2008-12-02 19:49:41 +00:00