164 Commits

Author SHA1 Message Date
allanjude
faee450471 sha.3: clarify admonition against use in NEW signature schemes
Reported by:	cem, cperciva (grammar)
2019-06-05 20:18:08 +00:00
allanjude
007a5fd4e7 Add admonitions against using MD5 and SHA1 to the API man pages 2019-05-21 22:17:00 +00:00
allanjude
d47112e380 Add missing errors section to md[2-5], ripemd160, sha*, and skein* manpages
PR:		148987
Submitted by:	Dan Lukes <dan@obluda.cz> (original version)
MFC after:	1 week
Sponsored by:	Klara Systems
Event:	Waterloo Hackathon 2019
2019-05-21 22:11:53 +00:00
sbruno
20f13358b1 r338270 had the side effect of no longer installing libmd.so into /lib.
For users who have a seperate zfs mount of /usr or /usr/lib, this will
cause dynamic loading failures when attempting to execute zfs mount on
bootup. E.g. the system won't boot.

Including <src.opts.mk> sets SHLIBDIR, so SHLIBDIR?= has no
effect.  The other lib/ Makefiles solve this problem by moving the
SHLIBDIR  assignment to before .include <src.opts.mk>.

Submitted by:	jilles
Reviewed by:	allanjude
Approved by:	re (rgrimes)
Differential Revision:	https://reviews.freebsd.org/D16910
2018-08-26 17:05:43 +00:00
arichardson
c4f6e7dc54 Don't build skein_block_asm.s if we don't have an as binary
This fixes building libmd on MacOS/Linux. The real fix is probably to
build it as a .S file with $CC instead. It might also be better to just
compile the C file in userspace since the compiler can the use SSE/AVX.

Reviewed By:	emaste, brooks
Approved By:	jhb (mentor)
Differential Revision: https://reviews.freebsd.org/D16844
2018-08-23 18:19:33 +00:00
arichardson
de3ac6e1c3 Allow bootstrapping libmd on MacOS
The assembly files use directives that only work for ELF targets so skip
them when bootstrapping on MacOS.

Reviewed By:	imp
Approved By:	jhb (mentor)
Differential Revision: https://reviews.freebsd.org/D14247
2018-08-20 10:39:48 +00:00
delphij
8f0497f698 libmd: Always erase context in _Final method, and when doing
it, consistently use explicit_bzero().

Update manual pages to match the behavior.

Reviewed by:	pfg, allanjude, jmg
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D16316
2018-07-20 07:01:28 +00:00
cem
e3a95f95e7 Integrate SHA2-224 with userspace components
The double compilation of the kernel sources in libmd and libcrypt is
baffling, but add yet another define hack to prevent duplicate symbols.

Add documentation and SHA2-224 test cases to libmd.

Integrate with the md5(1) command, document, and add more test cases;
self-tests pass.
2018-07-09 08:19:04 +00:00
markj
1ff7e0b99a Revert r334090.
It causes the 32bit compat build of libmd to fail with:

libmd/rmd160c.c:86:9: error: 'ripemd160_block' macro redefined
#define ripemd160_block ripemd160_block_x86
        ^
libmd/ripemd.h:122:9: note: previous definition is here
#define ripemd160_block         _libmd_ripemd160_block
2018-05-23 17:01:28 +00:00
eadler
0c7857d3a5 libmd: build with WARNS=1
- build with WARNS=1. This works without any changes
- remove two unused variables noticed at WARNS=2
2018-05-23 11:20:16 +00:00
cem
d03b39a943 libmd: Remove trailing whitespace from mdXhl.c
No functional change.

Reported by:	me, in a CR from three years ago today
Sponsored by:	Dell EMC Isilon
2018-04-17 17:23:47 +00:00
trasz
023e12f8a9 Fix formatting errors that resulted in apropos(1) output looking weird.
MFC after:	2 weeks
2018-03-17 11:41:06 +00:00
pfg
e11cf14dc2 SPDX: some uses of the RSA-MD license. 2017-12-13 16:30:39 +00:00
bdrewery
a598c4b809 DIRDEPS_BUILD: Update dependencies.
Sponsored by:	Dell EMC Isilon
2017-10-31 00:07:04 +00:00
allanjude
162ef49ab1 Increase loop unrolling for skein hashes
This patch was inspired by an opposite change made to shrink the code
for the boot loader.

On my i7-4770, it increases the skein1024 speed from 470 to 550 MB/s

Reviewed by:	sbruno
MFC after:	1 month
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D7824
2017-07-01 21:18:06 +00:00
tsoome
050204e122 ANSIfy md5 functions
Update the function declarations.

Reviewed by:	dim
Differential Revision:	https://reviews.freebsd.org/D11055
2017-06-05 11:55:26 +00:00
bdrewery
4181033340 Fix bootstrapping libmd on older systems after r314709.
This follows another fix to bootstrap libmd after r313404.  The
MD5FileChunk prototype is needed to build libmd, but it is
only reliably in the src tree's sys/md5.h header.  Rather than
polluting the legacy build with this header for the entire build,
just symlink it in here for now as is done in the elftoolchain
build.  Libmd is already referencing other src tree headers by
its used of CFLAGS+= ${SRCTOP}/sys/crypto/sha2.  This, and
other uses of CFLAGS+= ${SRCTOP}/sys..., may later change to
be in the legacy mechanism.

Reported by:	bde, ian, sjg
Tested by:	ian
2017-03-06 21:06:55 +00:00
ngie
fefb324657 Use SRCTOP-relative paths to other directories instead of .CURDIR-relative ones
This simplifies pathing in make/displayed output

MFC after:    3 weeks
Sponsored by: Dell EMC Isilon
2017-01-20 04:43:21 +00:00
asomers
1bd8919011 Fix C++ includability of crypto headers with static array sizes
C99 allows array function parameters to use the static keyword for their
sizes. This tells the compiler that the parameter will have at least the
specified size, and calling code will fail to compile if that guarantee is
not met. However, this syntax is not legal in C++.

This commit reverts r300824, which worked around the problem for
sys/sys/md5.h only, and introduces a new macro: min_size(). min_size(x) can
be used in headers as a static array size, but will still compile in C++
mode.

Reviewed by:	cem, ed
MFC after:	4 weeks
Sponsored by:	Spectra Logic Corp
Differential Revision:	https://reviews.freebsd.org/D8277
2016-10-18 23:20:49 +00:00
emaste
b76d29a58e libmd: introduce functions that operate on an fd instead of filename
Reviewed by:	allanjude, cem
MFC after:	2 months
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D8264
2016-10-17 13:47:22 +00:00
emaste
860980172e libmd: strip local absolute symbols (to link with lld)
Old versions of gas produce an invalid section index. That is ignored by
old versions of ld, but prevents a link with lld.

Submitted by:	Rafael Ávila de Espíndola (earlier version)
Reviewed by:	allanjude
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D6789
2016-07-21 18:47:51 +00:00
allanjude
6d6e6f6722 Import the skein hashing algorithm, based on the threefish block cipher
Connect it to userland (libmd, libcrypt, sbin/md5) and kernel (crypto.ko)

Support for skein as a ZFS checksum algorithm was introduced in r289422
but is disconnected because FreeBSD lacked a Skein implementation.

A further commit will enable it in ZFS.

Reviewed by:	cem
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D6166
2016-05-29 01:15:36 +00:00
allanjude
4581e38971 Implement SHA-512 truncated (224 and 256 bits)
This implements SHA-512/256, which generates a 256 bit hash by
calculating the SHA-512 then truncating the result. A different initial
value is used, making the result different from the first 256 bits of
the SHA-512 of the same input. SHA-512 is ~50% faster than SHA-256 on
64bit platforms, so the result is a faster 256 bit hash.

The main goal of this implementation is to enable support for this
faster hashing algorithm in ZFS. The feature was introduced into ZFS
in r289422, but is disconnected because SHA-512/256 support was missing.
A further commit will enable it in ZFS.

This is the follow on to r292782

Reviewed by:	cem
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D6061
2016-05-28 16:06:07 +00:00
cem
8a77f26386 libmd: Work around C++'s inability to understand C
Reported by:	antoine@ (x265)
2016-05-27 05:31:14 +00:00
gjb
955ce29ea3 MFH
Sponsored by:	The FreeBSD Foundation
2016-03-02 16:14:46 +00:00
bdrewery
2a891f1feb DIRDEPS_BUILD: Regenerate without local dependencies.
These are no longer needed after the recent 'beforebuild: depend' changes
and hooking DIRDEPS_BUILD into a subset of FAST_DEPEND which supports
skipping 'make depend'.

Sponsored by:	EMC / Isilon Storage Division
2016-02-24 17:20:11 +00:00
gjb
fef2698edf First pass through library packaging.
Sponsored by:	The FreeBSD Foundation
2016-02-04 21:16:35 +00:00
jtl
71d3115e20 Improvements to the MDXFileChunk() template function:
- Remove unneeded fstat()/lseek() calls.
- Return NULL and set errno to EINVAL on negative length.
- Fix small style problems and expand variable names.

After this change, it is possible to use this code for some irregular
files. For example, 'md5 /dev/md0' should now succeed.

Differential Revision:	https://reviews.freebsd.org/D4748
Suggested by:	bde
Reviewed by:	bde, allanjude, delphij
2016-01-14 21:08:23 +00:00
bdrewery
d6b33ca987 DIRDEPS_BUILD: Update dependencies.
Sponsored by:	EMC / Isilon Storage Division
2016-01-07 19:58:23 +00:00
jtl
df8d88f0e5 Fix a file descriptor leak in mdXhl.c (which is used by numerous hashing
algorithms.

CID:	1305669,1305611,1305663,1305603,1305584,1305639,1346865,1305601
Differential Revision:	https://reviews.freebsd.org/D4732
Reviewed by:	allanjude, delphij
MFC after:	2 weeks
Sponsored by:	Juniper Networks
2015-12-30 18:04:50 +00:00
allanjude
c7c2f2dfab Replace sys/crypto/sha2/sha2.c with lib/libmd/sha512c.c
cperciva's libmd implementation is 5-30% faster

The same was done for SHA256 previously in r263218

cperciva's implementation was lacking SHA-384 which I implemented, validated against OpenSSL and the NIST documentation

Extend sbin/md5 to create sha384(1)

Chase dependancies on sys/crypto/sha2/sha2.{c,h} and replace them with sha512{c.c,.h}

Reviewed by:	cperciva, des, delphij
Approved by:	secteam, bapt (mentor)
MFC after:	2 weeks
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D3929
2015-12-27 17:33:59 +00:00
bdrewery
d9de886cd4 META MODE: Remove unneeded libmd.host dependency for xinstall.host.
This is chasing r291026.

Sponsored by:	EMC / Isilon Storage Division
2015-11-25 19:44:55 +00:00
bdrewery
cbc5242afd META MODE: Fix 'make bootstrap-tools'.
The main problem was bitrot after elftoolchain being swapped in for the
GNU toolchain.

This also reworks how the list of 'host allowed' libraries is determined
to only allow INTERNALLIBs, which is needed for libelftc to come in.

For usr.bin/readelf use the same hack, as libelf and libdward, to bring in
the needed sys/ headers for host builds.  This has not yet been a problem due
to readelf not being built as a host tool in buildworld.  This is possible
in the meta build though when building the toolchain.

Sponsored by:	EMC / Isilon Storage Division
2015-11-25 19:44:51 +00:00
bdrewery
e13d6f8b3f META MODE: Prefer INSTALL=tools/install.sh to lessen the need for xinstall.host.
This both avoids some dependencies on xinstall.host and allows
bootstrapping on older releases to work due to lack of at least 'install -l'
support.

Sponsored by:	EMC / Isilon Storage Division
2015-11-25 19:10:28 +00:00
rodrigc
ff453892a2 Add new include path for sha256.h
This fixes the bootstrap build on FreeBSD 10.

Submitted by:	andrew
2015-07-12 03:39:36 +00:00
jmg
ec1fe94d10 Complete the move that was started w/ r263218.. For some reason I
didn't delete the files, so that means we need to bring the changes in
r282726 to the correct files..

make tinderbox completed with this patch...
2015-07-11 03:12:34 +00:00
jmg
9b2d45a850 increase buffer size to significantly increase performance...
see:
https://docs.freebsd.org/cgi/mid.cgi?20150513080342.GE37063@funkthat.com

for benchmarks...
2015-07-09 16:13:05 +00:00
sjg
852129abd1 new depends 2015-06-16 23:37:19 +00:00
bapt
594e07bd1b Revert r284417 it is not necessary anymore 2015-06-15 19:28:07 +00:00
bapt
9fb85ece8b Enforce overwritting SHLIBDIR
Since METAMODE has been added, sys.mk loads bsd.mkopt.mk which ends load loading
bsd.own.mk which then defines SHLIBDIR before all the Makefile.inc everywhere.

This makes /lib being populated again.

Reported by:	many
2015-06-15 15:34:20 +00:00
sjg
008d7c831f Add META_MODE support.
Off by default, build behaves normally.
WITH_META_MODE we get auto objdir creation, the ability to
start build from anywhere in the tree.

Still need to add real targets under targets/ to build packages.

Differential Revision:       D2796
Reviewed by: brooks imp
2015-06-13 19:20:56 +00:00
sjg
75a137820d dirdeps.mk now sets DEP_RELDIR 2015-06-08 23:35:17 +00:00
sjg
65145fa4c8 Merge sync of head 2015-05-27 01:19:58 +00:00
thomas
bc9bb928c8 Unbreak MIPS build following rev. 282726
Introduce further adjustments to the renaming of libmd
symbols: make sure that we do not generate dangling weak
aliases, as this causes build failures on MIPS.

Tested by:	sbruno
2015-05-11 16:45:33 +00:00
thomas
6d811dd541 Unbreak build following rev. 282726
(Makefile.inc1): add dependency of xinstall on libmd to
avoid failure of parallel bootstrap.

(lib/libmd/*.h): do not redefine symbols if already
defined as macros (libcrypt uses the same sources internally,
redefining symbols with a prefix of its own).

Fixes build failures caused by previous change to libmd.

Reported by: ian
Pointy hat to: thomas
2015-05-10 21:21:52 +00:00
thomas
398e09896a Ensure libmd symbols do not clash with libcrypto
Add a prefix to all symbols in libmd to avoid incompatibilites
with same-named, but not binary compatible, symbols from libcrypto.

Also introduce Weak aliases to avoid the need to rebuild dependent
binaries and a major version bump.

PR:		199119
Differential Revision:	D2216
Reviewed by:	roberto, delphij
MFC after:	2 weeks
2015-05-10 13:21:36 +00:00
ngie
2aab358f3c Avoid an infinite loop by ensuring that the amount of bytes read is greater
than 0 in MDXFileChunk when calculating the checksum

This edgecase can be triggered if the file is truncated while the checksum
is being calculated (i.e. the EOF is reached)

Differential Revision: https://reviews.freebsd.org/D2351 (patch by darius)
PR: 196694
Reviewed by: delphij, ngie
Submitted by: Daniel O'Connor <darius@dons.net.au>
Sponsored by: EMC / Isilon Storage Division
2015-04-24 11:03:47 +00:00
emaste
fda27c9937 Revert r274772: it is not valid on MIPS
Reported by:	sbruno
2014-11-25 03:50:31 +00:00
emaste
c7e313326d Use canonical __PIC__ flag
It is automatically set when -fPIC is passed to the compiler.

Reviewed by:	dim, kib
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D1179
2014-11-21 02:05:48 +00:00
sjg
d7cd1d425c Merge head from 7/28 2014-08-19 06:50:54 +00:00