diff options
Diffstat (limited to 'lib')
-rw-r--r-- | lib/libc/string/Makefile.inc | 3 | ||||
-rw-r--r-- | lib/libc/string/Symbol.map | 1 | ||||
-rw-r--r-- | lib/libc/string/bzero.3 | 18 | ||||
-rw-r--r-- | lib/libc/string/explicit_bzero.c | 22 | ||||
-rw-r--r-- | lib/libcrypt/Makefile | 2 | ||||
-rw-r--r-- | lib/libipsec/pfkey_dump.c | 3 | ||||
-rw-r--r-- | lib/libmd/Makefile | 11 | ||||
-rw-r--r-- | lib/libmd/md4.h | 28 | ||||
-rw-r--r-- | lib/libmd/md4c.c | 15 | ||||
-rw-r--r-- | lib/libmd/md5.h | 37 | ||||
-rw-r--r-- | lib/libmd/md5c.c | 19 | ||||
-rw-r--r-- | lib/libmd/mdXhl.c | 15 | ||||
-rw-r--r-- | lib/libmd/ripemd.h | 35 | ||||
-rw-r--r-- | lib/libmd/rmd160c.c | 19 | ||||
-rw-r--r-- | lib/libmd/sha.h | 68 | ||||
-rw-r--r-- | lib/libmd/sha1c.c | 30 | ||||
-rw-r--r-- | lib/libmd/sha256.h | 50 | ||||
-rw-r--r-- | lib/libmd/sha256c.c | 300 | ||||
-rw-r--r-- | lib/libmd/sha512.h | 32 | ||||
-rw-r--r-- | lib/libmd/sha512c.c | 15 | ||||
-rw-r--r-- | lib/libmd/shadriver.c | 3 |
21 files changed, 370 insertions, 356 deletions
diff --git a/lib/libc/string/Makefile.inc b/lib/libc/string/Makefile.inc index cc25c25..4efe764 100644 --- a/lib/libc/string/Makefile.inc +++ b/lib/libc/string/Makefile.inc @@ -6,7 +6,8 @@ CFLAGS+= -I${.CURDIR}/locale # machine-independent string sources -MISRCS+=bcmp.c bcopy.c bzero.c ffs.c ffsl.c ffsll.c fls.c flsl.c flsll.c \ +MISRCS+=bcmp.c bcopy.c bzero.c explicit_bzero.c \ + ffs.c ffsl.c ffsll.c fls.c flsl.c flsll.c \ memccpy.c memchr.c memrchr.c memcmp.c \ memcpy.c memmem.c memmove.c memset.c \ stpcpy.c stpncpy.c strcasecmp.c \ diff --git a/lib/libc/string/Symbol.map b/lib/libc/string/Symbol.map index 8e80165..c876e76 100644 --- a/lib/libc/string/Symbol.map +++ b/lib/libc/string/Symbol.map @@ -92,6 +92,7 @@ FBSD_1.1 { }; FBSD_1.3 { + explicit_bzero; strcasecmp_l; strcasestr_l; strchrnul; diff --git a/lib/libc/string/bzero.3 b/lib/libc/string/bzero.3 index 029644a..ea572be 100644 --- a/lib/libc/string/bzero.3 +++ b/lib/libc/string/bzero.3 @@ -35,7 +35,8 @@ .Dt BZERO 3 .Os .Sh NAME -.Nm bzero +.Nm bzero , +.Nm explicit_bzero .Nd write zeroes to a byte string .Sh LIBRARY .Lb libc @@ -43,6 +44,8 @@ .In strings.h .Ft void .Fn bzero "void *b" "size_t len" +.Ft void +.Fn explicit_bzero "void *b" "size_t len" .Sh DESCRIPTION The .Fn bzero @@ -56,6 +59,12 @@ If is zero, .Fn bzero does nothing. +.Pp +The +.Fn explicit_bzero +variant behaves the same, but will not be removed by a compiler's dead store +optimization pass, making it useful for clearing sensitive memory such as a +password. .Sh SEE ALSO .Xr memset 3 , .Xr swab 3 @@ -72,3 +81,10 @@ before it was moved to for .St -p1003.1-2001 compliance. +.Pp +The +.Fn explicit_bzero +function first appeared in +.Ox 5.5 +and +.Fx 11.0 . diff --git a/lib/libc/string/explicit_bzero.c b/lib/libc/string/explicit_bzero.c new file mode 100644 index 0000000..a7811b0 --- /dev/null +++ b/lib/libc/string/explicit_bzero.c @@ -0,0 +1,22 @@ +/* $OpenBSD: explicit_bzero.c,v 1.3 2014/06/21 02:34:26 matthew Exp $ */ +/* + * Public domain. + * Written by Matthew Dempsky. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <string.h> + +__attribute__((weak)) void +__explicit_bzero_hook(void *buf, size_t len) +{ +} + +void +explicit_bzero(void *buf, size_t len) +{ + memset(buf, 0, len); + __explicit_bzero_hook(buf, len); +} diff --git a/lib/libcrypt/Makefile b/lib/libcrypt/Makefile index 798b4b6..aca24d8 100644 --- a/lib/libcrypt/Makefile +++ b/lib/libcrypt/Makefile @@ -9,7 +9,7 @@ SHLIBDIR?= /lib SHLIB_MAJOR= 5 LIB= crypt -.PATH: ${.CURDIR}/../libmd +.PATH: ${.CURDIR}/../libmd ${.CURDIR}/../../sys/crypto/sha2 SRCS= crypt.c misc.c \ crypt-md5.c md5c.c \ crypt-nthash.c md4c.c \ diff --git a/lib/libipsec/pfkey_dump.c b/lib/libipsec/pfkey_dump.c index 068ad0e..872aa43 100644 --- a/lib/libipsec/pfkey_dump.c +++ b/lib/libipsec/pfkey_dump.c @@ -187,6 +187,9 @@ static struct val2str str_alg_enc[] = { #ifdef SADB_X_EALG_AESCTR { SADB_X_EALG_AESCTR, "aes-ctr", }, #endif +#ifdef SADB_X_EALG_AESGCM16 + { SADB_X_EALG_AESGCM16, "aes-gcm-16", }, +#endif #ifdef SADB_X_EALG_CAMELLIACBC { SADB_X_EALG_CAMELLIACBC, "camellia-cbc", }, #endif diff --git a/lib/libmd/Makefile b/lib/libmd/Makefile index d0fe705..c1f6eb9 100644 --- a/lib/libmd/Makefile +++ b/lib/libmd/Makefile @@ -42,8 +42,15 @@ CLEANFILES+= md[245]hl.c md[245].ref md[245].3 mddriver \ sha0.ref sha0hl.c sha1.ref sha1hl.c shadriver \ sha256.ref sha256hl.c sha512.ref sha512hl.c -CFLAGS+= -I${.CURDIR} -.PATH: ${.CURDIR}/${MACHINE_ARCH} +# Define WEAK_REFS to provide weak aliases for libmd symbols +# +# Note that the same sources are also used internally by libcrypt, +# in which case: +# * macros are used to rename symbols to libcrypt internal names +# * no weak aliases are generated +CFLAGS+= -I${.CURDIR} -I${.CURDIR}/../../sys/crypto/sha2 +CFLAGS+= -DWEAK_REFS +.PATH: ${.CURDIR}/${MACHINE_ARCH} ${.CURDIR}/../../sys/crypto/sha2 .if exists(${MACHINE_ARCH}/sha.S) SRCS+= sha.S diff --git a/lib/libmd/md4.h b/lib/libmd/md4.h index 4773513..086a27b 100644 --- a/lib/libmd/md4.h +++ b/lib/libmd/md4.h @@ -35,6 +35,34 @@ typedef struct MD4Context { #include <sys/cdefs.h> __BEGIN_DECLS + +/* Ensure libmd symbols do not clash with libcrypto */ + +#ifndef MD4Init +#define MD4Init _libmd_MD4Init +#endif +#ifndef MD4Update +#define MD4Update _libmd_MD4Update +#endif +#ifndef MD4Pad +#define MD4Pad _libmd_MD4Pad +#endif +#ifndef MD4Final +#define MD4Final _libmd_MD4Final +#endif +#ifndef MD4End +#define MD4End _libmd_MD4End +#endif +#ifndef MD4File +#define MD4File _libmd_MD4File +#endif +#ifndef MD4FileChunk +#define MD4FileChunk _libmd_MD4FileChunk +#endif +#ifndef MD4Data +#define MD4Data _libmd_MD4Data +#endif + void MD4Init(MD4_CTX *); void MD4Update(MD4_CTX *, const void *, unsigned int); void MD4Pad(MD4_CTX *); diff --git a/lib/libmd/md4c.c b/lib/libmd/md4c.c index 1211a98..de1a7b4a 100644 --- a/lib/libmd/md4c.c +++ b/lib/libmd/md4c.c @@ -290,3 +290,18 @@ unsigned int len; output[i] = ((UINT4)input[j]) | (((UINT4)input[j+1]) << 8) | (((UINT4)input[j+2]) << 16) | (((UINT4)input[j+3]) << 24); } + +#ifdef WEAK_REFS +/* When building libmd, provide weak references. Note: this is not + activated in the context of compiling these sources for internal + use in libcrypt. + */ +#undef MD4Init +__weak_reference(_libmd_MD4Init, MD4Init); +#undef MD4Update +__weak_reference(_libmd_MD4Update, MD4Update); +#undef MD4Pad +__weak_reference(_libmd_MD4Pad, MD4Pad); +#undef MD4Final +__weak_reference(_libmd_MD4Final, MD4Final); +#endif diff --git a/lib/libmd/md5.h b/lib/libmd/md5.h index 803a88f..5ab3b14 100644 --- a/lib/libmd/md5.h +++ b/lib/libmd/md5.h @@ -1,4 +1,41 @@ +/* $FreeBSD$ */ + #ifndef _MD5_H_ #define _MD5_H_ + +#ifndef _KERNEL + +/* Ensure libmd symbols do not clash with libcrypto */ + +#ifndef MD5Init +#define MD5Init _libmd_MD5Init +#endif +#ifndef MD5Update +#define MD5Update _libmd_MD5Update +#endif +#ifndef MD5Pad +#define MD5Pad _libmd_MD5Pad +#endif +#ifndef MD5Final +#define MD5Final _libmd_MD5Final +#endif +#ifndef MD5Transform +#define MD5Transform _libmd_MD5Transform +#endif +#ifndef MD5End +#define MD5End _libmd_MD5End +#endif +#ifndef MD5File +#define MD5File _libmd_MD5File +#endif +#ifndef MD5FileChunk +#define MD5FileChunk _libmd_MD5FileChunk +#endif +#ifndef MD5Data +#define MD5Data _libmd_MD5Data +#endif + +#endif + #include <sys/md5.h> #endif /* _MD5_H_ */ diff --git a/lib/libmd/md5c.c b/lib/libmd/md5c.c index d097390..6b50464 100644 --- a/lib/libmd/md5c.c +++ b/lib/libmd/md5c.c @@ -39,7 +39,7 @@ __FBSDID("$FreeBSD$"); #include <machine/endian.h> #include <sys/endian.h> -#include <sys/md5.h> +#include "md5.h" static void MD5Transform(u_int32_t [4], const unsigned char [64]); @@ -335,3 +335,20 @@ MD5Transform (state, block) /* Zeroize sensitive information. */ memset ((void *)x, 0, sizeof (x)); } + +#ifdef WEAK_REFS +/* When building libmd, provide weak references. Note: this is not + activated in the context of compiling these sources for internal + use in libcrypt. + */ +#undef MD5Init +__weak_reference(_libmd_MD5Init, MD5Init); +#undef MD5Update +__weak_reference(_libmd_MD5Update, MD5Update); +#undef MD5Pad +__weak_reference(_libmd_MD5Pad, MD5Pad); +#undef MD5Final +__weak_reference(_libmd_MD5Final, MD5Final); +#undef MD5Transform +__weak_reference(_libmd_MD5Transform, MD5Transform); +#endif diff --git a/lib/libmd/mdXhl.c b/lib/libmd/mdXhl.c index 2954548..62be235 100644 --- a/lib/libmd/mdXhl.c +++ b/lib/libmd/mdXhl.c @@ -96,3 +96,18 @@ MDXData (const void *data, unsigned int len, char *buf) MDXUpdate(&ctx,data,len); return (MDXEnd(&ctx, buf)); } + +#ifdef WEAK_REFS +/* When building libmd, provide weak references. Note: this is not + activated in the context of compiling these sources for internal + use in libcrypt. + */ +#undef MDXEnd +__weak_reference(_libmd_MDXEnd, MDXEnd); +#undef MDXFile +__weak_reference(_libmd_MDXFile, MDXFile); +#undef MDXFileChunk +__weak_reference(_libmd_MDXFileChunk, MDXFileChunk); +#undef MDXData +__weak_reference(_libmd_MDXData, MDXData); +#endif diff --git a/lib/libmd/ripemd.h b/lib/libmd/ripemd.h index 2ff35cc..778808f 100644 --- a/lib/libmd/ripemd.h +++ b/lib/libmd/ripemd.h @@ -81,6 +81,41 @@ typedef struct RIPEMD160state_st { } RIPEMD160_CTX; __BEGIN_DECLS + +/* Ensure libmd symbols do not clash with libcrypto */ + +#ifndef RIPEMD160_Init +#define RIPEMD160_Init _libmd_RIPEMD160_Init +#endif +#ifndef RIPEMD160_Update +#define RIPEMD160_Update _libmd_RIPEMD160_Update +#endif +#ifndef RIPEMD160_Final +#define RIPEMD160_Final _libmd_RIPEMD160_Final +#endif +#ifndef RIPEMD160_End +#define RIPEMD160_End _libmd_RIPEMD160_End +#endif +#ifndef RIPEMD160_File +#define RIPEMD160_File _libmd_RIPEMD160_File +#endif +#ifndef RIPEMD160_FileChunk +#define RIPEMD160_FileChunk _libmd_RIPEMD160_FileChunk +#endif +#ifndef RIPEMD160_Data +#define RIPEMD160_Data _libmd_RIPEMD160_Data +#endif + +#ifndef RIPEMD160_Transform +#define RIPEMD160_Transform _libmd_RIPEMD160_Transform +#endif +#ifndef RMD160_version +#define RMD160_version _libmd_RMD160_version +#endif +#ifndef ripemd160_block +#define ripemd160_block _libmd_ripemd160_block +#endif + void RIPEMD160_Init(RIPEMD160_CTX *c); void RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, size_t len); diff --git a/lib/libmd/rmd160c.c b/lib/libmd/rmd160c.c index e01f1e0..5a3b783 100644 --- a/lib/libmd/rmd160c.c +++ b/lib/libmd/rmd160c.c @@ -545,3 +545,22 @@ unsigned long *l; } } #endif + +#ifdef WEAK_REFS +/* When building libmd, provide weak references. Note: this is not + activated in the context of compiling these sources for internal + use in libcrypt. + */ +#undef RIPEMD160_Init +__weak_reference(_libmd_RIPEMD160_Init, RIPEMD160_Init); +#undef RIPEMD160_Update +__weak_reference(_libmd_RIPEMD160_Update, RIPEMD160_Update); +#undef RIPEMD160_Final +__weak_reference(_libmd_RIPEMD160_Final, RIPEMD160_Final); +#undef RIPEMD160_Transform +__weak_reference(_libmd_RIPEMD160_Transform, RIPEMD160_Transform); +#undef RMD160_version +__weak_reference(_libmd_RMD160_version, RMD160_version); +#undef ripemd160_block +__weak_reference(_libmd_ripemd160_block, ripemd160_block); +#endif diff --git a/lib/libmd/sha.h b/lib/libmd/sha.h index 8a0b7c2..c608c5b 100644 --- a/lib/libmd/sha.h +++ b/lib/libmd/sha.h @@ -79,6 +79,73 @@ typedef struct SHAstate_st { #define SHA1_CTX SHA_CTX __BEGIN_DECLS + +/* Ensure libmd symbols do not clash with libcrypto */ + +#ifndef SHA_Init +#define SHA_Init _libmd_SHA_Init +#endif +#ifndef SHA_Update +#define SHA_Update _libmd_SHA_Update +#endif +#ifndef SHA_Final +#define SHA_Final _libmd_SHA_Final +#endif +#ifndef SHA_End +#define SHA_End _libmd_SHA_End +#endif +#ifndef SHA_File +#define SHA_File _libmd_SHA_File +#endif +#ifndef SHA_FileChunk +#define SHA_FileChunk _libmd_SHA_FileChunk +#endif +#ifndef SHA_Data +#define SHA_Data _libmd_SHA_Data +#endif + +#ifndef SHA_Transform +#define SHA_Transform _libmd_SHA_Transform +#endif +#ifndef SHA_version +#define SHA_version _libmd_SHA_version +#endif +#ifndef sha_block +#define sha_block _libmd_sha_block +#endif + +#ifndef SHA1_Init +#define SHA1_Init _libmd_SHA1_Init +#endif +#ifndef SHA1_Update +#define SHA1_Update _libmd_SHA1_Update +#endif +#ifndef SHA1_Final +#define SHA1_Final _libmd_SHA1_Final +#endif +#ifndef SHA1_End +#define SHA1_End _libmd_SHA1_End +#endif +#ifndef SHA1_File +#define SHA1_File _libmd_SHA1_File +#endif +#ifndef SHA1_FileChunk +#define SHA1_FileChunk _libmd_SHA1_FileChunk +#endif +#ifndef SHA1_Data +#define SHA1_Data _libmd_SHA1_Data +#endif + +#ifndef SHA1_Transform +#define SHA1_Transform _libmd_SHA1_Transform +#endif +#ifndef SHA1_version +#define SHA1_version _libmd_SHA1_version +#endif +#ifndef sha1_block +#define sha1_block _libmd_sha1_block +#endif + void SHA_Init(SHA_CTX *c); void SHA_Update(SHA_CTX *c, const void *data, size_t len); void SHA_Final(unsigned char *md, SHA_CTX *c); @@ -86,6 +153,7 @@ char *SHA_End(SHA_CTX *, char *); char *SHA_File(const char *, char *); char *SHA_FileChunk(const char *, char *, off_t, off_t); char *SHA_Data(const void *, unsigned int, char *); + void SHA1_Init(SHA_CTX *c); void SHA1_Update(SHA_CTX *c, const void *data, size_t len); void SHA1_Final(unsigned char *md, SHA_CTX *c); diff --git a/lib/libmd/sha1c.c b/lib/libmd/sha1c.c index ba3278a..93a4ff3 100644 --- a/lib/libmd/sha1c.c +++ b/lib/libmd/sha1c.c @@ -488,3 +488,33 @@ SHA_CTX *c; /* memset((char *)&c,0,sizeof(c));*/ } +#ifdef WEAK_REFS +/* When building libmd, provide weak references. Note: this is not + activated in the context of compiling these sources for internal + use in libcrypt. + */ +#undef SHA_Init +__weak_reference(_libmd_SHA_Init, SHA_Init); +#undef SHA_Update +__weak_reference(_libmd_SHA_Update, SHA_Update); +#undef SHA_Final +__weak_reference(_libmd_SHA_Final, SHA_Final); +#undef SHA_Transform +__weak_reference(_libmd_SHA_Transform, SHA_Transform); +#undef SHA_version +__weak_reference(_libmd_SHA_version, SHA_version); +#undef sha_block +__weak_reference(_libmd_sha_block, sha_block); +#undef SHA1_Init +__weak_reference(_libmd_SHA1_Init, SHA1_Init); +#undef SHA1_Update +__weak_reference(_libmd_SHA1_Update, SHA1_Update); +#undef SHA1_Final +__weak_reference(_libmd_SHA1_Final, SHA1_Final); +#undef SHA1_Transform +__weak_reference(_libmd_SHA1_Transform, SHA1_Transform); +#undef SHA1_version +__weak_reference(_libmd_SHA1_version, SHA1_version); +#undef sha1_block +__weak_reference(_libmd_sha1_block, sha1_block); +#endif diff --git a/lib/libmd/sha256.h b/lib/libmd/sha256.h deleted file mode 100644 index ce51787..0000000 --- a/lib/libmd/sha256.h +++ /dev/null @@ -1,50 +0,0 @@ -/*- - * Copyright 2005 Colin Percival - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#ifndef _SHA256_H_ -#define _SHA256_H_ - -#include <sys/types.h> - -typedef struct SHA256Context { - uint32_t state[8]; - uint32_t count[2]; - unsigned char buf[64]; -} SHA256_CTX; - -__BEGIN_DECLS -void SHA256_Init(SHA256_CTX *); -void SHA256_Update(SHA256_CTX *, const void *, size_t); -void SHA256_Final(unsigned char [32], SHA256_CTX *); -char *SHA256_End(SHA256_CTX *, char *); -char *SHA256_File(const char *, char *); -char *SHA256_FileChunk(const char *, char *, off_t, off_t); -char *SHA256_Data(const void *, unsigned int, char *); -__END_DECLS - -#endif /* !_SHA256_H_ */ diff --git a/lib/libmd/sha256c.c b/lib/libmd/sha256c.c deleted file mode 100644 index c95fd31..0000000 --- a/lib/libmd/sha256c.c +++ /dev/null @@ -1,300 +0,0 @@ -/*- - * Copyright 2005 Colin Percival - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include <sys/cdefs.h> -__FBSDID("$FreeBSD$"); - -#include <sys/endian.h> -#include <sys/types.h> - -#include <string.h> - -#include "sha256.h" - -#if BYTE_ORDER == BIG_ENDIAN - -/* Copy a vector of big-endian uint32_t into a vector of bytes */ -#define be32enc_vect(dst, src, len) \ - memcpy((void *)dst, (const void *)src, (size_t)len) - -/* Copy a vector of bytes into a vector of big-endian uint32_t */ -#define be32dec_vect(dst, src, len) \ - memcpy((void *)dst, (const void *)src, (size_t)len) - -#else /* BYTE_ORDER != BIG_ENDIAN */ - -/* - * Encode a length len/4 vector of (uint32_t) into a length len vector of - * (unsigned char) in big-endian form. Assumes len is a multiple of 4. - */ -static void -be32enc_vect(unsigned char *dst, const uint32_t *src, size_t len) -{ - size_t i; - - for (i = 0; i < len / 4; i++) - be32enc(dst + i * 4, src[i]); -} - -/* - * Decode a big-endian length len vector of (unsigned char) into a length - * len/4 vector of (uint32_t). Assumes len is a multiple of 4. - */ -static void -be32dec_vect(uint32_t *dst, const unsigned char *src, size_t len) -{ - size_t i; - - for (i = 0; i < len / 4; i++) - dst[i] = be32dec(src + i * 4); -} - -#endif /* BYTE_ORDER != BIG_ENDIAN */ - -/* Elementary functions used by SHA256 */ -#define Ch(x, y, z) ((x & (y ^ z)) ^ z) -#define Maj(x, y, z) ((x & (y | z)) | (y & z)) -#define SHR(x, n) (x >> n) -#define ROTR(x, n) ((x >> n) | (x << (32 - n))) -#define S0(x) (ROTR(x, 2) ^ ROTR(x, 13) ^ ROTR(x, 22)) -#define S1(x) (ROTR(x, 6) ^ ROTR(x, 11) ^ ROTR(x, 25)) -#define s0(x) (ROTR(x, 7) ^ ROTR(x, 18) ^ SHR(x, 3)) -#define s1(x) (ROTR(x, 17) ^ ROTR(x, 19) ^ SHR(x, 10)) - -/* SHA256 round function */ -#define RND(a, b, c, d, e, f, g, h, k) \ - t0 = h + S1(e) + Ch(e, f, g) + k; \ - t1 = S0(a) + Maj(a, b, c); \ - d += t0; \ - h = t0 + t1; - -/* Adjusted round function for rotating state */ -#define RNDr(S, W, i, k) \ - RND(S[(64 - i) % 8], S[(65 - i) % 8], \ - S[(66 - i) % 8], S[(67 - i) % 8], \ - S[(68 - i) % 8], S[(69 - i) % 8], \ - S[(70 - i) % 8], S[(71 - i) % 8], \ - W[i] + k) - -/* - * SHA256 block compression function. The 256-bit state is transformed via - * the 512-bit input block to produce a new state. - */ -static void -SHA256_Transform(uint32_t * state, const unsigned char block[64]) -{ - uint32_t W[64]; - uint32_t S[8]; - uint32_t t0, t1; - int i; - - /* 1. Prepare message schedule W. */ - be32dec_vect(W, block, 64); - for (i = 16; i < 64; i++) - W[i] = s1(W[i - 2]) + W[i - 7] + s0(W[i - 15]) + W[i - 16]; - - /* 2. Initialize working variables. */ - memcpy(S, state, 32); - - /* 3. Mix. */ - RNDr(S, W, 0, 0x428a2f98); - RNDr(S, W, 1, 0x71374491); - RNDr(S, W, 2, 0xb5c0fbcf); - RNDr(S, W, 3, 0xe9b5dba5); - RNDr(S, W, 4, 0x3956c25b); - RNDr(S, W, 5, 0x59f111f1); - RNDr(S, W, 6, 0x923f82a4); - RNDr(S, W, 7, 0xab1c5ed5); - RNDr(S, W, 8, 0xd807aa98); - RNDr(S, W, 9, 0x12835b01); - RNDr(S, W, 10, 0x243185be); - RNDr(S, W, 11, 0x550c7dc3); - RNDr(S, W, 12, 0x72be5d74); - RNDr(S, W, 13, 0x80deb1fe); - RNDr(S, W, 14, 0x9bdc06a7); - RNDr(S, W, 15, 0xc19bf174); - RNDr(S, W, 16, 0xe49b69c1); - RNDr(S, W, 17, 0xefbe4786); - RNDr(S, W, 18, 0x0fc19dc6); - RNDr(S, W, 19, 0x240ca1cc); - RNDr(S, W, 20, 0x2de92c6f); - RNDr(S, W, 21, 0x4a7484aa); - RNDr(S, W, 22, 0x5cb0a9dc); - RNDr(S, W, 23, 0x76f988da); - RNDr(S, W, 24, 0x983e5152); - RNDr(S, W, 25, 0xa831c66d); - RNDr(S, W, 26, 0xb00327c8); - RNDr(S, W, 27, 0xbf597fc7); - RNDr(S, W, 28, 0xc6e00bf3); - RNDr(S, W, 29, 0xd5a79147); - RNDr(S, W, 30, 0x06ca6351); - RNDr(S, W, 31, 0x14292967); - RNDr(S, W, 32, 0x27b70a85); - RNDr(S, W, 33, 0x2e1b2138); - RNDr(S, W, 34, 0x4d2c6dfc); - RNDr(S, W, 35, 0x53380d13); - RNDr(S, W, 36, 0x650a7354); - RNDr(S, W, 37, 0x766a0abb); - RNDr(S, W, 38, 0x81c2c92e); - RNDr(S, W, 39, 0x92722c85); - RNDr(S, W, 40, 0xa2bfe8a1); - RNDr(S, W, 41, 0xa81a664b); - RNDr(S, W, 42, 0xc24b8b70); - RNDr(S, W, 43, 0xc76c51a3); - RNDr(S, W, 44, 0xd192e819); - RNDr(S, W, 45, 0xd6990624); - RNDr(S, W, 46, 0xf40e3585); - RNDr(S, W, 47, 0x106aa070); - RNDr(S, W, 48, 0x19a4c116); - RNDr(S, W, 49, 0x1e376c08); - RNDr(S, W, 50, 0x2748774c); - RNDr(S, W, 51, 0x34b0bcb5); - RNDr(S, W, 52, 0x391c0cb3); - RNDr(S, W, 53, 0x4ed8aa4a); - RNDr(S, W, 54, 0x5b9cca4f); - RNDr(S, W, 55, 0x682e6ff3); - RNDr(S, W, 56, 0x748f82ee); - RNDr(S, W, 57, 0x78a5636f); - RNDr(S, W, 58, 0x84c87814); - RNDr(S, W, 59, 0x8cc70208); - RNDr(S, W, 60, 0x90befffa); - RNDr(S, W, 61, 0xa4506ceb); - RNDr(S, W, 62, 0xbef9a3f7); - RNDr(S, W, 63, 0xc67178f2); - - /* 4. Mix local working variables into global state */ - for (i = 0; i < 8; i++) - state[i] += S[i]; -} - -static unsigned char PAD[64] = { - 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 -}; - -/* Add padding and terminating bit-count. */ -static void -SHA256_Pad(SHA256_CTX * ctx) -{ - unsigned char len[8]; - uint32_t r, plen; - - /* - * Convert length to a vector of bytes -- we do this now rather - * than later because the length will change after we pad. - */ - be32enc_vect(len, ctx->count, 8); - - /* Add 1--64 bytes so that the resulting length is 56 mod 64 */ - r = (ctx->count[1] >> 3) & 0x3f; - plen = (r < 56) ? (56 - r) : (120 - r); - SHA256_Update(ctx, PAD, (size_t)plen); - - /* Add the terminating bit-count */ - SHA256_Update(ctx, len, 8); -} - -/* SHA-256 initialization. Begins a SHA-256 operation. */ -void -SHA256_Init(SHA256_CTX * ctx) -{ - - /* Zero bits processed so far */ - ctx->count[0] = ctx->count[1] = 0; - - /* Magic initialization constants */ - ctx->state[0] = 0x6A09E667; - ctx->state[1] = 0xBB67AE85; - ctx->state[2] = 0x3C6EF372; - ctx->state[3] = 0xA54FF53A; - ctx->state[4] = 0x510E527F; - ctx->state[5] = 0x9B05688C; - ctx->state[6] = 0x1F83D9AB; - ctx->state[7] = 0x5BE0CD19; -} - -/* Add bytes into the hash */ -void -SHA256_Update(SHA256_CTX * ctx, const void *in, size_t len) -{ - uint32_t bitlen[2]; - uint32_t r; - const unsigned char *src = in; - - /* Number of bytes left in the buffer from previous updates */ - r = (ctx->count[1] >> 3) & 0x3f; - - /* Convert the length into a number of bits */ - bitlen[1] = ((uint32_t)len) << 3; - bitlen[0] = (uint32_t)(len >> 29); - - /* Update number of bits */ - if ((ctx->count[1] += bitlen[1]) < bitlen[1]) - ctx->count[0]++; - ctx->count[0] += bitlen[0]; - - /* Handle the case where we don't need to perform any transforms */ - if (len < 64 - r) { - memcpy(&ctx->buf[r], src, len); - return; - } - - /* Finish the current block */ - memcpy(&ctx->buf[r], src, 64 - r); - SHA256_Transform(ctx->state, ctx->buf); - src += 64 - r; - len -= 64 - r; - - /* Perform complete blocks */ - while (len >= 64) { - SHA256_Transform(ctx->state, src); - src += 64; - len -= 64; - } - - /* Copy left over data into buffer */ - memcpy(ctx->buf, src, len); -} - -/* - * SHA-256 finalization. Pads the input data, exports the hash value, - * and clears the context state. - */ -void -SHA256_Final(unsigned char digest[32], SHA256_CTX * ctx) -{ - - /* Add padding */ - SHA256_Pad(ctx); - - /* Write the hash */ - be32enc_vect(digest, ctx->state, 32); - - /* Clear the context state */ - memset((void *)ctx, 0, sizeof(*ctx)); -} diff --git a/lib/libmd/sha512.h b/lib/libmd/sha512.h index 8998f4c..b034ca5 100644 --- a/lib/libmd/sha512.h +++ b/lib/libmd/sha512.h @@ -38,6 +38,38 @@ typedef struct SHA512Context { } SHA512_CTX; __BEGIN_DECLS + +/* Ensure libmd symbols do not clash with libcrypto */ + +#ifndef SHA512_Init +#define SHA512_Init _libmd_SHA512_Init +#endif +#ifndef SHA512_Update +#define SHA512_Update _libmd_SHA512_Update +#endif +#ifndef SHA512_Final +#define SHA512_Final _libmd_SHA512_Final +#endif +#ifndef SHA512_End +#define SHA512_End _libmd_SHA512_End +#endif +#ifndef SHA512_File +#define SHA512_File _libmd_SHA512_File +#endif +#ifndef SHA512_FileChunk +#define SHA512_FileChunk _libmd_SHA512_FileChunk +#endif +#ifndef SHA512_Data +#define SHA512_Data _libmd_SHA512_Data +#endif + +#ifndef SHA512_Transform +#define SHA512_Transform _libmd_SHA512_Transform +#endif +#ifndef SHA512_version +#define SHA512_version _libmd_SHA512_version +#endif + void SHA512_Init(SHA512_CTX *); void SHA512_Update(SHA512_CTX *, const void *, size_t); void SHA512_Final(unsigned char [64], SHA512_CTX *); diff --git a/lib/libmd/sha512c.c b/lib/libmd/sha512c.c index c2a93be..e5e52a8 100644 --- a/lib/libmd/sha512c.c +++ b/lib/libmd/sha512c.c @@ -318,3 +318,18 @@ SHA512_Final(unsigned char digest[64], SHA512_CTX * ctx) /* Clear the context state */ memset((void *)ctx, 0, sizeof(*ctx)); } + +#ifdef WEAK_REFS +/* When building libmd, provide weak references. Note: this is not + activated in the context of compiling these sources for internal + use in libcrypt. + */ +#undef SHA512_Init +__weak_reference(_libmd_SHA512_Init, SHA512_Init); +#undef SHA512_Update +__weak_reference(_libmd_SHA512_Update, SHA512_Update); +#undef SHA512_Final +__weak_reference(_libmd_SHA512_Final, SHA512_Final); +#undef SHA512_Transform +__weak_reference(_libmd_SHA512_Transform, SHA512_Transform); +#endif diff --git a/lib/libmd/shadriver.c b/lib/libmd/shadriver.c index adaf684..29a3cf0 100644 --- a/lib/libmd/shadriver.c +++ b/lib/libmd/shadriver.c @@ -31,10 +31,13 @@ __FBSDID("$FreeBSD$"); #endif #if SHA == 1 +#undef SHA_Data #define SHA_Data SHA1_Data #elif SHA == 256 +#undef SHA_Data #define SHA_Data SHA256_Data #elif SHA == 512 +#undef SHA_Data #define SHA_Data SHA512_Data #endif |