From 62cedd908a624bdacbdd0154d0cf129e694cb27a Mon Sep 17 00:00:00 2001 From: obrien Date: Sat, 28 Apr 2012 02:48:51 +0000 Subject: Remove the RFC 1319 MD2 Message-Digest Algorithm routines from libmd. 1. The licensing terms for the MD2 routines from RFC is not under a BSD-like license. Instead it is only granted for non-commercial Internet Privacy-Enhanced Mail. 2. MD2 is quite deprecated as it is no longer considered a cryptographically strong algorithm. Discussed with: so (cperciva), core --- lib/libmd/Makefile | 29 ++----- lib/libmd/md2.copyright | 17 ---- lib/libmd/md2.h | 46 ----------- lib/libmd/md2c.c | 211 ------------------------------------------------ lib/libmd/mdX.3 | 12 +-- 5 files changed, 6 insertions(+), 309 deletions(-) delete mode 100644 lib/libmd/md2.copyright delete mode 100644 lib/libmd/md2.h delete mode 100644 lib/libmd/md2c.c (limited to 'lib/libmd') diff --git a/lib/libmd/Makefile b/lib/libmd/Makefile index 534e8b3..d0fe705 100644 --- a/lib/libmd/Makefile +++ b/lib/libmd/Makefile @@ -1,20 +1,18 @@ # $FreeBSD$ LIB= md +SHLIB_MAJOR= 6 SHLIBDIR?= /lib -SRCS= md2c.c md4c.c md5c.c md2hl.c md4hl.c md5hl.c \ +SRCS= md4c.c md5c.c md4hl.c md5hl.c \ rmd160c.c rmd160hl.c \ sha0c.c sha0hl.c sha1c.c sha1hl.c \ sha256c.c sha256hl.c \ sha512c.c sha512hl.c -INCS= md2.h md4.h md5.h ripemd.h sha.h sha256.h sha512.h +INCS= md4.h md5.h ripemd.h sha.h sha256.h sha512.h WARNS?= 0 -MAN+= md2.3 md4.3 md5.3 ripemd.3 sha.3 sha256.3 sha512.3 -MLINKS+=md2.3 MD2Init.3 md2.3 MD2Update.3 md2.3 MD2Final.3 -MLINKS+=md2.3 MD2End.3 md2.3 MD2File.3 md2.3 MD2FileChunk.3 -MLINKS+=md2.3 MD2Data.3 +MAN+= md4.3 md5.3 ripemd.3 sha.3 sha256.3 sha512.3 MLINKS+=md4.3 MD4Init.3 md4.3 MD4Update.3 md4.3 MD4Final.3 MLINKS+=md4.3 MD4End.3 md4.3 MD4File.3 md4.3 MD4FileChunk.3 MLINKS+=md4.3 MD4Data.3 @@ -59,10 +57,6 @@ CFLAGS+= -DRMD160_ASM ACFLAGS+= -DELF -Wa,--noexecstack .endif -md2hl.c: mdXhl.c - (echo '#define LENGTH 16'; \ - sed -e 's/mdX/md2/g' -e 's/MDX/MD2/g' ${.ALLSRC}) > ${.TARGET} - md4hl.c: mdXhl.c (echo '#define LENGTH 16'; \ sed -e 's/mdX/md4/g' -e 's/MDX/MD4/g' ${.ALLSRC}) > ${.TARGET} @@ -105,16 +99,6 @@ md${i}.3: ${.CURDIR}/mdX.3 cat ${.CURDIR}/md${i}.copyright >> ${.TARGET} .endfor -md2.ref: - echo 'MD2 test suite:' > ${.TARGET} - @echo 'MD2 ("") = 8350e5a3e24c153df2275c9f80692773' >> ${.TARGET} - @echo 'MD2 ("a") = 32ec01ec4a6dac72c0ab96fb34c0b5d1' >> ${.TARGET} - @echo 'MD2 ("abc") = da853b0d3f88d99b30283a69e6ded6bb' >> ${.TARGET} - @echo 'MD2 ("message digest") = ab4f496bfb2a530b219ff33031fe06b0' >> ${.TARGET} - @echo 'MD2 ("abcdefghijklmnopqrstuvwxyz") = 4e8ddff3650292ab5a4108c3aa47940b' >> ${.TARGET} - @echo 'MD2 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") = da33def2a42df13975352846c30338cd' >> ${.TARGET} - @echo 'MD2 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") = d5976f79d83d3a0dc9806c3c66f3efd8' >> ${.TARGET} - md4.ref: echo 'MD4 test suite:' > ${.TARGET} @echo 'MD4 ("") = 31d6cfe0d16ae931b73c59d7e0c089c0' >> ${.TARGET} @@ -205,12 +189,9 @@ rmd160.ref: @echo 'RIPEMD160 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \ '9b752e45573d4b39f4dbd3323cab82bf63326bfb' >> ${.TARGET} -test: md2.ref md4.ref md5.ref sha0.ref rmd160.ref sha1.ref sha256.ref sha512.ref +test: md4.ref md5.ref sha0.ref rmd160.ref sha1.ref sha256.ref sha512.ref @${ECHO} if any of these test fail, the code produces wrong results @${ECHO} and should NOT be used. - ${CC} ${CFLAGS} ${LDFLAGS} -DMD=2 -o mddriver ${.CURDIR}/mddriver.c ./libmd.a - ./mddriver | cmp md2.ref - - @${ECHO} MD2 passed test ${CC} ${CFLAGS} ${LDFLAGS} -DMD=4 -o mddriver ${.CURDIR}/mddriver.c libmd.a ./mddriver | cmp md4.ref - @${ECHO} MD4 passed test diff --git a/lib/libmd/md2.copyright b/lib/libmd/md2.copyright deleted file mode 100644 index acef7ba..0000000 --- a/lib/libmd/md2.copyright +++ /dev/null @@ -1,17 +0,0 @@ -.\" $FreeBSD$ -Copyright (C) 1990-2, RSA Data Security, Inc. Created 1990. All -rights reserved. -.Pp -License to copy and use this software is granted for -non-commercial Internet Privacy-Enhanced Mail provided that it is -identified as the "RSA Data Security, Inc. MD2 Message Digest -Algorithm" in all material mentioning or referencing this software -or this function. -.Pp -RSA Data Security, Inc. makes no representations concerning either -the merchantability of this software or the suitability of this -software for any particular purpose. It is provided "as is" -without express or implied warranty of any kind. -.Pp -These notices must be retained in any copies of any part of this -documentation and/or software. diff --git a/lib/libmd/md2.h b/lib/libmd/md2.h deleted file mode 100644 index f0229f5..0000000 --- a/lib/libmd/md2.h +++ /dev/null @@ -1,46 +0,0 @@ -/* MD2.H - header file for MD2C.C - * $FreeBSD$ - */ - -/* Copyright (C) 1990-2, RSA Data Security, Inc. Created 1990. All - rights reserved. - - License to copy and use this software is granted for - non-commercial Internet Privacy-Enhanced Mail provided that it is - identified as the "RSA Data Security, Inc. MD2 Message Digest - Algorithm" in all material mentioning or referencing this software - or this function. - - RSA Data Security, Inc. makes no representations concerning either - the merchantability of this software or the suitability of this - software for any particular purpose. It is provided "as is" - without express or implied warranty of any kind. - - These notices must be retained in any copies of any part of this - documentation and/or software. - */ - -#ifndef _MD2_H_ -#define _MD2_H_ - -typedef struct MD2Context { - unsigned char state[16]; /* state */ - unsigned char checksum[16]; /* checksum */ - unsigned int count; /* number of bytes, modulo 16 */ - unsigned char buffer[16]; /* input buffer */ -} MD2_CTX; - -#include - -__BEGIN_DECLS -void MD2Init(MD2_CTX *); -void MD2Update(MD2_CTX *, const void *, unsigned int); -void MD2Pad(MD2_CTX *); -void MD2Final(unsigned char [16], MD2_CTX *); -char * MD2End(MD2_CTX *, char *); -char * MD2File(const char *, char *); -char * MD2FileChunk(const char *, char *, off_t, off_t); -char * MD2Data(const void *, unsigned int, char *); -__END_DECLS - -#endif /* _MD2_H_ */ diff --git a/lib/libmd/md2c.c b/lib/libmd/md2c.c deleted file mode 100644 index 4799457..0000000 --- a/lib/libmd/md2c.c +++ /dev/null @@ -1,211 +0,0 @@ -/* MD2C.C - RSA Data Security, Inc., MD2 message-digest algorithm - */ - -#include -__FBSDID("$FreeBSD$"); - -/* Copyright (C) 1990-2, RSA Data Security, Inc. Created 1990. All - rights reserved. - - License to copy and use this software is granted for - non-commercial Internet Privacy-Enhanced Mail provided that it is - identified as the "RSA Data Security, Inc. MD2 Message Digest - Algorithm" in all material mentioning or referencing this software - or this function. - - RSA Data Security, Inc. makes no representations concerning either - the merchantability of this software or the suitability of this - software for any particular purpose. It is provided "as is" - without express or implied warranty of any kind. - - These notices must be retained in any copies of any part of this - documentation and/or software. - */ - -#include -#include -#include "md2.h" - - -typedef unsigned char *POINTER; -typedef u_int16_t UINT2; -typedef u_int32_t UINT4; - -#define PROTO_LIST(list) list - -static void MD2Transform PROTO_LIST - ((unsigned char [16], unsigned char [16], const unsigned char [16])); - -/* Permutation of 0..255 constructed from the digits of pi. It gives a - "random" nonlinear byte substitution operation. - */ -static unsigned char PI_SUBST[256] = { - 41, 46, 67, 201, 162, 216, 124, 1, 61, 54, 84, 161, 236, 240, 6, - 19, 98, 167, 5, 243, 192, 199, 115, 140, 152, 147, 43, 217, 188, - 76, 130, 202, 30, 155, 87, 60, 253, 212, 224, 22, 103, 66, 111, 24, - 138, 23, 229, 18, 190, 78, 196, 214, 218, 158, 222, 73, 160, 251, - 245, 142, 187, 47, 238, 122, 169, 104, 121, 145, 21, 178, 7, 63, - 148, 194, 16, 137, 11, 34, 95, 33, 128, 127, 93, 154, 90, 144, 50, - 39, 53, 62, 204, 231, 191, 247, 151, 3, 255, 25, 48, 179, 72, 165, - 181, 209, 215, 94, 146, 42, 172, 86, 170, 198, 79, 184, 56, 210, - 150, 164, 125, 182, 118, 252, 107, 226, 156, 116, 4, 241, 69, 157, - 112, 89, 100, 113, 135, 32, 134, 91, 207, 101, 230, 45, 168, 2, 27, - 96, 37, 173, 174, 176, 185, 246, 28, 70, 97, 105, 52, 64, 126, 15, - 85, 71, 163, 35, 221, 81, 175, 58, 195, 92, 249, 206, 186, 197, - 234, 38, 44, 83, 13, 110, 133, 40, 132, 9, 211, 223, 205, 244, 65, - 129, 77, 82, 106, 220, 55, 200, 108, 193, 171, 250, 36, 225, 123, - 8, 12, 189, 177, 74, 120, 136, 149, 139, 227, 99, 232, 109, 233, - 203, 213, 254, 59, 0, 29, 57, 242, 239, 183, 14, 102, 88, 208, 228, - 166, 119, 114, 248, 235, 117, 75, 10, 49, 68, 80, 180, 143, 237, - 31, 26, 219, 153, 141, 51, 159, 17, 131, 20 -}; - -static unsigned char *PADDING[] = { - (unsigned char *)"", - (unsigned char *)"\001", - (unsigned char *)"\002\002", - (unsigned char *)"\003\003\003", - (unsigned char *)"\004\004\004\004", - (unsigned char *)"\005\005\005\005\005", - (unsigned char *)"\006\006\006\006\006\006", - (unsigned char *)"\007\007\007\007\007\007\007", - (unsigned char *)"\010\010\010\010\010\010\010\010", - (unsigned char *)"\011\011\011\011\011\011\011\011\011", - (unsigned char *)"\012\012\012\012\012\012\012\012\012\012", - (unsigned char *)"\013\013\013\013\013\013\013\013\013\013\013", - (unsigned char *)"\014\014\014\014\014\014\014\014\014\014\014\014", - (unsigned char *) - "\015\015\015\015\015\015\015\015\015\015\015\015\015", - (unsigned char *) - "\016\016\016\016\016\016\016\016\016\016\016\016\016\016", - (unsigned char *) - "\017\017\017\017\017\017\017\017\017\017\017\017\017\017\017", - (unsigned char *) - "\020\020\020\020\020\020\020\020\020\020\020\020\020\020\020\020" -}; - -/* MD2 initialization. Begins an MD2 operation, writing a new context. - */ -void MD2Init (context) -MD2_CTX *context; /* context */ -{ - context->count = 0; - memset ((POINTER)context->state, 0, sizeof (context->state)); - memset - ((POINTER)context->checksum, 0, sizeof (context->checksum)); -} - -/* MD2 block update operation. Continues an MD2 message-digest - operation, processing another message block, and updating the - context. - */ -void MD2Update (context, in, inputLen) -MD2_CTX *context; /* context */ -const void *in; /* input block */ -unsigned int inputLen; /* length of input block */ -{ - unsigned int i, idx, partLen; - const unsigned char *input = in; - - /* Update number of bytes mod 16 */ - idx = context->count; - context->count = (idx + inputLen) & 0xf; - - partLen = 16 - idx; - - /* Transform as many times as possible. - */ - if (inputLen >= partLen) { - memcpy - ((POINTER)&context->buffer[idx], (POINTER)input, partLen); - MD2Transform (context->state, context->checksum, context->buffer); - - for (i = partLen; i + 15 < inputLen; i += 16) - MD2Transform (context->state, context->checksum, &input[i]); - - idx = 0; - } - else - i = 0; - - /* Buffer remaining input */ - memcpy - ((POINTER)&context->buffer[idx], (POINTER)&input[i], - inputLen-i); -} - -/* MD2 padding. - */ -void MD2Pad (context) -MD2_CTX *context; /* context */ -{ - unsigned int idx, padLen; - - /* Pad out to multiple of 16. - */ - idx = context->count; - padLen = 16 - idx; - MD2Update (context, PADDING[padLen], padLen); - - /* Extend with checksum */ - MD2Update (context, context->checksum, 16); -} - -/* MD2 finalization. Ends an MD2 message-digest operation, writing the - message digest and zeroizing the context. - */ -void MD2Final (digest, context) -unsigned char digest[16]; /* message digest */ -MD2_CTX *context; /* context */ -{ - /* Do padding */ - MD2Pad (context); - - /* Store state in digest */ - memcpy ((POINTER)digest, (POINTER)context->state, 16); - - /* Zeroize sensitive information. - */ - memset ((POINTER)context, 0, sizeof (*context)); -} - -/* MD2 basic transformation. Transforms state and updates checksum - based on block. - */ -static void MD2Transform (state, checksum, block) -unsigned char state[16]; -unsigned char checksum[16]; -const unsigned char block[16]; -{ - unsigned int i, j, t; - unsigned char x[48]; - - /* Form encryption block from state, block, state ^ block. - */ - memcpy ((POINTER)x, (POINTER)state, 16); - memcpy ((POINTER)x+16, (POINTER)block, 16); - for (i = 0; i < 16; i++) - x[i+32] = state[i] ^ block[i]; - - /* Encrypt block (18 rounds). - */ - t = 0; - for (i = 0; i < 18; i++) { - for (j = 0; j < 48; j++) - t = x[j] ^= PI_SUBST[t]; - t = (t + i) & 0xff; - } - - /* Save new state */ - memcpy ((POINTER)state, (POINTER)x, 16); - - /* Update checksum. - */ - t = checksum[15]; - for (i = 0; i < 16; i++) - t = checksum[i] ^= PI_SUBST[block[i] ^ t]; - - /* Zeroize sensitive information. - */ - memset ((POINTER)x, 0, sizeof (x)); -} diff --git a/lib/libmd/mdX.3 b/lib/libmd/mdX.3 index 03f50f1..223e2ef 100644 --- a/lib/libmd/mdX.3 +++ b/lib/libmd/mdX.3 @@ -52,8 +52,7 @@ This net result is a .Dq fingerprint of the input-data, which does not disclose the actual input. .Pp -MD2 is the slowest, MD4 is the fastest and MD5 is somewhere in the middle. -MD2 can only be used for Privacy-Enhanced Mail. +MD4 is the fastest and MD5 is somewhat slower. MD4 has now been broken; it should only be used where necessary for backward compatibility. MD5 has not yet (1999-02-11) been broken, but sufficient attacks have been @@ -144,16 +143,10 @@ If the .Fa buf argument is non-null it must point to at least 33 characters of buffer space. .Sh SEE ALSO -.Xr md2 3 , .Xr md4 3 , .Xr md5 3 , .Xr sha 3 .Rs -.%A B. Kaliski -.%T The MD2 Message-Digest Algorithm -.%O RFC 1319 -.Re -.Rs .%A R. Rivest .%T The MD4 Message-Digest Algorithm .%O RFC 1186 @@ -192,6 +185,3 @@ Phk ristede runen. No method is known to exist which finds two files having the same hash value, nor to find a file with a specific hash value. There is on the other hand no guarantee that such a method does not exist. -.Pp -MD2 has only been licensed for use in Privacy Enhanced Mail. -Use MD4 or MD5 if that is not what you are doing. -- cgit v1.1