Re: Default password hash

[Dag-Erling Smørgrav]

The attached patch backports support for sha256 and sha512 hashes to
stable/7.  It is not an exact MFH because the sha code in head uses
stpncpy(), which is not present in stable/7's libc.

DES
-- 
Dag-Erling Smørgrav - d...@des.no


Index: lib/libcrypt
===================================================================
--- lib/libcrypt	(revision 236892)
+++ lib/libcrypt	(working copy)

Property changes on: lib/libcrypt
___________________________________________________________________
Added: svn:mergeinfo
   Merged /head/gnu/libcrypt:r183242
   Merged /head/lib/libcrypt:r179308,183242,213738,213814,213903,216591,220497-220498,221142,221471,227006,234132
Index: lib/libcrypt/crypt.c
===================================================================
--- lib/libcrypt/crypt.c	(revision 236892)
+++ lib/libcrypt/crypt.c	(working copy)
@@ -63,6 +63,16 @@
 		"$3$"
 	},
 	{
+		"sha256",
+		crypt_sha256,
+		"$5$"
+	},
+	{
+		"sha512",
+		crypt_sha512,
+		"$6$"
+	},
+	{
 		NULL,
 		NULL,
 		NULL
Index: lib/libcrypt/crypt-sha512.c
===================================================================
--- lib/libcrypt/crypt-sha512.c	(working copy)
+++ lib/libcrypt/crypt-sha512.c	(working copy)
@@ -60,7 +60,7 @@
 #define ROUNDS_MAX 999999999
 
 static char *
-sha512_crypt_r(const char *key, const char *salt, char *buffer, int buflen)
+crypt_sha512_r(const char *key, const char *salt, char *buffer, int buflen)
 {
 	u_long srounds;
 	int n;
@@ -210,7 +210,9 @@
 
 	/* Now we can construct the result string. It consists of three
 	 * parts. */
-	cp = stpncpy(buffer, sha512_salt_prefix, MAX(0, buflen));
+	cp = buffer;
+	strncpy(buffer, sha512_salt_prefix, MAX(0, buflen));
+	cp += sizeof(sha512_salt_prefix) - 1;
 	buflen -= sizeof(sha512_salt_prefix) - 1;
 
 	if (rounds_custom) {
@@ -221,7 +223,8 @@
 		buflen -= n;
 	}
 
-	cp = stpncpy(cp, salt, MIN((size_t)MAX(0, buflen), salt_len));
+	strncpy(cp, salt, MIN((size_t)MAX(0, buflen), salt_len));
+	cp += MIN((size_t)MAX(0, buflen), salt_len);
 	buflen -= MIN((size_t)MAX(0, buflen), salt_len);
 
 	if (buflen > 0) {
@@ -280,12 +283,12 @@
 
 /* This entry point is equivalent to crypt(3). */
 char *
-sha512_crypt(const char *key, const char *salt)
+crypt_sha512(const char *key, const char *salt)
 {
 	/* We don't want to have an arbitrary limit in the size of the
 	 * password. We can compute an upper bound for the size of the
 	 * result in advance and so we can prepare the buffer we pass to
-	 * `sha512_crypt_r'. */
+	 * `crypt_sha512_r'. */
 	static char *buffer;
 	static int buflen;
 	int needed;
@@ -305,7 +308,7 @@
 		buflen = needed;
 	}
 
-	return sha512_crypt_r(key, salt, buffer, buflen);
+	return crypt_sha512_r(key, salt, buffer, buflen);
 }
 
 #ifdef TEST
@@ -482,7 +485,7 @@
 	}
 
 	for (cnt = 0; cnt < ntests2; ++cnt) {
-		char *cp = sha512_crypt(tests2[cnt].input, tests2[cnt].salt);
+		char *cp = crypt_sha512(tests2[cnt].input, tests2[cnt].salt);
 
 		if (strcmp(cp, tests2[cnt].expected) != 0) {
 			printf("test %d: expected \"%s\", got \"%s\"\n",
Index: lib/libcrypt/crypt.h
===================================================================
--- lib/libcrypt/crypt.h	(revision 236892)
+++ lib/libcrypt/crypt.h	(working copy)
@@ -36,5 +36,8 @@
 char *crypt_md5(const char *pw, const char *salt);
 char *crypt_nthash(const char *pw, const char *salt);
 char *crypt_blowfish(const char *pw, const char *salt);
+char *crypt_sha256 (const char *pw, const char *salt);
+char *crypt_sha512 (const char *pw, const char *salt);
 
 extern void _crypt_to64(char *s, u_long v, int n);
+extern void b64_from_24bit(uint8_t B2, uint8_t B1, uint8_t B0, int n, int *buflen, char **cp);
Index: lib/libcrypt/crypt-sha256.c
===================================================================
--- lib/libcrypt/crypt-sha256.c	(working copy)
+++ lib/libcrypt/crypt-sha256.c	(working copy)
@@ -60,7 +60,7 @@
 #define ROUNDS_MAX 999999999
 
 static char *
-sha256_crypt_r(const char *key, const char *salt, char *buffer, int buflen)
+crypt_sha256_r(const char *key, const char *salt, char *buffer, int buflen)
 {
 	u_long srounds;
 	int n;
@@ -210,7 +210,9 @@
 
 	/* Now we can construct the result string. It consists of three
 	 * parts. */
-	cp = stpncpy(buffer, sha256_salt_prefix, MAX(0, buflen));
+	cp = buffer;
+	strncpy(buffer, sha256_salt_prefix, MAX(0, buflen));
+	cp += sizeof(sha256_salt_prefix) - 1;
 	buflen -= sizeof(sha256_salt_prefix) - 1;
 
 	if (rounds_custom) {
@@ -221,7 +223,8 @@
 		buflen -= n;
 	}
 
-	cp = stpncpy(cp, salt, MIN((size_t)MAX(0, buflen), salt_len));
+	strncpy(cp, salt, MIN((size_t)MAX(0, buflen), salt_len));
+	cp += MIN((size_t)MAX(0, buflen), salt_len);
 	buflen -= MIN((size_t)MAX(0, buflen), salt_len);
 
 	if (buflen > 0) {
@@ -268,12 +271,12 @@
 
 /* This entry point is equivalent to crypt(3). */
 char *
-sha256_crypt(const char *key, const char *salt)
+crypt_sha256(const char *key, const char *salt)
 {
 	/* We don't want to have an arbitrary limit in the size of the
 	 * password. We can compute an upper bound for the size of the
 	 * result in advance and so we can prepare the buffer we pass to
-	 * `sha256_crypt_r'. */
+	 * `crypt_sha256_r'. */
 	static char *buffer;
 	static int buflen;
 	int needed;
@@ -293,7 +296,7 @@
 		buflen = needed;
 	}
 
-	return sha256_crypt_r(key, salt, buffer, buflen);
+	return crypt_sha256_r(key, salt, buffer, buflen);
 }
 
 #ifdef TEST
@@ -459,7 +462,7 @@
 	}
 
 	for (cnt = 0; cnt < ntests2; ++cnt) {
-		char *cp = sha256_crypt(tests2[cnt].input, tests2[cnt].salt);
+		char *cp = crypt_sha256(tests2[cnt].input, tests2[cnt].salt);
 
 		if (strcmp(cp, tests2[cnt].expected) != 0) {
 			printf("test %d: expected \"%s\", got \"%s\"\n",
Index: lib/libcrypt/crypt.3
===================================================================
--- lib/libcrypt/crypt.3	(revision 236892)
+++ lib/libcrypt/crypt.3	(working copy)
@@ -29,7 +29,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd January 19, 1997
+.Dd April 9, 2011
 .Dt CRYPT 3
 .Os
 .Sh NAME
@@ -188,6 +188,12 @@
 Blowfish
 .It
 NT-Hash
+.It
+(unused)
+.It
+SHA-256
+.It
+SHA-512
 .El
 .Pp
 Other crypt formats may be easily added.
@@ -226,7 +232,9 @@
 .\"
 .Ql des ,
 .Ql blf ,
-.Ql md5
+.Ql md5 ,
+.Ql sha256 ,
+.Ql sha512
 and
 .Ql nth .
 .Pp
Index: lib/libcrypt/misc.c
===================================================================
--- lib/libcrypt/misc.c	(revision 236892)
+++ lib/libcrypt/misc.c	(working copy)
@@ -45,3 +45,19 @@
 		v >>= 6;
 	}
 }
+
+void
+b64_from_24bit(uint8_t B2, uint8_t B1, uint8_t B0, int n, int *buflen, char **cp)
+{
+	uint32_t w;
+	int i;
+
+	w = (B2 << 16) | (B1 << 8) | B0;
+	for (i = 0; i < n; i++) {
+		**cp = itoa64[w&0x3f];
+		(*cp)++;
+		if ((*buflen)-- < 0)
+			break;
+		w >>= 6;
+	}
+}
Index: lib/libcrypt/Makefile
===================================================================
--- lib/libcrypt/Makefile	(revision 236892)
+++ lib/libcrypt/Makefile	(working copy)
@@ -12,7 +12,9 @@
 .PATH:		${.CURDIR}/../libmd
 SRCS=		crypt.c misc.c \
 		crypt-md5.c md5c.c \
-		crypt-nthash.c md4c.c
+		crypt-nthash.c md4c.c \
+		crypt-sha256.c sha256c.c \
+		crypt-sha512.c sha512c.c
 MAN=		crypt.3
 MLINKS=		crypt.3 crypt_get_format.3 crypt.3 crypt_set_format.3
 CFLAGS+=	-I${.CURDIR}/../libmd -I${.CURDIR}/../libutil
@@ -29,7 +31,9 @@
 SRCS+=		auth.c property.c
 .for sym in auth_getval property_find properties_read properties_free \
 	    MD4Init MD4Final MD4Update MD4Pad \
-	    MD5Init MD5Final MD5Update MD5Pad
+	    MD5Init MD5Final MD5Update MD5Pad \
+	    SHA256_Init SHA256_Final SHA256_Update \
+	    SHA512_Init SHA512_Final SHA512_Update
 CFLAGS+=	-D${sym}=__${sym}
 .endfor
 
Index: lib/libmd
===================================================================
--- lib/libmd	(revision 236892)
+++ lib/libmd	(working copy)

Property changes on: lib/libmd
___________________________________________________________________
Added: svn:mergeinfo
   Merged /head/gnu/libmd:r183242
   Merged /head/lib/libmd:r179308,183242,213738,213814,213903,216591,220496,223582,227006
Index: lib/libmd/sha512.3
===================================================================
--- lib/libmd/sha512.3	(working copy)
+++ lib/libmd/sha512.3	(working copy)
@@ -127,7 +127,7 @@
 .Xr sha 3
 .Sh HISTORY
 These functions appeared in
-.Fx 4.0 .
+.Fx 9.0 .
 .Sh AUTHORS
 The core hash routines were implemented by Colin Percival based on
 the published
Index: lib/libmd/sha256.3
===================================================================
--- lib/libmd/sha256.3	(revision 236892)
+++ lib/libmd/sha256.3	(working copy)
@@ -127,7 +127,7 @@
 .Xr sha 3
 .Sh HISTORY
 These functions appeared in
-.Fx 4.0 .
+.Fx 6.0 .
 .Sh AUTHORS
 The core hash routines were implemented by Colin Percival based on
 the published
Index: lib/libmd/Makefile
===================================================================
--- lib/libmd/Makefile	(revision 236892)
+++ lib/libmd/Makefile	(working copy)
@@ -5,10 +5,11 @@
 SRCS=	md2c.c md4c.c md5c.c md2hl.c md4hl.c md5hl.c \
 	rmd160c.c rmd160hl.c \
 	sha0c.c sha0hl.c sha1c.c sha1hl.c \
-	sha256c.c sha256hl.c
-INCS=	md2.h md4.h md5.h ripemd.h sha.h sha256.h
+	sha256c.c sha256hl.c \
+	sha512c.c sha512hl.c
+INCS=	md2.h md4.h md5.h ripemd.h sha.h sha256.h sha512.h
 
-MAN+=	md2.3 md4.3 md5.3 ripemd.3 sha.3 sha256.3
+MAN+=	md2.3 md4.3 md5.3 ripemd.3 sha.3 sha256.3 sha512.3
 MLINKS+=md2.3 MD2Init.3 md2.3 MD2Update.3 md2.3 MD2Final.3
 MLINKS+=md2.3 MD2End.3  md2.3 MD2File.3   md2.3 MD2FileChunk.3
 MLINKS+=md2.3 MD2Data.3
@@ -32,10 +33,15 @@
 MLINKS+=sha256.3 SHA256_Final.3 sha256.3 SHA256_End.3
 MLINKS+=sha256.3 SHA256_File.3  sha256.3 SHA256_FileChunk.3
 MLINKS+=sha256.3 SHA256_Data.3
+MLINKS+=sha512.3 SHA512_Init.3  sha512.3 SHA512_Update.3
+MLINKS+=sha512.3 SHA512_Final.3 sha512.3 SHA512_End.3
+MLINKS+=sha512.3 SHA512_File.3  sha512.3 SHA512_FileChunk.3
+MLINKS+=sha512.3 SHA512_Data.3
 CLEANFILES+=	md[245]hl.c md[245].ref md[245].3 mddriver \
 		rmd160.ref rmd160hl.c rmddriver \
 		sha0.ref sha0hl.c sha1.ref sha1hl.c shadriver \
-		sha256.ref sha256hl.c
+		sha256.ref sha256hl.c sha512.ref sha512hl.c
+
 CFLAGS+= -I${.CURDIR}
 .PATH: ${.CURDIR}/${MACHINE_ARCH}
 
@@ -76,6 +82,12 @@
 			-e  's/SHA256__/SHA256_/g' \
 		${.ALLSRC}) > ${.TARGET}
 
+sha512hl.c: mdXhl.c
+	(echo '#define LENGTH 64'; \
+		sed -e 's/mdX/sha512/g' -e 's/MDX/SHA512_/g'	\
+			-e  's/SHA512__/SHA512_/g' \
+		${.ALLSRC}) > ${.TARGET}
+
 rmd160hl.c: mdXhl.c
 	(echo '#define LENGTH 20'; \
 		sed -e 's/mdX/ripemd/g' -e 's/MDX/RIPEMD160_/g' \
@@ -105,8 +117,10 @@
 	@echo 'MD4 ("abc") = a448017aaf21d8525fc10ae87aa6729d' >> ${.TARGET}
 	@echo 'MD4 ("message digest") = d9130a8164549fe818874806e1c7014b' >> ${.TARGET}
 	@echo 'MD4 ("abcdefghijklmnopqrstuvwxyz") = d79e1c308aa5bbcdeea8ed63df412da9' >> ${.TARGET}
-	@echo 'MD4 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") = 043f8582f241db351ce627e153e7f0e4' >> ${.TARGET}
-	@echo 'MD4 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") = e33b4ddc9c38f2199c3e7b164fcc0536' >> ${.TARGET}
+	@echo 'MD4 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \
+		'043f8582f241db351ce627e153e7f0e4' >> ${.TARGET}
+	@echo 'MD4 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \
+		'e33b4ddc9c38f2199c3e7b164fcc0536' >> ${.TARGET}
 
 md5.ref:
 	echo 'MD5 test suite:' > ${.TARGET}
@@ -119,54 +133,74 @@
 	@echo 'MD5 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") = 57edf4a22be3c955ac49da2e2107b67a' >> ${.TARGET}
 
 sha0.ref:
-	(echo 'SHA-0 test suite:'; \
-	echo 'SHA-0 ("") = f96cea198ad1dd5617ac084a3d92c6107708c0ef'; \
-	echo 'SHA-0 ("abc") = 0164b8a914cd2a5e74c4f7ff082c4d97f1edf880'; \
-	echo 'SHA-0 ("message digest") =' \
-		'c1b0f222d150ebb9aa36a40cafdc8bcbed830b14'; \
-	echo 'SHA-0 ("abcdefghijklmnopqrstuvwxyz") =' \
-		'b40ce07a430cfd3c033039b9fe9afec95dc1bdcd'; \
-	echo 'SHA-0 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \
-		'79e966f7a3a990df33e40e3d7f8f18d2caebadfa'; \
-	echo 'SHA-0 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \
-		'4aa29d14d171522ece47bee8957e35a41f3e9cff' ) > ${.TARGET}
+	echo 'SHA-0 test suite:' > ${.TARGET}
+	@echo 'SHA-0 ("") = f96cea198ad1dd5617ac084a3d92c6107708c0ef' >> ${.TARGET}
+	@echo 'SHA-0 ("abc") = 0164b8a914cd2a5e74c4f7ff082c4d97f1edf880' >> ${.TARGET}
+	@echo 'SHA-0 ("message digest") =' \
+		'c1b0f222d150ebb9aa36a40cafdc8bcbed830b14' >> ${.TARGET}
+	@echo 'SHA-0 ("abcdefghijklmnopqrstuvwxyz") =' \
+		'b40ce07a430cfd3c033039b9fe9afec95dc1bdcd' >> ${.TARGET}
+	@echo 'SHA-0 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \
+		'79e966f7a3a990df33e40e3d7f8f18d2caebadfa' >> ${.TARGET}
+	@echo 'SHA-0 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \
+		'4aa29d14d171522ece47bee8957e35a41f3e9cff' >> ${.TARGET}
 
 sha1.ref:
-	(echo 'SHA-1 test suite:'; \
-	echo 'SHA-1 ("") = da39a3ee5e6b4b0d3255bfef95601890afd80709'; \
-	echo 'SHA-1 ("abc") = a9993e364706816aba3e25717850c26c9cd0d89d'; \
-	echo 'SHA-1 ("message digest") =' \
-		'c12252ceda8be8994d5fa0290a47231c1d16aae3'; \
-	echo 'SHA-1 ("abcdefghijklmnopqrstuvwxyz") =' \
-		'32d10c7b8cf96570ca04ce37f2a19d84240d3a89'; \
-	echo 'SHA-1 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \
-		'761c457bf73b14d27e9e9265c46f4b4dda11f940'; \
-	echo 'SHA-1 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \
-		'50abf5706a150990a08b2c5ea40fa0e585554732' ) > ${.TARGET}
+	echo 'SHA-1 test suite:' > ${.TARGET}
+	@echo 'SHA-1 ("") = da39a3ee5e6b4b0d3255bfef95601890afd80709' >> ${.TARGET}
+	@echo 'SHA-1 ("abc") = a9993e364706816aba3e25717850c26c9cd0d89d' >> ${.TARGET}
+	@echo 'SHA-1 ("message digest") =' \
+		'c12252ceda8be8994d5fa0290a47231c1d16aae3' >> ${.TARGET}
+	@echo 'SHA-1 ("abcdefghijklmnopqrstuvwxyz") =' \
+		'32d10c7b8cf96570ca04ce37f2a19d84240d3a89' >> ${.TARGET}
+	@echo 'SHA-1 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \
+		'761c457bf73b14d27e9e9265c46f4b4dda11f940' >> ${.TARGET}
+	@echo 'SHA-1 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \
+		'50abf5706a150990a08b2c5ea40fa0e585554732' >> ${.TARGET}
 
 sha256.ref:
 	echo 'SHA-256 test suite:' > ${.TARGET}
 	@echo 'SHA-256 ("") = e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855' >> ${.TARGET}
-	@echo 'SHA-256 ("abc") = ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad' >> ${.TARGET}
-	@echo 'SHA-256 ("message digest") = f7846f55cf23e14eebeab5b4e1550cad5b509e3348fbc4efa3a1413d393cb650' >> ${.TARGET}
-	@echo 'SHA-256 ("abcdefghijklmnopqrstuvwxyz") = 71c480df93d6ae2f1efad1447c66c9525e316218cf51fc8d9ed832f2daf18b73' >> ${.TARGET}
-	@echo 'SHA-256 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") = db4bfcbd4da0cd85a60c3c37d3fbd8805c77f15fc6b1fdfe614ee0a7c8fdb4c0' >> ${.TARGET}
-	@echo 'SHA-256 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") = f371bc4a311f2b009eef952dd83ca80e2b60026c8e935592d0f9c308453c813e' >> ${.TARGET}
+	@echo 'SHA-256 ("abc") =' \
+		'ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad' >> ${.TARGET}
+	@echo 'SHA-256 ("message digest") =' \
+		'f7846f55cf23e14eebeab5b4e1550cad5b509e3348fbc4efa3a1413d393cb650' >> ${.TARGET}
+	@echo 'SHA-256 ("abcdefghijklmnopqrstuvwxyz") =' \
+		'71c480df93d6ae2f1efad1447c66c9525e316218cf51fc8d9ed832f2daf18b73' >> ${.TARGET}
+	@echo 'SHA-256 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \
+		'db4bfcbd4da0cd85a60c3c37d3fbd8805c77f15fc6b1fdfe614ee0a7c8fdb4c0' >> ${.TARGET}
+	@echo 'SHA-256 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \
+		'f371bc4a311f2b009eef952dd83ca80e2b60026c8e935592d0f9c308453c813e' >> ${.TARGET}
 
+sha512.ref:
+	echo 'SHA-512 test suite:' > ${.TARGET}
+	@echo 'SHA-512 ("") =' \
+		'cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e' >> ${.TARGET}
+	@echo 'SHA-512 ("abc") =' \
+		'ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f' >> ${.TARGET}
+	@echo 'SHA-512 ("message digest") =' \
+		'107dbf389d9e9f71a3a95f6c055b9251bc5268c2be16d6c13492ea45b0199f3309e16455ab1e96118e8a905d5597b72038ddb372a89826046de66687bb420e7c' >> ${.TARGET}
+	@echo 'SHA-512 ("abcdefghijklmnopqrstuvwxyz") =' \
+		'4dbff86cc2ca1bae1e16468a05cb9881c97f1753bce3619034898faa1aabe429955a1bf8ec483d7421fe3c1646613a59ed5441fb0f321389f77f48a879c7b1f1' >> ${.TARGET}
+	@echo 'SHA-512 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \
+		'1e07be23c26a86ea37ea810c8ec7809352515a970e9253c26f536cfc7a9996c45c8370583e0a78fa4a90041d71a4ceab7423f19c71b9d5a3e01249f0bebd5894' >> ${.TARGET}
+	@echo 'SHA-512 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \
+		'72ec1ef1124a45b047e8b7c75a932195135bb61de24ec0d1914042246e0aec3a2354e093d76f3048b456764346900cb130d2a4fd5dd16abb5e30bcb850dee843' >> ${.TARGET}
+
 rmd160.ref:
-	(echo 'RIPEMD160 test suite:'; \
-	echo 'RIPEMD160 ("") = 9c1185a5c5e9fc54612808977ee8f548b2258d31'; \
-	echo 'RIPEMD160 ("abc") = 8eb208f7e05d987a9b044a8e98c6b087f15a0bfc'; \
-	echo 'RIPEMD160 ("message digest") =' \
-		'5d0689ef49d2fae572b881b123a85ffa21595f36'; \
-	echo 'RIPEMD160 ("abcdefghijklmnopqrstuvwxyz") =' \
-		'f71c27109c692c1b56bbdceb5b9d2865b3708dbc'; \
-	echo 'RIPEMD160 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \
-		'b0e20b6e3116640286ed3a87a5713079b21f5189'; \
-	echo 'RIPEMD160 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \
-		'9b752e45573d4b39f4dbd3323cab82bf63326bfb' ) > ${.TARGET}
+	echo 'RIPEMD160 test suite:' > ${.TARGET}
+	@echo 'RIPEMD160 ("") = 9c1185a5c5e9fc54612808977ee8f548b2258d31' >> ${.TARGET}
+	@echo 'RIPEMD160 ("abc") = 8eb208f7e05d987a9b044a8e98c6b087f15a0bfc' >> ${.TARGET}
+	@echo 'RIPEMD160 ("message digest") =' \
+		'5d0689ef49d2fae572b881b123a85ffa21595f36' >> ${.TARGET}
+	@echo 'RIPEMD160 ("abcdefghijklmnopqrstuvwxyz") =' \
+		'f71c27109c692c1b56bbdceb5b9d2865b3708dbc' >> ${.TARGET}
+	@echo 'RIPEMD160 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \
+		'b0e20b6e3116640286ed3a87a5713079b21f5189' >> ${.TARGET}
+	@echo 'RIPEMD160 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \
+		'9b752e45573d4b39f4dbd3323cab82bf63326bfb' >> ${.TARGET}
 
-test:	md2.ref md4.ref md5.ref sha0.ref rmd160.ref sha1.ref sha256.ref
+test:	md2.ref md4.ref md5.ref sha0.ref rmd160.ref sha1.ref sha256.ref sha512.ref
 	@${ECHO} if any of these test fail, the code produces wrong results
 	@${ECHO} and should NOT be used.
 	${CC} ${CFLAGS} ${LDFLAGS} -DMD=2 -o mddriver ${.CURDIR}/mddriver.c -L. -lmd
@@ -192,6 +226,9 @@
 	${CC} ${CFLAGS} ${LDFLAGS} -DSHA=256 -o shadriver ${.CURDIR}/shadriver.c -L. -lmd
 	./shadriver | cmp sha256.ref -
 	@${ECHO} SHA-256 passed test
+	${CC} ${CFLAGS} ${LDFLAGS} -DSHA=512 -o shadriver ${.CURDIR}/shadriver.c libmd.a
+	./shadriver | cmp sha512.ref -
+	@${ECHO} SHA-512 passed test
 	-rm -f shadriver
 
 .include <bsd.lib.mk>
Index: lib/libmd/rmddriver.c
===================================================================
--- lib/libmd/rmddriver.c	(revision 236892)
+++ lib/libmd/rmddriver.c	(working copy)
@@ -1,53 +1,51 @@
-/* RIPEMD160DRIVER.C - test driver for RIPEMD160
- */
+/* RIPEMD160DRIVER.C - test driver for RIPEMD160 */
 
+/* Copyright (C) 1990-2, RSA Data Security, Inc. Created 1990. All rights
+ * reserved.
+ * 
+ * RSA Data Security, Inc. makes no representations concerning either the
+ * merchantability of this software or the suitability of this software for
+ * any particular purpose. It is provided "as is" without express or implied
+ * warranty of any kind.
+ * 
+ * These notices must be retained in any copies of any part of this
+ * documentation and/or software. */
+
 #include <sys/cdefs.h>
 __FBSDID("$FreeBSD$");
 
-/* Copyright (C) 1990-2, RSA Data Security, Inc. Created 1990. All
-   rights reserved.
-
-   RSA Data Security, Inc. makes no representations concerning either
-   the merchantability of this software or the suitability of this
-   software for any particular purpose. It is provided "as is"
-   without express or implied warranty of any kind.
-
-   These notices must be retained in any copies of any part of this
-   documentation and/or software.
- */
-
 #include <sys/types.h>
 
 #include <stdio.h>
 #include <time.h>
 #include <string.h>
+
 #include "ripemd.h"
 
-/* Digests a string and prints the result.
- */
-static void RIPEMD160String (string)
-char *string;
+/* Digests a string and prints the result. */
+static void 
+RIPEMD160String(char *string)
 {
-  char buf[2*20+1];
+	char buf[2*20 + 1];
 
-  printf ("RIPEMD160 (\"%s\") = %s\n", 
-	string, RIPEMD160_Data(string,strlen(string),buf));
+	printf("RIPEMD160 (\"%s\") = %s\n",
+	       string, RIPEMD160_Data(string, strlen(string), buf));
 }
 
-/* Digests a reference suite of strings and prints the results.
- */
-main()
+/* Digests a reference suite of strings and prints the results. */
+int
+main(void)
 {
-  printf ("RIPEMD160 test suite:\n");
+	printf("RIPEMD160 test suite:\n");
 
-  RIPEMD160String ("");
-  RIPEMD160String ("abc");
-  RIPEMD160String ("message digest");
-  RIPEMD160String ("abcdefghijklmnopqrstuvwxyz");
-  RIPEMD160String
-    ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789");
-  RIPEMD160String
-    ("1234567890123456789012345678901234567890\
-1234567890123456789012345678901234567890");
-  return 0;
+	RIPEMD160String("");
+	RIPEMD160String("abc");
+	RIPEMD160String("message digest");
+	RIPEMD160String("abcdefghijklmnopqrstuvwxyz");
+	RIPEMD160String("ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+		"abcdefghijklmnopqrstuvwxyz0123456789");
+	RIPEMD160String("1234567890123456789012345678901234567890"
+		"1234567890123456789012345678901234567890");
+
+	return 0;
 }
Index: lib/libmd/mddriver.c
===================================================================
--- lib/libmd/mddriver.c	(revision 236892)
+++ lib/libmd/mddriver.c	(working copy)
@@ -1,33 +1,31 @@
-/* MDDRIVER.C - test driver for MD2, MD4 and MD5
- */
+/* MDDRIVER.C - test driver for MD2, MD4 and MD5 */
 
+/* Copyright (C) 1990-2, RSA Data Security, Inc. Created 1990. All rights
+ * reserved.
+ * 
+ * RSA Data Security, Inc. makes no representations concerning either the
+ * merchantability of this software or the suitability of this software for
+ * any particular purpose. It is provided "as is" without express or implied
+ * warranty of any kind.
+ * 
+ * These notices must be retained in any copies of any part of this
+ * documentation and/or software. */
+
 #include <sys/cdefs.h>
 __FBSDID("$FreeBSD$");
 
-/* Copyright (C) 1990-2, RSA Data Security, Inc. Created 1990. All
-   rights reserved.
+#include <sys/types.h>
 
-   RSA Data Security, Inc. makes no representations concerning either
-   the merchantability of this software or the suitability of this
-   software for any particular purpose. It is provided "as is"
-   without express or implied warranty of any kind.
+#include <stdio.h>
+#include <time.h>
+#include <string.h>
 
-   These notices must be retained in any copies of any part of this
-   documentation and/or software.
- */
-
-/* The following makes MD default to MD5 if it has not already been
-     defined with C compiler flags.
- */
+/* The following makes MD default to MD5 if it has not already been defined
+ * with C compiler flags. */
 #ifndef MD
 #define MD 5
 #endif
 
-#include <sys/types.h>
-
-#include <stdio.h>
-#include <time.h>
-#include <string.h>
 #if MD == 2
 #include "md2.h"
 #define MDData MD2Data
@@ -41,32 +39,31 @@
 #define MDData MD5Data
 #endif
 
-/* Digests a string and prints the result.
- */
-static void MDString (string)
-char *string;
+/* Digests a string and prints the result. */
+static void 
+MDString(char *string)
 {
-  char buf[33];
+	char buf[33];
 
-  printf ("MD%d (\"%s\") = %s\n", 
-	MD, string, MDData(string,strlen(string),buf));
+	printf("MD%d (\"%s\") = %s\n",
+	       MD, string, MDData(string, strlen(string), buf));
 }
 
-/* Digests a reference suite of strings and prints the results.
- */
-main()
+/* Digests a reference suite of strings and prints the results. */
+int
+main(void)
 {
-  printf ("MD%d test suite:\n", MD);
+	printf("MD%d test suite:\n", MD);
 
-  MDString ("");
-  MDString ("a");
-  MDString ("abc");
-  MDString ("message digest");
-  MDString ("abcdefghijklmnopqrstuvwxyz");
-  MDString
-    ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789");
-  MDString
-    ("1234567890123456789012345678901234567890\
-1234567890123456789012345678901234567890");
-  return 0;
+	MDString("");
+	MDString("a");
+	MDString("abc");
+	MDString("message digest");
+	MDString("abcdefghijklmnopqrstuvwxyz");
+	MDString("ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+		"abcdefghijklmnopqrstuvwxyz0123456789");
+	MDString("1234567890123456789012345678901234567890"
+		"1234567890123456789012345678901234567890");
+
+	return 0;
 }
Index: lib/libmd/shadriver.c
===================================================================
--- lib/libmd/shadriver.c	(revision 236892)
+++ lib/libmd/shadriver.c	(working copy)
@@ -1,66 +1,67 @@
-/* SHADRIVER.C - test driver for SHA-1 (and SHA-0)
- */
+/* SHADRIVER.C - test driver for SHA-1 (and SHA-2) */
 
+/* Copyright (C) 1990-2, RSA Data Security, Inc. Created 1990. All rights
+ * reserved.
+ * 
+ * RSA Data Security, Inc. makes no representations concerning either the
+ * merchantability of this software or the suitability of this software for
+ * any particular purpose. It is provided "as is" without express or implied
+ * warranty of any kind.
+ * 
+ * These notices must be retained in any copies of any part of this
+ * documentation and/or software. */
+
 #include <sys/cdefs.h>
 __FBSDID("$FreeBSD$");
 
-/* Copyright (C) 1990-2, RSA Data Security, Inc. Created 1990. All
-   rights reserved.
+#include <sys/types.h>
 
-   RSA Data Security, Inc. makes no representations concerning either
-   the merchantability of this software or the suitability of this
-   software for any particular purpose. It is provided "as is"
-   without express or implied warranty of any kind.
+#include <stdio.h>
+#include <time.h>
+#include <string.h>
 
-   These notices must be retained in any copies of any part of this
-   documentation and/or software.
- */
+#include "sha.h"
+#include "sha256.h"
+#include "sha512.h"
 
 /* The following makes SHA default to SHA-1 if it has not already been
-     defined with C compiler flags.
- */
+ * defined with C compiler flags. */
 #ifndef SHA
 #define SHA 1
 #endif
 
-#include <sys/types.h>
-
-#include <stdio.h>
-#include <time.h>
-#include <string.h>
-#include "sha.h"
-#include "sha256.h"
 #if SHA == 1
 #define SHA_Data SHA1_Data
 #elif SHA == 256
 #define SHA_Data SHA256_Data
+#elif SHA == 512
+#define SHA_Data SHA512_Data
 #endif
 
-/* Digests a string and prints the result.
- */
-static void SHAString (string)
-char *string;
+/* Digests a string and prints the result. */
+static void
+SHAString(char *string)
 {
-  char buf[2*32+1];
+	char buf[2*64 + 1];
 
-  printf ("SHA-%d (\"%s\") = %s\n", 
-	SHA, string, SHA_Data(string,strlen(string),buf));
+	printf("SHA-%d (\"%s\") = %s\n",
+	       SHA, string, SHA_Data(string, strlen(string), buf));
 }
 
-/* Digests a reference suite of strings and prints the results.
- */
-main()
+/* Digests a reference suite of strings and prints the results. */
+int
+main(void)
 {
-  printf ("SHA-%d test suite:\n", SHA);
+	printf("SHA-%d test suite:\n", SHA);
 
-  SHAString ("");
-  SHAString ("abc");
-  SHAString ("message digest");
-  SHAString ("abcdefghijklmnopqrstuvwxyz");
-  SHAString
-    ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789");
-  SHAString
-    ("1234567890123456789012345678901234567890\
-1234567890123456789012345678901234567890");
-  return 0;
+	SHAString("");
+	SHAString("abc");
+	SHAString("message digest");
+	SHAString("abcdefghijklmnopqrstuvwxyz");
+	SHAString("ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+		  "abcdefghijklmnopqrstuvwxyz0123456789");
+	SHAString("1234567890123456789012345678901234567890"
+		  "1234567890123456789012345678901234567890");
+
+	return 0;
 }

_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"