Add SHA224 implementation to libc.

Make libcrypto use the SHA2 implementation of libc.
Bump minor versions of libc and libcrypto.

common/lib/libc/hash/sha2/sha2.c

@@ -1,4 +1,4 @@
-/* $NetBSD: sha2.c,v 1.7 2008/02/16 17:15:32 apb Exp $ */
+/* $NetBSD: sha2.c,v 1.8 2009/05/26 08:04:11 joerg Exp $ */
 /*	$KAME: sha2.c,v 1.9 2003/07/20 00:28:38 itojun Exp $	*/
 
 /*
@@ -39,14 +39,14 @@
 #include <sys/cdefs.h>
 
 #if defined(_KERNEL) || defined(_STANDALONE)
-__KERNEL_RCSID(0, "$NetBSD: sha2.c,v 1.7 2008/02/16 17:15:32 apb Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sha2.c,v 1.8 2009/05/26 08:04:11 joerg Exp $");
 
 #include <lib/libkern/libkern.h>
 
 #else
 
 #if defined(LIBC_SCCS) && !defined(lint)
-__RCSID("$NetBSD: sha2.c,v 1.7 2008/02/16 17:15:32 apb Exp $");
+__RCSID("$NetBSD: sha2.c,v 1.8 2009/05/26 08:04:11 joerg Exp $");
 #endif /* LIBC_SCCS and not lint */
 
 #include "namespace.h"
@@ -219,6 +219,7 @@ typedef u_int64_t sha2_word64;	/* Exactly 8 bytes */
  * only.
  */
 static void SHA512_Last(SHA512_CTX*);
+void SHA224_Transform(SHA224_CTX*, const sha2_word64*);
 void SHA256_Transform(SHA256_CTX*, const sha2_word32*);
 void SHA384_Transform(SHA384_CTX*, const sha2_word64*);
 void SHA512_Transform(SHA512_CTX*, const sha2_word64*);
@@ -245,6 +246,18 @@ static const sha2_word32 K256[64] = {
 	0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL
 };
 
+/* Initial hash value H for SHA-224: */
+static const sha2_word32 sha224_initial_hash_value[8] = {
+	0xc1059ed8UL,
+	0x367cd507UL,
+	0x3070dd17UL,
+	0xf70e5939UL,
+	0xffc00b31UL,
+	0x68581511UL,
+	0x64f98fa7UL,
+	0xbefa4fa4UL
+};
+
 /* Initial hash value H for SHA-256: */
 static const sha2_word32 sha256_initial_hash_value[8] = {
 	0x6a09e667UL,
@@ -326,6 +339,11 @@ static const sha2_word64 sha512_initial_hash_value[8] = {
 };
 
 #if !defined(_KERNEL) && defined(__weak_alias)
+__weak_alias(SHA224_Init,_SHA224_Init) 
+__weak_alias(SHA224_Update,_SHA224_Update)
+__weak_alias(SHA224_Final,_SHA224_Final)
+__weak_alias(SHA224_Transform,_SHA224_Transform)
+
 __weak_alias(SHA256_Init,_SHA256_Init) 
 __weak_alias(SHA256_Update,_SHA256_Update)
 __weak_alias(SHA256_Final,_SHA256_Final)
@@ -342,14 +360,32 @@ __weak_alias(SHA512_Final,_SHA512_Final)
 __weak_alias(SHA512_Transform,_SHA512_Transform)
 #endif
 
-/*** SHA-256: *********************************************************/
+/*** SHA-224: *********************************************************/
-void SHA256_Init(SHA256_CTX* context) {
+int SHA224_Init(SHA256_CTX* context) {
 	if (context == (SHA256_CTX*)0) {
-		return;
+		return 1;
+	}
+	memcpy(context->state, sha224_initial_hash_value, (size_t)(SHA256_DIGEST_LENGTH));
+	memset(context->buffer, 0, (size_t)(SHA256_BLOCK_LENGTH));
+	context->bitcount = 0;
+
+	return 1;
+}
+
+/*** SHA-256: *********************************************************/
+int SHA256_Init(SHA256_CTX* context) {
+	if (context == (SHA256_CTX*)0) {
+		return 1;
 	}
 	memcpy(context->state, sha256_initial_hash_value, (size_t)(SHA256_DIGEST_LENGTH));
 	memset(context->buffer, 0, (size_t)(SHA256_BLOCK_LENGTH));
 	context->bitcount = 0;
+
+	return 1;
+}
+
+void SHA224_Transform(SHA224_CTX* context, const sha2_word64* data) {
+	SHA224_Transform((SHA256_CTX*)context, data);
 }
 
 #ifdef SHA2_UNROLL_TRANSFORM
@@ -527,12 +563,16 @@ void SHA256_Transform(SHA256_CTX* context, const sha2_word32* data) {
 
 #endif /* SHA2_UNROLL_TRANSFORM */
 
-void SHA256_Update(SHA256_CTX* context, const sha2_byte *data, size_t len) {
+int SHA224_Update(SHA256_CTX *context, const sha2_byte *data, size_t len) {
+	return SHA256_Update(context, data, len);
+}
+
+int SHA256_Update(SHA256_CTX* context, const sha2_byte *data, size_t len) {
 	unsigned int	freespace, usedspace;
 
 	if (len == 0) {
 		/* Calling with no data is valid - we do nothing */
-		return;
+		return 1;
 	}
 
 	/* Sanity check: */
@@ -557,7 +597,7 @@ void SHA256_Update(SHA256_CTX* context, const sha2_byte *data, size_t len) {
 			context->bitcount += len << 3;
 			/* Clean up: */
 			usedspace = freespace = 0;
-			return;
+			return 1;
 		}
 	}
 	/*
@@ -592,9 +632,11 @@ void SHA256_Update(SHA256_CTX* context, const sha2_byte *data, size_t len) {
 	}
 	/* Clean up: */
 	usedspace = freespace = 0;
+
+	return 1;
 }
 
-void SHA256_Final(sha2_byte digest[], SHA256_CTX* context) {
+static int SHA224_256_Final(sha2_byte digest[], SHA256_CTX* context, size_t len) {
 	sha2_word32	*d = (void *)digest;
 	unsigned int	usedspace;
 
@@ -641,30 +683,42 @@ void SHA256_Final(sha2_byte digest[], SHA256_CTX* context) {
 #if BYTE_ORDER == LITTLE_ENDIAN
 		{
 			/* Convert TO host byte order */
-			int	j;
+			size_t	j;
-			for (j = 0; j < 8; j++) {
+			for (j = 0; j < len / 4; j++) {
 				REVERSE32(context->state[j],context->state[j]);
 				*d++ = context->state[j];
 			}
 		}
 #else
-		memcpy(d, context->state, SHA256_DIGEST_LENGTH);
+		memcpy(d, context->state, len / 4);
 #endif
 	}
 
 	/* Clean up state data: */
 	memset(context, 0, sizeof(*context));
 	usedspace = 0;
+
+	return 1;
+}
+
+int SHA224_Final(sha2_byte digest[], SHA256_CTX* context) {
+	return SHA224_256_Final(digest, context, SHA224_DIGEST_LENGTH);
+}
+
+int SHA256_Final(sha2_byte digest[], SHA256_CTX* context) {
+	return SHA224_256_Final(digest, context, SHA256_DIGEST_LENGTH);
 }
 
 /*** SHA-512: *********************************************************/
-void SHA512_Init(SHA512_CTX* context) {
+int SHA512_Init(SHA512_CTX* context) {
 	if (context == (SHA512_CTX*)0) {
-		return;
+		return 1;
 	}
 	memcpy(context->state, sha512_initial_hash_value, (size_t)(SHA512_DIGEST_LENGTH));
 	memset(context->buffer, 0, (size_t)(SHA512_BLOCK_LENGTH));
 	context->bitcount[0] = context->bitcount[1] =  0;
+
+	return 1;
 }
 
 #ifdef SHA2_UNROLL_TRANSFORM
@@ -836,12 +890,12 @@ void SHA512_Transform(SHA512_CTX* context, const sha2_word64* data) {
 
 #endif /* SHA2_UNROLL_TRANSFORM */
 
-void SHA512_Update(SHA512_CTX* context, const sha2_byte *data, size_t len) {
+int SHA512_Update(SHA512_CTX* context, const sha2_byte *data, size_t len) {
 	unsigned int	freespace, usedspace;
 
 	if (len == 0) {
 		/* Calling with no data is valid - we do nothing */
-		return;
+		return 1;
 	}
 
 	/* Sanity check: */
@@ -865,7 +919,7 @@ void SHA512_Update(SHA512_CTX* context, const sha2_byte *data, size_t len) {
 			ADDINC128(context->bitcount, len << 3);
 			/* Clean up: */
 			usedspace = freespace = 0;
-			return;
+			return 1;
 		}
 	}
 	/*
@@ -900,6 +954,8 @@ void SHA512_Update(SHA512_CTX* context, const sha2_byte *data, size_t len) {
 	}
 	/* Clean up: */
 	usedspace = freespace = 0;
+
+	return 1;
 }
 
 static void SHA512_Last(SHA512_CTX* context) {
@@ -943,7 +999,7 @@ static void SHA512_Last(SHA512_CTX* context) {
 	SHA512_Transform(context, (sha2_word64*)(void *)context->buffer);
 }
 
-void SHA512_Final(sha2_byte digest[], SHA512_CTX* context) {
+int SHA512_Final(sha2_byte digest[], SHA512_CTX* context) {
 	sha2_word64	*d = (void *)digest;
 
 	/* Sanity check: */
@@ -970,27 +1026,31 @@ void SHA512_Final(sha2_byte digest[], SHA512_CTX* context) {
 
 	/* Zero out state data */
 	memset(context, 0, sizeof(*context));
+
+	return 1;
 }
 
 /*** SHA-384: *********************************************************/
-void SHA384_Init(SHA384_CTX* context) {
+int SHA384_Init(SHA384_CTX* context) {
 	if (context == (SHA384_CTX*)0) {
-		return;
+		return 1;
 	}
 	memcpy(context->state, sha384_initial_hash_value, (size_t)(SHA512_DIGEST_LENGTH));
 	memset(context->buffer, 0, (size_t)(SHA384_BLOCK_LENGTH));
 	context->bitcount[0] = context->bitcount[1] = 0;
+
+	return 1;
 }
 
-void SHA384_Update(SHA384_CTX* context, const sha2_byte* data, size_t len) {
+int SHA384_Update(SHA384_CTX* context, const sha2_byte* data, size_t len) {
-	SHA512_Update((SHA512_CTX*)context, data, len);
+	return SHA512_Update((SHA512_CTX*)context, data, len);
 }
 
 void SHA384_Transform(SHA512_CTX* context, const sha2_word64* data) {
 	SHA512_Transform((SHA512_CTX*)context, data);
 }
 
-void SHA384_Final(sha2_byte digest[], SHA384_CTX* context) {
+int SHA384_Final(sha2_byte digest[], SHA384_CTX* context) {
 	sha2_word64	*d = (void *)digest;
 
 	/* Sanity check: */
@@ -1017,4 +1077,6 @@ void SHA384_Final(sha2_byte digest[], SHA384_CTX* context) {
 
 	/* Zero out state data */
 	memset(context, 0, sizeof(*context));
+
+	return 1;
 }

distrib/sets/lists/base/md.amd64

@@ -1,4 +1,4 @@
-# $NetBSD: md.amd64,v 1.50 2009/05/20 16:22:22 christos Exp $
+# $NetBSD: md.amd64,v 1.51 2009/05/26 08:04:11 joerg Exp $
 ./dev/lms0					base-obsolete		obsolete
 ./dev/mms0					base-obsolete		obsolete
 ./libexec/ld.elf_so-i386			base-sys-shlib		compat,pic
@@ -64,13 +64,13 @@
 ./usr/lib/i386/libbz2.so.1			base-compat-shlib	compat,pic
 ./usr/lib/i386/libbz2.so.1.1			base-compat-shlib	compat,pic
 ./usr/lib/i386/libc.so.12			base-compat-shlib	compat,pic
-./usr/lib/i386/libc.so.12.167			base-compat-shlib	compat,pic
+./usr/lib/i386/libc.so.12.168			base-compat-shlib	compat,pic
 ./usr/lib/i386/libcom_err.so.6			base-compat-shlib	compat,pic,kerberos
 ./usr/lib/i386/libcom_err.so.6.0		base-compat-shlib	compat,pic,kerberos
 ./usr/lib/i386/libcrypt.so.1			base-compat-shlib	compat,pic
 ./usr/lib/i386/libcrypt.so.1.0			base-compat-shlib	compat,pic
 ./usr/lib/i386/libcrypto.so.5			base-compat-shlib	compat,pic
-./usr/lib/i386/libcrypto.so.5.0			base-compat-shlib	compat,pic
+./usr/lib/i386/libcrypto.so.5.1			base-compat-shlib	compat,pic
 ./usr/lib/i386/libcurses.so.7			base-compat-shlib	compat,pic
 ./usr/lib/i386/libcurses.so.7.0			base-compat-shlib	compat,pic
 ./usr/lib/i386/libdes.so.8			base-compat-shlib	compat,pic

distrib/sets/lists/base/md.sparc64

@@ -1,4 +1,4 @@
-# $NetBSD: md.sparc64,v 1.45 2009/05/20 16:22:22 christos Exp $
+# $NetBSD: md.sparc64,v 1.46 2009/05/26 08:04:11 joerg Exp $
 ./libexec/ld.elf_so-sparc			base-sysutil-bin	compat,pic
 ./sbin/edlabel					base-sysutil-root
 ./usr/bin/fdformat				base-util-bin
@@ -63,13 +63,13 @@
 ./usr/lib/sparc/libbz2.so.1			base-compat-shlib	compat,pic
 ./usr/lib/sparc/libbz2.so.1.1			base-compat-shlib	compat,pic
 ./usr/lib/sparc/libc.so.12			base-compat-shlib	compat,pic
-./usr/lib/sparc/libc.so.12.167			base-compat-shlib	compat,pic
+./usr/lib/sparc/libc.so.12.168			base-compat-shlib	compat,pic
 ./usr/lib/sparc/libcom_err.so.6			base-compat-shlib	compat,pic
 ./usr/lib/sparc/libcom_err.so.6.0		base-compat-shlib	compat,pic
 ./usr/lib/sparc/libcrypt.so.1			base-compat-shlib	compat,pic
 ./usr/lib/sparc/libcrypt.so.1.0			base-compat-shlib	compat,pic
 ./usr/lib/sparc/libcrypto.so.5			base-compat-shlib	compat,pic
-./usr/lib/sparc/libcrypto.so.5.0		base-compat-shlib	compat,pic
+./usr/lib/sparc/libcrypto.so.5.1		base-compat-shlib	compat,pic
 ./usr/lib/sparc/libcurses.so.7			base-compat-shlib	compat,pic
 ./usr/lib/sparc/libcurses.so.7.0		base-compat-shlib	compat,pic
 ./usr/lib/sparc/libdes.so.8			base-compat-shlib	compat,pic

distrib/sets/lists/base/shl.mi

@@ -1,4 +1,4 @@
-# $NetBSD: shl.mi,v 1.473 2009/05/13 02:50:31 pgoyette Exp $
+# $NetBSD: shl.mi,v 1.474 2009/05/26 08:04:11 joerg Exp $
 #
 # Note:	Don't delete entries from here - mark them as "obsolete" instead,
 #	unless otherwise stated below.
@@ -13,9 +13,9 @@
 #
 # Note:	libtermcap and libtermlib are hardlinked and share the same version.
 #
-./lib/libc.so.12.167				base-sys-shlib		dynamicroot
+./lib/libc.so.12.168				base-sys-shlib		dynamicroot
 ./lib/libcrypt.so.1.0				base-sys-shlib		dynamicroot
-./lib/libcrypto.so.5.0				base-crypto-shlib	crypto,dynamicroot
+./lib/libcrypto.so.5.1				base-crypto-shlib	crypto,dynamicroot
 ./lib/libdevmapper.so.1.0			base-lvm-shlib		lvm,dynamicroot
 ./lib/libedit.so.3.0				base-sys-shlib		dynamicroot
 ./lib/libevent.so.3.0				base-sys-shlib		dynamicroot
@@ -60,10 +60,10 @@
 ./usr/lib/libbluetooth.so.4.1			base-sys-shlib
 ./usr/lib/libbsdmalloc.so.0.0			base-sys-shlib
 ./usr/lib/libbz2.so.1.1				base-sys-shlib
-./usr/lib/libc.so.12.167			base-sys-shlib
+./usr/lib/libc.so.12.168			base-sys-shlib
 ./usr/lib/libcom_err.so.6.0			base-krb5-shlib		kerberos
 ./usr/lib/libcrypt.so.1.0			base-sys-shlib
-./usr/lib/libcrypto.so.5.0			base-crypto-shlib	crypto
+./usr/lib/libcrypto.so.5.1			base-crypto-shlib	crypto
 ./usr/lib/libcurses.so.7.0			base-sys-shlib
 ./usr/lib/libdes.so.8.0				base-crypto-shlib	crypto
 ./usr/lib/libdevmapper.so.1.0			base-lvm-shlib		lvm

distrib/sets/lists/comp/mi

@@ -1,4 +1,4 @@
-#	$NetBSD: mi,v 1.1262 2009/05/20 22:48:05 dyoung Exp $
+#	$NetBSD: mi,v 1.1263 2009/05/26 08:04:11 joerg Exp $
 #
 # Note: don't delete entries from here - mark them as "obsolete" instead.
 #
@@ -4354,6 +4354,14 @@
 ./usr/share/man/cat3/SHA1Init.0			comp-c-catman		.cat
 ./usr/share/man/cat3/SHA1Transform.0		comp-c-catman		.cat
 ./usr/share/man/cat3/SHA1Update.0		comp-c-catman		.cat
+./usr/share/man/cat3/SHA224_Data.0		comp-c-catman		.cat
+./usr/share/man/cat3/SHA224_End.0		comp-c-catman		.cat
+./usr/share/man/cat3/SHA224_File.0		comp-c-catman		.cat
+./usr/share/man/cat3/SHA224_FileChunk.0		comp-c-catman		.cat
+./usr/share/man/cat3/SHA224_Final.0		comp-c-catman		.cat
+./usr/share/man/cat3/SHA224_Init.0		comp-c-catman		.cat
+./usr/share/man/cat3/SHA224_Transform.0		comp-c-catman		.cat
+./usr/share/man/cat3/SHA224_Update.0		comp-c-catman		.cat
 ./usr/share/man/cat3/SHA256_Data.0		comp-c-catman		.cat
 ./usr/share/man/cat3/SHA256_End.0		comp-c-catman		.cat
 ./usr/share/man/cat3/SHA256_File.0		comp-c-catman		.cat
@@ -9859,6 +9867,14 @@
 ./usr/share/man/html3/SHA1Init.html		comp-c-htmlman		html
 ./usr/share/man/html3/SHA1Transform.html	comp-c-htmlman		html
 ./usr/share/man/html3/SHA1Update.html		comp-c-htmlman		html
+./usr/share/man/html3/SHA224_Data.html		comp-c-htmlman		html
+./usr/share/man/html3/SHA224_End.html		comp-c-htmlman		html
+./usr/share/man/html3/SHA224_File.html		comp-c-htmlman		html
+./usr/share/man/html3/SHA224_FileChunk.html	comp-c-htmlman		html
+./usr/share/man/html3/SHA224_Final.html		comp-c-htmlman		html
+./usr/share/man/html3/SHA224_Init.html		comp-c-htmlman		html
+./usr/share/man/html3/SHA224_Transform.html	comp-c-htmlman		html
+./usr/share/man/html3/SHA224_Update.html	comp-c-htmlman		html
 ./usr/share/man/html3/SHA256_Data.html		comp-c-htmlman		html
 ./usr/share/man/html3/SHA256_End.html		comp-c-htmlman		html
 ./usr/share/man/html3/SHA256_File.html		comp-c-htmlman		html
@@ -15164,6 +15180,14 @@
 ./usr/share/man/man3/SHA1Init.3			comp-c-man		.man
 ./usr/share/man/man3/SHA1Transform.3		comp-c-man		.man
 ./usr/share/man/man3/SHA1Update.3		comp-c-man		.man
+./usr/share/man/man3/SHA224_Data.3		comp-c-man		.man
+./usr/share/man/man3/SHA224_End.3		comp-c-man		.man
+./usr/share/man/man3/SHA224_File.3		comp-c-man		.man
+./usr/share/man/man3/SHA224_FileChunk.3		comp-c-man		.man
+./usr/share/man/man3/SHA224_Final.3		comp-c-man		.man
+./usr/share/man/man3/SHA224_Init.3		comp-c-man		.man
+./usr/share/man/man3/SHA224_Transform.3		comp-c-man		.man
+./usr/share/man/man3/SHA224_Update.3		comp-c-man		.man
 ./usr/share/man/man3/SHA256_Data.3		comp-c-man		.man
 ./usr/share/man/man3/SHA256_End.3		comp-c-man		.man
 ./usr/share/man/man3/SHA256_File.3		comp-c-man		.man

lib/libc/hash/sha2/Makefile.inc

@@ -1,12 +1,15 @@
-#	$NetBSD: Makefile.inc,v 1.3 2005/08/23 17:49:27 elad Exp $
+#	$NetBSD: Makefile.inc,v 1.4 2009/05/26 08:04:11 joerg Exp $
 
 # hash functions
 .PATH: ${.CURDIR}/hash/sha2
 
-SRCS+=	sha2.c sha256hl.c sha384hl.c sha512hl.c
+SRCS+=	sha2.c sha224hl.c sha256hl.c sha384hl.c sha512hl.c
 
 MAN+=	sha2.3
 
+MLINKS+=sha2.3 SHA224_Init.3 sha2.3 SHA224_Update.3 sha2.3 SHA224_Final.3
+MLINKS+=sha2.3 SHA224_End.3  sha2.3 SHA224_File.3   sha2.3 SHA224_Data.3
+MLINKS+=sha2.3 SHA224_Transform.3  sha2.3 SHA224_FileChunk.3
 MLINKS+=sha2.3 SHA256_Init.3 sha2.3 SHA256_Update.3 sha2.3 SHA256_Final.3
 MLINKS+=sha2.3 SHA256_End.3  sha2.3 SHA256_File.3   sha2.3 SHA256_Data.3
 MLINKS+=sha2.3 SHA256_Transform.3  sha2.3 SHA256_FileChunk.3

lib/libc/hash/sha2/sha2.3

@@ -1,4 +1,4 @@
-.\" $NetBSD: sha2.3,v 1.4 2005/12/26 19:40:15 perry Exp $
+.\" $NetBSD: sha2.3,v 1.5 2009/05/26 08:04:12 joerg Exp $
 .\"	$OpenBSD: sha2.3,v 1.11 2004/06/22 01:57:29 jfb Exp $
 .\"
 .\" Copyright (c) 2003, 2004 Todd C. Miller <Todd.Miller@courtesan.com>
@@ -21,7 +21,7 @@
 .\"
 .\" See http://www.nist.gov/sha/ for the detailed standard
 .\"
-.Dd April 24, 2003
+.Dd May 20, 2009
 .Dt SHA2 3
 .Os
 .Sh NAME
@@ -39,6 +39,24 @@
 .In sys/types.h
 .In sha2.h
 .Ft void
+.Fn SHA224_Init "SHA224_CTX *context"
+.Ft void
+.Fn SHA224_Update "SHA224_CTX *context" "const uint8_t *data" "size_t len"
+.Ft void
+.Fn SHA224_Pad "SHA224_CTX *context"
+.Ft void
+.Fn SHA224_Final "uint8_t digest[SHA224_DIGEST_LENGTH]" "SHA224_CTX *context"
+.Ft void
+.Fn SHA224_Transform "uint32_t state[8]" "const uint8_t buffer[SHA224_BLOCK_LENGTH]"
+.Ft "char *"
+.Fn SHA224_End "SHA224_CTX *context" "char *buf"
+.Ft "char *"
+.Fn SHA224_File "const char *filename" "char *buf"
+.Ft "char *"
+.Fn SHA224_FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length"
+.Ft "char *"
+.Fn SHA224_Data "uint8_t *data" "size_t len" "char *buf"
+.Ft void
 .Fn SHA256_Init "SHA256_CTX *context"
 .Ft void
 .Fn SHA256_Update "SHA256_CTX *context" "const uint8_t *data" "size_t len"
@@ -97,9 +115,9 @@ The SHA2 functions implement the NIST Secure Hash Standard,
 FIPS PUB 180-2.
 The SHA2 functions are used to generate a condensed representation of a
 message called a message digest, suitable for use as a digital signature.
-There are three families of functions, with names corresponding to
+There are four families of functions, with names corresponding to
 the number of bits in the resulting message digest.
-The SHA-256 functions are limited to processing a message of less
+The SHA-224 and SHA-256 functions are limited to processing a message of less
 than 2^64 bits as input.
 The SHA-384 and SHA-512 functions can process a message of at most 2^128 - 1
 bits as input.
@@ -107,7 +125,7 @@ bits as input.
 The SHA2 functions are considered to be more secure than the
 .Xr sha1 3
 functions with which they share a similar interface.
-The 256, 384, and 512-bit versions of SHA2 share the same interface.
+The 224, 256, 384, and 512-bit versions of SHA2 share the same interface.
 For brevity, only the 256-bit variants are described below.
 .Pp
 The
@@ -205,6 +223,7 @@ functions the
 .Ar buf
 parameter should either be a string large enough to hold the resulting digest
 (e.g.,
+.Ev SHA224_DIGEST_STRING_LENGTH ,
 .Ev SHA256_DIGEST_STRING_LENGTH ,
 .Ev SHA384_DIGEST_STRING_LENGTH ,
 or

lib/libc/hash/sha2/sha224hl.c

@@ -0,0 +1,16 @@
+/* $NetBSD */
+
+/*
+ * Derived from code written by Jason R. Thorpe <thorpej@NetBSD.org>,
+ * May 20, 2009.
+ * Public domain.
+ */
+
+#include <sys/cdefs.h>
+__RCSID("$NetBSD: sha224hl.c,v 1.1 2009/05/26 08:04:12 joerg Exp $");
+
+#define	HASH_ALGORITHM	SHA224
+#define	HASH_FNPREFIX	SHA224_
+#define HASH_INCLUDE	<sys/sha2.h>
+
+#include "../hashhl.c"

lib/libc/include/namespace.h

@@ -1,4 +1,4 @@
-/*	$NetBSD: namespace.h,v 1.137 2009/01/11 02:46:28 christos Exp $	*/
+/*	$NetBSD: namespace.h,v 1.138 2009/05/26 08:04:12 joerg Exp $	*/
 
 /*-
  * Copyright (c) 1997-2004 The NetBSD Foundation, Inc.
@@ -117,6 +117,14 @@
 #define SHA1Init		_SHA1Init
 #define SHA1Transform		_SHA1Transform
 #define SHA1Update		_SHA1Update
+#define SHA224_Data		_SHA224_Data
+#define SHA224_End		_SHA224_End
+#define SHA224_FileChunk	_SHA224_FileChunk
+#define SHA224_File		_SHA224_File
+#define SHA224_Final		_SHA224_Final
+#define SHA224_Init		_SHA224_Init
+#define SHA224_Transform	_SHA224_Transform
+#define SHA224_Update		_SHA224_Update
 #define SHA256_Data		_SHA256_Data
 #define SHA256_End		_SHA256_End
 #define SHA256_FileChunk	_SHA256_FileChunk

lib/libc/shlib_version

@@ -1,4 +1,4 @@
-#	$NetBSD: shlib_version,v 1.211 2009/05/01 17:27:01 perry Exp $
+#	$NetBSD: shlib_version,v 1.212 2009/05/26 08:04:11 joerg Exp $
 #	Remember to update distrib/sets/lists/base/shl.* when changing
 #
 # things we wish to do on next major version bump:
@@ -35,4 +35,4 @@
 #   it's insufficient bitwidth to implement all ctype class.
 #   see isblank's comment in ctype.h.
 major=12
-minor=167
+minor=168

lib/libcrypto/libc-sha256.c

@@ -0,0 +1,49 @@
+/*
+ * Special version of sha256.c that uses the libc SHA256 implementation
+ * of libc.
+ */
+
+/* crypto/sha/sha256.c */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project.  All rights reserved
+ * according to the OpenSSL license [found in ../../LICENSE].
+ * ====================================================================
+ */
+#include <openssl/opensslconf.h>
+
+#include <stdlib.h>
+#include <string.h>
+
+#include <openssl/crypto.h>
+#include <openssl/sha.h>
+#include <openssl/opensslv.h>
+
+#include "cryptlib.h"
+
+const char SHA256_version[]="SHA-256" OPENSSL_VERSION_PTEXT;
+
+unsigned char *SHA224(const unsigned char *d, size_t n, unsigned char *md)
+	{
+	SHA256_CTX c;
+	static unsigned char m[SHA224_DIGEST_LENGTH];
+
+	if (md == NULL) md=m;
+	SHA224_Init(&c);
+	SHA224_Update(&c,d,n);
+	SHA224_Final(md,&c);
+	OPENSSL_cleanse(&c,sizeof(c));
+	return(md);
+	}
+
+unsigned char *SHA256(const unsigned char *d, size_t n, unsigned char *md)
+	{
+	SHA256_CTX c;
+	static unsigned char m[SHA256_DIGEST_LENGTH];
+
+	if (md == NULL) md=m;
+	SHA256_Init(&c);
+	SHA256_Update(&c,d,n);
+	SHA256_Final(md,&c);
+	OPENSSL_cleanse(&c,sizeof(c));
+	return(md);
+	}

lib/libcrypto/libc-sha512.c

@@ -0,0 +1,49 @@
+/*
+ * Special version of sha512.c that uses the libc SHA512 implementation
+ * of libc.
+ */
+
+/* crypto/sha/sha512.c */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project.  All rights reserved
+ * according to the OpenSSL license [found in ../../LICENSE].
+ * ====================================================================
+ */
+#include <openssl/opensslconf.h>
+
+#include <stdlib.h>
+#include <string.h>
+
+#include <openssl/crypto.h>
+#include <openssl/sha.h>
+#include <openssl/opensslv.h>
+
+#include "cryptlib.h"
+
+const char SHA512_version[]="SHA-512" OPENSSL_VERSION_PTEXT;
+
+unsigned char *SHA384(const unsigned char *d, size_t n, unsigned char *md)
+	{
+	SHA512_CTX c;
+	static unsigned char m[SHA384_DIGEST_LENGTH];
+
+	if (md == NULL) md=m;
+	SHA384_Init(&c);
+	SHA384_Update(&c,d,n);
+	SHA384_Final(md,&c);
+	OPENSSL_cleanse(&c,sizeof(c));
+	return(md);
+	}
+
+unsigned char *SHA512(const unsigned char *d, size_t n, unsigned char *md)
+	{
+	SHA512_CTX c;
+	static unsigned char m[SHA512_DIGEST_LENGTH];
+
+	if (md == NULL) md=m;
+	SHA512_Init(&c);
+	SHA512_Update(&c,d,n);
+	SHA512_Final(md,&c);
+	OPENSSL_cleanse(&c,sizeof(c));
+	return(md);
+	}

lib/libcrypto/sha.inc

@@ -1,4 +1,4 @@
-#	$NetBSD: sha.inc,v 1.9 2007/12/09 22:44:21 adrianp Exp $
+#	$NetBSD: sha.inc,v 1.10 2009/05/26 08:04:12 joerg Exp $
 #
 #	@(#) Copyright (c) 1995 Simon J. Gerraty
 #
@@ -8,7 +8,11 @@
 .PATH:	${OPENSSLSRC}/crypto/sha
 
 
-SHA_SRCS = sha_dgst.c sha1dgst.c sha_one.c sha1_one.c sha256.c sha512.c
+SHA_SRCS = sha_dgst.c sha1dgst.c sha_one.c sha1_one.c
+
+# Replaced OpenSSL version to avoid overlap with libc
+SHA_SRCS+= libc-sha512.c libc-sha256.c
+
 SRCS += ${SHA_SRCS}
 
 .for cryptosrc in ${SHA_SRCS}

lib/libcrypto/shlib_version

@@ -1,5 +1,7 @@
-#	$NetBSD: shlib_version,v 1.15 2009/01/11 03:07:47 christos Exp $
+#	$NetBSD: shlib_version,v 1.16 2009/05/26 08:04:12 joerg Exp $
 #	Remember to update distrib/sets/lists/base/shl.* when changing
 #
+# Things to do on the next major bump:
+# - Make openssl/sha.h and sha2.h compatible.
 major=5
-minor=0
+minor=1

sys/sys/sha2.h

@@ -1,4 +1,4 @@
-/*	$NetBSD: sha2.h,v 1.2 2008/02/16 17:37:13 apb Exp $	*/
+/*	$NetBSD: sha2.h,v 1.3 2009/05/26 08:04:12 joerg Exp $	*/
 /*	$KAME: sha2.h,v 1.4 2003/07/20 00:28:38 itojun Exp $	*/
 
 /*
@@ -42,7 +42,10 @@
 #include <sys/types.h>
 #include <sys/cdefs.h>
 
-/*** SHA-256/384/512 Various Length Definitions ***********************/
+/*** SHA-224/256/384/512 Various Length Definitions ***********************/
+#define SHA224_BLOCK_LENGTH		64
+#define SHA224_DIGEST_LENGTH		28
+#define SHA224_DIGEST_STRING_LENGTH	(SHA224_DIGEST_LENGTH * 2 + 1)
 #define SHA256_BLOCK_LENGTH		64
 #define SHA256_DIGEST_LENGTH		32
 #define SHA256_DIGEST_STRING_LENGTH	(SHA256_DIGEST_LENGTH * 2 + 1)
@@ -60,20 +63,32 @@ typedef struct _SHA256_CTX {
 	uint64_t	bitcount;
 	uint8_t	buffer[SHA256_BLOCK_LENGTH];
 } SHA256_CTX;
+
 typedef struct _SHA512_CTX {
 	uint64_t	state[8];
 	uint64_t	bitcount[2];
 	uint8_t	buffer[SHA512_BLOCK_LENGTH];
 } SHA512_CTX;
 
+typedef SHA256_CTX SHA224_CTX;
 typedef SHA512_CTX SHA384_CTX;
 
 
 /*** SHA-256/384/512 Function Prototypes ******************************/
 __BEGIN_DECLS
-void SHA256_Init(SHA256_CTX *);
+int SHA224_Init(SHA224_CTX *);
-void SHA256_Update(SHA256_CTX*, const uint8_t*, size_t);
+int SHA224_Update(SHA224_CTX*, const uint8_t*, size_t);
-void SHA256_Final(uint8_t[SHA256_DIGEST_LENGTH], SHA256_CTX*);
+int SHA224_Final(uint8_t[SHA224_DIGEST_LENGTH], SHA224_CTX*);
+#ifndef _KERNEL
+char *SHA224_End(SHA224_CTX *, char[SHA224_DIGEST_STRING_LENGTH]);
+char *SHA224_FileChunk(const char *, char *, off_t, off_t);
+char *SHA224_File(const char *, char *);
+char *SHA224_Data(const uint8_t *, size_t, char[SHA224_DIGEST_STRING_LENGTH]);
+#endif /* !_KERNEL */
+
+int SHA256_Init(SHA256_CTX *);
+int SHA256_Update(SHA256_CTX*, const uint8_t*, size_t);
+int SHA256_Final(uint8_t[SHA256_DIGEST_LENGTH], SHA256_CTX*);
 #ifndef _KERNEL
 char *SHA256_End(SHA256_CTX *, char[SHA256_DIGEST_STRING_LENGTH]);
 char *SHA256_FileChunk(const char *, char *, off_t, off_t);
@@ -81,9 +96,9 @@ char *SHA256_File(const char *, char *);
 char *SHA256_Data(const uint8_t *, size_t, char[SHA256_DIGEST_STRING_LENGTH]);
 #endif /* !_KERNEL */
 
-void SHA384_Init(SHA384_CTX*);
+int SHA384_Init(SHA384_CTX*);
-void SHA384_Update(SHA384_CTX*, const uint8_t*, size_t);
+int SHA384_Update(SHA384_CTX*, const uint8_t*, size_t);
-void SHA384_Final(uint8_t[SHA384_DIGEST_LENGTH], SHA384_CTX*);
+int SHA384_Final(uint8_t[SHA384_DIGEST_LENGTH], SHA384_CTX*);
 #ifndef _KERNEL
 char *SHA384_End(SHA384_CTX *, char[SHA384_DIGEST_STRING_LENGTH]);
 char *SHA384_FileChunk(const char *, char *, off_t, off_t);
@@ -91,9 +106,9 @@ char *SHA384_File(const char *, char *);
 char *SHA384_Data(const uint8_t *, size_t, char[SHA384_DIGEST_STRING_LENGTH]);
 #endif /* !_KERNEL */
 
-void SHA512_Init(SHA512_CTX*);
+int SHA512_Init(SHA512_CTX*);
-void SHA512_Update(SHA512_CTX*, const uint8_t*, size_t);
+int SHA512_Update(SHA512_CTX*, const uint8_t*, size_t);
-void SHA512_Final(uint8_t[SHA512_DIGEST_LENGTH], SHA512_CTX*);
+int SHA512_Final(uint8_t[SHA512_DIGEST_LENGTH], SHA512_CTX*);
 #ifndef _KERNEL
 char *SHA512_End(SHA512_CTX *, char[SHA512_DIGEST_STRING_LENGTH]);
 char *SHA512_FileChunk(const char *, char *, off_t, off_t);