From b8f38ee27324c4a0d250cf6babc8469085a5b3c2 Mon Sep 17 00:00:00 2001 From: changhan Date: Fri, 18 Apr 2025 02:47:20 +0000 Subject: [PATCH] fix man: Sync SHA2 changes from OpenBSD Signed-off-by: changhan --- ...x-man-Sync-SHA2-changes-from-OpenBSD.patch | 292 ++++++++++++++++++ libmd.spec | 7 +- 2 files changed, 298 insertions(+), 1 deletion(-) create mode 100644 backport-fix-man-Sync-SHA2-changes-from-OpenBSD.patch diff --git a/backport-fix-man-Sync-SHA2-changes-from-OpenBSD.patch b/backport-fix-man-Sync-SHA2-changes-from-OpenBSD.patch new file mode 100644 index 0000000..30b19cd --- /dev/null +++ b/backport-fix-man-Sync-SHA2-changes-from-OpenBSD.patch @@ -0,0 +1,292 @@ +From 1386c5d2b5c92e07ecdf1a0ebd337c52e5536577 Mon Sep 17 00:00:00 2001 +From: changhan +Date: Fri, 18 Apr 2025 10:31:25 +0800 +Subject: [PATCH] fix-man-Sync-SHA2-changes-from-OpenBSD + +--- + man/Makefile.am | 18 ++++++ + man/sha2.3 | 144 +++++++++++++++++++++++++++++++++++------------- + 2 files changed, 124 insertions(+), 38 deletions(-) + +diff --git a/man/Makefile.am b/man/Makefile.am +index 655e2ab..e5bc958 100644 +--- a/man/Makefile.am ++++ b/man/Makefile.am +@@ -105,6 +105,15 @@ $(sha1_FUNCS): sha1.3 + $(LN_S) -f sha1.3 $(DESTDIR)$(man3dir)/$@.3 + + sha2_FUNCS = \ ++ SHA224Init \ ++ SHA224Update \ ++ SHA224Pad \ ++ SHA224Final \ ++ SHA224Transform \ ++ SHA224End \ ++ SHA224File \ ++ SHA224FileChunk \ ++ SHA224Data \ + SHA256Init \ + SHA256Update \ + SHA256Pad \ +@@ -132,6 +141,15 @@ sha2_FUNCS = \ + SHA512File \ + SHA512FileChunk \ + SHA512Data \ ++ SHA512_256Init \ ++ SHA512_256Update \ ++ SHA512_256Pad \ ++ SHA512_256Final \ ++ SHA512_256Transform \ ++ SHA512_256End \ ++ SHA512_256File \ ++ SHA512_256FileChunk \ ++ SHA512_256Data \ + # EOL + + $(sha2_FUNCS): sha2.3 +diff --git a/man/sha2.3 b/man/sha2.3 +index dd977a1..daf78e7 100644 +--- a/man/sha2.3 ++++ b/man/sha2.3 +@@ -1,6 +1,6 @@ +-.\" $OpenBSD: sha2.3,v 1.15 2008/09/06 12:00:19 djm Exp $ ++.\" $OpenBSD: SHA256Init.3,v 1.3 2019/12/04 19:01:49 jmc Exp $ + .\" +-.\" Copyright (c) 2003, 2004 Todd C. Miller ++.\" Copyright (c) 2003, 2004 Todd C. Miller + .\" + .\" Permission to use, copy, modify, and distribute this software for any + .\" purpose with or without fee is hereby granted, provided that the above +@@ -20,10 +20,19 @@ + .\" + .\" See http://www.nist.gov/sha/ for the detailed standard + .\" +-.Dd $Mdocdate: September 12 2008 $ ++.Dd $Mdocdate: December 4 2019 $ + .Dt SHA2 3 + .Os + .Sh NAME ++.Nm SHA224Init , ++.Nm SHA224Update , ++.Nm SHA224Pad , ++.Nm SHA224Final , ++.Nm SHA224Transform , ++.Nm SHA224End , ++.Nm SHA224File , ++.Nm SHA224FileChunk , ++.Nm SHA224Data , + .Nm SHA256Init , + .Nm SHA256Update , + .Nm SHA256Pad , +@@ -32,13 +41,58 @@ + .Nm SHA256End , + .Nm SHA256File , + .Nm SHA256FileChunk , +-.Nm SHA256Data ++.Nm SHA256Data , ++.Nm SHA384Init , ++.Nm SHA384Update , ++.Nm SHA384Pad , ++.Nm SHA384Final , ++.Nm SHA384Transform , ++.Nm SHA384End , ++.Nm SHA384File , ++.Nm SHA384FileChunk , ++.Nm SHA384Data , ++.Nm SHA512Init , ++.Nm SHA512Update , ++.Nm SHA512Pad , ++.Nm SHA512Final , ++.Nm SHA512Transform , ++.Nm SHA512End , ++.Nm SHA512File , ++.Nm SHA512FileChunk , ++.Nm SHA512Data , ++.Nm SHA512_256Init , ++.Nm SHA512_256Update , ++.Nm SHA512_256Pad , ++.Nm SHA512_256Final , ++.Nm SHA512_256Transform , ++.Nm SHA512_256End , ++.Nm SHA512_256File , ++.Nm SHA512_256FileChunk , ++.Nm SHA512_256Data + .Nd calculate the NIST Secure Hash Standard (version 2) + .Sh LIBRARY + .Lb libmd + .Sh SYNOPSIS +-.Fd #include +-.Fd #include ++.In sys/types.h ++.In sha2.h ++.Ft void ++.Fn SHA224Init "SHA2_CTX *context" ++.Ft void ++.Fn SHA224Update "SHA2_CTX *context" "const uint8_t *data" "size_t len" ++.Ft void ++.Fn SHA224Pad "SHA2_CTX *context" ++.Ft void ++.Fn SHA224Final "uint8_t digest[SHA224_DIGEST_LENGTH]" "SHA2_CTX *context" ++.Ft void ++.Fn SHA224Transform "uint32_t state[8]" "const uint8_t buffer[SHA224_BLOCK_LENGTH]" ++.Ft "char *" ++.Fn SHA224End "SHA2_CTX *context" "char *buf" ++.Ft "char *" ++.Fn SHA224File "const char *filename" "char *buf" ++.Ft "char *" ++.Fn SHA224FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length" ++.Ft "char *" ++.Fn SHA224Data "const uint8_t *data" "size_t len" "char *buf" + .Ft void + .Fn SHA256Init "SHA2_CTX *context" + .Ft void +@@ -70,11 +124,11 @@ + .Ft "char *" + .Fn SHA384End "SHA2_CTX *context" "char *buf" + .Ft "char *" +-.Fn SHA384File "char *filename" "char *buf" ++.Fn SHA384File "const char *filename" "char *buf" + .Ft "char *" +-.Fn SHA384FileChunk "char *filename" "char *buf" "off_t offset" "off_t length" ++.Fn SHA384FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length" + .Ft "char *" +-.Fn SHA384Data "uint8_t *data" "size_t len" "char *buf" ++.Fn SHA384Data "const uint8_t *data" "size_t len" "char *buf" + .Ft void + .Fn SHA512Init "SHA2_CTX *context" + .Ft void +@@ -88,33 +142,51 @@ + .Ft "char *" + .Fn SHA512End "SHA2_CTX *context" "char *buf" + .Ft "char *" +-.Fn SHA512File "char *filename" "char *buf" ++.Fn SHA512File "const char *filename" "char *buf" ++.Ft "char *" ++.Fn SHA512FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length" + .Ft "char *" +-.Fn SHA512FileChunk "char *filename" "char *buf" "off_t offset" "off_t length" ++.Fn SHA512Data "const uint8_t *data" "size_t len" "char *buf" ++.Ft void ++.Fn SHA512_256Init "SHA2_CTX *context" ++.Ft void ++.Fn SHA512_256Update "SHA2_CTX *context" "const uint8_t *data" "size_t len" ++.Ft void ++.Fn SHA512_256Pad "SHA2_CTX *context" ++.Ft void ++.Fn SHA512_256Final "uint8_t digest[SHA512_256_DIGEST_LENGTH]" "SHA2_CTX *context" ++.Ft void ++.Fn SHA512_256Transform "uint64_t state[8]" "const uint8_t buffer[SHA512_256_BLOCK_LENGTH]" + .Ft "char *" +-.Fn SHA512Data "uint8_t *data" "size_t len" "char *buf" ++.Fn SHA512_256End "SHA2_CTX *context" "char *buf" ++.Ft "char *" ++.Fn SHA512_256File "const char *filename" "char *buf" ++.Ft "char *" ++.Fn SHA512_256FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length" ++.Ft "char *" ++.Fn SHA512_256Data "const uint8_t *data" "size_t len" "char *buf" + .Sh DESCRIPTION + The SHA2 functions implement the NIST Secure Hash Standard, + FIPS PUB 180-2. + The SHA2 functions are used to generate a condensed representation of a + message called a message digest, suitable for use as a digital signature. +-There are three families of functions, with names corresponding to ++There are four families of functions, with names corresponding to + the number of bits in the resulting message digest. +-The SHA-256 functions are limited to processing a message of less ++SHA-224 and SHA-256 functions are limited to processing a message of less + than 2^64 bits as input. + The SHA-384 and SHA-512 functions can process a message of at most 2^128 - 1 + bits as input. + .Pp +-The SHA2 functions are considered to be more secure than the +-.Xr sha1 3 +-functions with which they share a similar interface. +-The 256, 384, and 512-bit versions of SHA2 share the same interface. ++The SHA2 functions are considered to be more secure than the SHA1 functions, ++with which they share a similar interface. ++The 224, 256, 384, and 512-bit versions of SHA2 share the same interface. ++SHA512/256, a truncated version of SHA512, is also supported. + For brevity, only the 256-bit variants are described below. + .Pp + The + .Fn SHA256Init + function initializes a SHA2_CTX +-.Ar context ++.Fa context + for use with + .Fn SHA256Update + and +@@ -122,9 +194,9 @@ and + The + .Fn SHA256Update + function adds +-.Ar data ++.Fa data + of length +-.Ar len ++.Fa len + to the SHA2_CTX specified by + .Ar context . + .Fn SHA256Final +@@ -159,9 +231,8 @@ The + .Fn SHA256End + function is a front end for + .Fn SHA256Final +-which converts the digest into an +-.Tn ASCII +-representation of the digest in hexadecimal. ++which converts the digest into an ASCII representation ++of the digest in hexadecimal. + .Pp + The + .Fn SHA256File +@@ -203,13 +274,15 @@ For each of the + and + .Fn SHA256Data + functions the +-.Ar buf ++.Fa buf + parameter should either be a string large enough to hold the resulting digest + (e.g.\& +-.Ev SHA256_DIGEST_STRING_LENGTH , +-.Ev SHA384_DIGEST_STRING_LENGTH , ++.Dv SHA224_DIGEST_STRING_LENGTH , ++.Dv SHA256_DIGEST_STRING_LENGTH , ++.Dv SHA384_DIGEST_STRING_LENGTH , ++.Dv SHA512_DIGEST_STRING_LENGTH , + or +-.Ev SHA512_DIGEST_STRING_LENGTH , ++.Dv SHA512_256_DIGEST_STRING_LENGTH , + depending on the function being used) + or a + .Dv NULL +@@ -264,7 +337,9 @@ printf("0x%s\en", SHA256Data(buf, strlen(buf), output)); + The SHA2 functions appeared in + .Ox 3.4 . + .Sh AUTHORS +-This implementation of the SHA functions was written by Aaron D. Gifford. ++.An -nosplit ++This implementation of the SHA functions was written by ++.An Aaron D. Gifford . + .Pp + The + .Fn SHA256End , +@@ -272,12 +347,5 @@ The + .Fn SHA256FileChunk , + and + .Fn SHA256Data +-helper functions are derived from code written by Poul-Henning Kamp. +-.Sh CAVEATS +-This implementation of the Secure Hash Standard has not been validated by +-NIST and as such is not in official compliance with the standard. +-.Pp +-If a message digest is to be copied to a multi-byte type (i.e.\& +-an array of 32-bit integers) it will be necessary to +-perform byte swapping on little endian machines such as the i386, alpha, +-and vax. ++helper functions are derived from code written by ++.An Poul-Henning Kamp . +-- +2.33.0 + diff --git a/libmd.spec b/libmd.spec index 1c22a15..64d7572 100644 --- a/libmd.spec +++ b/libmd.spec @@ -1,7 +1,7 @@ Summary: Library that provides message digest functions from BSD systems Name: libmd Version: 1.1.0 -Release: 4 +Release: 5 # Breakdown in COPYING file of libmd release tarball License: BSD-2-Clause AND BSD-3-Clause AND ISC AND Beerware URL: https://www.hadrons.org/software/libmd/ @@ -14,6 +14,7 @@ BuildRequires: make Patch1: backport-fix-out-of-tree-build.patch Patch2: backport-Refactor-autogen-call-into-before_script.patch +Patch3: backport-fix-man-Sync-SHA2-changes-from-OpenBSD.patch %description The libmd library provides a few message digest ("hash") functions, as @@ -78,6 +79,7 @@ make check %{_mandir}/man3/MD5*.3* %{_mandir}/man3/RMD160*.3* %{_mandir}/man3/SHA1*.3* +%{_mandir}/man3/SHA224*.3* %{_mandir}/man3/SHA256*.3* %{_mandir}/man3/SHA384*.3* %{_mandir}/man3/SHA512*.3* @@ -89,6 +91,9 @@ make check %{_mandir}/man3/sha2.3* %changelog +* Fri Apr 18 2025 changhan - 1.1.0-5 +- fix man: Sync SHA2 changes from OpenBSD + * Fri Apr 18 2025 changhan - 1.1.0-4 - fix build: Refactor autogen call into before_script