summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Weisgerber <naddy@cvs.openbsd.org>2014-03-23 23:27:23 +0000
committerChristian Weisgerber <naddy@cvs.openbsd.org>2014-03-23 23:27:23 +0000
commit23858575331fc74075cc7dd21dd3a87e49cc6f8c (patch)
tree02f6a6ffd114836975a6db16dde08b299bdf37ae
parentdb91d1fc71927d9e81767957d6b11932cff16d64 (diff)
Remove the MD4 functions.
"A collision attack published in 2007 can find collisions for full MD4 in less than two hash operations." ok deraadt@, man pages ok jmc@
-rw-r--r--include/Makefile4
-rw-r--r--include/md4.h50
-rw-r--r--lib/libc/hash/Makefile.inc28
-rw-r--r--lib/libc/hash/md4.c229
-rw-r--r--lib/libc/hash/md5.3 (renamed from lib/libc/hash/mdX.3)140
-rw-r--r--lib/libc/hash/rmd160.37
-rw-r--r--lib/libc/hash/sha1.37
-rw-r--r--lib/libc/hash/sha2.35
8 files changed, 78 insertions, 392 deletions
diff --git a/include/Makefile b/include/Makefile
index a78f4dd6a8d..46a9d2d8889 100644
--- a/include/Makefile
+++ b/include/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.182 2014/03/13 10:09:43 florian Exp $
+# $OpenBSD: Makefile,v 1.183 2014/03/23 23:27:22 naddy Exp $
# $NetBSD: Makefile,v 1.59 1996/05/15 21:36:43 jtc Exp $
# @(#)Makefile 5.45.1.1 (Berkeley) 5/6/91
@@ -13,7 +13,7 @@ FILES= a.out.h ar.h assert.h bitstring.h blf.h bm.h bsd_auth.h \
complex.h cpio.h ctype.h curses.h db.h dbm.h des.h dirent.h disktab.h \
dlfcn.h elf_abi.h err.h errno.h fenv.h float.h fnmatch.h fstab.h fts.h \
ftw.h getopt.h glob.h grp.h ifaddrs.h inttypes.h iso646.h kvm.h \
- langinfo.h libgen.h limits.h locale.h login_cap.h malloc.h math.h md4.h \
+ langinfo.h libgen.h limits.h locale.h login_cap.h malloc.h math.h \
md5.h memory.h mpool.h ndbm.h netdb.h netgroup.h nlist.h nl_types.h \
ohash.h paths.h poll.h pwd.h ranlib.h readpassphrase.h regex.h \
resolv.h rmd160.h search.h setjmp.h sha1.h sha2.h signal.h sndio.h \
diff --git a/include/md4.h b/include/md4.h
deleted file mode 100644
index 46a421b013e..00000000000
--- a/include/md4.h
+++ /dev/null
@@ -1,50 +0,0 @@
-/* $OpenBSD: md4.h,v 1.16 2012/12/05 23:19:57 deraadt Exp $ */
-
-/*
- * This code implements the MD4 message-digest algorithm.
- * The algorithm is due to Ron Rivest. This code was
- * written by Colin Plumb in 1993, no copyright is claimed.
- * This code is in the public domain; do with it what you wish.
- * Todd C. Miller modified the MD5 code to do MD4 based on RFC 1186.
- *
- * Equivalent code is available from RSA Data Security, Inc.
- * This code has been tested against that, and is equivalent,
- * except that you don't need to include two pages of legalese
- * with every copy.
- */
-
-#ifndef _MD4_H_
-#define _MD4_H_
-
-#define MD4_BLOCK_LENGTH 64
-#define MD4_DIGEST_LENGTH 16
-#define MD4_DIGEST_STRING_LENGTH (MD4_DIGEST_LENGTH * 2 + 1)
-
-typedef struct MD4Context {
- u_int32_t state[4]; /* state */
- u_int64_t count; /* number of bits, mod 2^64 */
- u_int8_t buffer[MD4_BLOCK_LENGTH]; /* input buffer */
-} MD4_CTX;
-
-__BEGIN_DECLS
-void MD4Init(MD4_CTX *);
-void MD4Update(MD4_CTX *, const u_int8_t *, size_t)
- __attribute__((__bounded__(__string__,2,3)));
-void MD4Pad(MD4_CTX *);
-void MD4Final(u_int8_t [MD4_DIGEST_LENGTH], MD4_CTX *)
- __attribute__((__bounded__(__minbytes__,1,MD4_DIGEST_LENGTH)));
-void MD4Transform(u_int32_t [4], const u_int8_t [MD4_BLOCK_LENGTH])
- __attribute__((__bounded__(__minbytes__,1,4)))
- __attribute__((__bounded__(__minbytes__,2,MD4_BLOCK_LENGTH)));
-char *MD4End(MD4_CTX *, char *)
- __attribute__((__bounded__(__minbytes__,2,MD4_DIGEST_STRING_LENGTH)));
-char *MD4File(const char *, char *)
- __attribute__((__bounded__(__minbytes__,2,MD4_DIGEST_STRING_LENGTH)));
-char *MD4FileChunk(const char *, char *, off_t, off_t)
- __attribute__((__bounded__(__minbytes__,2,MD4_DIGEST_STRING_LENGTH)));
-char *MD4Data(const u_int8_t *, size_t, char *)
- __attribute__((__bounded__(__string__,1,2)))
- __attribute__((__bounded__(__minbytes__,3,MD4_DIGEST_STRING_LENGTH)));
-__END_DECLS
-
-#endif /* _MD4_H_ */
diff --git a/lib/libc/hash/Makefile.inc b/lib/libc/hash/Makefile.inc
index f20314c0fd1..bc6d0060c2d 100644
--- a/lib/libc/hash/Makefile.inc
+++ b/lib/libc/hash/Makefile.inc
@@ -1,15 +1,12 @@
-# $OpenBSD: Makefile.inc,v 1.19 2013/04/15 15:54:17 millert Exp $
+# $OpenBSD: Makefile.inc,v 1.20 2014/03/23 23:27:22 naddy Exp $
# hash functions
.PATH: ${LIBCSRCDIR}/hash
-HELPER= md4hl.c md5hl.c rmd160hl.c sha1hl.c sha224hl.c sha256hl.c sha384hl.c sha512hl.c
-SRCS+= md4.c md5.c rmd160.c sha1.c sha2.c ${HELPER}
-MAN+= md4.3 md5.3 rmd160.3 sha1.3 sha2.3
+HELPER= md5hl.c rmd160hl.c sha1hl.c sha224hl.c sha256hl.c sha384hl.c sha512hl.c
+SRCS+= md5.c rmd160.c sha1.c sha2.c ${HELPER}
+MAN+= md5.3 rmd160.3 sha1.3 sha2.3
-MLINKS+=md4.3 MD4Transform.3 md4.3 MD4Init.3 md4.3 MD4Final.3
-MLINKS+=md4.3 MD4Update.3 md4.3 MD4End.3 md4.3 MD4File.3
-MLINKS+=md4.3 MD4FileChunk.3 md4.3 MD4Pad.3 md4.3 MD4Data.3
MLINKS+=md5.3 MD5Transform.3 md5.3 MD5Init.3 md5.3 MD5Final.3
MLINKS+=md5.3 MD5Update.3 md5.3 MD5End.3 md5.3 MD5File.3
MLINKS+=md5.3 MD5FileChunk.3 md5.3 MD5Pad.3 md5.3 MD5Data.3
@@ -31,20 +28,7 @@ MLINKS+=sha2.3 SHA384File.3 sha2.3 SHA384FileChunk.3 sha2.3 SHA384Data.3
MLINKS+=sha2.3 SHA512Init.3 sha2.3 SHA512Update.3 sha2.3 SHA512Pad.3
MLINKS+=sha2.3 SHA512Final.3 sha2.3 SHA512Transform.3 sha2.3 SHA512End.3
MLINKS+=sha2.3 SHA512File.3 sha2.3 SHA512FileChunk.3 sha2.3 SHA512Data.3
-CLEANFILES+= ${HELPER} md[45].3
-
-.ifndef NOMAN
-all: md4.3 md5.3
-
-md4.3: mdX.3
- sed -e 's/mdX/md4/g' -e 's/mdY/md5/g' -e 's/MDX/MD4/g' $> > $@
-
-md5.3: mdX.3
- sed -e 's/mdX/md5/g' -e 's/mdY/md4/g' -e 's/MDX/MD5/g' $> > $@
-.endif
-
-md4hl.c: helper.c
- sed -e 's/hashinc/md4.h/g' -e 's/HASH/MD4/g' $> > $@
+CLEANFILES+= ${HELPER}
md5hl.c: helper.c
sed -e 's/hashinc/md5.h/g' -e 's/HASH/MD5/g' $> > $@
@@ -75,4 +59,4 @@ sha512hl.c: helper.c
-e 's/HASH/SHA512/g' \
-e 's/SHA[0-9][0-9][0-9]_CTX/SHA2_CTX/g' $> > $@
-beforedepend: md4hl.c md5hl.c rmd160hl.c sha1hl.c sha256hl.c sha384hl.c sha512hl.c
+beforedepend: md5hl.c rmd160hl.c sha1hl.c sha256hl.c sha384hl.c sha512hl.c
diff --git a/lib/libc/hash/md4.c b/lib/libc/hash/md4.c
deleted file mode 100644
index 7ea3cd072b2..00000000000
--- a/lib/libc/hash/md4.c
+++ /dev/null
@@ -1,229 +0,0 @@
-/* $OpenBSD: md4.c,v 1.8 2014/01/08 06:14:56 tedu Exp $ */
-
-/*
- * This code implements the MD4 message-digest algorithm.
- * The algorithm is due to Ron Rivest. This code was
- * written by Colin Plumb in 1993, no copyright is claimed.
- * This code is in the public domain; do with it what you wish.
- * Todd C. Miller modified the MD5 code to do MD4 based on RFC 1186.
- *
- * Equivalent code is available from RSA Data Security, Inc.
- * This code has been tested against that, and is equivalent,
- * except that you don't need to include two pages of legalese
- * with every copy.
- *
- * To compute the message digest of a chunk of bytes, declare an
- * MD4Context structure, pass it to MD4Init, call MD4Update as
- * needed on buffers full of bytes, and then call MD4Final, which
- * will fill a supplied 16-byte array with the digest.
- */
-
-#include <sys/types.h>
-#include <string.h>
-#include <md4.h>
-
-#define PUT_64BIT_LE(cp, value) do { \
- (cp)[7] = (value) >> 56; \
- (cp)[6] = (value) >> 48; \
- (cp)[5] = (value) >> 40; \
- (cp)[4] = (value) >> 32; \
- (cp)[3] = (value) >> 24; \
- (cp)[2] = (value) >> 16; \
- (cp)[1] = (value) >> 8; \
- (cp)[0] = (value); } while (0)
-
-#define PUT_32BIT_LE(cp, value) do { \
- (cp)[3] = (value) >> 24; \
- (cp)[2] = (value) >> 16; \
- (cp)[1] = (value) >> 8; \
- (cp)[0] = (value); } while (0)
-
-static u_int8_t PADDING[MD4_BLOCK_LENGTH] = {
- 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
-};
-
-/*
- * Start MD4 accumulation.
- * Set bit count to 0 and buffer to mysterious initialization constants.
- */
-void
-MD4Init(MD4_CTX *ctx)
-{
- ctx->count = 0;
- ctx->state[0] = 0x67452301;
- ctx->state[1] = 0xefcdab89;
- ctx->state[2] = 0x98badcfe;
- ctx->state[3] = 0x10325476;
-}
-
-/*
- * Update context to reflect the concatenation of another buffer full
- * of bytes.
- */
-void
-MD4Update(MD4_CTX *ctx, const unsigned char *input, size_t len)
-{
- size_t have, need;
-
- /* Check how many bytes we already have and how many more we need. */
- have = (size_t)((ctx->count >> 3) & (MD4_BLOCK_LENGTH - 1));
- need = MD4_BLOCK_LENGTH - have;
-
- /* Update bitcount */
- ctx->count += (u_int64_t)len << 3;
-
- if (len >= need) {
- if (have != 0) {
- memcpy(ctx->buffer + have, input, need);
- MD4Transform(ctx->state, ctx->buffer);
- input += need;
- len -= need;
- have = 0;
- }
-
- /* Process data in MD4_BLOCK_LENGTH-byte chunks. */
- while (len >= MD4_BLOCK_LENGTH) {
- MD4Transform(ctx->state, input);
- input += MD4_BLOCK_LENGTH;
- len -= MD4_BLOCK_LENGTH;
- }
- }
-
- /* Handle any remaining bytes of data. */
- if (len != 0)
- memcpy(ctx->buffer + have, input, len);
-}
-
-/*
- * Pad pad to 64-byte boundary with the bit pattern
- * 1 0* (64-bit count of bits processed, MSB-first)
- */
-void
-MD4Pad(MD4_CTX *ctx)
-{
- u_int8_t count[8];
- size_t padlen;
-
- /* Convert count to 8 bytes in little endian order. */
- PUT_64BIT_LE(count, ctx->count);
-
- /* Pad out to 56 mod 64. */
- padlen = MD4_BLOCK_LENGTH -
- ((ctx->count >> 3) & (MD4_BLOCK_LENGTH - 1));
- if (padlen < 1 + 8)
- padlen += MD4_BLOCK_LENGTH;
- MD4Update(ctx, PADDING, padlen - 8); /* padlen - 8 <= 64 */
- MD4Update(ctx, count, 8);
-}
-
-/*
- * Final wrapup--call MD4Pad, fill in digest and zero out ctx.
- */
-void
-MD4Final(unsigned char digest[MD4_DIGEST_LENGTH], MD4_CTX *ctx)
-{
- int i;
-
- MD4Pad(ctx);
- for (i = 0; i < 4; i++)
- PUT_32BIT_LE(digest + i * 4, ctx->state[i]);
- memset(ctx, 0, sizeof(*ctx));
-}
-
-
-/* The three core functions - F1 is optimized somewhat */
-
-/* #define F1(x, y, z) (x & y | ~x & z) */
-#define F1(x, y, z) (z ^ (x & (y ^ z)))
-#define F2(x, y, z) ((x & y) | (x & z) | (y & z))
-#define F3(x, y, z) (x ^ y ^ z)
-
-/* This is the central step in the MD4 algorithm. */
-#define MD4STEP(f, w, x, y, z, data, s) \
- ( w += f(x, y, z) + data, w = w<<s | w>>(32-s) )
-
-/*
- * The core of the MD4 algorithm, this alters an existing MD4 hash to
- * reflect the addition of 16 longwords of new data. MD4Update blocks
- * the data and converts bytes into longwords for this routine.
- */
-void
-MD4Transform(u_int32_t state[4], const u_int8_t block[MD4_BLOCK_LENGTH])
-{
- u_int32_t a, b, c, d, in[MD4_BLOCK_LENGTH / 4];
-
-#if BYTE_ORDER == LITTLE_ENDIAN
- memcpy(in, block, sizeof(in));
-#else
- for (a = 0; a < MD4_BLOCK_LENGTH / 4; a++) {
- in[a] = (u_int32_t)(
- (u_int32_t)(block[a * 4 + 0]) |
- (u_int32_t)(block[a * 4 + 1]) << 8 |
- (u_int32_t)(block[a * 4 + 2]) << 16 |
- (u_int32_t)(block[a * 4 + 3]) << 24);
- }
-#endif
-
- a = state[0];
- b = state[1];
- c = state[2];
- d = state[3];
-
- MD4STEP(F1, a, b, c, d, in[ 0], 3);
- MD4STEP(F1, d, a, b, c, in[ 1], 7);
- MD4STEP(F1, c, d, a, b, in[ 2], 11);
- MD4STEP(F1, b, c, d, a, in[ 3], 19);
- MD4STEP(F1, a, b, c, d, in[ 4], 3);
- MD4STEP(F1, d, a, b, c, in[ 5], 7);
- MD4STEP(F1, c, d, a, b, in[ 6], 11);
- MD4STEP(F1, b, c, d, a, in[ 7], 19);
- MD4STEP(F1, a, b, c, d, in[ 8], 3);
- MD4STEP(F1, d, a, b, c, in[ 9], 7);
- MD4STEP(F1, c, d, a, b, in[10], 11);
- MD4STEP(F1, b, c, d, a, in[11], 19);
- MD4STEP(F1, a, b, c, d, in[12], 3);
- MD4STEP(F1, d, a, b, c, in[13], 7);
- MD4STEP(F1, c, d, a, b, in[14], 11);
- MD4STEP(F1, b, c, d, a, in[15], 19);
-
- MD4STEP(F2, a, b, c, d, in[ 0] + 0x5a827999, 3);
- MD4STEP(F2, d, a, b, c, in[ 4] + 0x5a827999, 5);
- MD4STEP(F2, c, d, a, b, in[ 8] + 0x5a827999, 9);
- MD4STEP(F2, b, c, d, a, in[12] + 0x5a827999, 13);
- MD4STEP(F2, a, b, c, d, in[ 1] + 0x5a827999, 3);
- MD4STEP(F2, d, a, b, c, in[ 5] + 0x5a827999, 5);
- MD4STEP(F2, c, d, a, b, in[ 9] + 0x5a827999, 9);
- MD4STEP(F2, b, c, d, a, in[13] + 0x5a827999, 13);
- MD4STEP(F2, a, b, c, d, in[ 2] + 0x5a827999, 3);
- MD4STEP(F2, d, a, b, c, in[ 6] + 0x5a827999, 5);
- MD4STEP(F2, c, d, a, b, in[10] + 0x5a827999, 9);
- MD4STEP(F2, b, c, d, a, in[14] + 0x5a827999, 13);
- MD4STEP(F2, a, b, c, d, in[ 3] + 0x5a827999, 3);
- MD4STEP(F2, d, a, b, c, in[ 7] + 0x5a827999, 5);
- MD4STEP(F2, c, d, a, b, in[11] + 0x5a827999, 9);
- MD4STEP(F2, b, c, d, a, in[15] + 0x5a827999, 13);
-
- MD4STEP(F3, a, b, c, d, in[ 0] + 0x6ed9eba1, 3);
- MD4STEP(F3, d, a, b, c, in[ 8] + 0x6ed9eba1, 9);
- MD4STEP(F3, c, d, a, b, in[ 4] + 0x6ed9eba1, 11);
- MD4STEP(F3, b, c, d, a, in[12] + 0x6ed9eba1, 15);
- MD4STEP(F3, a, b, c, d, in[ 2] + 0x6ed9eba1, 3);
- MD4STEP(F3, d, a, b, c, in[10] + 0x6ed9eba1, 9);
- MD4STEP(F3, c, d, a, b, in[ 6] + 0x6ed9eba1, 11);
- MD4STEP(F3, b, c, d, a, in[14] + 0x6ed9eba1, 15);
- MD4STEP(F3, a, b, c, d, in[ 1] + 0x6ed9eba1, 3);
- MD4STEP(F3, d, a, b, c, in[ 9] + 0x6ed9eba1, 9);
- MD4STEP(F3, c, d, a, b, in[ 5] + 0x6ed9eba1, 11);
- MD4STEP(F3, b, c, d, a, in[13] + 0x6ed9eba1, 15);
- MD4STEP(F3, a, b, c, d, in[ 3] + 0x6ed9eba1, 3);
- MD4STEP(F3, d, a, b, c, in[11] + 0x6ed9eba1, 9);
- MD4STEP(F3, c, d, a, b, in[ 7] + 0x6ed9eba1, 11);
- MD4STEP(F3, b, c, d, a, in[15] + 0x6ed9eba1, 15);
-
- state[0] += a;
- state[1] += b;
- state[2] += c;
- state[3] += d;
-}
diff --git a/lib/libc/hash/mdX.3 b/lib/libc/hash/md5.3
index a4e66513e49..3c537694868 100644
--- a/lib/libc/hash/mdX.3
+++ b/lib/libc/hash/md5.3
@@ -6,45 +6,45 @@
.\" this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
.\" ----------------------------------------------------------------------------
.\"
-.\" $OpenBSD: mdX.3,v 1.14 2013/06/05 03:39:22 tedu Exp $
+.\" $OpenBSD: md5.3,v 1.1 2014/03/23 23:27:22 naddy Exp $
.\"
-.Dd $Mdocdate: June 5 2013 $
-.Dt MDX 3
+.Dd $Mdocdate: March 23 2014 $
+.Dt MD5 3
.Os
.Sh NAME
-.Nm MDXInit ,
-.Nm MDXUpdate ,
-.Nm MDXPad ,
-.Nm MDXFinal ,
-.Nm MDXTransform ,
-.Nm MDXEnd ,
-.Nm MDXFile ,
-.Nm MDXFileChunk ,
-.Nm MDXData
-.Nd calculate the RSA Data Security, Inc., ``MDX'' message digest
+.Nm MD5Init ,
+.Nm MD5Update ,
+.Nm MD5Pad ,
+.Nm MD5Final ,
+.Nm MD5Transform ,
+.Nm MD5End ,
+.Nm MD5File ,
+.Nm MD5FileChunk ,
+.Nm MD5Data
+.Nd calculate the RSA Data Security, Inc., ``MD5'' message digest
.Sh SYNOPSIS
.In sys/types.h
-.In mdX.h
+.In md5.h
.Ft void
-.Fn MDXInit "MDX_CTX *context"
+.Fn MD5Init "MD5_CTX *context"
.Ft void
-.Fn MDXUpdate "MDX_CTX *context" "const u_int8_t *data" "size_t len"
+.Fn MD5Update "MD5_CTX *context" "const u_int8_t *data" "size_t len"
.Ft void
-.Fn MDXPad "MDX_CTX *context"
+.Fn MD5Pad "MD5_CTX *context"
.Ft void
-.Fn MDXFinal "u_int8_t digest[MDX_DIGEST_LENGTH]" "MDX_CTX *context"
+.Fn MD5Final "u_int8_t digest[MD5_DIGEST_LENGTH]" "MD5_CTX *context"
.Ft void
-.Fn MDXTransform "u_int32_t state[4]" "u_int8_t block[MDX_BLOCK_LENGTH]"
+.Fn MD5Transform "u_int32_t state[4]" "u_int8_t block[MD5_BLOCK_LENGTH]"
.Ft "char *"
-.Fn MDXEnd "MDX_CTX *context" "char *buf"
+.Fn MD5End "MD5_CTX *context" "char *buf"
.Ft "char *"
-.Fn MDXFile "const char *filename" "char *buf"
+.Fn MD5File "const char *filename" "char *buf"
.Ft "char *"
-.Fn MDXFileChunk "const char *filename" "char *buf" "off_t offset" "off_t length"
+.Fn MD5FileChunk "const char *filename" "char *buf" "off_t offset" "off_t length"
.Ft "char *"
-.Fn MDXData "const u_int8_t *data" "size_t len" "char *buf"
+.Fn MD5Data "const u_int8_t *data" "size_t len" "char *buf"
.Sh DESCRIPTION
-The MDX functions calculate a 128-bit cryptographic checksum (digest)
+The MD5 functions calculate a 128-bit cryptographic checksum (digest)
for any number of input bytes.
A cryptographic checksum is a one-way
hash-function, that is, you cannot find (except by exhaustive search)
@@ -53,66 +53,67 @@ This net result is a
.Dq fingerprint
of the input-data, which doesn't disclose the actual input.
.Pp
-MD4 and MD5 have been broken; they should only be used where necessary for
+MD5 has been broken; it should only be used where necessary for
backward compatibility.
-The attacks on both MD4 and MD5
-are both in the nature of finding
+The attack on MD5 is in the nature of finding
.Dq collisions
\- that is, multiple
inputs which hash to the same value; it is still unlikely for an attacker
to be able to determine the exact original input given a hash value.
.Pp
The
-.Fn MDXInit ,
-.Fn MDXUpdate ,
+.Fn MD5Init ,
+.Fn MD5Update ,
and
-.Fn MDXFinal
+.Fn MD5Final
functions are the core functions.
-Allocate an MDX_CTX, initialize it with
-.Fn MDXInit ,
+Allocate an
+.Vt MD5_CTX ,
+initialize it with
+.Fn MD5Init ,
run over the data with
-.Fn MDXUpdate ,
+.Fn MD5Update ,
and finally extract the result using
-.Fn MDXFinal .
+.Fn MD5Final .
.Pp
The
-.Fn MDXPad
+.Fn MD5Pad
function can be used to apply padding to the message digest as in
-.Fn MDXFinal ,
+.Fn MD5Final ,
but the current context can still be used with
-.Fn MDXUpdate .
+.Fn MD5Update .
.Pp
The
-.Fn MDXTransform
+.Fn MD5Transform
function is used by
-.Fn MDXUpdate
+.Fn MD5Update
to hash 512-bit blocks and forms the core of the algorithm.
Most programs should use the interface provided by
-.Fn MDXInit ,
-.Fn MDXUpdate
+.Fn MD5Init ,
+.Fn MD5Update
and
-.Fn MDXFinal
+.Fn MD5Final
instead of calling
-.Fn MDXTransform
+.Fn MD5Transform
directly.
.Pp
-.Fn MDXEnd
+.Fn MD5End
is a wrapper for
-.Fn MDXFinal
-which converts the return value to an MDX_DIGEST_STRING_LENGTH-character
+.Fn MD5Final
+which converts the return value to an MD5_DIGEST_STRING_LENGTH-character
(including the terminating '\e0')
.Tn ASCII
string which represents the 128 bits in hexadecimal.
.Pp
-.Fn MDXFile
+.Fn MD5File
calculates the digest of a file, and uses
-.Fn MDXEnd
+.Fn MD5End
to return the result.
If the file cannot be opened, a null pointer is returned.
.Pp
-.Fn MDXFileChunk
+.Fn MD5FileChunk
behaves like
-.Fn MDXFile
+.Fn MD5File
but calculates the digest only for that portion of the file starting at
.Fa offset
and continuing for
@@ -126,17 +127,17 @@ A negative
or
.Fa offset
will be ignored.
-.Fn MDXData
+.Fn MD5Data
calculates the digest of a chunk of data in memory, and uses
-.Fn MDXEnd
+.Fn MD5End
to return the result.
.Pp
When using
-.Fn MDXEnd ,
-.Fn MDXFile ,
-.Fn MDXFileChunk ,
+.Fn MD5End ,
+.Fn MD5File ,
+.Fn MD5FileChunk ,
or
-.Fn MDXData ,
+.Fn MD5Data ,
the
.Ar buf
argument can be a null pointer, in which case the returned string
@@ -147,21 +148,15 @@ and subsequently must be explicitly deallocated using
after use.
If the
.Ar buf
-argument is non-null it must point to at least MDX_DIGEST_STRING_LENGTH
+argument is non-null it must point to at least MD5_DIGEST_STRING_LENGTH
characters of buffer space.
.Sh SEE ALSO
.Xr cksum 1 ,
.Xr md5 1 ,
-.Xr mdY 3 ,
.Xr rmd160 3 ,
.Xr sha1 3 ,
.Xr sha2 3
.Rs
-.%A RSA Laboratories
-.%T Frequently Asked Questions About today's Cryptography
-.%U http://www.rsa.com/rsalabs/faq/
-.Re
-.Rs
.%A H. Dobbertin
.%D 1995
.%J CryptoBytes
@@ -182,13 +177,6 @@ characters of buffer space.
.Sh STANDARDS
.Rs
.%A R. Rivest
-.%D October 1990
-.%R RFC 1186
-.%T The MD4 Message Digest Algorithm
-.Re
-.Pp
-.Rs
-.%A R. Rivest
.%D April 1992
.%R RFC 1321
.%T The MD5 Message Digest Algorithm
@@ -197,20 +185,20 @@ characters of buffer space.
These functions appeared in
.Ox 2.0 .
.Sh AUTHORS
-The original MDX routines were developed by
+The original MD5 routines were developed by
.Tn RSA
Data Security, Inc., and published in the above references.
This code is derived from a public domain implementation written by Colin Plumb.
.Pp
The
-.Fn MDXEnd ,
-.Fn MDXFile ,
-.Fn MDXFileChunk ,
+.Fn MD5End ,
+.Fn MD5File ,
+.Fn MD5FileChunk ,
and
-.Fn MDXData
+.Fn MD5Data
helper functions are derived from code written by Poul-Henning Kamp.
.Sh BUGS
-Collisions have been found for the full versions of both MD4 and MD5.
+Collisions have been found for the full version of MD5.
The use of
.Xr sha2 3
is recommended instead.
diff --git a/lib/libc/hash/rmd160.3 b/lib/libc/hash/rmd160.3
index d2f848bf851..e5b253ed1b2 100644
--- a/lib/libc/hash/rmd160.3
+++ b/lib/libc/hash/rmd160.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: rmd160.3,v 1.31 2013/06/05 03:39:22 tedu Exp $
+.\" $OpenBSD: rmd160.3,v 1.32 2014/03/23 23:27:22 naddy Exp $
.\"
.\" Copyright (c) 1997, 2004 Todd C. Miller <Todd.Miller@courtesan.com>
.\"
@@ -17,7 +17,7 @@
.\" See http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html
.\" for detailed information about RIPEMD-160.
.\"
-.Dd $Mdocdate: June 5 2013 $
+.Dd $Mdocdate: March 23 2014 $
.Dt RMD160 3
.Os
.Sh NAME
@@ -62,8 +62,6 @@ message less than 2^64 bits as input and produces a 160-bit digest
suitable for use as a digital signature.
.Pp
The RMD160 functions are considered to be more secure than the
-.Xr md4 3
-and
.Xr md5 3
functions and at least as secure as the
.Xr sha1 3
@@ -199,7 +197,6 @@ printf("0x%s\en", RMD160Data(buf, strlen(buf), output));
.Ed
.Sh SEE ALSO
.Xr cksum 1 ,
-.Xr md4 3 ,
.Xr md5 3 ,
.Xr sha1 3 ,
.Xr sha2 3
diff --git a/lib/libc/hash/sha1.3 b/lib/libc/hash/sha1.3
index 70fab8be996..5923cec854e 100644
--- a/lib/libc/hash/sha1.3
+++ b/lib/libc/hash/sha1.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: sha1.3,v 1.39 2013/06/05 03:39:22 tedu Exp $
+.\" $OpenBSD: sha1.3,v 1.40 2014/03/23 23:27:22 naddy Exp $
.\"
.\" Copyright (c) 1997, 2004 Todd C. Miller <Todd.Miller@courtesan.com>
.\"
@@ -17,7 +17,7 @@
.\" See http://csrc.nist.gov/publications/fips/fips180-1/fip180-1.txt
.\" for the detailed standard
.\"
-.Dd $Mdocdate: June 5 2013 $
+.Dd $Mdocdate: March 23 2014 $
.Dt SHA1 3
.Os
.Sh NAME
@@ -62,8 +62,6 @@ message less than 2^64 bits as input and produces a 160-bit digest
suitable for use as a digital signature.
.Pp
The SHA1 functions are considered to be more secure than the
-.Xr md4 3
-and
.Xr md5 3
functions with which they share a similar interface.
.Pp
@@ -196,7 +194,6 @@ printf("0x%s\en", SHA1Data(buf, strlen(buf), output));
.Sh SEE ALSO
.Xr cksum 1 ,
.Xr sha1 1 ,
-.Xr md4 3 ,
.Xr md5 3 ,
.Xr rmd160 3 ,
.Xr sha2 3
diff --git a/lib/libc/hash/sha2.3 b/lib/libc/hash/sha2.3
index ed75c6d6502..f99429a1c1b 100644
--- a/lib/libc/hash/sha2.3
+++ b/lib/libc/hash/sha2.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: sha2.3,v 1.19 2013/06/05 03:39:22 tedu Exp $
+.\" $OpenBSD: sha2.3,v 1.20 2014/03/23 23:27:22 naddy Exp $
.\"
.\" Copyright (c) 2003, 2004 Todd C. Miller <Todd.Miller@courtesan.com>
.\"
@@ -20,7 +20,7 @@
.\"
.\" See http://www.nist.gov/sha/ for the detailed standard
.\"
-.Dd $Mdocdate: June 5 2013 $
+.Dd $Mdocdate: March 23 2014 $
.Dt SHA2 3
.Os
.Sh NAME
@@ -269,7 +269,6 @@ printf("0x%s\en", SHA256Data(buf, strlen(buf), output));
.Ed
.Sh SEE ALSO
.Xr cksum 1 ,
-.Xr md4 3 ,
.Xr md5 3 ,
.Xr rmd160 3 ,
.Xr sha1 3