xref: /freebsd/sbin/md5/md5.c (revision 78ae60b447ebf420dd5cebfec30480866fd5cef4)
1 /*
2  * Derived from:
3  *
4  * MDDRIVER.C - test driver for MD2, MD4 and MD5
5  */
6 
7 /*
8  *  Copyright (C) 1990-2, RSA Data Security, Inc. Created 1990. All
9  *  rights reserved.
10  *
11  *  RSA Data Security, Inc. makes no representations concerning either
12  *  the merchantability of this software or the suitability of this
13  *  software for any particular purpose. It is provided "as is"
14  *  without express or implied warranty of any kind.
15  *
16  *  These notices must be retained in any copies of any part of this
17  *  documentation and/or software.
18  */
19 
20 #include <sys/param.h>
21 #include <sys/resource.h>
22 #include <sys/stat.h>
23 #include <sys/time.h>
24 
25 #include <err.h>
26 #include <errno.h>
27 #include <fcntl.h>
28 #include <getopt.h>
29 #include <md5.h>
30 #include <osreldate.h>
31 #include <ripemd.h>
32 #include <sha.h>
33 #include <sha224.h>
34 #include <sha256.h>
35 #include <sha384.h>
36 #include <sha512.h>
37 #include <sha512t.h>
38 #include <skein.h>
39 #include <stdbool.h>
40 #include <stdio.h>
41 #include <stdlib.h>
42 #include <string.h>
43 #include <time.h>
44 #include <unistd.h>
45 
46 #ifdef HAVE_CAPSICUM
47 #include <sys/capsicum.h>
48 #include <capsicum_helpers.h>
49 #include <libcasper.h>
50 #include <casper/cap_fileargs.h>
51 #endif
52 
53 /*
54  * Length of test block, number of test blocks.
55  */
56 #define TEST_BLOCK_LEN 10000
57 #define TEST_BLOCK_COUNT 100000
58 #define MDTESTCOUNT 8
59 
60 static char *progname;
61 
62 static bool cflag;
63 static bool pflag;
64 static bool qflag;
65 static bool sflag;
66 static bool wflag;
67 static bool strict;
68 static bool skip;
69 static bool ignoreMissing;
70 static char* checkAgainst;
71 static int checksFailed;
72 static bool failed;
73 static int endl = '\n';
74 
75 typedef void (DIGEST_Init)(void *);
76 typedef void (DIGEST_Update)(void *, const unsigned char *, size_t);
77 typedef char *(DIGEST_End)(void *, char *);
78 
79 extern const char *MD5TestOutput[MDTESTCOUNT];
80 extern const char *SHA1_TestOutput[MDTESTCOUNT];
81 extern const char *SHA224_TestOutput[MDTESTCOUNT];
82 extern const char *SHA256_TestOutput[MDTESTCOUNT];
83 extern const char *SHA384_TestOutput[MDTESTCOUNT];
84 extern const char *SHA512_TestOutput[MDTESTCOUNT];
85 extern const char *SHA512t224_TestOutput[MDTESTCOUNT];
86 extern const char *SHA512t256_TestOutput[MDTESTCOUNT];
87 extern const char *RIPEMD160_TestOutput[MDTESTCOUNT];
88 extern const char *SKEIN256_TestOutput[MDTESTCOUNT];
89 extern const char *SKEIN512_TestOutput[MDTESTCOUNT];
90 extern const char *SKEIN1024_TestOutput[MDTESTCOUNT];
91 
92 typedef struct Algorithm_t {
93 	const char *progname;
94 	const char *perlname;
95 	const char *name;
96 	const char *(*TestOutput)[MDTESTCOUNT];
97 	DIGEST_Init *Init;
98 	DIGEST_Update *Update;
99 	DIGEST_End *End;
100 	char *(*Data)(const void *, unsigned int, char *);
101 } Algorithm_t;
102 
103 static void MD5_Update(MD5_CTX *, const unsigned char *, size_t);
104 static char *MDInput(const Algorithm_t *, FILE *, char *, bool);
105 static void MDOutput(const Algorithm_t *, char *, const char *);
106 static void MDTimeTrial(const Algorithm_t *);
107 static void MDTestSuite(const Algorithm_t *);
108 static void usage(const Algorithm_t *);
109 static void version(void);
110 
111 typedef union {
112 	MD5_CTX md5;
113 	SHA1_CTX sha1;
114 	SHA224_CTX sha224;
115 	SHA256_CTX sha256;
116 	SHA384_CTX sha384;
117 	SHA512_CTX sha512;
118 	RIPEMD160_CTX ripemd160;
119 	SKEIN256_CTX skein256;
120 	SKEIN512_CTX skein512;
121 	SKEIN1024_CTX skein1024;
122 } DIGEST_CTX;
123 
124 /* max(MD5_DIGEST_LENGTH, SHA_DIGEST_LENGTH,
125 	SHA256_DIGEST_LENGTH, SHA512_DIGEST_LENGTH,
126 	RIPEMD160_DIGEST_LENGTH, SKEIN1024_DIGEST_LENGTH)*2+1 */
127 #define HEX_DIGEST_LENGTH 257
128 
129 /* algorithm function table */
130 
131 static const struct Algorithm_t Algorithm[] = {
132 	{ "md5", NULL, "MD5",
133 		&MD5TestOutput, (DIGEST_Init*)&MD5Init,
134 		(DIGEST_Update*)&MD5_Update, (DIGEST_End*)&MD5End,
135 		&MD5Data },
136 	{ "sha1", "1", "SHA1",
137 		&SHA1_TestOutput, (DIGEST_Init*)&SHA1_Init,
138 		(DIGEST_Update*)&SHA1_Update, (DIGEST_End*)&SHA1_End,
139 		&SHA1_Data },
140 	{ "sha224", "224", "SHA224",
141 		&SHA224_TestOutput, (DIGEST_Init*)&SHA224_Init,
142 		(DIGEST_Update*)&SHA224_Update, (DIGEST_End*)&SHA224_End,
143 		&SHA224_Data },
144 	{ "sha256", "256", "SHA256",
145 		&SHA256_TestOutput, (DIGEST_Init*)&SHA256_Init,
146 		(DIGEST_Update*)&SHA256_Update, (DIGEST_End*)&SHA256_End,
147 		&SHA256_Data },
148 	{ "sha384", "384", "SHA384",
149 		&SHA384_TestOutput, (DIGEST_Init*)&SHA384_Init,
150 		(DIGEST_Update*)&SHA384_Update, (DIGEST_End*)&SHA384_End,
151 		&SHA384_Data },
152 	{ "sha512", "512", "SHA512",
153 		&SHA512_TestOutput, (DIGEST_Init*)&SHA512_Init,
154 		(DIGEST_Update*)&SHA512_Update, (DIGEST_End*)&SHA512_End,
155 		&SHA512_Data },
156 	{ "sha512t224", "512224", "SHA512t224",
157 		&SHA512t224_TestOutput, (DIGEST_Init*)&SHA512_224_Init,
158 		(DIGEST_Update*)&SHA512_224_Update, (DIGEST_End*)&SHA512_224_End,
159 		&SHA512_224_Data },
160 	{ "sha512t256", "512256", "SHA512t256",
161 		&SHA512t256_TestOutput, (DIGEST_Init*)&SHA512_256_Init,
162 		(DIGEST_Update*)&SHA512_256_Update, (DIGEST_End*)&SHA512_256_End,
163 		&SHA512_256_Data },
164 	{ "rmd160", NULL, "RMD160",
165 		&RIPEMD160_TestOutput,
166 		(DIGEST_Init*)&RIPEMD160_Init, (DIGEST_Update*)&RIPEMD160_Update,
167 		(DIGEST_End*)&RIPEMD160_End, &RIPEMD160_Data },
168 	{ "skein256", NULL, "Skein256",
169 		&SKEIN256_TestOutput,
170 		(DIGEST_Init*)&SKEIN256_Init, (DIGEST_Update*)&SKEIN256_Update,
171 		(DIGEST_End*)&SKEIN256_End, &SKEIN256_Data },
172 	{ "skein512", NULL, "Skein512",
173 		&SKEIN512_TestOutput,
174 		(DIGEST_Init*)&SKEIN512_Init, (DIGEST_Update*)&SKEIN512_Update,
175 		(DIGEST_End*)&SKEIN512_End, &SKEIN512_Data },
176 	{ "skein1024", NULL, "Skein1024",
177 		&SKEIN1024_TestOutput,
178 		(DIGEST_Init*)&SKEIN1024_Init, (DIGEST_Update*)&SKEIN1024_Update,
179 		(DIGEST_End*)&SKEIN1024_End, &SKEIN1024_Data },
180 	{ }
181 };
182 
183 static int digest = -1;
184 static unsigned int malformed;
185 
186 static enum mode {
187 	mode_bsd,
188 	mode_gnu,
189 	mode_perl,
190 } mode = mode_bsd;
191 
192 static enum input_mode {
193 	input_binary	 = '*',
194 	input_text	 = ' ',
195 	input_universal	 = 'U',
196 	input_bits	 = '^',
197 } input_mode = input_binary;
198 
199 static enum output_mode {
200 	output_bare,
201 	output_tagged,
202 	output_reverse,
203 	output_gnu,
204 } output_mode = output_tagged;
205 
206 enum optval {
207 	opt_end = -1,
208 	/* ensure we don't collide with shortopts */
209 	opt_dummy = CHAR_MAX,
210 	/* BSD options */
211 	opt_check,
212 	opt_passthrough,
213 	opt_quiet,
214 	opt_reverse,
215 	opt_string,
216 	opt_time_trial,
217 	opt_self_test,
218 	/* GNU options */
219 	opt_binary,
220 	opt_help,
221 	opt_ignore_missing,
222 	opt_status,
223 	opt_strict,
224 	opt_tag,
225 	opt_text,
226 	opt_warn,
227 	opt_version,
228 	opt_zero,
229 	/* Perl options */
230 	opt_algorithm,
231 	opt_bits,
232 	opt_universal,
233 };
234 
235 static const struct option bsd_longopts[] = {
236 	{ "check",		required_argument,	0, opt_check },
237 	{ "passthrough",	no_argument,		0, opt_passthrough },
238 	{ "quiet",		no_argument,		0, opt_quiet },
239 	{ "reverse",		no_argument,		0, opt_reverse },
240 	{ "string",		required_argument,	0, opt_string },
241 	{ "time-trial",		no_argument,		0, opt_time_trial },
242 	{ "self-test",		no_argument,		0, opt_self_test },
243 	{ }
244 };
245 static const char *bsd_shortopts = "bc:pqrs:tx";
246 
247 static const struct option gnu_longopts[] = {
248 	{ "binary",		no_argument,		0, opt_binary },
249 	{ "check",		no_argument,		0, opt_check },
250 	{ "help",		no_argument,		0, opt_help },
251 	{ "ignore-missing",	no_argument,		0, opt_ignore_missing },
252 	{ "quiet",		no_argument,		0, opt_quiet },
253 	{ "status",		no_argument,		0, opt_status },
254 	{ "strict",		no_argument,		0, opt_strict },
255 	{ "tag",		no_argument,		0, opt_tag },
256 	{ "text",		no_argument,		0, opt_text },
257 	{ "version",		no_argument,		0, opt_version },
258 	{ "warn",		no_argument,		0, opt_warn },
259 	{ "zero",		no_argument,		0, opt_zero },
260 	{ }
261 };
262 static const char *gnu_shortopts = "bctwz";
263 
264 static const struct option perl_longopts[] = {
265 	{ "algorithm",		required_argument,	0, opt_algorithm },
266 	{ "check",		required_argument,	0, opt_check },
267 	{ "help",		no_argument,		0, opt_help },
268 	{ "ignore-missing",	no_argument,		0, opt_ignore_missing },
269 	{ "quiet",		no_argument,		0, opt_quiet },
270 	{ "status",		no_argument,		0, opt_status },
271 	{ "strict",		no_argument,		0, opt_strict },
272 	{ "tag",		no_argument,		0, opt_tag },
273 	{ "text",		no_argument,		0, opt_text },
274 	{ "UNIVERSAL",		no_argument,		0, opt_universal },
275 	{ "version",		no_argument,		0, opt_version },
276 	{ "warn",		no_argument,		0, opt_warn },
277 	{ "01",			no_argument,		0, opt_bits },
278 	{ }
279 };
280 static const char *perl_shortopts = "0a:bchqstUvw";
281 
282 static void
283 MD5_Update(MD5_CTX *c, const unsigned char *data, size_t len)
284 {
285 	MD5Update(c, data, len);
286 }
287 
288 struct chksumrec {
289 	char	*filename;
290 	char	*chksum;
291 	struct	chksumrec	*next;
292 };
293 
294 static struct chksumrec *head = NULL;
295 static struct chksumrec **next = &head;
296 static unsigned int numrecs;
297 
298 #define PADDING	7	/* extra padding for "SHA512t256 (...) = ...\n" style */
299 #define CHKFILELINELEN	(HEX_DIGEST_LENGTH + MAXPATHLEN + PADDING)
300 
301 static void
302 gnu_check(const char *checksumsfile)
303 {
304 	FILE	*inp;
305 	char	*linebuf = NULL;
306 	size_t	linecap;
307 	ssize_t	linelen;
308 	int	lineno;
309 	char	*filename;
310 	char	*hashstr;
311 	struct chksumrec	*rec;
312 	const char	*digestname;
313 	size_t	digestnamelen;
314 	size_t	hashstrlen;
315 	struct stat st;
316 
317 	if (strcmp(checksumsfile, "-") == 0)
318 		inp = stdin;
319 	else if ((inp = fopen(checksumsfile, "r")) == NULL)
320 		err(1, "%s", checksumsfile);
321 	digestname = Algorithm[digest].name;
322 	digestnamelen = strlen(digestname);
323 	hashstrlen = strlen(*(Algorithm[digest].TestOutput[0]));
324 	lineno = 0;
325 	linecap = CHKFILELINELEN;
326 	while ((linelen = getline(&linebuf, &linecap, inp)) > 0) {
327 		lineno++;
328 		while (linelen > 0 && linebuf[linelen - 1] == '\n')
329 			linelen--;
330 		linebuf[linelen] = '\0';
331 		filename = linebuf + digestnamelen + 2;
332 		hashstr = linebuf + linelen - hashstrlen;
333 		/*
334 		 * supported formats:
335 		 * BSD: <DigestName> (<Filename>): <Digest>
336 		 * GNU: <Digest> [ *U^]<Filename>
337 		 */
338 		if ((size_t)linelen >= digestnamelen + hashstrlen + 6 &&
339 		    strncmp(linebuf, digestname, digestnamelen) == 0 &&
340 		    strncmp(filename - 2, " (", 2) == 0 &&
341 		    strncmp(hashstr - 4, ") = ", 4) == 0 &&
342 		    strspn(hashstr, "0123456789ABCDEFabcdef") == hashstrlen) {
343 			*(hashstr - 4) = '\0';
344 		} else if ((size_t)linelen >= hashstrlen + 3 &&
345 		    strspn(linebuf, "0123456789ABCDEFabcdef") == hashstrlen &&
346 		    linebuf[hashstrlen] == ' ') {
347 			linebuf[hashstrlen] = '\0';
348 			hashstr = linebuf;
349 			filename = linebuf + hashstrlen + 1;
350 		} else {
351 			if (wflag) {
352 				warnx("%s: %d: improperly formatted "
353 				    "%s checksum line",
354 				    checksumsfile, lineno,
355 				    mode == mode_perl ? "SHA" : digestname);
356 			}
357 			malformed++;
358 			continue;
359 		}
360 		rec = malloc(sizeof(*rec));
361 		if (rec == NULL)
362 			errx(1, "malloc failed");
363 
364 		if (*filename == '*' ||
365 		    *filename == ' ' ||
366 		    *filename == 'U' ||
367 		    *filename == '^') {
368 			if (lstat(filename, &st) != 0)
369 				filename++;
370 		}
371 
372 		rec->chksum = strdup(hashstr);
373 		rec->filename = strdup(filename);
374 		if (rec->chksum == NULL || rec->filename == NULL)
375 			errx(1, "malloc failed");
376 		rec->next = NULL;
377 		*next = rec;
378 		next = &rec->next;
379 		numrecs++;
380 	}
381 	if (inp != stdin)
382 		fclose(inp);
383 }
384 
385 /* Main driver.
386 
387 Arguments (may be any combination):
388   -sstring - digests string
389   -t       - runs time trial
390   -x       - runs test script
391   filename - digests file
392   (none)   - digests standard input
393  */
394 int
395 main(int argc, char *argv[])
396 {
397 #ifdef HAVE_CAPSICUM
398 	cap_rights_t	rights;
399 	fileargs_t	*fa = NULL;
400 #endif
401 	const struct option *longopts;
402 	const char *shortopts;
403 	FILE   *f;
404 	int	i, opt;
405 	char   *p, *string = NULL;
406 	char	buf[HEX_DIGEST_LENGTH];
407 	size_t	len;
408 	struct chksumrec	*rec;
409 
410 	if ((progname = strrchr(argv[0], '/')) == NULL)
411 		progname = argv[0];
412 	else
413 		progname++;
414 
415 	/*
416 	 * GNU coreutils has a number of programs named *sum. These produce
417 	 * similar results to the BSD version, but in a different format,
418 	 * similar to BSD's -r flag. We install links to this program with
419 	 * ending 'sum' to provide this compatibility. Check here to see if the
420 	 * name of the program ends in 'sum', set the flag and drop the 'sum' so
421 	 * the digest lookup works. Also, make -t a nop when running in this mode
422 	 * since that means 'text file' there (though it's a nop in coreutils
423 	 * on unix-like systems). The -c flag conflicts, so it's just disabled
424 	 * in this mode (though in the future it might be implemented).
425 	 *
426 	 * We also strive to be compatible with the shasum script which is
427 	 * included in Perl.  It is roughly equivalent to the GNU offering
428 	 * but uses a command-line argument to select the algorithm, and
429 	 * supports only SHA-1 and SHA-2.
430 	 */
431 	len = strlen(progname);
432 	if (strcmp(progname, "shasum") == 0) {
433 		mode = mode_perl;
434 		input_mode = input_text;
435 		output_mode = output_gnu;
436 		digest = 1;
437 		longopts = perl_longopts;
438 		shortopts = perl_shortopts;
439 	} else if (len > 3 && strcmp(progname + len - 3, "sum") == 0) {
440 		len -= 3;
441 		mode = mode_gnu;
442 		input_mode = input_text;
443 		/*
444 		 * The historical behavior in GNU emulation mode is
445 		 * output_reverse, however this not true to the original
446 		 * and the flag that was used to force the correct output
447 		 * was -b, which means something else (input_binary) in
448 		 * GNU land.  Switch to the correct behavior.
449 		 */
450 		output_mode = output_gnu;
451 		longopts = gnu_longopts;
452 		shortopts = gnu_shortopts;
453 	} else {
454 		mode = mode_bsd;
455 		input_mode = input_binary;
456 		output_mode = output_tagged;
457 		longopts = bsd_longopts;
458 		shortopts = bsd_shortopts;
459 	}
460 
461 	if (digest < 0) {
462 		for (digest = 0; Algorithm[digest].progname != NULL; digest++)
463 			if (strncasecmp(Algorithm[digest].progname, progname, len) == 0)
464 				break;
465 
466 		if (Algorithm[digest].progname == NULL)
467 			digest = 0;
468 	}
469 
470 	failed = false;
471 	checkAgainst = NULL;
472 	checksFailed = 0;
473 	skip = false;
474 	while ((opt = getopt_long(argc, argv, shortopts, longopts, NULL)) != opt_end)
475 		switch (opt) {
476 		case opt_bits:
477 		case '0':
478 			input_mode = input_bits;
479 			break;
480 		case opt_algorithm:
481 		case 'a':
482 			for (i = 0; Algorithm[i].progname != NULL; i++) {
483 				if (Algorithm[i].perlname != NULL &&
484 				    strcasecmp(Algorithm[i].perlname, optarg) == 0) {
485 					digest = i;
486 					break;
487 				}
488 			}
489 			if (Algorithm[i].progname == NULL)
490 				usage(&Algorithm[digest]);
491 			break;
492 		case opt_binary:
493 		case 'b':
494 			/* in BSD mode, -b is now a no-op */
495 			if (mode != mode_bsd)
496 				input_mode = input_binary;
497 			break;
498 		case opt_check:
499 		case 'c':
500 			cflag = true;
501 			if (mode == mode_bsd)
502 				checkAgainst = optarg;
503 			break;
504 		case opt_passthrough:
505 		case 'p':
506 			pflag = true;
507 			break;
508 		case opt_quiet:
509 		case 'q':
510 			output_mode = output_bare;
511 			qflag = true;
512 			break;
513 		case opt_reverse:
514 		case 'r':
515 			if (!qflag)
516 				output_mode = output_reverse;
517 			break;
518 		case opt_status:
519 			sflag = true;
520 			break;
521 		case opt_strict:
522 			strict = 1;
523 			break;
524 		case 's':
525 			if (mode == mode_perl) {
526 				sflag = true;
527 				break;
528 			}
529 			/* fall through */
530 		case opt_string:
531 			output_mode = output_bare;
532 			string = optarg;
533 			break;
534 		case opt_tag:
535 			output_mode = output_tagged;
536 			break;
537 		case opt_time_trial:
538 		case opt_text:
539 		case 't':
540 			if (mode == mode_bsd) {
541 				MDTimeTrial(&Algorithm[digest]);
542 				skip = true;
543 			} else {
544 				input_mode = input_text;
545 			}
546 			break;
547 		case opt_universal:
548 		case 'U':
549 			input_mode = input_universal;
550 			break;
551 		case opt_version:
552 			version();
553 			break;
554 		case opt_warn:
555 		case 'w':
556 			wflag = true;
557 			break;
558 		case opt_self_test:
559 		case 'x':
560 			MDTestSuite(&Algorithm[digest]);
561 			skip = true;
562 			break;
563 		case opt_zero:
564 		case 'z':
565 			endl = '\0';
566 			break;
567 		case opt_ignore_missing:
568 			ignoreMissing = true;
569 			break;
570 		default:
571 			usage(&Algorithm[digest]);
572 		}
573 	argc -= optind;
574 	argv += optind;
575 
576 #ifdef HAVE_CAPSICUM
577 	if (caph_limit_stdout() < 0 || caph_limit_stderr() < 0)
578 		err(1, "unable to limit rights for stdio");
579 #endif
580 
581 	if (cflag && mode != mode_bsd) {
582 		/*
583 		 * Read digest files into a linked list, then replace argv
584 		 * with an array of the filenames from that list.
585 		 */
586 		if (argc < 1)
587 			usage(&Algorithm[digest]);
588 		while (argc--)
589 			gnu_check(*argv++);
590 		argc = 0;
591 		argv = calloc(sizeof(char *), numrecs + 1);
592 		for (rec = head; rec != NULL; rec = rec->next) {
593 			argv[argc] = rec->filename;
594 			argc++;
595 		}
596 		argv[argc] = NULL;
597 		rec = head;
598 	}
599 
600 #ifdef HAVE_CAPSICUM
601 	fa = fileargs_init(argc, argv, O_RDONLY, 0,
602 	    cap_rights_init(&rights, CAP_READ, CAP_FSTAT, CAP_FCNTL), FA_OPEN | FA_LSTAT);
603 	if (fa == NULL)
604 		err(1, "Unable to initialize casper");
605 	if (caph_enter_casper() < 0)
606 		err(1, "Unable to enter capability mode");
607 #endif
608 
609 	if (*argv) {
610 		do {
611 			const char *filename = *argv;
612 			const char *filemode = "rb";
613 
614 #ifdef HAVE_CAPSICUM
615 			if ((f = fileargs_fopen(fa, filename, filemode)) == NULL) {
616 #else
617 			if ((f = fopen(filename, filemode)) == NULL) {
618 #endif
619 				if (errno != ENOENT || !(cflag && ignoreMissing)) {
620 					warn("%s", filename);
621 					failed = true;
622 				}
623 				if (cflag && mode != mode_bsd)
624 					rec = rec->next;
625 				continue;
626 			}
627 #ifdef HAVE_CAPSICUM
628 			if (caph_rights_limit(fileno(f), &rights) < 0)
629 				err(1, "capsicum");
630 #endif
631 			if (cflag && mode != mode_bsd) {
632 				checkAgainst = rec->chksum;
633 				rec = rec->next;
634 			}
635 			p = MDInput(&Algorithm[digest], f, buf, false);
636 			(void)fclose(f);
637 			MDOutput(&Algorithm[digest], p, filename);
638 		} while (*++argv);
639 	} else if (!cflag && string == NULL && !skip) {
640 #ifdef HAVE_CAPSICUM
641 		if (caph_limit_stdin() < 0)
642 			err(1, "capsicum");
643 #endif
644 		if (mode == mode_bsd)
645 			output_mode = output_bare;
646 		p = MDInput(&Algorithm[digest], stdin, buf, pflag);
647 		MDOutput(&Algorithm[digest], p, "-");
648 	} else if (string != NULL) {
649 		len = strlen(string);
650 		p = Algorithm[digest].Data(string, len, buf);
651 		MDOutput(&Algorithm[digest], p, string);
652 	}
653 	if (cflag && mode != mode_bsd) {
654 		if (!sflag && malformed > 1)
655 			warnx("WARNING: %d lines are improperly formatted", malformed);
656 		else if (!sflag && malformed > 0)
657 			warnx("WARNING: %d line is improperly formatted", malformed);
658 		if (!sflag && checksFailed > 1)
659 			warnx("WARNING: %d computed checksums did NOT match", checksFailed);
660 		else if (!sflag && checksFailed > 0)
661 			warnx("WARNING: %d computed checksum did NOT match", checksFailed);
662 		if (checksFailed != 0 || (strict && malformed > 0))
663 			return (1);
664 	}
665 #ifdef HAVE_CAPSICUM
666 	fileargs_free(fa);
667 #endif
668 	if (failed)
669 		return (1);
670 	if (checksFailed > 0)
671 		return (2);
672 
673 	return (0);
674 }
675 
676 /*
677  * Common input handling
678  */
679 static char *
680 MDInput(const Algorithm_t *alg, FILE *f, char *buf, bool tee)
681 {
682 	char block[4096];
683 	DIGEST_CTX context;
684 	char *end, *p, *q;
685 	size_t len;
686 	int bits;
687 	uint8_t byte;
688 	bool cr = false;
689 
690 	alg->Init(&context);
691 	while ((len = fread(block, 1, sizeof(block), f)) > 0) {
692 		switch (input_mode) {
693 		case input_binary:
694 		case input_text:
695 			if (tee && fwrite(block, 1, len, stdout) != len)
696 				err(1, "stdout");
697 			alg->Update(&context, block, len);
698 			break;
699 		case input_universal:
700 			end = block + len;
701 			for (p = q = block; p < end; p = q) {
702 				if (cr) {
703 					if (*p == '\n')
704 						p++;
705 					if (tee && putchar('\n') == EOF)
706 						err(1, "stdout");
707 					alg->Update(&context, "\n", 1);
708 					cr = false;
709 				}
710 				for (q = p; q < end && *q != '\r'; q++)
711 					/* nothing */;
712 				if (q > p) {
713 					if (tee &&
714 					    fwrite(p, 1, q - p, stdout) !=
715 					    (size_t)(q - p))
716 						err(1, "stdout");
717 					alg->Update(&context, p, q - p);
718 				}
719 				if (q < end && *q == '\r') {
720 					cr = true;
721 					q++;
722 				}
723 			}
724 			break;
725 		case input_bits:
726 			end = block + len;
727 			bits = byte = 0;
728 			for (p = block; p < end; p++) {
729 				if (*p == '0' || *p == '1') {
730 					byte <<= 1;
731 					byte |= *p - '0';
732 					if (++bits == 8) {
733 						if (tee && putchar(byte) == EOF)
734 							err(1, "stdout");
735 						alg->Update(&context, &byte, 1);
736 						bits = byte = 0;
737 					}
738 				}
739 			}
740 			break;
741 		}
742 	}
743 	if (ferror(f)) {
744 		alg->End(&context, buf);
745 		return (NULL);
746 	}
747 	if (cr) {
748 		if (tee && putchar('\n') == EOF)
749 			err(1, "stdout");
750 		alg->Update(&context, "\n", 1);
751 	}
752 	if (input_mode == input_bits && bits != 0)
753 		errx(1, "input length was not a multiple of 8");
754 	return (alg->End(&context, buf));
755 }
756 
757 /*
758  * Common output handling
759  */
760 static void
761 MDOutput(const Algorithm_t *alg, char *p, const char *name)
762 {
763 	bool checkfailed = false;
764 
765 	if (p == NULL) {
766 		warn("%s", name);
767 		failed = true;
768 	} else if (cflag && mode != mode_bsd) {
769 		checkfailed = strcasecmp(checkAgainst, p) != 0;
770 		if (!sflag && (!qflag || checkfailed))
771 			printf("%s: %s%c", name, checkfailed ? "FAILED" : "OK",
772 			    endl);
773 	} else {
774 		switch (output_mode) {
775 		case output_bare:
776 			printf("%s", p);
777 			break;
778 		case output_gnu:
779 			printf("%s %c%s", p, input_mode, name);
780 			break;
781 		case output_reverse:
782 			printf("%s %s", p, name);
783 			break;
784 		case output_tagged:
785 			if (mode == mode_perl &&
786 			    strncmp(alg->name, "SHA512t", 7) == 0) {
787 				printf("%.6s/%s", alg->name, alg->name + 7);
788 			} else {
789 				printf("%s", alg->name);
790 			}
791 			printf(" (%s) = %s", name, p);
792 			break;
793 		}
794 		if (checkAgainst) {
795 			checkfailed = strcasecmp(checkAgainst, p) != 0;
796 			if (!qflag && checkfailed)
797 				printf(" [ Failed ]");
798 		}
799 		printf("%c", endl);
800 	}
801 	if (checkfailed)
802 		checksFailed++;
803 }
804 
805 /*
806  * Measures the time to digest TEST_BLOCK_COUNT TEST_BLOCK_LEN-byte blocks.
807  */
808 static void
809 MDTimeTrial(const Algorithm_t *alg)
810 {
811 	DIGEST_CTX context;
812 	struct rusage before, after;
813 	struct timeval total;
814 	float seconds;
815 	unsigned char block[TEST_BLOCK_LEN];
816 	unsigned int i;
817 	char *p, buf[HEX_DIGEST_LENGTH];
818 
819 	printf("%s time trial. Digesting %d %d-byte blocks ...",
820 	    alg->name, TEST_BLOCK_COUNT, TEST_BLOCK_LEN);
821 	fflush(stdout);
822 
823 	/* Initialize block */
824 	for (i = 0; i < TEST_BLOCK_LEN; i++)
825 		block[i] = (unsigned char) (i & 0xff);
826 
827 	/* Start timer */
828 	getrusage(RUSAGE_SELF, &before);
829 
830 	/* Digest blocks */
831 	alg->Init(&context);
832 	for (i = 0; i < TEST_BLOCK_COUNT; i++)
833 		alg->Update(&context, block, TEST_BLOCK_LEN);
834 	p = alg->End(&context, buf);
835 
836 	/* Stop timer */
837 	getrusage(RUSAGE_SELF, &after);
838 	timersub(&after.ru_utime, &before.ru_utime, &total);
839 	seconds = total.tv_sec + (float) total.tv_usec / 1000000;
840 
841 	printf(" done\n");
842 	printf("Digest = %s", p);
843 	printf("\nTime = %f seconds\n", seconds);
844 	printf("Speed = %f MiB/second\n", (float) TEST_BLOCK_LEN *
845 		(float) TEST_BLOCK_COUNT / seconds / (1 << 20));
846 }
847 /*
848  * Digests a reference suite of strings and prints the results.
849  */
850 
851 static const char *MDTestInput[MDTESTCOUNT] = {
852 	"",
853 	"a",
854 	"abc",
855 	"message digest",
856 	"abcdefghijklmnopqrstuvwxyz",
857 	"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
858 	"12345678901234567890123456789012345678901234567890123456789012345678901234567890",
859 	"MD5 has not yet (2001-09-03) been broken, but sufficient attacks have been made \
860 that its security is in some doubt"
861 };
862 
863 const char *MD5TestOutput[MDTESTCOUNT] = {
864 	"d41d8cd98f00b204e9800998ecf8427e",
865 	"0cc175b9c0f1b6a831c399e269772661",
866 	"900150983cd24fb0d6963f7d28e17f72",
867 	"f96b697d7cb7938d525a2f31aaf161d0",
868 	"c3fcd3d76192e4007dfb496cca67e13b",
869 	"d174ab98d277d9f5a5611c2c9f419d9f",
870 	"57edf4a22be3c955ac49da2e2107b67a",
871 	"b50663f41d44d92171cb9976bc118538"
872 };
873 
874 const char *SHA1_TestOutput[MDTESTCOUNT] = {
875 	"da39a3ee5e6b4b0d3255bfef95601890afd80709",
876 	"86f7e437faa5a7fce15d1ddcb9eaeaea377667b8",
877 	"a9993e364706816aba3e25717850c26c9cd0d89d",
878 	"c12252ceda8be8994d5fa0290a47231c1d16aae3",
879 	"32d10c7b8cf96570ca04ce37f2a19d84240d3a89",
880 	"761c457bf73b14d27e9e9265c46f4b4dda11f940",
881 	"50abf5706a150990a08b2c5ea40fa0e585554732",
882 	"18eca4333979c4181199b7b4fab8786d16cf2846"
883 };
884 
885 const char *SHA224_TestOutput[MDTESTCOUNT] = {
886 	"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f",
887 	"abd37534c7d9a2efb9465de931cd7055ffdb8879563ae98078d6d6d5",
888 	"23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7",
889 	"2cb21c83ae2f004de7e81c3c7019cbcb65b71ab656b22d6d0c39b8eb",
890 	"45a5f72c39c5cff2522eb3429799e49e5f44b356ef926bcf390dccc2",
891 	"bff72b4fcb7d75e5632900ac5f90d219e05e97a7bde72e740db393d9",
892 	"b50aecbe4e9bb0b57bc5f3ae760a8e01db24f203fb3cdcd13148046e",
893 	"5ae55f3779c8a1204210d7ed7689f661fbe140f96f272ab79e19d470"
894 };
895 
896 const char *SHA256_TestOutput[MDTESTCOUNT] = {
897 	"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
898 	"ca978112ca1bbdcafac231b39a23dc4da786eff8147c4e72b9807785afee48bb",
899 	"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad",
900 	"f7846f55cf23e14eebeab5b4e1550cad5b509e3348fbc4efa3a1413d393cb650",
901 	"71c480df93d6ae2f1efad1447c66c9525e316218cf51fc8d9ed832f2daf18b73",
902 	"db4bfcbd4da0cd85a60c3c37d3fbd8805c77f15fc6b1fdfe614ee0a7c8fdb4c0",
903 	"f371bc4a311f2b009eef952dd83ca80e2b60026c8e935592d0f9c308453c813e",
904 	"e6eae09f10ad4122a0e2a4075761d185a272ebd9f5aa489e998ff2f09cbfdd9f"
905 };
906 
907 const char *SHA384_TestOutput[MDTESTCOUNT] = {
908 	"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
909 	"54a59b9f22b0b80880d8427e548b7c23abd873486e1f035dce9cd697e85175033caa88e6d57bc35efae0b5afd3145f31",
910 	"cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed8086072ba1e7cc2358baeca134c825a7",
911 	"473ed35167ec1f5d8e550368a3db39be54639f828868e9454c239fc8b52e3c61dbd0d8b4de1390c256dcbb5d5fd99cd5",
912 	"feb67349df3db6f5924815d6c3dc133f091809213731fe5c7b5f4999e463479ff2877f5f2936fa63bb43784b12f3ebb4",
913 	"1761336e3f7cbfe51deb137f026f89e01a448e3b1fafa64039c1464ee8732f11a5341a6f41e0c202294736ed64db1a84",
914 	"b12932b0627d1c060942f5447764155655bd4da0c9afa6dd9b9ef53129af1b8fb0195996d2de9ca0df9d821ffee67026",
915 	"99428d401bf4abcd4ee0695248c9858b7503853acfae21a9cffa7855f46d1395ef38596fcd06d5a8c32d41a839cc5dfb"
916 };
917 
918 const char *SHA512_TestOutput[MDTESTCOUNT] = {
919 	"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
920 	"1f40fc92da241694750979ee6cf582f2d5d7d28e18335de05abc54d0560e0f5302860c652bf08d560252aa5e74210546f369fbbbce8c12cfc7957b2652fe9a75",
921 	"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f",
922 	"107dbf389d9e9f71a3a95f6c055b9251bc5268c2be16d6c13492ea45b0199f3309e16455ab1e96118e8a905d5597b72038ddb372a89826046de66687bb420e7c",
923 	"4dbff86cc2ca1bae1e16468a05cb9881c97f1753bce3619034898faa1aabe429955a1bf8ec483d7421fe3c1646613a59ed5441fb0f321389f77f48a879c7b1f1",
924 	"1e07be23c26a86ea37ea810c8ec7809352515a970e9253c26f536cfc7a9996c45c8370583e0a78fa4a90041d71a4ceab7423f19c71b9d5a3e01249f0bebd5894",
925 	"72ec1ef1124a45b047e8b7c75a932195135bb61de24ec0d1914042246e0aec3a2354e093d76f3048b456764346900cb130d2a4fd5dd16abb5e30bcb850dee843",
926 	"e8a835195e039708b13d9131e025f4441dbdc521ce625f245a436dcd762f54bf5cb298d96235e6c6a304e087ec8189b9512cbdf6427737ea82793460c367b9c3"
927 };
928 
929 const char *SHA512t224_TestOutput[MDTESTCOUNT] = {
930 	"6ed0dd02806fa89e25de060c19d3ac86cabb87d6a0ddd05c333b84f4",
931 	"d5cdb9ccc769a5121d4175f2bfdd13d6310e0d3d361ea75d82108327",
932 	"4634270f707b6a54daae7530460842e20e37ed265ceee9a43e8924aa",
933 	"ad1a4db188fe57064f4f24609d2a83cd0afb9b398eb2fcaeaae2c564",
934 	"ff83148aa07ec30655c1b40aff86141c0215fe2a54f767d3f38743d8",
935 	"a8b4b9174b99ffc67d6f49be9981587b96441051e16e6dd036b140d3",
936 	"ae988faaa47e401a45f704d1272d99702458fea2ddc6582827556dd2",
937 	"b3c3b945249b0c8c94aba76ea887bcaad5401665a1fbeb384af4d06b"
938 };
939 
940 const char *SHA512t256_TestOutput[MDTESTCOUNT] = {
941 	"c672b8d1ef56ed28ab87c3622c5114069bdd3ad7b8f9737498d0c01ecef0967a",
942 	"455e518824bc0601f9fb858ff5c37d417d67c2f8e0df2babe4808858aea830f8",
943 	"53048e2681941ef99b2e29b76b4c7dabe4c2d0c634fc6d46e0e2f13107e7af23",
944 	"0cf471fd17ed69d990daf3433c89b16d63dec1bb9cb42a6094604ee5d7b4e9fb",
945 	"fc3189443f9c268f626aea08a756abe7b726b05f701cb08222312ccfd6710a26",
946 	"cdf1cc0effe26ecc0c13758f7b4a48e000615df241284185c39eb05d355bb9c8",
947 	"2c9fdbc0c90bdd87612ee8455474f9044850241dc105b1e8b94b8ddf5fac9148",
948 	"dd095fc859b336c30a52548b3dc59fcc0d1be8616ebcf3368fad23107db2d736"
949 };
950 
951 const char *RIPEMD160_TestOutput[MDTESTCOUNT] = {
952 	"9c1185a5c5e9fc54612808977ee8f548b2258d31",
953 	"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe",
954 	"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc",
955 	"5d0689ef49d2fae572b881b123a85ffa21595f36",
956 	"f71c27109c692c1b56bbdceb5b9d2865b3708dbc",
957 	"b0e20b6e3116640286ed3a87a5713079b21f5189",
958 	"9b752e45573d4b39f4dbd3323cab82bf63326bfb",
959 	"5feb69c6bf7c29d95715ad55f57d8ac5b2b7dd32"
960 };
961 
962 const char *SKEIN256_TestOutput[MDTESTCOUNT] = {
963 	"c8877087da56e072870daa843f176e9453115929094c3a40c463a196c29bf7ba",
964 	"7fba44ff1a31d71a0c1f82e6e82fb5e9ac6c92a39c9185b9951fed82d82fe635",
965 	"258bdec343b9fde1639221a5ae0144a96e552e5288753c5fec76c05fc2fc1870",
966 	"4d2ce0062b5eb3a4db95bc1117dd8aa014f6cd50fdc8e64f31f7d41f9231e488",
967 	"46d8440685461b00e3ddb891b2ecc6855287d2bd8834a95fb1c1708b00ea5e82",
968 	"7c5eb606389556b33d34eb2536459528dc0af97adbcd0ce273aeb650f598d4b2",
969 	"4def7a7e5464a140ae9c3a80279fbebce4bd00f9faad819ab7e001512f67a10d",
970 	"d9c017dbe355f318d036469eb9b5fbe129fc2b5786a9dc6746a516eab6fe0126"
971 };
972 
973 const char *SKEIN512_TestOutput[MDTESTCOUNT] = {
974 	"bc5b4c50925519c290cc634277ae3d6257212395cba733bbad37a4af0fa06af41fca7903d06564fea7a2d3730dbdb80c1f85562dfcc070334ea4d1d9e72cba7a",
975 	"b1cd8d33f61b3737adfd59bb13ad82f4a9548e92f22956a8976cca3fdb7fee4fe91698146c4197cec85d38b83c5d93bdba92c01fd9a53870d0c7f967bc62bdce",
976 	"8f5dd9ec798152668e35129496b029a960c9a9b88662f7f9482f110b31f9f93893ecfb25c009baad9e46737197d5630379816a886aa05526d3a70df272d96e75",
977 	"15b73c158ffb875fed4d72801ded0794c720b121c0c78edf45f900937e6933d9e21a3a984206933d504b5dbb2368000411477ee1b204c986068df77886542fcc",
978 	"23793ad900ef12f9165c8080da6fdfd2c8354a2929b8aadf83aa82a3c6470342f57cf8c035ec0d97429b626c4d94f28632c8f5134fd367dca5cf293d2ec13f8c",
979 	"0c6bed927e022f5ddcf81877d42e5f75798a9f8fd3ede3d83baac0a2f364b082e036c11af35fe478745459dd8f5c0b73efe3c56ba5bb2009208d5a29cc6e469c",
980 	"2ca9fcffb3456f297d1b5f407014ecb856f0baac8eb540f534b1f187196f21e88f31103128c2f03fcc9857d7a58eb66f9525e2302d88833ee069295537a434ce",
981 	"1131f2aaa0e97126c9314f9f968cc827259bbfabced2943bb8c9274448998fb3b78738b4580dd500c76105fd3c03e465e1414f2c29664286b1f79d3e51128125"
982 };
983 
984 const char *SKEIN1024_TestOutput[MDTESTCOUNT] = {
985 	"0fff9563bb3279289227ac77d319b6fff8d7e9f09da1247b72a0a265cd6d2a62645ad547ed8193db48cff847c06494a03f55666d3b47eb4c20456c9373c86297d630d5578ebd34cb40991578f9f52b18003efa35d3da6553ff35db91b81ab890bec1b189b7f52cb2a783ebb7d823d725b0b4a71f6824e88f68f982eefc6d19c6",
986 	"6ab4c4ba9814a3d976ec8bffa7fcc638ceba0544a97b3c98411323ffd2dc936315d13dc93c13c4e88cda6f5bac6f2558b2d8694d3b6143e40d644ae43ca940685cb37f809d3d0550c56cba8036dee729a4f8fb960732e59e64d57f7f7710f8670963cdcdc95b41daab4855fcf8b6762a64b173ee61343a2c7689af1d293eba97",
987 	"35a599a0f91abcdb4cb73c19b8cb8d947742d82c309137a7caed29e8e0a2ca7a9ff9a90c34c1908cc7e7fd99bb15032fb86e76df21b72628399b5f7c3cc209d7bb31c99cd4e19465622a049afbb87c03b5ce3888d17e6e667279ec0aa9b3e2712624c01b5f5bbe1a564220bdcf6990af0c2539019f313fdd7406cca3892a1f1f",
988 	"ea891f5268acd0fac97467fc1aa89d1ce8681a9992a42540e53babee861483110c2d16f49e73bac27653ff173003e40cfb08516cd34262e6af95a5d8645c9c1abb3e813604d508b8511b30f9a5c1b352aa0791c7d2f27b2706dccea54bc7de6555b5202351751c3299f97c09cf89c40f67187e2521c0fad82b30edbb224f0458",
989 	"f23d95c2a25fbcd0e797cd058fec39d3c52d2b5afd7a9af1df934e63257d1d3dcf3246e7329c0f1104c1e51e3d22e300507b0c3b9f985bb1f645ef49835080536becf83788e17fed09c9982ba65c3cb7ffe6a5f745b911c506962adf226e435c42f6f6bc08d288f9c810e807e3216ef444f3db22744441deefa4900982a1371f",
990 	"cf3889e8a8d11bfd3938055d7d061437962bc5eac8ae83b1b71c94be201b8cf657fdbfc38674997a008c0c903f56a23feb3ae30e012377f1cfa080a9ca7fe8b96138662653fb3335c7d06595bf8baf65e215307532094cfdfa056bd8052ab792a3944a2adaa47b30335b8badb8fe9eb94fe329cdca04e58bbc530f0af709f469",
991 	"cf21a613620e6c119eca31fdfaad449a8e02f95ca256c21d2a105f8e4157048f9fe1e897893ea18b64e0e37cb07d5ac947f27ba544caf7cbc1ad094e675aed77a366270f7eb7f46543bccfa61c526fd628408058ed00ed566ac35a9761d002e629c4fb0d430b2f4ad016fcc49c44d2981c4002da0eecc42144160e2eaea4855a",
992 	"e6799b78db54085a2be7ff4c8007f147fa88d326abab30be0560b953396d8802feee9a15419b48a467574e9283be15685ca8a079ee52b27166b64dd70b124b1d4e4f6aca37224c3f2685e67e67baef9f94b905698adc794a09672aba977a61b20966912acdb08c21a2c37001785355dc884751a21f848ab36e590331ff938138"
993 };
994 
995 static void
996 MDTestSuite(const Algorithm_t *alg)
997 {
998 	int i;
999 	char buffer[HEX_DIGEST_LENGTH];
1000 
1001 	printf("%s test suite:\n", alg->name);
1002 	for (i = 0; i < MDTESTCOUNT; i++) {
1003 		(*alg->Data)(MDTestInput[i], strlen(MDTestInput[i]), buffer);
1004 		printf("%s (\"%s\") = %s", alg->name, MDTestInput[i], buffer);
1005 		if (strcmp(buffer, (*alg->TestOutput)[i]) == 0) {
1006 			printf(" - verified correct\n");
1007 		} else {
1008 			printf(" - INCORRECT RESULT!\n");
1009 			failed = true;
1010 		}
1011 	}
1012 }
1013 
1014 static void
1015 usage(const Algorithm_t *alg)
1016 {
1017 
1018 	switch (mode) {
1019 	case mode_gnu:
1020 		fprintf(stderr, "usage: %ssum [-bctwz] [files ...]\n", alg->progname);
1021 		break;
1022 	case mode_perl:
1023 		fprintf(stderr, "usage: shasum [-0bchqstUvw] [-a alg] [files ...]\n");
1024 		break;
1025 	default:
1026 		fprintf(stderr, "usage: %s [-pqrtx] [-c string] [-s string] [files ...]\n",
1027 		    alg->progname);
1028 	}
1029 	exit(1);
1030 }
1031 
1032 static void
1033 version(void)
1034 {
1035 	if (mode == mode_gnu)
1036 		printf("%s (FreeBSD) ", progname);
1037 	printf("%d.%d\n",
1038 	    __FreeBSD_version / 100000,
1039 	    (__FreeBSD_version / 1000) % 100);
1040 	exit(0);
1041 }
1042