1 |
/* md5.c - Functions to compute MD5 message digest of files or memory blocks |
2 |
according to the definition of MD5 in RFC 1321 from April 1992. |
3 |
Copyright (C) 1995, 1996, 2001, 2003 Free Software Foundation, Inc. |
4 |
NOTE: The canonical source of this file is maintained with the GNU C |
5 |
Library. Bugs can be reported to bug-glibc@prep.ai.mit.edu. |
6 |
|
7 |
This program is free software; you can redistribute it and/or modify it |
8 |
under the terms of the GNU General Public License as published by the |
9 |
Free Software Foundation; either version 2, or (at your option) any |
10 |
later version. |
11 |
|
12 |
This program is distributed in the hope that it will be useful, |
13 |
but WITHOUT ANY WARRANTY; without even the implied warranty of |
14 |
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
15 |
GNU General Public License for more details. |
16 |
|
17 |
You should have received a copy of the GNU General Public License |
18 |
along with this program; if not, write to the Free Software Foundation, |
19 |
Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ |
20 |
|
21 |
/* Written by Ulrich Drepper <drepper@gnu.ai.mit.edu>, 1995. */ |
22 |
|
23 |
#include "md5.h" |
24 |
|
25 |
#include <cstring> |
26 |
|
27 |
#define rol(x,n) ( ((x) << (n)) | ((x) >> (32-(n))) ) |
28 |
|
29 |
// endianness doesn't matter, as we don't share files between architectures |
30 |
#ifdef WORDS_BIGENDIAN |
31 |
# define SWAP(n) \ |
32 |
(((n) << 24) | (((n) & 0xff00) << 8) | (((n) >> 8) & 0xff00) | ((n) >> 24)) |
33 |
#else |
34 |
# define SWAP(n) (n) |
35 |
#endif |
36 |
|
37 |
/* This array contains the bytes used to pad the buffer to the next |
38 |
64-byte boundary. (RFC 1321, 3.1: Step 1) */ |
39 |
static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ }; |
40 |
|
41 |
/* Initialize structure containing state of computation. |
42 |
(RFC 1321, 3.3: Step 3) */ |
43 |
void |
44 |
md5_init_ctx (struct md5_ctx *ctx) |
45 |
{ |
46 |
ctx->A = 0x67452301; |
47 |
ctx->B = 0xefcdab89; |
48 |
ctx->C = 0x98badcfe; |
49 |
ctx->D = 0x10325476; |
50 |
|
51 |
ctx->total[0] = ctx->total[1] = 0; |
52 |
ctx->buflen = 0; |
53 |
} |
54 |
|
55 |
/* Put result from CTX in first 16 bytes following RESBUF. The result |
56 |
must be in little endian byte order. |
57 |
|
58 |
IMPORTANT: On some systems it is required that RESBUF is correctly |
59 |
aligned for a 32 bits value. */ |
60 |
void * |
61 |
md5_read_ctx (const struct md5_ctx *ctx, void *resbuf) |
62 |
{ |
63 |
((md5_uint32 *) resbuf)[0] = SWAP (ctx->A); |
64 |
((md5_uint32 *) resbuf)[1] = SWAP (ctx->B); |
65 |
((md5_uint32 *) resbuf)[2] = SWAP (ctx->C); |
66 |
((md5_uint32 *) resbuf)[3] = SWAP (ctx->D); |
67 |
|
68 |
return resbuf; |
69 |
} |
70 |
|
71 |
/* Process the remaining bytes in the internal buffer and the usual |
72 |
prolog according to the standard and write the result to RESBUF. |
73 |
|
74 |
IMPORTANT: On some systems it is required that RESBUF is correctly |
75 |
aligned for a 32 bits value. */ |
76 |
void * |
77 |
md5_finish_ctx (struct md5_ctx *ctx, void *resbuf) |
78 |
{ |
79 |
/* Take yet unprocessed bytes into account. */ |
80 |
md5_uint32 bytes = ctx->buflen; |
81 |
int pad; |
82 |
|
83 |
/* Now count remaining bytes. */ |
84 |
ctx->total[0] += bytes; |
85 |
if (ctx->total[0] < bytes) |
86 |
++ctx->total[1]; |
87 |
|
88 |
pad = bytes >= 56 ? 64 + 56 - bytes : 56 - bytes; |
89 |
memcpy (&ctx->buffer[bytes], fillbuf, pad); |
90 |
|
91 |
/* Put the 64-bit file length in *bits* at the end of the buffer. */ |
92 |
*(md5_uint32 *) &ctx->buffer[bytes + pad] = SWAP (ctx->total[0] << 3); |
93 |
*(md5_uint32 *) &ctx->buffer[bytes + pad + 4] = SWAP ((ctx->total[1] << 3) | |
94 |
(ctx->total[0] >> 29)); |
95 |
|
96 |
/* Process last bytes. */ |
97 |
md5_process_block (ctx->buffer, bytes + pad + 8, ctx); |
98 |
|
99 |
return md5_read_ctx (ctx, resbuf); |
100 |
} |
101 |
|
102 |
/* Compute MD5 message digest for LEN bytes beginning at BUFFER. The |
103 |
result is always in little endian byte order, so that a byte-wise |
104 |
output yields to the wanted ASCII representation of the message |
105 |
digest. */ |
106 |
void * |
107 |
md5_buffer (const char *buffer, int len, void *resblock) |
108 |
{ |
109 |
struct md5_ctx ctx; |
110 |
|
111 |
/* Initialize the computation context. */ |
112 |
md5_init_ctx (&ctx); |
113 |
|
114 |
/* Process whole buffer but last len % 64 bytes. */ |
115 |
md5_process_bytes (buffer, len, &ctx); |
116 |
|
117 |
/* Put result in desired memory area. */ |
118 |
return md5_finish_ctx (&ctx, resblock); |
119 |
} |
120 |
|
121 |
|
122 |
void |
123 |
md5_process_bytes (const void *buffer, int len, struct md5_ctx *ctx) |
124 |
{ |
125 |
/* When we already have some bits in our internal buffer concatenate |
126 |
both inputs first. */ |
127 |
if (ctx->buflen != 0) |
128 |
{ |
129 |
int left_over = ctx->buflen; |
130 |
int add = 128 - left_over > len ? len : 128 - left_over; |
131 |
|
132 |
memcpy (&ctx->buffer[left_over], buffer, add); |
133 |
ctx->buflen += add; |
134 |
|
135 |
if (ctx->buflen > 64) |
136 |
{ |
137 |
md5_process_block (ctx->buffer, ctx->buflen & ~63, ctx); |
138 |
|
139 |
ctx->buflen &= 63; |
140 |
/* The regions in the following copy operation cannot overlap. */ |
141 |
memcpy (ctx->buffer, &ctx->buffer[(left_over + add) & ~63], |
142 |
ctx->buflen); |
143 |
} |
144 |
|
145 |
buffer = (const char *) buffer + add; |
146 |
len -= add; |
147 |
} |
148 |
|
149 |
/* Process available complete blocks. */ |
150 |
if (len >= 64) |
151 |
{ |
152 |
/* To check alignment gcc has an appropriate operator. Other |
153 |
compilers don't. */ |
154 |
# if __GNUC__ >= 2 |
155 |
# define UNALIGNED_P(p) (((md5_uintptr) p) % __alignof__ (md5_uint32) != 0) |
156 |
# else |
157 |
# define UNALIGNED_P(p) (((md5_uintptr) p) % sizeof (md5_uint32) != 0) |
158 |
# endif |
159 |
if (UNALIGNED_P (buffer)) |
160 |
while (len > 64) |
161 |
{ |
162 |
md5_process_block (memcpy (ctx->buffer, buffer, 64), 64, ctx); |
163 |
buffer = (const char *) buffer + 64; |
164 |
len -= 64; |
165 |
} |
166 |
else |
167 |
{ |
168 |
md5_process_block (buffer, len & ~63, ctx); |
169 |
buffer = (const char *) buffer + (len & ~63); |
170 |
len &= 63; |
171 |
} |
172 |
} |
173 |
|
174 |
/* Move remaining bytes in internal buffer. */ |
175 |
if (len > 0) |
176 |
{ |
177 |
int left_over = ctx->buflen; |
178 |
|
179 |
memcpy (&ctx->buffer[left_over], buffer, len); |
180 |
left_over += len; |
181 |
if (left_over >= 64) |
182 |
{ |
183 |
md5_process_block (ctx->buffer, 64, ctx); |
184 |
left_over -= 64; |
185 |
memcpy (ctx->buffer, &ctx->buffer[64], left_over); |
186 |
} |
187 |
ctx->buflen = left_over; |
188 |
} |
189 |
} |
190 |
|
191 |
|
192 |
/* These are the four functions used in the four steps of the MD5 algorithm |
193 |
and defined in the RFC 1321. The first function is a little bit optimized |
194 |
(as found in Colin Plumbs public domain implementation). */ |
195 |
/* #define FF(b, c, d) ((b & c) | (~b & d)) */ |
196 |
#define FF(b, c, d) (d ^ (b & (c ^ d))) |
197 |
#define FG(b, c, d) FF (d, b, c) |
198 |
#define FH(b, c, d) (b ^ c ^ d) |
199 |
#define FI(b, c, d) (c ^ (b | ~d)) |
200 |
|
201 |
/* Process LEN bytes of BUFFER, accumulating context into CTX. |
202 |
It is assumed that LEN % 64 == 0. */ |
203 |
|
204 |
void |
205 |
md5_process_block (const void *buffer, int len, struct md5_ctx *ctx) |
206 |
{ |
207 |
md5_uint32 correct_words[16]; |
208 |
const md5_uint32 *words = (const md5_uint32 *)buffer; |
209 |
int nwords = len / sizeof (md5_uint32); |
210 |
const md5_uint32 *endp = words + nwords; |
211 |
md5_uint32 A = ctx->A; |
212 |
md5_uint32 B = ctx->B; |
213 |
md5_uint32 C = ctx->C; |
214 |
md5_uint32 D = ctx->D; |
215 |
|
216 |
/* First increment the byte count. RFC 1321 specifies the possible |
217 |
length of the file up to 2^64 bits. Here we only compute the |
218 |
number of bytes. Do a double word increment. */ |
219 |
ctx->total[0] += len; |
220 |
if (ctx->total[0] < len) |
221 |
++ctx->total[1]; |
222 |
|
223 |
/* Process all bytes in the buffer with 64 bytes in each round of |
224 |
the loop. */ |
225 |
while (words < endp) |
226 |
{ |
227 |
md5_uint32 *cwp = correct_words; |
228 |
md5_uint32 A_save = A; |
229 |
md5_uint32 B_save = B; |
230 |
md5_uint32 C_save = C; |
231 |
md5_uint32 D_save = D; |
232 |
|
233 |
/* First round: using the given function, the context and a constant |
234 |
the next context is computed. Because the algorithms processing |
235 |
unit is a 32-bit word and it is determined to work on words in |
236 |
little endian byte order we perhaps have to change the byte order |
237 |
before the computation. To reduce the work for the next steps |
238 |
we store the swapped words in the array CORRECT_WORDS. */ |
239 |
|
240 |
#define OP(a, b, c, d, s, T) \ |
241 |
do \ |
242 |
{ \ |
243 |
a += FF (b, c, d) + (*cwp++ = SWAP (*words)) + T; \ |
244 |
++words; \ |
245 |
a = rol (a, s); \ |
246 |
a += b; \ |
247 |
} \ |
248 |
while (0) |
249 |
|
250 |
/* Before we start, one word to the strange constants. |
251 |
They are defined in RFC 1321 as |
252 |
|
253 |
T[i] = (int) (4294967296.0 * fabs (sin (i))), i=1..64, or |
254 |
perl -e 'foreach(1..64){printf "0x%08x\n", int (4294967296 * abs (sin $_))}' |
255 |
*/ |
256 |
|
257 |
/* Round 1. */ |
258 |
OP (A, B, C, D, 7, 0xd76aa478); |
259 |
OP (D, A, B, C, 12, 0xe8c7b756); |
260 |
OP (C, D, A, B, 17, 0x242070db); |
261 |
OP (B, C, D, A, 22, 0xc1bdceee); |
262 |
OP (A, B, C, D, 7, 0xf57c0faf); |
263 |
OP (D, A, B, C, 12, 0x4787c62a); |
264 |
OP (C, D, A, B, 17, 0xa8304613); |
265 |
OP (B, C, D, A, 22, 0xfd469501); |
266 |
OP (A, B, C, D, 7, 0x698098d8); |
267 |
OP (D, A, B, C, 12, 0x8b44f7af); |
268 |
OP (C, D, A, B, 17, 0xffff5bb1); |
269 |
OP (B, C, D, A, 22, 0x895cd7be); |
270 |
OP (A, B, C, D, 7, 0x6b901122); |
271 |
OP (D, A, B, C, 12, 0xfd987193); |
272 |
OP (C, D, A, B, 17, 0xa679438e); |
273 |
OP (B, C, D, A, 22, 0x49b40821); |
274 |
|
275 |
/* For the second to fourth round we have the possibly swapped words |
276 |
in CORRECT_WORDS. Redefine the macro to take an additional first |
277 |
argument specifying the function to use. */ |
278 |
#undef OP |
279 |
#define OP(f, a, b, c, d, k, s, T) \ |
280 |
do \ |
281 |
{ \ |
282 |
a += f (b, c, d) + correct_words[k] + T; \ |
283 |
a = rol (a, s); \ |
284 |
a += b; \ |
285 |
} \ |
286 |
while (0) |
287 |
|
288 |
/* Round 2. */ |
289 |
OP (FG, A, B, C, D, 1, 5, 0xf61e2562); |
290 |
OP (FG, D, A, B, C, 6, 9, 0xc040b340); |
291 |
OP (FG, C, D, A, B, 11, 14, 0x265e5a51); |
292 |
OP (FG, B, C, D, A, 0, 20, 0xe9b6c7aa); |
293 |
OP (FG, A, B, C, D, 5, 5, 0xd62f105d); |
294 |
OP (FG, D, A, B, C, 10, 9, 0x02441453); |
295 |
OP (FG, C, D, A, B, 15, 14, 0xd8a1e681); |
296 |
OP (FG, B, C, D, A, 4, 20, 0xe7d3fbc8); |
297 |
OP (FG, A, B, C, D, 9, 5, 0x21e1cde6); |
298 |
OP (FG, D, A, B, C, 14, 9, 0xc33707d6); |
299 |
OP (FG, C, D, A, B, 3, 14, 0xf4d50d87); |
300 |
OP (FG, B, C, D, A, 8, 20, 0x455a14ed); |
301 |
OP (FG, A, B, C, D, 13, 5, 0xa9e3e905); |
302 |
OP (FG, D, A, B, C, 2, 9, 0xfcefa3f8); |
303 |
OP (FG, C, D, A, B, 7, 14, 0x676f02d9); |
304 |
OP (FG, B, C, D, A, 12, 20, 0x8d2a4c8a); |
305 |
|
306 |
/* Round 3. */ |
307 |
OP (FH, A, B, C, D, 5, 4, 0xfffa3942); |
308 |
OP (FH, D, A, B, C, 8, 11, 0x8771f681); |
309 |
OP (FH, C, D, A, B, 11, 16, 0x6d9d6122); |
310 |
OP (FH, B, C, D, A, 14, 23, 0xfde5380c); |
311 |
OP (FH, A, B, C, D, 1, 4, 0xa4beea44); |
312 |
OP (FH, D, A, B, C, 4, 11, 0x4bdecfa9); |
313 |
OP (FH, C, D, A, B, 7, 16, 0xf6bb4b60); |
314 |
OP (FH, B, C, D, A, 10, 23, 0xbebfbc70); |
315 |
OP (FH, A, B, C, D, 13, 4, 0x289b7ec6); |
316 |
OP (FH, D, A, B, C, 0, 11, 0xeaa127fa); |
317 |
OP (FH, C, D, A, B, 3, 16, 0xd4ef3085); |
318 |
OP (FH, B, C, D, A, 6, 23, 0x04881d05); |
319 |
OP (FH, A, B, C, D, 9, 4, 0xd9d4d039); |
320 |
OP (FH, D, A, B, C, 12, 11, 0xe6db99e5); |
321 |
OP (FH, C, D, A, B, 15, 16, 0x1fa27cf8); |
322 |
OP (FH, B, C, D, A, 2, 23, 0xc4ac5665); |
323 |
|
324 |
/* Round 4. */ |
325 |
OP (FI, A, B, C, D, 0, 6, 0xf4292244); |
326 |
OP (FI, D, A, B, C, 7, 10, 0x432aff97); |
327 |
OP (FI, C, D, A, B, 14, 15, 0xab9423a7); |
328 |
OP (FI, B, C, D, A, 5, 21, 0xfc93a039); |
329 |
OP (FI, A, B, C, D, 12, 6, 0x655b59c3); |
330 |
OP (FI, D, A, B, C, 3, 10, 0x8f0ccc92); |
331 |
OP (FI, C, D, A, B, 10, 15, 0xffeff47d); |
332 |
OP (FI, B, C, D, A, 1, 21, 0x85845dd1); |
333 |
OP (FI, A, B, C, D, 8, 6, 0x6fa87e4f); |
334 |
OP (FI, D, A, B, C, 15, 10, 0xfe2ce6e0); |
335 |
OP (FI, C, D, A, B, 6, 15, 0xa3014314); |
336 |
OP (FI, B, C, D, A, 13, 21, 0x4e0811a1); |
337 |
OP (FI, A, B, C, D, 4, 6, 0xf7537e82); |
338 |
OP (FI, D, A, B, C, 11, 10, 0xbd3af235); |
339 |
OP (FI, C, D, A, B, 2, 15, 0x2ad7d2bb); |
340 |
OP (FI, B, C, D, A, 9, 21, 0xeb86d391); |
341 |
|
342 |
/* Add the starting values of the context. */ |
343 |
A += A_save; |
344 |
B += B_save; |
345 |
C += C_save; |
346 |
D += D_save; |
347 |
} |
348 |
|
349 |
/* Put checksum in context given as argument. */ |
350 |
ctx->A = A; |
351 |
ctx->B = B; |
352 |
ctx->C = C; |
353 |
ctx->D = D; |
354 |
} |