1 /* md5.c - Functions to compute MD5 message digest of files or memory blocks
2 according to the definition of MD5 in RFC 1321 from April 1992.
3 Copyright (C) 1995, 1996, 2001, 2003 Free Software Foundation, Inc.
4 NOTE: The canonical source of this file is maintained with the GNU C
5 Library. Bugs can be reported to bug-glibc@prep.ai.mit.edu.
6
7 This program is free software; you can redistribute it and/or modify it
8 under the terms of the GNU General Public License as published by the
9 Free Software Foundation; either version 2, or (at your option) any
10 later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software Foundation,
19 Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */
20
21 /* Written by Ulrich Drepper <drepper@gnu.ai.mit.edu>, 1995. */
22
23 #ifdef HAVE_CONFIG_H
24 # include <config.h>
25 #endif
26
27 #include <sys/types.h>
28 #include <stdlib.h>
29 #include <string.h>
30
31 #include <md5.h>
32
33 #ifdef _LIBC
34 # include <endian.h>
35 # if __BYTE_ORDER == __BIG_ENDIAN
36 # define WORDS_BIGENDIAN 1
37 # endif
38 /* We need to keep the namespace clean so define the MD5 function
39 protected using leading __ . */
40 # define md5_init_ctx __md5_init_ctx
41 # define md5_process_block __md5_process_block
42 # define md5_process_bytes __md5_process_bytes
43 # define md5_finish_ctx __md5_finish_ctx
44 # define md5_read_ctx __md5_read_ctx
45 # define md5_stream __md5_stream
46 # define md5_buffer __md5_buffer
47 #endif
48
49 #ifdef WORDS_BIGENDIAN
50 # define SWAP(n) \
51 (((n) << 24) | (((n) & 0xff00) << 8) | (((n) >> 8) & 0xff00) | ((n) >> 24))
52 #else
53 # define SWAP(n) (n)
54 #endif
55
56 #define BLOCKSIZE 4096
57 /* Ensure that BLOCKSIZE is a multiple of 64. */
58 #if BLOCKSIZE % 64 != 0
59 /* FIXME-someday (soon?): use #error instead of this kludge. */
60 "invalid BLOCKSIZE"
61 #endif
62
63 /* This array contains the bytes used to pad the buffer to the next
64 64-byte boundary. (RFC 1321, 3.1: Step 1) */
65 static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ };
66
67
68 /* Initialize structure containing state of computation.
69 (RFC 1321, 3.3: Step 3) */
70 void
md5_init_ctx(struct md5_ctx * ctx)71 md5_init_ctx (struct md5_ctx *ctx)
72 {
73 ctx->A = 0x67452301;
74 ctx->B = 0xefcdab89;
75 ctx->C = 0x98badcfe;
76 ctx->D = 0x10325476;
77
78 ctx->total[0] = ctx->total[1] = 0;
79 ctx->buflen = 0;
80 }
81
82 /* Put result from CTX in first 16 bytes following RESBUF. The result
83 must be in little endian byte order.
84
85 IMPORTANT: On some systems it is required that RESBUF is correctly
86 aligned for a 32 bits value. */
87 void *
md5_read_ctx(const struct md5_ctx * ctx,void * resbuf)88 md5_read_ctx (const struct md5_ctx *ctx, void *resbuf)
89 {
90 ((md5_uint32 *) resbuf)[0] = SWAP (ctx->A);
91 ((md5_uint32 *) resbuf)[1] = SWAP (ctx->B);
92 ((md5_uint32 *) resbuf)[2] = SWAP (ctx->C);
93 ((md5_uint32 *) resbuf)[3] = SWAP (ctx->D);
94
95 return resbuf;
96 }
97
98 /* Process the remaining bytes in the internal buffer and the usual
99 prolog according to the standard and write the result to RESBUF.
100
101 IMPORTANT: On some systems it is required that RESBUF is correctly
102 aligned for a 32 bits value. */
103 void *
md5_finish_ctx(struct md5_ctx * ctx,void * resbuf)104 md5_finish_ctx (struct md5_ctx *ctx, void *resbuf)
105 {
106 /* Take yet unprocessed bytes into account. */
107 md5_uint32 bytes = ctx->buflen;
108 size_t pad;
109
110 /* Now count remaining bytes. */
111 ctx->total[0] += bytes;
112 if (ctx->total[0] < bytes)
113 ++ctx->total[1];
114
115 pad = bytes >= 56 ? 64 + 56 - bytes : 56 - bytes;
116 memcpy (&ctx->buffer[bytes], fillbuf, pad);
117
118 /* Put the 64-bit file length in *bits* at the end of the buffer. */
119 *(md5_uint32 *) &ctx->buffer[bytes + pad] = SWAP (ctx->total[0] << 3);
120 *(md5_uint32 *) &ctx->buffer[bytes + pad + 4] = SWAP ((ctx->total[1] << 3) |
121 (ctx->total[0] >> 29));
122
123 /* Process last bytes. */
124 md5_process_block (ctx->buffer, bytes + pad + 8, ctx);
125
126 return md5_read_ctx (ctx, resbuf);
127 }
128
129 /* Compute MD5 message digest for bytes read from STREAM. The
130 resulting message digest number will be written into the 16 bytes
131 beginning at RESBLOCK. */
132 int
md5_stream(FILE * stream,void * resblock)133 md5_stream (FILE *stream, void *resblock)
134 {
135 struct md5_ctx ctx;
136 char buffer[BLOCKSIZE + 72];
137 size_t sum;
138
139 /* Initialize the computation context. */
140 md5_init_ctx (&ctx);
141
142 /* Iterate over full file contents. */
143 while (1)
144 {
145 /* We read the file in blocks of BLOCKSIZE bytes. One call of the
146 computation function processes the whole buffer so that with the
147 next round of the loop another block can be read. */
148 size_t n;
149 sum = 0;
150
151 /* Read block. Take care for partial reads. */
152 while (1)
153 {
154 n = fread (buffer + sum, 1, BLOCKSIZE - sum, stream);
155
156 sum += n;
157
158 if (sum == BLOCKSIZE)
159 break;
160
161 if (n == 0)
162 {
163 /* Check for the error flag IFF N == 0, so that we don't
164 exit the loop after a partial read due to e.g., EAGAIN
165 or EWOULDBLOCK. */
166 if (ferror (stream))
167 return 1;
168 goto process_partial_block;
169 }
170
171 /* We've read at least one byte, so ignore errors. But always
172 check for EOF, since feof may be true even though N > 0.
173 Otherwise, we could end up calling fread after EOF. */
174 if (feof (stream))
175 goto process_partial_block;
176 }
177
178 /* Process buffer with BLOCKSIZE bytes. Note that
179 BLOCKSIZE % 64 == 0
180 */
181 md5_process_block (buffer, BLOCKSIZE, &ctx);
182 }
183
184 process_partial_block:;
185
186 /* Process any remaining bytes. */
187 if (sum > 0)
188 md5_process_bytes (buffer, sum, &ctx);
189
190 /* Construct result in desired memory. */
191 md5_finish_ctx (&ctx, resblock);
192 return 0;
193 }
194
195 /* Compute MD5 message digest for LEN bytes beginning at BUFFER. The
196 result is always in little endian byte order, so that a byte-wise
197 output yields to the wanted ASCII representation of the message
198 digest. */
199 void *
md5_buffer(const char * buffer,size_t len,void * resblock)200 md5_buffer (const char *buffer, size_t len, void *resblock)
201 {
202 struct md5_ctx ctx;
203
204 /* Initialize the computation context. */
205 md5_init_ctx (&ctx);
206
207 /* Process whole buffer but last len % 64 bytes. */
208 md5_process_bytes (buffer, len, &ctx);
209
210 /* Put result in desired memory area. */
211 return md5_finish_ctx (&ctx, resblock);
212 }
213
214
215 void
md5_process_bytes(const void * buffer,size_t len,struct md5_ctx * ctx)216 md5_process_bytes ( const void *buffer, size_t len, struct md5_ctx *ctx)
217 {
218 /* When we already have some bits in our internal buffer concatenate
219 both inputs first. */
220 if (ctx->buflen != 0)
221 {
222 size_t left_over = ctx->buflen;
223 size_t add = 128 - left_over > len ? len : 128 - left_over;
224
225 memcpy (&ctx->buffer[left_over], buffer, add);
226 ctx->buflen += add;
227
228 if (ctx->buflen > 64)
229 {
230 md5_process_block (ctx->buffer, ctx->buflen & ~63, ctx);
231
232 ctx->buflen &= 63;
233 /* The regions in the following copy operation cannot overlap. */
234 memcpy (ctx->buffer, &ctx->buffer[(left_over + add) & ~63],
235 ctx->buflen);
236 }
237
238 buffer = (const char *) buffer + add;
239 len -= add;
240 }
241
242 /* Process available complete blocks. */
243 if (len >= 64)
244 {
245 #if !_STRING_ARCH_unaligned
246 /* To check alignment gcc has an appropriate operator. Other
247 compilers don't. */
248 # if __GNUC__ >= 2
249 # define UNALIGNED_P(p) (((md5_uintptr) p) % __alignof__ (md5_uint32) != 0)
250 # else
251 # define UNALIGNED_P(p) (((md5_uintptr) p) % sizeof (md5_uint32) != 0)
252 # endif
253 if (UNALIGNED_P (buffer))
254 while (len > 64)
255 {
256 memcpy (ctx->buffer, buffer, 64);
257 md5_process_block (ctx->buffer, 64, ctx);
258 buffer = (const char *) buffer + 64;
259 len -= 64;
260 }
261 else
262 #endif
263 {
264 md5_process_block (buffer, len & ~63, ctx);
265 buffer = (const char *) buffer + (len & ~63);
266 len &= 63;
267 }
268 }
269
270 /* Move remaining bytes in internal buffer. */
271 if (len > 0)
272 {
273 size_t left_over = ctx->buflen;
274
275 memcpy (&ctx->buffer[left_over], buffer, len);
276 left_over += len;
277 if (left_over >= 64)
278 {
279 md5_process_block (ctx->buffer, 64, ctx);
280 left_over -= 64;
281 memcpy (ctx->buffer, &ctx->buffer[64], left_over);
282 }
283 ctx->buflen = left_over;
284 }
285 }
286
287
288 /* These are the four functions used in the four steps of the MD5 algorithm
289 and defined in the RFC 1321. The first function is a little bit optimized
290 (as found in Colin Plumbs public domain implementation). */
291 /* #define FF(b, c, d) ((b & c) | (~b & d)) */
292 #define FF(b, c, d) (d ^ (b & (c ^ d)))
293 #define FG(b, c, d) FF (d, b, c)
294 #define FH(b, c, d) (b ^ c ^ d)
295 #define FI(b, c, d) (c ^ (b | ~d))
296
297 /* Process LEN bytes of BUFFER, accumulating context into CTX.
298 It is assumed that LEN % 64 == 0. */
299
300 void
md5_process_block(const void * buffer,size_t len,struct md5_ctx * ctx)301 md5_process_block (const void *buffer, size_t len, struct md5_ctx *ctx)
302 {
303 md5_uint32 correct_words[16];
304 const md5_uint32 *words = (const md5_uint32 *) buffer;
305 size_t nwords = len / sizeof (md5_uint32);
306 const md5_uint32 *endp = words + nwords;
307 md5_uint32 A = ctx->A;
308 md5_uint32 B = ctx->B;
309 md5_uint32 C = ctx->C;
310 md5_uint32 D = ctx->D;
311
312 /* First increment the byte count. RFC 1321 specifies the possible
313 length of the file up to 2^64 bits. Here we only compute the
314 number of bytes. Do a double word increment. */
315 ctx->total[0] += len;
316 if (ctx->total[0] < len)
317 ++ctx->total[1];
318
319 /* Process all bytes in the buffer with 64 bytes in each round of
320 the loop. */
321 while (words < endp)
322 {
323 md5_uint32 *cwp = correct_words;
324 md5_uint32 A_save = A;
325 md5_uint32 B_save = B;
326 md5_uint32 C_save = C;
327 md5_uint32 D_save = D;
328
329 /* First round: using the given function, the context and a constant
330 the next context is computed. Because the algorithms processing
331 unit is a 32-bit word and it is determined to work on words in
332 little endian byte order we perhaps have to change the byte order
333 before the computation. To reduce the work for the next steps
334 we store the swapped words in the array CORRECT_WORDS. */
335
336 #define OP(a, b, c, d, s, T) \
337 do \
338 { \
339 a += FF (b, c, d) + (*cwp++ = SWAP (*words)) + T; \
340 ++words; \
341 a = rol (a, s); \
342 a += b; \
343 } \
344 while (0)
345
346 /* Before we start, one word to the strange constants.
347 They are defined in RFC 1321 as
348
349 T[i] = (int) (4294967296.0 * fabs (sin (i))), i=1..64, or
350 perl -e 'foreach(1..64){printf "0x%08x\n", int (4294967296 * abs (sin $_))}'
351 */
352
353 /* Round 1. */
354 OP (A, B, C, D, 7, 0xd76aa478);
355 OP (D, A, B, C, 12, 0xe8c7b756);
356 OP (C, D, A, B, 17, 0x242070db);
357 OP (B, C, D, A, 22, 0xc1bdceee);
358 OP (A, B, C, D, 7, 0xf57c0faf);
359 OP (D, A, B, C, 12, 0x4787c62a);
360 OP (C, D, A, B, 17, 0xa8304613);
361 OP (B, C, D, A, 22, 0xfd469501);
362 OP (A, B, C, D, 7, 0x698098d8);
363 OP (D, A, B, C, 12, 0x8b44f7af);
364 OP (C, D, A, B, 17, 0xffff5bb1);
365 OP (B, C, D, A, 22, 0x895cd7be);
366 OP (A, B, C, D, 7, 0x6b901122);
367 OP (D, A, B, C, 12, 0xfd987193);
368 OP (C, D, A, B, 17, 0xa679438e);
369 OP (B, C, D, A, 22, 0x49b40821);
370
371 /* For the second to fourth round we have the possibly swapped words
372 in CORRECT_WORDS. Redefine the macro to take an additional first
373 argument specifying the function to use. */
374 #undef OP
375 #define OP(f, a, b, c, d, k, s, T) \
376 do \
377 { \
378 a += f (b, c, d) + correct_words[k] + T; \
379 a = rol (a, s); \
380 a += b; \
381 } \
382 while (0)
383
384 /* Round 2. */
385 OP (FG, A, B, C, D, 1, 5, 0xf61e2562);
386 OP (FG, D, A, B, C, 6, 9, 0xc040b340);
387 OP (FG, C, D, A, B, 11, 14, 0x265e5a51);
388 OP (FG, B, C, D, A, 0, 20, 0xe9b6c7aa);
389 OP (FG, A, B, C, D, 5, 5, 0xd62f105d);
390 OP (FG, D, A, B, C, 10, 9, 0x02441453);
391 OP (FG, C, D, A, B, 15, 14, 0xd8a1e681);
392 OP (FG, B, C, D, A, 4, 20, 0xe7d3fbc8);
393 OP (FG, A, B, C, D, 9, 5, 0x21e1cde6);
394 OP (FG, D, A, B, C, 14, 9, 0xc33707d6);
395 OP (FG, C, D, A, B, 3, 14, 0xf4d50d87);
396 OP (FG, B, C, D, A, 8, 20, 0x455a14ed);
397 OP (FG, A, B, C, D, 13, 5, 0xa9e3e905);
398 OP (FG, D, A, B, C, 2, 9, 0xfcefa3f8);
399 OP (FG, C, D, A, B, 7, 14, 0x676f02d9);
400 OP (FG, B, C, D, A, 12, 20, 0x8d2a4c8a);
401
402 /* Round 3. */
403 OP (FH, A, B, C, D, 5, 4, 0xfffa3942);
404 OP (FH, D, A, B, C, 8, 11, 0x8771f681);
405 OP (FH, C, D, A, B, 11, 16, 0x6d9d6122);
406 OP (FH, B, C, D, A, 14, 23, 0xfde5380c);
407 OP (FH, A, B, C, D, 1, 4, 0xa4beea44);
408 OP (FH, D, A, B, C, 4, 11, 0x4bdecfa9);
409 OP (FH, C, D, A, B, 7, 16, 0xf6bb4b60);
410 OP (FH, B, C, D, A, 10, 23, 0xbebfbc70);
411 OP (FH, A, B, C, D, 13, 4, 0x289b7ec6);
412 OP (FH, D, A, B, C, 0, 11, 0xeaa127fa);
413 OP (FH, C, D, A, B, 3, 16, 0xd4ef3085);
414 OP (FH, B, C, D, A, 6, 23, 0x04881d05);
415 OP (FH, A, B, C, D, 9, 4, 0xd9d4d039);
416 OP (FH, D, A, B, C, 12, 11, 0xe6db99e5);
417 OP (FH, C, D, A, B, 15, 16, 0x1fa27cf8);
418 OP (FH, B, C, D, A, 2, 23, 0xc4ac5665);
419
420 /* Round 4. */
421 OP (FI, A, B, C, D, 0, 6, 0xf4292244);
422 OP (FI, D, A, B, C, 7, 10, 0x432aff97);
423 OP (FI, C, D, A, B, 14, 15, 0xab9423a7);
424 OP (FI, B, C, D, A, 5, 21, 0xfc93a039);
425 OP (FI, A, B, C, D, 12, 6, 0x655b59c3);
426 OP (FI, D, A, B, C, 3, 10, 0x8f0ccc92);
427 OP (FI, C, D, A, B, 10, 15, 0xffeff47d);
428 OP (FI, B, C, D, A, 1, 21, 0x85845dd1);
429 OP (FI, A, B, C, D, 8, 6, 0x6fa87e4f);
430 OP (FI, D, A, B, C, 15, 10, 0xfe2ce6e0);
431 OP (FI, C, D, A, B, 6, 15, 0xa3014314);
432 OP (FI, B, C, D, A, 13, 21, 0x4e0811a1);
433 OP (FI, A, B, C, D, 4, 6, 0xf7537e82);
434 OP (FI, D, A, B, C, 11, 10, 0xbd3af235);
435 OP (FI, C, D, A, B, 2, 15, 0x2ad7d2bb);
436 OP (FI, B, C, D, A, 9, 21, 0xeb86d391);
437
438 /* Add the starting values of the context. */
439 A += A_save;
440 B += B_save;
441 C += C_save;
442 D += D_save;
443 }
444
445 /* Put checksum in context given as argument. */
446 ctx->A = A;
447 ctx->B = B;
448 ctx->C = C;
449 ctx->D = D;
450 }
451