1 /*
2 * This code implements the MD5 message-digest algorithm.
3 * The algorithm is due to Ron Rivest. This code was
4 * written by Colin Plumb in 1993, no copyright is claimed.
5 * This code is in the public domain; do with it what you wish.
6 *
7 * Equivalent code is available from RSA Data Security, Inc.
8 * This code has been tested against that, and is equivalent,
9 * except that you don't need to include two pages of legalese
10 * with every copy.
11 *
12 * To compute the message digest of a chunk of bytes, declare an
13 * ThumbMD5Context structure, pass it to thumb_md5_init, call
14 * thumb_md5_update as needed on buffers full of bytes, and then call
15 * thumb_md5_final, which will fill a supplied 32-byte array with the
16 * digest in ascii form.
17 *
18 */
19
20 struct ThumbMD5Context {
21 wxUint32 buf[4];
22 wxUint32 bits[2];
23 unsigned char in[64];
24 };
25
26 static void thumb_md5 (const char *string, unsigned char digest[16]);
27
28 static void thumb_md5_init (struct ThumbMD5Context *context);
29 static void thumb_md5_update (struct ThumbMD5Context *context,
30 unsigned char const *buf,
31 unsigned len);
32 static void thumb_md5_final (unsigned char digest[16],
33 struct ThumbMD5Context *context);
34 static void thumb_md5_transform (wxUint32 buf[4],
35 wxUint32 const in[16]);
36
37
thumb_md5(const char * string,unsigned char digest[16])38 void thumb_md5 (const char *string, unsigned char digest[16])
39 {
40 struct ThumbMD5Context md5_context;
41
42 thumb_md5_init(&md5_context);
43 thumb_md5_update(&md5_context, (unsigned char const*)string, strlen(string));
44 thumb_md5_final(digest, &md5_context);
45 }
46
47 #if G_BYTE_ORDER == G_LITTLE_ENDIAN
48 #define byteReverse(buf, len) /* Nothing */
49 #else
50
51 /*
52 * Note: this code is harmless on little-endian machines.
53 */
54 static void
byteReverse(unsigned char * buf,unsigned longs)55 byteReverse(unsigned char *buf, unsigned longs)
56 {
57 wxUint32 t;
58 do {
59 t = (wxUint32) ((unsigned) buf[3] << 8 | buf[2]) << 16 |
60 ((unsigned) buf[1] << 8 | buf[0]);
61 *(wxUint32 *) buf = t;
62 buf += 4;
63 } while (--longs);
64 }
65
66 #endif
67
68 /*
69 * Start MD5 accumulation. Set bit count to 0 and buffer to mysterious
70 * initialization constants.
71 */
72 static void
thumb_md5_init(struct ThumbMD5Context * ctx)73 thumb_md5_init (struct ThumbMD5Context *ctx)
74 {
75 ctx->buf[0] = 0x67452301;
76 ctx->buf[1] = 0xefcdab89;
77 ctx->buf[2] = 0x98badcfe;
78 ctx->buf[3] = 0x10325476;
79
80 ctx->bits[0] = 0;
81 ctx->bits[1] = 0;
82 }
83
84 /*
85 * Update context to reflect the concatenation of another buffer full
86 * of bytes.
87 */
88 static void
thumb_md5_update(struct ThumbMD5Context * ctx,unsigned char const * buf,unsigned len)89 thumb_md5_update (struct ThumbMD5Context *ctx,
90 unsigned char const *buf,
91 unsigned len)
92 {
93 wxUint32 t;
94
95 /* Update bitcount */
96
97 t = ctx->bits[0];
98 if ((ctx->bits[0] = t + ((wxUint32) len << 3)) < t)
99 ctx->bits[1]++; /* Carry from low to high */
100 ctx->bits[1] += len >> 29;
101
102 t = (t >> 3) & 0x3f; /* Bytes already in shsInfo->data */
103
104 /* Handle any leading odd-sized chunks */
105
106 if (t) {
107 unsigned char *p = (unsigned char *) ctx->in + t;
108
109 t = 64 - t;
110 if (len < t) {
111 memcpy (p, buf, len);
112 return;
113 }
114 memcpy (p, buf, t);
115 byteReverse (ctx->in, 16);
116 thumb_md5_transform (ctx->buf, (wxUint32 *) ctx->in);
117 buf += t;
118 len -= t;
119 }
120
121 /* Process data in 64-byte chunks */
122
123 while (len >= 64) {
124 memcpy (ctx->in, buf, 64);
125 byteReverse (ctx->in, 16);
126 thumb_md5_transform (ctx->buf, (wxUint32 *) ctx->in);
127 buf += 64;
128 len -= 64;
129 }
130
131 /* Handle any remaining bytes of data. */
132
133 memcpy(ctx->in, buf, len);
134 }
135
136 /*
137 * Final wrapup - pad to 64-byte boundary with the bit pattern
138 * 1 0* (64-bit count of bits processed, MSB-first)
139 */
140 static void
thumb_md5_final(unsigned char digest[16],struct ThumbMD5Context * ctx)141 thumb_md5_final (unsigned char digest[16], struct ThumbMD5Context *ctx)
142 {
143 unsigned count;
144 unsigned char *p;
145
146 /* Compute number of bytes mod 64 */
147 count = (ctx->bits[0] >> 3) & 0x3F;
148
149 /* Set the first char of padding to 0x80. This is safe since there is
150 always at least one byte free */
151 p = ctx->in + count;
152 *p++ = 0x80;
153
154 /* Bytes of padding needed to make 64 bytes */
155 count = 64 - 1 - count;
156
157 /* Pad out to 56 mod 64 */
158 if (count < 8) {
159 /* Two lots of padding: Pad the first block to 64 bytes */
160 memset (p, 0, count);
161 byteReverse (ctx->in, 16);
162 thumb_md5_transform (ctx->buf, (wxUint32 *) ctx->in);
163
164 /* Now fill the next block with 56 bytes */
165 memset(ctx->in, 0, 56);
166 } else {
167 /* Pad block to 56 bytes */
168 memset(p, 0, count - 8);
169 }
170 byteReverse(ctx->in, 14);
171
172 /* Append length in bits and transform */
173 ((wxUint32 *) ctx->in)[14] = ctx->bits[0];
174 ((wxUint32 *) ctx->in)[15] = ctx->bits[1];
175
176 thumb_md5_transform (ctx->buf, (wxUint32 *) ctx->in);
177 byteReverse ((unsigned char *) ctx->buf, 4);
178 memcpy (digest, ctx->buf, 16);
179 memset (ctx, 0, sizeof(*ctx)); /* In case it's sensitive */
180 }
181
182
183 /* The four core functions - F1 is optimized somewhat */
184
185 #define F1(x, y, z) (z ^ (x & (y ^ z)))
186 #define F2(x, y, z) F1 (z, x, y)
187 #define F3(x, y, z) (x ^ y ^ z)
188 #define F4(x, y, z) (y ^ (x | ~z))
189
190 /* This is the central step in the MD5 algorithm. */
191 #define thumb_md5_step(f, w, x, y, z, data, s) \
192 ( w += f(x, y, z) + data, w = w<<s | w>>(32-s), w += x )
193
194 /*
195 * The core of the MD5 algorithm, this alters an existing MD5 hash to
196 * reflect the addition of 16 longwords of new data. ThumbMD5Update blocks
197 * the data and converts bytes into longwords for this routine.
198 */
199 static void
thumb_md5_transform(wxUint32 buf[4],wxUint32 const in[16])200 thumb_md5_transform (wxUint32 buf[4], wxUint32 const in[16])
201 {
202 register wxUint32 a, b, c, d;
203
204 a = buf[0];
205 b = buf[1];
206 c = buf[2];
207 d = buf[3];
208
209 thumb_md5_step(F1, a, b, c, d, in[0] + 0xd76aa478, 7);
210 thumb_md5_step(F1, d, a, b, c, in[1] + 0xe8c7b756, 12);
211 thumb_md5_step(F1, c, d, a, b, in[2] + 0x242070db, 17);
212 thumb_md5_step(F1, b, c, d, a, in[3] + 0xc1bdceee, 22);
213 thumb_md5_step(F1, a, b, c, d, in[4] + 0xf57c0faf, 7);
214 thumb_md5_step(F1, d, a, b, c, in[5] + 0x4787c62a, 12);
215 thumb_md5_step(F1, c, d, a, b, in[6] + 0xa8304613, 17);
216 thumb_md5_step(F1, b, c, d, a, in[7] + 0xfd469501, 22);
217 thumb_md5_step(F1, a, b, c, d, in[8] + 0x698098d8, 7);
218 thumb_md5_step(F1, d, a, b, c, in[9] + 0x8b44f7af, 12);
219 thumb_md5_step(F1, c, d, a, b, in[10] + 0xffff5bb1, 17);
220 thumb_md5_step(F1, b, c, d, a, in[11] + 0x895cd7be, 22);
221 thumb_md5_step(F1, a, b, c, d, in[12] + 0x6b901122, 7);
222 thumb_md5_step(F1, d, a, b, c, in[13] + 0xfd987193, 12);
223 thumb_md5_step(F1, c, d, a, b, in[14] + 0xa679438e, 17);
224 thumb_md5_step(F1, b, c, d, a, in[15] + 0x49b40821, 22);
225
226 thumb_md5_step(F2, a, b, c, d, in[1] + 0xf61e2562, 5);
227 thumb_md5_step(F2, d, a, b, c, in[6] + 0xc040b340, 9);
228 thumb_md5_step(F2, c, d, a, b, in[11] + 0x265e5a51, 14);
229 thumb_md5_step(F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20);
230 thumb_md5_step(F2, a, b, c, d, in[5] + 0xd62f105d, 5);
231 thumb_md5_step(F2, d, a, b, c, in[10] + 0x02441453, 9);
232 thumb_md5_step(F2, c, d, a, b, in[15] + 0xd8a1e681, 14);
233 thumb_md5_step(F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20);
234 thumb_md5_step(F2, a, b, c, d, in[9] + 0x21e1cde6, 5);
235 thumb_md5_step(F2, d, a, b, c, in[14] + 0xc33707d6, 9);
236 thumb_md5_step(F2, c, d, a, b, in[3] + 0xf4d50d87, 14);
237 thumb_md5_step(F2, b, c, d, a, in[8] + 0x455a14ed, 20);
238 thumb_md5_step(F2, a, b, c, d, in[13] + 0xa9e3e905, 5);
239 thumb_md5_step(F2, d, a, b, c, in[2] + 0xfcefa3f8, 9);
240 thumb_md5_step(F2, c, d, a, b, in[7] + 0x676f02d9, 14);
241 thumb_md5_step(F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20);
242
243 thumb_md5_step(F3, a, b, c, d, in[5] + 0xfffa3942, 4);
244 thumb_md5_step(F3, d, a, b, c, in[8] + 0x8771f681, 11);
245 thumb_md5_step(F3, c, d, a, b, in[11] + 0x6d9d6122, 16);
246 thumb_md5_step(F3, b, c, d, a, in[14] + 0xfde5380c, 23);
247 thumb_md5_step(F3, a, b, c, d, in[1] + 0xa4beea44, 4);
248 thumb_md5_step(F3, d, a, b, c, in[4] + 0x4bdecfa9, 11);
249 thumb_md5_step(F3, c, d, a, b, in[7] + 0xf6bb4b60, 16);
250 thumb_md5_step(F3, b, c, d, a, in[10] + 0xbebfbc70, 23);
251 thumb_md5_step(F3, a, b, c, d, in[13] + 0x289b7ec6, 4);
252 thumb_md5_step(F3, d, a, b, c, in[0] + 0xeaa127fa, 11);
253 thumb_md5_step(F3, c, d, a, b, in[3] + 0xd4ef3085, 16);
254 thumb_md5_step(F3, b, c, d, a, in[6] + 0x04881d05, 23);
255 thumb_md5_step(F3, a, b, c, d, in[9] + 0xd9d4d039, 4);
256 thumb_md5_step(F3, d, a, b, c, in[12] + 0xe6db99e5, 11);
257 thumb_md5_step(F3, c, d, a, b, in[15] + 0x1fa27cf8, 16);
258 thumb_md5_step(F3, b, c, d, a, in[2] + 0xc4ac5665, 23);
259
260 thumb_md5_step(F4, a, b, c, d, in[0] + 0xf4292244, 6);
261 thumb_md5_step(F4, d, a, b, c, in[7] + 0x432aff97, 10);
262 thumb_md5_step(F4, c, d, a, b, in[14] + 0xab9423a7, 15);
263 thumb_md5_step(F4, b, c, d, a, in[5] + 0xfc93a039, 21);
264 thumb_md5_step(F4, a, b, c, d, in[12] + 0x655b59c3, 6);
265 thumb_md5_step(F4, d, a, b, c, in[3] + 0x8f0ccc92, 10);
266 thumb_md5_step(F4, c, d, a, b, in[10] + 0xffeff47d, 15);
267 thumb_md5_step(F4, b, c, d, a, in[1] + 0x85845dd1, 21);
268 thumb_md5_step(F4, a, b, c, d, in[8] + 0x6fa87e4f, 6);
269 thumb_md5_step(F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10);
270 thumb_md5_step(F4, c, d, a, b, in[6] + 0xa3014314, 15);
271 thumb_md5_step(F4, b, c, d, a, in[13] + 0x4e0811a1, 21);
272 thumb_md5_step(F4, a, b, c, d, in[4] + 0xf7537e82, 6);
273 thumb_md5_step(F4, d, a, b, c, in[11] + 0xbd3af235, 10);
274 thumb_md5_step(F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15);
275 thumb_md5_step(F4, b, c, d, a, in[9] + 0xeb86d391, 21);
276
277 buf[0] += a;
278 buf[1] += b;
279 buf[2] += c;
280 buf[3] += d;
281 }
282
283 //////////////////////////////////////////////////////////////////////////////
284 //////////////////////////////////////////////////////////////////////////////
285 //////////////////////////////////////////////////////////////////////////////
286
287 enum {
288 UNSAFE_ALL = 0x1, /* Escape all unsafe characters */
289 UNSAFE_ALLOW_PLUS = 0x2, /* Allows '+' */
290 UNSAFE_PATH = 0x4, /* Allows '/' and '?' and '&' and '=' */
291 UNSAFE_DOS_PATH = 0x8, /* Allows '/' and '?' and '&' and '=' and ':' */
292 UNSAFE_HOST = 0x10, /* Allows '/' and ':' and '@' */
293 UNSAFE_SLASHES = 0x20 /* Allows all characters except for '/' and '%' */
294 };
295 const unsigned char acceptable[96] =
296 { /* X0 X1 X2 X3 X4 X5 X6 X7 X8 X9 XA XB XC XD XE XF */
297 0x00,0x3F,0x20,0x20,0x20,0x00,0x2C,0x3F,0x3F,0x3F,0x3F,0x22,0x20,0x3F,0x3F,0x1C, /* 2X !"#$%&'()*+,-./ */
298 0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x38,0x20,0x20,0x2C,0x20,0x2C, /* 3X 0123456789:;<=>? */
299 0x30,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F, /* 4X @ABCDEFGHIJKLMNO */
300 0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x20,0x20,0x20,0x20,0x3F, /* 5X PQRSTUVWXYZ[\]^_ */
301 0x20,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F, /* 6X `abcdefghijklmno */
302 0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x20,0x20,0x20,0x3F,0x20 /* 7X pqrstuvwxyz{|}~DEL */
303 };
304 #ifdef __WXMSW__
305 #define ACCEPTABLE_CHAR(a) ((a)>=32 && (a)<128 && (acceptable[(a)-32] & UNSAFE_DOS_PATH))
306 #else
307 #define ACCEPTABLE_CHAR(a) ((a)>=32 && (a)<128 && (acceptable[(a)-32] & UNSAFE_PATH))
308 #endif
309 #define HEX_ESCAPE '%'
310 const char hex_chars[17] = "0123456789ABCDEF";
escape_string(const char * string)311 char* escape_string(const char *string)
312 {
313 const char *p;
314 char *q;
315 char *result;
316 unsigned char c;
317 int unacceptable;
318
319 if (string == NULL)
320 return NULL;
321
322 unacceptable = 0;
323 for (p = string; *p != '\0'; p++) {
324 c = *p;
325 if (!ACCEPTABLE_CHAR (c)) {
326 unacceptable++;
327 }
328 }
329
330 result = (char*) malloc(p - string + unacceptable * 2 + 1);
331
332 for (q = result, p = string; *p != '\0'; p++){
333 c = *p;
334
335 if (!ACCEPTABLE_CHAR (c)) {
336 *q++ = HEX_ESCAPE; /* means hex coming */
337 *q++ = hex_chars[c >> 4];
338 *q++ = hex_chars[c & 15];
339 } else {
340 *q++ = c;
341 }
342 }
343
344 *q = '\0';
345
346 return result;
347 }
348
thumb_digest_to_ascii(unsigned char digest[16])349 char *thumb_digest_to_ascii(unsigned char digest[16])
350 {
351 static char hex_digits[] = "0123456789abcdef";
352 unsigned char *res;
353 int i;
354
355 res = (unsigned char*) malloc (33);
356
357 for (i = 0; i < 16; i++)
358 {
359 res[2*i] = hex_digits[digest[i] >> 4];
360 res[2*i+1] = hex_digits[digest[i] & 0xf];
361 }
362
363 res[32] = 0;
364
365 return (char*) res;
366 }
367