1
2 /* MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm
3 */
4
5 /* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
6 rights reserved.
7
8 License to copy and use this software is granted provided that it
9 is identified as the "RSA Data Security, Inc. MD5 Message-Digest
10 Algorithm" in all material mentioning or referencing this software
11 or this function.
12
13 License is also granted to make and use derivative works provided
14 that such works are identified as "derived from the RSA Data
15 Security, Inc. MD5 Message-Digest Algorithm" in all material
16 mentioning or referencing the derived work.
17
18 RSA Data Security, Inc. makes no representations concerning either
19 the merchantability of this software or the suitability of this
20 software for any particular purpose. It is provided "as is"
21 without express or implied warranty of any kind.
22
23 These notices must be retained in any copies of any part of this
24 documentation and/or software.
25 */
26
27 #include "md5.h"
28
29 #include <string.h>
30
31 /* Constants for MD5Transform routine.
32 */
33 #define S11 7
34 #define S12 12
35 #define S13 17
36 #define S14 22
37 #define S21 5
38 #define S22 9
39 #define S23 14
40 #define S24 20
41 #define S31 4
42 #define S32 11
43 #define S33 16
44 #define S34 23
45 #define S41 6
46 #define S42 10
47 #define S43 15
48 #define S44 21
49
50 static const unsigned char PADDING[64] = {
51 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
52 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
53 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
54 };
55
56 /* F, G, H and I are basic MD5 functions.
57 */
58 #define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
59 #define G(x, y, z) (((x) & (z)) | ((y) & (~z)))
60 #define H(x, y, z) ((x) ^ (y) ^ (z))
61 #define I(x, y, z) ((y) ^ ((x) | (~z)))
62
63 /* ROTATE_LEFT rotates x left n bits.
64 */
65 #define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n))))
66
67 /* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4.
68 Rotation is separate from addition to prevent recomputation.
69 */
70 #define FF(a, b, c, d, x, s, ac) { \
71 (a) += F ((b), (c), (d)) + (x) + (UINT4)(ac); \
72 (a) = ROTATE_LEFT ((a), (s)); \
73 (a) += (b); \
74 }
75 #define GG(a, b, c, d, x, s, ac) { \
76 (a) += G ((b), (c), (d)) + (x) + (UINT4)(ac); \
77 (a) = ROTATE_LEFT ((a), (s)); \
78 (a) += (b); \
79 }
80 #define HH(a, b, c, d, x, s, ac) { \
81 (a) += H ((b), (c), (d)) + (x) + (UINT4)(ac); \
82 (a) = ROTATE_LEFT ((a), (s)); \
83 (a) += (b); \
84 }
85 #define II(a, b, c, d, x, s, ac) { \
86 (a) += I ((b), (c), (d)) + (x) + (UINT4)(ac); \
87 (a) = ROTATE_LEFT ((a), (s)); \
88 (a) += (b); \
89 }
90
91 #define MD5_memcpy(dst, src, len) memcpy((dst), (src), (len))
92 #define MD5_memset(dst, val, len) memset((dst), (val), (len))
93
94 /* Encodes input (UINT4) into output (unsigned char). Assumes len is
95 a multiple of 4.
96 */
97 static void
Encode(unsigned char * output,UINT4 * input,unsigned int len)98 Encode(unsigned char *output, UINT4 * input, unsigned int len)
99 {
100 unsigned int i, j;
101
102 for (i = 0, j = 0; j < len; i++, j += 4) {
103 output[j] = (unsigned char)(input[i] & 0xff);
104 output[j + 1] = (unsigned char)((input[i] >> 8) & 0xff);
105 output[j + 2] = (unsigned char)((input[i] >> 16) & 0xff);
106 output[j + 3] = (unsigned char)((input[i] >> 24) & 0xff);
107 }
108 }
109
110 /* Decodes input (unsigned char) into output (UINT4). Assumes len is
111 a multiple of 4.
112 */
113 static void
Decode(UINT4 * output,const unsigned char * input,unsigned int len)114 Decode(UINT4 * output, const unsigned char *input, unsigned int len)
115 {
116 unsigned int i, j;
117
118 for (i = 0, j = 0; j < len; i++, j += 4)
119 output[i] =
120 ((UINT4) input[j]) | (((UINT4) input[j + 1]) << 8) | (((UINT4) input[j + 2]) << 16) | (((UINT4) input[j + 3]) << 24);
121 }
122
123 /* MD5 basic transformation. Transforms state based on block.
124 */
125 static void
MD5Transform(UINT4 state[4],const unsigned char block[64])126 MD5Transform(UINT4 state[4], const unsigned char block[64])
127 {
128 UINT4 a = state[0], b = state[1], c = state[2], d = state[3], x[16];
129
130 Decode(x, block, 64);
131
132 /* Round 1 */
133 FF(a, b, c, d, x[0], S11, 0xd76aa478); /* 1 */
134 FF(d, a, b, c, x[1], S12, 0xe8c7b756); /* 2 */
135 FF(c, d, a, b, x[2], S13, 0x242070db); /* 3 */
136 FF(b, c, d, a, x[3], S14, 0xc1bdceee); /* 4 */
137 FF(a, b, c, d, x[4], S11, 0xf57c0faf); /* 5 */
138 FF(d, a, b, c, x[5], S12, 0x4787c62a); /* 6 */
139 FF(c, d, a, b, x[6], S13, 0xa8304613); /* 7 */
140 FF(b, c, d, a, x[7], S14, 0xfd469501); /* 8 */
141 FF(a, b, c, d, x[8], S11, 0x698098d8); /* 9 */
142 FF(d, a, b, c, x[9], S12, 0x8b44f7af); /* 10 */
143 FF(c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */
144 FF(b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */
145 FF(a, b, c, d, x[12], S11, 0x6b901122); /* 13 */
146 FF(d, a, b, c, x[13], S12, 0xfd987193); /* 14 */
147 FF(c, d, a, b, x[14], S13, 0xa679438e); /* 15 */
148 FF(b, c, d, a, x[15], S14, 0x49b40821); /* 16 */
149
150 /* Round 2 */
151 GG(a, b, c, d, x[1], S21, 0xf61e2562); /* 17 */
152 GG(d, a, b, c, x[6], S22, 0xc040b340); /* 18 */
153 GG(c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */
154 GG(b, c, d, a, x[0], S24, 0xe9b6c7aa); /* 20 */
155 GG(a, b, c, d, x[5], S21, 0xd62f105d); /* 21 */
156 GG(d, a, b, c, x[10], S22, 0x2441453); /* 22 */
157 GG(c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */
158 GG(b, c, d, a, x[4], S24, 0xe7d3fbc8); /* 24 */
159 GG(a, b, c, d, x[9], S21, 0x21e1cde6); /* 25 */
160 GG(d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */
161 GG(c, d, a, b, x[3], S23, 0xf4d50d87); /* 27 */
162 GG(b, c, d, a, x[8], S24, 0x455a14ed); /* 28 */
163 GG(a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */
164 GG(d, a, b, c, x[2], S22, 0xfcefa3f8); /* 30 */
165 GG(c, d, a, b, x[7], S23, 0x676f02d9); /* 31 */
166 GG(b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */
167
168 /* Round 3 */
169 HH(a, b, c, d, x[5], S31, 0xfffa3942); /* 33 */
170 HH(d, a, b, c, x[8], S32, 0x8771f681); /* 34 */
171 HH(c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */
172 HH(b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */
173 HH(a, b, c, d, x[1], S31, 0xa4beea44); /* 37 */
174 HH(d, a, b, c, x[4], S32, 0x4bdecfa9); /* 38 */
175 HH(c, d, a, b, x[7], S33, 0xf6bb4b60); /* 39 */
176 HH(b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */
177 HH(a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */
178 HH(d, a, b, c, x[0], S32, 0xeaa127fa); /* 42 */
179 HH(c, d, a, b, x[3], S33, 0xd4ef3085); /* 43 */
180 HH(b, c, d, a, x[6], S34, 0x4881d05); /* 44 */
181 HH(a, b, c, d, x[9], S31, 0xd9d4d039); /* 45 */
182 HH(d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */
183 HH(c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */
184 HH(b, c, d, a, x[2], S34, 0xc4ac5665); /* 48 */
185
186 /* Round 4 */
187 II(a, b, c, d, x[0], S41, 0xf4292244); /* 49 */
188 II(d, a, b, c, x[7], S42, 0x432aff97); /* 50 */
189 II(c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */
190 II(b, c, d, a, x[5], S44, 0xfc93a039); /* 52 */
191 II(a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */
192 II(d, a, b, c, x[3], S42, 0x8f0ccc92); /* 54 */
193 II(c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */
194 II(b, c, d, a, x[1], S44, 0x85845dd1); /* 56 */
195 II(a, b, c, d, x[8], S41, 0x6fa87e4f); /* 57 */
196 II(d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */
197 II(c, d, a, b, x[6], S43, 0xa3014314); /* 59 */
198 II(b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */
199 II(a, b, c, d, x[4], S41, 0xf7537e82); /* 61 */
200 II(d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */
201 II(c, d, a, b, x[2], S43, 0x2ad7d2bb); /* 63 */
202 II(b, c, d, a, x[9], S44, 0xeb86d391); /* 64 */
203
204 state[0] += a;
205 state[1] += b;
206 state[2] += c;
207 state[3] += d;
208
209 /* Zeroize sensitive information.
210 */
211 MD5_memset((POINTER) x, 0, sizeof(x));
212 }
213
214 /* MD5 initialization. Begins an MD5 operation, writing a new context.
215 */
216 void
MD5Init(MD5_CTX * context)217 MD5Init(MD5_CTX * context)
218 {
219 context->count[0] = context->count[1] = 0;
220
221 /* Load magic initialization constants.
222 */
223 context->state[0] = 0x67452301;
224 context->state[1] = 0xefcdab89;
225 context->state[2] = 0x98badcfe;
226 context->state[3] = 0x10325476;
227 }
228
229 /* MD5 block update operation. Continues an MD5 message-digest
230 operation, processing another message block, and updating the
231 context.
232 */
233 void
MD5Update(MD5_CTX * context,const unsigned char * input,const unsigned int inputLen)234 MD5Update(MD5_CTX * context, const unsigned char *input, const unsigned int inputLen)
235 {
236 unsigned int i, idx, partLen;
237
238 /* Compute number of bytes mod 64 */
239 idx = (unsigned int)((context->count[0] >> 3) & 0x3F);
240
241 /* Update number of bits */
242 if ((context->count[0] += ((UINT4) inputLen << 3)) < ((UINT4) inputLen << 3))
243 context->count[1]++;
244 context->count[1] += ((UINT4) inputLen >> 29);
245
246 partLen = 64 - idx;
247
248 /* Transform as many times as possible.
249 */
250 if (inputLen >= partLen) {
251 MD5_memcpy((POINTER) & context->buffer[idx], input, partLen);
252 MD5Transform(context->state, context->buffer);
253
254 for (i = partLen; i + 63 < inputLen; i += 64)
255 MD5Transform(context->state, &input[i]);
256
257 idx = 0;
258 } else
259 i = 0;
260
261 /* Buffer remaining input */
262 MD5_memcpy((POINTER) & context->buffer[idx], &input[i], inputLen - i);
263 }
264
265 /* MD5 finalization. Ends an MD5 message-digest operation, writing the
266 the message digest and zeroizing the context.
267 */
268 void
MD5Final(unsigned char digest[16],MD5_CTX * context)269 MD5Final(unsigned char digest[16], MD5_CTX * context)
270 {
271 unsigned char bits[8];
272 unsigned int idx, padLen;
273
274 /* Save number of bits */
275 Encode(bits, context->count, 8);
276
277 /* Pad out to 56 mod 64.
278 */
279 idx = (unsigned int)((context->count[0] >> 3) & 0x3f);
280 padLen = (idx < 56) ? (56 - idx) : (120 - idx);
281 MD5Update(context, PADDING, padLen);
282
283 /* Append length (before padding) */
284 MD5Update(context, bits, 8);
285
286 /* Store state in digest */
287 Encode(digest, context->state, 16);
288
289 /* Zeroize sensitive information.
290 */
291 MD5_memset((POINTER) context, 0, sizeof(*context));
292 }
293
294 /*
295 * Local Variables:
296 * c-basic-offset: 2
297 * indent-tabs-mode: nil
298 * End:
299 */
300