1 /* md5.c - Functions to compute MD5 message digest of files or memory blocks
2 according to the definition of MD5 in RFC 1321 from April 1992.
3 Copyright (C) 1995, 1996, 2001 Free Software Foundation, Inc.
4 NOTE: The canonical source of this file is maintained with the GNU C
5 Library. Bugs can be reported to bug-glibc@prep.ai.mit.edu.
6
7 This program is free software; you can redistribute it and/or modify it
8 under the terms of the GNU General Public License as published by the
9 Free Software Foundation; either version 2, or (at your option) any
10 later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software Foundation,
19 Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
20 */
21
22 /* Written by Ulrich Drepper <drepper@gnu.ai.mit.edu>, 1995. */
23
24 #include <Rconfig.h>
25 #include <sys/types.h>
26
27 # include <stdlib.h>
28 # include <string.h>
29
30 #include "md5.h"
31
32 #ifdef WORDS_BIGENDIAN
33 # define SWAP(n) \
34 (((n) << 24) | (((n) & 0xff00) << 8) | (((n) >> 8) & 0xff00) | ((n) >> 24))
35 #else
36 # define SWAP(n) (n)
37 #endif
38
39 /* moved from md5.h */
40 static void md5_process_block __P ((const void *buffer, size_t len,
41 struct md5_ctx *ctx));
42 static void md5_process_bytes __P ((const void *buffer, size_t len,
43 struct md5_ctx *ctx));
44
45
46 /* This array contains the bytes used to pad the buffer to the next
47 64-byte boundary. (RFC 1321, 3.1: Step 1) */
48 static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ };
49
50
51 /* Initialize structure containing state of computation.
52 (RFC 1321, 3.3: Step 3) */
53 static void
md5_init_ctx(struct md5_ctx * ctx)54 md5_init_ctx (struct md5_ctx *ctx)
55 {
56 ctx->A = 0x67452301;
57 ctx->B = 0xefcdab89;
58 ctx->C = 0x98badcfe;
59 ctx->D = 0x10325476;
60
61 ctx->total[0] = ctx->total[1] = 0;
62 ctx->buflen = 0;
63 }
64
65 /* Put result from CTX in first 16 bytes following RESBUF. The result
66 must be in little endian byte order.
67
68 IMPORTANT: On some systems it is required that RESBUF is correctly
69 aligned for a 32 bits value. */
70 static void *
md5_read_ctx(const struct md5_ctx * ctx,void * resbuf)71 md5_read_ctx (const struct md5_ctx *ctx, void *resbuf)
72 {
73 ((md5_uint32 *) resbuf)[0] = SWAP (ctx->A);
74 ((md5_uint32 *) resbuf)[1] = SWAP (ctx->B);
75 ((md5_uint32 *) resbuf)[2] = SWAP (ctx->C);
76 ((md5_uint32 *) resbuf)[3] = SWAP (ctx->D);
77
78 return resbuf;
79 }
80
81 /* Process the remaining bytes in the internal buffer and the usual
82 prolog according to the standard and write the result to RESBUF.
83
84 IMPORTANT: On some systems it is required that RESBUF is correctly
85 aligned for a 32 bits value. */
86 static void *
md5_finish_ctx(struct md5_ctx * ctx,void * resbuf)87 md5_finish_ctx (struct md5_ctx *ctx, void *resbuf)
88 {
89 /* Take yet unprocessed bytes into account. */
90 md5_uint32 bytes = ctx->buflen;
91 size_t pad;
92
93 /* Now count remaining bytes. */
94 ctx->total[0] += bytes;
95 if (ctx->total[0] < bytes)
96 ++ctx->total[1];
97
98 pad = bytes >= 56 ? 64 + 56 - bytes : 56 - bytes;
99 memcpy (&ctx->buffer[bytes], fillbuf, pad);
100
101 /* Put the 64-bit file length in *bits* at the end of the buffer. */
102 *(md5_uint32 *) &ctx->buffer[bytes + pad] = SWAP (ctx->total[0] << 3);
103 *(md5_uint32 *) &ctx->buffer[bytes + pad + 4] = SWAP ((ctx->total[1] << 3) |
104 (ctx->total[0] >> 29));
105
106 /* Process last bytes. */
107 md5_process_block (ctx->buffer, bytes + pad + 8, ctx);
108
109 return md5_read_ctx (ctx, resbuf);
110 }
111
112 /* Compute MD5 message digest for bytes read from STREAM. The
113 resulting message digest number will be written into the 16 bytes
114 beginning at RESBLOCK. */
115 int
md5_stream(FILE * stream,void * resblock)116 md5_stream (FILE *stream, void *resblock)
117 {
118 /* Important: BLOCKSIZE must be a multiple of 64. */
119 #define BLOCKSIZE 4096
120 struct md5_ctx ctx;
121 char buffer[BLOCKSIZE + 72];
122 size_t sum;
123
124 /* Initialize the computation context. */
125 md5_init_ctx (&ctx);
126
127 /* Iterate over full file contents. */
128 while (1)
129 {
130 /* We read the file in blocks of BLOCKSIZE bytes. One call of the
131 computation function processes the whole buffer so that with the
132 next round of the loop another block can be read. */
133 size_t n;
134 sum = 0;
135
136 /* Read block. Take care for partial reads. */
137 do
138 {
139 n = fread (buffer + sum, 1, BLOCKSIZE - sum, stream);
140
141 sum += n;
142 }
143 while (sum < BLOCKSIZE && n != 0);
144 if (n == 0 && ferror (stream))
145 return 1;
146
147 /* If end of file is reached, end the loop. */
148 if (n == 0)
149 break;
150
151 /* Process buffer with BLOCKSIZE bytes. Note that
152 BLOCKSIZE % 64 == 0
153 */
154 md5_process_block (buffer, BLOCKSIZE, &ctx);
155 }
156
157 /* Add the last bytes if necessary. */
158 if (sum > 0)
159 md5_process_bytes (buffer, sum, &ctx);
160
161 /* Construct result in desired memory. */
162 md5_finish_ctx (&ctx, resblock);
163 return 0;
164 }
165
166 #ifdef UNUSED
167 /* Compute MD5 message digest for LEN bytes beginning at BUFFER. The
168 result is always in little endian byte order, so that a byte-wise
169 output yields to the wanted ASCII representation of the message
170 digest. */
171 static void *
md5_buffer(const char * buffer,size_t len,void * resblock)172 md5_buffer (const char *buffer, size_t len, void *resblock)
173 {
174 struct md5_ctx ctx;
175
176 /* Initialize the computation context. */
177 md5_init_ctx (&ctx);
178
179 /* Process whole buffer but last len % 64 bytes. */
180 md5_process_bytes (buffer, len, &ctx);
181
182 /* Put result in desired memory area. */
183 return md5_finish_ctx (&ctx, resblock);
184 }
185 #endif
186
187 static void
md5_process_bytes(const void * buffer,size_t len,struct md5_ctx * ctx)188 md5_process_bytes (const void *buffer, size_t len, struct md5_ctx *ctx)
189 {
190 /* When we already have some bits in our internal buffer concatenate
191 both inputs first. */
192 if (ctx->buflen != 0)
193 {
194 size_t left_over = ctx->buflen;
195 size_t add = 128 - left_over > len ? len : 128 - left_over;
196
197 memcpy (&ctx->buffer[left_over], buffer, add);
198 ctx->buflen += add;
199
200 if (left_over + add > 64)
201 {
202 md5_process_block (ctx->buffer, (left_over + add) & ~63, ctx);
203 /* The regions in the following copy operation cannot overlap. */
204 memcpy (ctx->buffer, &ctx->buffer[(left_over + add) & ~63],
205 (left_over + add) & 63);
206 ctx->buflen = (left_over + add) & 63;
207 }
208
209 buffer = (const char *) buffer + add;
210 len -= add;
211 }
212
213 /* Process available complete blocks. */
214 if (len > 64)
215 {
216 md5_process_block (buffer, len & ~63, ctx);
217 buffer = (const char *) buffer + (len & ~63);
218 len &= 63;
219 }
220
221 /* Move remaining bytes in internal buffer. */
222 if (len > 0)
223 {
224 memcpy (ctx->buffer, buffer, len);
225 ctx->buflen = (md5_uint32) len;
226 }
227 }
228
229
230 /* These are the four functions used in the four steps of the MD5 algorithm
231 and defined in the RFC 1321. The first function is a little bit optimized
232 (as found in Colin Plumbs public domain implementation). */
233 /* #define FF(b, c, d) ((b & c) | (~b & d)) */
234 #define FF(b, c, d) (d ^ (b & (c ^ d)))
235 #define FG(b, c, d) FF (d, b, c)
236 #define FH(b, c, d) (b ^ c ^ d)
237 #define FI(b, c, d) (c ^ (b | ~d))
238
239 /* Process LEN bytes of BUFFER, accumulating context into CTX.
240 It is assumed that LEN % 64 == 0. */
241
242 static void
md5_process_block(const void * buffer,size_t len,struct md5_ctx * ctx)243 md5_process_block (const void *buffer, size_t len, struct md5_ctx *ctx)
244 {
245 md5_uint32 correct_words[16];
246 const md5_uint32 *words = buffer;
247 size_t nwords = len / sizeof (md5_uint32);
248 const md5_uint32 *endp = words + nwords;
249 md5_uint32 A = ctx->A;
250 md5_uint32 B = ctx->B;
251 md5_uint32 C = ctx->C;
252 md5_uint32 D = ctx->D;
253
254 /* First increment the byte count. RFC 1321 specifies the possible
255 length of the file up to 2^64 bits. Here we only compute the
256 number of bytes. Do a double word increment. */
257 ctx->total[0] += len;
258 if (ctx->total[0] < len)
259 ++ctx->total[1];
260
261 /* Process all bytes in the buffer with 64 bytes in each round of
262 the loop. */
263 while (words < endp)
264 {
265 md5_uint32 *cwp = correct_words;
266 md5_uint32 A_save = A;
267 md5_uint32 B_save = B;
268 md5_uint32 C_save = C;
269 md5_uint32 D_save = D;
270
271 /* First round: using the given function, the context and a constant
272 the next context is computed. Because the algorithms processing
273 unit is a 32-bit word and it is determined to work on words in
274 little endian byte order we perhaps have to change the byte order
275 before the computation. To reduce the work for the next steps
276 we store the swapped words in the array CORRECT_WORDS. */
277
278 #define OP(a, b, c, d, s, T) \
279 do \
280 { \
281 a += FF (b, c, d) + (*cwp++ = SWAP (*words)) + T; \
282 ++words; \
283 a = rol (a, s); \
284 a += b; \
285 } \
286 while (0)
287
288 /* Before we start, one word to the strange constants.
289 They are defined in RFC 1321 as
290
291 T[i] = (int) (4294967296.0 * fabs (sin (i))), i=1..64, or
292 perl -e 'foreach(1..64){printf "0x%08x\n", int (4294967296 * abs (sin $_))}'
293 */
294
295 /* Round 1. */
296 OP (A, B, C, D, 7, 0xd76aa478);
297 OP (D, A, B, C, 12, 0xe8c7b756);
298 OP (C, D, A, B, 17, 0x242070db);
299 OP (B, C, D, A, 22, 0xc1bdceee);
300 OP (A, B, C, D, 7, 0xf57c0faf);
301 OP (D, A, B, C, 12, 0x4787c62a);
302 OP (C, D, A, B, 17, 0xa8304613);
303 OP (B, C, D, A, 22, 0xfd469501);
304 OP (A, B, C, D, 7, 0x698098d8);
305 OP (D, A, B, C, 12, 0x8b44f7af);
306 OP (C, D, A, B, 17, 0xffff5bb1);
307 OP (B, C, D, A, 22, 0x895cd7be);
308 OP (A, B, C, D, 7, 0x6b901122);
309 OP (D, A, B, C, 12, 0xfd987193);
310 OP (C, D, A, B, 17, 0xa679438e);
311 OP (B, C, D, A, 22, 0x49b40821);
312
313 /* For the second to fourth round we have the possibly swapped words
314 in CORRECT_WORDS. Redefine the macro to take an additional first
315 argument specifying the function to use. */
316 #undef OP
317 #define OP(f, a, b, c, d, k, s, T) \
318 do \
319 { \
320 a += f (b, c, d) + correct_words[k] + T; \
321 a = rol (a, s); \
322 a += b; \
323 } \
324 while (0)
325
326 /* Round 2. */
327 OP (FG, A, B, C, D, 1, 5, 0xf61e2562);
328 OP (FG, D, A, B, C, 6, 9, 0xc040b340);
329 OP (FG, C, D, A, B, 11, 14, 0x265e5a51);
330 OP (FG, B, C, D, A, 0, 20, 0xe9b6c7aa);
331 OP (FG, A, B, C, D, 5, 5, 0xd62f105d);
332 OP (FG, D, A, B, C, 10, 9, 0x02441453);
333 OP (FG, C, D, A, B, 15, 14, 0xd8a1e681);
334 OP (FG, B, C, D, A, 4, 20, 0xe7d3fbc8);
335 OP (FG, A, B, C, D, 9, 5, 0x21e1cde6);
336 OP (FG, D, A, B, C, 14, 9, 0xc33707d6);
337 OP (FG, C, D, A, B, 3, 14, 0xf4d50d87);
338 OP (FG, B, C, D, A, 8, 20, 0x455a14ed);
339 OP (FG, A, B, C, D, 13, 5, 0xa9e3e905);
340 OP (FG, D, A, B, C, 2, 9, 0xfcefa3f8);
341 OP (FG, C, D, A, B, 7, 14, 0x676f02d9);
342 OP (FG, B, C, D, A, 12, 20, 0x8d2a4c8a);
343
344 /* Round 3. */
345 OP (FH, A, B, C, D, 5, 4, 0xfffa3942);
346 OP (FH, D, A, B, C, 8, 11, 0x8771f681);
347 OP (FH, C, D, A, B, 11, 16, 0x6d9d6122);
348 OP (FH, B, C, D, A, 14, 23, 0xfde5380c);
349 OP (FH, A, B, C, D, 1, 4, 0xa4beea44);
350 OP (FH, D, A, B, C, 4, 11, 0x4bdecfa9);
351 OP (FH, C, D, A, B, 7, 16, 0xf6bb4b60);
352 OP (FH, B, C, D, A, 10, 23, 0xbebfbc70);
353 OP (FH, A, B, C, D, 13, 4, 0x289b7ec6);
354 OP (FH, D, A, B, C, 0, 11, 0xeaa127fa);
355 OP (FH, C, D, A, B, 3, 16, 0xd4ef3085);
356 OP (FH, B, C, D, A, 6, 23, 0x04881d05);
357 OP (FH, A, B, C, D, 9, 4, 0xd9d4d039);
358 OP (FH, D, A, B, C, 12, 11, 0xe6db99e5);
359 OP (FH, C, D, A, B, 15, 16, 0x1fa27cf8);
360 OP (FH, B, C, D, A, 2, 23, 0xc4ac5665);
361
362 /* Round 4. */
363 OP (FI, A, B, C, D, 0, 6, 0xf4292244);
364 OP (FI, D, A, B, C, 7, 10, 0x432aff97);
365 OP (FI, C, D, A, B, 14, 15, 0xab9423a7);
366 OP (FI, B, C, D, A, 5, 21, 0xfc93a039);
367 OP (FI, A, B, C, D, 12, 6, 0x655b59c3);
368 OP (FI, D, A, B, C, 3, 10, 0x8f0ccc92);
369 OP (FI, C, D, A, B, 10, 15, 0xffeff47d);
370 OP (FI, B, C, D, A, 1, 21, 0x85845dd1);
371 OP (FI, A, B, C, D, 8, 6, 0x6fa87e4f);
372 OP (FI, D, A, B, C, 15, 10, 0xfe2ce6e0);
373 OP (FI, C, D, A, B, 6, 15, 0xa3014314);
374 OP (FI, B, C, D, A, 13, 21, 0x4e0811a1);
375 OP (FI, A, B, C, D, 4, 6, 0xf7537e82);
376 OP (FI, D, A, B, C, 11, 10, 0xbd3af235);
377 OP (FI, C, D, A, B, 2, 15, 0x2ad7d2bb);
378 OP (FI, B, C, D, A, 9, 21, 0xeb86d391);
379
380 /* Add the starting values of the context. */
381 A += A_save;
382 B += B_save;
383 C += C_save;
384 D += D_save;
385 }
386
387 /* Put checksum in context given as argument. */
388 ctx->A = A;
389 ctx->B = B;
390 ctx->C = C;
391 ctx->D = D;
392 }
393