Commit | Line | Data |
---|---|---|
2fe58dfd SE |
1 | /* |
2 | * This code implements the MD5 message-digest algorithm. | |
3 | * The algorithm is due to Ron Rivest. This code was | |
4 | * written by Colin Plumb in 1993, no copyright is claimed. | |
5 | * This code is in the public domain; do with it what you wish. | |
6 | * | |
7 | * Equivalent code is available from RSA Data Security, Inc. | |
8 | * This code has been tested against that, and is equivalent, | |
9 | * except that you don't need to include two pages of legalese | |
10 | * with every copy. | |
11 | * | |
12 | * To compute the message digest of a chunk of bytes, declare an | |
13 | * MD5Context structure, pass it to MD5Init, call MD5Update as | |
14 | * needed on buffers full of bytes, and then call MD5Final, which | |
15 | * will fill a supplied 16-byte array with the digest. | |
16 | * | |
17 | * Changed so as no longer to depend on Colin Plumb's `usual.h' header | |
18 | * definitions; now uses stuff from dpkg's config.h. | |
19 | * - Ian Jackson <ijackson@nyx.cs.du.edu>. | |
20 | * Still in the public domain. | |
21 | */ | |
22 | ||
2fe58dfd | 23 | #include "secnet.h" |
8689b3a9 | 24 | #include <string.h> /* for memcpy() */ |
2fe58dfd SE |
25 | #include "md5.h" |
26 | ||
27 | #ifdef WORDS_BIGENDIAN | |
28 | static void | |
1caa23ff | 29 | byteSwap(uint32_t *buf, int words) |
2fe58dfd SE |
30 | { |
31 | md5byte *p = (md5byte *)buf; | |
32 | ||
33 | do { | |
34 | *buf++ = (uint32_t)((unsigned)p[3] << 8 | p[2]) << 16 | | |
35 | ((unsigned)p[1] << 8 | p[0]); | |
36 | p += 4; | |
37 | } while (--words); | |
38 | } | |
39 | #else | |
40 | #define byteSwap(buf,words) | |
41 | #endif | |
42 | ||
43 | /* | |
44 | * Start MD5 accumulation. Set bit count to 0 and buffer to mysterious | |
45 | * initialization constants. | |
46 | */ | |
47 | static void | |
48 | MD5Init(struct MD5Context *ctx) | |
49 | { | |
50 | ctx->buf[0] = 0x67452301; | |
51 | ctx->buf[1] = 0xefcdab89; | |
52 | ctx->buf[2] = 0x98badcfe; | |
53 | ctx->buf[3] = 0x10325476; | |
54 | ||
55 | ctx->bytes[0] = 0; | |
56 | ctx->bytes[1] = 0; | |
57 | } | |
58 | ||
59 | /* | |
60 | * Update context to reflect the concatenation of another buffer full | |
61 | * of bytes. | |
62 | */ | |
63 | static void | |
64 | MD5Update(struct MD5Context *ctx, md5byte const *buf, unsigned len) | |
65 | { | |
66 | uint32_t t; | |
67 | ||
68 | /* Update byte count */ | |
69 | ||
70 | t = ctx->bytes[0]; | |
71 | if ((ctx->bytes[0] = t + len) < t) | |
72 | ctx->bytes[1]++; /* Carry from low to high */ | |
73 | ||
74 | t = 64 - (t & 0x3f); /* Space available in ctx->in (at least 1) */ | |
75 | if (t > len) { | |
76 | memcpy((md5byte *)ctx->in + 64 - t, buf, len); | |
77 | return; | |
78 | } | |
79 | /* First chunk is an odd size */ | |
80 | memcpy((md5byte *)ctx->in + 64 - t, buf, t); | |
81 | byteSwap(ctx->in, 16); | |
82 | MD5Transform(ctx->buf, ctx->in); | |
83 | buf += t; | |
84 | len -= t; | |
85 | ||
86 | /* Process data in 64-byte chunks */ | |
87 | while (len >= 64) { | |
88 | memcpy(ctx->in, buf, 64); | |
89 | byteSwap(ctx->in, 16); | |
90 | MD5Transform(ctx->buf, ctx->in); | |
91 | buf += 64; | |
92 | len -= 64; | |
93 | } | |
94 | ||
95 | /* Handle any remaining bytes of data. */ | |
96 | memcpy(ctx->in, buf, len); | |
97 | } | |
98 | ||
99 | /* | |
100 | * Final wrapup - pad to 64-byte boundary with the bit pattern | |
101 | * 1 0* (64-bit count of bits processed, MSB-first) | |
102 | */ | |
103 | static void | |
104 | MD5Final(md5byte digest[16], struct MD5Context *ctx) | |
105 | { | |
106 | int count = ctx->bytes[0] & 0x3f; /* Number of bytes in ctx->in */ | |
107 | md5byte *p = (md5byte *)ctx->in + count; | |
108 | ||
109 | /* Set the first char of padding to 0x80. There is always room. */ | |
110 | *p++ = 0x80; | |
111 | ||
112 | /* Bytes of padding needed to make 56 bytes (-8..55) */ | |
113 | count = 56 - 1 - count; | |
114 | ||
115 | if (count < 0) { /* Padding forces an extra block */ | |
116 | memset(p, 0, count + 8); | |
117 | byteSwap(ctx->in, 16); | |
118 | MD5Transform(ctx->buf, ctx->in); | |
119 | p = (md5byte *)ctx->in; | |
120 | count = 56; | |
121 | } | |
122 | memset(p, 0, count); | |
123 | byteSwap(ctx->in, 14); | |
124 | ||
125 | /* Append length in bits and transform */ | |
126 | ctx->in[14] = ctx->bytes[0] << 3; | |
127 | ctx->in[15] = ctx->bytes[1] << 3 | ctx->bytes[0] >> 29; | |
128 | MD5Transform(ctx->buf, ctx->in); | |
129 | ||
130 | byteSwap(ctx->buf, 4); | |
131 | memcpy(digest, ctx->buf, 16); | |
132 | memset(ctx, 0, sizeof(ctx)); /* In case it's sensitive */ | |
133 | } | |
134 | ||
135 | #ifndef ASM_MD5 | |
136 | ||
137 | /* The four core functions - F1 is optimized somewhat */ | |
138 | ||
139 | /* #define F1(x, y, z) (x & y | ~x & z) */ | |
140 | #define F1(x, y, z) (z ^ (x & (y ^ z))) | |
141 | #define F2(x, y, z) F1(z, x, y) | |
142 | #define F3(x, y, z) (x ^ y ^ z) | |
143 | #define F4(x, y, z) (y ^ (x | ~z)) | |
144 | ||
145 | /* This is the central step in the MD5 algorithm. */ | |
146 | #define MD5STEP(f,w,x,y,z,in,s) \ | |
147 | (w += f(x,y,z) + in, w = (w<<s | w>>(32-s)) + x) | |
148 | ||
149 | /* | |
150 | * The core of the MD5 algorithm, this alters an existing MD5 hash to | |
151 | * reflect the addition of 16 longwords of new data. MD5Update blocks | |
152 | * the data and converts bytes into longwords for this routine. | |
153 | */ | |
154 | static void | |
155 | MD5Transform(uint32_t buf[4], uint32_t const in[16]) | |
156 | { | |
157 | register uint32_t a, b, c, d; | |
158 | ||
159 | a = buf[0]; | |
160 | b = buf[1]; | |
161 | c = buf[2]; | |
162 | d = buf[3]; | |
163 | ||
164 | MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478, 7); | |
165 | MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756, 12); | |
166 | MD5STEP(F1, c, d, a, b, in[2] + 0x242070db, 17); | |
167 | MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceee, 22); | |
168 | MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0faf, 7); | |
169 | MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62a, 12); | |
170 | MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613, 17); | |
171 | MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501, 22); | |
172 | MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8, 7); | |
173 | MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7af, 12); | |
174 | MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1, 17); | |
175 | MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7be, 22); | |
176 | MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122, 7); | |
177 | MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193, 12); | |
178 | MD5STEP(F1, c, d, a, b, in[14] + 0xa679438e, 17); | |
179 | MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821, 22); | |
180 | ||
181 | MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562, 5); | |
182 | MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340, 9); | |
183 | MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51, 14); | |
184 | MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20); | |
185 | MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105d, 5); | |
186 | MD5STEP(F2, d, a, b, c, in[10] + 0x02441453, 9); | |
187 | MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681, 14); | |
188 | MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20); | |
189 | MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6, 5); | |
190 | MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6, 9); | |
191 | MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87, 14); | |
192 | MD5STEP(F2, b, c, d, a, in[8] + 0x455a14ed, 20); | |
193 | MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905, 5); | |
194 | MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8, 9); | |
195 | MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9, 14); | |
196 | MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20); | |
197 | ||
198 | MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942, 4); | |
199 | MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681, 11); | |
200 | MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122, 16); | |
201 | MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380c, 23); | |
202 | MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44, 4); | |
203 | MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9, 11); | |
204 | MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60, 16); | |
205 | MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70, 23); | |
206 | MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6, 4); | |
207 | MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127fa, 11); | |
208 | MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085, 16); | |
209 | MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05, 23); | |
210 | MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039, 4); | |
211 | MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5, 11); | |
212 | MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8, 16); | |
213 | MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665, 23); | |
214 | ||
215 | MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244, 6); | |
216 | MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97, 10); | |
217 | MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7, 15); | |
218 | MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039, 21); | |
219 | MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3, 6); | |
220 | MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92, 10); | |
221 | MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47d, 15); | |
222 | MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1, 21); | |
223 | MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4f, 6); | |
224 | MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10); | |
225 | MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314, 15); | |
226 | MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1, 21); | |
227 | MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82, 6); | |
228 | MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235, 10); | |
229 | MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15); | |
230 | MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391, 21); | |
231 | ||
232 | buf[0] += a; | |
233 | buf[1] += b; | |
234 | buf[2] += c; | |
235 | buf[3] += d; | |
236 | } | |
237 | ||
238 | #endif | |
239 | ||
240 | static void *md5_init(void) | |
241 | { | |
242 | struct MD5Context *ctx; | |
243 | ||
244 | ctx=safe_malloc(sizeof(*ctx),"md5_init"); | |
245 | MD5Init(ctx); | |
246 | ||
247 | return ctx; | |
248 | } | |
249 | ||
1caa23ff | 250 | static void md5_update(void *sst, uint8_t const *buf, int32_t len) |
2fe58dfd SE |
251 | { |
252 | struct MD5Context *ctx=sst; | |
253 | ||
254 | MD5Update(ctx,buf,len); | |
255 | } | |
256 | ||
257 | static void md5_final(void *sst, uint8_t *digest) | |
258 | { | |
259 | struct MD5Context *ctx=sst; | |
260 | ||
261 | MD5Final(digest,ctx); | |
262 | free(ctx); | |
263 | } | |
264 | ||
265 | struct md5 { | |
266 | closure_t cl; | |
267 | struct hash_if ops; | |
268 | }; | |
269 | ||
2fe58dfd SE |
270 | void md5_module(dict_t *dict) |
271 | { | |
272 | struct md5 *st; | |
273 | void *ctx; | |
fe5e9cc4 | 274 | cstring_t testinput="12345\n"; |
2fe58dfd SE |
275 | uint8_t expected[16]= |
276 | {0xd5,0x77,0x27,0x3f,0xf8,0x85,0xc3,0xf8, | |
277 | 0x4d,0xad,0xb8,0x57,0x8b,0xb4,0x13,0x99}; | |
278 | uint8_t digest[16]; | |
279 | int i; | |
280 | ||
3454dce4 | 281 | st=safe_malloc(sizeof(*st),"md5_module"); |
2fe58dfd SE |
282 | st->cl.description="md5"; |
283 | st->cl.type=CL_HASH; | |
284 | st->cl.apply=NULL; | |
285 | st->cl.interface=&st->ops; | |
286 | st->ops.len=16; | |
287 | st->ops.init=md5_init; | |
288 | st->ops.update=md5_update; | |
289 | st->ops.final=md5_final; | |
290 | ||
291 | dict_add(dict,"md5",new_closure(&st->cl)); | |
292 | ||
293 | ctx=md5_init(); | |
294 | md5_update(ctx,testinput,strlen(testinput)); | |
295 | md5_final(ctx,digest); | |
296 | for (i=0; i<16; i++) { | |
297 | if (digest[i]!=expected[i]) { | |
4f5e39ec | 298 | fatal("md5 module failed self-test"); |
2fe58dfd SE |
299 | } |
300 | } | |
301 | } |