1/* 2 * This code implements the MD5 message-digest algorithm. 3 * The algorithm is due to Ron Rivest. This code was 4 * written by Colin Plumb in 1993, no copyright is claimed. 5 * This code is in the public domain; do with it what you wish. 6 * 7 * Equivalent code is available from RSA Data Security, Inc. 8 * This code has been tested against that, and is equivalent, 9 * except that you don't need to include two pages of legalese 10 * with every copy. 11 * 12 * To compute the message digest of a chunk of bytes, declare an 13 * MD5Context structure, pass it to MD5Init, call MD5Update as 14 * needed on buffers full of bytes, and then call MD5Final, which 15 * will fill a supplied 16-byte array with the digest. 16 */ 17 18/* This code was modified in 1997 by Jim Kingdon of Cyclic Software to 19 not require an integer type which is exactly 32 bits. This work 20 draws on the changes for the same purpose by Tatu Ylonen 21 <ylo@cs.hut.fi> as part of SSH, but since I didn't actually use 22 that code, there is no copyright issue. I hereby disclaim 23 copyright in any changes I have made; this code remains in the 24 public domain. */ 25 26/* Note regarding cvs_* namespace: this avoids potential conflicts 27 with libraries such as some versions of Kerberos. No particular 28 need to worry about whether the system supplies an MD5 library, as 29 this file is only about 3k of object code. */ 30 31#include <util.h> 32 33#include "md5.h" 34 35/* Little-endian byte-swapping routines. Note that these do not 36 depend on the size of datatypes such as cvs_uint32, nor do they require 37 us to detect the endianness of the machine we are running on. It 38 is possible they should be macros for speed, but I would be 39 surprised if they were a performance bottleneck for MD5. */ 40 41static unsigned long 42getu32(const unsigned char *addr) 43{ 44 return (((((unsigned long)addr[3] << 8) | addr[2]) << 8) 45 | addr[1]) << 8 | addr[0]; 46} 47 48static void 49putu32(unsigned long data, unsigned char *addr) 50{ 51 addr[0] = (unsigned char)data; 52 addr[1] = (unsigned char)(data >> 8); 53 addr[2] = (unsigned char)(data >> 16); 54 addr[3] = (unsigned char)(data >> 24); 55} 56 57/* 58 * Start MD5 accumulation. Set bit count to 0 and buffer to mysterious 59 * initialization constants. 60 */ 61void 62yasm_md5_init(yasm_md5_context *ctx) 63{ 64 ctx->buf[0] = 0x67452301; 65 ctx->buf[1] = 0xefcdab89; 66 ctx->buf[2] = 0x98badcfe; 67 ctx->buf[3] = 0x10325476; 68 69 ctx->bits[0] = 0; 70 ctx->bits[1] = 0; 71} 72 73/* 74 * Update context to reflect the concatenation of another buffer full 75 * of bytes. 76 */ 77void 78yasm_md5_update(yasm_md5_context *ctx, unsigned char const *buf, 79 unsigned long len) 80{ 81 unsigned long t; 82 83 /* Update bitcount */ 84 85 t = ctx->bits[0]; 86 if ((ctx->bits[0] = (t + ((unsigned long)len << 3)) & 0xffffffff) < t) 87 ctx->bits[1]++; /* Carry from low to high */ 88 ctx->bits[1] += len >> 29; 89 90 t = (t >> 3) & 0x3f; /* Bytes already in shsInfo->data */ 91 92 /* Handle any leading odd-sized chunks */ 93 94 if ( t ) { 95 unsigned char *p = ctx->in + t; 96 97 t = 64-t; 98 if (len < t) { 99 memcpy(p, buf, len); 100 return; 101 } 102 memcpy(p, buf, t); 103 yasm_md5_transform (ctx->buf, ctx->in); 104 buf += t; 105 len -= t; 106 } 107 108 /* Process data in 64-byte chunks */ 109 110 while (len >= 64) { 111 memcpy(ctx->in, buf, 64); 112 yasm_md5_transform (ctx->buf, ctx->in); 113 buf += 64; 114 len -= 64; 115 } 116 117 /* Handle any remaining bytes of data. */ 118 119 memcpy(ctx->in, buf, len); 120} 121 122/* 123 * Final wrapup - pad to 64-byte boundary with the bit pattern 124 * 1 0* (64-bit count of bits processed, MSB-first) 125 */ 126void 127yasm_md5_final(unsigned char digest[16], yasm_md5_context *ctx) 128{ 129 unsigned count; 130 unsigned char *p; 131 132 /* Compute number of bytes mod 64 */ 133 count = (ctx->bits[0] >> 3) & 0x3F; 134 135 /* Set the first char of padding to 0x80. This is safe since there is 136 always at least one byte free */ 137 p = ctx->in + count; 138 *p++ = 0x80; 139 140 /* Bytes of padding needed to make 64 bytes */ 141 count = 64 - 1 - count; 142 143 /* Pad out to 56 mod 64 */ 144 if (count < 8) { 145 /* Two lots of padding: Pad the first block to 64 bytes */ 146 memset(p, 0, count); 147 yasm_md5_transform (ctx->buf, ctx->in); 148 149 /* Now fill the next block with 56 bytes */ 150 memset(ctx->in, 0, 56); 151 } else { 152 /* Pad block to 56 bytes */ 153 memset(p, 0, count-8); 154 } 155 156 /* Append length in bits and transform */ 157 putu32(ctx->bits[0], ctx->in + 56); 158 putu32(ctx->bits[1], ctx->in + 60); 159 160 yasm_md5_transform (ctx->buf, ctx->in); 161 putu32(ctx->buf[0], digest); 162 putu32(ctx->buf[1], digest + 4); 163 putu32(ctx->buf[2], digest + 8); 164 putu32(ctx->buf[3], digest + 12); 165 memset(ctx, 0, sizeof(*ctx)); /* In case it's sensitive */ 166} 167 168#ifndef ASM_MD5 169 170/* The four core functions - F1 is optimized somewhat */ 171 172/* #define F1(x, y, z) (x & y | ~x & z) */ 173#define F1(x, y, z) (z ^ (x & (y ^ z))) 174#define F2(x, y, z) F1(z, x, y) 175#define F3(x, y, z) (x ^ y ^ z) 176#define F4(x, y, z) (y ^ (x | ~z)) 177 178/* This is the central step in the MD5 algorithm. */ 179#define MD5STEP(f, w, x, y, z, data, s) \ 180 ( w += f(x, y, z) + data, w &= 0xffffffff, w = w<<s | w>>(32-s), w += x ) 181 182/* 183 * The core of the MD5 algorithm, this alters an existing MD5 hash to 184 * reflect the addition of 16 longwords of new data. MD5Update blocks 185 * the data and converts bytes into longwords for this routine. 186 */ 187void 188yasm_md5_transform(unsigned long buf[4], const unsigned char inraw[64]) 189{ 190 register unsigned long a, b, c, d; 191 unsigned long in[16]; 192 int i; 193 194 for (i = 0; i < 16; ++i) 195 in[i] = getu32 (inraw + 4 * i); 196 197 a = buf[0]; 198 b = buf[1]; 199 c = buf[2]; 200 d = buf[3]; 201 202 MD5STEP(F1, a, b, c, d, in[ 0]+0xd76aa478, 7); 203 MD5STEP(F1, d, a, b, c, in[ 1]+0xe8c7b756, 12); 204 MD5STEP(F1, c, d, a, b, in[ 2]+0x242070db, 17); 205 MD5STEP(F1, b, c, d, a, in[ 3]+0xc1bdceee, 22); 206 MD5STEP(F1, a, b, c, d, in[ 4]+0xf57c0faf, 7); 207 MD5STEP(F1, d, a, b, c, in[ 5]+0x4787c62a, 12); 208 MD5STEP(F1, c, d, a, b, in[ 6]+0xa8304613, 17); 209 MD5STEP(F1, b, c, d, a, in[ 7]+0xfd469501, 22); 210 MD5STEP(F1, a, b, c, d, in[ 8]+0x698098d8, 7); 211 MD5STEP(F1, d, a, b, c, in[ 9]+0x8b44f7af, 12); 212 MD5STEP(F1, c, d, a, b, in[10]+0xffff5bb1, 17); 213 MD5STEP(F1, b, c, d, a, in[11]+0x895cd7be, 22); 214 MD5STEP(F1, a, b, c, d, in[12]+0x6b901122, 7); 215 MD5STEP(F1, d, a, b, c, in[13]+0xfd987193, 12); 216 MD5STEP(F1, c, d, a, b, in[14]+0xa679438e, 17); 217 MD5STEP(F1, b, c, d, a, in[15]+0x49b40821, 22); 218 219 MD5STEP(F2, a, b, c, d, in[ 1]+0xf61e2562, 5); 220 MD5STEP(F2, d, a, b, c, in[ 6]+0xc040b340, 9); 221 MD5STEP(F2, c, d, a, b, in[11]+0x265e5a51, 14); 222 MD5STEP(F2, b, c, d, a, in[ 0]+0xe9b6c7aa, 20); 223 MD5STEP(F2, a, b, c, d, in[ 5]+0xd62f105d, 5); 224 MD5STEP(F2, d, a, b, c, in[10]+0x02441453, 9); 225 MD5STEP(F2, c, d, a, b, in[15]+0xd8a1e681, 14); 226 MD5STEP(F2, b, c, d, a, in[ 4]+0xe7d3fbc8, 20); 227 MD5STEP(F2, a, b, c, d, in[ 9]+0x21e1cde6, 5); 228 MD5STEP(F2, d, a, b, c, in[14]+0xc33707d6, 9); 229 MD5STEP(F2, c, d, a, b, in[ 3]+0xf4d50d87, 14); 230 MD5STEP(F2, b, c, d, a, in[ 8]+0x455a14ed, 20); 231 MD5STEP(F2, a, b, c, d, in[13]+0xa9e3e905, 5); 232 MD5STEP(F2, d, a, b, c, in[ 2]+0xfcefa3f8, 9); 233 MD5STEP(F2, c, d, a, b, in[ 7]+0x676f02d9, 14); 234 MD5STEP(F2, b, c, d, a, in[12]+0x8d2a4c8a, 20); 235 236 MD5STEP(F3, a, b, c, d, in[ 5]+0xfffa3942, 4); 237 MD5STEP(F3, d, a, b, c, in[ 8]+0x8771f681, 11); 238 MD5STEP(F3, c, d, a, b, in[11]+0x6d9d6122, 16); 239 MD5STEP(F3, b, c, d, a, in[14]+0xfde5380c, 23); 240 MD5STEP(F3, a, b, c, d, in[ 1]+0xa4beea44, 4); 241 MD5STEP(F3, d, a, b, c, in[ 4]+0x4bdecfa9, 11); 242 MD5STEP(F3, c, d, a, b, in[ 7]+0xf6bb4b60, 16); 243 MD5STEP(F3, b, c, d, a, in[10]+0xbebfbc70, 23); 244 MD5STEP(F3, a, b, c, d, in[13]+0x289b7ec6, 4); 245 MD5STEP(F3, d, a, b, c, in[ 0]+0xeaa127fa, 11); 246 MD5STEP(F3, c, d, a, b, in[ 3]+0xd4ef3085, 16); 247 MD5STEP(F3, b, c, d, a, in[ 6]+0x04881d05, 23); 248 MD5STEP(F3, a, b, c, d, in[ 9]+0xd9d4d039, 4); 249 MD5STEP(F3, d, a, b, c, in[12]+0xe6db99e5, 11); 250 MD5STEP(F3, c, d, a, b, in[15]+0x1fa27cf8, 16); 251 MD5STEP(F3, b, c, d, a, in[ 2]+0xc4ac5665, 23); 252 253 MD5STEP(F4, a, b, c, d, in[ 0]+0xf4292244, 6); 254 MD5STEP(F4, d, a, b, c, in[ 7]+0x432aff97, 10); 255 MD5STEP(F4, c, d, a, b, in[14]+0xab9423a7, 15); 256 MD5STEP(F4, b, c, d, a, in[ 5]+0xfc93a039, 21); 257 MD5STEP(F4, a, b, c, d, in[12]+0x655b59c3, 6); 258 MD5STEP(F4, d, a, b, c, in[ 3]+0x8f0ccc92, 10); 259 MD5STEP(F4, c, d, a, b, in[10]+0xffeff47d, 15); 260 MD5STEP(F4, b, c, d, a, in[ 1]+0x85845dd1, 21); 261 MD5STEP(F4, a, b, c, d, in[ 8]+0x6fa87e4f, 6); 262 MD5STEP(F4, d, a, b, c, in[15]+0xfe2ce6e0, 10); 263 MD5STEP(F4, c, d, a, b, in[ 6]+0xa3014314, 15); 264 MD5STEP(F4, b, c, d, a, in[13]+0x4e0811a1, 21); 265 MD5STEP(F4, a, b, c, d, in[ 4]+0xf7537e82, 6); 266 MD5STEP(F4, d, a, b, c, in[11]+0xbd3af235, 10); 267 MD5STEP(F4, c, d, a, b, in[ 2]+0x2ad7d2bb, 15); 268 MD5STEP(F4, b, c, d, a, in[ 9]+0xeb86d391, 21); 269 270 buf[0] += a; 271 buf[1] += b; 272 buf[2] += c; 273 buf[3] += d; 274} 275#endif 276 277#ifdef TEST 278/* Simple test program. Can use it to manually run the tests from 279 RFC1321 for example. */ 280#include <stdio.h> 281 282int 283main (int argc, char **argv) 284{ 285 yasm_md5_context context; 286 unsigned char checksum[16]; 287 int i; 288 int j; 289 290 if (argc < 2) 291 { 292 fprintf (stderr, "usage: %s string-to-hash\n", argv[0]); 293 exit (1); 294 } 295 for (j = 1; j < argc; ++j) 296 { 297 printf ("MD5 (\"%s\") = ", argv[j]); 298 yasm_md5_init (&context); 299 yasm_md5_update (&context, argv[j], strlen (argv[j])); 300 yasm_md5_final (checksum, &context); 301 for (i = 0; i < 16; i++) 302 { 303 printf ("%02x", (unsigned int) checksum[i]); 304 } 305 printf ("\n"); 306 } 307 return 0; 308} 309#endif /* TEST */ 310