123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271 |
- #include "os.h"
- #include <libsec.h>
- /*
- * This MD4 is implemented from the description in Stinson's Cryptography,
- * theory and practice. -- presotto
- */
- /*
- * Rotate ammounts used in the algorithm
- */
- enum
- {
- S11= 3,
- S12= 7,
- S13= 11,
- S14= 19,
- S21= 3,
- S22= 5,
- S23= 9,
- S24= 13,
- S31= 3,
- S32= 9,
- S33= 11,
- S34= 15,
- };
- typedef struct MD4Table MD4Table;
- struct MD4Table
- {
- uchar x; /* index into data block */
- uchar rot; /* amount to rotate left by */
- };
- static MD4Table tab[] =
- {
- /* round 1 */
- /*[0]*/ { 0, S11},
- { 1, S12},
- { 2, S13},
- { 3, S14},
- { 4, S11},
- { 5, S12},
- { 6, S13},
- { 7, S14},
- { 8, S11},
- { 9, S12},
- { 10, S13},
- { 11, S14},
- { 12, S11},
- { 13, S12},
- { 14, S13},
- { 15, S14},
- /* round 2 */
- /*[16]*/{ 0, S21},
- { 4, S22},
- { 8, S23},
- { 12, S24},
- { 1, S21},
- { 5, S22},
- { 9, S23},
- { 13, S24},
- { 2, S21},
- { 6, S22},
- { 10, S23},
- { 14, S24},
- { 3, S21},
- { 7, S22},
- { 11, S23},
- { 15, S24},
- /* round 3 */
- /*[32]*/{ 0, S31},
- { 8, S32},
- { 4, S33},
- { 12, S34},
- { 2, S31},
- { 10, S32},
- { 6, S33},
- { 14, S34},
- { 1, S31},
- { 9, S32},
- { 5, S33},
- { 13, S34},
- { 3, S31},
- { 11, S32},
- { 7, S33},
- { 15, S34},
- };
- static void encode(uchar*, u32int*, ulong);
- static void decode(u32int*, uchar*, ulong);
- static void
- md4block(uchar *p, ulong len, MD4state *s)
- {
- int i;
- u32int a, b, c, d, tmp;
- MD4Table *t;
- uchar *end;
- u32int x[16];
- for(end = p+len; p < end; p += 64){
- a = s->state[0];
- b = s->state[1];
- c = s->state[2];
- d = s->state[3];
- decode(x, p, 64);
-
- for(i = 0; i < 48; i++){
- t = tab + i;
- switch(i>>4){
- case 0:
- a += (b & c) | (~b & d);
- break;
- case 1:
- a += ((b & c) | (b & d) | (c & d)) + 0x5A827999;
- break;
- case 2:
- a += (b ^ c ^ d) + 0x6ED9EBA1;
- break;
- }
- a += x[t->x];
- a = (a << t->rot) | (a >> (32 - t->rot));
-
- /* rotate variables */
- tmp = d;
- d = c;
- c = b;
- b = a;
- a = tmp;
- }
- s->state[0] += a;
- s->state[1] += b;
- s->state[2] += c;
- s->state[3] += d;
- s->len += 64;
- }
- }
- MD4state*
- md4(uchar *p, ulong len, uchar *digest, MD4state *s)
- {
- u32int x[16];
- uchar buf[128];
- int i;
- uchar *e;
- if(s == nil){
- s = malloc(sizeof(*s));
- if(s == nil)
- return nil;
- memset(s, 0, sizeof(*s));
- s->malloced = 1;
- }
- if(s->seeded == 0){
- /* seed the state, these constants would look nicer big-endian */
- s->state[0] = 0x67452301;
- s->state[1] = 0xefcdab89;
- s->state[2] = 0x98badcfe;
- s->state[3] = 0x10325476;
- s->seeded = 1;
- }
- /* fill out the partial 64 byte block from previous calls */
- if(s->blen){
- i = 64 - s->blen;
- if(len < i)
- i = len;
- memmove(s->buf + s->blen, p, i);
- len -= i;
- s->blen += i;
- p += i;
- if(s->blen == 64){
- md4block(s->buf, s->blen, s);
- s->blen = 0;
- }
- }
- /* do 64 byte blocks */
- i = len & ~0x3f;
- if(i){
- md4block(p, i, s);
- len -= i;
- p += i;
- }
- /* save the left overs if not last call */
- if(digest == 0){
- if(len){
- memmove(s->buf, p, len);
- s->blen += len;
- }
- return s;
- }
- /*
- * this is the last time through, pad what's left with 0x80,
- * 0's, and the input count to create a multiple of 64 bytes
- */
- if(s->blen){
- p = s->buf;
- len = s->blen;
- } else {
- memmove(buf, p, len);
- p = buf;
- }
- s->len += len;
- e = p + len;
- if(len < 56)
- i = 56 - len;
- else
- i = 120 - len;
- memset(e, 0, i);
- *e = 0x80;
- len += i;
- /* append the count */
- x[0] = s->len<<3;
- x[1] = s->len>>29;
- encode(p+len, x, 8);
- /* digest the last part */
- md4block(p, len+8, s);
- /* return result and free state */
- encode(digest, s->state, MD4dlen);
- if(s->malloced == 1)
- free(s);
- return nil;
- }
- /*
- * encodes input (u32int) into output (uchar). Assumes len is
- * a multiple of 4.
- */
- static void
- encode(uchar *output, u32int *input, ulong len)
- {
- u32int x;
- uchar *e;
- for(e = output + len; output < e;) {
- x = *input++;
- *output++ = x;
- *output++ = x >> 8;
- *output++ = x >> 16;
- *output++ = x >> 24;
- }
- }
- /*
- * decodes input (uchar) into output (u32int). Assumes len is
- * a multiple of 4.
- */
- static void
- decode(u32int *output, uchar *input, ulong len)
- {
- uchar *e;
- for(e = input+len; input < e; input += 4)
- *output++ = input[0] | (input[1] << 8) |
- (input[2] << 16) | (input[3] << 24);
- }
|