md5.c 8.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296
  1. /*
  2. * This is an OpenSSL-compatible implementation of the RSA Data Security, Inc.
  3. * MD5 Message-Digest Algorithm (RFC 1321).
  4. *
  5. * Homepage:
  6. * http://openwall.info/wiki/people/solar/software/public-domain-source-code/md5
  7. *
  8. * Author:
  9. * Alexander Peslyak, better known as Solar Designer <solar at openwall.com>
  10. *
  11. * This software was written by Alexander Peslyak in 2001. No copyright is
  12. * claimed, and the software is hereby placed in the public domain.
  13. * In case this attempt to disclaim copyright and place the software in the
  14. * public domain is deemed null and void, then the software is
  15. * Copyright (c) 2001 Alexander Peslyak and it is hereby released to the
  16. * general public under the following terms:
  17. *
  18. * Redistribution and use in source and binary forms, with or without
  19. * modification, are permitted.
  20. *
  21. * There's ABSOLUTELY NO WARRANTY, express or implied.
  22. *
  23. * (This is a heavily cut-down "BSD license".)
  24. *
  25. * This differs from Colin Plumb's older public domain implementation in that
  26. * no exactly 32-bit integer data type is required (any 32-bit or wider
  27. * unsigned integer data type will do), there's no compile-time endianness
  28. * configuration, and the function prototypes match OpenSSL's. No code from
  29. * Colin Plumb's implementation has been reused; this comment merely compares
  30. * the properties of the two independent implementations.
  31. *
  32. * The primary goals of this implementation are portability and ease of use.
  33. * It is meant to be fast, but not as fast as possible. Some known
  34. * optimizations are not included to reduce source code size and avoid
  35. * compile-time configuration.
  36. */
  37. #ifndef HAVE_OPENSSL
  38. #include <string.h>
  39. #include "md5.h"
  40. /*
  41. * The basic MD5 functions.
  42. *
  43. * F and G are optimized compared to their RFC 1321 definitions for
  44. * architectures that lack an AND-NOT instruction, just like in Colin Plumb's
  45. * implementation.
  46. */
  47. #define F(x, y, z) ((z) ^ ((x) & ((y) ^ (z))))
  48. #define G(x, y, z) ((y) ^ ((z) & ((x) ^ (y))))
  49. #define H(x, y, z) (((x) ^ (y)) ^ (z))
  50. #define H2(x, y, z) ((x) ^ ((y) ^ (z)))
  51. #define I(x, y, z) ((y) ^ ((x) | ~(z)))
  52. /*
  53. * The MD5 transformation for all four rounds.
  54. */
  55. #define STEP(f, a, b, c, d, x, t, s) \
  56. (a) += f((b), (c), (d)) + (x) + (t); \
  57. (a) = (((a) << (s)) | (((a) & 0xffffffff) >> (32 - (s)))); \
  58. (a) += (b);
  59. /*
  60. * SET reads 4 input bytes in little-endian byte order and stores them
  61. * in a properly aligned word in host byte order.
  62. *
  63. * The check for little-endian architectures that tolerate unaligned
  64. * memory accesses is just an optimization. Nothing will break if it
  65. * doesn't work.
  66. */
  67. #if defined(__i386__) || defined(__x86_64__) || defined(__vax__)
  68. #define SET(n) \
  69. (*(MD5_u32plus *)&ptr[(n) * 4])
  70. #define GET(n) \
  71. SET(n)
  72. #else
  73. #define SET(n) \
  74. (ctx->block[(n)] = \
  75. (MD5_u32plus)ptr[(n) * 4] | \
  76. ((MD5_u32plus)ptr[(n) * 4 + 1] << 8) | \
  77. ((MD5_u32plus)ptr[(n) * 4 + 2] << 16) | \
  78. ((MD5_u32plus)ptr[(n) * 4 + 3] << 24))
  79. #define GET(n) \
  80. (ctx->block[(n)])
  81. #endif
  82. /*
  83. * This processes one or more 64-byte data blocks, but does NOT update
  84. * the bit counters. There are no alignment requirements.
  85. */
  86. static const void *body(MD5_CTX *ctx, const void *data, unsigned long size)
  87. {
  88. const unsigned char *ptr;
  89. MD5_u32plus a, b, c, d;
  90. MD5_u32plus saved_a, saved_b, saved_c, saved_d;
  91. ptr = (const unsigned char *)data;
  92. a = ctx->a;
  93. b = ctx->b;
  94. c = ctx->c;
  95. d = ctx->d;
  96. do {
  97. saved_a = a;
  98. saved_b = b;
  99. saved_c = c;
  100. saved_d = d;
  101. /* Round 1 */
  102. STEP(F, a, b, c, d, SET(0), 0xd76aa478, 7)
  103. STEP(F, d, a, b, c, SET(1), 0xe8c7b756, 12)
  104. STEP(F, c, d, a, b, SET(2), 0x242070db, 17)
  105. STEP(F, b, c, d, a, SET(3), 0xc1bdceee, 22)
  106. STEP(F, a, b, c, d, SET(4), 0xf57c0faf, 7)
  107. STEP(F, d, a, b, c, SET(5), 0x4787c62a, 12)
  108. STEP(F, c, d, a, b, SET(6), 0xa8304613, 17)
  109. STEP(F, b, c, d, a, SET(7), 0xfd469501, 22)
  110. STEP(F, a, b, c, d, SET(8), 0x698098d8, 7)
  111. STEP(F, d, a, b, c, SET(9), 0x8b44f7af, 12)
  112. STEP(F, c, d, a, b, SET(10), 0xffff5bb1, 17)
  113. STEP(F, b, c, d, a, SET(11), 0x895cd7be, 22)
  114. STEP(F, a, b, c, d, SET(12), 0x6b901122, 7)
  115. STEP(F, d, a, b, c, SET(13), 0xfd987193, 12)
  116. STEP(F, c, d, a, b, SET(14), 0xa679438e, 17)
  117. STEP(F, b, c, d, a, SET(15), 0x49b40821, 22)
  118. /* Round 2 */
  119. STEP(G, a, b, c, d, GET(1), 0xf61e2562, 5)
  120. STEP(G, d, a, b, c, GET(6), 0xc040b340, 9)
  121. STEP(G, c, d, a, b, GET(11), 0x265e5a51, 14)
  122. STEP(G, b, c, d, a, GET(0), 0xe9b6c7aa, 20)
  123. STEP(G, a, b, c, d, GET(5), 0xd62f105d, 5)
  124. STEP(G, d, a, b, c, GET(10), 0x02441453, 9)
  125. STEP(G, c, d, a, b, GET(15), 0xd8a1e681, 14)
  126. STEP(G, b, c, d, a, GET(4), 0xe7d3fbc8, 20)
  127. STEP(G, a, b, c, d, GET(9), 0x21e1cde6, 5)
  128. STEP(G, d, a, b, c, GET(14), 0xc33707d6, 9)
  129. STEP(G, c, d, a, b, GET(3), 0xf4d50d87, 14)
  130. STEP(G, b, c, d, a, GET(8), 0x455a14ed, 20)
  131. STEP(G, a, b, c, d, GET(13), 0xa9e3e905, 5)
  132. STEP(G, d, a, b, c, GET(2), 0xfcefa3f8, 9)
  133. STEP(G, c, d, a, b, GET(7), 0x676f02d9, 14)
  134. STEP(G, b, c, d, a, GET(12), 0x8d2a4c8a, 20)
  135. /* Round 3 */
  136. STEP(H, a, b, c, d, GET(5), 0xfffa3942, 4)
  137. STEP(H2, d, a, b, c, GET(8), 0x8771f681, 11)
  138. STEP(H, c, d, a, b, GET(11), 0x6d9d6122, 16)
  139. STEP(H2, b, c, d, a, GET(14), 0xfde5380c, 23)
  140. STEP(H, a, b, c, d, GET(1), 0xa4beea44, 4)
  141. STEP(H2, d, a, b, c, GET(4), 0x4bdecfa9, 11)
  142. STEP(H, c, d, a, b, GET(7), 0xf6bb4b60, 16)
  143. STEP(H2, b, c, d, a, GET(10), 0xbebfbc70, 23)
  144. STEP(H, a, b, c, d, GET(13), 0x289b7ec6, 4)
  145. STEP(H2, d, a, b, c, GET(0), 0xeaa127fa, 11)
  146. STEP(H, c, d, a, b, GET(3), 0xd4ef3085, 16)
  147. STEP(H2, b, c, d, a, GET(6), 0x04881d05, 23)
  148. STEP(H, a, b, c, d, GET(9), 0xd9d4d039, 4)
  149. STEP(H2, d, a, b, c, GET(12), 0xe6db99e5, 11)
  150. STEP(H, c, d, a, b, GET(15), 0x1fa27cf8, 16)
  151. STEP(H2, b, c, d, a, GET(2), 0xc4ac5665, 23)
  152. /* Round 4 */
  153. STEP(I, a, b, c, d, GET(0), 0xf4292244, 6)
  154. STEP(I, d, a, b, c, GET(7), 0x432aff97, 10)
  155. STEP(I, c, d, a, b, GET(14), 0xab9423a7, 15)
  156. STEP(I, b, c, d, a, GET(5), 0xfc93a039, 21)
  157. STEP(I, a, b, c, d, GET(12), 0x655b59c3, 6)
  158. STEP(I, d, a, b, c, GET(3), 0x8f0ccc92, 10)
  159. STEP(I, c, d, a, b, GET(10), 0xffeff47d, 15)
  160. STEP(I, b, c, d, a, GET(1), 0x85845dd1, 21)
  161. STEP(I, a, b, c, d, GET(8), 0x6fa87e4f, 6)
  162. STEP(I, d, a, b, c, GET(15), 0xfe2ce6e0, 10)
  163. STEP(I, c, d, a, b, GET(6), 0xa3014314, 15)
  164. STEP(I, b, c, d, a, GET(13), 0x4e0811a1, 21)
  165. STEP(I, a, b, c, d, GET(4), 0xf7537e82, 6)
  166. STEP(I, d, a, b, c, GET(11), 0xbd3af235, 10)
  167. STEP(I, c, d, a, b, GET(2), 0x2ad7d2bb, 15)
  168. STEP(I, b, c, d, a, GET(9), 0xeb86d391, 21)
  169. a += saved_a;
  170. b += saved_b;
  171. c += saved_c;
  172. d += saved_d;
  173. ptr += 64;
  174. } while (size -= 64);
  175. ctx->a = a;
  176. ctx->b = b;
  177. ctx->c = c;
  178. ctx->d = d;
  179. return ptr;
  180. }
  181. void MD5_Init(MD5_CTX *ctx)
  182. {
  183. ctx->a = 0x67452301;
  184. ctx->b = 0xefcdab89;
  185. ctx->c = 0x98badcfe;
  186. ctx->d = 0x10325476;
  187. ctx->lo = 0;
  188. ctx->hi = 0;
  189. }
  190. void MD5_Update(MD5_CTX *ctx, const void *data, unsigned long size)
  191. {
  192. MD5_u32plus saved_lo;
  193. unsigned long used, available;
  194. saved_lo = ctx->lo;
  195. if ((ctx->lo = (saved_lo + size) & 0x1fffffff) < saved_lo)
  196. ctx->hi++;
  197. ctx->hi += size >> 29;
  198. used = saved_lo & 0x3f;
  199. if (used) {
  200. available = 64 - used;
  201. if (size < available) {
  202. memcpy(&ctx->buffer[used], data, size);
  203. return;
  204. }
  205. memcpy(&ctx->buffer[used], data, available);
  206. data = (const unsigned char *)data + available;
  207. size -= available;
  208. body(ctx, ctx->buffer, 64);
  209. }
  210. if (size >= 64) {
  211. data = body(ctx, data, size & ~(unsigned long)0x3f);
  212. size &= 0x3f;
  213. }
  214. memcpy(ctx->buffer, data, size);
  215. }
  216. void MD5_Final(unsigned char *result, MD5_CTX *ctx)
  217. {
  218. unsigned long used, available;
  219. used = ctx->lo & 0x3f;
  220. ctx->buffer[used++] = 0x80;
  221. available = 64 - used;
  222. if (available < 8) {
  223. memset(&ctx->buffer[used], 0, available);
  224. body(ctx, ctx->buffer, 64);
  225. used = 0;
  226. available = 64;
  227. }
  228. memset(&ctx->buffer[used], 0, available - 8);
  229. ctx->lo <<= 3;
  230. ctx->buffer[56] = ctx->lo;
  231. ctx->buffer[57] = ctx->lo >> 8;
  232. ctx->buffer[58] = ctx->lo >> 16;
  233. ctx->buffer[59] = ctx->lo >> 24;
  234. ctx->buffer[60] = ctx->hi;
  235. ctx->buffer[61] = ctx->hi >> 8;
  236. ctx->buffer[62] = ctx->hi >> 16;
  237. ctx->buffer[63] = ctx->hi >> 24;
  238. body(ctx, ctx->buffer, 64);
  239. result[0] = ctx->a;
  240. result[1] = ctx->a >> 8;
  241. result[2] = ctx->a >> 16;
  242. result[3] = ctx->a >> 24;
  243. result[4] = ctx->b;
  244. result[5] = ctx->b >> 8;
  245. result[6] = ctx->b >> 16;
  246. result[7] = ctx->b >> 24;
  247. result[8] = ctx->c;
  248. result[9] = ctx->c >> 8;
  249. result[10] = ctx->c >> 16;
  250. result[11] = ctx->c >> 24;
  251. result[12] = ctx->d;
  252. result[13] = ctx->d >> 8;
  253. result[14] = ctx->d >> 16;
  254. result[15] = ctx->d >> 24;
  255. memset(ctx, 0, sizeof(*ctx));
  256. }
  257. #endif