1/* md5.c - Functions to compute MD5 message digest of files or memory blocks 2 according to the definition of MD5 in RFC 1321 from April 1992. 3 Copyright (C) 1995, 1996 Free Software Foundation, Inc. 4 This file is part of the GNU C library. 5 6 The GNU C Library is free software; you can redistribute it and/or 7 modify it under the terms of the GNU Library General Public License as 8 published by the Free Software Foundation; either version 2 of the 9 License, or (at your option) any later version. 10 11 The GNU C Library is distributed in the hope that it will be useful, 12 but WITHOUT ANY WARRANTY; without even the implied warranty of 13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 Library General Public License for more details. 15 16 You should have received a copy of the GNU Library General Public 17 License along with the GNU C Library; see the file COPYING.LIB. If not, 18 write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, 19 Boston, MA 02111-1307, USA. */ 20 21/* Written by Ulrich Drepper <drepper@gnu.ai.mit.edu>, 1995. */ 22 23#ifdef HAVE_CONFIG_H 24# include <config.h> 25#endif 26 27#ifdef USE_MD5 28 29#include <stdlib.h> 30#ifdef HAVE_STRING_H 31# include <string.h> 32#else 33# include <strings.h> 34#endif 35 36#include "md5.h" 37 38#ifdef _LIBC 39# include <endian.h> 40# if __BYTE_ORDER == __BIG_ENDIAN 41# define WORDS_BIGENDIAN 1 42# endif 43#endif 44 45#if defined(WORDS_BIGENDIAN) || defined(_BIG_ENDIAN) 46# define SWAP(n) \ 47 (((n) << 24) | (((n) & 0xff00) << 8) | (((n) >> 8) & 0xff00) | ((n) >> 24)) 48#else 49# define SWAP(n) (n) 50#endif 51 52 53/* This array contains the bytes used to pad the buffer to the next 54 64-byte boundary. (RFC 1321, 3.1: Step 1) */ 55static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ }; 56 57 58/* Initialize structure containing state of computation. 59 (RFC 1321, 3.3: Step 3) */ 60void 61md5_init_ctx (struct md5_ctx *ctx) 62{ 63 ctx->A = 0x67452301; 64 ctx->B = 0xefcdab89; 65 ctx->C = 0x98badcfe; 66 ctx->D = 0x10325476; 67 68 ctx->total[0] = ctx->total[1] = 0; 69 ctx->buflen = 0; 70} 71 72/* Put result from CTX in first 16 bytes following RESBUF. The result 73 must be in little endian byte order. 74 75 IMPORTANT: On some systems it is required that RESBUF is correctly 76 aligned for a 32 bits value. */ 77void * 78md5_read_ctx (const struct md5_ctx *ctx, void *resbuf) 79{ 80 ((md5_uint32 *) resbuf)[0] = SWAP (ctx->A); 81 ((md5_uint32 *) resbuf)[1] = SWAP (ctx->B); 82 ((md5_uint32 *) resbuf)[2] = SWAP (ctx->C); 83 ((md5_uint32 *) resbuf)[3] = SWAP (ctx->D); 84 85 return resbuf; 86} 87 88/* Process the remaining bytes in the internal buffer and the usual 89 prolog according to the standard and write the result to RESBUF. 90 91 IMPORTANT: On some systems it is required that RESBUF is correctly 92 aligned for a 32 bits value. */ 93void * 94md5_finish_ctx (struct md5_ctx *ctx, void *resbuf) 95{ 96 /* Take yet unprocessed bytes into account. */ 97 md5_uint32 bytes = ctx->buflen; 98 size_t pad; 99 100 /* Now count remaining bytes. */ 101 ctx->total[0] += bytes; 102 if (ctx->total[0] < bytes) 103 ++ctx->total[1]; 104 105 pad = bytes >= 56 ? 64 + 56 - bytes : 56 - bytes; 106 memcpy (&ctx->buffer[bytes], fillbuf, pad); 107 108 /* Put the 64-bit file length in *bits* at the end of the buffer. */ 109 *(md5_uint32 *) &ctx->buffer[bytes + pad] = SWAP (ctx->total[0] << 3); 110 *(md5_uint32 *) &ctx->buffer[bytes + pad + 4] = SWAP ((ctx->total[1] << 3) | 111 (ctx->total[0] >> 29)); 112 113 /* Process last bytes. */ 114 md5_process_block (ctx->buffer, bytes + pad + 8, ctx); 115 116 return md5_read_ctx (ctx, resbuf); 117} 118 119/* Compute MD5 message digest for bytes read from STREAM. The 120 resulting message digest number will be written into the 16 bytes 121 beginning at RESBLOCK. */ 122int 123md5_stream (FILE *stream, void *resblock) 124{ 125 /* Important: BLOCKSIZE must be a multiple of 64. */ 126#define BLOCKSIZE 4096 127 struct md5_ctx ctx; 128 char buffer[BLOCKSIZE + 72]; 129 size_t sum; 130 131 /* Initialize the computation context. */ 132 md5_init_ctx (&ctx); 133 134 /* Iterate over full file contents. */ 135 while (1) 136 { 137 /* We read the file in blocks of BLOCKSIZE bytes. One call of the 138 computation function processes the whole buffer so that with the 139 next round of the loop another block can be read. */ 140 size_t n; 141 sum = 0; 142 143 /* Read block. Take care for partial reads. */ 144 do 145 { 146 n = fread (buffer + sum, 1, BLOCKSIZE - sum, stream); 147 148 sum += n; 149 } 150 while (sum < BLOCKSIZE && n != 0); 151 if (n == 0 && ferror (stream)) 152 return 1; 153 154 /* If end of file is reached, end the loop. */ 155 if (n == 0) 156 break; 157 158 /* Process buffer with BLOCKSIZE bytes. Note that 159 BLOCKSIZE % 64 == 0 160 */ 161 md5_process_block (buffer, BLOCKSIZE, &ctx); 162 } 163 164 /* Add the last bytes if necessary. */ 165 if (sum > 0) 166 md5_process_bytes (buffer, sum, &ctx); 167 168 /* Construct result in desired memory. */ 169 md5_finish_ctx (&ctx, resblock); 170 return 0; 171} 172 173/* Compute MD5 message digest for LEN bytes beginning at BUFFER. The 174 result is always in little endian byte order, so that a byte-wise 175 output yields to the wanted ASCII representation of the message 176 digest. */ 177void * 178md5_buffer (const char *buffer, size_t len, void *resblock) 179{ 180 struct md5_ctx ctx; 181 182 /* Initialize the computation context. */ 183 md5_init_ctx (&ctx); 184 185 /* Process whole buffer but last len % 64 bytes. */ 186 md5_process_bytes (buffer, len, &ctx); 187 188 /* Put result in desired memory area. */ 189 return md5_finish_ctx (&ctx, resblock); 190} 191 192 193void 194md5_process_bytes (const void *buffer, size_t len, struct md5_ctx *ctx) 195{ 196 /* When we already have some bits in our internal buffer concatenate 197 both inputs first. */ 198 if (ctx->buflen != 0) 199 { 200 size_t left_over = ctx->buflen; 201 size_t add = 128 - left_over > len ? len : 128 - left_over; 202 203 memcpy (&ctx->buffer[left_over], buffer, add); 204 ctx->buflen += add; 205 206 if (left_over + add > 64) 207 { 208 md5_process_block (ctx->buffer, (left_over + add) & ~63, ctx); 209 /* The regions in the following copy operation cannot overlap. */ 210 memcpy (ctx->buffer, &ctx->buffer[(left_over + add) & ~63], 211 (left_over + add) & 63); 212 ctx->buflen = (left_over + add) & 63; 213 } 214 215 buffer = (const char *) buffer + add; 216 len -= add; 217 } 218 219 /* Process available complete blocks. */ 220 if (len > 64) 221 { 222 md5_process_block (buffer, len & ~63, ctx); 223 buffer = (const char *) buffer + (len & ~63); 224 len &= 63; 225 } 226 227 /* Move remaining bytes in internal buffer. */ 228 if (len > 0) 229 { 230 memcpy (ctx->buffer, buffer, len); 231 ctx->buflen = len; 232 } 233} 234 235 236/* These are the four functions used in the four steps of the MD5 algorithm 237 and defined in the RFC 1321. The first function is a little bit optimized 238 (as found in Colin Plumbs public domain implementation). */ 239/* #define FF(b, c, d) ((b & c) | (~b & d)) */ 240#define FF(b, c, d) (d ^ (b & (c ^ d))) 241#define FG(b, c, d) FF (d, b, c) 242#define FH(b, c, d) (b ^ c ^ d) 243#define FI(b, c, d) (c ^ (b | ~d)) 244 245/* Process LEN bytes of BUFFER, accumulating context into CTX. 246 It is assumed that LEN % 64 == 0. */ 247 248void 249md5_process_block (const void *buffer, size_t len, struct md5_ctx *ctx) 250{ 251 md5_uint32 correct_words[16]; 252 const md5_uint32 *words = buffer; 253 size_t nwords = len / sizeof (md5_uint32); 254 const md5_uint32 *endp = words + nwords; 255 md5_uint32 A = ctx->A; 256 md5_uint32 B = ctx->B; 257 md5_uint32 C = ctx->C; 258 md5_uint32 D = ctx->D; 259 260 /* First increment the byte count. RFC 1321 specifies the possible 261 length of the file up to 2^64 bits. Here we only compute the 262 number of bytes. Do a double word increment. */ 263 ctx->total[0] += len; 264 if (ctx->total[0] < len) 265 ++ctx->total[1]; 266 267 /* Process all bytes in the buffer with 64 bytes in each round of 268 the loop. */ 269 while (words < endp) 270 { 271 md5_uint32 *cwp = correct_words; 272 md5_uint32 A_save = A; 273 md5_uint32 B_save = B; 274 md5_uint32 C_save = C; 275 md5_uint32 D_save = D; 276 277 /* First round: using the given function, the context and a constant 278 the next context is computed. Because the algorithms processing 279 unit is a 32-bit word and it is determined to work on words in 280 little endian byte order we perhaps have to change the byte order 281 before the computation. To reduce the work for the next steps 282 we store the swapped words in the array CORRECT_WORDS. */ 283 284#define OP(a, b, c, d, s, T) \ 285 do \ 286 { \ 287 a += FF (b, c, d) + (*cwp++ = SWAP (*words)) + T; \ 288 ++words; \ 289 CYCLIC (a, s); \ 290 a += b; \ 291 } \ 292 while (0) 293 294 /* It is unfortunate that C does not provide an operator for 295 cyclic rotation. Hope the C compiler is smart enough. */ 296#define CYCLIC(w, s) (w = (w << s) | (w >> (32 - s))) 297 298 /* Before we start, one word to the strange constants. 299 They are defined in RFC 1321 as 300 301 T[i] = (int) (4294967296.0 * fabs (sin (i))), i=1..64 302 */ 303 304 /* Round 1. */ 305 OP (A, B, C, D, 7, 0xd76aa478); 306 OP (D, A, B, C, 12, 0xe8c7b756); 307 OP (C, D, A, B, 17, 0x242070db); 308 OP (B, C, D, A, 22, 0xc1bdceee); 309 OP (A, B, C, D, 7, 0xf57c0faf); 310 OP (D, A, B, C, 12, 0x4787c62a); 311 OP (C, D, A, B, 17, 0xa8304613); 312 OP (B, C, D, A, 22, 0xfd469501); 313 OP (A, B, C, D, 7, 0x698098d8); 314 OP (D, A, B, C, 12, 0x8b44f7af); 315 OP (C, D, A, B, 17, 0xffff5bb1); 316 OP (B, C, D, A, 22, 0x895cd7be); 317 OP (A, B, C, D, 7, 0x6b901122); 318 OP (D, A, B, C, 12, 0xfd987193); 319 OP (C, D, A, B, 17, 0xa679438e); 320 OP (B, C, D, A, 22, 0x49b40821); 321 322 /* For the second to fourth round we have the possibly swapped words 323 in CORRECT_WORDS. Redefine the macro to take an additional first 324 argument specifying the function to use. */ 325#undef OP 326#define OP(f, a, b, c, d, k, s, T) \ 327 do \ 328 { \ 329 a += f (b, c, d) + correct_words[k] + T; \ 330 CYCLIC (a, s); \ 331 a += b; \ 332 } \ 333 while (0) 334 335 /* Round 2. */ 336 OP (FG, A, B, C, D, 1, 5, 0xf61e2562); 337 OP (FG, D, A, B, C, 6, 9, 0xc040b340); 338 OP (FG, C, D, A, B, 11, 14, 0x265e5a51); 339 OP (FG, B, C, D, A, 0, 20, 0xe9b6c7aa); 340 OP (FG, A, B, C, D, 5, 5, 0xd62f105d); 341 OP (FG, D, A, B, C, 10, 9, 0x02441453); 342 OP (FG, C, D, A, B, 15, 14, 0xd8a1e681); 343 OP (FG, B, C, D, A, 4, 20, 0xe7d3fbc8); 344 OP (FG, A, B, C, D, 9, 5, 0x21e1cde6); 345 OP (FG, D, A, B, C, 14, 9, 0xc33707d6); 346 OP (FG, C, D, A, B, 3, 14, 0xf4d50d87); 347 OP (FG, B, C, D, A, 8, 20, 0x455a14ed); 348 OP (FG, A, B, C, D, 13, 5, 0xa9e3e905); 349 OP (FG, D, A, B, C, 2, 9, 0xfcefa3f8); 350 OP (FG, C, D, A, B, 7, 14, 0x676f02d9); 351 OP (FG, B, C, D, A, 12, 20, 0x8d2a4c8a); 352 353 /* Round 3. */ 354 OP (FH, A, B, C, D, 5, 4, 0xfffa3942); 355 OP (FH, D, A, B, C, 8, 11, 0x8771f681); 356 OP (FH, C, D, A, B, 11, 16, 0x6d9d6122); 357 OP (FH, B, C, D, A, 14, 23, 0xfde5380c); 358 OP (FH, A, B, C, D, 1, 4, 0xa4beea44); 359 OP (FH, D, A, B, C, 4, 11, 0x4bdecfa9); 360 OP (FH, C, D, A, B, 7, 16, 0xf6bb4b60); 361 OP (FH, B, C, D, A, 10, 23, 0xbebfbc70); 362 OP (FH, A, B, C, D, 13, 4, 0x289b7ec6); 363 OP (FH, D, A, B, C, 0, 11, 0xeaa127fa); 364 OP (FH, C, D, A, B, 3, 16, 0xd4ef3085); 365 OP (FH, B, C, D, A, 6, 23, 0x04881d05); 366 OP (FH, A, B, C, D, 9, 4, 0xd9d4d039); 367 OP (FH, D, A, B, C, 12, 11, 0xe6db99e5); 368 OP (FH, C, D, A, B, 15, 16, 0x1fa27cf8); 369 OP (FH, B, C, D, A, 2, 23, 0xc4ac5665); 370 371 /* Round 4. */ 372 OP (FI, A, B, C, D, 0, 6, 0xf4292244); 373 OP (FI, D, A, B, C, 7, 10, 0x432aff97); 374 OP (FI, C, D, A, B, 14, 15, 0xab9423a7); 375 OP (FI, B, C, D, A, 5, 21, 0xfc93a039); 376 OP (FI, A, B, C, D, 12, 6, 0x655b59c3); 377 OP (FI, D, A, B, C, 3, 10, 0x8f0ccc92); 378 OP (FI, C, D, A, B, 10, 15, 0xffeff47d); 379 OP (FI, B, C, D, A, 1, 21, 0x85845dd1); 380 OP (FI, A, B, C, D, 8, 6, 0x6fa87e4f); 381 OP (FI, D, A, B, C, 15, 10, 0xfe2ce6e0); 382 OP (FI, C, D, A, B, 6, 15, 0xa3014314); 383 OP (FI, B, C, D, A, 13, 21, 0x4e0811a1); 384 OP (FI, A, B, C, D, 4, 6, 0xf7537e82); 385 OP (FI, D, A, B, C, 11, 10, 0xbd3af235); 386 OP (FI, C, D, A, B, 2, 15, 0x2ad7d2bb); 387 OP (FI, B, C, D, A, 9, 21, 0xeb86d391); 388 389 /* Add the starting values of the context. */ 390 A += A_save; 391 B += B_save; 392 C += C_save; 393 D += D_save; 394 } 395 396 /* Put checksum in context given as argument. */ 397 ctx->A = A; 398 ctx->B = B; 399 ctx->C = C; 400 ctx->D = D; 401} 402#endif 403