1/*************************************************************************** 2 * _ _ ____ _ 3 * Project ___| | | | _ \| | 4 * / __| | | | |_) | | 5 * | (__| |_| | _ <| |___ 6 * \___|\___/|_| \_\_____| 7 * 8 * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al. 9 * 10 * This software is licensed as described in the file COPYING, which 11 * you should have received as part of this distribution. The terms 12 * are also available at http://curl.haxx.se/docs/copyright.html. 13 * 14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell 15 * copies of the Software, and permit persons to whom the Software is 16 * furnished to do so, under the terms of the COPYING file. 17 * 18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY 19 * KIND, either express or implied. 20 * 21 ***************************************************************************/ 22 23#include "setup.h" 24 25#ifndef CURL_DISABLE_CRYPTO_AUTH 26 27#include <string.h> 28 29#include "curl_md5.h" 30#include "curl_hmac.h" 31 32#ifdef USE_GNUTLS 33 34#include <gcrypt.h> 35 36typedef gcry_md_hd_t MD5_CTX; 37 38static void MD5_Init(MD5_CTX * ctx) 39{ 40 gcry_md_open(ctx, GCRY_MD_MD5, 0); 41} 42 43static void MD5_Update(MD5_CTX * ctx, 44 const unsigned char * input, 45 unsigned int inputLen) 46{ 47 gcry_md_write(*ctx, input, inputLen); 48} 49 50static void MD5_Final(unsigned char digest[16], MD5_CTX * ctx) 51{ 52 memcpy(digest, gcry_md_read(*ctx, 0), 16); 53 gcry_md_close(*ctx); 54} 55 56#else 57 58#ifdef USE_SSLEAY 59/* When OpenSSL is available we use the MD5-function from OpenSSL */ 60 61# ifdef USE_OPENSSL 62# include <openssl/md5.h> 63# else 64# include <md5.h> 65# endif 66 67#else /* USE_SSLEAY */ 68/* When OpenSSL is not available we use this code segment */ 69 70/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All 71rights reserved. 72 73License to copy and use this software is granted provided that it 74is identified as the "RSA Data Security, Inc. MD5 Message-Digest 75Algorithm" in all material mentioning or referencing this software 76or this function. 77 78License is also granted to make and use derivative works provided 79that such works are identified as "derived from the RSA Data 80Security, Inc. MD5 Message-Digest Algorithm" in all material 81mentioning or referencing the derived work. 82 83RSA Data Security, Inc. makes no representations concerning either 84the merchantability of this software or the suitability of this 85software for any particular purpose. It is provided "as is" 86without express or implied warranty of any kind. 87 88These notices must be retained in any copies of any part of this 89documentation and/or software. 90 */ 91 92/* UINT4 defines a four byte word */ 93typedef unsigned int UINT4; 94 95/* MD5 context. */ 96struct md5_ctx { 97 UINT4 state[4]; /* state (ABCD) */ 98 UINT4 count[2]; /* number of bits, modulo 2^64 (lsb first) */ 99 unsigned char buffer[64]; /* input buffer */ 100}; 101 102typedef struct md5_ctx MD5_CTX; 103 104static void MD5_Init(struct md5_ctx *); 105static void MD5_Update(struct md5_ctx *, const unsigned char *, unsigned int); 106static void MD5_Final(unsigned char [16], struct md5_ctx *); 107 108/* Constants for MD5Transform routine. 109 */ 110 111#define S11 7 112#define S12 12 113#define S13 17 114#define S14 22 115#define S21 5 116#define S22 9 117#define S23 14 118#define S24 20 119#define S31 4 120#define S32 11 121#define S33 16 122#define S34 23 123#define S41 6 124#define S42 10 125#define S43 15 126#define S44 21 127 128static void MD5Transform(UINT4 [4], const unsigned char [64]); 129static void Encode(unsigned char *, UINT4 *, unsigned int); 130static void Decode(UINT4 *, const unsigned char *, unsigned int); 131 132static const unsigned char PADDING[64] = { 133 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 134 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 135 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 136}; 137 138/* F, G, H and I are basic MD5 functions. 139 */ 140#define F(x, y, z) (((x) & (y)) | ((~x) & (z))) 141#define G(x, y, z) (((x) & (z)) | ((y) & (~z))) 142#define H(x, y, z) ((x) ^ (y) ^ (z)) 143#define I(x, y, z) ((y) ^ ((x) | (~z))) 144 145/* ROTATE_LEFT rotates x left n bits. 146 */ 147#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n)))) 148 149/* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4. 150Rotation is separate from addition to prevent recomputation. 151 */ 152#define FF(a, b, c, d, x, s, ac) { \ 153 (a) += F ((b), (c), (d)) + (x) + (UINT4)(ac); \ 154 (a) = ROTATE_LEFT ((a), (s)); \ 155 (a) += (b); \ 156 } 157#define GG(a, b, c, d, x, s, ac) { \ 158 (a) += G ((b), (c), (d)) + (x) + (UINT4)(ac); \ 159 (a) = ROTATE_LEFT ((a), (s)); \ 160 (a) += (b); \ 161 } 162#define HH(a, b, c, d, x, s, ac) { \ 163 (a) += H ((b), (c), (d)) + (x) + (UINT4)(ac); \ 164 (a) = ROTATE_LEFT ((a), (s)); \ 165 (a) += (b); \ 166 } 167#define II(a, b, c, d, x, s, ac) { \ 168 (a) += I ((b), (c), (d)) + (x) + (UINT4)(ac); \ 169 (a) = ROTATE_LEFT ((a), (s)); \ 170 (a) += (b); \ 171 } 172 173/* MD5 initialization. Begins an MD5 operation, writing a new context. 174 */ 175static void MD5_Init(struct md5_ctx *context) 176{ 177 context->count[0] = context->count[1] = 0; 178 /* Load magic initialization constants. */ 179 context->state[0] = 0x67452301; 180 context->state[1] = 0xefcdab89; 181 context->state[2] = 0x98badcfe; 182 context->state[3] = 0x10325476; 183} 184 185/* MD5 block update operation. Continues an MD5 message-digest 186 operation, processing another message block, and updating the 187 context. 188 */ 189static void MD5_Update (struct md5_ctx *context, /* context */ 190 const unsigned char *input, /* input block */ 191 unsigned int inputLen) /* length of input block */ 192{ 193 unsigned int i, bufindex, partLen; 194 195 /* Compute number of bytes mod 64 */ 196 bufindex = (unsigned int)((context->count[0] >> 3) & 0x3F); 197 198 /* Update number of bits */ 199 if((context->count[0] += ((UINT4)inputLen << 3)) 200 < ((UINT4)inputLen << 3)) 201 context->count[1]++; 202 context->count[1] += ((UINT4)inputLen >> 29); 203 204 partLen = 64 - bufindex; 205 206 /* Transform as many times as possible. */ 207 if(inputLen >= partLen) { 208 memcpy(&context->buffer[bufindex], input, partLen); 209 MD5Transform(context->state, context->buffer); 210 211 for(i = partLen; i + 63 < inputLen; i += 64) 212 MD5Transform(context->state, &input[i]); 213 214 bufindex = 0; 215 } 216 else 217 i = 0; 218 219 /* Buffer remaining input */ 220 memcpy(&context->buffer[bufindex], &input[i], inputLen-i); 221} 222 223/* MD5 finalization. Ends an MD5 message-digest operation, writing the 224 the message digest and zeroizing the context. 225*/ 226static void MD5_Final(unsigned char digest[16], /* message digest */ 227 struct md5_ctx *context) /* context */ 228{ 229 unsigned char bits[8]; 230 unsigned int count, padLen; 231 232 /* Save number of bits */ 233 Encode (bits, context->count, 8); 234 235 /* Pad out to 56 mod 64. */ 236 count = (unsigned int)((context->count[0] >> 3) & 0x3f); 237 padLen = (count < 56) ? (56 - count) : (120 - count); 238 MD5_Update (context, PADDING, padLen); 239 240 /* Append length (before padding) */ 241 MD5_Update (context, bits, 8); 242 243 /* Store state in digest */ 244 Encode (digest, context->state, 16); 245 246 /* Zeroize sensitive information. */ 247 memset ((void *)context, 0, sizeof (*context)); 248} 249 250/* MD5 basic transformation. Transforms state based on block. */ 251static void MD5Transform(UINT4 state[4], 252 const unsigned char block[64]) 253{ 254 UINT4 a = state[0], b = state[1], c = state[2], d = state[3], x[16]; 255 256 Decode (x, block, 64); 257 258 /* Round 1 */ 259 FF (a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */ 260 FF (d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */ 261 FF (c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */ 262 FF (b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */ 263 FF (a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */ 264 FF (d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */ 265 FF (c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */ 266 FF (b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */ 267 FF (a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */ 268 FF (d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */ 269 FF (c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */ 270 FF (b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */ 271 FF (a, b, c, d, x[12], S11, 0x6b901122); /* 13 */ 272 FF (d, a, b, c, x[13], S12, 0xfd987193); /* 14 */ 273 FF (c, d, a, b, x[14], S13, 0xa679438e); /* 15 */ 274 FF (b, c, d, a, x[15], S14, 0x49b40821); /* 16 */ 275 276 /* Round 2 */ 277 GG (a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */ 278 GG (d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */ 279 GG (c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */ 280 GG (b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */ 281 GG (a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */ 282 GG (d, a, b, c, x[10], S22, 0x2441453); /* 22 */ 283 GG (c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */ 284 GG (b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */ 285 GG (a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */ 286 GG (d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */ 287 GG (c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */ 288 GG (b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */ 289 GG (a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */ 290 GG (d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */ 291 GG (c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */ 292 GG (b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */ 293 294 /* Round 3 */ 295 HH (a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */ 296 HH (d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */ 297 HH (c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */ 298 HH (b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */ 299 HH (a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */ 300 HH (d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */ 301 HH (c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */ 302 HH (b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */ 303 HH (a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */ 304 HH (d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */ 305 HH (c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */ 306 HH (b, c, d, a, x[ 6], S34, 0x4881d05); /* 44 */ 307 HH (a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */ 308 HH (d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */ 309 HH (c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */ 310 HH (b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */ 311 312 /* Round 4 */ 313 II (a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */ 314 II (d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */ 315 II (c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */ 316 II (b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */ 317 II (a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */ 318 II (d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */ 319 II (c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */ 320 II (b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */ 321 II (a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */ 322 II (d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */ 323 II (c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */ 324 II (b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */ 325 II (a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */ 326 II (d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */ 327 II (c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */ 328 II (b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */ 329 330 state[0] += a; 331 state[1] += b; 332 state[2] += c; 333 state[3] += d; 334 335 /* Zeroize sensitive information. */ 336 memset((void *)x, 0, sizeof (x)); 337} 338 339/* Encodes input (UINT4) into output (unsigned char). Assumes len is 340 a multiple of 4. 341 */ 342static void Encode (unsigned char *output, 343 UINT4 *input, 344 unsigned int len) 345{ 346 unsigned int i, j; 347 348 for(i = 0, j = 0; j < len; i++, j += 4) { 349 output[j] = (unsigned char)(input[i] & 0xff); 350 output[j+1] = (unsigned char)((input[i] >> 8) & 0xff); 351 output[j+2] = (unsigned char)((input[i] >> 16) & 0xff); 352 output[j+3] = (unsigned char)((input[i] >> 24) & 0xff); 353 } 354} 355 356/* Decodes input (unsigned char) into output (UINT4). Assumes len is 357 a multiple of 4. 358*/ 359static void Decode (UINT4 *output, 360 const unsigned char *input, 361 unsigned int len) 362{ 363 unsigned int i, j; 364 365 for(i = 0, j = 0; j < len; i++, j += 4) 366 output[i] = ((UINT4)input[j]) | (((UINT4)input[j+1]) << 8) | 367 (((UINT4)input[j+2]) << 16) | (((UINT4)input[j+3]) << 24); 368} 369 370#endif /* USE_SSLEAY */ 371 372#endif /* USE_GNUTLS */ 373 374const HMAC_params Curl_HMAC_MD5[] = { 375 { 376 (HMAC_hinit_func) MD5_Init, /* Hash initialization function. */ 377 (HMAC_hupdate_func) MD5_Update, /* Hash update function. */ 378 (HMAC_hfinal_func) MD5_Final, /* Hash computation end function. */ 379 sizeof(MD5_CTX), /* Size of hash context structure. */ 380 64, /* Maximum key length. */ 381 16 /* Result size. */ 382 } 383}; 384 385 386void Curl_md5it(unsigned char *outbuffer, /* 16 bytes */ 387 const unsigned char *input) 388{ 389 MD5_CTX ctx; 390 MD5_Init(&ctx); 391 MD5_Update(&ctx, input, (unsigned int)strlen((char *)input)); 392 MD5_Final(outbuffer, &ctx); 393} 394 395#endif /* CURL_DISABLE_CRYPTO_AUTH */ 396