1/*************************************************************************** 2 * _ _ ____ _ 3 * Project ___| | | | _ \| | 4 * / __| | | | |_) | | 5 * | (__| |_| | _ <| |___ 6 * \___|\___/|_| \_\_____| 7 * 8 * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al. 9 * 10 * This software is licensed as described in the file COPYING, which 11 * you should have received as part of this distribution. The terms 12 * are also available at http://curl.haxx.se/docs/copyright.html. 13 * 14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell 15 * copies of the Software, and permit persons to whom the Software is 16 * furnished to do so, under the terms of the COPYING file. 17 * 18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY 19 * KIND, either express or implied. 20 * 21 ***************************************************************************/ 22 23#include "curl_setup.h" 24 25#ifndef CURL_DISABLE_CRYPTO_AUTH 26 27#include "curl_md5.h" 28#include "curl_hmac.h" 29#include "warnless.h" 30 31#include "curl_memory.h" 32 33#if defined(USE_GNUTLS_NETTLE) 34 35#include <nettle/md5.h> 36/* The last #include file should be: */ 37#include "memdebug.h" 38 39typedef struct md5_ctx MD5_CTX; 40 41static void MD5_Init(MD5_CTX * ctx) 42{ 43 md5_init(ctx); 44} 45 46static void MD5_Update(MD5_CTX * ctx, 47 const unsigned char * input, 48 unsigned int inputLen) 49{ 50 md5_update(ctx, inputLen, input); 51} 52 53static void MD5_Final(unsigned char digest[16], MD5_CTX * ctx) 54{ 55 md5_digest(ctx, 16, digest); 56} 57 58#elif defined(USE_GNUTLS) 59 60#include <gcrypt.h> 61/* The last #include file should be: */ 62#include "memdebug.h" 63 64typedef gcry_md_hd_t MD5_CTX; 65 66static void MD5_Init(MD5_CTX * ctx) 67{ 68 gcry_md_open(ctx, GCRY_MD_MD5, 0); 69} 70 71static void MD5_Update(MD5_CTX * ctx, 72 const unsigned char * input, 73 unsigned int inputLen) 74{ 75 gcry_md_write(*ctx, input, inputLen); 76} 77 78static void MD5_Final(unsigned char digest[16], MD5_CTX * ctx) 79{ 80 memcpy(digest, gcry_md_read(*ctx, 0), 16); 81 gcry_md_close(*ctx); 82} 83 84#elif defined(USE_SSLEAY) 85/* When OpenSSL is available we use the MD5-function from OpenSSL */ 86 87# ifdef USE_OPENSSL 88# include <openssl/md5.h> 89# else 90# include <md5.h> 91# endif 92 93#elif (defined(__MAC_OS_X_VERSION_MAX_ALLOWED) && \ 94 (__MAC_OS_X_VERSION_MAX_ALLOWED >= 1040)) || \ 95 (defined(__IPHONE_OS_VERSION_MAX_ALLOWED) && \ 96 (__IPHONE_OS_VERSION_MAX_ALLOWED >= 20000)) 97 98/* For Apple operating systems: CommonCrypto has the functions we need. 99 These functions are available on Tiger and later, as well as iOS 2.0 100 and later. If you're building for an older cat, well, sorry. 101 102 Declaring the functions as static like this seems to be a bit more 103 reliable than defining COMMON_DIGEST_FOR_OPENSSL on older cats. */ 104# include <CommonCrypto/CommonDigest.h> 105# define MD5_CTX CC_MD5_CTX 106 107static void MD5_Init(MD5_CTX *ctx) 108{ 109 CC_MD5_Init(ctx); 110} 111 112static void MD5_Update(MD5_CTX *ctx, 113 const unsigned char *input, 114 unsigned int inputLen) 115{ 116 CC_MD5_Update(ctx, input, inputLen); 117} 118 119static void MD5_Final(unsigned char digest[16], MD5_CTX *ctx) 120{ 121 CC_MD5_Final(digest, ctx); 122} 123 124#elif defined(_WIN32) 125 126#include <wincrypt.h> 127 128typedef struct { 129 HCRYPTPROV hCryptProv; 130 HCRYPTHASH hHash; 131} MD5_CTX; 132 133static void MD5_Init(MD5_CTX *ctx) 134{ 135 if(CryptAcquireContext(&ctx->hCryptProv, NULL, NULL, 136 PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { 137 CryptCreateHash(ctx->hCryptProv, CALG_MD5, 0, 0, &ctx->hHash); 138 } 139} 140 141static void MD5_Update(MD5_CTX *ctx, 142 const unsigned char *input, 143 unsigned int inputLen) 144{ 145 CryptHashData(ctx->hHash, (unsigned char *)input, inputLen, 0); 146} 147 148static void MD5_Final(unsigned char digest[16], MD5_CTX *ctx) 149{ 150 unsigned long length; 151 CryptGetHashParam(ctx->hHash, HP_HASHVAL, NULL, &length, 0); 152 if(length == 16) 153 CryptGetHashParam(ctx->hHash, HP_HASHVAL, digest, &length, 0); 154 if(ctx->hHash) 155 CryptDestroyHash(ctx->hHash); 156 if(ctx->hCryptProv) 157 CryptReleaseContext(ctx->hCryptProv, 0); 158} 159 160#else 161/* When no other crypto library is available we use this code segment */ 162 163/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All 164rights reserved. 165 166License to copy and use this software is granted provided that it 167is identified as the "RSA Data Security, Inc. MD5 Message-Digest 168Algorithm" in all material mentioning or referencing this software 169or this function. 170 171License is also granted to make and use derivative works provided 172that such works are identified as "derived from the RSA Data 173Security, Inc. MD5 Message-Digest Algorithm" in all material 174mentioning or referencing the derived work. 175 176RSA Data Security, Inc. makes no representations concerning either 177the merchantability of this software or the suitability of this 178software for any particular purpose. It is provided "as is" 179without express or implied warranty of any kind. 180 181These notices must be retained in any copies of any part of this 182documentation and/or software. 183 */ 184 185/* UINT4 defines a four byte word */ 186typedef unsigned int UINT4; 187 188/* MD5 context. */ 189struct md5_ctx { 190 UINT4 state[4]; /* state (ABCD) */ 191 UINT4 count[2]; /* number of bits, modulo 2^64 (lsb first) */ 192 unsigned char buffer[64]; /* input buffer */ 193}; 194 195typedef struct md5_ctx MD5_CTX; 196 197static void MD5_Init(struct md5_ctx *); 198static void MD5_Update(struct md5_ctx *, const unsigned char *, unsigned int); 199static void MD5_Final(unsigned char [16], struct md5_ctx *); 200 201/* Constants for MD5Transform routine. 202 */ 203 204#define S11 7 205#define S12 12 206#define S13 17 207#define S14 22 208#define S21 5 209#define S22 9 210#define S23 14 211#define S24 20 212#define S31 4 213#define S32 11 214#define S33 16 215#define S34 23 216#define S41 6 217#define S42 10 218#define S43 15 219#define S44 21 220 221static void MD5Transform(UINT4 [4], const unsigned char [64]); 222static void Encode(unsigned char *, UINT4 *, unsigned int); 223static void Decode(UINT4 *, const unsigned char *, unsigned int); 224 225static const unsigned char PADDING[64] = { 226 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 227 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 228 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 229}; 230 231/* F, G, H and I are basic MD5 functions. 232 */ 233#define F(x, y, z) (((x) & (y)) | ((~x) & (z))) 234#define G(x, y, z) (((x) & (z)) | ((y) & (~z))) 235#define H(x, y, z) ((x) ^ (y) ^ (z)) 236#define I(x, y, z) ((y) ^ ((x) | (~z))) 237 238/* ROTATE_LEFT rotates x left n bits. 239 */ 240#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n)))) 241 242/* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4. 243Rotation is separate from addition to prevent recomputation. 244 */ 245#define FF(a, b, c, d, x, s, ac) { \ 246 (a) += F ((b), (c), (d)) + (x) + (UINT4)(ac); \ 247 (a) = ROTATE_LEFT ((a), (s)); \ 248 (a) += (b); \ 249 } 250#define GG(a, b, c, d, x, s, ac) { \ 251 (a) += G ((b), (c), (d)) + (x) + (UINT4)(ac); \ 252 (a) = ROTATE_LEFT ((a), (s)); \ 253 (a) += (b); \ 254 } 255#define HH(a, b, c, d, x, s, ac) { \ 256 (a) += H ((b), (c), (d)) + (x) + (UINT4)(ac); \ 257 (a) = ROTATE_LEFT ((a), (s)); \ 258 (a) += (b); \ 259 } 260#define II(a, b, c, d, x, s, ac) { \ 261 (a) += I ((b), (c), (d)) + (x) + (UINT4)(ac); \ 262 (a) = ROTATE_LEFT ((a), (s)); \ 263 (a) += (b); \ 264 } 265 266/* MD5 initialization. Begins an MD5 operation, writing a new context. 267 */ 268static void MD5_Init(struct md5_ctx *context) 269{ 270 context->count[0] = context->count[1] = 0; 271 /* Load magic initialization constants. */ 272 context->state[0] = 0x67452301; 273 context->state[1] = 0xefcdab89; 274 context->state[2] = 0x98badcfe; 275 context->state[3] = 0x10325476; 276} 277 278/* MD5 block update operation. Continues an MD5 message-digest 279 operation, processing another message block, and updating the 280 context. 281 */ 282static void MD5_Update (struct md5_ctx *context, /* context */ 283 const unsigned char *input, /* input block */ 284 unsigned int inputLen) /* length of input block */ 285{ 286 unsigned int i, bufindex, partLen; 287 288 /* Compute number of bytes mod 64 */ 289 bufindex = (unsigned int)((context->count[0] >> 3) & 0x3F); 290 291 /* Update number of bits */ 292 if((context->count[0] += ((UINT4)inputLen << 3)) 293 < ((UINT4)inputLen << 3)) 294 context->count[1]++; 295 context->count[1] += ((UINT4)inputLen >> 29); 296 297 partLen = 64 - bufindex; 298 299 /* Transform as many times as possible. */ 300 if(inputLen >= partLen) { 301 memcpy(&context->buffer[bufindex], input, partLen); 302 MD5Transform(context->state, context->buffer); 303 304 for(i = partLen; i + 63 < inputLen; i += 64) 305 MD5Transform(context->state, &input[i]); 306 307 bufindex = 0; 308 } 309 else 310 i = 0; 311 312 /* Buffer remaining input */ 313 memcpy(&context->buffer[bufindex], &input[i], inputLen-i); 314} 315 316/* MD5 finalization. Ends an MD5 message-digest operation, writing the 317 the message digest and zeroizing the context. 318*/ 319static void MD5_Final(unsigned char digest[16], /* message digest */ 320 struct md5_ctx *context) /* context */ 321{ 322 unsigned char bits[8]; 323 unsigned int count, padLen; 324 325 /* Save number of bits */ 326 Encode (bits, context->count, 8); 327 328 /* Pad out to 56 mod 64. */ 329 count = (unsigned int)((context->count[0] >> 3) & 0x3f); 330 padLen = (count < 56) ? (56 - count) : (120 - count); 331 MD5_Update (context, PADDING, padLen); 332 333 /* Append length (before padding) */ 334 MD5_Update (context, bits, 8); 335 336 /* Store state in digest */ 337 Encode (digest, context->state, 16); 338 339 /* Zeroize sensitive information. */ 340 memset ((void *)context, 0, sizeof (*context)); 341} 342 343/* MD5 basic transformation. Transforms state based on block. */ 344static void MD5Transform(UINT4 state[4], 345 const unsigned char block[64]) 346{ 347 UINT4 a = state[0], b = state[1], c = state[2], d = state[3], x[16]; 348 349 Decode (x, block, 64); 350 351 /* Round 1 */ 352 FF (a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */ 353 FF (d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */ 354 FF (c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */ 355 FF (b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */ 356 FF (a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */ 357 FF (d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */ 358 FF (c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */ 359 FF (b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */ 360 FF (a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */ 361 FF (d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */ 362 FF (c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */ 363 FF (b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */ 364 FF (a, b, c, d, x[12], S11, 0x6b901122); /* 13 */ 365 FF (d, a, b, c, x[13], S12, 0xfd987193); /* 14 */ 366 FF (c, d, a, b, x[14], S13, 0xa679438e); /* 15 */ 367 FF (b, c, d, a, x[15], S14, 0x49b40821); /* 16 */ 368 369 /* Round 2 */ 370 GG (a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */ 371 GG (d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */ 372 GG (c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */ 373 GG (b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */ 374 GG (a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */ 375 GG (d, a, b, c, x[10], S22, 0x2441453); /* 22 */ 376 GG (c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */ 377 GG (b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */ 378 GG (a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */ 379 GG (d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */ 380 GG (c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */ 381 GG (b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */ 382 GG (a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */ 383 GG (d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */ 384 GG (c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */ 385 GG (b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */ 386 387 /* Round 3 */ 388 HH (a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */ 389 HH (d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */ 390 HH (c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */ 391 HH (b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */ 392 HH (a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */ 393 HH (d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */ 394 HH (c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */ 395 HH (b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */ 396 HH (a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */ 397 HH (d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */ 398 HH (c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */ 399 HH (b, c, d, a, x[ 6], S34, 0x4881d05); /* 44 */ 400 HH (a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */ 401 HH (d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */ 402 HH (c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */ 403 HH (b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */ 404 405 /* Round 4 */ 406 II (a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */ 407 II (d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */ 408 II (c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */ 409 II (b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */ 410 II (a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */ 411 II (d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */ 412 II (c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */ 413 II (b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */ 414 II (a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */ 415 II (d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */ 416 II (c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */ 417 II (b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */ 418 II (a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */ 419 II (d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */ 420 II (c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */ 421 II (b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */ 422 423 state[0] += a; 424 state[1] += b; 425 state[2] += c; 426 state[3] += d; 427 428 /* Zeroize sensitive information. */ 429 memset((void *)x, 0, sizeof (x)); 430} 431 432/* Encodes input (UINT4) into output (unsigned char). Assumes len is 433 a multiple of 4. 434 */ 435static void Encode (unsigned char *output, 436 UINT4 *input, 437 unsigned int len) 438{ 439 unsigned int i, j; 440 441 for(i = 0, j = 0; j < len; i++, j += 4) { 442 output[j] = (unsigned char)(input[i] & 0xff); 443 output[j+1] = (unsigned char)((input[i] >> 8) & 0xff); 444 output[j+2] = (unsigned char)((input[i] >> 16) & 0xff); 445 output[j+3] = (unsigned char)((input[i] >> 24) & 0xff); 446 } 447} 448 449/* Decodes input (unsigned char) into output (UINT4). Assumes len is 450 a multiple of 4. 451*/ 452static void Decode (UINT4 *output, 453 const unsigned char *input, 454 unsigned int len) 455{ 456 unsigned int i, j; 457 458 for(i = 0, j = 0; j < len; i++, j += 4) 459 output[i] = ((UINT4)input[j]) | (((UINT4)input[j+1]) << 8) | 460 (((UINT4)input[j+2]) << 16) | (((UINT4)input[j+3]) << 24); 461} 462 463#endif /* CRYPTO LIBS */ 464 465/* The last #include file should be: */ 466#include "memdebug.h" 467 468const HMAC_params Curl_HMAC_MD5[] = { 469 { 470 (HMAC_hinit_func) MD5_Init, /* Hash initialization function. */ 471 (HMAC_hupdate_func) MD5_Update, /* Hash update function. */ 472 (HMAC_hfinal_func) MD5_Final, /* Hash computation end function. */ 473 sizeof(MD5_CTX), /* Size of hash context structure. */ 474 64, /* Maximum key length. */ 475 16 /* Result size. */ 476 } 477}; 478 479const MD5_params Curl_DIGEST_MD5[] = { 480 { 481 (Curl_MD5_init_func) MD5_Init, /* Digest initialization function */ 482 (Curl_MD5_update_func) MD5_Update, /* Digest update function */ 483 (Curl_MD5_final_func) MD5_Final, /* Digest computation end function */ 484 sizeof(MD5_CTX), /* Size of digest context struct */ 485 16 /* Result size */ 486 } 487}; 488 489void Curl_md5it(unsigned char *outbuffer, /* 16 bytes */ 490 const unsigned char *input) 491{ 492 MD5_CTX ctx; 493 MD5_Init(&ctx); 494 MD5_Update(&ctx, input, curlx_uztoui(strlen((char *)input))); 495 MD5_Final(outbuffer, &ctx); 496} 497 498MD5_context *Curl_MD5_init(const MD5_params *md5params) 499{ 500 MD5_context *ctxt; 501 502 /* Create MD5 context */ 503 ctxt = malloc(sizeof *ctxt); 504 505 if(!ctxt) 506 return ctxt; 507 508 ctxt->md5_hashctx = malloc(md5params->md5_ctxtsize); 509 510 if(!ctxt->md5_hashctx) { 511 free(ctxt); 512 return NULL; 513 } 514 515 ctxt->md5_hash = md5params; 516 517 (*md5params->md5_init_func)(ctxt->md5_hashctx); 518 519 return ctxt; 520} 521 522int Curl_MD5_update(MD5_context *context, 523 const unsigned char *data, 524 unsigned int len) 525{ 526 (*context->md5_hash->md5_update_func)(context->md5_hashctx, data, len); 527 528 return 0; 529} 530 531int Curl_MD5_final(MD5_context *context, unsigned char *result) 532{ 533 (*context->md5_hash->md5_final_func)(result, context->md5_hashctx); 534 535 free(context->md5_hashctx); 536 free(context); 537 538 return 0; 539} 540 541#endif /* CURL_DISABLE_CRYPTO_AUTH */ 542