1 /* $Id: md5.c,v 1.5 2001/03/22 03:59:10 momjian Exp $ */
2 /* $KAME: md5.c,v 1.3 2000/02/22 14:01:17 itojun Exp $ */
5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of the project nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
37 #define SHIFT(X, s) (((X) << (s)) | ((X) >> (32 - (s))))
39 #define F(X, Y, Z) (((X) & (Y)) | ((~X) & (Z)))
40 #define G(X, Y, Z) (((X) & (Z)) | ((Y) & (~Z)))
41 #define H(X, Y, Z) ((X) ^ (Y) ^ (Z))
42 #define I(X, Y, Z) ((Y) ^ ((X) | (~Z)))
44 #define ROUND1(a, b, c, d, k, s, i) { \
45 (a) = (a) + F((b), (c), (d)) + X[(k)] + T[(i)]; \
46 (a) = SHIFT((a), (s)); \
50 #define ROUND2(a, b, c, d, k, s, i) { \
51 (a) = (a) + G((b), (c), (d)) + X[(k)] + T[(i)]; \
52 (a) = SHIFT((a), (s)); \
56 #define ROUND3(a, b, c, d, k, s, i) { \
57 (a) = (a) + H((b), (c), (d)) + X[(k)] + T[(i)]; \
58 (a) = SHIFT((a), (s)); \
62 #define ROUND4(a, b, c, d, k, s, i) { \
63 (a) = (a) + I((b), (c), (d)) + X[(k)] + T[(i)]; \
64 (a) = SHIFT((a), (s)); \
88 #define MD5_A0 0x67452301
89 #define MD5_B0 0xefcdab89
90 #define MD5_C0 0x98badcfe
91 #define MD5_D0 0x10325476
93 /* Integer part of 4294967296 times abs(sin(i)), where i is in radians. */
94 static const uint32 T[65] = {
96 0xd76aa478, 0xe8c7b756, 0x242070db, 0xc1bdceee,
97 0xf57c0faf, 0x4787c62a, 0xa8304613, 0xfd469501,
98 0x698098d8, 0x8b44f7af, 0xffff5bb1, 0x895cd7be,
99 0x6b901122, 0xfd987193, 0xa679438e, 0x49b40821,
101 0xf61e2562, 0xc040b340, 0x265e5a51, 0xe9b6c7aa,
102 0xd62f105d, 0x2441453, 0xd8a1e681, 0xe7d3fbc8,
103 0x21e1cde6, 0xc33707d6, 0xf4d50d87, 0x455a14ed,
104 0xa9e3e905, 0xfcefa3f8, 0x676f02d9, 0x8d2a4c8a,
106 0xfffa3942, 0x8771f681, 0x6d9d6122, 0xfde5380c,
107 0xa4beea44, 0x4bdecfa9, 0xf6bb4b60, 0xbebfbc70,
108 0x289b7ec6, 0xeaa127fa, 0xd4ef3085, 0x4881d05,
109 0xd9d4d039, 0xe6db99e5, 0x1fa27cf8, 0xc4ac5665,
111 0xf4292244, 0x432aff97, 0xab9423a7, 0xfc93a039,
112 0x655b59c3, 0x8f0ccc92, 0xffeff47d, 0x85845dd1,
113 0x6fa87e4f, 0xfe2ce6e0, 0xa3014314, 0x4e0811a1,
114 0xf7537e82, 0xbd3af235, 0x2ad7d2bb, 0xeb86d391,
117 static const uint8 md5_paddat[MD5_BUFLEN] = {
118 0x80, 0, 0, 0, 0, 0, 0, 0,
119 0, 0, 0, 0, 0, 0, 0, 0,
120 0, 0, 0, 0, 0, 0, 0, 0,
121 0, 0, 0, 0, 0, 0, 0, 0,
122 0, 0, 0, 0, 0, 0, 0, 0,
123 0, 0, 0, 0, 0, 0, 0, 0,
124 0, 0, 0, 0, 0, 0, 0, 0,
125 0, 0, 0, 0, 0, 0, 0, 0,
128 static void md5_calc(uint8 *, md5_ctxt *);
136 ctxt->md5_sta = MD5_A0;
137 ctxt->md5_stb = MD5_B0;
138 ctxt->md5_stc = MD5_C0;
139 ctxt->md5_std = MD5_D0;
140 bzero(ctxt->md5_buf, sizeof(ctxt->md5_buf));
144 md5_loop(ctxt, input, len)
147 unsigned int len; /* number of bytes */
152 ctxt->md5_n += len * 8; /* byte to bit */
153 gap = MD5_BUFLEN - ctxt->md5_i;
157 bcopy((void *) input, (void *) (ctxt->md5_buf + ctxt->md5_i),
159 md5_calc(ctxt->md5_buf, ctxt);
161 for (i = gap; i + MD5_BUFLEN <= len; i += MD5_BUFLEN)
162 md5_calc((uint8 *) (input + i), ctxt);
164 ctxt->md5_i = len - i;
165 bcopy((void *) (input + i), (void *) ctxt->md5_buf, ctxt->md5_i);
169 bcopy((void *) input, (void *) (ctxt->md5_buf + ctxt->md5_i),
181 /* Don't count up padding. Keep md5_n. */
182 gap = MD5_BUFLEN - ctxt->md5_i;
185 bcopy((void *) md5_paddat,
186 (void *) (ctxt->md5_buf + ctxt->md5_i),
187 gap - sizeof(ctxt->md5_n));
191 /* including gap == 8 */
192 bcopy((void *) md5_paddat, (void *) (ctxt->md5_buf + ctxt->md5_i),
194 md5_calc(ctxt->md5_buf, ctxt);
195 bcopy((void *) (md5_paddat + gap),
196 (void *) ctxt->md5_buf,
197 MD5_BUFLEN - sizeof(ctxt->md5_n));
201 #if BYTE_ORDER == LITTLE_ENDIAN
202 bcopy(&ctxt->md5_n8[0], &ctxt->md5_buf[56], 8);
204 #if BYTE_ORDER == BIG_ENDIAN
205 ctxt->md5_buf[56] = ctxt->md5_n8[7];
206 ctxt->md5_buf[57] = ctxt->md5_n8[6];
207 ctxt->md5_buf[58] = ctxt->md5_n8[5];
208 ctxt->md5_buf[59] = ctxt->md5_n8[4];
209 ctxt->md5_buf[60] = ctxt->md5_n8[3];
210 ctxt->md5_buf[61] = ctxt->md5_n8[2];
211 ctxt->md5_buf[62] = ctxt->md5_n8[1];
212 ctxt->md5_buf[63] = ctxt->md5_n8[0];
215 md5_calc(ctxt->md5_buf, ctxt);
219 md5_result(digest, ctxt)
224 #if BYTE_ORDER == LITTLE_ENDIAN
225 bcopy(&ctxt->md5_st8[0], digest, 16);
227 #if BYTE_ORDER == BIG_ENDIAN
228 digest[0] = ctxt->md5_st8[3];
229 digest[1] = ctxt->md5_st8[2];
230 digest[2] = ctxt->md5_st8[1];
231 digest[3] = ctxt->md5_st8[0];
232 digest[4] = ctxt->md5_st8[7];
233 digest[5] = ctxt->md5_st8[6];
234 digest[6] = ctxt->md5_st8[5];
235 digest[7] = ctxt->md5_st8[4];
236 digest[8] = ctxt->md5_st8[11];
237 digest[9] = ctxt->md5_st8[10];
238 digest[10] = ctxt->md5_st8[9];
239 digest[11] = ctxt->md5_st8[8];
240 digest[12] = ctxt->md5_st8[15];
241 digest[13] = ctxt->md5_st8[14];
242 digest[14] = ctxt->md5_st8[13];
243 digest[15] = ctxt->md5_st8[12];
247 #if BYTE_ORDER == BIG_ENDIAN
257 uint32 A = ctxt->md5_sta;
258 uint32 B = ctxt->md5_stb;
259 uint32 C = ctxt->md5_stc;
260 uint32 D = ctxt->md5_std;
262 #if BYTE_ORDER == LITTLE_ENDIAN
263 uint32 *X = (uint32 *) b64;
266 #if BYTE_ORDER == BIG_ENDIAN
268 /* what a brute force but fast! */
269 uint8 *y = (uint8 *) X;
337 ROUND1(A, B, C, D, 0, Sa, 1);
338 ROUND1(D, A, B, C, 1, Sb, 2);
339 ROUND1(C, D, A, B, 2, Sc, 3);
340 ROUND1(B, C, D, A, 3, Sd, 4);
341 ROUND1(A, B, C, D, 4, Sa, 5);
342 ROUND1(D, A, B, C, 5, Sb, 6);
343 ROUND1(C, D, A, B, 6, Sc, 7);
344 ROUND1(B, C, D, A, 7, Sd, 8);
345 ROUND1(A, B, C, D, 8, Sa, 9);
346 ROUND1(D, A, B, C, 9, Sb, 10);
347 ROUND1(C, D, A, B, 10, Sc, 11);
348 ROUND1(B, C, D, A, 11, Sd, 12);
349 ROUND1(A, B, C, D, 12, Sa, 13);
350 ROUND1(D, A, B, C, 13, Sb, 14);
351 ROUND1(C, D, A, B, 14, Sc, 15);
352 ROUND1(B, C, D, A, 15, Sd, 16);
354 ROUND2(A, B, C, D, 1, Se, 17);
355 ROUND2(D, A, B, C, 6, Sf, 18);
356 ROUND2(C, D, A, B, 11, Sg, 19);
357 ROUND2(B, C, D, A, 0, Sh, 20);
358 ROUND2(A, B, C, D, 5, Se, 21);
359 ROUND2(D, A, B, C, 10, Sf, 22);
360 ROUND2(C, D, A, B, 15, Sg, 23);
361 ROUND2(B, C, D, A, 4, Sh, 24);
362 ROUND2(A, B, C, D, 9, Se, 25);
363 ROUND2(D, A, B, C, 14, Sf, 26);
364 ROUND2(C, D, A, B, 3, Sg, 27);
365 ROUND2(B, C, D, A, 8, Sh, 28);
366 ROUND2(A, B, C, D, 13, Se, 29);
367 ROUND2(D, A, B, C, 2, Sf, 30);
368 ROUND2(C, D, A, B, 7, Sg, 31);
369 ROUND2(B, C, D, A, 12, Sh, 32);
371 ROUND3(A, B, C, D, 5, Si, 33);
372 ROUND3(D, A, B, C, 8, Sj, 34);
373 ROUND3(C, D, A, B, 11, Sk, 35);
374 ROUND3(B, C, D, A, 14, Sl, 36);
375 ROUND3(A, B, C, D, 1, Si, 37);
376 ROUND3(D, A, B, C, 4, Sj, 38);
377 ROUND3(C, D, A, B, 7, Sk, 39);
378 ROUND3(B, C, D, A, 10, Sl, 40);
379 ROUND3(A, B, C, D, 13, Si, 41);
380 ROUND3(D, A, B, C, 0, Sj, 42);
381 ROUND3(C, D, A, B, 3, Sk, 43);
382 ROUND3(B, C, D, A, 6, Sl, 44);
383 ROUND3(A, B, C, D, 9, Si, 45);
384 ROUND3(D, A, B, C, 12, Sj, 46);
385 ROUND3(C, D, A, B, 15, Sk, 47);
386 ROUND3(B, C, D, A, 2, Sl, 48);
388 ROUND4(A, B, C, D, 0, Sm, 49);
389 ROUND4(D, A, B, C, 7, Sn, 50);
390 ROUND4(C, D, A, B, 14, So, 51);
391 ROUND4(B, C, D, A, 5, Sp, 52);
392 ROUND4(A, B, C, D, 12, Sm, 53);
393 ROUND4(D, A, B, C, 3, Sn, 54);
394 ROUND4(C, D, A, B, 10, So, 55);
395 ROUND4(B, C, D, A, 1, Sp, 56);
396 ROUND4(A, B, C, D, 8, Sm, 57);
397 ROUND4(D, A, B, C, 15, Sn, 58);
398 ROUND4(C, D, A, B, 6, So, 59);
399 ROUND4(B, C, D, A, 13, Sp, 60);
400 ROUND4(A, B, C, D, 4, Sm, 61);
401 ROUND4(D, A, B, C, 11, Sn, 62);
402 ROUND4(C, D, A, B, 2, So, 63);
403 ROUND4(B, C, D, A, 9, Sp, 64);