1 /* md5sum.c - Calculate RFC 1321 md5 hash and sha1 hash.
3 * Copyright 2012 Rob Landley <rob@landley.net>
5 * See http://refspecs.linuxfoundation.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/md5sum.html
6 * and http://www.ietf.org/rfc/rfc1321.txt
8 * They're combined this way to share infrastructure, and because md5sum is
9 * and LSB standard command, sha1sum is just a good idea.
11 USE_MD5SUM(NEWTOY(md5sum, "b", TOYFLAG_USR|TOYFLAG_BIN))
12 USE_SHA1SUM(NEWTOY(sha1sum, "b", TOYFLAG_USR|TOYFLAG_BIN))
18 usage: md5sum [FILE]...
20 Calculate md5 hash for each input file, reading from stdin if none.
21 Output one hash (16 hex digits) for each input file, followed by
24 -b brief (hash only, no filename)
30 usage: sha1sum [FILE]...
32 calculate sha1 hash for each input file, reading from stdin if none.
33 Output one hash (20 hex digits) for each input file, followed by
36 -b brief (hash only, no filename)
52 #define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits))))
54 // for(i=0; i<64; i++) md5table[i] = abs(sin(i+1))*(1<<32); But calculating
55 // that involves not just floating point but pulling in -lm (and arguing with
56 // C about whether 1<<32 is a valid thing to do on 32 bit platforms) so:
58 static uint32_t md5table[64] = {
59 0xd76aa478, 0xe8c7b756, 0x242070db, 0xc1bdceee, 0xf57c0faf, 0x4787c62a,
60 0xa8304613, 0xfd469501, 0x698098d8, 0x8b44f7af, 0xffff5bb1, 0x895cd7be,
61 0x6b901122, 0xfd987193, 0xa679438e, 0x49b40821, 0xf61e2562, 0xc040b340,
62 0x265e5a51, 0xe9b6c7aa, 0xd62f105d, 0x02441453, 0xd8a1e681, 0xe7d3fbc8,
63 0x21e1cde6, 0xc33707d6, 0xf4d50d87, 0x455a14ed, 0xa9e3e905, 0xfcefa3f8,
64 0x676f02d9, 0x8d2a4c8a, 0xfffa3942, 0x8771f681, 0x6d9d6122, 0xfde5380c,
65 0xa4beea44, 0x4bdecfa9, 0xf6bb4b60, 0xbebfbc70, 0x289b7ec6, 0xeaa127fa,
66 0xd4ef3085, 0x04881d05, 0xd9d4d039, 0xe6db99e5, 0x1fa27cf8, 0xc4ac5665,
67 0xf4292244, 0x432aff97, 0xab9423a7, 0xfc93a039, 0x655b59c3, 0x8f0ccc92,
68 0xffeff47d, 0x85845dd1, 0x6fa87e4f, 0xfe2ce6e0, 0xa3014314, 0x4e0811a1,
69 0xf7537e82, 0xbd3af235, 0x2ad7d2bb, 0xeb86d391
72 static const uint8_t md5rot[64] = {
73 7, 12, 17, 22, 7, 12, 17, 22, 7, 12, 17, 22, 7, 12, 17, 22,
74 5, 9, 14, 20, 5, 9, 14, 20, 5, 9, 14, 20, 5, 9, 14, 20,
75 4, 11, 16, 23, 4, 11, 16, 23, 4, 11, 16, 23, 4, 11, 16, 23,
76 6, 10, 15, 21, 6, 10, 15, 21, 6, 10, 15, 21, 6, 10, 15, 21
79 // Mix next 64 bytes of data into md5 hash
81 static void md5_transform(void)
83 unsigned x[4], *b = TT.buffer.i;
86 memcpy(x, TT.state, sizeof(x));
88 for (i=0; i<64; i++) {
89 unsigned int in, temp, swap;
93 temp = (temp & x[2]) | ((~temp) & x[3]);
97 temp = (x[1] & temp) | (x[2] & ~temp);
100 temp = x[1] ^ x[2] ^ x[3];
103 temp = x[2] ^ (x[1] | ~x[3]);
105 temp += x[0] + b[in] + md5table[i];
109 x[1] += rol(temp, md5rot[i]);
112 for (i=0; i<4; i++) TT.state[i] += x[i];
115 // Mix next 64 bytes of data into sha1 hash.
117 static const unsigned rconsts[]={0x5A827999,0x6ED9EBA1,0x8F1BBCDC,0xCA62C1D6};
119 static void sha1_transform(void)
122 unsigned *block = TT.buffer.i;
123 unsigned *rot[5], *temp;
125 // Copy context->state[] to working vars
126 for (i=0; i<5; i++) {
127 TT.oldstate[i] = TT.state[i];
128 rot[i] = TT.state + i;
130 // 4 rounds of 20 operations each.
131 for (i=count=0; i<4; i++) {
132 for (j=0; j<20; j++) {
135 work = *rot[2] ^ *rot[3];
136 if (!i) work = (work & *rot[1]) ^ *rot[3];
138 if (i==2) work = ((*rot[1]|*rot[2])&*rot[3])|(*rot[1]&*rot[2]);
139 else work ^= *rot[1];
143 work += block[count] = (rol(block[count],24)&0xFF00FF00)
144 | (rol(block[count],8)&0x00FF00FF);
146 work += block[count&15] = rol(block[(count+13)&15]
147 ^ block[(count+8)&15] ^ block[(count+2)&15] ^ block[count&15], 1);
148 *rot[4] += work + rol(*rot[0],5) + rconsts[i];
149 *rot[1] = rol(*rot[1],30);
151 // Rotate by one for next time.
153 for (k=4; k; k--) rot[k] = rot[k-1];
158 // Add the previous values of state[]
159 for (i=0; i<5; i++) TT.state[i] += TT.oldstate[i];
162 // Fill the 64-byte working buffer and call transform() when full.
164 static void hash_update(char *data, unsigned int len, void (*transform)(void))
172 // Grab next chunk of data, return if it's not enough to process a frame
175 memcpy(TT.buffer.c+j, data, i);
176 if (j+i != 64) break;
180 for (j=0; j<16; j++) TT.buffer.i[j] = SWAP_LE32(TT.buffer.i[j]);
188 // Callback for loopfiles()
190 static void do_hash(int fd, char *name)
193 int i, sha1=toys.which->name[0]=='s';;
195 void (*transform)(void);
197 /* SHA1 initialization constants (md5sum uses first 4) */
198 TT.state[0] = 0x67452301;
199 TT.state[1] = 0xEFCDAB89;
200 TT.state[2] = 0x98BADCFE;
201 TT.state[3] = 0x10325476;
202 TT.state[4] = 0xC3D2E1F0;
205 transform = sha1 ? sha1_transform : md5_transform;
207 i = read(fd, toybuf, sizeof(toybuf));
209 hash_update(toybuf, i, transform);
212 count = TT.count << 3;
214 // End the message by appending a "1" bit to the data, ending with the
215 // message size (in bits, big endian), and adding enough zero bits in
216 // between to pad to the end of the next 64-byte frame.
218 // Since our input up to now has been in whole bytes, we can deal with
223 hash_update(&buf, 1, transform);
225 } while ((TT.count & 63) != 56);
226 count = sha1 ? SWAP_BE64(count) : SWAP_LE64(count);
227 hash_update((void *)&count, 8, transform);
230 for (i = 0; i < 20; i++)
231 printf("%02x", 255&(TT.state[i>>2] >> ((3-(i & 3)) * 8)));
232 else for (i=0; i<4; i++) printf("%08x", bswap_32(TT.state[i]));
234 // Wipe variables. Cryptographer paranoia.
235 memset(&TT, 0, sizeof(TT));
237 printf((toys.optflags & FLAG_b) ? "\n" : " %s\n", name);
240 void md5sum_main(void)
242 loopfiles(toys.optargs, do_hash);
245 void sha1sum_main(void)