md5.c 7.25 KB
Newer Older
1
/*
2
 *	BIRD Library -- MD5 Hash Function and HMAC-MD5 Function
3
 *
4
 *	(c) 2015 CZ.NIC z.s.p.o.
5
 *
6 7 8 9 10
 *	The code was written by Colin Plumb in 1993, no copyright is claimed.
 *
 *	Adapted for BIRD by Martin Mares <mj@ucw.cz>
 *
 *	Can be freely distributed and used under the terms of the GNU GPL.
11 12
 */

13
#include "lib/md5.h"
14 15 16 17

#ifdef CPU_LITTLE_ENDIAN
#define byteReverse(buf, len)	/* Nothing */
#else
18
void byteReverse(byte *buf, uint longs);
19 20 21 22

/*
 * Note: this code is harmless on little-endian machines.
 */
23
void byteReverse(byte *buf, uint longs)
24
{
25 26 27 28 29 30 31
  u32 t;
  do {
    t = (u32) ((uint) buf[3] << 8 | buf[2]) << 16 |
	((uint) buf[1] << 8 | buf[0]);
    *(u32 *) buf = t;
    buf += 4;
  } while (--longs);
32 33 34
}
#endif

35 36
static void md5_transform(u32 buf[4], u32 const in[16]);

37 38 39 40
/*
 * Start MD5 accumulation.  Set bit count to 0 and buffer to mysterious
 * initialization constants.
 */
41
void
42
md5_init(struct hash_context *CTX)
43
{
44 45
  struct md5_context *ctx = (void *) CTX;

46 47 48 49
  ctx->buf[0] = 0x67452301;
  ctx->buf[1] = 0xefcdab89;
  ctx->buf[2] = 0x98badcfe;
  ctx->buf[3] = 0x10325476;
50

51 52
  ctx->bits[0] = 0;
  ctx->bits[1] = 0;
53 54 55 56 57 58
}

/*
 * Update context to reflect the concatenation of another buffer full
 * of bytes.
 */
59
void
60
md5_update(struct hash_context *CTX, const byte *buf, uint len)
61
{
62
  struct md5_context *ctx = (void *) CTX;
63
  u32 t;
64

65
  /* Update bitcount */
66

67 68 69 70
  t = ctx->bits[0];
  if ((ctx->bits[0] = t + ((u32) len << 3)) < t)
    ctx->bits[1]++;		/* Carry from low to high */
  ctx->bits[1] += len >> 29;
71

72
  t = (t >> 3) & 0x3f;	/* Bytes already in shsInfo->data */
73

74 75 76 77
  /* Handle any leading odd-sized chunks */
  if (t)
  {
    byte *p = (byte *) ctx->in + t;
78

79 80 81 82 83
    t = 64 - t;
    if (len < t)
    {
      memcpy(p, buf, len);
      return;
84
    }
85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103
    memcpy(p, buf, t);
    byteReverse(ctx->in, 16);
    md5_transform(ctx->buf, (u32 *) ctx->in);
    buf += t;
    len -= t;
  }

  /* Process data in 64-byte chunks */
  while (len >= 64)
  {
    memcpy(ctx->in, buf, 64);
    byteReverse(ctx->in, 16);
    md5_transform(ctx->buf, (u32 *) ctx->in);
    buf += 64;
    len -= 64;
  }

  /* Handle any remaining bytes of data. */
  memcpy(ctx->in, buf, len);
104 105 106
}

/*
107
 * Final wrapup - pad to 64-byte boundary with the bit pattern
108 109
 * 1 0* (64-bit count of bits processed, MSB-first)
 */
110
byte *
111
md5_final(struct hash_context *CTX)
112
{
113
  struct md5_context *ctx = (void *) CTX;
114 115
  uint count;
  byte *p;
116

117 118
  /* Compute number of bytes mod 64 */
  count = (ctx->bits[0] >> 3) & 0x3F;
119

120
  /* Set the first char of padding to 0x80.  This is safe since there is
121
       always at least one byte free */
122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154
  p = ctx->in + count;
  *p++ = 0x80;

  /* Bytes of padding needed to make 64 bytes */
  count = 64 - 1 - count;

  /* Pad out to 56 mod 64 */
  if (count < 8)
  {
    /* Two lots of padding:  Pad the first block to 64 bytes */
    memset(p, 0, count);
    byteReverse(ctx->in, 16);
    md5_transform(ctx->buf, (u32 *) ctx->in);

    /* Now fill the next block with 56 bytes */
    memset(ctx->in, 0, 56);
  }
  else
  {
    /* Pad block to 56 bytes */
    memset(p, 0, count - 8);
  }
  byteReverse(ctx->in, 14);

  /* Append length in bits and transform */
  ((u32 *) ctx->in)[14] = ctx->bits[0];
  ((u32 *) ctx->in)[15] = ctx->bits[1];

  md5_transform(ctx->buf, (u32 *) ctx->in);
  byteReverse((byte *) ctx->buf, 4);

  return (byte*) ctx->buf;
}
155 156 157 158 159 160 161 162 163 164 165

/* The four core functions - F1 is optimized somewhat */

/* #define F1(x, y, z) (x & y | ~x & z) */
#define F1(x, y, z) (z ^ (x & (y ^ z)))
#define F2(x, y, z) F1(z, x, y)
#define F3(x, y, z) (x ^ y ^ z)
#define F4(x, y, z) (y ^ (x | ~z))

/* This is the central step in the MD5 algorithm. */
#define MD5STEP(f, w, x, y, z, data, s) \
166
    ( w += f(x, y, z) + data,  w = w<<s | w>>(32-s),  w += x )
167 168 169 170 171 172

/*
 * The core of the MD5 algorithm, this alters an existing MD5 hash to
 * reflect the addition of 16 longwords of new data.  MD5Update blocks
 * the data and converts bytes into longwords for this routine.
 */
173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255
void
md5_transform(u32 buf[4], u32 const in[16])
{
  register u32 a, b, c, d;

  a = buf[0];
  b = buf[1];
  c = buf[2];
  d = buf[3];

  MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478, 7);
  MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756, 12);
  MD5STEP(F1, c, d, a, b, in[2] + 0x242070db, 17);
  MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceee, 22);
  MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0faf, 7);
  MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62a, 12);
  MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613, 17);
  MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501, 22);
  MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8, 7);
  MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7af, 12);
  MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1, 17);
  MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7be, 22);
  MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122, 7);
  MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193, 12);
  MD5STEP(F1, c, d, a, b, in[14] + 0xa679438e, 17);
  MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821, 22);

  MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562, 5);
  MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340, 9);
  MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51, 14);
  MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20);
  MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105d, 5);
  MD5STEP(F2, d, a, b, c, in[10] + 0x02441453, 9);
  MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681, 14);
  MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20);
  MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6, 5);
  MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6, 9);
  MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87, 14);
  MD5STEP(F2, b, c, d, a, in[8] + 0x455a14ed, 20);
  MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905, 5);
  MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8, 9);
  MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9, 14);
  MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20);

  MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942, 4);
  MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681, 11);
  MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122, 16);
  MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380c, 23);
  MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44, 4);
  MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9, 11);
  MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60, 16);
  MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70, 23);
  MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6, 4);
  MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127fa, 11);
  MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085, 16);
  MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05, 23);
  MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039, 4);
  MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5, 11);
  MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8, 16);
  MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665, 23);

  MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244, 6);
  MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97, 10);
  MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7, 15);
  MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039, 21);
  MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3, 6);
  MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92, 10);
  MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47d, 15);
  MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1, 21);
  MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4f, 6);
  MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10);
  MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314, 15);
  MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1, 21);
  MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82, 6);
  MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235, 10);
  MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15);
  MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391, 21);

  buf[0] += a;
  buf[1] += b;
  buf[2] += c;
  buf[3] += d;
}