1/* crypto/md/md5_dgst.c */ 2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59#ifdef USE_MD5 /*%< Added by ogud@tis.com 1998/1/26 */ 60#include <port_before.h> 61#ifndef HAVE_MD5 62#include <stdio.h> 63#include "md5_locl.h" 64#include <port_after.h> 65 66const char *MD5_version="MD5 part of SSLeay 0.8.1 19-Jul-1997"; 67 68/*! \file 69 * \brief 70 * Implemented from RFC1321 The MD5 Message-Digest Algorithm 71 */ 72 73#define INIT_DATA_A (unsigned long)0x67452301L 74#define INIT_DATA_B (unsigned long)0xefcdab89L 75#define INIT_DATA_C (unsigned long)0x98badcfeL 76#define INIT_DATA_D (unsigned long)0x10325476L 77 78#ifndef NOPROTO 79static void md5_block(MD5_CTX *c, unsigned long *p); 80#else 81static void md5_block(); 82#endif 83 84void MD5_Init(c) 85MD5_CTX *c; 86 { 87 c->A=INIT_DATA_A; 88 c->B=INIT_DATA_B; 89 c->C=INIT_DATA_C; 90 c->D=INIT_DATA_D; 91 c->Nl=0; 92 c->Nh=0; 93 c->num=0; 94 } 95 96void MD5_Update(c, data, len) 97MD5_CTX *c; 98register const unsigned char *data; 99unsigned long len; 100 { 101 register ULONG *p; 102 int sw,sc; 103 ULONG l; 104 105 if (len == 0U) return; 106 107 l=(c->Nl+(len<<3))&0xffffffffL; 108 /* 95-05-24 eay Fixed a bug with the overflow handling, thanks to 109 * Wei Dai <weidai@eskimo.com> for pointing it out. */ 110 if (l < c->Nl) /*%< overflow */ 111 c->Nh++; 112 c->Nh+=(len>>29); 113 c->Nl=l; 114 115 if (c->num != 0) 116 { 117 p=c->data; 118 sw=c->num>>2; 119 sc=c->num&0x03; 120 121 if ((c->num+len) >= (size_t)MD5_CBLOCK) 122 { 123 l= p[sw]; 124 p_c2l(data,l,sc); 125 p[sw++]=l; 126 for (; sw<MD5_LBLOCK; sw++) 127 { 128 c2l(data,l); 129 p[sw]=l; 130 } 131 len-=(MD5_CBLOCK-c->num); 132 133 md5_block(c,p); 134 c->num=0; 135 /* drop through and do the rest */ 136 } 137 else 138 { 139 int ew,ec; 140 141 c->num+=(int)len; 142 if ((sc+len) < 4U) /*%< ugly, add char's to a word */ 143 { 144 l= p[sw]; 145 p_c2l_p(data,l,sc,len); 146 p[sw]=l; 147 } 148 else 149 { 150 ew=(c->num>>2); 151 ec=(c->num&0x03); 152 l= p[sw]; 153 p_c2l(data,l,sc); 154 p[sw++]=l; 155 for (; sw < ew; sw++) 156 { c2l(data,l); p[sw]=l; } 157 if (ec) 158 { 159 c2l_p(data,l,ec); 160 p[sw]=l; 161 } 162 } 163 return; 164 } 165 } 166 /* we now can process the input data in blocks of MD5_CBLOCK 167 * chars and save the leftovers to c->data. */ 168 p=c->data; 169 while (len >= (size_t)MD5_CBLOCK) 170 { 171#if defined(L_ENDIAN) || defined(B_ENDIAN) 172 memcpy(p,data,MD5_CBLOCK); 173 data+=MD5_CBLOCK; 174#ifdef B_ENDIAN 175 for (sw=(MD5_LBLOCK/4); sw; sw--) 176 { 177 Endian_Reverse32(p[0]); 178 Endian_Reverse32(p[1]); 179 Endian_Reverse32(p[2]); 180 Endian_Reverse32(p[3]); 181 p+=4; 182 } 183#endif 184#else 185 for (sw=(MD5_LBLOCK/4); sw; sw--) 186 { 187 c2l(data,l); *(p++)=l; 188 c2l(data,l); *(p++)=l; 189 c2l(data,l); *(p++)=l; 190 c2l(data,l); *(p++)=l; 191 } 192#endif 193 p=c->data; 194 md5_block(c,p); 195 len-=MD5_CBLOCK; 196 } 197 sc=(int)len; 198 c->num=sc; 199 if (sc) 200 { 201 sw=sc>>2; /*%< words to copy */ 202#ifdef L_ENDIAN 203 p[sw]=0; 204 memcpy(p,data,sc); 205#else 206 sc&=0x03; 207 for ( ; sw; sw--) 208 { c2l(data,l); *(p++)=l; } 209 c2l_p(data,l,sc); 210 *p=l; 211#endif 212 } 213 } 214 215static void md5_block(c, X) 216MD5_CTX *c; 217register ULONG *X; 218 { 219 register ULONG A,B,C,D; 220 221 A=c->A; 222 B=c->B; 223 C=c->C; 224 D=c->D; 225 226 /* Round 0 */ 227 R0(A,B,C,D,X[ 0], 7,0xd76aa478L); 228 R0(D,A,B,C,X[ 1],12,0xe8c7b756L); 229 R0(C,D,A,B,X[ 2],17,0x242070dbL); 230 R0(B,C,D,A,X[ 3],22,0xc1bdceeeL); 231 R0(A,B,C,D,X[ 4], 7,0xf57c0fafL); 232 R0(D,A,B,C,X[ 5],12,0x4787c62aL); 233 R0(C,D,A,B,X[ 6],17,0xa8304613L); 234 R0(B,C,D,A,X[ 7],22,0xfd469501L); 235 R0(A,B,C,D,X[ 8], 7,0x698098d8L); 236 R0(D,A,B,C,X[ 9],12,0x8b44f7afL); 237 R0(C,D,A,B,X[10],17,0xffff5bb1L); 238 R0(B,C,D,A,X[11],22,0x895cd7beL); 239 R0(A,B,C,D,X[12], 7,0x6b901122L); 240 R0(D,A,B,C,X[13],12,0xfd987193L); 241 R0(C,D,A,B,X[14],17,0xa679438eL); 242 R0(B,C,D,A,X[15],22,0x49b40821L); 243 /* Round 1 */ 244 R1(A,B,C,D,X[ 1], 5,0xf61e2562L); 245 R1(D,A,B,C,X[ 6], 9,0xc040b340L); 246 R1(C,D,A,B,X[11],14,0x265e5a51L); 247 R1(B,C,D,A,X[ 0],20,0xe9b6c7aaL); 248 R1(A,B,C,D,X[ 5], 5,0xd62f105dL); 249 R1(D,A,B,C,X[10], 9,0x02441453L); 250 R1(C,D,A,B,X[15],14,0xd8a1e681L); 251 R1(B,C,D,A,X[ 4],20,0xe7d3fbc8L); 252 R1(A,B,C,D,X[ 9], 5,0x21e1cde6L); 253 R1(D,A,B,C,X[14], 9,0xc33707d6L); 254 R1(C,D,A,B,X[ 3],14,0xf4d50d87L); 255 R1(B,C,D,A,X[ 8],20,0x455a14edL); 256 R1(A,B,C,D,X[13], 5,0xa9e3e905L); 257 R1(D,A,B,C,X[ 2], 9,0xfcefa3f8L); 258 R1(C,D,A,B,X[ 7],14,0x676f02d9L); 259 R1(B,C,D,A,X[12],20,0x8d2a4c8aL); 260 /* Round 2 */ 261 R2(A,B,C,D,X[ 5], 4,0xfffa3942L); 262 R2(D,A,B,C,X[ 8],11,0x8771f681L); 263 R2(C,D,A,B,X[11],16,0x6d9d6122L); 264 R2(B,C,D,A,X[14],23,0xfde5380cL); 265 R2(A,B,C,D,X[ 1], 4,0xa4beea44L); 266 R2(D,A,B,C,X[ 4],11,0x4bdecfa9L); 267 R2(C,D,A,B,X[ 7],16,0xf6bb4b60L); 268 R2(B,C,D,A,X[10],23,0xbebfbc70L); 269 R2(A,B,C,D,X[13], 4,0x289b7ec6L); 270 R2(D,A,B,C,X[ 0],11,0xeaa127faL); 271 R2(C,D,A,B,X[ 3],16,0xd4ef3085L); 272 R2(B,C,D,A,X[ 6],23,0x04881d05L); 273 R2(A,B,C,D,X[ 9], 4,0xd9d4d039L); 274 R2(D,A,B,C,X[12],11,0xe6db99e5L); 275 R2(C,D,A,B,X[15],16,0x1fa27cf8L); 276 R2(B,C,D,A,X[ 2],23,0xc4ac5665L); 277 /* Round 3 */ 278 R3(A,B,C,D,X[ 0], 6,0xf4292244L); 279 R3(D,A,B,C,X[ 7],10,0x432aff97L); 280 R3(C,D,A,B,X[14],15,0xab9423a7L); 281 R3(B,C,D,A,X[ 5],21,0xfc93a039L); 282 R3(A,B,C,D,X[12], 6,0x655b59c3L); 283 R3(D,A,B,C,X[ 3],10,0x8f0ccc92L); 284 R3(C,D,A,B,X[10],15,0xffeff47dL); 285 R3(B,C,D,A,X[ 1],21,0x85845dd1L); 286 R3(A,B,C,D,X[ 8], 6,0x6fa87e4fL); 287 R3(D,A,B,C,X[15],10,0xfe2ce6e0L); 288 R3(C,D,A,B,X[ 6],15,0xa3014314L); 289 R3(B,C,D,A,X[13],21,0x4e0811a1L); 290 R3(A,B,C,D,X[ 4], 6,0xf7537e82L); 291 R3(D,A,B,C,X[11],10,0xbd3af235L); 292 R3(C,D,A,B,X[ 2],15,0x2ad7d2bbL); 293 R3(B,C,D,A,X[ 9],21,0xeb86d391L); 294 295 c->A+=A&0xffffffffL; 296 c->B+=B&0xffffffffL; 297 c->C+=C&0xffffffffL; 298 c->D+=D&0xffffffffL; 299 } 300 301void MD5_Final(md, c) 302unsigned char *md; 303MD5_CTX *c; 304 { 305 register int i,j; 306 register ULONG l; 307 register ULONG *p; 308 static unsigned char end[4]={0x80,0x00,0x00,0x00}; 309 unsigned char *cp=end; 310 311 /* c->num should definitly have room for at least one more byte. */ 312 p=c->data; 313 j=c->num; 314 i=j>>2; 315 316 /* purify often complains about the following line as an 317 * Uninitialized Memory Read. While this can be true, the 318 * following p_c2l macro will reset l when that case is true. 319 * This is because j&0x03 contains the number of 'valid' bytes 320 * already in p[i]. If and only if j&0x03 == 0, the UMR will 321 * occur but this is also the only time p_c2l will do 322 * l= *(cp++) instead of l|= *(cp++) 323 * Many thanks to Alex Tang <altitude@cic.net> for pickup this 324 * 'potential bug' */ 325#ifdef PURIFY 326 if ((j&0x03) == 0) p[i]=0; 327#endif 328 l=p[i]; 329 p_c2l(cp,l,j&0x03); 330 p[i]=l; 331 i++; 332 /* i is the next 'undefined word' */ 333 if (c->num >= MD5_LAST_BLOCK) 334 { 335 for (; i<MD5_LBLOCK; i++) 336 p[i]=0; 337 md5_block(c,p); 338 i=0; 339 } 340 for (; i<(MD5_LBLOCK-2); i++) 341 p[i]=0; 342 p[MD5_LBLOCK-2]=c->Nl; 343 p[MD5_LBLOCK-1]=c->Nh; 344 md5_block(c,p); 345 cp=md; 346 l=c->A; l2c(l,cp); 347 l=c->B; l2c(l,cp); 348 l=c->C; l2c(l,cp); 349 l=c->D; l2c(l,cp); 350 351 /* clear stuff, md5_block may be leaving some stuff on the stack 352 * but I'm not worried :-) */ 353 c->num=0; 354/* memset((char *)&c,0,sizeof(c));*/ 355 } 356 357#ifdef undef 358int printit(l) 359unsigned long *l; 360 { 361 int i,ii; 362 363 for (i=0; i<2; i++) 364 { 365 for (ii=0; ii<8; ii++) 366 { 367 fprintf(stderr,"%08lx ",l[i*8+ii]); 368 } 369 fprintf(stderr,"\n"); 370 } 371 } 372#endif 373#endif /* HAVE_MD5 */ 374#endif /* USE_MD5 */ 375