diff options
| author | Guillem Jover <guillem@hadrons.org> | 2008-06-18 08:19:41 +0300 |
|---|---|---|
| committer | Guillem Jover <guillem@hadrons.org> | 2008-06-18 08:19:41 +0300 |
| commit | b37f1039efda597cf821be7be88b280aaf14c2b9 (patch) | |
| tree | e8a6f91c51e158d3b61edbd0b4bbf78f5f235851 | |
| parent | 20bf55ffa5a56d3ee062aa199e5b3033ea29c52a (diff) | |
| download | libbsd-b37f1039efda597cf821be7be88b280aaf14c2b9.tar.gz | |
Replace current md5 code with one from MirBSD and OpenBSD
This adds the following public functions:
MD5Transform, MD5End, MD5File, MD5FileChunk, MD5Data
| -rw-r--r-- | Makefile | 20 | ||||
| -rw-r--r-- | Versions | 6 | ||||
| -rw-r--r-- | include/bsd/md5.h | 77 | ||||
| -rw-r--r-- | man/.gitignore | 1 | ||||
| -rw-r--r-- | man/mdX.3 | 223 | ||||
| -rw-r--r-- | src/hash/.gitignore | 1 | ||||
| -rw-r--r-- | src/hash/helper.c | 100 | ||||
| -rw-r--r-- | src/hash/md5.c | 248 | ||||
| -rw-r--r-- | src/md5.copyright | 21 | ||||
| -rw-r--r-- | src/md5c.c | 338 |
10 files changed, 636 insertions, 399 deletions
@@ -6,13 +6,18 @@ LIB_SRCS := arc4random.c bsd_getopt.c err.c fgetln.c heapsort.c \ linkaddr.c humanize_number.c inet_net_pton.c \ - strlcat.c strlcpy.c md5c.c fmtcheck.c progname.c vis.c unvis.c + hash/md5.c hash/md5hl.c \ + strlcat.c strlcpy.c fmtcheck.c progname.c vis.c unvis.c LIB_SRCS := $(patsubst %,src/%,$(LIB_SRCS)) +LIB_GEN_SRCS := \ + man/md5.3 \ + src/hash/md5hl.c + LIB_INCLUDES := bsd/err.h bsd/getopt.h bsd/ip_icmp.h bsd/random.h bsd/queue.h bsd/md5.h bsd/string.h \ bsd/bsd.h bsd/cdefs.h bsd/stdlib.h bsd/if_dl.h vis.h libutil.h -LIB_MANS := arc4random.3 strlcpy.3 fgetln.3 fmtcheck.3 +LIB_MANS := arc4random.3 strlcpy.3 fgetln.3 fmtcheck.3 md5.3 LIB_MANS := $(patsubst %,man/%,$(LIB_MANS)) LIB_STATIC_OBJS = $(LIB_SRCS:%.c=%.o) @@ -32,12 +37,20 @@ MK_CFLAGS = -Iinclude/ -include bsd/bsd.h -D_GNU_SOURCE libs: $(LIB_STATIC) $(LIB_SHARED_SO) +man: $(LIB_MANS) + %.lo: %.c $(CC) -o $@ $(MK_CFLAGS) $(CFLAGS) -DPIC -fPIC -c $< %.o: %.c $(CC) -o $@ $(MK_CFLAGS) $(CFLAGS) -c $< +man/md5.3: man/mdX.3 + sed -e 's/mdX/md5/g' -e 's/mdY/md4/g' -e 's/MDX/MD5/g' $< > $@ + +src/hash/md5hl.c: src/hash/helper.c + sed -e 's:hashinc:bsd/md5.h:g' -e 's:HASH:MD5:g' $< > $@ + $(LIB_STATIC): $(LIB_STATIC_OBJS) ar rcs $@ $^ @@ -53,7 +66,7 @@ $(LIB_SHARED): $(LIB_SHARED_OBJS) -Wl,--version-script=Versions \ -o $@ $^ -install: libs +install: libs man mkdir -p $(DESTDIR)/usr/lib/ $(DESTDIR)/lib/ mkdir -p $(DESTDIR)/usr/include/bsd/ mkdir -p $(DESTDIR)/usr/share/man/man3 @@ -65,6 +78,7 @@ install: libs ln -sf $(LIB_SHARED) $(DESTDIR)/lib/$(LIB_SONAME) clean: + rm -f $(LIB_GEN_SRCS) rm -f $(LIB_STATIC_OBJS) rm -f $(LIB_STATIC) rm -f $(LIB_SHARED_OBJS) @@ -19,6 +19,12 @@ LIBBSD_0.0 { MD5Update; MD5Pad; MD5Final; + MD5Transform; + MD5End; + MD5File; + MD5FileChunk; + MD5Data; + local: *; }; diff --git a/include/bsd/md5.h b/include/bsd/md5.h index 8d709aa..3599640 100644 --- a/include/bsd/md5.h +++ b/include/bsd/md5.h @@ -1,48 +1,51 @@ -/* MD5.H - header file for MD5C.C - * $FreeBSD: src/sys/sys/md5.h,v 1.16 2002/06/24 14:18:39 mux Exp $ +/* $OpenBSD: md5.h,v 1.16 2004/06/22 01:57:30 jfb Exp $ */ + +/* + * This code implements the MD5 message-digest algorithm. + * The algorithm is due to Ron Rivest. This code was + * written by Colin Plumb in 1993, no copyright is claimed. + * This code is in the public domain; do with it what you wish. + * + * Equivalent code is available from RSA Data Security, Inc. + * This code has been tested against that, and is equivalent, + * except that you don't need to include two pages of legalese + * with every copy. */ -/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All -rights reserved. +#ifndef _MD5_H_ +#define _MD5_H_ -License to copy and use this software is granted provided that it -is identified as the "RSA Data Security, Inc. MD5 Message-Digest -Algorithm" in all material mentioning or referencing this software -or this function. +#define MD5_BLOCK_LENGTH 64 +#define MD5_DIGEST_LENGTH 16 +#define MD5_DIGEST_STRING_LENGTH (MD5_DIGEST_LENGTH * 2 + 1) -License is also granted to make and use derivative works provided -that such works are identified as "derived from the RSA Data -Security, Inc. MD5 Message-Digest Algorithm" in all material -mentioning or referencing the derived work. - -RSA Data Security, Inc. makes no representations concerning either -the merchantability of this software or the suitability of this -software for any particular purpose. It is provided "as is" -without express or implied warranty of any kind. - -These notices must be retained in any copies of any part of this -documentation and/or software. - */ - -#ifndef _SYS_MD5_H_ -#define _SYS_MD5_H_ -/* MD5 context. */ typedef struct MD5Context { - u_int32_t state[4]; /* state (ABCD) */ - u_int32_t count[2]; /* number of bits, modulo 2^64 (lsb first) */ - unsigned char buffer[64]; /* input buffer */ + u_int32_t state[4]; /* state */ + u_int64_t count; /* number of bits, mod 2^64 */ + u_int8_t buffer[MD5_BLOCK_LENGTH]; /* input buffer */ } MD5_CTX; #include <sys/cdefs.h> __BEGIN_DECLS -void MD5Init (MD5_CTX *); -void MD5Update (MD5_CTX *, const unsigned char *, unsigned int); -void MD5Pad (MD5_CTX *); -void MD5Final (unsigned char [16], MD5_CTX *); -//char * MD5End(MD5_CTX *, char *); -//char * MD5File(const char *, char *); -//char * MD5FileChunk(const char *, char *, off_t, off_t); -//char * MD5Data(const unsigned char *, unsigned int, char *); +void MD5Init(MD5_CTX *); +void MD5Update(MD5_CTX *, const u_int8_t *, size_t) + __attribute__((__bounded__(__string__,2,3))); +void MD5Pad(MD5_CTX *); +void MD5Final(u_int8_t [MD5_DIGEST_LENGTH], MD5_CTX *) + __attribute__((__bounded__(__minbytes__,1,MD5_DIGEST_LENGTH))); +void MD5Transform(u_int32_t [4], const u_int8_t [MD5_BLOCK_LENGTH]) + __attribute__((__bounded__(__minbytes__,1,4))) + __attribute__((__bounded__(__minbytes__,2,MD5_BLOCK_LENGTH))); +char *MD5End(MD5_CTX *, char *) + __attribute__((__bounded__(__minbytes__,2,MD5_DIGEST_STRING_LENGTH))); +char *MD5File(const char *, char *) + __attribute__((__bounded__(__minbytes__,2,MD5_DIGEST_STRING_LENGTH))); +char *MD5FileChunk(const char *, char *, off_t, off_t) + __attribute__((__bounded__(__minbytes__,2,MD5_DIGEST_STRING_LENGTH))); +char *MD5Data(const u_int8_t *, size_t, char *) + __attribute__((__bounded__(__string__,1,2))) + __attribute__((__bounded__(__minbytes__,3,MD5_DIGEST_STRING_LENGTH))); __END_DECLS -#endif /* _SYS_MD5_H_ */ + +#endif /* _MD5_H_ */ diff --git a/man/.gitignore b/man/.gitignore new file mode 100644 index 0000000..e634373 --- /dev/null +++ b/man/.gitignore @@ -0,0 +1 @@ +md5.3 diff --git a/man/mdX.3 b/man/mdX.3 new file mode 100644 index 0000000..5393969 --- /dev/null +++ b/man/mdX.3 @@ -0,0 +1,223 @@ +.\" +.\" ---------------------------------------------------------------------------- +.\" "THE BEER-WARE LICENSE" (Revision 42): +.\" <phk@login.dkuug.dk> wrote this file. As long as you retain this notice you +.\" can do whatever you want with this stuff. If we meet some day, and you think +.\" this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp +.\" ---------------------------------------------------------------------------- +.\" +.\" $MirOS: src/lib/libc/hash/mdX.3,v 1.4 2007/05/07 16:15:56 tg Exp $ +.\" $OpenBSD: mdX.3,v 1.9 2004/08/24 20:10:33 millert Exp $ +.\" +.Dd April 29, 2004 +.Dt MDX 3 +.Os +.Sh NAME +.Nm MDXInit , +.Nm MDXUpdate , +.Nm MDXPad , +.Nm MDXFinal , +.Nm MDXTransform , +.Nm MDXEnd , +.Nm MDXFile , +.Nm MDXFileChunk , +.Nm MDXData +.Nd calculate the RSA Data Security, Inc., ``MDX'' message digest +.Sh SYNOPSIS +.Fd #include <sys/types.h> +.Fd #include <mdX.h> +.Ft void +.Fn MDXInit "MDX_CTX *context" +.Ft void +.Fn MDXUpdate "MDX_CTX *context" "const u_int8_t *data" "size_t len" +.Ft void +.Fn MDXPad "MDX_CTX *context" +.Ft void +.Fn MDXFinal "u_int8_t digest[MDX_DIGEST_LENGTH]" "MDX_CTX *context" +.Ft void +.Fn MDXTransform "u_int32_t state[4]" "u_int8_t block[MDX_BLOCK_LENGTH]" +.Ft "char *" +.Fn MDXEnd "MDX_CTX *context" "char *buf" +.Ft "char *" +.Fn MDXFile "const char *filename" "char *buf" +.Ft "char *" +.Fn MDXFileChunk "const char *filename" "char *buf" "off_t offset" "off_t length" +.Ft "char *" +.Fn MDXData "const u_int8_t *data" "size_t len" "char *buf" +.Sh DESCRIPTION +The MDX functions calculate a 128-bit cryptographic checksum (digest) +for any number of input bytes. +A cryptographic checksum is a one-way +hash-function, that is, you cannot find (except by exhaustive search) +the input corresponding to a particular output. +This net result is a +.Dq fingerprint +of the input-data, which doesn't disclose the actual input. +.Pp +MD4 has been broken; it should only be used where necessary for +backward compatibility. +MD5 has not yet (1999-02-11) been broken, but recent attacks have cast +some doubt on its security properties. +The attacks on both MD4 and MD5 +are both in the nature of finding +.Dq collisions +\- that is, multiple +inputs which hash to the same value; it is still unlikely for an attacker +to be able to determine the exact original input given a hash value. +.Pp +The +.Fn MDXInit , +.Fn MDXUpdate , +and +.Fn MDXFinal +functions are the core functions. +Allocate an MDX_CTX, initialize it with +.Fn MDXInit , +run over the data with +.Fn MDXUpdate , +and finally extract the result using +.Fn MDXFinal . +.Pp +The +.Fn MDXPad +function can be used to apply padding to the message digest as in +.Fn MDXFinal , +but the current context can still be used with +.Fn MDXUpdate . +.Pp +The +.Fn MDXTransform +function is used by +.Fn MDXUpdate +to hash 512-bit blocks and forms the core of the algorithm. +Most programs should use the interface provided by +.Fn MDXInit , +.Fn MDXUpdate +and +.Fn MDXFinal +instead of calling +.Fn MDXTransform +directly. +.Pp +.Fn MDXEnd +is a wrapper for +.Fn MDXFinal +which converts the return value to an MDX_DIGEST_STRING_LENGTH-character +(including the terminating '\e0') +.Tn ASCII +string which represents the 128 bits in hexadecimal. +.Pp +.Fn MDXFile +calculates the digest of a file, and uses +.Fn MDXEnd +to return the result. +If the file cannot be opened, a null pointer is returned. +.Pp +.Fn MDXFileChunk +behaves like +.Fn MDXFile +but calculates the digest only for that portion of the file starting at +.Fa offset +and continuing for +.Fa length +bytes or until end of file is reached, whichever comes first. +A zero +.Fa length +can be specified to read until end of file. +A negative +.Fa length +or +.Fa offset +will be ignored. +.Fn MDXData +calculates the digest of a chunk of data in memory, and uses +.Fn MDXEnd +to return the result. +.Pp +When using +.Fn MDXEnd , +.Fn MDXFile , +.Fn MDXFileChunk , +or +.Fn MDXData , +the +.Ar buf +argument can be a null pointer, in which case the returned string +is allocated with +.Xr malloc 3 +and subsequently must be explicitly deallocated using +.Xr free 3 +after use. +If the +.Ar buf +argument is non-null it must point to at least MDX_DIGEST_STRING_LENGTH +characters of buffer space. +.Sh SEE ALSO +.Xr cksum 1 , +.Xr md5 1 , +.Xr adler32 3 , +.Xr mdY 3 , +.Xr rmd160 3 , +.Xr sfv 3 , +.Xr sha1 3 , +.Xr sha2 3 , +.Xr suma 3 , +.Xr tiger 3 , +.Xr whirlpool 3 +.Rs +.%A R. Rivest +.%T The MD4 Message-Digest Algorithm +.%O RFC 1186 +.Re +.Rs +.%A R. Rivest +.%T The MD5 Message-Digest Algorithm +.%O RFC 1321 +.Re +.Rs +.%A RSA Laboratories +.%T Frequently Asked Questions About today's Cryptography +.%O \&<http://www.rsa.com/rsalabs/faq/> +.Re +.Rs +.%A H. Dobbertin +.%T Alf Swindles Ann +.%J CryptoBytes +.%N 1(3):5 +.%D 1995 +.Re +.Rs +.%A MJ. B. Robshaw +.%T On Recent Results for MD4 and MD5 +.%J RSA Laboratories Bulletin +.%N 4 +.%D November 12, 1996 +.Re +.Rs +.%A Hans Dobbertin +.%T Cryptanalysis of MD5 Compress +.Re +.Sh HISTORY +These functions appeared in +.Ox 2.0 . +.Sh AUTHORS +The original MDX routines were developed by +.Tn RSA +Data Security, Inc., and published in the above references. +This code is derived from a public domain implementation written by Colin Plumb. +.Pp +The +.Fn MDXEnd , +.Fn MDXFile , +.Fn MDXFileChunk , +and +.Fn MDXData +helper functions are derived from code written by Poul-Henning Kamp. +.Sh BUGS +Collisions have been found for the full versions of both MD4 and MD5 +as well as strong attacks against the SHA-0 and SHA-1 family. +The use of +.Xr sha2 3 , +or +.Xr rmd160 3 +is recommended instead. diff --git a/src/hash/.gitignore b/src/hash/.gitignore new file mode 100644 index 0000000..bfdcb6a --- /dev/null +++ b/src/hash/.gitignore @@ -0,0 +1 @@ +md5hl.c diff --git a/src/hash/helper.c b/src/hash/helper.c new file mode 100644 index 0000000..fe3f3e7 --- /dev/null +++ b/src/hash/helper.c @@ -0,0 +1,100 @@ +/** $MirOS: src/lib/libc/hash/helper.c,v 1.5 2007/05/07 15:21:18 tg Exp $ */ +/* $OpenBSD: helper.c,v 1.8 2005/08/08 08:05:35 espie Exp $ */ + +/* + * ---------------------------------------------------------------------------- + * "THE BEER-WARE LICENSE" (Revision 42): + * <phk@login.dkuug.dk> wrote this file. As long as you retain this notice you + * can do whatever you want with this stuff. If we meet some day, and you think + * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp + * ---------------------------------------------------------------------------- + */ + +#include <sys/param.h> +#include <sys/stat.h> + +#include <errno.h> +#include <fcntl.h> +#include <stdlib.h> +#include <stdio.h> +#include <string.h> +#include <unistd.h> + +#include <hashinc> + +/* ARGSUSED */ +char * +HASHEnd(HASH_CTX *ctx, char *buf) +{ + int i; + u_int8_t digest[HASH_DIGEST_LENGTH]; +#ifdef HASH_DIGEST_UPPERCASE + static const char hex[] = "0123456789ABCDEF"; +#else + static const char hex[] = "0123456789abcdef"; +#endif + + if (buf == NULL && (buf = malloc(HASH_DIGEST_STRING_LENGTH)) == NULL) + return (NULL); + + HASHFinal(digest, ctx); + for (i = 0; i < HASH_DIGEST_LENGTH; i++) { + buf[i + i] = hex[digest[i] >> 4]; + buf[i + i + 1] = hex[digest[i] & 0x0f]; + } + buf[i + i] = '\0'; + memset(digest, 0, sizeof(digest)); + return (buf); +} + +char * +HASHFileChunk(const char *filename, char *buf, off_t off, off_t len) +{ + struct stat sb; + u_char buffer[BUFSIZ]; + HASH_CTX ctx; + int fd, save_errno; + ssize_t nr; + + HASHInit(&ctx); + + if ((fd = open(filename, O_RDONLY)) < 0) + return (NULL); + if (len == 0) { + if (fstat(fd, &sb) == -1) { + close(fd); + return (NULL); + } + len = sb.st_size; + } + if ((len < 0) || (off > 0 && lseek(fd, off, SEEK_SET) < 0)) + return (NULL); + + while ((nr = read(fd, buffer, + (size_t)(len ? MIN(BUFSIZ, len) : BUFSIZ))) > 0) { + HASHUpdate(&ctx, buffer, (size_t)nr); + if (len > 0 && (len -= nr) == 0) + break; + } + + save_errno = errno; + close(fd); + errno = save_errno; + return (nr < 0 ? NULL : HASHEnd(&ctx, buf)); +} + +char * +HASHFile(const char *filename, char *buf) +{ + return (HASHFileChunk(filename, buf, (off_t)0, (off_t)0)); +} + +char * +HASHData(const u_char *data, size_t len, char *buf) +{ + HASH_CTX ctx; + + HASHInit(&ctx); + HASHUpdate(&ctx, data, len); + return (HASHEnd(&ctx, buf)); +} diff --git a/src/hash/md5.c b/src/hash/md5.c new file mode 100644 index 0000000..697183b --- /dev/null +++ b/src/hash/md5.c @@ -0,0 +1,248 @@ +/* $OpenBSD: md5.c,v 1.8 2005/08/08 08:05:35 espie Exp $ */ + +/* + * This code implements the MD5 message-digest algorithm. + * The algorithm is due to Ron Rivest. This code was + * written by Colin Plumb in 1993, no copyright is claimed. + * This code is in the public domain; do with it what you wish. + * + * Equivalent code is available from RSA Data Security, Inc. + * This code has been tested against that, and is equivalent, + * except that you don't need to include two pages of legalese + * with every copy. + * + * To compute the message digest of a chunk of bytes, declare an + * MD5Context structure, pass it to MD5Init, call MD5Update as + * needed on buffers full of bytes, and then call MD5Final, which + * will fill a supplied 16-byte array with the digest. + */ + +#include <sys/types.h> +#include <string.h> +#include <bsd/md5.h> + +#define PUT_64BIT_LE(cp, value) do { \ + (cp)[7] = (value) >> 56; \ + (cp)[6] = (value) >> 48; \ + (cp)[5] = (value) >> 40; \ + (cp)[4] = (value) >> 32; \ + (cp)[3] = (value) >> 24; \ + (cp)[2] = (value) >> 16; \ + (cp)[1] = (value) >> 8; \ + (cp)[0] = (value); } while (0) + +#define PUT_32BIT_LE(cp, value) do { \ + (cp)[3] = (value) >> 24; \ + (cp)[2] = (value) >> 16; \ + (cp)[1] = (value) >> 8; \ + (cp)[0] = (value); } while (0) + +static u_int8_t PADDING[MD5_BLOCK_LENGTH] = { + 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 +}; + +/* + * Start MD5 accumulation. Set bit count to 0 and buffer to mysterious + * initialization constants. + */ +void +MD5Init(MD5_CTX *ctx) +{ + ctx->count = 0; + ctx->state[0] = 0x67452301; + ctx->state[1] = 0xefcdab89; + ctx->state[2] = 0x98badcfe; + ctx->state[3] = 0x10325476; +} + +/* + * Update context to reflect the concatenation of another buffer full + * of bytes. + */ +void +MD5Update(MD5_CTX *ctx, const unsigned char *input, size_t len) +{ + size_t have, need; + + /* Check how many bytes we already have and how many more we need. */ + have = (size_t)((ctx->count >> 3) & (MD5_BLOCK_LENGTH - 1)); + need = MD5_BLOCK_LENGTH - have; + + /* Update bitcount */ + ctx->count += (u_int64_t)len << 3; + + if (len >= need) { + if (have != 0) { + memcpy(ctx->buffer + have, input, need); + MD5Transform(ctx->state, ctx->buffer); + input += need; + len -= need; + have = 0; + } + + /* Process data in MD5_BLOCK_LENGTH-byte chunks. */ + while (len >= MD5_BLOCK_LENGTH) { + MD5Transform(ctx->state, input); + input += MD5_BLOCK_LENGTH; + len -= MD5_BLOCK_LENGTH; + } + } + + /* Handle any remaining bytes of data. */ + if (len != 0) + memcpy(ctx->buffer + have, input, len); +} + +/* + * Pad pad to 64-byte boundary with the bit pattern + * 1 0* (64-bit count of bits processed, MSB-first) + */ +void +MD5Pad(MD5_CTX *ctx) +{ + u_int8_t count[8]; + size_t padlen; + + /* Convert count to 8 bytes in little endian order. */ + PUT_64BIT_LE(count, ctx->count); + + /* Pad out to 56 mod 64. */ + padlen = MD5_BLOCK_LENGTH - + ((ctx->count >> 3) & (MD5_BLOCK_LENGTH - 1)); + if (padlen < 1 + 8) + padlen += MD5_BLOCK_LENGTH; + MD5Update(ctx, PADDING, padlen - 8); /* padlen - 8 <= 64 */ + MD5Update(ctx, count, 8); +} + +/* + * Final wrapup--call MD5Pad, fill in digest and zero out ctx. + */ +void +MD5Final(unsigned char digest[MD5_DIGEST_LENGTH], MD5_CTX *ctx) +{ + int i; + + MD5Pad(ctx); + if (digest != NULL) { + for (i = 0; i < 4; i++) + PUT_32BIT_LE(digest + i * 4, ctx->state[i]); + memset(ctx, 0, sizeof(*ctx)); + } +} + + +/* The four core functions - F1 is optimized somewhat */ + +/* #define F1(x, y, z) (x & y | ~x & z) */ +#define F1(x, y, z) (z ^ (x & (y ^ z))) +#define F2(x, y, z) F1(z, x, y) +#define F3(x, y, z) (x ^ y ^ z) +#define F4(x, y, z) (y ^ (x | ~z)) + +/* This is the central step in the MD5 algorithm. */ +#define MD5STEP(f, w, x, y, z, data, s) \ + ( w += f(x, y, z) + data, w = w<<s | w>>(32-s), w += x ) + +/* + * The core of the MD5 algorithm, this alters an existing MD5 hash to + * reflect the addition of 16 longwords of new data. MD5Update blocks + * the data and converts bytes into longwords for this routine. + */ +void +MD5Transform(u_int32_t state[4], const u_int8_t block[MD5_BLOCK_LENGTH]) +{ + u_int32_t a, b, c, d, in[MD5_BLOCK_LENGTH / 4]; + +#if BYTE_ORDER == LITTLE_ENDIAN + memcpy(in, block, sizeof(in)); +#else + for (a = 0; a < MD5_BLOCK_LENGTH / 4; a++) { + in[a] = (u_int32_t)( + (u_int32_t)(block[a * 4 + 0]) | + (u_int32_t)(block[a * 4 + 1]) << 8 | + (u_int32_t)(block[a * 4 + 2]) << 16 | + (u_int32_t)(block[a * 4 + 3]) << 24); + } +#endif + + a = state[0]; + b = state[1]; + c = state[2]; + d = state[3]; + + MD5STEP(F1, a, b, c, d, in[ 0] + 0xd76aa478, 7); + MD5STEP(F1, d, a, b, c, in[ 1] + 0xe8c7b756, 12); + MD5STEP(F1, c, d, a, b, in[ 2] + 0x242070db, 17); + MD5STEP(F1, b, c, d, a, in[ 3] + 0xc1bdceee, 22); + MD5STEP(F1, a, b, c, d, in[ 4] + 0xf57c0faf, 7); + MD5STEP(F1, d, a, b, c, in[ 5] + 0x4787c62a, 12); + MD5STEP(F1, c, d, a, b, in[ 6] + 0xa8304613, 17); + MD5STEP(F1, b, c, d, a, in[ 7] + 0xfd469501, 22); + MD5STEP(F1, a, b, c, d, in[ 8] + 0x698098d8, 7); + MD5STEP(F1, d, a, b, c, in[ 9] + 0x8b44f7af, 12); + MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1, 17); + MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7be, 22); + MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122, 7); + MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193, 12); + MD5STEP(F1, c, d, a, b, in[14] + 0xa679438e, 17); + MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821, 22); + + MD5STEP(F2, a, b, c, d, in[ 1] + 0xf61e2562, 5); + MD5STEP(F2, d, a, b, c, in[ 6] + 0xc040b340, 9); + MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51, 14); + MD5STEP(F2, b, c, d, a, in[ 0] + 0xe9b6c7aa, 20); + MD5STEP(F2, a, b, c, d, in[ 5] + 0xd62f105d, 5); + MD5STEP(F2, d, a, b, c, in[10] + 0x02441453, 9); + MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681, 14); + MD5STEP(F2, b, c, d, a, in[ 4] + 0xe7d3fbc8, 20); + MD5STEP(F2, a, b, c, d, in[ 9] + 0x21e1cde6, 5); + MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6, 9); + MD5STEP(F2, c, d, a, b, in[ 3] + 0xf4d50d87, 14); + MD5STEP(F2, b, c, d, a, in[ 8] + 0x455a14ed, 20); + MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905, 5); + MD5STEP(F2, d, a, b, c, in[ 2] + 0xfcefa3f8, 9); + MD5STEP(F2, c, d, a, b, in[ 7] + 0x676f02d9, 14); + MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20); + + MD5STEP(F3, a, b, c, d, in[ 5] + 0xfffa3942, 4); + MD5STEP(F3, d, a, b, c, in[ 8] + 0x8771f681, 11); + MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122, 16); + MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380c, 23); + MD5STEP(F3, a, b, c, d, in[ 1] + 0xa4beea44, 4); + MD5STEP(F3, d, a, b, c, in[ 4] + 0x4bdecfa9, 11); + MD5STEP(F3, c, d, a, b, in[ 7] + 0xf6bb4b60, 16); + MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70, 23); + MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6, 4); + MD5STEP(F3, d, a, b, c, in[ 0] + 0xeaa127fa, 11); + MD5STEP(F3, c, d, a, b, in[ 3] + 0xd4ef3085, 16); + MD5STEP(F3, b, c, d, a, in[ 6] + 0x04881d05, 23); + MD5STEP(F3, a, b, c, d, in[ 9] + 0xd9d4d039, 4); + MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5, 11); + MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8, 16); + MD5STEP(F3, b, c, d, a, in[2 ] + 0xc4ac5665, 23); + + MD5STEP(F4, a, b, c, d, in[ 0] + 0xf4292244, 6); + MD5STEP(F4, d, a, b, c, in[7 ] + 0x432aff97, 10); + MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7, 15); + MD5STEP(F4, b, c, d, a, in[5 ] + 0xfc93a039, 21); + MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3, 6); + MD5STEP(F4, d, a, b, c, in[3 ] + 0x8f0ccc92, 10); + MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47d, 15); + MD5STEP(F4, b, c, d, a, in[1 ] + 0x85845dd1, 21); + MD5STEP(F4, a, b, c, d, in[8 ] + 0x6fa87e4f, 6); + MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10); + MD5STEP(F4, c, d, a, b, in[6 ] + 0xa3014314, 15); + MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1, 21); + MD5STEP(F4, a, b, c, d, in[4 ] + 0xf7537e82, 6); + MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235, 10); + MD5STEP(F4, c, d, a, b, in[2 ] + 0x2ad7d2bb, 15); + MD5STEP(F4, b, c, d, a, in[9 ] + 0xeb86d391, 21); + + state[0] += a; + state[1] += b; + state[2] += c; + state[3] += d; +} diff --git a/src/md5.copyright b/src/md5.copyright deleted file mode 100644 index f5ecc5b..0000000 --- a/src/md5.copyright +++ /dev/null @@ -1,21 +0,0 @@ -.\" $FreeBSD: src/lib/libmd/md5.copyright,v 1.5 1999/08/28 00:05:06 peter Exp $ -Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All -rights reserved. -.Pp -License to copy and use this software is granted provided that it -is identified as the "RSA Data Security, Inc. MD5 Message-Digest -Algorithm" in all material mentioning or referencing this software -or this function. -.Pp -License is also granted to make and use derivative works provided -that such works are identified as "derived from the RSA Data -Security, Inc. MD5 Message-Digest Algorithm" in all material -mentioning or referencing the derived work. -.Pp -RSA Data Security, Inc. makes no representations concerning either -the merchantability of this software or the suitability of this -software for any particular purpose. It is provided "as is" -without express or implied warranty of any kind. -.Pp -These notices must be retained in any copies of any part of this -documentation and/or software. diff --git a/src/md5c.c b/src/md5c.c deleted file mode 100644 index c8048f3..0000000 --- a/src/md5c.c +++ /dev/null @@ -1,338 +0,0 @@ -/* - * MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm - * - * Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All - * rights reserved. - * - * License to copy and use this software is granted provided that it - * is identified as the "RSA Data Security, Inc. MD5 Message-Digest - * Algorithm" in all material mentioning or referencing this software - * or this function. - * - * License is also granted to make and use derivative works provided - * that such works are identified as "derived from the RSA Data - * Security, Inc. MD5 Message-Digest Algorithm" in all material - * mentioning or referencing the derived work. - * - * RSA Data Security, Inc. makes no representations concerning either - * the merchantability of this software or the suitability of this - * software for any particular purpose. It is provided "as is" - * without express or implied warranty of any kind. - * - * These notices must be retained in any copies of any part of this - * documentation and/or software. - * - * This code is the same as the code published by RSA Inc. It has been - * edited for clarity and style only. - */ - -#include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/lib/libmd/md5c.c,v 1.16 2003/06/05 13:17:32 markm Exp $"); - -#include <sys/types.h> - -#ifdef _KERNEL -#include <sys/systm.h> -#else -#include <string.h> -#endif - -/* -#include <machine/endian.h> -#include <sys/endian.h> -*/ -#include <bsd/md5.h> - -static void MD5Transform(u_int32_t [4], const unsigned char [64]); - -#ifdef _KERNEL -#define memset(x,y,z) bzero(x,z); -#define memcpy(x,y,z) bcopy(y, x, z) -#endif - -#if (BYTE_ORDER == LITTLE_ENDIAN) -#define Encode memcpy -#define Decode memcpy -#else - -/* - * Encodes input (u_int32_t) into output (unsigned char). Assumes len is - * a multiple of 4. - */ - -static void -Encode (unsigned char *output, u_int32_t *input, unsigned int len) -{ - unsigned int i; - u_int32_t *op = (u_int32_t *)output; - - for (i = 0; i < len / 4; i++) - op[i] = htole32(input[i]); -} - -/* - * Decodes input (unsigned char) into output (u_int32_t). Assumes len is - * a multiple of 4. - */ - -static void -Decode (u_int32_t *output, const unsigned char *input, unsigned int len) -{ - unsigned int i; - const u_int32_t *ip = (const u_int32_t *)input; - - for (i = 0; i < len / 4; i++) - output[i] = le32toh(ip[i]); -} -#endif - -static unsigned char PADDING[64] = { - 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 -}; - -/* F, G, H and I are basic MD5 functions. */ -#define F(x, y, z) (((x) & (y)) | ((~x) & (z))) -#define G(x, y, z) (((x) & (z)) | ((y) & (~z))) -#define H(x, y, z) ((x) ^ (y) ^ (z)) -#define I(x, y, z) ((y) ^ ((x) | (~z))) - -/* ROTATE_LEFT rotates x left n bits. */ -#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n)))) - -/* - * FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4. - * Rotation is separate from addition to prevent recomputation. - */ -#define FF(a, b, c, d, x, s, ac) { \ - (a) += F ((b), (c), (d)) + (x) + (u_int32_t)(ac); \ - (a) = ROTATE_LEFT ((a), (s)); \ - (a) += (b); \ - } -#define GG(a, b, c, d, x, s, ac) { \ - (a) += G ((b), (c), (d)) + (x) + (u_int32_t)(ac); \ - (a) = ROTATE_LEFT ((a), (s)); \ - (a) += (b); \ - } -#define HH(a, b, c, d, x, s, ac) { \ - (a) += H ((b), (c), (d)) + (x) + (u_int32_t)(ac); \ - (a) = ROTATE_LEFT ((a), (s)); \ - (a) += (b); \ - } -#define II(a, b, c, d, x, s, ac) { \ - (a) += I ((b), (c), (d)) + (x) + (u_int32_t)(ac); \ - (a) = ROTATE_LEFT ((a), (s)); \ - (a) += (b); \ - } - -/* MD5 initialization. Begins an MD5 operation, writing a new context. */ - -void -MD5Init (context) - MD5_CTX *context; -{ - - context->count[0] = context->count[1] = 0; - - /* Load magic initialization constants. */ - context->state[0] = 0x67452301; - context->state[1] = 0xefcdab89; - context->state[2] = 0x98badcfe; - context->state[3] = 0x10325476; -} - -/* - * MD5 block update operation. Continues an MD5 message-digest - * operation, processing another message block, and updating the - * context. - */ - -void -MD5Update (context, input, inputLen) - MD5_CTX *context; - const unsigned char *input; - unsigned int inputLen; -{ - unsigned int i, idx, partLen; - - /* Compute number of bytes mod 64 */ - idx = (unsigned int)((context->count[0] >> 3) & 0x3F); - - /* Update number of bits */ - if ((context->count[0] += ((u_int32_t)inputLen << 3)) - < ((u_int32_t)inputLen << 3)) - context->count[1]++; - context->count[1] += ((u_int32_t)inputLen >> 29); - - partLen = 64 - idx; - - /* Transform as many times as possible. */ - if (inputLen >= partLen) { - memcpy((void *)&context->buffer[idx], (const void *)input, - partLen); - MD5Transform (context->state, context->buffer); - - for (i = partLen; i + 63 < inputLen; i += 64) - MD5Transform (context->state, &input[i]); - - idx = 0; - } - else - i = 0; - - /* Buffer remaining input */ - memcpy ((void *)&context->buffer[idx], (const void *)&input[i], - inputLen-i); -} - -/* - * MD5 padding. Adds padding followed by original length. - */ - -void -MD5Pad (context) - MD5_CTX *context; -{ - unsigned char bits[8]; - unsigned int idx, padLen; - - /* Save number of bits */ - Encode (bits, context->count, 8); - - /* Pad out to 56 mod 64. */ - idx = (unsigned int)((context->count[0] >> 3) & 0x3f); - padLen = (idx < 56) ? (56 - idx) : (120 - idx); - MD5Update (context, PADDING, padLen); - - /* Append length (before padding) */ - MD5Update (context, bits, 8); -} - -/* - * MD5 finalization. Ends an MD5 message-digest operation, writing the - * the message digest and zeroizing the context. - */ - -void -MD5Final (digest, context) - unsigned char digest[16]; - MD5_CTX *context; -{ - /* Do padding. */ - MD5Pad (context); - - /* Store state in digest */ - Encode (digest, context->state, 16); - - /* Zeroize sensitive information. */ - memset ((void *)context, 0, sizeof (*context)); -} - -/* MD5 basic transformation. Transforms state based on block. */ - -static void -MD5Transform (state, block) - u_int32_t state[4]; - const unsigned char block[64]; -{ - u_int32_t a = state[0], b = state[1], c = state[2], d = state[3], x[16]; - - Decode (x, block, 64); - - /* Round 1 */ -#define S11 7 -#define S12 12 -#define S13 17 -#define S14 22 - FF (a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */ - FF (d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */ - FF (c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */ - FF (b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */ - FF (a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */ - FF (d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */ - FF (c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */ - FF (b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */ - FF (a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */ - FF (d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */ - FF (c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */ - FF (b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */ - FF (a, b, c, d, x[12], S11, 0x6b901122); /* 13 */ - FF (d, a, b, c, x[13], S12, 0xfd987193); /* 14 */ - FF (c, d, a, b, x[14], S13, 0xa679438e); /* 15 */ - FF (b, c, d, a, x[15], S14, 0x49b40821); /* 16 */ - - /* Round 2 */ -#define S21 5 -#define S22 9 -#define S23 14 -#define S24 20 - GG (a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */ - GG (d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */ - GG (c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */ - GG (b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */ - GG (a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */ - GG (d, a, b, c, x[10], S22, 0x2441453); /* 22 */ - GG (c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */ - GG (b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */ - GG (a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */ - GG (d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */ - GG (c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */ - GG (b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */ - GG (a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */ - GG (d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */ - GG (c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */ - GG (b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */ - - /* Round 3 */ -#define S31 4 -#define S32 11 -#define S33 16 -#define S34 23 - HH (a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */ - HH (d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */ - HH (c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */ - HH (b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */ - HH (a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */ - HH (d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */ - HH (c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */ - HH (b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */ - HH (a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */ - HH (d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */ - HH (c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */ - HH (b, c, d, a, x[ 6], S34, 0x4881d05); /* 44 */ - HH (a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */ - HH (d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */ - HH (c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */ - HH (b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */ - - /* Round 4 */ -#define S41 6 -#define S42 10 -#define S43 15 -#define S44 21 - II (a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */ - II (d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */ - II (c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */ - II (b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */ - II (a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */ - II (d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */ - II (c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */ - II (b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */ - II (a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */ - II (d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */ - II (c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */ - II (b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */ - II (a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */ - II (d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */ - II (c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */ - II (b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */ - - state[0] += a; - state[1] += b; - state[2] += c; - state[3] += d; - - /* Zeroize sensitive information. */ - memset ((void *)x, 0, sizeof (x)); -} |