md5.c

Go to the documentation of this file.
00001 /* md5.c - Functions to compute MD5 message digest of files or memory blocks
00002    according to the definition of MD5 in RFC 1321 from April 1992.
00003    Copyright (C) 1995, 1996 Free Software Foundation, Inc.
00004    NOTE: The canonical source of this file is maintained with the GNU C
00005    Library.  Bugs can be reported to bug-glibc@prep.ai.mit.edu.
00006 
00007    This program is free software; you can redistribute it and/or modify it
00008    under the terms of the GNU General Public License as published by the
00009    Free Software Foundation; either version 2, or (at your option) any
00010    later version.
00011 
00012    This program is distributed in the hope that it will be useful,
00013    but WITHOUT ANY WARRANTY; without even the implied warranty of
00014    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00015    GNU General Public License for more details.
00016 
00017    You should have received a copy of the GNU General Public License
00018    along with this program; if not, write to the Free Software Foundation,
00019    Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.  */
00020 
00021 /* Written by Ulrich Drepper <drepper@gnu.ai.mit.edu>, 1995.  */
00022 
00023 #include <config.h>
00024 
00025 #include <stdlib.h>
00026 
00027 #ifdef HAVE_STRING_H
00028 #include <string.h>
00029 #endif
00030 
00031 #ifdef HAVE_SYS_TYPES_H
00032 #include <sys/types.h>
00033 #endif
00034 
00035 #include "md5.h"
00036 
00037 #ifdef _LIBC
00038 # include <endian.h>
00039 # if __BYTE_ORDER == __BIG_ENDIAN
00040 #  define WORDS_BIGENDIAN 1
00041 # endif
00042 #endif
00043 
00044 #ifdef WORDS_BIGENDIAN
00045 # define SWAP(n)                            \
00046     (((n) << 24) | (((n) & 0xff00) << 8) | (((n) >> 8) & 0xff00) | ((n) >> 24))
00047 #else
00048 # define SWAP(n) (n)
00049 #endif
00050 
00051 
00052 /* This array contains the bytes used to pad the buffer to the next
00053    64-byte boundary.  (RFC 1321, 3.1: Step 1)  */
00054 static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ...  */ };
00055 
00056 
00057 /* Initialize structure containing state of computation.
00058    (RFC 1321, 3.3: Step 3)  */
00059 void
00060 md5_init_ctx (ctx)
00061      struct md5_ctx *ctx;
00062 {
00063   ctx->A = 0x67452301;
00064   ctx->B = 0xefcdab89;
00065   ctx->C = 0x98badcfe;
00066   ctx->D = 0x10325476;
00067 
00068   ctx->total[0] = ctx->total[1] = 0;
00069   ctx->buflen = 0;
00070 }
00071 
00072 /* Put result from CTX in first 16 bytes following RESBUF.  The result
00073    must be in little endian byte order.
00074 
00075    IMPORTANT: On some systems it is required that RESBUF is correctly
00076    aligned for a 32 bits value.  */
00077 void *
00078 md5_read_ctx (ctx, resbuf)
00079      const struct md5_ctx *ctx;
00080      void *resbuf;
00081 {
00082   ((md5_uint32 *) resbuf)[0] = SWAP (ctx->A);
00083   ((md5_uint32 *) resbuf)[1] = SWAP (ctx->B);
00084   ((md5_uint32 *) resbuf)[2] = SWAP (ctx->C);
00085   ((md5_uint32 *) resbuf)[3] = SWAP (ctx->D);
00086 
00087   return resbuf;
00088 }
00089 
00090 /* Process the remaining bytes in the internal buffer and the usual
00091    prolog according to the standard and write the result to RESBUF.
00092 
00093    IMPORTANT: On some systems it is required that RESBUF is correctly
00094    aligned for a 32 bits value.  */
00095 void *
00096 md5_finish_ctx (ctx, resbuf)
00097      struct md5_ctx *ctx;
00098      void *resbuf;
00099 {
00100   /* Take yet unprocessed bytes into account.  */
00101   md5_uint32 bytes = ctx->buflen;
00102   size_t pad;
00103 
00104   /* Now count remaining bytes.  */
00105   ctx->total[0] += bytes;
00106   if (ctx->total[0] < bytes)
00107     ++ctx->total[1];
00108 
00109   pad = bytes >= 56 ? 64 + 56 - bytes : 56 - bytes;
00110   memcpy (&ctx->buffer[bytes], fillbuf, pad);
00111 
00112   /* Put the 64-bit file length in *bits* at the end of the buffer.  */
00113   *(md5_uint32 *) &ctx->buffer[bytes + pad] = SWAP (ctx->total[0] << 3);
00114   *(md5_uint32 *) &ctx->buffer[bytes + pad + 4] = SWAP ((ctx->total[1] << 3) |
00115                             (ctx->total[0] >> 29));
00116 
00117   /* Process last bytes.  */
00118   md5_process_block (ctx->buffer, bytes + pad + 8, ctx);
00119 
00120   return md5_read_ctx (ctx, resbuf);
00121 }
00122 
00123 /* Compute MD5 message digest for bytes read from STREAM.  The
00124    resulting message digest number will be written into the 16 bytes
00125    beginning at RESBLOCK.  */
00126 int
00127 md5_stream (stream, resblock)
00128      FILE *stream;
00129      void *resblock;
00130 {
00131   /* Important: BLOCKSIZE must be a multiple of 64.  */
00132 #define BLOCKSIZE 4096
00133   struct md5_ctx ctx;
00134   char buffer[BLOCKSIZE + 72];
00135   size_t sum;
00136 
00137   /* Initialize the computation context.  */
00138   md5_init_ctx (&ctx);
00139 
00140   /* Iterate over full file contents.  */
00141   while (1)
00142     {
00143       /* We read the file in blocks of BLOCKSIZE bytes.  One call of the
00144      computation function processes the whole buffer so that with the
00145      next round of the loop another block can be read.  */
00146       size_t n;
00147       sum = 0;
00148 
00149       /* Read block.  Take care for partial reads.  */
00150       do
00151     {
00152       n = fread (buffer + sum, 1, BLOCKSIZE - sum, stream);
00153 
00154       sum += n;
00155     }
00156       while (sum < BLOCKSIZE && n != 0);
00157       if (n == 0 && ferror (stream))
00158         return 1;
00159 
00160       /* If end of file is reached, end the loop.  */
00161       if (n == 0)
00162     break;
00163 
00164       /* Process buffer with BLOCKSIZE bytes.  Note that
00165             BLOCKSIZE % 64 == 0
00166        */
00167       md5_process_block (buffer, BLOCKSIZE, &ctx);
00168     }
00169 
00170   /* Add the last bytes if necessary.  */
00171   if (sum > 0)
00172     md5_process_bytes (buffer, sum, &ctx);
00173 
00174   /* Construct result in desired memory.  */
00175   md5_finish_ctx (&ctx, resblock);
00176   return 0;
00177 }
00178 
00179 /* Compute MD5 message digest for LEN bytes beginning at BUFFER.  The
00180    result is always in little endian byte order, so that a byte-wise
00181    output yields to the wanted ASCII representation of the message
00182    digest.  */
00183 void *
00184 md5_buffer (buffer, len, resblock)
00185      const char *buffer;
00186      size_t len;
00187      void *resblock;
00188 {
00189   struct md5_ctx ctx;
00190 
00191   /* Initialize the computation context.  */
00192   md5_init_ctx (&ctx);
00193 
00194   /* Process whole buffer but last len % 64 bytes.  */
00195   md5_process_bytes (buffer, len, &ctx);
00196 
00197   /* Put result in desired memory area.  */
00198   return md5_finish_ctx (&ctx, resblock);
00199 }
00200 
00201 
00202 void
00203 md5_process_bytes (buffer, len, ctx)
00204      const void *buffer;
00205      size_t len;
00206      struct md5_ctx *ctx;
00207 {
00208   /* When we already have some bits in our internal buffer concatenate
00209      both inputs first.  */
00210   if (ctx->buflen != 0)
00211     {
00212       size_t left_over = ctx->buflen;
00213       size_t add = 128 - left_over > len ? len : 128 - left_over;
00214 
00215       memcpy (&ctx->buffer[left_over], buffer, add);
00216       ctx->buflen += add;
00217 
00218       if (left_over + add > 64)
00219     {
00220       md5_process_block (ctx->buffer, (left_over + add) & ~63, ctx);
00221       /* The regions in the following copy operation cannot overlap.  */
00222       memcpy (ctx->buffer, &ctx->buffer[(left_over + add) & ~63],
00223           (left_over + add) & 63);
00224       ctx->buflen = (left_over + add) & 63;
00225     }
00226 
00227       buffer = (const char *) buffer + add;
00228       len -= add;
00229     }
00230 
00231   /* Process available complete blocks.  */
00232   if (len > 64)
00233     {
00234       md5_process_block (buffer, len & ~63, ctx);
00235       buffer = (const char *) buffer + (len & ~63);
00236       len &= 63;
00237     }
00238 
00239   /* Move remaining bytes in internal buffer.  */
00240   if (len > 0)
00241     {
00242       memcpy (ctx->buffer, buffer, len);
00243       ctx->buflen = len;
00244     }
00245 }
00246 
00247 
00248 /* These are the four functions used in the four steps of the MD5 algorithm
00249    and defined in the RFC 1321.  The first function is a little bit optimized
00250    (as found in Colin Plumbs public domain implementation).  */
00251 /* #define FF(b, c, d) ((b & c) | (~b & d)) */
00252 #define FF(b, c, d) (d ^ (b & (c ^ d)))
00253 #define FG(b, c, d) FF (d, b, c)
00254 #define FH(b, c, d) (b ^ c ^ d)
00255 #define FI(b, c, d) (c ^ (b | ~d))
00256 
00257 /* Process LEN bytes of BUFFER, accumulating context into CTX.
00258    It is assumed that LEN % 64 == 0.  */
00259 
00260 void
00261 md5_process_block (buffer, len, ctx)
00262      const void *buffer;
00263      size_t len;
00264      struct md5_ctx *ctx;
00265 {
00266   md5_uint32 correct_words[16];
00267   const md5_uint32 *words = buffer;
00268   size_t nwords = len / sizeof (md5_uint32);
00269   const md5_uint32 *endp = words + nwords;
00270   md5_uint32 A = ctx->A;
00271   md5_uint32 B = ctx->B;
00272   md5_uint32 C = ctx->C;
00273   md5_uint32 D = ctx->D;
00274 
00275   /* First increment the byte count.  RFC 1321 specifies the possible
00276      length of the file up to 2^64 bits.  Here we only compute the
00277      number of bytes.  Do a double word increment.  */
00278   ctx->total[0] += len;
00279   if (ctx->total[0] < len)
00280     ++ctx->total[1];
00281 
00282   /* Process all bytes in the buffer with 64 bytes in each round of
00283      the loop.  */
00284   while (words < endp)
00285     {
00286       md5_uint32 *cwp = correct_words;
00287       md5_uint32 A_save = A;
00288       md5_uint32 B_save = B;
00289       md5_uint32 C_save = C;
00290       md5_uint32 D_save = D;
00291 
00292       /* First round: using the given function, the context and a constant
00293      the next context is computed.  Because the algorithms processing
00294      unit is a 32-bit word and it is determined to work on words in
00295      little endian byte order we perhaps have to change the byte order
00296      before the computation.  To reduce the work for the next steps
00297      we store the swapped words in the array CORRECT_WORDS.  */
00298 
00299 #define OP(a, b, c, d, s, T)                        \
00300       do                                \
00301         {                               \
00302       a += FF (b, c, d) + (*cwp++ = SWAP (*words)) + T;     \
00303       ++words;                          \
00304       CYCLIC (a, s);                        \
00305       a += b;                           \
00306         }                               \
00307       while (0)
00308 
00309       /* It is unfortunate that C does not provide an operator for
00310      cyclic rotation.  Hope the C compiler is smart enough.  */
00311 #define CYCLIC(w, s) (w = (w << s) | (w >> (32 - s)))
00312 
00313       /* Before we start, one word to the strange constants.
00314      They are defined in RFC 1321 as
00315 
00316      T[i] = (int) (4294967296.0 * fabs (sin (i))), i=1..64
00317        */
00318 
00319       /* Round 1.  */
00320       OP (A, B, C, D,  7, 0xd76aa478);
00321       OP (D, A, B, C, 12, 0xe8c7b756);
00322       OP (C, D, A, B, 17, 0x242070db);
00323       OP (B, C, D, A, 22, 0xc1bdceee);
00324       OP (A, B, C, D,  7, 0xf57c0faf);
00325       OP (D, A, B, C, 12, 0x4787c62a);
00326       OP (C, D, A, B, 17, 0xa8304613);
00327       OP (B, C, D, A, 22, 0xfd469501);
00328       OP (A, B, C, D,  7, 0x698098d8);
00329       OP (D, A, B, C, 12, 0x8b44f7af);
00330       OP (C, D, A, B, 17, 0xffff5bb1);
00331       OP (B, C, D, A, 22, 0x895cd7be);
00332       OP (A, B, C, D,  7, 0x6b901122);
00333       OP (D, A, B, C, 12, 0xfd987193);
00334       OP (C, D, A, B, 17, 0xa679438e);
00335       OP (B, C, D, A, 22, 0x49b40821);
00336 
00337       /* For the second to fourth round we have the possibly swapped words
00338      in CORRECT_WORDS.  Redefine the macro to take an additional first
00339      argument specifying the function to use.  */
00340 #undef OP
00341 #define OP(f, a, b, c, d, k, s, T)                  \
00342       do                                \
00343     {                               \
00344       a += f (b, c, d) + correct_words[k] + T;          \
00345       CYCLIC (a, s);                        \
00346       a += b;                           \
00347     }                               \
00348       while (0)
00349 
00350       /* Round 2.  */
00351       OP (FG, A, B, C, D,  1,  5, 0xf61e2562);
00352       OP (FG, D, A, B, C,  6,  9, 0xc040b340);
00353       OP (FG, C, D, A, B, 11, 14, 0x265e5a51);
00354       OP (FG, B, C, D, A,  0, 20, 0xe9b6c7aa);
00355       OP (FG, A, B, C, D,  5,  5, 0xd62f105d);
00356       OP (FG, D, A, B, C, 10,  9, 0x02441453);
00357       OP (FG, C, D, A, B, 15, 14, 0xd8a1e681);
00358       OP (FG, B, C, D, A,  4, 20, 0xe7d3fbc8);
00359       OP (FG, A, B, C, D,  9,  5, 0x21e1cde6);
00360       OP (FG, D, A, B, C, 14,  9, 0xc33707d6);
00361       OP (FG, C, D, A, B,  3, 14, 0xf4d50d87);
00362       OP (FG, B, C, D, A,  8, 20, 0x455a14ed);
00363       OP (FG, A, B, C, D, 13,  5, 0xa9e3e905);
00364       OP (FG, D, A, B, C,  2,  9, 0xfcefa3f8);
00365       OP (FG, C, D, A, B,  7, 14, 0x676f02d9);
00366       OP (FG, B, C, D, A, 12, 20, 0x8d2a4c8a);
00367 
00368       /* Round 3.  */
00369       OP (FH, A, B, C, D,  5,  4, 0xfffa3942);
00370       OP (FH, D, A, B, C,  8, 11, 0x8771f681);
00371       OP (FH, C, D, A, B, 11, 16, 0x6d9d6122);
00372       OP (FH, B, C, D, A, 14, 23, 0xfde5380c);
00373       OP (FH, A, B, C, D,  1,  4, 0xa4beea44);
00374       OP (FH, D, A, B, C,  4, 11, 0x4bdecfa9);
00375       OP (FH, C, D, A, B,  7, 16, 0xf6bb4b60);
00376       OP (FH, B, C, D, A, 10, 23, 0xbebfbc70);
00377       OP (FH, A, B, C, D, 13,  4, 0x289b7ec6);
00378       OP (FH, D, A, B, C,  0, 11, 0xeaa127fa);
00379       OP (FH, C, D, A, B,  3, 16, 0xd4ef3085);
00380       OP (FH, B, C, D, A,  6, 23, 0x04881d05);
00381       OP (FH, A, B, C, D,  9,  4, 0xd9d4d039);
00382       OP (FH, D, A, B, C, 12, 11, 0xe6db99e5);
00383       OP (FH, C, D, A, B, 15, 16, 0x1fa27cf8);
00384       OP (FH, B, C, D, A,  2, 23, 0xc4ac5665);
00385 
00386       /* Round 4.  */
00387       OP (FI, A, B, C, D,  0,  6, 0xf4292244);
00388       OP (FI, D, A, B, C,  7, 10, 0x432aff97);
00389       OP (FI, C, D, A, B, 14, 15, 0xab9423a7);
00390       OP (FI, B, C, D, A,  5, 21, 0xfc93a039);
00391       OP (FI, A, B, C, D, 12,  6, 0x655b59c3);
00392       OP (FI, D, A, B, C,  3, 10, 0x8f0ccc92);
00393       OP (FI, C, D, A, B, 10, 15, 0xffeff47d);
00394       OP (FI, B, C, D, A,  1, 21, 0x85845dd1);
00395       OP (FI, A, B, C, D,  8,  6, 0x6fa87e4f);
00396       OP (FI, D, A, B, C, 15, 10, 0xfe2ce6e0);
00397       OP (FI, C, D, A, B,  6, 15, 0xa3014314);
00398       OP (FI, B, C, D, A, 13, 21, 0x4e0811a1);
00399       OP (FI, A, B, C, D,  4,  6, 0xf7537e82);
00400       OP (FI, D, A, B, C, 11, 10, 0xbd3af235);
00401       OP (FI, C, D, A, B,  2, 15, 0x2ad7d2bb);
00402       OP (FI, B, C, D, A,  9, 21, 0xeb86d391);
00403 
00404       /* Add the starting values of the context.  */
00405       A += A_save;
00406       B += B_save;
00407       C += C_save;
00408       D += D_save;
00409     }
00410 
00411   /* Put checksum in context given as argument.  */
00412   ctx->A = A;
00413   ctx->B = B;
00414   ctx->C = C;
00415   ctx->D = D;
00416 }