1 /* Functions to compute MD5 message digest of files or memory blocks.
2 according to the definition of MD5 in RFC 1321 from April 1992.
3 Copyright (C) 1995,1996,1997,1999,2000,2001 Free Software Foundation, Inc.
4 This file is part of the GNU C Library.
6 The GNU C Library is free software; you can redistribute it and/or
7 modify it under the terms of the GNU Lesser General Public
8 License as published by the Free Software Foundation; either
9 version 2.1 of the License, or (at your option) any later version.
11 The GNU C Library is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 Lesser General Public License for more details.
16 You should have received a copy of the GNU Lesser General Public
17 License along with the GNU C Library; if not, write to the Free
18 Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
21 /* Written by Ulrich Drepper <drepper@gnu.ai.mit.edu>, 1995. */
23 #include "build-config.h"
25 #include <sys/types.h>
32 #ifdef WORDS_BIGENDIAN
34 (((n) << 24) | (((n) & 0xff00) << 8) | (((n) >> 8) & 0xff00) | ((n) >> 24))
40 /* This array contains the bytes used to pad the buffer to the next
41 64-byte boundary. (RFC 1321, 3.1: Step 1) */
42 static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ };
44 /* These are the four functions used in the four steps of the MD5 algorithm
45 and defined in the RFC 1321. The first function is a little bit optimized
46 (as found in Colin Plumbs public domain implementation). */
47 /* #define FF(b, c, d) ((b & c) | (~b & d)) */
48 #define FF(b, c, d) (d ^ (b & (c ^ d)))
49 #define FG(b, c, d) FF (d, b, c)
50 #define FH(b, c, d) (b ^ c ^ d)
51 #define FI(b, c, d) (c ^ (b | ~d))
53 /* Process LEN bytes of BUFFER, accumulating context into CTX.
54 It is assumed that LEN % 64 == 0. */
57 md5_process_block(const void *buffer, size_t len, struct md5_ctx *ctx)
59 uint32_t correct_words[16];
60 const uint32_t *words = buffer;
61 size_t nwords = len / sizeof (uint32_t);
62 const uint32_t *endp = words + nwords;
68 /* First increment the byte count. RFC 1321 specifies the possible
69 length of the file up to 2^64 bits. Here we only compute the
70 number of bytes. Do a double word increment. */
72 if (ctx->total[0] < len)
75 /* Process all bytes in the buffer with 64 bytes in each round of
79 uint32_t *cwp = correct_words;
85 /* First round: using the given function, the context and a constant
86 the next context is computed. Because the algorithms processing
87 unit is a 32-bit word and it is determined to work on words in
88 little endian byte order we perhaps have to change the byte order
89 before the computation. To reduce the work for the next steps
90 we store the swapped words in the array CORRECT_WORDS. */
92 #define OP(a, b, c, d, s, T) \
95 a += FF (b, c, d) + (*cwp++ = SWAP (*words)) + T; \
102 /* It is unfortunate that C does not provide an operator for
103 cyclic rotation. Hope the C compiler is smart enough. */
104 #define CYCLIC(w, s) (w = (w << s) | (w >> (32 - s)))
106 /* Before we start, one word to the strange constants.
107 They are defined in RFC 1321 as
109 T[i] = (int) (4294967296.0 * fabs (sin (i))), i=1..64
113 OP (A, B, C, D, 7, 0xd76aa478);
114 OP (D, A, B, C, 12, 0xe8c7b756);
115 OP (C, D, A, B, 17, 0x242070db);
116 OP (B, C, D, A, 22, 0xc1bdceee);
117 OP (A, B, C, D, 7, 0xf57c0faf);
118 OP (D, A, B, C, 12, 0x4787c62a);
119 OP (C, D, A, B, 17, 0xa8304613);
120 OP (B, C, D, A, 22, 0xfd469501);
121 OP (A, B, C, D, 7, 0x698098d8);
122 OP (D, A, B, C, 12, 0x8b44f7af);
123 OP (C, D, A, B, 17, 0xffff5bb1);
124 OP (B, C, D, A, 22, 0x895cd7be);
125 OP (A, B, C, D, 7, 0x6b901122);
126 OP (D, A, B, C, 12, 0xfd987193);
127 OP (C, D, A, B, 17, 0xa679438e);
128 OP (B, C, D, A, 22, 0x49b40821);
130 /* For the second to fourth round we have the possibly swapped words
131 in CORRECT_WORDS. Redefine the macro to take an additional first
132 argument specifying the function to use. */
134 #define OP(f, a, b, c, d, k, s, T) \
137 a += f (b, c, d) + correct_words[k] + T; \
144 OP (FG, A, B, C, D, 1, 5, 0xf61e2562);
145 OP (FG, D, A, B, C, 6, 9, 0xc040b340);
146 OP (FG, C, D, A, B, 11, 14, 0x265e5a51);
147 OP (FG, B, C, D, A, 0, 20, 0xe9b6c7aa);
148 OP (FG, A, B, C, D, 5, 5, 0xd62f105d);
149 OP (FG, D, A, B, C, 10, 9, 0x02441453);
150 OP (FG, C, D, A, B, 15, 14, 0xd8a1e681);
151 OP (FG, B, C, D, A, 4, 20, 0xe7d3fbc8);
152 OP (FG, A, B, C, D, 9, 5, 0x21e1cde6);
153 OP (FG, D, A, B, C, 14, 9, 0xc33707d6);
154 OP (FG, C, D, A, B, 3, 14, 0xf4d50d87);
155 OP (FG, B, C, D, A, 8, 20, 0x455a14ed);
156 OP (FG, A, B, C, D, 13, 5, 0xa9e3e905);
157 OP (FG, D, A, B, C, 2, 9, 0xfcefa3f8);
158 OP (FG, C, D, A, B, 7, 14, 0x676f02d9);
159 OP (FG, B, C, D, A, 12, 20, 0x8d2a4c8a);
162 OP (FH, A, B, C, D, 5, 4, 0xfffa3942);
163 OP (FH, D, A, B, C, 8, 11, 0x8771f681);
164 OP (FH, C, D, A, B, 11, 16, 0x6d9d6122);
165 OP (FH, B, C, D, A, 14, 23, 0xfde5380c);
166 OP (FH, A, B, C, D, 1, 4, 0xa4beea44);
167 OP (FH, D, A, B, C, 4, 11, 0x4bdecfa9);
168 OP (FH, C, D, A, B, 7, 16, 0xf6bb4b60);
169 OP (FH, B, C, D, A, 10, 23, 0xbebfbc70);
170 OP (FH, A, B, C, D, 13, 4, 0x289b7ec6);
171 OP (FH, D, A, B, C, 0, 11, 0xeaa127fa);
172 OP (FH, C, D, A, B, 3, 16, 0xd4ef3085);
173 OP (FH, B, C, D, A, 6, 23, 0x04881d05);
174 OP (FH, A, B, C, D, 9, 4, 0xd9d4d039);
175 OP (FH, D, A, B, C, 12, 11, 0xe6db99e5);
176 OP (FH, C, D, A, B, 15, 16, 0x1fa27cf8);
177 OP (FH, B, C, D, A, 2, 23, 0xc4ac5665);
180 OP (FI, A, B, C, D, 0, 6, 0xf4292244);
181 OP (FI, D, A, B, C, 7, 10, 0x432aff97);
182 OP (FI, C, D, A, B, 14, 15, 0xab9423a7);
183 OP (FI, B, C, D, A, 5, 21, 0xfc93a039);
184 OP (FI, A, B, C, D, 12, 6, 0x655b59c3);
185 OP (FI, D, A, B, C, 3, 10, 0x8f0ccc92);
186 OP (FI, C, D, A, B, 10, 15, 0xffeff47d);
187 OP (FI, B, C, D, A, 1, 21, 0x85845dd1);
188 OP (FI, A, B, C, D, 8, 6, 0x6fa87e4f);
189 OP (FI, D, A, B, C, 15, 10, 0xfe2ce6e0);
190 OP (FI, C, D, A, B, 6, 15, 0xa3014314);
191 OP (FI, B, C, D, A, 13, 21, 0x4e0811a1);
192 OP (FI, A, B, C, D, 4, 6, 0xf7537e82);
193 OP (FI, D, A, B, C, 11, 10, 0xbd3af235);
194 OP (FI, C, D, A, B, 2, 15, 0x2ad7d2bb);
195 OP (FI, B, C, D, A, 9, 21, 0xeb86d391);
197 /* Add the starting values of the context. */
204 /* Put checksum in context given as argument. */
211 /* Initialize structure containing state of computation.
212 (RFC 1321, 3.3: Step 3) */
214 md5_init(struct md5_ctx *ctx)
221 ctx->total[0] = ctx->total[1] = 0;
225 /* Put result from CTX in first 16 bytes following RESBUF. The result
226 must be in little endian byte order.
228 IMPORTANT: On some systems it is required that RESBUF is correctly
229 aligned for a 32 bits value. */
231 md5_read_ctx(const struct md5_ctx *ctx, void *resbuf)
233 ((uint32_t *) resbuf)[0] = SWAP (ctx->A);
234 ((uint32_t *) resbuf)[1] = SWAP (ctx->B);
235 ((uint32_t *) resbuf)[2] = SWAP (ctx->C);
236 ((uint32_t *) resbuf)[3] = SWAP (ctx->D);
239 /* Process the remaining bytes in the internal buffer and the usual
240 prolog according to the standard and write the result to RESBUF.
242 IMPORTANT: On some systems it is required that RESBUF is correctly
243 aligned for a 32 bits value. */
245 md5_digest(struct md5_ctx *ctx, unsigned length, uint8_t *resbuf)
247 /* Take yet unprocessed bytes into account. */
248 uint32_t bytes = ctx->buflen;
251 /* Now count remaining bytes. */
252 ctx->total[0] += bytes;
253 if (ctx->total[0] < bytes)
256 pad = bytes >= 56 ? 64 + 56 - bytes : 56 - bytes;
257 memcpy (&ctx->buffer[bytes], fillbuf, pad);
259 /* Put the 64-bit file length in *bits* at the end of the buffer. */
260 *(uint32_t *) &ctx->buffer[bytes + pad] = SWAP (ctx->total[0] << 3);
261 *(uint32_t *) &ctx->buffer[bytes + pad + 4] = SWAP ((ctx->total[1] << 3) |
262 (ctx->total[0] >> 29));
264 /* Process last bytes. */
265 md5_process_block (ctx->buffer, bytes + pad + 8, ctx);
267 md5_read_ctx(ctx, resbuf);
273 md5_update(struct md5_ctx *ctx, unsigned length,
274 const uint8_t *buffer)
276 /* When we already have some bits in our internal buffer concatenate
277 both inputs first. */
278 if (ctx->buflen != 0)
280 size_t left_over = ctx->buflen;
281 size_t add = 128 - left_over > length ? length : 128 - left_over;
283 memcpy (&ctx->buffer[left_over], buffer, add);
286 if (ctx->buflen > 64)
288 md5_process_block (ctx->buffer, ctx->buflen & ~63, ctx);
291 /* The regions in the following copy operation cannot overlap. */
292 memcpy (ctx->buffer, &ctx->buffer[(left_over + add) & ~63],
296 buffer = (const uint8_t *) buffer + add;
300 /* Process available complete blocks. */
303 #if !_STRING_ARCH_unaligned
304 /* To check alignment gcc has an appropriate operator. Other
307 # define UNALIGNED_P(p) (((md5_uintptr) p) % __alignof__ (uint32_t) != 0)
309 # define UNALIGNED_P(p) (((md5_uintptr) p) % sizeof (uint32_t) != 0)
311 if (UNALIGNED_P (buffer))
314 md5_process_block (memcpy (ctx->buffer, buffer, 64), 64, ctx);
315 buffer = (const uint8_t *) buffer + 64;
321 md5_process_block (buffer, length & ~63, ctx);
322 buffer = (const uint8_t *) buffer + (length & ~63);
327 /* Move remaining bytes in internal buffer. */
330 size_t left_over = ctx->buflen;
332 memcpy (&ctx->buffer[left_over], buffer, length);
336 md5_process_block (ctx->buffer, 64, ctx);
338 memcpy (ctx->buffer, &ctx->buffer[64], left_over);
340 ctx->buflen = left_over;