1
/* MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm
4
/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
7
License to copy and use this software is granted provided that it
8
is identified as the "RSA Data Security, Inc. MD5 Message-Digest
9
Algorithm" in all material mentioning or referencing this software
12
License is also granted to make and use derivative works provided
13
that such works are identified as "derived from the RSA Data
14
Security, Inc. MD5 Message-Digest Algorithm" in all material
15
mentioning or referencing the derived work.
17
RSA Data Security, Inc. makes no representations concerning either
18
the merchantability of this software or the suitability of this
19
software for any particular purpose. It is provided "as is"
20
without express or implied warranty of any kind.
22
These notices must be retained in any copies of any part of this
23
documentation and/or software.
30
/* Constants for MD5Transform routine.
49
static void MD5Transform PROTO_LIST ((UINT4 [4], unsigned char [64]));
50
static void Encode PROTO_LIST
51
((unsigned char *, UINT4 *, unsigned int));
52
static void Decode PROTO_LIST
53
((UINT4 *, unsigned char *, unsigned int));
54
static void MD5_memcpy PROTO_LIST ((POINTER, POINTER, unsigned int));
55
static void MD5_memset PROTO_LIST ((POINTER, int, unsigned int));
57
static unsigned char PADDING[64] = {
58
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
59
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
60
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
63
/* F, G, H and I are basic MD5 functions.
65
#define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
66
#define G(x, y, z) (((x) & (z)) | ((y) & (~z)))
67
#define H(x, y, z) ((x) ^ (y) ^ (z))
68
#define I(x, y, z) ((y) ^ ((x) | (~z)))
70
/* ROTATE_LEFT rotates x left n bits.
72
#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n))))
74
/* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4.
75
Rotation is separate from addition to prevent recomputation.
77
#define FF(a, b, c, d, x, s, ac) { \
78
(a) += F ((b), (c), (d)) + (x) + (UINT4)(ac); \
79
(a) = ROTATE_LEFT ((a), (s)); \
82
#define GG(a, b, c, d, x, s, ac) { \
83
(a) += G ((b), (c), (d)) + (x) + (UINT4)(ac); \
84
(a) = ROTATE_LEFT ((a), (s)); \
87
#define HH(a, b, c, d, x, s, ac) { \
88
(a) += H ((b), (c), (d)) + (x) + (UINT4)(ac); \
89
(a) = ROTATE_LEFT ((a), (s)); \
92
#define II(a, b, c, d, x, s, ac) { \
93
(a) += I ((b), (c), (d)) + (x) + (UINT4)(ac); \
94
(a) = ROTATE_LEFT ((a), (s)); \
98
/* MD5 initialization. Begins an MD5 operation, writing a new context.
102
MD5_CTX *context /* context */
105
context->count[0] = context->count[1] = 0;
107
/* Load magic initialization constants.
109
context->state[0] = 0x67452301;
110
context->state[1] = 0xefcdab89;
111
context->state[2] = 0x98badcfe;
112
context->state[3] = 0x10325476;
115
/* MD5 block update operation. Continues an MD5 message-digest
116
operation, processing another message block, and updating the
121
MD5_CTX *context, /* context */
122
unsigned char *input, /* input block */
123
unsigned int inputLen /* length of input block */
126
unsigned int i, idx, partLen;
128
/* Compute number of bytes mod 64 */
129
idx = (unsigned int)((context->count[0] >> 3) & 0x3F);
131
/* Update number of bits */
132
if ((context->count[0] += ((UINT4)inputLen << 3))
133
< ((UINT4)inputLen << 3))
135
context->count[1] += ((UINT4)inputLen >> 29);
139
/* Transform as many times as possible.
141
if (inputLen >= partLen) {
143
((POINTER)&context->buffer[idx], (POINTER)input, partLen);
144
MD5Transform (context->state, context->buffer);
146
for (i = partLen; i + 63 < inputLen; i += 64)
147
MD5Transform (context->state, &input[i]);
154
/* Buffer remaining input */
156
((POINTER)&context->buffer[idx], (POINTER)&input[i],
160
/* MD5 finalization. Ends an MD5 message-digest operation, writing the
161
the message digest and zeroizing the context.
165
unsigned char digest[16], /* message digest */
166
MD5_CTX *context /* context */
169
unsigned char bits[8];
170
unsigned int idx, padLen;
172
/* Save number of bits */
173
Encode (bits, context->count, 8);
175
/* Pad out to 56 mod 64.
177
idx = (unsigned int)((context->count[0] >> 3) & 0x3f);
178
padLen = (idx < 56) ? (56 - idx) : (120 - idx);
179
MD5Update (context, PADDING, padLen);
181
/* Append length (before padding) */
182
MD5Update (context, bits, 8);
184
/* Store state in digest */
185
Encode (digest, context->state, 16);
187
/* Zeroize sensitive information.
189
MD5_memset ((POINTER)context, 0, sizeof (*context));
192
/* MD5 basic transformation. Transforms state based on block.
197
unsigned char block[64]
200
UINT4 a = state[0], b = state[1], c = state[2], d = state[3], x[16];
202
Decode (x, block, 64);
205
FF (a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */
206
FF (d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */
207
FF (c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */
208
FF (b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */
209
FF (a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */
210
FF (d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */
211
FF (c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */
212
FF (b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */
213
FF (a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */
214
FF (d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */
215
FF (c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */
216
FF (b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */
217
FF (a, b, c, d, x[12], S11, 0x6b901122); /* 13 */
218
FF (d, a, b, c, x[13], S12, 0xfd987193); /* 14 */
219
FF (c, d, a, b, x[14], S13, 0xa679438e); /* 15 */
220
FF (b, c, d, a, x[15], S14, 0x49b40821); /* 16 */
223
GG (a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */
224
GG (d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */
225
GG (c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */
226
GG (b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */
227
GG (a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */
228
GG (d, a, b, c, x[10], S22, 0x2441453); /* 22 */
229
GG (c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */
230
GG (b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */
231
GG (a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */
232
GG (d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */
233
GG (c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */
234
GG (b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */
235
GG (a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */
236
GG (d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */
237
GG (c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */
238
GG (b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */
241
HH (a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */
242
HH (d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */
243
HH (c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */
244
HH (b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */
245
HH (a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */
246
HH (d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */
247
HH (c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */
248
HH (b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */
249
HH (a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */
250
HH (d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */
251
HH (c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */
252
HH (b, c, d, a, x[ 6], S34, 0x4881d05); /* 44 */
253
HH (a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */
254
HH (d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */
255
HH (c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */
256
HH (b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */
259
II (a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */
260
II (d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */
261
II (c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */
262
II (b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */
263
II (a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */
264
II (d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */
265
II (c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */
266
II (b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */
267
II (a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */
268
II (d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */
269
II (c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */
270
II (b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */
271
II (a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */
272
II (d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */
273
II (c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */
274
II (b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */
281
/* Zeroize sensitive information.
283
MD5_memset ((POINTER)x, 0, sizeof (x));
286
/* Encodes input (UINT4) into output (unsigned char). Assumes len is
291
unsigned char *output,
298
for (i = 0, j = 0; j < len; i++, j += 4) {
299
output[j] = (unsigned char)(input[i] & 0xff);
300
output[j+1] = (unsigned char)((input[i] >> 8) & 0xff);
301
output[j+2] = (unsigned char)((input[i] >> 16) & 0xff);
302
output[j+3] = (unsigned char)((input[i] >> 24) & 0xff);
306
/* Decodes input (unsigned char) into output (UINT4). Assumes len is
312
unsigned char *input,
318
for (i = 0, j = 0; j < len; i++, j += 4)
319
output[i] = ((UINT4)input[j]) | (((UINT4)input[j+1]) << 8) |
320
(((UINT4)input[j+2]) << 16) | (((UINT4)input[j+3]) << 24);
323
/* Note: Replace "for loop" with standard memcpy if possible.
334
for (i = 0; i < len; i++)
335
output[i] = input[i];
338
/* Note: Replace "for loop" with standard memset if possible.
349
for (i = 0; i < len; i++)
350
((char *)output)[i] = (char)value;