1
/* MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm
4
/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
7
License to copy and use this software is granted provided that it
8
is identified as the "RSA Data Security, Inc. MD5 Message-Digest
9
Algorithm" in all material mentioning or referencing this software
12
License is also granted to make and use derivative works provided
13
that such works are identified as "derived from the RSA Data
14
Security, Inc. MD5 Message-Digest Algorithm" in all material
15
mentioning or referencing the derived work.
17
RSA Data Security, Inc. makes no representations concerning either
18
the merchantability of this software or the suitability of this
19
software for any particular purpose. It is provided "as is"
20
without express or implied warranty of any kind.
22
These notices must be retained in any copies of any part of this
23
documentation and/or software.
35
/* Constants for MD5Transform routine.
55
static void MD5Transform (UINT4 [4], unsigned char [64]);
56
static void Encode (unsigned char *, UINT4 *, unsigned int);
57
static void Decode (UINT4 *, unsigned char *, unsigned int);
60
#define MD5_memcpy(output, input, len) memcpy((output), (input), (len))
62
static void MD5_memcpy (POINTER, POINTER, unsigned int);
65
#define MD5_memset(output, value, len) memset((output), (value), (len))
67
static void MD5_memset (POINTER, int, unsigned int);
70
static unsigned char PADDING[64] = {
71
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
72
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
73
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
76
/* F, G, H and I are basic MD5 functions.
78
#define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
79
#define G(x, y, z) (((x) & (z)) | ((y) & (~z)))
80
#define H(x, y, z) ((x) ^ (y) ^ (z))
81
#define I(x, y, z) ((y) ^ ((x) | (~z)))
83
/* ROTATE_LEFT rotates x left n bits.
85
#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n))))
87
/* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4.
88
Rotation is separate from addition to prevent recomputation.
90
#define FF(a, b, c, d, x, s, ac) { \
91
(a) += F ((b), (c), (d)) + (x) + (UINT4)(ac); \
92
(a) = ROTATE_LEFT ((a), (s)); \
95
#define GG(a, b, c, d, x, s, ac) { \
96
(a) += G ((b), (c), (d)) + (x) + (UINT4)(ac); \
97
(a) = ROTATE_LEFT ((a), (s)); \
100
#define HH(a, b, c, d, x, s, ac) { \
101
(a) += H ((b), (c), (d)) + (x) + (UINT4)(ac); \
102
(a) = ROTATE_LEFT ((a), (s)); \
105
#define II(a, b, c, d, x, s, ac) { \
106
(a) += I ((b), (c), (d)) + (x) + (UINT4)(ac); \
107
(a) = ROTATE_LEFT ((a), (s)); \
111
/* MD5 initialization. Begins an MD5 operation, writing a new context.
113
void MD5_Init (context)
114
MD5_CTX *context; /* context */
116
context->count[0] = context->count[1] = 0;
117
/* Load magic initialization constants.
119
context->state[0] = 0x67452301;
120
context->state[1] = 0xefcdab89;
121
context->state[2] = 0x98badcfe;
122
context->state[3] = 0x10325476;
125
/* MD5 block update operation. Continues an MD5 message-digest
126
operation, processing another message block, and updating the
129
void MD5_Update (context, input, inputLen)
130
MD5_CTX *context; /* context */
131
unsigned char *input; /* input block */
132
unsigned int inputLen; /* length of input block */
134
unsigned int i, ndx, partLen;
136
/* Compute number of bytes mod 64 */
137
ndx = (unsigned int)((context->count[0] >> 3) & 0x3F);
139
/* Update number of bits */
140
if ((context->count[0] += ((UINT4)inputLen << 3))
142
< ((UINT4)inputLen << 3))
144
context->count[1] += ((UINT4)inputLen >> 29);
148
/* Transform as many times as possible.
150
if (inputLen >= partLen) {
152
((POINTER)&context->buffer[ndx], (POINTER)input, partLen);
153
MD5Transform (context->state, context->buffer);
155
for (i = partLen; i + 63 < inputLen; i += 64)
156
MD5Transform (context->state, &input[i]);
163
/* Buffer remaining input */
165
((POINTER)&context->buffer[ndx], (POINTER)&input[i],
169
/* MD5 finalization. Ends an MD5 message-digest operation, writing the
170
the message digest and zeroizing the context.
172
void MD5_Final (digest, context)
173
unsigned char digest[16]; /* message digest */
174
MD5_CTX *context; /* context */
176
unsigned char bits[8];
177
unsigned int ndx, padLen;
179
/* Save number of bits */
180
Encode (bits, context->count, 8);
182
/* Pad out to 56 mod 64.
184
ndx = (unsigned int)((context->count[0] >> 3) & 0x3f);
185
padLen = (ndx < 56) ? (56 - ndx) : (120 - ndx);
186
MD5_Update (context, PADDING, padLen);
188
/* Append length (before padding) */
189
MD5_Update (context, bits, 8);
191
/* Store state in digest */
192
Encode (digest, context->state, 16);
194
/* Zeroize sensitive information.
196
MD5_memset ((POINTER)context, 0, sizeof (*context));
199
/* MD5 basic transformation. Transforms state based on block.
201
static void MD5Transform (state, block)
203
unsigned char block[64];
205
UINT4 a = state[0], b = state[1], c = state[2], d = state[3], x[16];
207
Decode (x, block, 64);
210
FF (a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */
211
FF (d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */
212
FF (c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */
213
FF (b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */
214
FF (a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */
215
FF (d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */
216
FF (c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */
217
FF (b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */
218
FF (a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */
219
FF (d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */
220
FF (c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */
221
FF (b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */
222
FF (a, b, c, d, x[12], S11, 0x6b901122); /* 13 */
223
FF (d, a, b, c, x[13], S12, 0xfd987193); /* 14 */
224
FF (c, d, a, b, x[14], S13, 0xa679438e); /* 15 */
225
FF (b, c, d, a, x[15], S14, 0x49b40821); /* 16 */
228
GG (a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */
229
GG (d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */
230
GG (c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */
231
GG (b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */
232
GG (a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */
233
GG (d, a, b, c, x[10], S22, 0x2441453); /* 22 */
234
GG (c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */
235
GG (b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */
236
GG (a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */
237
GG (d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */
238
GG (c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */
240
GG (b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */
241
GG (a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */
242
GG (d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */
243
GG (c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */
244
GG (b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */
247
HH (a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */
248
HH (d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */
249
HH (c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */
250
HH (b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */
251
HH (a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */
252
HH (d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */
253
HH (c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */
254
HH (b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */
255
HH (a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */
256
HH (d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */
257
HH (c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */
258
HH (b, c, d, a, x[ 6], S34, 0x4881d05); /* 44 */
259
HH (a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */
260
HH (d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */
261
HH (c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */
262
HH (b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */
265
II (a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */
266
II (d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */
267
II (c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */
268
II (b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */
269
II (a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */
270
II (d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */
271
II (c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */
272
II (b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */
273
II (a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */
274
II (d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */
275
II (c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */
276
II (b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */
277
II (a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */
278
II (d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */
279
II (c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */
280
II (b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */
287
/* Zeroize sensitive information.
290
MD5_memset ((POINTER)x, 0, sizeof (x));
293
/* Encodes input (UINT4) into output (unsigned char). Assumes len is
296
static void Encode (output, input, len)
297
unsigned char *output;
303
for (i = 0, j = 0; j < len; i++, j += 4) {
304
output[j] = (unsigned char)(input[i] & 0xff);
305
output[j+1] = (unsigned char)((input[i] >> 8) & 0xff);
306
output[j+2] = (unsigned char)((input[i] >> 16) & 0xff);
307
output[j+3] = (unsigned char)((input[i] >> 24) & 0xff);
311
/* Decodes input (unsigned char) into output (UINT4). Assumes len is
314
static void Decode (output, input, len)
316
unsigned char *input;
321
for (i = 0, j = 0; j < len; i++, j += 4)
322
output[i] = ((UINT4)input[j]) | (((UINT4)input[j+1]) << 8) |
323
(((UINT4)input[j+2]) << 16) | (((UINT4)input[j+3]) << 24);
326
/* Note: Replace "for loop" with standard memcpy if possible.
329
static void MD5_memcpy (output, input, len)
336
for (i = 0; i < len; i++)
338
output[i] = input[i];
341
/* Note: Replace "for loop" with standard memset if possible.
344
static void MD5_memset (output, value, len)
351
for (i = 0; i < len; i++)
352
((char *)output)[i] = (char)value;