[become] / src / md5.c

/* -*-c-*-
 *
 * $Id: md5.c,v 1.3 1998/01/12 16:46:11 mdw Exp $
 *
 * MD-5 secure hash routines
 *  Based on RSA MD-5 code
 *
 * (c) 1996-1998 Mark Wooding
 */

/*----- Licensing notice --------------------------------------------------*
 *
 * This file is part of `become'
 *
 * `Become' is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * `Become' is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with `become'; if not, write to the Free Software Foundation,
 * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 */

/*----- Revision history --------------------------------------------------*
 *
 * $Log: md5.c,v $
 * Revision 1.3  1998/01/12 16:46:11  mdw
 * Fix copyright date.
 *
 * Revision 1.2  1997/08/04 10:24:23  mdw
 * Sources placed under CVS control.
 *
 * Revision 1.1  1997/07/21  13:47:47  mdw
 * Initial revision
 *
 */

/*----- Header files ------------------------------------------------------*/

#include <stdio.h>
#include <string.h>

#include "config.h"
#include "md5.h"
#include "utils.h"

/*----- Define MD-5 transform ---------------------------------------------*/

/* --- Low-level nonlinear functions --- */

#define f(x,y,z) (((x) & (y)) | ((~x) & (z)))
#define g(x,y,z) (((x) & (z)) | ((y) & (~z)))
#define h(x,y,z) ((x) ^ (y) ^ (z))
#define i(x,y,z) ((y) ^ ((x) | (~z)))

#define rol(x,b) (((x) << (b)) | ((x) >> (32-(b))))

/* --- Rotations applied at various stages --- */

#define S11 7u
#define S12 12u
#define S13 17
#define S14 22u
#define S21 5u
#define S22 9u
#define S23 14u
#define S24 20u
#define S31 4u
#define S32 11u
#define S33 16u
#define S34 23u
#define S41 6u
#define S42 10u
#define S43 15u
#define S44 21u

/* --- Higher level nonlinear functions --- */

#define ff(a, b, c, d, x, s, m) ( a += f(b, c, d) + x + m,              \
                                  a = rol(a, s), a += b )

#define gg(a, b, c, d, x, s, m) ( a += g(b, c, d) + x + m,              \
                                  a = rol(a, s), a += b )

#define hh(a, b, c, d, x, s, m) ( a += h(b, c, d) + x + m,              \
                                  a = rol(a, s), a += b )

#define ii(a, b, c, d, x, s, m) ( a += i(b, c, d) + x + m,              \
                                  a = rol(a, s), a += b )

/*----- Main code ---------------------------------------------------------*/

/* --- @md5__trans@ --- *
 *
 * Arguments:   @uint_32 *v@ = pointer to chaining variables (updated)
 *              @const unsigned char *buf@ = pointer to a 64-byte block
 *
 * Returns:     ---
 *
 * Use:         Performs the main MD5 transform on a block of data.
 */

static void md5__trans(uint_32 *v, const unsigned char *buf)
{
  uint_32 a, b, c, d;
  uint_32 ib[16];
  size_t i;

  /* --- Initialise my internal registers --- */

  a = v[0], b = v[1], c = v[2], d = v[3];

  /* --- Turn the buffer into 32-bit words --- */

  for (i = 0; i < 16; i++)
    ib[i] = load32_l(buf + (i << 2));

  /* --- Round one --- */

  ff(a, b, c, d, ib[ 0], S11, 0xd76aa478);      /* 1 */
  ff(d, a, b, c, ib[ 1], S12, 0xe8c7b756);      /* 2 */
  ff(c, d, a, b, ib[ 2], S13, 0x242070db);      /* 3 */
  ff(b, c, d, a, ib[ 3], S14, 0xc1bdceee);      /* 4 */
  ff(a, b, c, d, ib[ 4], S11, 0xf57c0faf);      /* 5 */
  ff(d, a, b, c, ib[ 5], S12, 0x4787c62a);      /* 6 */
  ff(c, d, a, b, ib[ 6], S13, 0xa8304613);      /* 7 */
  ff(b, c, d, a, ib[ 7], S14, 0xfd469501);      /* 8 */
  ff(a, b, c, d, ib[ 8], S11, 0x698098d8);      /* 9 */
  ff(d, a, b, c, ib[ 9], S12, 0x8b44f7af);      /* 10 */
  ff(c, d, a, b, ib[10], S13, 0xffff5bb1);      /* 11 */
  ff(b, c, d, a, ib[11], S14, 0x895cd7be);      /* 12 */
  ff(a, b, c, d, ib[12], S11, 0x6b901122);      /* 13 */
  ff(d, a, b, c, ib[13], S12, 0xfd987193);      /* 14 */
  ff(c, d, a, b, ib[14], S13, 0xa679438e);      /* 15 */
  ff(b, c, d, a, ib[15], S14, 0x49b40821);      /* 16 */

  /* --- Round two --- */

  gg(a, b, c, d, ib[ 1], S21, 0xf61e2562);      /* 17 */
  gg(d, a, b, c, ib[ 6], S22, 0xc040b340);      /* 18 */
  gg(c, d, a, b, ib[11], S23, 0x265e5a51);      /* 19 */
  gg(b, c, d, a, ib[ 0], S24, 0xe9b6c7aa);      /* 20 */
  gg(a, b, c, d, ib[ 5], S21, 0xd62f105d);      /* 21 */
  gg(d, a, b, c, ib[10], S22, 0x02441453);      /* 22 */
  gg(c, d, a, b, ib[15], S23, 0xd8a1e681);      /* 23 */
  gg(b, c, d, a, ib[ 4], S24, 0xe7d3fbc8);      /* 24 */
  gg(a, b, c, d, ib[ 9], S21, 0x21e1cde6);      /* 25 */
  gg(d, a, b, c, ib[14], S22, 0xc33707d6);      /* 26 */
  gg(c, d, a, b, ib[ 3], S23, 0xf4d50d87);      /* 27 */
  gg(b, c, d, a, ib[ 8], S24, 0x455a14ed);      /* 28 */
  gg(a, b, c, d, ib[13], S21, 0xa9e3e905);      /* 29 */
  gg(d, a, b, c, ib[ 2], S22, 0xfcefa3f8);      /* 30 */
  gg(c, d, a, b, ib[ 7], S23, 0x676f02d9);      /* 31 */
  gg(b, c, d, a, ib[12], S24, 0x8d2a4c8a);      /* 32 */

  /* --- Round three --- */

  hh(a, b, c, d, ib[ 5], S31, 0xfffa3942);      /* 33 */
  hh(d, a, b, c, ib[ 8], S32, 0x8771f681);      /* 34 */
  hh(c, d, a, b, ib[11], S33, 0x6d9d6122);      /* 35 */
  hh(b, c, d, a, ib[14], S34, 0xfde5380c);      /* 36 */
  hh(a, b, c, d, ib[ 1], S31, 0xa4beea44);      /* 37 */
  hh(d, a, b, c, ib[ 4], S32, 0x4bdecfa9);      /* 38 */
  hh(c, d, a, b, ib[ 7], S33, 0xf6bb4b60);      /* 39 */
  hh(b, c, d, a, ib[10], S34, 0xbebfbc70);      /* 40 */
  hh(a, b, c, d, ib[13], S31, 0x289b7ec6);      /* 41 */
  hh(d, a, b, c, ib[ 0], S32, 0xeaa127fa);      /* 42 */
  hh(c, d, a, b, ib[ 3], S33, 0xd4ef3085);      /* 43 */
  hh(b, c, d, a, ib[ 6], S34, 0x04881d05);      /* 44 */
  hh(a, b, c, d, ib[ 9], S31, 0xd9d4d039);      /* 45 */
  hh(d, a, b, c, ib[12], S32, 0xe6db99e5);      /* 46 */
  hh(c, d, a, b, ib[15], S33, 0x1fa27cf8);      /* 47 */
  hh(b, c, d, a, ib[ 2], S34, 0xc4ac5665);      /* 48 */

  /* --- Round four --- */

  ii(a, b, c, d, ib[ 0], S41, 0xf4292244);      /* 49 */
  ii(d, a, b, c, ib[ 7], S42, 0x432aff97);      /* 50 */
  ii(c, d, a, b, ib[14], S43, 0xab9423a7);      /* 51 */
  ii(b, c, d, a, ib[ 5], S44, 0xfc93a039);      /* 52 */
  ii(a, b, c, d, ib[12], S41, 0x655b59c3);      /* 53 */
  ii(d, a, b, c, ib[ 3], S42, 0x8f0ccc92);      /* 54 */
  ii(c, d, a, b, ib[10], S43, 0xffeff47d);      /* 55 */
  ii(b, c, d, a, ib[ 1], S44, 0x85845dd1);      /* 56 */
  ii(a, b, c, d, ib[ 8], S41, 0x6fa87e4f);      /* 57 */
  ii(d, a, b, c, ib[15], S42, 0xfe2ce6e0);      /* 58 */
  ii(c, d, a, b, ib[ 6], S43, 0xa3014314);      /* 59 */
  ii(b, c, d, a, ib[13], S44, 0x4e0811a1);      /* 60 */
  ii(a, b, c, d, ib[ 4], S41, 0xf7537e82);      /* 61 */
  ii(d, a, b, c, ib[11], S42, 0xbd3af235);      /* 62 */
  ii(c, d, a, b, ib[ 2], S43, 0x2ad7d2bb);      /* 63 */
  ii(b, c, d, a, ib[ 9], S44, 0xeb86d391);      /* 64 */

  /* --- Update the context --- */

  v[0] += a, v[1] += b, v[2] += c, v[3] += d;
}

/* --- @md5_trans@ --- *
 *
 * Arguments:   @unsigned char *v@ = pointer to chaining block (updated)
 *              @const unsigned char *buf@ = pointer to input buffer
 *
 * Returns:     ---
 *
 * Use:         Performs the MD5 transformation on a chunk of data.  This may
 *              be useful for using MD5 in MDC-type cipher constructions.
 */

void md5_trans(unsigned char *v, const unsigned char *buf)
{
  uint_32 vv[4];

  vv[0] = load32_l(v +  0);
  vv[1] = load32_l(v +  4);
  vv[2] = load32_l(v +  8);
  vv[3] = load32_l(v + 12);
  md5__trans(vv, buf);
  store32_l(v +  0, vv[0]);
  store32_l(v +  4, vv[1]);
  store32_l(v +  8, vv[2]);
  store32_l(v + 12, vv[3]);
}

/* --- @md5_buffer@ --- *
 *
 * Arguments:   @md5 *m@ = pointer to an MD5 context
 *              @const void *buff@ = pointer to buffer of data
 *              @size_t size@ = size of buffer
 *
 * Returns:     ---
 *
 * Use:         Hashes the buffer of data.  You can call @md5_buffer@
 *              lots of times during an MD5 job, to allow big files to be
 *              split into little ones.
 */

void md5_buffer(md5 *m, const void *buff, size_t size)
{
  long int s = size;
  const unsigned char *b = buff;
  unsigned long x, y;

  /* --- Maybe there's some data already in the buffer --- */

  if (x = m->size & 63, x) {
    y = 64 - x;
    if (y > s) {
      memcpy(x + m->buf, b, s);
      m->size += s;
      return;
    }
    memcpy(x + m->buf, b, y);
    md5__trans(m->val, m->buf);
    s -= y, b += y;
  }

  /* --- Now do whole buffers-full --- */

  while (s >= 64) {
    md5__trans(m->val, b);
    s -= 64, b += 64;
  }

  /* --- Tidy up the tail end --- */

  if (s)
    memcpy(m->buf, b, s);
  m->size += size;
}

/* --- @md5_key@ --- *
 *
 * Arguments:   @md5 *m@ = pointer to an MD5 context
 *              @const unsigned char *k@ = pointer to a 4-word `key'
 *
 * Returns:     ---
 *
 * Use:         Initialises a context buffer, with a chosen initialisation
 *              string (instead of the standard MD5 value).  This allows you
 *              to use NMAC message authentication, should the urge take you.
 */

void md5_key(md5 *m, const unsigned char *k)
{
  m->size = 0;
  m->val[0] = load32_l(k +  0);
  m->val[0] = load32_l(k +  4);
  m->val[0] = load32_l(k +  8);
  m->val[0] = load32_l(k + 12);
}

/* --- @md5_init@ --- *
 *
 * Arguments:   @md5 *m@ = pointer to an MD5 context
 *
 * Returns:     ---
 *
 * Use:         Initialises the context buffer, so that you can do an
 *              MD5 job.
 */

void md5_init(md5 *m)
{
  m->size = 0;
  m->val[0] = 0x67452301;
  m->val[1] = 0xefcdab89;
  m->val[2] = 0x98badcfe;
  m->val[3] = 0x10325476;
}

/* --- @md5_final@ --- *
 *
 * Arguments:   @md5 *m@ = pointer to context buffer
 *              @unsigned char *v@ = where to store the value
 *
 * Returns:     ---
 *
 * Use:         Finalises an MD5 buffer, so that you can use the result.
 */

void md5_final(md5 *m, unsigned char *v)
{
  int s = m->size;

  /* --- Pad out the block --- */

  {
    const static unsigned char pad[64] = { 0x80 };
    int p = m->size & 63;
    p = (p < 56) ? (p = 56 - p) : (p = 120 - p);
    md5_buffer(m, pad, p);
  }

  /* --- Append the length --- */

  {
    unsigned char b[8];

    store32_l(b + 0, s << 3);
    store32_l(b + 4, s >> 29);
    md5_buffer(m, b, 8);
  }

  /* --- Write out the value --- */

  if (v) {
    store32_l(v +  0, m->val[0]);
    store32_l(v +  4, m->val[1]);
    store32_l(v +  8, m->val[2]);
    store32_l(v + 12, m->val[3]);
  }
}

/*----- Test driver -------------------------------------------------------*/

#ifdef TEST_RIG

int main(int argc, char *argv[])
{
  if (argc > 1 && strcmp(argv[1], "-x") == 0) {

    static struct {
      const char *string;
      uint_32 md[4];
    } table[] = {
      "",               { 0xd98c1dd4, 0x04b2008f, 0x980980e9, 0x7e42f8ec },
      "a",              { 0xb975c10c, 0xa8b6f1c0, 0xe299c331, 0x61267769 },
      "abc",            { 0x98500190, 0xb04fd23c, 0x7d3f96d6, 0x727fe128 },
      "message digest", { 0x7d696bf9, 0x8d93b77c, 0x312f5a52, 0xd061f1aa },
      "abcdefghijklmnopqrstuvwxyz",
                        { 0xd7d3fcc3, 0x00e49261, 0x6c49fb7d, 0x3be167ca },
      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
                        { 0x98ab74d1, 0xf5d977d2, 0x2c1c61a5, 0x9f9d419f },
      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\n"
      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\n"
      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\n"
      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\n"
      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\n"
      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\n"
      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\n"
      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\n"
      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\n"
      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\n"
      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\n"
      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\n"
      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\n"
      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\n"
      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\n"
      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\n"
      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\n"
      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\n"
      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\n"
      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\n"
      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\n"
      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\n"
      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\n",
                        { 0xbaa7652b, 0x5e10cd4a, 0xde9acbf2, 0xfa0b9fbd }
    };
    int steptbl[] = { 3, 18, 32, 37, 63, 64, 65, 256, 1024, -1 };

    md5 m;
    int i, j;
    const char *p;
    size_t sz, a, d;
    int f = 1;

    for (i = 0; i < sizeof(table) / sizeof(table[0]); i++) {
      sz = strlen(table[i].string);
      for (j = 0; steptbl[j] < sz && steptbl[j] != -1; j++) {
        p = table[i].string;
        d = steptbl[j];
        md5_init(&m);
        for (a = sz; a > d; a -= d) {
          md5_buffer(&m, p, d);
          p += d;
        }
        md5_buffer(&m, p, a);
        md5_final(&m, 0);
        if (m.val[0] != table[i].md[0] ||
            m.val[1] != table[i].md[1] ||
            m.val[2] != table[i].md[2] ||
            m.val[3] != table[i].md[3]) {
          printf("!!! bad value, string == `%s', step size == %i\n"
                 "!!! expected %08lx-%08lx-%08lx-%08lx, found "
                 "%08lx-%08lx-%08lx-%08lx\n\n",
                 table[i].string, d,
                 (unsigned long)table[i].md[0],
                 (unsigned long)table[i].md[1],
                 (unsigned long)table[i].md[2],
                 (unsigned long)table[i].md[3],
                 (unsigned long)m.val[0],
                 (unsigned long)m.val[1],
                 (unsigned long)m.val[2],
                 (unsigned long)m.val[3]);
          f = 0;
        }
      }
      md5_init(&m);
      md5_buffer(&m, table[i].string, sz);
      md5_final(&m, 0);
      if (m.val[0] != table[i].md[0] ||
          m.val[1] != table[i].md[1] ||
          m.val[2] != table[i].md[2] ||
          m.val[3] != table[i].md[3]) {
        printf("!!! bad value, string == `%s', step size == entire string\n"
               "!!! expected %08lx-%08lx-%08lx-%08lx, found "
               "%08lx-%08lx-%08lx-%08lx\n\n",
               table[i].string,
               (unsigned long)table[i].md[0],
               (unsigned long)table[i].md[1],
               (unsigned long)table[i].md[2],
               (unsigned long)table[i].md[3],
               (unsigned long)m.val[0],
               (unsigned long)m.val[1],
               (unsigned long)m.val[2],
               (unsigned long)m.val[3]);
        f = 0;
      } else {
        printf("`%s' => %08lx-%08lx-%08lx-%08lx\n",
               table[i].string,
               (unsigned long)m.val[0],
               (unsigned long)m.val[1],
               (unsigned long)m.val[2],
               (unsigned long)m.val[3]);
      }
    }
    
  } else {

    char buff[4096];
    md5 m;
    int i;
    int read;

    md5_init(&m);
    while (read = fread(buff, 1, 4096, stdin), read)
      md5_buffer(&m, buff, read);
    md5_final(&m, 0);

    for (i = 0; i < 4; i++)
      printf("%02lx%02lx%02lx%02lx",
             (unsigned long)( (m.val[i] & 0x000000FF) >>  0 ),
             (unsigned long)( (m.val[i] & 0x0000FF00) >>  8 ),
             (unsigned long)( (m.val[i] & 0x00FF0000) >> 16 ),
             (unsigned long)( (m.val[i] & 0xFF000000) >> 24 ));
    putc('\n', stdout);

  }

  return (0);
}

#endif

/*----- That's all, folks -------------------------------------------------*/