Ruby  1.9.3p484(2013-11-22revision43786)
md5.c
Go to the documentation of this file.
1 /*
2  Copyright (C) 1999, 2000 Aladdin Enterprises. All rights reserved.
3 
4  This software is provided 'as-is', without any express or implied
5  warranty. In no event will the authors be held liable for any damages
6  arising from the use of this software.
7 
8  Permission is granted to anyone to use this software for any purpose,
9  including commercial applications, and to alter it and redistribute it
10  freely, subject to the following restrictions:
11 
12  1. The origin of this software must not be misrepresented; you must not
13  claim that you wrote the original software. If you use this software
14  in a product, an acknowledgment in the product documentation would be
15  appreciated but is not required.
16  2. Altered source versions must be plainly marked as such, and must not be
17  misrepresented as being the original software.
18  3. This notice may not be removed or altered from any source distribution.
19 
20  L. Peter Deutsch
21  ghost@aladdin.com
22 
23  */
24 
25 /*
26  Independent implementation of MD5 (RFC 1321).
27 
28  This code implements the MD5 Algorithm defined in RFC 1321.
29  It is derived directly from the text of the RFC and not from the
30  reference implementation.
31 
32  The original and principal author of md5.c is L. Peter Deutsch
33  <ghost@aladdin.com>. Other authors are noted in the change history
34  that follows (in reverse chronological order):
35 
36  2000-07-03 lpd Patched to eliminate warnings about "constant is
37  unsigned in ANSI C, signed in traditional";
38  made test program self-checking.
39  1999-11-04 lpd Edited comments slightly for automatic TOC extraction.
40  1999-10-18 lpd Fixed typo in header comment (ansi2knr rather than md5).
41  1999-05-03 lpd Original version.
42  */
43 
44 /*
45  This code was modified for use in Ruby.
46 
47  - Akinori MUSHA <knu@idaemons.org>
48  */
49 
50 /*$OrigId: md5c.c,v 1.2 2001/03/26 08:57:14 matz Exp $ */
51 /*$RoughId: md5.c,v 1.2 2001/07/13 19:48:41 knu Exp $ */
52 /*$Id: md5.c 25189 2009-10-02 12:04:37Z akr $ */
53 
54 #include "md5.h"
55 
56 #ifdef TEST
57 /*
58  * Compile with -DTEST to create a self-contained executable test program.
59  * The test program should print out the same values as given in section
60  * A.5 of RFC 1321, reproduced below.
61  */
62 #include <string.h>
63 int
64 main()
65 {
66  static const char *const test[7*2] = {
67  "", "d41d8cd98f00b204e9800998ecf8427e",
68  "a", "0cc175b9c0f1b6a831c399e269772661",
69  "abc", "900150983cd24fb0d6963f7d28e17f72",
70  "message digest", "f96b697d7cb7938d525a2f31aaf161d0",
71  "abcdefghijklmnopqrstuvwxyz", "c3fcd3d76192e4007dfb496cca67e13b",
72  "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
73  "d174ab98d277d9f5a5611c2c9f419d9f",
74  "12345678901234567890123456789012345678901234567890123456789012345678901234567890", "57edf4a22be3c955ac49da2e2107b67a"
75  };
76  int i;
77 
78  for (i = 0; i < 7*2; i += 2) {
79  MD5_CTX state;
80  uint8_t digest[16];
81  char hex_output[16*2 + 1];
82  int di;
83 
84  MD5_Init(&state);
85  MD5_Update(&state, (const uint8_t *)test[i], strlen(test[i]));
86  MD5_Final(digest, &state);
87  printf("MD5 (\"%s\") = ", test[i]);
88  for (di = 0; di < 16; ++di)
89  sprintf(hex_output + di * 2, "%02x", digest[di]);
90  puts(hex_output);
91  if (strcmp(hex_output, test[i + 1]))
92  printf("**** ERROR, should be: %s\n", test[i + 1]);
93  }
94  return 0;
95 }
96 #endif /* TEST */
97 
98 
99 /*
100  * For reference, here is the program that computed the T values.
101  */
102 #ifdef COMPUTE_T_VALUES
103 #include <math.h>
104 int
105 main()
106 {
107  int i;
108  for (i = 1; i <= 64; ++i) {
109  unsigned long v = (unsigned long)(4294967296.0 * fabs(sin((double)i)));
110 
111  /*
112  * The following nonsense is only to avoid compiler warnings about
113  * "integer constant is unsigned in ANSI C, signed with -traditional".
114  */
115  if (v >> 31) {
116  printf("#define T%d /* 0x%08lx */ (T_MASK ^ 0x%08lx)\n", i,
117  v, (unsigned long)(unsigned int)(~v));
118  } else {
119  printf("#define T%d 0x%08lx\n", i, v);
120  }
121  }
122  return 0;
123 }
124 #endif /* COMPUTE_T_VALUES */
125 /*
126  * End of T computation program.
127  */
128 #ifdef T_MASK
129 #undef T_MASK
130 #endif
131 #define T_MASK ((uint32_t)~0)
132 #define T1 /* 0xd76aa478 */ (T_MASK ^ 0x28955b87)
133 #define T2 /* 0xe8c7b756 */ (T_MASK ^ 0x173848a9)
134 #define T3 0x242070db
135 #define T4 /* 0xc1bdceee */ (T_MASK ^ 0x3e423111)
136 #define T5 /* 0xf57c0faf */ (T_MASK ^ 0x0a83f050)
137 #define T6 0x4787c62a
138 #define T7 /* 0xa8304613 */ (T_MASK ^ 0x57cfb9ec)
139 #define T8 /* 0xfd469501 */ (T_MASK ^ 0x02b96afe)
140 #define T9 0x698098d8
141 #define T10 /* 0x8b44f7af */ (T_MASK ^ 0x74bb0850)
142 #define T11 /* 0xffff5bb1 */ (T_MASK ^ 0x0000a44e)
143 #define T12 /* 0x895cd7be */ (T_MASK ^ 0x76a32841)
144 #define T13 0x6b901122
145 #define T14 /* 0xfd987193 */ (T_MASK ^ 0x02678e6c)
146 #define T15 /* 0xa679438e */ (T_MASK ^ 0x5986bc71)
147 #define T16 0x49b40821
148 #define T17 /* 0xf61e2562 */ (T_MASK ^ 0x09e1da9d)
149 #define T18 /* 0xc040b340 */ (T_MASK ^ 0x3fbf4cbf)
150 #define T19 0x265e5a51
151 #define T20 /* 0xe9b6c7aa */ (T_MASK ^ 0x16493855)
152 #define T21 /* 0xd62f105d */ (T_MASK ^ 0x29d0efa2)
153 #define T22 0x02441453
154 #define T23 /* 0xd8a1e681 */ (T_MASK ^ 0x275e197e)
155 #define T24 /* 0xe7d3fbc8 */ (T_MASK ^ 0x182c0437)
156 #define T25 0x21e1cde6
157 #define T26 /* 0xc33707d6 */ (T_MASK ^ 0x3cc8f829)
158 #define T27 /* 0xf4d50d87 */ (T_MASK ^ 0x0b2af278)
159 #define T28 0x455a14ed
160 #define T29 /* 0xa9e3e905 */ (T_MASK ^ 0x561c16fa)
161 #define T30 /* 0xfcefa3f8 */ (T_MASK ^ 0x03105c07)
162 #define T31 0x676f02d9
163 #define T32 /* 0x8d2a4c8a */ (T_MASK ^ 0x72d5b375)
164 #define T33 /* 0xfffa3942 */ (T_MASK ^ 0x0005c6bd)
165 #define T34 /* 0x8771f681 */ (T_MASK ^ 0x788e097e)
166 #define T35 0x6d9d6122
167 #define T36 /* 0xfde5380c */ (T_MASK ^ 0x021ac7f3)
168 #define T37 /* 0xa4beea44 */ (T_MASK ^ 0x5b4115bb)
169 #define T38 0x4bdecfa9
170 #define T39 /* 0xf6bb4b60 */ (T_MASK ^ 0x0944b49f)
171 #define T40 /* 0xbebfbc70 */ (T_MASK ^ 0x4140438f)
172 #define T41 0x289b7ec6
173 #define T42 /* 0xeaa127fa */ (T_MASK ^ 0x155ed805)
174 #define T43 /* 0xd4ef3085 */ (T_MASK ^ 0x2b10cf7a)
175 #define T44 0x04881d05
176 #define T45 /* 0xd9d4d039 */ (T_MASK ^ 0x262b2fc6)
177 #define T46 /* 0xe6db99e5 */ (T_MASK ^ 0x1924661a)
178 #define T47 0x1fa27cf8
179 #define T48 /* 0xc4ac5665 */ (T_MASK ^ 0x3b53a99a)
180 #define T49 /* 0xf4292244 */ (T_MASK ^ 0x0bd6ddbb)
181 #define T50 0x432aff97
182 #define T51 /* 0xab9423a7 */ (T_MASK ^ 0x546bdc58)
183 #define T52 /* 0xfc93a039 */ (T_MASK ^ 0x036c5fc6)
184 #define T53 0x655b59c3
185 #define T54 /* 0x8f0ccc92 */ (T_MASK ^ 0x70f3336d)
186 #define T55 /* 0xffeff47d */ (T_MASK ^ 0x00100b82)
187 #define T56 /* 0x85845dd1 */ (T_MASK ^ 0x7a7ba22e)
188 #define T57 0x6fa87e4f
189 #define T58 /* 0xfe2ce6e0 */ (T_MASK ^ 0x01d3191f)
190 #define T59 /* 0xa3014314 */ (T_MASK ^ 0x5cfebceb)
191 #define T60 0x4e0811a1
192 #define T61 /* 0xf7537e82 */ (T_MASK ^ 0x08ac817d)
193 #define T62 /* 0xbd3af235 */ (T_MASK ^ 0x42c50dca)
194 #define T63 0x2ad7d2bb
195 #define T64 /* 0xeb86d391 */ (T_MASK ^ 0x14792c6e)
196 
197 
198 static void
199 md5_process(MD5_CTX *pms, const uint8_t *data /*[64]*/)
200 {
201  uint32_t
202  a = pms->state[0], b = pms->state[1],
203  c = pms->state[2], d = pms->state[3];
204  uint32_t t;
205 
206 #ifdef WORDS_BIGENDIAN
207 
208  /*
209  * On big-endian machines, we must arrange the bytes in the right
210  * order. (This also works on machines of unknown byte order.)
211  */
212  uint32_t X[16];
213  const uint8_t *xp = data;
214  int i;
215 
216  for (i = 0; i < 16; ++i, xp += 4)
217  X[i] = xp[0] + (xp[1] << 8) + (xp[2] << 16) + (xp[3] << 24);
218 
219 #else
220 
221  /*
222  * On little-endian machines, we can process properly aligned data
223  * without copying it.
224  */
225  uint32_t xbuf[16];
226  const uint32_t *X;
227 
228  if (!((data - (const uint8_t *)0) & 3)) {
229  /* data are properly aligned */
230  X = (const uint32_t *)data;
231  } else {
232  /* not aligned */
233  memcpy(xbuf, data, 64);
234  X = xbuf;
235  }
236 #endif
237 
238 #define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32 - (n))))
239 
240  /* Round 1. */
241  /* Let [abcd k s i] denote the operation
242  a = b + ((a + F(b,c,d) + X[k] + T[i]) <<< s). */
243 #define F(x, y, z) (((x) & (y)) | (~(x) & (z)))
244 #define SET(a, b, c, d, k, s, Ti)\
245  t = a + F(b,c,d) + X[k] + Ti;\
246  a = ROTATE_LEFT(t, s) + b
247  /* Do the following 16 operations. */
248  SET(a, b, c, d, 0, 7, T1);
249  SET(d, a, b, c, 1, 12, T2);
250  SET(c, d, a, b, 2, 17, T3);
251  SET(b, c, d, a, 3, 22, T4);
252  SET(a, b, c, d, 4, 7, T5);
253  SET(d, a, b, c, 5, 12, T6);
254  SET(c, d, a, b, 6, 17, T7);
255  SET(b, c, d, a, 7, 22, T8);
256  SET(a, b, c, d, 8, 7, T9);
257  SET(d, a, b, c, 9, 12, T10);
258  SET(c, d, a, b, 10, 17, T11);
259  SET(b, c, d, a, 11, 22, T12);
260  SET(a, b, c, d, 12, 7, T13);
261  SET(d, a, b, c, 13, 12, T14);
262  SET(c, d, a, b, 14, 17, T15);
263  SET(b, c, d, a, 15, 22, T16);
264 #undef SET
265 
266  /* Round 2. */
267  /* Let [abcd k s i] denote the operation
268  a = b + ((a + G(b,c,d) + X[k] + T[i]) <<< s). */
269 #define G(x, y, z) (((x) & (z)) | ((y) & ~(z)))
270 #define SET(a, b, c, d, k, s, Ti)\
271  t = a + G(b,c,d) + X[k] + Ti;\
272  a = ROTATE_LEFT(t, s) + b
273  /* Do the following 16 operations. */
274  SET(a, b, c, d, 1, 5, T17);
275  SET(d, a, b, c, 6, 9, T18);
276  SET(c, d, a, b, 11, 14, T19);
277  SET(b, c, d, a, 0, 20, T20);
278  SET(a, b, c, d, 5, 5, T21);
279  SET(d, a, b, c, 10, 9, T22);
280  SET(c, d, a, b, 15, 14, T23);
281  SET(b, c, d, a, 4, 20, T24);
282  SET(a, b, c, d, 9, 5, T25);
283  SET(d, a, b, c, 14, 9, T26);
284  SET(c, d, a, b, 3, 14, T27);
285  SET(b, c, d, a, 8, 20, T28);
286  SET(a, b, c, d, 13, 5, T29);
287  SET(d, a, b, c, 2, 9, T30);
288  SET(c, d, a, b, 7, 14, T31);
289  SET(b, c, d, a, 12, 20, T32);
290 #undef SET
291 
292  /* Round 3. */
293  /* Let [abcd k s t] denote the operation
294  a = b + ((a + H(b,c,d) + X[k] + T[i]) <<< s). */
295 #define H(x, y, z) ((x) ^ (y) ^ (z))
296 #define SET(a, b, c, d, k, s, Ti)\
297  t = a + H(b,c,d) + X[k] + Ti;\
298  a = ROTATE_LEFT(t, s) + b
299  /* Do the following 16 operations. */
300  SET(a, b, c, d, 5, 4, T33);
301  SET(d, a, b, c, 8, 11, T34);
302  SET(c, d, a, b, 11, 16, T35);
303  SET(b, c, d, a, 14, 23, T36);
304  SET(a, b, c, d, 1, 4, T37);
305  SET(d, a, b, c, 4, 11, T38);
306  SET(c, d, a, b, 7, 16, T39);
307  SET(b, c, d, a, 10, 23, T40);
308  SET(a, b, c, d, 13, 4, T41);
309  SET(d, a, b, c, 0, 11, T42);
310  SET(c, d, a, b, 3, 16, T43);
311  SET(b, c, d, a, 6, 23, T44);
312  SET(a, b, c, d, 9, 4, T45);
313  SET(d, a, b, c, 12, 11, T46);
314  SET(c, d, a, b, 15, 16, T47);
315  SET(b, c, d, a, 2, 23, T48);
316 #undef SET
317 
318  /* Round 4. */
319  /* Let [abcd k s t] denote the operation
320  a = b + ((a + I(b,c,d) + X[k] + T[i]) <<< s). */
321 #define I(x, y, z) ((y) ^ ((x) | ~(z)))
322 #define SET(a, b, c, d, k, s, Ti)\
323  t = a + I(b,c,d) + X[k] + Ti;\
324  a = ROTATE_LEFT(t, s) + b
325  /* Do the following 16 operations. */
326  SET(a, b, c, d, 0, 6, T49);
327  SET(d, a, b, c, 7, 10, T50);
328  SET(c, d, a, b, 14, 15, T51);
329  SET(b, c, d, a, 5, 21, T52);
330  SET(a, b, c, d, 12, 6, T53);
331  SET(d, a, b, c, 3, 10, T54);
332  SET(c, d, a, b, 10, 15, T55);
333  SET(b, c, d, a, 1, 21, T56);
334  SET(a, b, c, d, 8, 6, T57);
335  SET(d, a, b, c, 15, 10, T58);
336  SET(c, d, a, b, 6, 15, T59);
337  SET(b, c, d, a, 13, 21, T60);
338  SET(a, b, c, d, 4, 6, T61);
339  SET(d, a, b, c, 11, 10, T62);
340  SET(c, d, a, b, 2, 15, T63);
341  SET(b, c, d, a, 9, 21, T64);
342 #undef SET
343 
344  /* Then perform the following additions. (That is increment each
345  of the four registers by the value it had before this block
346  was started.) */
347  pms->state[0] += a;
348  pms->state[1] += b;
349  pms->state[2] += c;
350  pms->state[3] += d;
351 }
352 
353 void
355 {
356  pms->count[0] = pms->count[1] = 0;
357  pms->state[0] = 0x67452301;
358  pms->state[1] = /*0xefcdab89*/ T_MASK ^ 0x10325476;
359  pms->state[2] = /*0x98badcfe*/ T_MASK ^ 0x67452301;
360  pms->state[3] = 0x10325476;
361 }
362 
363 void
364 MD5_Update(MD5_CTX *pms, const uint8_t *data, size_t nbytes)
365 {
366  const uint8_t *p = data;
367  size_t left = nbytes;
368  size_t offset = (pms->count[0] >> 3) & 63;
369  uint32_t nbits = (uint32_t)(nbytes << 3);
370 
371  if (nbytes <= 0)
372  return;
373 
374  /* Update the message length. */
375  pms->count[1] += nbytes >> 29;
376  pms->count[0] += nbits;
377  if (pms->count[0] < nbits)
378  pms->count[1]++;
379 
380  /* Process an initial partial block. */
381  if (offset) {
382  size_t copy = (offset + nbytes > 64 ? 64 - offset : nbytes);
383 
384  memcpy(pms->buffer + offset, p, copy);
385  if (offset + copy < 64)
386  return;
387  p += copy;
388  left -= copy;
389  md5_process(pms, pms->buffer);
390  }
391 
392  /* Process full blocks. */
393  for (; left >= 64; p += 64, left -= 64)
394  md5_process(pms, p);
395 
396  /* Process a final partial block. */
397  if (left)
398  memcpy(pms->buffer, p, left);
399 }
400 
401 void
402 MD5_Finish(MD5_CTX *pms, uint8_t *digest)
403 {
404  static const uint8_t pad[64] = {
405  0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
406  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
407  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
408  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
409  };
410  uint8_t data[8];
411  size_t i;
412 
413  /* Save the length before padding. */
414  for (i = 0; i < 8; ++i)
415  data[i] = (uint8_t)(pms->count[i >> 2] >> ((i & 3) << 3));
416  /* Pad to 56 bytes mod 64. */
417  MD5_Update(pms, pad, ((55 - (pms->count[0] >> 3)) & 63) + 1);
418  /* Append the length. */
419  MD5_Update(pms, data, 8);
420  for (i = 0; i < 16; ++i)
421  digest[i] = (uint8_t)(pms->state[i >> 2] >> ((i & 3) << 3));
422 }
423