xref: /haiku/src/kits/shared/md5.cpp (revision 16ad15142c48ee36cd6a807a24efc99c88d4310d) 
1 /*
2  * This is an OpenSSL-compatible implementation of the RSA Data Security, Inc.
3  * MD5 Message-Digest Algorithm (RFC 1321).
4  *
5  * Homepage:
6  * http://openwall.info/wiki/people/solar/software/public-domain-source-code/md5
7  *
8  * Author:
9  * Alexander Peslyak, better known as Solar Designer <solar at openwall.com>
10  *
11  * This software was written by Alexander Peslyak in 2001.  No copyright is
12  * claimed, and the software is hereby placed in the public domain.
13  * In case this attempt to disclaim copyright and place the software in the
14  * public domain is deemed null and void, then the software is
15  * Copyright (c) 2001 Alexander Peslyak and it is hereby released to the
16  * general public under the following terms:
17  *
18  * Redistribution and use in source and binary forms, with or without
19  * modification, are permitted.
20  *
21  * There's ABSOLUTELY NO WARRANTY, express or implied.
22  *
23  * (This is a heavily cut-down "BSD license".)
24  *
25  * This differs from Colin Plumb's older public domain implementation in that
26  * no exactly 32-bit integer data type is required (any 32-bit or wider
27  * unsigned integer data type will do), there's no compile-time endianness
28  * configuration, and the function prototypes match OpenSSL's.  No code from
29  * Colin Plumb's implementation has been reused; this comment merely compares
30  * the properties of the two independent implementations.
31  *
32  * The primary goals of this implementation are portability and ease of use.
33  * It is meant to be fast, but not as fast as possible.  Some known
34  * optimizations are not included to reduce source code size and avoid
35  * compile-time configuration.
36  */
37 
38 
39 #include "md5.h"
40 
41 #include <string.h>
42 
43 
44 /*
45  * The basic MD5 functions.
46  *
47  * F and G are optimized compared to their RFC 1321 definitions for
48  * architectures that lack an AND-NOT instruction, just like in Colin Plumb's
49  * implementation.
50  */
51 #define F(x, y, z)			((z) ^ ((x) & ((y) ^ (z))))
52 #define G(x, y, z)			((y) ^ ((z) & ((x) ^ (y))))
53 #define H(x, y, z)			((x) ^ (y) ^ (z))
54 #define I(x, y, z)			((y) ^ ((x) | ~(z)))
55 
56 /*
57  * The MD5 transformation for all four rounds.
58  */
59 #define STEP(f, a, b, c, d, x, t, s) \
60 	(a) += f((b), (c), (d)) + (x) + (t); \
61 	(a) = (((a) << (s)) | (((a) & 0xffffffff) >> (32 - (s)))); \
62 	(a) += (b);
63 
64 /*
65  * SET reads 4 input bytes in little-endian byte order and stores them
66  * in a properly aligned word in host byte order.
67  *
68  * The check for little-endian architectures that tolerate unaligned
69  * memory accesses is just an optimization.  Nothing will break if it
70  * doesn't work.
71  */
72 #if defined(__i386__) || defined(__x86_64__) || defined(__vax__)
73 #define SET(n) \
74 	(*(MD5_u32plus *)&ptr[(n) * 4])
75 #define GET(n) \
76 	SET(n)
77 #else
78 #define SET(n) \
79 	(ctx->block[(n)] = \
80 	(MD5_u32plus)ptr[(n) * 4] | \
81 	((MD5_u32plus)ptr[(n) * 4 + 1] << 8) | \
82 	((MD5_u32plus)ptr[(n) * 4 + 2] << 16) | \
83 	((MD5_u32plus)ptr[(n) * 4 + 3] << 24))
84 #define GET(n) \
85 	(ctx->block[(n)])
86 #endif
87 
88 
89 namespace BPrivate {
90 
91 /*
92  * This processes one or more 64-byte data blocks, but does NOT update
93  * the bit counters.  There are no alignment requirements.
94  */
95 static const void *body(MD5_CTX *ctx, const void *data, unsigned long size)
96 {
97 	const unsigned char *ptr;
98 	MD5_u32plus a, b, c, d;
99 	MD5_u32plus saved_a, saved_b, saved_c, saved_d;
100 
101 	ptr = (const unsigned char*)data;
102 
103 	a = ctx->a;
104 	b = ctx->b;
105 	c = ctx->c;
106 	d = ctx->d;
107 
108 	do {
109 		saved_a = a;
110 		saved_b = b;
111 		saved_c = c;
112 		saved_d = d;
113 
114 /* Round 1 */
115 		STEP(F, a, b, c, d, SET(0), 0xd76aa478, 7)
116 		STEP(F, d, a, b, c, SET(1), 0xe8c7b756, 12)
117 		STEP(F, c, d, a, b, SET(2), 0x242070db, 17)
118 		STEP(F, b, c, d, a, SET(3), 0xc1bdceee, 22)
119 		STEP(F, a, b, c, d, SET(4), 0xf57c0faf, 7)
120 		STEP(F, d, a, b, c, SET(5), 0x4787c62a, 12)
121 		STEP(F, c, d, a, b, SET(6), 0xa8304613, 17)
122 		STEP(F, b, c, d, a, SET(7), 0xfd469501, 22)
123 		STEP(F, a, b, c, d, SET(8), 0x698098d8, 7)
124 		STEP(F, d, a, b, c, SET(9), 0x8b44f7af, 12)
125 		STEP(F, c, d, a, b, SET(10), 0xffff5bb1, 17)
126 		STEP(F, b, c, d, a, SET(11), 0x895cd7be, 22)
127 		STEP(F, a, b, c, d, SET(12), 0x6b901122, 7)
128 		STEP(F, d, a, b, c, SET(13), 0xfd987193, 12)
129 		STEP(F, c, d, a, b, SET(14), 0xa679438e, 17)
130 		STEP(F, b, c, d, a, SET(15), 0x49b40821, 22)
131 
132 /* Round 2 */
133 		STEP(G, a, b, c, d, GET(1), 0xf61e2562, 5)
134 		STEP(G, d, a, b, c, GET(6), 0xc040b340, 9)
135 		STEP(G, c, d, a, b, GET(11), 0x265e5a51, 14)
136 		STEP(G, b, c, d, a, GET(0), 0xe9b6c7aa, 20)
137 		STEP(G, a, b, c, d, GET(5), 0xd62f105d, 5)
138 		STEP(G, d, a, b, c, GET(10), 0x02441453, 9)
139 		STEP(G, c, d, a, b, GET(15), 0xd8a1e681, 14)
140 		STEP(G, b, c, d, a, GET(4), 0xe7d3fbc8, 20)
141 		STEP(G, a, b, c, d, GET(9), 0x21e1cde6, 5)
142 		STEP(G, d, a, b, c, GET(14), 0xc33707d6, 9)
143 		STEP(G, c, d, a, b, GET(3), 0xf4d50d87, 14)
144 		STEP(G, b, c, d, a, GET(8), 0x455a14ed, 20)
145 		STEP(G, a, b, c, d, GET(13), 0xa9e3e905, 5)
146 		STEP(G, d, a, b, c, GET(2), 0xfcefa3f8, 9)
147 		STEP(G, c, d, a, b, GET(7), 0x676f02d9, 14)
148 		STEP(G, b, c, d, a, GET(12), 0x8d2a4c8a, 20)
149 
150 /* Round 3 */
151 		STEP(H, a, b, c, d, GET(5), 0xfffa3942, 4)
152 		STEP(H, d, a, b, c, GET(8), 0x8771f681, 11)
153 		STEP(H, c, d, a, b, GET(11), 0x6d9d6122, 16)
154 		STEP(H, b, c, d, a, GET(14), 0xfde5380c, 23)
155 		STEP(H, a, b, c, d, GET(1), 0xa4beea44, 4)
156 		STEP(H, d, a, b, c, GET(4), 0x4bdecfa9, 11)
157 		STEP(H, c, d, a, b, GET(7), 0xf6bb4b60, 16)
158 		STEP(H, b, c, d, a, GET(10), 0xbebfbc70, 23)
159 		STEP(H, a, b, c, d, GET(13), 0x289b7ec6, 4)
160 		STEP(H, d, a, b, c, GET(0), 0xeaa127fa, 11)
161 		STEP(H, c, d, a, b, GET(3), 0xd4ef3085, 16)
162 		STEP(H, b, c, d, a, GET(6), 0x04881d05, 23)
163 		STEP(H, a, b, c, d, GET(9), 0xd9d4d039, 4)
164 		STEP(H, d, a, b, c, GET(12), 0xe6db99e5, 11)
165 		STEP(H, c, d, a, b, GET(15), 0x1fa27cf8, 16)
166 		STEP(H, b, c, d, a, GET(2), 0xc4ac5665, 23)
167 
168 /* Round 4 */
169 		STEP(I, a, b, c, d, GET(0), 0xf4292244, 6)
170 		STEP(I, d, a, b, c, GET(7), 0x432aff97, 10)
171 		STEP(I, c, d, a, b, GET(14), 0xab9423a7, 15)
172 		STEP(I, b, c, d, a, GET(5), 0xfc93a039, 21)
173 		STEP(I, a, b, c, d, GET(12), 0x655b59c3, 6)
174 		STEP(I, d, a, b, c, GET(3), 0x8f0ccc92, 10)
175 		STEP(I, c, d, a, b, GET(10), 0xffeff47d, 15)
176 		STEP(I, b, c, d, a, GET(1), 0x85845dd1, 21)
177 		STEP(I, a, b, c, d, GET(8), 0x6fa87e4f, 6)
178 		STEP(I, d, a, b, c, GET(15), 0xfe2ce6e0, 10)
179 		STEP(I, c, d, a, b, GET(6), 0xa3014314, 15)
180 		STEP(I, b, c, d, a, GET(13), 0x4e0811a1, 21)
181 		STEP(I, a, b, c, d, GET(4), 0xf7537e82, 6)
182 		STEP(I, d, a, b, c, GET(11), 0xbd3af235, 10)
183 		STEP(I, c, d, a, b, GET(2), 0x2ad7d2bb, 15)
184 		STEP(I, b, c, d, a, GET(9), 0xeb86d391, 21)
185 
186 		a += saved_a;
187 		b += saved_b;
188 		c += saved_c;
189 		d += saved_d;
190 
191 		ptr += 64;
192 	} while (size -= 64);
193 
194 	ctx->a = a;
195 	ctx->b = b;
196 	ctx->c = c;
197 	ctx->d = d;
198 
199 	return ptr;
200 }
201 
202 void MD5_Init(MD5_CTX *ctx)
203 {
204 	ctx->a = 0x67452301;
205 	ctx->b = 0xefcdab89;
206 	ctx->c = 0x98badcfe;
207 	ctx->d = 0x10325476;
208 
209 	ctx->lo = 0;
210 	ctx->hi = 0;
211 }
212 
213 void MD5_Update(MD5_CTX *ctx, const void *data, unsigned long size)
214 {
215 	MD5_u32plus saved_lo;
216 	unsigned long used, free;
217 
218 	saved_lo = ctx->lo;
219 	if ((ctx->lo = (saved_lo + size) & 0x1fffffff) < saved_lo)
220 		ctx->hi++;
221 	ctx->hi += size >> 29;
222 
223 	used = saved_lo & 0x3f;
224 
225 	if (used) {
226 		free = 64 - used;
227 
228 		if (size < free) {
229 			memcpy(&ctx->buffer[used], data, size);
230 			return;
231 		}
232 
233 		memcpy(&ctx->buffer[used], data, free);
234 		data = (unsigned char *)data + free;
235 		size -= free;
236 		body(ctx, ctx->buffer, 64);
237 	}
238 
239 	if (size >= 64) {
240 		data = body(ctx, data, size & ~(unsigned long)0x3f);
241 		size &= 0x3f;
242 	}
243 
244 	memcpy(ctx->buffer, data, size);
245 }
246 
247 void MD5_Final(unsigned char *result, MD5_CTX *ctx)
248 {
249 	unsigned long used, free;
250 
251 	used = ctx->lo & 0x3f;
252 
253 	ctx->buffer[used++] = 0x80;
254 
255 	free = 64 - used;
256 
257 	if (free < 8) {
258 		memset(&ctx->buffer[used], 0, free);
259 		body(ctx, ctx->buffer, 64);
260 		used = 0;
261 		free = 64;
262 	}
263 
264 	memset(&ctx->buffer[used], 0, free - 8);
265 
266 	ctx->lo <<= 3;
267 	ctx->buffer[56] = ctx->lo;
268 	ctx->buffer[57] = ctx->lo >> 8;
269 	ctx->buffer[58] = ctx->lo >> 16;
270 	ctx->buffer[59] = ctx->lo >> 24;
271 	ctx->buffer[60] = ctx->hi;
272 	ctx->buffer[61] = ctx->hi >> 8;
273 	ctx->buffer[62] = ctx->hi >> 16;
274 	ctx->buffer[63] = ctx->hi >> 24;
275 
276 	body(ctx, ctx->buffer, 64);
277 
278 	result[0] = ctx->a;
279 	result[1] = ctx->a >> 8;
280 	result[2] = ctx->a >> 16;
281 	result[3] = ctx->a >> 24;
282 	result[4] = ctx->b;
283 	result[5] = ctx->b >> 8;
284 	result[6] = ctx->b >> 16;
285 	result[7] = ctx->b >> 24;
286 	result[8] = ctx->c;
287 	result[9] = ctx->c >> 8;
288 	result[10] = ctx->c >> 16;
289 	result[11] = ctx->c >> 24;
290 	result[12] = ctx->d;
291 	result[13] = ctx->d >> 8;
292 	result[14] = ctx->d >> 16;
293 	result[15] = ctx->d >> 24;
294 
295 	memset(ctx, 0, sizeof(*ctx));
296 }
297 
298 };
299