PD version of md5(3) based on code written by Colin Plumb.

20 years ago · 95118666b1
--- a/src/include/md5.h
+++ b/src/include/md5.h
@ -1,55 +1,42 @@
 /* MD5.H - header file for MD5C.C
 * $OpenBSD: md5.h,v 1.11 2003/10/07 22:17:27 avsm Exp $
 */

 /* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
 rights reserved.

 License to copy and use this software is granted provided that it
 is identified as the "RSA Data Security, Inc. MD5 Message-Digest
 Algorithm" in all material mentioning or referencing this software
 or this function.

 License is also granted to make and use derivative works provided
 that such works are identified as "derived from the RSA Data
 Security, Inc. MD5 Message-Digest Algorithm" in all material
 mentioning or referencing the derived work.

 RSA Data Security, Inc. makes no representations concerning either
 the merchantability of this software or the suitability of this
 software for any particular purpose. It is provided "as is"
 without express or implied warranty of any kind.

 These notices must be retained in any copies of any part of this
 documentation and/or software.
 /*	$OpenBSD: md5.h,v 1.12 2004/04/28 16:46:02 millert Exp $	*/

 /*
 * This code implements the MD5 message-digest algorithm.
 * The algorithm is due to Ron Rivest.  This code was
 * written by Colin Plumb in 1993, no copyright is claimed.
 * This code is in the public domain; do with it what you wish.
 *
 * Equivalent code is available from RSA Data Security, Inc.
 * This code has been tested against that, and is equivalent,
 * except that you don't need to include two pages of legalese
 * with every copy.
 */

 #ifndef _MD5_H_
 #define _MD5_H_

 /* MD5 context. */
 typedef struct MD5Context {
    u_int32_t state[4];		/* state (ABCD) */
    u_int64_t count;		/* number of bits, modulo 2^64 */
    unsigned char buffer[64];	/* input buffer */
 	u_int32_t buf[4];			/* state */
 	u_int32_t bits[2];			/* number of bits, mod 2^64 */
 	unsigned char in[64];	/* input buffer */
 } MD5_CTX;

 #include <sys/cdefs.h>

 __BEGIN_DECLS
 void   MD5Init(MD5_CTX *);
 void   MD5Update(MD5_CTX *, const unsigned char *, size_t)
 void	 MD5Init(MD5_CTX *);
 void	 MD5Update(MD5_CTX *, const u_int8_t *, size_t)
 		__attribute__((__bounded__(__string__,2,3)));
 void   MD5Final(unsigned char [16], MD5_CTX *)
 void	 MD5Final(u_int8_t [16], MD5_CTX *)
 		__attribute__((__bounded__(__minbytes__,1,16)));
 void   MD5Transform(u_int32_t [4], const unsigned char [64])
 void	 MD5Transform(u_int32_t [4], const u_int8_t [64])
 		__attribute__((__bounded__(__minbytes__,1,4)))
 		__attribute__((__bounded__(__minbytes__,2,64)));
 char * MD5End(MD5_CTX *, char *)
 char	*MD5End(MD5_CTX *, char [33])
 		__attribute__((__bounded__(__minbytes__,2,33)));
 char * MD5File(char *, char *)
 char	*MD5File(char *, char [33])
 		__attribute__((__bounded__(__minbytes__,2,33)));
 char * MD5Data(const unsigned char *, size_t, char *)
 char	*MD5Data(const u_int8_t *, size_t, char [33])
 		__attribute__((__bounded__(__string__,1,2)))
 		__attribute__((__bounded__(__minbytes__,3,33)));
 __END_DECLS
--- a/src/lib/libc/hash/md5.c
+++ b/src/lib/libc/hash/md5.c
@ -0,0 +1,258 @@
 /*	$OpenBSD: md5.c,v 1.1 2004/04/28 16:46:03 millert Exp $	*/

 /*
 * This code implements the MD5 message-digest algorithm.
 * The algorithm is due to Ron Rivest.	This code was
 * written by Colin Plumb in 1993, no copyright is claimed.
 * This code is in the public domain; do with it what you wish.
 *
 * Equivalent code is available from RSA Data Security, Inc.
 * This code has been tested against that, and is equivalent,
 * except that you don't need to include two pages of legalese
 * with every copy.
 *
 * To compute the message digest of a chunk of bytes, declare an
 * MD5Context structure, pass it to MD5Init, call MD5Update as
 * needed on buffers full of bytes, and then call MD5Final, which
 * will fill a supplied 16-byte array with the digest.
 */

 #if defined(LIBC_SCCS) && !defined(lint)
 static const char rcsid[] = "$OpenBSD: md5.c,v 1.1 2004/04/28 16:46:03 millert Exp $";
 #endif /* LIBC_SCCS and not lint */

 #include <sys/types.h>
 #include <string.h>
 #include <md5.h>

 #if BYTE_ORDER == LITTLE_ENDIAN
 #define htole32n(buf, n)	/* Nothing */
 #else
 /*
 * Note: this code is harmless on little-endian machines.
 * XXX - unroll calls to htole32n -> htole32?
 */
 void
 htole32n(u_int32_t *buf, size_t n)
 {
 	while (n--) {
 		*buf = htole32(*buf);
 		buf++;
 	}
 }
 #endif

 /*
 * Start MD5 accumulation.  Set bit count to 0 and buffer to mysterious
 * initialization constants.
 */
 void
 MD5Init(MD5_CTX *ctx)
 {
 	ctx->buf[0] = 0x67452301;
 	ctx->buf[1] = 0xefcdab89;
 	ctx->buf[2] = 0x98badcfe;
 	ctx->buf[3] = 0x10325476;

 	ctx->bits[0] = 0;
 	ctx->bits[1] = 0;
 }

 /*
 * Update context to reflect the concatenation of another buffer full
 * of bytes.
 */
 void
 MD5Update(MD5_CTX *ctx, const unsigned char *buf, size_t len)
 {
 	u_int32_t t;

 	/* Update bitcount */

 	t = ctx->bits[0];
 	if ((ctx->bits[0] = t + ((u_int32_t)len << 3)) < t)
 		ctx->bits[1]++; 	/* Carry from low to high */
 	ctx->bits[1] += len >> 29;

 	t = (t >> 3) & 0x3f;	/* Bytes already in shsInfo->data */

 	/* Handle any leading odd-sized chunks */

 	if (t) {
 		unsigned char *p = (unsigned char *)ctx->in + t;

 		t = 64 - t;
 		if (len < t) {
 			memcpy(p, buf, len);
 			return;
 		}
 		memcpy(p, buf, t);
 		htole32n((u_int32_t *)ctx->in, 16);
 		MD5Transform(ctx->buf, ctx->in);
 		buf += t;
 		len -= t;
 	}

 	/* Process data in 64-byte chunks */
 	while (len >= 64) {
 		memcpy(ctx->in, buf, 64);
 		htole32n((u_int32_t *)ctx->in, 16);
 		MD5Transform(ctx->buf, ctx->in);
 		buf += 64;
 		len -= 64;
 	}

 	/* Handle any remaining bytes of data. */
 	memcpy(ctx->in, buf, len);
 }

 /*
 * Final wrapup - pad to 64-byte boundary with the bit pattern 
 * 1 0* (64-bit count of bits processed, MSB-first)
 */
 void
 MD5Final(unsigned char digest[16], MD5_CTX *ctx)
 {
 	size_t count;
 	unsigned char *p;

 	/* number of bytes mod 64 */
 	count = (ctx->bits[0] >> 3) & 0x3F;

 	/*
 	 * Set the first char of padding to 0x80.
 	 * This is safe since there is always at least one byte free.
 	 */
 	p = ctx->in + count;
 	*p++ = 0x80;

 	/* Bytes of padding needed to make 64 bytes */
 	count = 64 - 1 - count;

 	/* Pad out to 56 mod 64 */
 	if (count < 8) {
 		/* Two lots of padding:  Pad the first block to 64 bytes */
 		memset(p, 0, count);
 		htole32n((u_int32_t *)ctx->in, 16);
 		MD5Transform(ctx->buf, ctx->in);

 		/* Now fill the next block with 56 bytes */
 		memset(ctx->in, 0, 56);
 	} else {
 		/* Pad block to 56 bytes */
 		memset(p, 0, count - 8);
 	}
 	htole32n((u_int32_t *)ctx->in, 14);

 	/* Append length in bits and transform */
 	((u_int32_t *) ctx->in)[14] = ctx->bits[0];
 	((u_int32_t *) ctx->in)[15] = ctx->bits[1];

 	MD5Transform(ctx->buf, ctx->in);
 	htole32n(ctx->buf, 4);
 	memcpy(digest, ctx->buf, 16);
 	memset(ctx, 0, sizeof(ctx));        /* In case it's sensitive */
 }


 /* The four core functions - F1 is optimized somewhat */

 /* #define F1(x, y, z) (x & y | ~x & z) */
 #define F1(x, y, z) (z ^ (x & (y ^ z)))
 #define F2(x, y, z) F1(z, x, y)
 #define F3(x, y, z) (x ^ y ^ z)
 #define F4(x, y, z) (y ^ (x | ~z))

 /* This is the central step in the MD5 algorithm. */
 #define MD5STEP(f, w, x, y, z, data, s) \
 	( w += f(x, y, z) + data,  w = w<<s | w>>(32-s),  w += x )

 /*
 * The core of the MD5 algorithm, this alters an existing MD5 hash to
 * reflect the addition of 16 longwords of new data.  MD5Update blocks
 * the data and converts bytes into longwords for this routine.
 */
 void
 MD5Transform(u_int32_t buf[4], const unsigned char inc[64])
 {
 	u_int32_t a, b, c, d;
 	const u_int32_t *in = (const u_int32_t *)inc;

 	a = buf[0];
 	b = buf[1];
 	c = buf[2];
 	d = buf[3];

 	MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478, 7);
 	MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756, 12);
 	MD5STEP(F1, c, d, a, b, in[2] + 0x242070db, 17);
 	MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceee, 22);
 	MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0faf, 7);
 	MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62a, 12);
 	MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613, 17);
 	MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501, 22);
 	MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8, 7);
 	MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7af, 12);
 	MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1, 17);
 	MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7be, 22);
 	MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122, 7);
 	MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193, 12);
 	MD5STEP(F1, c, d, a, b, in[14] + 0xa679438e, 17);
 	MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821, 22);

 	MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562, 5);
 	MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340, 9);
 	MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51, 14);
 	MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20);
 	MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105d, 5);
 	MD5STEP(F2, d, a, b, c, in[10] + 0x02441453, 9);
 	MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681, 14);
 	MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20);
 	MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6, 5);
 	MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6, 9);
 	MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87, 14);
 	MD5STEP(F2, b, c, d, a, in[8] + 0x455a14ed, 20);
 	MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905, 5);
 	MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8, 9);
 	MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9, 14);
 	MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20);

 	MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942, 4);
 	MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681, 11);
 	MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122, 16);
 	MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380c, 23);
 	MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44, 4);
 	MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9, 11);
 	MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60, 16);
 	MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70, 23);
 	MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6, 4);
 	MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127fa, 11);
 	MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085, 16);
 	MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05, 23);
 	MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039, 4);
 	MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5, 11);
 	MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8, 16);
 	MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665, 23);

 	MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244, 6);
 	MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97, 10);
 	MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7, 15);
 	MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039, 21);
 	MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3, 6);
 	MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92, 10);
 	MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47d, 15);
 	MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1, 21);
 	MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4f, 6);
 	MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10);
 	MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314, 15);
 	MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1, 21);
 	MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82, 6);
 	MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235, 10);
 	MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15);
 	MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391, 21);

 	buf[0] += a;
 	buf[1] += b;
 	buf[2] += c;
 	buf[3] += d;
 }