Mercurial > dropbear

comparison md5.c @ 0:d7da3b1e1540 libtomcrypt

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
put back the 0.95 makefile which was inadvertently merged over
author Matt Johnston <matt@ucc.asn.au>
date Mon, 31 May 2004 18:21:40 +0000
parents
children 6362d3854bb4
comparison
equal deleted inserted replaced
-1:000000000000 0:d7da3b1e1540
1 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
2 *
3 * LibTomCrypt is a library that provides various cryptographic
4 * algorithms in a highly modular and flexible manner.
5 *
6 * The library is free for all purposes without any express
7 * guarantee it works.
8 *
9 * Tom St Denis, [email protected], http://libtomcrypt.org
10 */
11
12 /* MD5 hash function by Tom St Denis */
13
14 #include "mycrypt.h"
15
16 #ifdef MD5
17
18 const struct _hash_descriptor md5_desc =
19 {
20 "md5",
21 3,
22 16,
23 64,
24 &md5_init,
25 &md5_process,
26 &md5_done,
27 &md5_test
28 };
29
30 #define F(x,y,z) (z ^ (x & (y ^ z)))
31 #define G(x,y,z) (y ^ (z & (y ^ x)))
32 #define H(x,y,z) (x^y^z)
33 #define I(x,y,z) (y^(x|(~z)))
34
35 #define FF(a,b,c,d,M,s,t) \
36 a = (a + F(b,c,d) + M + t); a = ROL(a, s) + b;
37
38 #define GG(a,b,c,d,M,s,t) \
39 a = (a + G(b,c,d) + M + t); a = ROL(a, s) + b;
40
41 #define HH(a,b,c,d,M,s,t) \
42 a = (a + H(b,c,d) + M + t); a = ROL(a, s) + b;
43
44 #define II(a,b,c,d,M,s,t) \
45 a = (a + I(b,c,d) + M + t); a = ROL(a, s) + b;
46
47 #ifdef CLEAN_STACK
48 static void _md5_compress(hash_state *md, unsigned char *buf)
49 #else
50 static void md5_compress(hash_state *md, unsigned char *buf)
51 #endif
52 {
53 ulong32 i, W[16], a, b, c, d;
54
55 /* copy the state into 512-bits into W[0..15] */
56 for (i = 0; i < 16; i++) {
57 LOAD32L(W[i], buf + (4*i));
58 }
59
60 /* copy state */
61 a = md->md5.state[0];
62 b = md->md5.state[1];
63 c = md->md5.state[2];
64 d = md->md5.state[3];
65
66 FF(a,b,c,d,W[0],7,0xd76aa478UL)
67 FF(d,a,b,c,W[1],12,0xe8c7b756UL)
68 FF(c,d,a,b,W[2],17,0x242070dbUL)
69 FF(b,c,d,a,W[3],22,0xc1bdceeeUL)
70 FF(a,b,c,d,W[4],7,0xf57c0fafUL)
71 FF(d,a,b,c,W[5],12,0x4787c62aUL)
72 FF(c,d,a,b,W[6],17,0xa8304613UL)
73 FF(b,c,d,a,W[7],22,0xfd469501UL)
74 FF(a,b,c,d,W[8],7,0x698098d8UL)
75 FF(d,a,b,c,W[9],12,0x8b44f7afUL)
76 FF(c,d,a,b,W[10],17,0xffff5bb1UL)
77 FF(b,c,d,a,W[11],22,0x895cd7beUL)
78 FF(a,b,c,d,W[12],7,0x6b901122UL)
79 FF(d,a,b,c,W[13],12,0xfd987193UL)
80 FF(c,d,a,b,W[14],17,0xa679438eUL)
81 FF(b,c,d,a,W[15],22,0x49b40821UL)
82 GG(a,b,c,d,W[1],5,0xf61e2562UL)
83 GG(d,a,b,c,W[6],9,0xc040b340UL)
84 GG(c,d,a,b,W[11],14,0x265e5a51UL)
85 GG(b,c,d,a,W[0],20,0xe9b6c7aaUL)
86 GG(a,b,c,d,W[5],5,0xd62f105dUL)
87 GG(d,a,b,c,W[10],9,0x02441453UL)
88 GG(c,d,a,b,W[15],14,0xd8a1e681UL)
89 GG(b,c,d,a,W[4],20,0xe7d3fbc8UL)
90 GG(a,b,c,d,W[9],5,0x21e1cde6UL)
91 GG(d,a,b,c,W[14],9,0xc33707d6UL)
92 GG(c,d,a,b,W[3],14,0xf4d50d87UL)
93 GG(b,c,d,a,W[8],20,0x455a14edUL)
94 GG(a,b,c,d,W[13],5,0xa9e3e905UL)
95 GG(d,a,b,c,W[2],9,0xfcefa3f8UL)
96 GG(c,d,a,b,W[7],14,0x676f02d9UL)
97 GG(b,c,d,a,W[12],20,0x8d2a4c8aUL)
98 HH(a,b,c,d,W[5],4,0xfffa3942UL)
99 HH(d,a,b,c,W[8],11,0x8771f681UL)
100 HH(c,d,a,b,W[11],16,0x6d9d6122UL)
101 HH(b,c,d,a,W[14],23,0xfde5380cUL)
102 HH(a,b,c,d,W[1],4,0xa4beea44UL)
103 HH(d,a,b,c,W[4],11,0x4bdecfa9UL)
104 HH(c,d,a,b,W[7],16,0xf6bb4b60UL)
105 HH(b,c,d,a,W[10],23,0xbebfbc70UL)
106 HH(a,b,c,d,W[13],4,0x289b7ec6UL)
107 HH(d,a,b,c,W[0],11,0xeaa127faUL)
108 HH(c,d,a,b,W[3],16,0xd4ef3085UL)
109 HH(b,c,d,a,W[6],23,0x04881d05UL)
110 HH(a,b,c,d,W[9],4,0xd9d4d039UL)
111 HH(d,a,b,c,W[12],11,0xe6db99e5UL)
112 HH(c,d,a,b,W[15],16,0x1fa27cf8UL)
113 HH(b,c,d,a,W[2],23,0xc4ac5665UL)
114 II(a,b,c,d,W[0],6,0xf4292244UL)
115 II(d,a,b,c,W[7],10,0x432aff97UL)
116 II(c,d,a,b,W[14],15,0xab9423a7UL)
117 II(b,c,d,a,W[5],21,0xfc93a039UL)
118 II(a,b,c,d,W[12],6,0x655b59c3UL)
119 II(d,a,b,c,W[3],10,0x8f0ccc92UL)
120 II(c,d,a,b,W[10],15,0xffeff47dUL)
121 II(b,c,d,a,W[1],21,0x85845dd1UL)
122 II(a,b,c,d,W[8],6,0x6fa87e4fUL)
123 II(d,a,b,c,W[15],10,0xfe2ce6e0UL)
124 II(c,d,a,b,W[6],15,0xa3014314UL)
125 II(b,c,d,a,W[13],21,0x4e0811a1UL)
126 II(a,b,c,d,W[4],6,0xf7537e82UL)
127 II(d,a,b,c,W[11],10,0xbd3af235UL)
128 II(c,d,a,b,W[2],15,0x2ad7d2bbUL)
129 II(b,c,d,a,W[9],21,0xeb86d391UL)
130
131 md->md5.state[0] = md->md5.state[0] + a;
132 md->md5.state[1] = md->md5.state[1] + b;
133 md->md5.state[2] = md->md5.state[2] + c;
134 md->md5.state[3] = md->md5.state[3] + d;
135 }
136
137 #ifdef CLEAN_STACK
138 static void md5_compress(hash_state *md, unsigned char *buf)
139 {
140 _md5_compress(md, buf);
141 burn_stack(sizeof(ulong32) * 21);
142 }
143 #endif
144
145 void md5_init(hash_state * md)
146 {
147 _ARGCHK(md != NULL);
148 md->md5.state[0] = 0x67452301UL;
149 md->md5.state[1] = 0xefcdab89UL;
150 md->md5.state[2] = 0x98badcfeUL;
151 md->md5.state[3] = 0x10325476UL;
152 md->md5.curlen = 0;
153 md->md5.length = 0;
154 }
155
156 HASH_PROCESS(md5_process, md5_compress, md5, 64)
157
158 int md5_done(hash_state * md, unsigned char *hash)
159 {
160 int i;
161
162 _ARGCHK(md != NULL);
163 _ARGCHK(hash != NULL);
164
165 if (md->md5.curlen >= sizeof(md->md5.buf)) {
166 return CRYPT_INVALID_ARG;
167 }
168
169
170 /* increase the length of the message */
171 md->md5.length += md->md5.curlen * 8;
172
173 /* append the '1' bit */
174 md->md5.buf[md->md5.curlen++] = (unsigned char)0x80;
175
176 /* if the length is currently above 56 bytes we append zeros
177 * then compress. Then we can fall back to padding zeros and length
178 * encoding like normal.
179 */
180 if (md->md5.curlen > 56) {
181 while (md->md5.curlen < 64) {
182 md->md5.buf[md->md5.curlen++] = (unsigned char)0;
183 }
184 md5_compress(md, md->md5.buf);
185 md->md5.curlen = 0;
186 }
187
188 /* pad upto 56 bytes of zeroes */
189 while (md->md5.curlen < 56) {
190 md->md5.buf[md->md5.curlen++] = (unsigned char)0;
191 }
192
193 /* store length */
194 STORE64L(md->md5.length, md->md5.buf+56);
195 md5_compress(md, md->md5.buf);
196
197 /* copy output */
198 for (i = 0; i < 4; i++) {
199 STORE32L(md->md5.state[i], hash+(4*i));
200 }
201 #ifdef CLEAN_STACK
202 zeromem(md, sizeof(hash_state));
203 #endif
204 return CRYPT_OK;
205 }
206
207 int md5_test(void)
208 {
209 #ifndef LTC_TEST
210 return CRYPT_NOP;
211 #else
212 static const struct {
213 char *msg;
214 unsigned char hash[16];
215 } tests[] = {
216 { "",
217 { 0xd4, 0x1d, 0x8c, 0xd9, 0x8f, 0x00, 0xb2, 0x04,
218 0xe9, 0x80, 0x09, 0x98, 0xec, 0xf8, 0x42, 0x7e } },
219 { "a",
220 {0x0c, 0xc1, 0x75, 0xb9, 0xc0, 0xf1, 0xb6, 0xa8,
221 0x31, 0xc3, 0x99, 0xe2, 0x69, 0x77, 0x26, 0x61 } },
222 { "abc",
223 { 0x90, 0x01, 0x50, 0x98, 0x3c, 0xd2, 0x4f, 0xb0,
224 0xd6, 0x96, 0x3f, 0x7d, 0x28, 0xe1, 0x7f, 0x72 } },
225 { "message digest",
226 { 0xf9, 0x6b, 0x69, 0x7d, 0x7c, 0xb7, 0x93, 0x8d,
227 0x52, 0x5a, 0x2f, 0x31, 0xaa, 0xf1, 0x61, 0xd0 } },
228 { "abcdefghijklmnopqrstuvwxyz",
229 { 0xc3, 0xfc, 0xd3, 0xd7, 0x61, 0x92, 0xe4, 0x00,
230 0x7d, 0xfb, 0x49, 0x6c, 0xca, 0x67, 0xe1, 0x3b } },
231 { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
232 { 0xd1, 0x74, 0xab, 0x98, 0xd2, 0x77, 0xd9, 0xf5,
233 0xa5, 0x61, 0x1c, 0x2c, 0x9f, 0x41, 0x9d, 0x9f } },
234 { "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
235 { 0x57, 0xed, 0xf4, 0xa2, 0x2b, 0xe3, 0xc9, 0x55,
236 0xac, 0x49, 0xda, 0x2e, 0x21, 0x07, 0xb6, 0x7a } },
237 { NULL, { 0 } }
238 };
239
240 int i;
241 unsigned char tmp[16];
242 hash_state md;
243
244 for (i = 0; tests[i].msg != NULL; i++) {
245 md5_init(&md);
246 md5_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
247 md5_done(&md, tmp);
248 if (memcmp(tmp, tests[i].hash, 16) != 0) {
249 return CRYPT_FAIL_TESTVECTOR;
250 }
251 }
252 return CRYPT_OK;
253 #endif
254 }
255
256 #endif
257
258