libtinysmb/md4.c

   1 /****************************************************************************
   2  * TinySMB
   3  * Nintendo Wii/GameCube SMB implementation
   4  *
   5  * MD4 message digest
   6  ****************************************************************************/
   7
   8 #include <stdint.h>
   9 #include <string.h>
  10
  11 /* Structure to save state of computation between the single steps.  */
  12 struct md4_ctx
  13 {
  14         uint32_t A;
  15         uint32_t B;
  16         uint32_t C;
  17         uint32_t D;
  18
  19         uint32_t total[2];
  20         uint32_t buflen;
  21         uint32_t buffer[32];
  22 };
  23
  24 # define MD4_DIGEST_SIZE 16
  25
  26 # define SWAP(n)                                                        \
  27   (((n) << 24) | (((n) & 0xff00) << 8) | (((n) >> 8) & 0xff00) | ((n) >> 24))
  28
  29 #define BLOCKSIZE 4096
  30 #if BLOCKSIZE % 64 != 0
  31 # error "invalid BLOCKSIZE"
  32 #endif
  33
  34 /* MD4 round constants */
  35 #define K1 0x5a827999
  36 #define K2 0x6ed9eba1
  37
  38 /* Round functions.  */
  39 #define F(x, y, z) ((z) ^ ((x) & ((y) ^ (z))))
  40 #define G(x, y, z) (((x) & (y)) | ((x) & (z)) | ((y) & (z)))
  41 #define H(x, y, z) ((x) ^ (y) ^ (z))
  42 #define rol(x, n) (((x) << (n)) | ((uint32_t) (x) >> (32 - (n))))
  43 #define R1(a,b,c,d,k,s) a=rol(a+F(b,c,d)+x[k],s);
  44 #define R2(a,b,c,d,k,s) a=rol(a+G(b,c,d)+x[k]+K1,s);
  45 #define R3(a,b,c,d,k,s) a=rol(a+H(b,c,d)+x[k]+K2,s);
  46
  47 /* This array contains the bytes used to pad the buffer to the next
  48  64-byte boundary.  (RFC 1320, 3.1: Step 1)  */
  49 static const unsigned char fillbuf[64] =
  50 { 0x80, 0 /* , 0, 0, ...  */};
  51
  52 /* Initialize structure containing state of computation.
  53  (RFC 1320, 3.3: Step 3)  */
  54 static void md4_init_ctx(struct md4_ctx *ctx)
  55 {
  56         ctx->A = 0x67452301;
  57         ctx->B = 0xefcdab89;
  58         ctx->C = 0x98badcfe;
  59         ctx->D = 0x10325476;
  60
  61         ctx->total[0] = ctx->total[1] = 0;
  62         ctx->buflen = 0;
  63 }
  64
  65 /* Copy the 4 byte value from v into the memory location pointed to by *cp,
  66  If your architecture allows unaligned access this is equivalent to
  67  * (uint32_t *) cp = v  */
  68 static inline void set_uint32(char *cp, uint32_t v)
  69 {
  70         memcpy(cp, &v, sizeof v);
  71 }
  72
  73 /* Put result from CTX in first 16 bytes following RESBUF.  The result
  74  must be in little endian byte order.  */
  75 static void *
  76 md4_read_ctx(const struct md4_ctx *ctx, void *resbuf)
  77 {
  78         char *r = resbuf;
  79         set_uint32(r + 0 * sizeof ctx->A, SWAP (ctx->A));
  80         set_uint32(r + 1 * sizeof ctx->B, SWAP (ctx->B));
  81         set_uint32(r + 2 * sizeof ctx->C, SWAP (ctx->C));
  82         set_uint32(r + 3 * sizeof ctx->D, SWAP (ctx->D));
  83
  84         return resbuf;
  85 }
  86
  87 /* Process LEN bytes of BUFFER, accumulating context into CTX.
  88  It is assumed that LEN % 64 == 0.  */
  89
  90 static void md4_process_block(const void *buffer, size_t len,
  91                 struct md4_ctx *ctx)
  92 {
  93         const uint32_t *words = buffer;
  94         size_t nwords = len / sizeof(uint32_t);
  95         const uint32_t *endp = words + nwords;
  96         uint32_t x[16];
  97         uint32_t A = ctx->A;
  98         uint32_t B = ctx->B;
  99         uint32_t C = ctx->C;
 100         uint32_t D = ctx->D;
 101
 102         /* First increment the byte count.  RFC 1320 specifies the possible
 103          length of the file up to 2^64 bits.  Here we only compute the
 104          number of bytes.  Do a double word increment.  */
 105         ctx->total[0] += len;
 106         if (ctx->total[0] < len)
 107                 ++ctx->total[1];
 108
 109         /* Process all bytes in the buffer with 64 bytes in each round of
 110          the loop.  */
 111         while (words < endp)
 112         {
 113                 int t;
 114                 for (t = 0; t < 16; t++)
 115                 {
 116                         x[t] = SWAP (*words);
 117                         words++;
 118                 }
 119
 120                 /* Round 1.  */
 121                 R1 (A, B, C, D, 0, 3);
 122                 R1 (D, A, B, C, 1, 7);
 123                 R1 (C, D, A, B, 2, 11);
 124                 R1 (B, C, D, A, 3, 19);
 125                 R1 (A, B, C, D, 4, 3);
 126                 R1 (D, A, B, C, 5, 7);
 127                 R1 (C, D, A, B, 6, 11);
 128                 R1 (B, C, D, A, 7, 19);
 129                 R1 (A, B, C, D, 8, 3);
 130                 R1 (D, A, B, C, 9, 7);
 131                 R1 (C, D, A, B, 10, 11);
 132                 R1 (B, C, D, A, 11, 19);
 133                 R1 (A, B, C, D, 12, 3);
 134                 R1 (D, A, B, C, 13, 7);
 135                 R1 (C, D, A, B, 14, 11);
 136                 R1 (B, C, D, A, 15, 19);
 137
 138                 /* Round 2.  */
 139                 R2 (A, B, C, D, 0, 3);
 140                 R2 (D, A, B, C, 4, 5);
 141                 R2 (C, D, A, B, 8, 9);
 142                 R2 (B, C, D, A, 12, 13);
 143                 R2 (A, B, C, D, 1, 3);
 144                 R2 (D, A, B, C, 5, 5);
 145                 R2 (C, D, A, B, 9, 9);
 146                 R2 (B, C, D, A, 13, 13);
 147                 R2 (A, B, C, D, 2, 3);
 148                 R2 (D, A, B, C, 6, 5);
 149                 R2 (C, D, A, B, 10, 9);
 150                 R2 (B, C, D, A, 14, 13);
 151                 R2 (A, B, C, D, 3, 3);
 152                 R2 (D, A, B, C, 7, 5);
 153                 R2 (C, D, A, B, 11, 9);
 154                 R2 (B, C, D, A, 15, 13);
 155
 156                 /* Round 3.  */
 157                 R3 (A, B, C, D, 0, 3);
 158                 R3 (D, A, B, C, 8, 9);
 159                 R3 (C, D, A, B, 4, 11);
 160                 R3 (B, C, D, A, 12, 15);
 161                 R3 (A, B, C, D, 2, 3);
 162                 R3 (D, A, B, C, 10, 9);
 163                 R3 (C, D, A, B, 6, 11);
 164                 R3 (B, C, D, A, 14, 15);
 165                 R3 (A, B, C, D, 1, 3);
 166                 R3 (D, A, B, C, 9, 9);
 167                 R3 (C, D, A, B, 5, 11);
 168                 R3 (B, C, D, A, 13, 15);
 169                 R3 (A, B, C, D, 3, 3);
 170                 R3 (D, A, B, C, 11, 9);
 171                 R3 (C, D, A, B, 7, 11);
 172                 R3 (B, C, D, A, 15, 15);
 173
 174                 A = ctx->A += A;
 175                 B = ctx->B += B;
 176                 C = ctx->C += C;
 177                 D = ctx->D += D;
 178         }
 179 }
 180
 181 /* Process the remaining bytes in the internal buffer and the usual
 182  prolog according to the standard and write the result to RESBUF.  */
 183 static void *
 184 md4_finish_ctx(struct md4_ctx *ctx, void *resbuf)
 185 {
 186         /* Take yet unprocessed bytes into account.  */
 187         uint32_t bytes = ctx->buflen;
 188         size_t pad;
 189
 190         /* Now count remaining bytes.  */
 191         ctx->total[0] += bytes;
 192         if (ctx->total[0] < bytes)
 193                 ++ctx->total[1];
 194
 195         pad = bytes >= 56 ? 64 + 56 - bytes : 56 - bytes;
 196         memcpy(&((char*) ctx->buffer)[bytes], fillbuf, pad);
 197
 198         /* Put the 64-bit file length in *bits* at the end of the buffer.  */
 199         ctx->buffer[(bytes + pad) / 4] = SWAP (ctx->total[0] << 3);
 200         ctx->buffer[(bytes + pad) / 4 + 1] = SWAP ((ctx->total[1] << 3) |
 201                         (ctx->total[0] >> 29));
 202
 203         /* Process last bytes.  */
 204         md4_process_block(ctx->buffer, bytes + pad + 8, ctx);
 205
 206         return md4_read_ctx(ctx, resbuf);
 207 }
 208
 209 static void md4_process_bytes(const void *buffer, size_t len,
 210                 struct md4_ctx *ctx)
 211 {
 212         /* When we already have some bits in our internal buffer concatenate
 213          both inputs first.  */
 214         if (ctx->buflen != 0)
 215         {
 216                 size_t left_over = ctx->buflen;
 217                 size_t add = 128 - left_over > len ? len : 128 - left_over;
 218
 219                 memcpy(&((char*) ctx->buffer)[left_over], buffer, add);
 220                 ctx->buflen += add;
 221
 222                 if (ctx->buflen > 64)
 223                 {
 224                         md4_process_block(ctx->buffer, ctx->buflen & ~63, ctx);
 225
 226                         ctx->buflen &= 63;
 227                         /* The regions in the following copy operation cannot overlap.  */
 228                         memcpy(ctx->buffer,
 229                                         &((char*) ctx->buffer)[(left_over + add) & ~63],
 230                                         ctx->buflen);
 231                 }
 232
 233                 buffer = (const char *) buffer + add;
 234                 len -= add;
 235         }
 236
 237         /* Process available complete blocks.  */
 238         if (len >= 64)
 239         {
 240 #if !_STRING_ARCH_unaligned
 241                 /* To check alignment gcc has an appropriate operator.  Other
 242                  compilers don't.  */
 243 # if __GNUC__ >= 2
 244 #  define UNALIGNED_P(p) (((uintptr_t) p) % __alignof__ (uint32_t) != 0)
 245 # else
 246 #  define alignof(type) offsetof (struct { char c; type x; }, x)
 247 #  define UNALIGNED_P(p) (((size_t) p) % alignof (uint32_t) != 0)
 248 # endif
 249                 if (
 250                                 UNALIGNED_P (buffer))
 251                                 while (len> 64)
 252                                 {
 253                                         md4_process_block (memcpy (ctx->buffer, buffer, 64), 64, ctx);
 254                                         buffer = (const char *) buffer + 64;
 255                                         len -= 64;
 256                                 }
 257                                 else
 258 #endif
 259                                 {
 260                                         md4_process_block (buffer, len & ~63, ctx);
 261                                         buffer = (const char *) buffer + (len & ~63);
 262                                         len &= 63;
 263                                 }
 264                         }
 265
 266         /* Move remaining bytes in internal buffer.  */
 267         if (len > 0)
 268         {
 269                 size_t left_over = ctx->buflen;
 270
 271                 memcpy(&((char*) ctx->buffer)[left_over], buffer, len);
 272                 left_over += len;
 273                 if (left_over >= 64)
 274                 {
 275                         md4_process_block(ctx->buffer, 64, ctx);
 276                         left_over -= 64;
 277                         memcpy(ctx->buffer, &ctx->buffer[16], left_over);
 278                 }
 279                 ctx->buflen = left_over;
 280         }
 281 }
 282
 283 /* Compute MD4 message digest for LEN bytes beginning at BUFFER.  The
 284  result is always in little endian byte order, so that a byte-wise
 285  output yields to the wanted ASCII representation of the message
 286  digest.  */
 287 void *
 288 md4_buffer(const char *buffer, size_t len, void *resblock)
 289 {
 290         struct md4_ctx ctx;
 291
 292         /* Initialize the computation context.  */
 293         md4_init_ctx(&ctx);
 294
 295         /* Process whole buffer but last len % 64 bytes.  */
 296         md4_process_bytes(buffer, len, &ctx);
 297
 298         /* Put result in desired memory area.  */
 299         return md4_finish_ctx(&ctx, resblock);
 300 }