source/md5.c

   1
   2 /* $Cambridge: exim/exim-src/src/auths/md5.c,v 1.3 2006/02/07 11:19:01 ph10 Exp $ */
   3
   4 /*************************************************
   5  *     Exim - an Internet mail transport agent    *
   6  *************************************************/
   7
   8 /* Copyright (c) University of Cambridge 1995 - 2006 */
   9 /* See the file NOTICE for conditions of use and distribution. */
  10
  11
  12 #include <string.h>
  13 #include <stdio.h>
  14
  15 #include "md5.h"
  16
  17 typedef struct md5 {
  18         unsigned int length;
  19         unsigned int abcd[4];
  20 } md5;
  21
  22
  23
  24 /*************************************************
  25  *        Start off a new MD5 computation.        *
  26  *************************************************/
  27
  28 /*
  29 Argument:  pointer to md5 storage structure
  30 Returns:   nothing
  31 */
  32
  33 static void md5_start(md5 * base) {
  34         base->abcd[0] = 0x67452301;
  35         base->abcd[1] = 0xefcdab89;
  36         base->abcd[2] = 0x98badcfe;
  37         base->abcd[3] = 0x10325476;
  38         base->length = 0;
  39 }
  40
  41
  42
  43 /*************************************************
  44  *       Process another 64-byte block            *
  45  *************************************************/
  46
  47 /* This function implements central part of the algorithm which is described
  48    in RFC 1321.
  49
  50 Arguments:
  51 base       pointer to md5 storage structure
  52 text       pointer to next 64 bytes of subject text
  53
  54 Returns:     nothing
  55 */
  56
  57 static void md5_mid(md5 * base, const unsigned char * text) {
  58         register unsigned int a = base->abcd[0];
  59         register unsigned int b = base->abcd[1];
  60         register unsigned int c = base->abcd[2];
  61         register unsigned int d = base->abcd[3];
  62         int i;
  63         unsigned int X[16];
  64         base->length += 64;
  65
  66         /* Load the 64 bytes into a set of working integers, treating them as 32-bit
  67            numbers in little-endian order. */
  68
  69         for (i = 0; i < 16; i++)
  70         {
  71                 X[i] = (unsigned int)(text[0]) |
  72                         ((unsigned int)(text[1]) << 8) |
  73                         ((unsigned int)(text[2]) << 16) |
  74                         ((unsigned int)(text[3]) << 24);
  75                 text += 4;
  76         }
  77
  78         /* For each round of processing there is a function to be applied. We define it
  79            as a macro each time round. */
  80
  81         /***********************************************
  82          *                    Round 1                   *
  83          *            F(X,Y,Z) = XY v not(X) Z          *
  84          * a = b + ((a + F(b,c,d) + X[k] + T[i]) <<< s) *
  85          ***********************************************/
  86
  87 #define OP(a, b, c, d, k, s, ti) \
  88         a += ((b & c) | (~b & d)) + X[k] + (unsigned int)ti; \
  89         a = b + ((a << s) | (a >> (32 - s)))
  90
  91         OP(a, b, c, d,  0,  7, 0xd76aa478);
  92         OP(d, a, b, c,  1, 12, 0xe8c7b756);
  93         OP(c, d, a, b,  2, 17, 0x242070db);
  94         OP(b, c, d, a,  3, 22, 0xc1bdceee);
  95         OP(a, b, c, d,  4,  7, 0xf57c0faf);
  96         OP(d, a, b, c,  5, 12, 0x4787c62a);
  97         OP(c, d, a, b,  6, 17, 0xa8304613);
  98         OP(b, c, d, a,  7, 22, 0xfd469501);
  99         OP(a, b, c, d,  8,  7, 0x698098d8);
 100         OP(d, a, b, c,  9, 12, 0x8b44f7af);
 101         OP(c, d, a, b, 10, 17, 0xffff5bb1);
 102         OP(b, c, d, a, 11, 22, 0x895cd7be);
 103         OP(a, b, c, d, 12,  7, 0x6b901122);
 104         OP(d, a, b, c, 13, 12, 0xfd987193);
 105         OP(c, d, a, b, 14, 17, 0xa679438e);
 106         OP(b, c, d, a, 15, 22, 0x49b40821);
 107
 108 #undef OP
 109
 110         /***********************************************
 111          *                    Round 2                   *
 112          *            F(X,Y,Z) = XZ v Y not(Z)          *
 113          * a = b + ((a + F(b,c,d) + X[k] + T[i]) <<< s) *
 114          ***********************************************/
 115
 116 #define OP(a, b, c, d, k, s, ti) \
 117         a += ((b & d) | (c & ~d)) + X[k] + (unsigned int)ti; \
 118         a = b + ((a << s) | (a >> (32 - s)))
 119
 120         OP(a, b, c, d,  1,  5, 0xf61e2562);
 121         OP(d, a, b, c,  6,  9, 0xc040b340);
 122         OP(c, d, a, b, 11, 14, 0x265e5a51);
 123         OP(b, c, d, a,  0, 20, 0xe9b6c7aa);
 124         OP(a, b, c, d,  5,  5, 0xd62f105d);
 125         OP(d, a, b, c, 10,  9, 0x02441453);
 126         OP(c, d, a, b, 15, 14, 0xd8a1e681);
 127         OP(b, c, d, a,  4, 20, 0xe7d3fbc8);
 128         OP(a, b, c, d,  9,  5, 0x21e1cde6);
 129         OP(d, a, b, c, 14,  9, 0xc33707d6);
 130         OP(c, d, a, b,  3, 14, 0xf4d50d87);
 131         OP(b, c, d, a,  8, 20, 0x455a14ed);
 132         OP(a, b, c, d, 13,  5, 0xa9e3e905);
 133         OP(d, a, b, c,  2,  9, 0xfcefa3f8);
 134         OP(c, d, a, b,  7, 14, 0x676f02d9);
 135         OP(b, c, d, a, 12, 20, 0x8d2a4c8a);
 136
 137 #undef OP
 138
 139         /***********************************************
 140          *                    Round 3                   *
 141          *            F(X,Y,Z) = X xor Y xor Z          *
 142          * a = b + ((a + F(b,c,d) + X[k] + T[i]) <<< s) *
 143          ***********************************************/
 144
 145 #define OP(a, b, c, d, k, s, ti) \
 146         a += (b ^ c ^ d) + X[k] + (unsigned int)ti; \
 147         a = b + ((a << s) | (a >> (32 - s)))
 148
 149         OP(a, b, c, d,  5,  4, 0xfffa3942);
 150         OP(d, a, b, c,  8, 11, 0x8771f681);
 151         OP(c, d, a, b, 11, 16, 0x6d9d6122);
 152         OP(b, c, d, a, 14, 23, 0xfde5380c);
 153         OP(a, b, c, d,  1,  4, 0xa4beea44);
 154         OP(d, a, b, c,  4, 11, 0x4bdecfa9);
 155         OP(c, d, a, b,  7, 16, 0xf6bb4b60);
 156         OP(b, c, d, a, 10, 23, 0xbebfbc70);
 157         OP(a, b, c, d, 13,  4, 0x289b7ec6);
 158         OP(d, a, b, c,  0, 11, 0xeaa127fa);
 159         OP(c, d, a, b,  3, 16, 0xd4ef3085);
 160         OP(b, c, d, a,  6, 23, 0x04881d05);
 161         OP(a, b, c, d,  9,  4, 0xd9d4d039);
 162         OP(d, a, b, c, 12, 11, 0xe6db99e5);
 163         OP(c, d, a, b, 15, 16, 0x1fa27cf8);
 164         OP(b, c, d, a,  2, 23, 0xc4ac5665);
 165
 166 #undef OP
 167
 168         /***********************************************
 169          *                    Round 4                   *
 170          *          F(X,Y,Z) = Y xor (X v not(Z))       *
 171          * a = b + ((a + F(b,c,d) + X[k] + T[i]) <<< s) *
 172          ***********************************************/
 173
 174 #define OP(a, b, c, d, k, s, ti) \
 175         a += (c ^ (b | ~d)) + X[k] + (unsigned int)ti; \
 176         a = b + ((a << s) | (a >> (32 - s)))
 177
 178         OP(a, b, c, d,  0,  6, 0xf4292244);
 179         OP(d, a, b, c,  7, 10, 0x432aff97);
 180         OP(c, d, a, b, 14, 15, 0xab9423a7);
 181         OP(b, c, d, a,  5, 21, 0xfc93a039);
 182         OP(a, b, c, d, 12,  6, 0x655b59c3);
 183         OP(d, a, b, c,  3, 10, 0x8f0ccc92);
 184         OP(c, d, a, b, 10, 15, 0xffeff47d);
 185         OP(b, c, d, a,  1, 21, 0x85845dd1);
 186         OP(a, b, c, d,  8,  6, 0x6fa87e4f);
 187         OP(d, a, b, c, 15, 10, 0xfe2ce6e0);
 188         OP(c, d, a, b,  6, 15, 0xa3014314);
 189         OP(b, c, d, a, 13, 21, 0x4e0811a1);
 190         OP(a, b, c, d,  4,  6, 0xf7537e82);
 191         OP(d, a, b, c, 11, 10, 0xbd3af235);
 192         OP(c, d, a, b,  2, 15, 0x2ad7d2bb);
 193         OP(b, c, d, a,  9, 21, 0xeb86d391);
 194
 195 #undef OP
 196
 197         /* Add the new values back into the accumulators. */
 198
 199         base->abcd[0] += a;
 200         base->abcd[1] += b;
 201         base->abcd[2] += c;
 202         base->abcd[3] += d;
 203 }
 204
 205
 206
 207
 208 /*************************************************
 209  *     Process the final text string              *
 210  *************************************************/
 211
 212 /* The string may be of any length. It is padded out according to the rules
 213    for computing MD5 digests. The final result is then converted to text form
 214    and returned.
 215
 216 Arguments:
 217 base      pointer to the md5 storage structure
 218 text      pointer to the final text vector
 219 length    length of the final text vector
 220 digest    points to 16 bytes in which to place the result
 221
 222 Returns:    nothing
 223 */
 224
 225 static void md5_end(md5 *base, const unsigned char *text, int length, unsigned char *digest) {
 226         int i;
 227         unsigned char work[64];
 228
 229         /* Process in chunks of 64 until we have less than 64 bytes left. */
 230
 231         while (length >= 64)
 232         {
 233                 md5_mid(base, text);
 234                 text += 64;
 235                 length -= 64;
 236         }
 237
 238         /* If the remaining string contains more than 55 bytes, we must pad it
 239            out to 64, process it, and then set up the final chunk as 56 bytes of
 240            padding. If it has less than 56 bytes, we pad it out to 56 bytes as the
 241            final chunk. */
 242
 243         memcpy(work, text, length);
 244         work[length] = 0x80;
 245
 246         if (length > 55)
 247         {
 248                 memset(work+length+1, 0, 63-length);
 249                 md5_mid(base, work);
 250                 base->length -= 64;
 251                 memset(work, 0, 56);
 252         }
 253         else
 254         {
 255                 memset(work+length+1, 0, 55-length);
 256         }
 257
 258         /* The final 8 bytes of the final chunk are a 64-bit representation of the
 259            length of the input string *bits*, before padding, low order word first, and
 260            low order bytes first in each word. This implementation is designed for short
 261            strings, and so operates with a single int counter only. */
 262
 263         length += base->length;   /* Total length in bytes */
 264         length <<= 3;             /* Total length in bits */
 265
 266         work[56] = (unsigned char) (length         & 0xff);
 267         work[57] = (unsigned char) ((length >>  8) & 0xff);
 268         work[58] = (unsigned char) ((length >> 16) & 0xff);
 269         work[59] = (unsigned char) ((length >> 24) & 0xff);
 270
 271         memset(work+60, 0, 4);
 272
 273         /* Process the final 64-byte chunk */
 274
 275         md5_mid(base, work);
 276
 277         /* Pass back the result, low-order byte first in each word. */
 278
 279         for (i = 0; i < 4; i++)
 280         {
 281                 register int x = base->abcd[i];
 282                 *digest++ = (unsigned char) (x        & 0xff);
 283                 *digest++ = (unsigned char) ((x >>  8) & 0xff);
 284                 *digest++ = (unsigned char) ((x >> 16) & 0xff);
 285                 *digest++ = (unsigned char) ((x >> 24) & 0xff);
 286         }
 287 }
 288
 289 const unsigned char * MD5(const unsigned char * string, unsigned length) {
 290         static unsigned char digest[16];
 291         md5 base;
 292
 293         md5_start(& base);
 294         md5_end(& base, string, length, digest);
 295
 296         return digest;
 297 }