root/lib/gnu/md5.c

/* [previous][next][first][last][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. md5_init_ctx
  2. set_uint32
  3. md5_read_ctx
  4. md5_finish_ctx
  5. md5_stream
  6. md5_buffer
  7. md5_process_bytes
  8. md5_process_block

   1 /* Functions to compute MD5 message digest of files or memory blocks.
   2    according to the definition of MD5 in RFC 1321 from April 1992.
   3    Copyright (C) 1995-1997, 1999-2001, 2005-2006, 2008-2020 Free Software
   4    Foundation, Inc.
   5    This file is part of the GNU C Library.
   6 
   7    This program is free software; you can redistribute it and/or modify it
   8    under the terms of the GNU Lesser General Public License as published by the
   9    Free Software Foundation; either version 2.1, or (at your option) any
  10    later version.
  11 
  12    This program is distributed in the hope that it will be useful,
  13    but WITHOUT ANY WARRANTY; without even the implied warranty of
  14    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15    GNU Lesser General Public License for more details.
  16 
  17    You should have received a copy of the GNU Lesser General Public License
  18    along with this program; if not, see <https://www.gnu.org/licenses/>.  */
  19 
  20 /* Written by Ulrich Drepper <drepper@gnu.ai.mit.edu>, 1995.  */
  21 
  22 #include <config.h>
  23 
  24 #if HAVE_OPENSSL_MD5
  25 # define GL_OPENSSL_INLINE _GL_EXTERN_INLINE
  26 #endif
  27 #include "md5.h"
  28 
  29 #include <stdalign.h>
  30 #include <stdint.h>
  31 #include <stdlib.h>
  32 #include <string.h>
  33 #include <sys/types.h>
  34 
  35 #if USE_UNLOCKED_IO
  36 # include "unlocked-io.h"
  37 #endif
  38 
  39 #ifdef _LIBC
  40 # include <endian.h>
  41 # if __BYTE_ORDER == __BIG_ENDIAN
  42 #  define WORDS_BIGENDIAN 1
  43 # endif
  44 /* We need to keep the namespace clean so define the MD5 function
  45    protected using leading __ .  */
  46 # define md5_init_ctx __md5_init_ctx
  47 # define md5_process_block __md5_process_block
  48 # define md5_process_bytes __md5_process_bytes
  49 # define md5_finish_ctx __md5_finish_ctx
  50 # define md5_read_ctx __md5_read_ctx
  51 # define md5_stream __md5_stream
  52 # define md5_buffer __md5_buffer
  53 #endif
  54 
  55 #include <byteswap.h>
  56 #ifdef WORDS_BIGENDIAN
  57 # define SWAP(n) bswap_32 (n)
  58 #else
  59 # define SWAP(n) (n)
  60 #endif
  61 
  62 #define BLOCKSIZE 32768
  63 #if BLOCKSIZE % 64 != 0
  64 # error "invalid BLOCKSIZE"
  65 #endif
  66 
  67 #if ! HAVE_OPENSSL_MD5
  68 /* This array contains the bytes used to pad the buffer to the next
  69    64-byte boundary.  (RFC 1321, 3.1: Step 1)  */
  70 static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ...  */ };
  71 
  72 
  73 /* Initialize structure containing state of computation.
  74    (RFC 1321, 3.3: Step 3)  */
  75 void
  76 md5_init_ctx (struct md5_ctx *ctx)
     /* [previous][next][first][last][top][bottom][index][help] */
  77 {
  78   ctx->A = 0x67452301;
  79   ctx->B = 0xefcdab89;
  80   ctx->C = 0x98badcfe;
  81   ctx->D = 0x10325476;
  82 
  83   ctx->total[0] = ctx->total[1] = 0;
  84   ctx->buflen = 0;
  85 }
  86 
  87 /* Copy the 4 byte value from v into the memory location pointed to by *cp,
  88    If your architecture allows unaligned access this is equivalent to
  89    * (uint32_t *) cp = v  */
  90 static void
  91 set_uint32 (char *cp, uint32_t v)
     /* [previous][next][first][last][top][bottom][index][help] */
  92 {
  93   memcpy (cp, &v, sizeof v);
  94 }
  95 
  96 /* Put result from CTX in first 16 bytes following RESBUF.  The result
  97    must be in little endian byte order.  */
  98 void *
  99 md5_read_ctx (const struct md5_ctx *ctx, void *resbuf)
     /* [previous][next][first][last][top][bottom][index][help] */
 100 {
 101   char *r = resbuf;
 102   set_uint32 (r + 0 * sizeof ctx->A, SWAP (ctx->A));
 103   set_uint32 (r + 1 * sizeof ctx->B, SWAP (ctx->B));
 104   set_uint32 (r + 2 * sizeof ctx->C, SWAP (ctx->C));
 105   set_uint32 (r + 3 * sizeof ctx->D, SWAP (ctx->D));
 106 
 107   return resbuf;
 108 }
 109 
 110 /* Process the remaining bytes in the internal buffer and the usual
 111    prolog according to the standard and write the result to RESBUF.  */
 112 void *
 113 md5_finish_ctx (struct md5_ctx *ctx, void *resbuf)
     /* [previous][next][first][last][top][bottom][index][help] */
 114 {
 115   /* Take yet unprocessed bytes into account.  */
 116   uint32_t bytes = ctx->buflen;
 117   size_t size = (bytes < 56) ? 64 / 4 : 64 * 2 / 4;
 118 
 119   /* Now count remaining bytes.  */
 120   ctx->total[0] += bytes;
 121   if (ctx->total[0] < bytes)
 122     ++ctx->total[1];
 123 
 124   /* Put the 64-bit file length in *bits* at the end of the buffer.  */
 125   ctx->buffer[size - 2] = SWAP (ctx->total[0] << 3);
 126   ctx->buffer[size - 1] = SWAP ((ctx->total[1] << 3) | (ctx->total[0] >> 29));
 127 
 128   memcpy (&((char *) ctx->buffer)[bytes], fillbuf, (size - 2) * 4 - bytes);
 129 
 130   /* Process last bytes.  */
 131   md5_process_block (ctx->buffer, size * 4, ctx);
 132 
 133   return md5_read_ctx (ctx, resbuf);
 134 }
 135 #endif
 136 
 137 #if defined _LIBC || defined GL_COMPILE_CRYPTO_STREAM
 138 
 139 #include "af_alg.h"
 140 
 141 /* Compute MD5 message digest for bytes read from STREAM.  The
 142    resulting message digest number will be written into the 16 bytes
 143    beginning at RESBLOCK.  */
 144 int
 145 md5_stream (FILE *stream, void *resblock)
     /* [previous][next][first][last][top][bottom][index][help] */
 146 {
 147   switch (afalg_stream (stream, "md5", resblock, MD5_DIGEST_SIZE))
 148     {
 149     case 0: return 0;
 150     case -EIO: return 1;
 151     }
 152 
 153   char *buffer = malloc (BLOCKSIZE + 72);
 154   if (!buffer)
 155     return 1;
 156 
 157   struct md5_ctx ctx;
 158   md5_init_ctx (&ctx);
 159   size_t sum;
 160 
 161   /* Iterate over full file contents.  */
 162   while (1)
 163     {
 164       /* We read the file in blocks of BLOCKSIZE bytes.  One call of the
 165          computation function processes the whole buffer so that with the
 166          next round of the loop another block can be read.  */
 167       size_t n;
 168       sum = 0;
 169 
 170       /* Read block.  Take care for partial reads.  */
 171       while (1)
 172         {
 173           /* Either process a partial fread() from this loop,
 174              or the fread() in afalg_stream may have gotten EOF.
 175              We need to avoid a subsequent fread() as EOF may
 176              not be sticky.  For details of such systems, see:
 177              https://sourceware.org/bugzilla/show_bug.cgi?id=1190  */
 178           if (feof (stream))
 179             goto process_partial_block;
 180 
 181           n = fread (buffer + sum, 1, BLOCKSIZE - sum, stream);
 182 
 183           sum += n;
 184 
 185           if (sum == BLOCKSIZE)
 186             break;
 187 
 188           if (n == 0)
 189             {
 190               /* Check for the error flag IFF N == 0, so that we don't
 191                  exit the loop after a partial read due to e.g., EAGAIN
 192                  or EWOULDBLOCK.  */
 193               if (ferror (stream))
 194                 {
 195                   free (buffer);
 196                   return 1;
 197                 }
 198               goto process_partial_block;
 199             }
 200         }
 201 
 202       /* Process buffer with BLOCKSIZE bytes.  Note that
 203          BLOCKSIZE % 64 == 0
 204        */
 205       md5_process_block (buffer, BLOCKSIZE, &ctx);
 206     }
 207 
 208 process_partial_block:
 209 
 210   /* Process any remaining bytes.  */
 211   if (sum > 0)
 212     md5_process_bytes (buffer, sum, &ctx);
 213 
 214   /* Construct result in desired memory.  */
 215   md5_finish_ctx (&ctx, resblock);
 216   free (buffer);
 217   return 0;
 218 }
 219 #endif
 220 
 221 #if ! HAVE_OPENSSL_MD5
 222 /* Compute MD5 message digest for LEN bytes beginning at BUFFER.  The
 223    result is always in little endian byte order, so that a byte-wise
 224    output yields to the wanted ASCII representation of the message
 225    digest.  */
 226 void *
 227 md5_buffer (const char *buffer, size_t len, void *resblock)
     /* [previous][next][first][last][top][bottom][index][help] */
 228 {
 229   struct md5_ctx ctx;
 230 
 231   /* Initialize the computation context.  */
 232   md5_init_ctx (&ctx);
 233 
 234   /* Process whole buffer but last len % 64 bytes.  */
 235   md5_process_bytes (buffer, len, &ctx);
 236 
 237   /* Put result in desired memory area.  */
 238   return md5_finish_ctx (&ctx, resblock);
 239 }
 240 
 241 
 242 void
 243 md5_process_bytes (const void *buffer, size_t len, struct md5_ctx *ctx)
     /* [previous][next][first][last][top][bottom][index][help] */
 244 {
 245   /* When we already have some bits in our internal buffer concatenate
 246      both inputs first.  */
 247   if (ctx->buflen != 0)
 248     {
 249       size_t left_over = ctx->buflen;
 250       size_t add = 128 - left_over > len ? len : 128 - left_over;
 251 
 252       memcpy (&((char *) ctx->buffer)[left_over], buffer, add);
 253       ctx->buflen += add;
 254 
 255       if (ctx->buflen > 64)
 256         {
 257           md5_process_block (ctx->buffer, ctx->buflen & ~63, ctx);
 258 
 259           ctx->buflen &= 63;
 260           /* The regions in the following copy operation cannot overlap,
 261              because ctx->buflen < 64 ≤ (left_over + add) & ~63.  */
 262           memcpy (ctx->buffer,
 263                   &((char *) ctx->buffer)[(left_over + add) & ~63],
 264                   ctx->buflen);
 265         }
 266 
 267       buffer = (const char *) buffer + add;
 268       len -= add;
 269     }
 270 
 271   /* Process available complete blocks.  */
 272   if (len >= 64)
 273     {
 274 #if !(_STRING_ARCH_unaligned || _STRING_INLINE_unaligned)
 275 # define UNALIGNED_P(p) ((uintptr_t) (p) % alignof (uint32_t) != 0)
 276       if (UNALIGNED_P (buffer))
 277         while (len > 64)
 278           {
 279             md5_process_block (memcpy (ctx->buffer, buffer, 64), 64, ctx);
 280             buffer = (const char *) buffer + 64;
 281             len -= 64;
 282           }
 283       else
 284 #endif
 285         {
 286           md5_process_block (buffer, len & ~63, ctx);
 287           buffer = (const char *) buffer + (len & ~63);
 288           len &= 63;
 289         }
 290     }
 291 
 292   /* Move remaining bytes in internal buffer.  */
 293   if (len > 0)
 294     {
 295       size_t left_over = ctx->buflen;
 296 
 297       memcpy (&((char *) ctx->buffer)[left_over], buffer, len);
 298       left_over += len;
 299       if (left_over >= 64)
 300         {
 301           md5_process_block (ctx->buffer, 64, ctx);
 302           left_over &= 63; /* same as -= 64 but easier to understand
 303                               for static analysis
 304                             */
 305           /* The regions in the following copy operation cannot overlap,
 306              because left_over ≤ 64.  */
 307           memcpy (ctx->buffer, &(((char *) ctx->buffer)[64]), left_over);
 308           /* cast to char * as hint for static analysis */
 309         }
 310       ctx->buflen = left_over;
 311     }
 312 }
 313 
 314 
 315 /* These are the four functions used in the four steps of the MD5 algorithm
 316    and defined in the RFC 1321.  The first function is a little bit optimized
 317    (as found in Colin Plumbs public domain implementation).  */
 318 /* #define FF(b, c, d) ((b & c) | (~b & d)) */
 319 #define FF(b, c, d) (d ^ (b & (c ^ d)))
 320 #define FG(b, c, d) FF (d, b, c)
 321 #define FH(b, c, d) (b ^ c ^ d)
 322 #define FI(b, c, d) (c ^ (b | ~d))
 323 
 324 /* Process LEN bytes of BUFFER, accumulating context into CTX.
 325    It is assumed that LEN % 64 == 0.  */
 326 
 327 void
 328 md5_process_block (const void *buffer, size_t len, struct md5_ctx *ctx)
     /* [previous][next][first][last][top][bottom][index][help] */
 329 {
 330   uint32_t correct_words[16];
 331   const uint32_t *words = buffer;
 332   size_t nwords = len / sizeof (uint32_t);
 333   const uint32_t *endp = words + nwords;
 334   uint32_t A = ctx->A;
 335   uint32_t B = ctx->B;
 336   uint32_t C = ctx->C;
 337   uint32_t D = ctx->D;
 338   uint32_t lolen = len;
 339 
 340   /* First increment the byte count.  RFC 1321 specifies the possible
 341      length of the file up to 2^64 bits.  Here we only compute the
 342      number of bytes.  Do a double word increment.  */
 343   ctx->total[0] += lolen;
 344   ctx->total[1] += (len >> 31 >> 1) + (ctx->total[0] < lolen);
 345 
 346   /* Process all bytes in the buffer with 64 bytes in each round of
 347      the loop.  */
 348   while (words < endp)
 349     {
 350       uint32_t *cwp = correct_words;
 351       uint32_t A_save = A;
 352       uint32_t B_save = B;
 353       uint32_t C_save = C;
 354       uint32_t D_save = D;
 355 
 356       /* First round: using the given function, the context and a constant
 357          the next context is computed.  Because the algorithms processing
 358          unit is a 32-bit word and it is determined to work on words in
 359          little endian byte order we perhaps have to change the byte order
 360          before the computation.  To reduce the work for the next steps
 361          we store the swapped words in the array CORRECT_WORDS.  */
 362 
 363 #define OP(a, b, c, d, s, T)                                            \
 364       do                                                                \
 365         {                                                               \
 366           a += FF (b, c, d) + (*cwp++ = SWAP (*words)) + T;             \
 367           ++words;                                                      \
 368           CYCLIC (a, s);                                                \
 369           a += b;                                                       \
 370         }                                                               \
 371       while (0)
 372 
 373       /* It is unfortunate that C does not provide an operator for
 374          cyclic rotation.  Hope the C compiler is smart enough.  */
 375 #define CYCLIC(w, s) (w = (w << s) | (w >> (32 - s)))
 376 
 377       /* Before we start, one word to the strange constants.
 378          They are defined in RFC 1321 as
 379 
 380          T[i] = (int) (4294967296.0 * fabs (sin (i))), i=1..64
 381 
 382          Here is an equivalent invocation using Perl:
 383 
 384          perl -e 'foreach(1..64){printf "0x%08x\n", int (4294967296 * abs (sin $_))}'
 385        */
 386 
 387       /* Round 1.  */
 388       OP (A, B, C, D, 7, 0xd76aa478);
 389       OP (D, A, B, C, 12, 0xe8c7b756);
 390       OP (C, D, A, B, 17, 0x242070db);
 391       OP (B, C, D, A, 22, 0xc1bdceee);
 392       OP (A, B, C, D, 7, 0xf57c0faf);
 393       OP (D, A, B, C, 12, 0x4787c62a);
 394       OP (C, D, A, B, 17, 0xa8304613);
 395       OP (B, C, D, A, 22, 0xfd469501);
 396       OP (A, B, C, D, 7, 0x698098d8);
 397       OP (D, A, B, C, 12, 0x8b44f7af);
 398       OP (C, D, A, B, 17, 0xffff5bb1);
 399       OP (B, C, D, A, 22, 0x895cd7be);
 400       OP (A, B, C, D, 7, 0x6b901122);
 401       OP (D, A, B, C, 12, 0xfd987193);
 402       OP (C, D, A, B, 17, 0xa679438e);
 403       OP (B, C, D, A, 22, 0x49b40821);
 404 
 405       /* For the second to fourth round we have the possibly swapped words
 406          in CORRECT_WORDS.  Redefine the macro to take an additional first
 407          argument specifying the function to use.  */
 408 #undef OP
 409 #define OP(f, a, b, c, d, k, s, T)                                      \
 410       do                                                                \
 411         {                                                               \
 412           a += f (b, c, d) + correct_words[k] + T;                      \
 413           CYCLIC (a, s);                                                \
 414           a += b;                                                       \
 415         }                                                               \
 416       while (0)
 417 
 418       /* Round 2.  */
 419       OP (FG, A, B, C, D, 1, 5, 0xf61e2562);
 420       OP (FG, D, A, B, C, 6, 9, 0xc040b340);
 421       OP (FG, C, D, A, B, 11, 14, 0x265e5a51);
 422       OP (FG, B, C, D, A, 0, 20, 0xe9b6c7aa);
 423       OP (FG, A, B, C, D, 5, 5, 0xd62f105d);
 424       OP (FG, D, A, B, C, 10, 9, 0x02441453);
 425       OP (FG, C, D, A, B, 15, 14, 0xd8a1e681);
 426       OP (FG, B, C, D, A, 4, 20, 0xe7d3fbc8);
 427       OP (FG, A, B, C, D, 9, 5, 0x21e1cde6);
 428       OP (FG, D, A, B, C, 14, 9, 0xc33707d6);
 429       OP (FG, C, D, A, B, 3, 14, 0xf4d50d87);
 430       OP (FG, B, C, D, A, 8, 20, 0x455a14ed);
 431       OP (FG, A, B, C, D, 13, 5, 0xa9e3e905);
 432       OP (FG, D, A, B, C, 2, 9, 0xfcefa3f8);
 433       OP (FG, C, D, A, B, 7, 14, 0x676f02d9);
 434       OP (FG, B, C, D, A, 12, 20, 0x8d2a4c8a);
 435 
 436       /* Round 3.  */
 437       OP (FH, A, B, C, D, 5, 4, 0xfffa3942);
 438       OP (FH, D, A, B, C, 8, 11, 0x8771f681);
 439       OP (FH, C, D, A, B, 11, 16, 0x6d9d6122);
 440       OP (FH, B, C, D, A, 14, 23, 0xfde5380c);
 441       OP (FH, A, B, C, D, 1, 4, 0xa4beea44);
 442       OP (FH, D, A, B, C, 4, 11, 0x4bdecfa9);
 443       OP (FH, C, D, A, B, 7, 16, 0xf6bb4b60);
 444       OP (FH, B, C, D, A, 10, 23, 0xbebfbc70);
 445       OP (FH, A, B, C, D, 13, 4, 0x289b7ec6);
 446       OP (FH, D, A, B, C, 0, 11, 0xeaa127fa);
 447       OP (FH, C, D, A, B, 3, 16, 0xd4ef3085);
 448       OP (FH, B, C, D, A, 6, 23, 0x04881d05);
 449       OP (FH, A, B, C, D, 9, 4, 0xd9d4d039);
 450       OP (FH, D, A, B, C, 12, 11, 0xe6db99e5);
 451       OP (FH, C, D, A, B, 15, 16, 0x1fa27cf8);
 452       OP (FH, B, C, D, A, 2, 23, 0xc4ac5665);
 453 
 454       /* Round 4.  */
 455       OP (FI, A, B, C, D, 0, 6, 0xf4292244);
 456       OP (FI, D, A, B, C, 7, 10, 0x432aff97);
 457       OP (FI, C, D, A, B, 14, 15, 0xab9423a7);
 458       OP (FI, B, C, D, A, 5, 21, 0xfc93a039);
 459       OP (FI, A, B, C, D, 12, 6, 0x655b59c3);
 460       OP (FI, D, A, B, C, 3, 10, 0x8f0ccc92);
 461       OP (FI, C, D, A, B, 10, 15, 0xffeff47d);
 462       OP (FI, B, C, D, A, 1, 21, 0x85845dd1);
 463       OP (FI, A, B, C, D, 8, 6, 0x6fa87e4f);
 464       OP (FI, D, A, B, C, 15, 10, 0xfe2ce6e0);
 465       OP (FI, C, D, A, B, 6, 15, 0xa3014314);
 466       OP (FI, B, C, D, A, 13, 21, 0x4e0811a1);
 467       OP (FI, A, B, C, D, 4, 6, 0xf7537e82);
 468       OP (FI, D, A, B, C, 11, 10, 0xbd3af235);
 469       OP (FI, C, D, A, B, 2, 15, 0x2ad7d2bb);
 470       OP (FI, B, C, D, A, 9, 21, 0xeb86d391);
 471 
 472       /* Add the starting values of the context.  */
 473       A += A_save;
 474       B += B_save;
 475       C += C_save;
 476       D += D_save;
 477     }
 478 
 479   /* Put checksum in context given as argument.  */
 480   ctx->A = A;
 481   ctx->B = B;
 482   ctx->C = C;
 483   ctx->D = D;
 484 }
 485 #endif
 486 
 487 /*
 488  * Hey Emacs!
 489  * Local Variables:
 490  * coding: utf-8
 491  * End:
 492  */

/* [previous][next][first][last][top][bottom][index][help] */