md5transform.cpp

Go to the documentation of this file.
00001 /**
00002  * Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
00003  * rights reserved.
00004  *
00005  * License to copy and use this software is granted provided that it
00006  * is identified as the "RSA Data Security, Inc. MD5 Message-Digest
00007  * Algorithm" in all material mentioning or referencing this software
00008  * or this function.
00009  *
00010  * License is also granted to make and use derivative works provided
00011  * that such works are identified as "derived from the RSA Data
00012  * Security, Inc. MD5 Message-Digest Algorithm" in all material
00013  * mentioning or referencing the derived work.
00014  *
00015  * RSA Data Security, Inc. makes no representations concerning either
00016  * the merchantability of this software or the suitability of this
00017  * software for any particular purpose. It is provided "as is"
00018  * without express or implied warranty of any kind.
00019  *
00020  * These notices must be retained in any copies of any part of this
00021  * documentation and/or software.
00022  */
00023 
00024 /** \file md5transform.cpp Implementation of MD5 Checksumming Algorithm */
00025 
00026 #include <hn/hnprec.h>
00027 #include <hn/md5transform.h>
00028 
00029 /* Constants for MD5Transform routine.
00030  */
00031 #define S11 7
00032 #define S12 12
00033 #define S13 17
00034 #define S14 22
00035 #define S21 5
00036 #define S22 9
00037 #define S23 14
00038 #define S24 20
00039 #define S31 4
00040 #define S32 11
00041 #define S33 16
00042 #define S34 23
00043 #define S41 6
00044 #define S42 10
00045 #define S43 15
00046 #define S44 21
00047 
00048 static const uint8_t padding[64] = { 0x80 };
00049 
00050 /* F, G, H and I are basic MD5 functions.
00051  */
00052 #define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
00053 #define G(x, y, z) (((x) & (z)) | ((y) & (~z)))
00054 #define H(x, y, z) ((x) ^ (y) ^ (z))
00055 #define I(x, y, z) ((y) ^ ((x) | (~z)))
00056 
00057 /* ROTATE_LEFT rotates x left n bits.
00058  */
00059 #define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n))))
00060 
00061 /* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4.
00062 Rotation is separate from addition to prevent recomputation.
00063  */
00064 #define FF(a, b, c, d, x, s, ac) { \
00065  (a) += F ((b), (c), (d)) + (x) + (uint32_t)(ac); \
00066  (a) = ROTATE_LEFT ((a), (s)); \
00067  (a) += (b); \
00068   }
00069 #define GG(a, b, c, d, x, s, ac) { \
00070  (a) += G ((b), (c), (d)) + (x) + (uint32_t)(ac); \
00071  (a) = ROTATE_LEFT ((a), (s)); \
00072  (a) += (b); \
00073   }
00074 #define HH(a, b, c, d, x, s, ac) { \
00075  (a) += H ((b), (c), (d)) + (x) + (uint32_t)(ac); \
00076  (a) = ROTATE_LEFT ((a), (s)); \
00077  (a) += (b); \
00078   }
00079 #define II(a, b, c, d, x, s, ac) { \
00080  (a) += I ((b), (c), (d)) + (x) + (uint32_t)(ac); \
00081  (a) = ROTATE_LEFT ((a), (s)); \
00082  (a) += (b); \
00083   }
00084 
00085 /**
00086  * Encodes input (UINT4) into output (unsigned char). Assumes len is
00087  * a multiple of 4.
00088  */
00089 static void Encode (unsigned char *output, uint32_t *input, uint32_t len) {
00090         unsigned int i, j;
00091 
00092         for (i = 0, j = 0; j < len; i++, j += 4) {
00093                 output[j  ] = (unsigned char)( input[i]        & 0xff);
00094                 output[j+1] = (unsigned char)((input[i] >> 8 ) & 0xff);
00095                 output[j+2] = (unsigned char)((input[i] >> 16) & 0xff);
00096                 output[j+3] = (unsigned char)((input[i] >> 24) & 0xff);
00097         }
00098 }
00099 
00100 /**
00101  * Decodes input (unsigned char) into output (UINT4). Assumes len is
00102  * a multiple of 4.
00103  */
00104 static void Decode (
00105         uint32_t *output, const unsigned char *input, unsigned int len
00106 ) {
00107         unsigned int i, j;
00108 
00109         for (i = 0, j = 0; j < len; i++, j += 4)
00110                 output[i] = ((uint32_t)input[j])
00111                         | (((uint32_t)input[j+1]) << 8)
00112                         | (((uint32_t)input[j+2]) << 16)
00113                         | (((uint32_t)input[j+3]) << 24);
00114 }
00115 
00116 
00117 /* MD5 basic transformation. Transforms state based on block.
00118  */
00119 static void MD5Transform (uint32_t state[4], const unsigned char block[64]) {
00120         uint32_t a = state[0], b = state[1], c = state[2], d = state[3], x[16];
00121 
00122         Decode (x, block, 64);
00123 
00124         /* Round 1 */
00125         FF (a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */
00126         FF (d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */
00127         FF (c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */
00128         FF (b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */
00129         FF (a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */
00130         FF (d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */
00131         FF (c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */
00132         FF (b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */
00133         FF (a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */
00134         FF (d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */
00135         FF (c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */
00136         FF (b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */
00137         FF (a, b, c, d, x[12], S11, 0x6b901122); /* 13 */
00138         FF (d, a, b, c, x[13], S12, 0xfd987193); /* 14 */
00139         FF (c, d, a, b, x[14], S13, 0xa679438e); /* 15 */
00140         FF (b, c, d, a, x[15], S14, 0x49b40821); /* 16 */
00141 
00142         /* Round 2 */
00143         GG (a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */
00144         GG (d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */
00145         GG (c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */
00146         GG (b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */
00147         GG (a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */
00148         GG (d, a, b, c, x[10], S22,  0x2441453); /* 22 */
00149         GG (c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */
00150         GG (b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */
00151         GG (a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */
00152         GG (d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */
00153         GG (c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */
00154         GG (b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */
00155         GG (a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */
00156         GG (d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */
00157         GG (c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */
00158         GG (b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */
00159 
00160         /* Round 3 */
00161         HH (a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */
00162         HH (d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */
00163         HH (c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */
00164         HH (b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */
00165         HH (a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */
00166         HH (d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */
00167         HH (c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */
00168         HH (b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */
00169         HH (a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */
00170         HH (d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */
00171         HH (c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */
00172         HH (b, c, d, a, x[ 6], S34,  0x4881d05); /* 44 */
00173         HH (a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */
00174         HH (d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */
00175         HH (c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */
00176         HH (b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */
00177 
00178         /* Round 4 */
00179         II (a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */
00180         II (d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */
00181         II (c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */
00182         II (b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */
00183         II (a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */
00184         II (d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */
00185         II (c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */
00186         II (b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */
00187         II (a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */
00188         II (d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */
00189         II (c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */
00190         II (b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */
00191         II (a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */
00192         II (d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */
00193         II (c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */
00194         II (b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */
00195 
00196         state[0] += a;
00197         state[1] += b;
00198         state[2] += c;
00199         state[3] += d;
00200 
00201         /* Zeroize sensitive information. */
00202         memset((unsigned char *)x, 0, sizeof(x));
00203 }
00204 
00205 /**
00206  * MD5 initialization. Begins an MD5 operation, writing a new context.
00207  */
00208 Md5Transform::Md5Transform() {
00209         count[0] = count[1] = 0;
00210 
00211         /* Load magic initialization constants. */
00212         state[0] = 0x67452301;
00213         state[1] = 0xefcdab89;
00214         state[2] = 0x98badcfe;
00215         state[3] = 0x10325476;
00216 }
00217 
00218 /**
00219  * Destructor
00220  */
00221 Md5Transform::~Md5Transform() {
00222 }
00223 
00224 /**
00225  * MD5 block update operation. Continues an MD5 message-digest
00226  * operation, processing another message block, and updating the
00227  * context.
00228  */
00229 void Md5Transform::sumUp(const unsigned char *data, uint32_t length) {
00230         unsigned int i, index, partLen;
00231 
00232         /* Compute number of bytes mod 64 */
00233         index = (unsigned int)((count[0] >> 3) & 0x3F);
00234 
00235         /* Update number of bits */
00236         if ((count[0] += ((uint32_t)length << 3)) < ((uint32_t)length << 3))
00237                 count[1]++;
00238 
00239         count[1] += ((uint32_t)length >> 29);
00240 
00241         partLen = 64 - index;
00242 
00243         /* Transform as many times as possible. */
00244         if (length >= partLen) {
00245                 memcpy(
00246                         (unsigned char *)&buffer[index],
00247                         (unsigned char *)data, partLen
00248                 );
00249                 MD5Transform(state, buffer);
00250 
00251                 for (i = partLen; i + 63 < length; i += 64)
00252                         MD5Transform (state, &data[i]);
00253                 index = 0;
00254         } else
00255                 i = 0;
00256 
00257         memcpy(
00258                 (unsigned char *)&buffer[index],
00259                 (const unsigned char *)&data[i], length-i
00260         );
00261 }
00262 
00263 Hash<MD5Hash> Md5Transform::getHash() {
00264         unsigned char hash[16];
00265         unsigned char bits[8];
00266         unsigned int index, padLen;
00267 
00268         /* Save number of bits */
00269         Encode (bits, count, 8);
00270 
00271         /* Pad out to 56 mod 64. */
00272         index = (unsigned int)((count[0] >> 3) & 0x3f);
00273         padLen = (index < 56) ? (56 - index) : (120 - index);
00274         sumUp(padding, padLen);
00275 
00276         /* Append length (before padding) */
00277         sumUp(bits, 8);
00278 
00279         /* Store state in digest */
00280         Encode (hash, state, 16);
00281 
00282         /* Zeroize sensitive information. */
00283         memset((uint32_t*)state, 0, sizeof(*state));
00284         memset((uint32_t*)count, 0, sizeof(*count));
00285         memset((unsigned char*)buffer, 0, sizeof((*buffer)));
00286 
00287         return hash;
00288 }
00289 
00290 void Md5Transform::sumUp(const char *data, uint32_t length) {
00291         sumUp(reinterpret_cast<const unsigned char *>(data), length);
00292 }