1 /* ppp-md5.c - MD5 Digest implementation
3 * Copyright (c) 2022 Eivind Næss. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
17 * 3. The name(s) of the authors of this software must not be used to
18 * endorse or promote products derived from this software without
19 * prior written permission.
21 * THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO
22 * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
23 * AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
24 * SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
25 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
26 * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
27 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
29 * Sections of this code holds different copyright information.
39 #include "crypto-priv.h"
41 #ifdef OPENSSL_HAVE_MD5
42 #include <openssl/evp.h>
44 #if OPENSSL_VERSION_NUMBER < 0x10100000L
45 #define EVP_MD_CTX_free EVP_MD_CTX_destroy
46 #define EVP_MD_CTX_new EVP_MD_CTX_create
49 static int md5_init(PPP_MD_CTX *ctx)
52 EVP_MD_CTX *mctx = EVP_MD_CTX_new();
54 if (EVP_DigestInit((EVP_MD_CTX*) mctx, EVP_md5())) {
58 EVP_MD_CTX_free(mctx);
64 static int md5_update(PPP_MD_CTX *ctx, const void *data, size_t len)
66 if (EVP_DigestUpdate((EVP_MD_CTX*) ctx->priv, data, len)) {
72 static int md5_final(PPP_MD_CTX *ctx, unsigned char *out, unsigned int *len)
74 if (EVP_DigestFinal((EVP_MD_CTX*) ctx->priv, out, len)) {
80 static void md5_clean(PPP_MD_CTX *ctx)
83 EVP_MD_CTX_free((EVP_MD_CTX*) ctx->priv);
88 #else // !OPENSSL_HAVE_MD5
91 ***********************************************************************
92 ** md5.c -- the source code for MD5 routines **
93 ** RSA Data Security, Inc. MD5 Message-Digest Algorithm **
94 ** Created: 2/17/90 RLR **
95 ** Revised: 1/91 SRD,AJ,BSK,JT Reference C ver., 7/10 constant corr. **
96 ***********************************************************************
100 ***********************************************************************
101 ** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. **
103 ** License to copy and use this software is granted provided that **
104 ** it is identified as the "RSA Data Security, Inc. MD5 Message- **
105 ** Digest Algorithm" in all material mentioning or referencing this **
106 ** software or this function. **
108 ** License is also granted to make and use derivative works **
109 ** provided that such works are identified as "derived from the RSA **
110 ** Data Security, Inc. MD5 Message-Digest Algorithm" in all **
111 ** material mentioning or referencing the derived work. **
113 ** RSA Data Security, Inc. makes no representations concerning **
114 ** either the merchantability of this software or the suitability **
115 ** of this software for any particular purpose. It is provided "as **
116 ** is" without express or implied warranty of any kind. **
118 ** These notices must be retained in any copies of any part of this **
119 ** documentation and/or software. **
120 ***********************************************************************
124 /* typedef a 32-bit type */
126 typedef unsigned int UINT4;
129 typedef unsigned long UINT4;
134 /* Data structure for MD5 (Message-Digest) computation */
136 UINT4 i[2]; /* number of _bits_ handled mod 2^64 */
137 UINT4 buf[4]; /* scratch buffer */
138 unsigned char in[64]; /* input buffer */
139 unsigned char digest[16]; /* actual digest after MD5Final call */
144 ***********************************************************************
145 ** Message-digest routines: **
146 ** To form the message digest for a message M **
147 ** (1) Initialize a context buffer mdContext using MD5_Init **
148 ** (2) Call MD5_Update on mdContext and M **
149 ** (3) Call MD5_Final on mdContext **
150 ** The message digest is now in mdContext->digest[0...15] **
151 ***********************************************************************
154 /* forward declaration */
155 static void Transform (UINT4 *buf, UINT4 *in);
157 static unsigned char PADDING[64] = {
158 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
159 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
160 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
161 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
162 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
163 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
164 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
165 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
168 /* F, G, H and I are basic MD5 functions */
169 #define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
170 #define G(x, y, z) (((x) & (z)) | ((y) & (~z)))
171 #define H(x, y, z) ((x) ^ (y) ^ (z))
172 #define I(x, y, z) ((y) ^ ((x) | (~z)))
174 /* ROTATE_LEFT rotates x left n bits */
175 #define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n))))
177 /* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4 */
178 /* Rotation is separate from addition to prevent recomputation */
179 #define FF(a, b, c, d, x, s, ac) \
180 {(a) += F ((b), (c), (d)) + (x) + (UINT4)(ac); \
181 (a) = ROTATE_LEFT ((a), (s)); \
184 #define GG(a, b, c, d, x, s, ac) \
185 {(a) += G ((b), (c), (d)) + (x) + (UINT4)(ac); \
186 (a) = ROTATE_LEFT ((a), (s)); \
189 #define HH(a, b, c, d, x, s, ac) \
190 {(a) += H ((b), (c), (d)) + (x) + (UINT4)(ac); \
191 (a) = ROTATE_LEFT ((a), (s)); \
194 #define II(a, b, c, d, x, s, ac) \
195 {(a) += I ((b), (c), (d)) + (x) + (UINT4)(ac); \
196 (a) = ROTATE_LEFT ((a), (s)); \
206 /* The routine MD5_Init initializes the message-digest context
207 mdContext. All fields are set to zero.
209 static void MD5_Init (MD5_CTX *mdContext)
211 mdContext->i[0] = mdContext->i[1] = (UINT4)0;
213 /* Load magic initialization constants.
215 mdContext->buf[0] = (UINT4)0x67452301;
216 mdContext->buf[1] = (UINT4)0xefcdab89;
217 mdContext->buf[2] = (UINT4)0x98badcfe;
218 mdContext->buf[3] = (UINT4)0x10325476;
221 /* The routine MD5Update updates the message-digest context to
222 account for the presence of each of the characters inBuf[0..inLen-1]
223 in the message whose digest is being computed.
225 static void MD5_Update (MD5_CTX *mdContext, unsigned char *inBuf, unsigned int inLen)
231 /* compute number of bytes mod 64 */
232 mdi = (int)((mdContext->i[0] >> 3) & 0x3F);
234 /* update number of bits */
235 if ((mdContext->i[0] + ((UINT4)inLen << 3)) < mdContext->i[0])
237 mdContext->i[0] += ((UINT4)inLen << 3);
238 mdContext->i[1] += ((UINT4)inLen >> 29);
241 /* add new character to buffer, increment mdi */
242 mdContext->in[mdi++] = *inBuf++;
244 /* transform if necessary */
246 for (i = 0, ii = 0; i < 16; i++, ii += 4)
247 in[i] = (((UINT4)mdContext->in[ii+3]) << 24) |
248 (((UINT4)mdContext->in[ii+2]) << 16) |
249 (((UINT4)mdContext->in[ii+1]) << 8) |
250 ((UINT4)mdContext->in[ii]);
251 Transform (mdContext->buf, in);
257 /* The routine MD5Final terminates the message-digest computation and
258 ends with the desired message digest in mdContext->digest[0...15].
260 static void MD5_Final (unsigned char hash[], MD5_CTX *mdContext)
267 /* save number of bits */
268 in[14] = mdContext->i[0];
269 in[15] = mdContext->i[1];
271 /* compute number of bytes mod 64 */
272 mdi = (int)((mdContext->i[0] >> 3) & 0x3F);
274 /* pad out to 56 mod 64 */
275 padLen = (mdi < 56) ? (56 - mdi) : (120 - mdi);
276 MD5_Update (mdContext, PADDING, padLen);
278 /* append length in bits and transform */
279 for (i = 0, ii = 0; i < 14; i++, ii += 4)
280 in[i] = (((UINT4)mdContext->in[ii+3]) << 24) |
281 (((UINT4)mdContext->in[ii+2]) << 16) |
282 (((UINT4)mdContext->in[ii+1]) << 8) |
283 ((UINT4)mdContext->in[ii]);
284 Transform (mdContext->buf, in);
286 /* store buffer in digest */
287 for (i = 0, ii = 0; i < 4; i++, ii += 4) {
288 mdContext->digest[ii] = (unsigned char)(mdContext->buf[i] & 0xFF);
289 mdContext->digest[ii+1] =
290 (unsigned char)((mdContext->buf[i] >> 8) & 0xFF);
291 mdContext->digest[ii+2] =
292 (unsigned char)((mdContext->buf[i] >> 16) & 0xFF);
293 mdContext->digest[ii+3] =
294 (unsigned char)((mdContext->buf[i] >> 24) & 0xFF);
296 memcpy(hash, mdContext->digest, 16);
299 /* Basic MD5 step. Transforms buf based on in.
301 static void Transform (UINT4 *buf, UINT4 *in)
303 UINT4 a = buf[0], b = buf[1], c = buf[2], d = buf[3];
310 FF ( a, b, c, d, in[ 0], S11, UL(3614090360)); /* 1 */
311 FF ( d, a, b, c, in[ 1], S12, UL(3905402710)); /* 2 */
312 FF ( c, d, a, b, in[ 2], S13, UL( 606105819)); /* 3 */
313 FF ( b, c, d, a, in[ 3], S14, UL(3250441966)); /* 4 */
314 FF ( a, b, c, d, in[ 4], S11, UL(4118548399)); /* 5 */
315 FF ( d, a, b, c, in[ 5], S12, UL(1200080426)); /* 6 */
316 FF ( c, d, a, b, in[ 6], S13, UL(2821735955)); /* 7 */
317 FF ( b, c, d, a, in[ 7], S14, UL(4249261313)); /* 8 */
318 FF ( a, b, c, d, in[ 8], S11, UL(1770035416)); /* 9 */
319 FF ( d, a, b, c, in[ 9], S12, UL(2336552879)); /* 10 */
320 FF ( c, d, a, b, in[10], S13, UL(4294925233)); /* 11 */
321 FF ( b, c, d, a, in[11], S14, UL(2304563134)); /* 12 */
322 FF ( a, b, c, d, in[12], S11, UL(1804603682)); /* 13 */
323 FF ( d, a, b, c, in[13], S12, UL(4254626195)); /* 14 */
324 FF ( c, d, a, b, in[14], S13, UL(2792965006)); /* 15 */
325 FF ( b, c, d, a, in[15], S14, UL(1236535329)); /* 16 */
332 GG ( a, b, c, d, in[ 1], S21, UL(4129170786)); /* 17 */
333 GG ( d, a, b, c, in[ 6], S22, UL(3225465664)); /* 18 */
334 GG ( c, d, a, b, in[11], S23, UL( 643717713)); /* 19 */
335 GG ( b, c, d, a, in[ 0], S24, UL(3921069994)); /* 20 */
336 GG ( a, b, c, d, in[ 5], S21, UL(3593408605)); /* 21 */
337 GG ( d, a, b, c, in[10], S22, UL( 38016083)); /* 22 */
338 GG ( c, d, a, b, in[15], S23, UL(3634488961)); /* 23 */
339 GG ( b, c, d, a, in[ 4], S24, UL(3889429448)); /* 24 */
340 GG ( a, b, c, d, in[ 9], S21, UL( 568446438)); /* 25 */
341 GG ( d, a, b, c, in[14], S22, UL(3275163606)); /* 26 */
342 GG ( c, d, a, b, in[ 3], S23, UL(4107603335)); /* 27 */
343 GG ( b, c, d, a, in[ 8], S24, UL(1163531501)); /* 28 */
344 GG ( a, b, c, d, in[13], S21, UL(2850285829)); /* 29 */
345 GG ( d, a, b, c, in[ 2], S22, UL(4243563512)); /* 30 */
346 GG ( c, d, a, b, in[ 7], S23, UL(1735328473)); /* 31 */
347 GG ( b, c, d, a, in[12], S24, UL(2368359562)); /* 32 */
354 HH ( a, b, c, d, in[ 5], S31, UL(4294588738)); /* 33 */
355 HH ( d, a, b, c, in[ 8], S32, UL(2272392833)); /* 34 */
356 HH ( c, d, a, b, in[11], S33, UL(1839030562)); /* 35 */
357 HH ( b, c, d, a, in[14], S34, UL(4259657740)); /* 36 */
358 HH ( a, b, c, d, in[ 1], S31, UL(2763975236)); /* 37 */
359 HH ( d, a, b, c, in[ 4], S32, UL(1272893353)); /* 38 */
360 HH ( c, d, a, b, in[ 7], S33, UL(4139469664)); /* 39 */
361 HH ( b, c, d, a, in[10], S34, UL(3200236656)); /* 40 */
362 HH ( a, b, c, d, in[13], S31, UL( 681279174)); /* 41 */
363 HH ( d, a, b, c, in[ 0], S32, UL(3936430074)); /* 42 */
364 HH ( c, d, a, b, in[ 3], S33, UL(3572445317)); /* 43 */
365 HH ( b, c, d, a, in[ 6], S34, UL( 76029189)); /* 44 */
366 HH ( a, b, c, d, in[ 9], S31, UL(3654602809)); /* 45 */
367 HH ( d, a, b, c, in[12], S32, UL(3873151461)); /* 46 */
368 HH ( c, d, a, b, in[15], S33, UL( 530742520)); /* 47 */
369 HH ( b, c, d, a, in[ 2], S34, UL(3299628645)); /* 48 */
376 II ( a, b, c, d, in[ 0], S41, UL(4096336452)); /* 49 */
377 II ( d, a, b, c, in[ 7], S42, UL(1126891415)); /* 50 */
378 II ( c, d, a, b, in[14], S43, UL(2878612391)); /* 51 */
379 II ( b, c, d, a, in[ 5], S44, UL(4237533241)); /* 52 */
380 II ( a, b, c, d, in[12], S41, UL(1700485571)); /* 53 */
381 II ( d, a, b, c, in[ 3], S42, UL(2399980690)); /* 54 */
382 II ( c, d, a, b, in[10], S43, UL(4293915773)); /* 55 */
383 II ( b, c, d, a, in[ 1], S44, UL(2240044497)); /* 56 */
384 II ( a, b, c, d, in[ 8], S41, UL(1873313359)); /* 57 */
385 II ( d, a, b, c, in[15], S42, UL(4264355552)); /* 58 */
386 II ( c, d, a, b, in[ 6], S43, UL(2734768916)); /* 59 */
387 II ( b, c, d, a, in[13], S44, UL(1309151649)); /* 60 */
388 II ( a, b, c, d, in[ 4], S41, UL(4149444226)); /* 61 */
389 II ( d, a, b, c, in[11], S42, UL(3174756917)); /* 62 */
390 II ( c, d, a, b, in[ 2], S43, UL( 718787259)); /* 63 */
391 II ( b, c, d, a, in[ 9], S44, UL(3951481745)); /* 64 */
400 ***********************************************************************
402 ******************************** (cut) ********************************
405 static int md5_init(PPP_MD_CTX *ctx)
408 MD5_CTX *md5 = calloc(1, sizeof(MD5_CTX));
418 static int md5_update(PPP_MD_CTX *ctx, const void *data, size_t len)
420 MD5_Update((MD5_CTX*) ctx->priv, (void*) data, len);
424 static int md5_final(PPP_MD_CTX *ctx, unsigned char *out, unsigned int *len)
426 MD5_Final(out, (MD5_CTX*) ctx->priv);
430 static void md5_clean(PPP_MD_CTX *ctx)
440 static PPP_MD ppp_md5 = {
442 .update_fn = md5_update,
443 .final_fn = md5_final,
444 .clean_fn = md5_clean,
447 const PPP_MD *PPP_md5(void)