2 * md5.c - an implementation of the MD5 algorithm and MD5 crypt
4 * Copyright (C) 2001, 2002 Ethan Benson
8 * Copyright (C) 2000 Free Software Foundation, Inc.
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 /* See RFC 1321 for a description of the MD5 algorithm. */
32 # define USE_MD5_PASSWORDS
36 #ifdef USE_MD5_PASSWORDS
41 #define cpu_to_le32(x) le32_to_cpu((x))
42 unsigned long le32_to_cpu(unsigned long x)
44 return (((x & 0x000000ffU) << 24) |
45 ((x & 0x0000ff00U) << 8) |
46 ((x & 0x00ff0000U) >> 8) |
47 ((x & 0xff000000U) >> 24));
50 typedef unsigned int UINT4;
52 /* F, G, H and I are basic MD5 functions.
54 #define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
55 #define G(x, y, z) (((x) & (z)) | ((y) & (~z)))
56 #define H(x, y, z) ((x) ^ (y) ^ (z))
57 #define I(x, y, z) ((y) ^ ((x) | (~z)))
59 /* ROTATE_LEFT rotates x left n bits.
61 #define ROTATE_LEFT(x, n) (((x) << (n)) | ((x >> (32 - (n)))))
63 static UINT4 initstate[4] =
65 0x67452301, 0xefcdab89, 0x98badcfe, 0x10325476
68 static char s1[4] = { 7, 12, 17, 22 };
69 static char s2[4] = { 5, 9, 14, 20 };
70 static char s3[4] = { 4, 11, 16, 23 };
71 static char s4[4] = { 6, 10, 15, 21 };
75 0xd76aa478, 0xe8c7b756, 0x242070db, 0xc1bdceee,
76 0xf57c0faf, 0x4787c62a, 0xa8304613, 0xfd469501,
77 0x698098d8, 0x8b44f7af, 0xffff5bb1, 0x895cd7be,
78 0x6b901122, 0xfd987193, 0xa679438e, 0x49b40821,
79 0xf61e2562, 0xc040b340, 0x265e5a51, 0xe9b6c7aa,
80 0xd62f105d, 0x02441453, 0xd8a1e681, 0xe7d3fbc8,
81 0x21e1cde6, 0xc33707d6, 0xf4d50d87, 0x455a14ed,
82 0xa9e3e905, 0xfcefa3f8, 0x676f02d9, 0x8d2a4c8a,
83 0xfffa3942, 0x8771f681, 0x6d9d6122, 0xfde5380c,
84 0xa4beea44, 0x4bdecfa9, 0xf6bb4b60, 0xbebfbc70,
85 0x289b7ec6, 0xeaa127fa, 0xd4ef3085, 0x04881d05,
86 0xd9d4d039, 0xe6db99e5, 0x1fa27cf8, 0xc4ac5665,
87 0xf4292244, 0x432aff97, 0xab9423a7, 0xfc93a039,
88 0x655b59c3, 0x8f0ccc92, 0xffeff47d, 0x85845dd1,
89 0x6fa87e4f, 0xfe2ce6e0, 0xa3014314, 0x4e0811a1,
90 0xf7537e82, 0xbd3af235, 0x2ad7d2bb, 0xeb86d391
93 static const char *b64t =
94 "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
96 static UINT4 state[4];
97 static unsigned int length;
98 static unsigned char buffer[64];
101 md5_transform (const unsigned char block[64])
105 const UINT4 *x = (UINT4 *) block;
113 for (i = 0; i < 16; i++)
115 tmp = a + F (b, c, d) + le32_to_cpu (x[i]) + T[i];
116 tmp = ROTATE_LEFT (tmp, s1[i & 3]);
118 a = d; d = c; c = b; b = tmp;
121 for (i = 0, j = 1; i < 16; i++, j += 5)
123 tmp = a + G (b, c, d) + le32_to_cpu (x[j & 15]) + T[i+16];
124 tmp = ROTATE_LEFT (tmp, s2[i & 3]);
126 a = d; d = c; c = b; b = tmp;
129 for (i = 0, j = 5; i < 16; i++, j += 3)
131 tmp = a + H (b, c, d) + le32_to_cpu (x[j & 15]) + T[i+32];
132 tmp = ROTATE_LEFT (tmp, s3[i & 3]);
134 a = d; d = c; c = b; b = tmp;
137 for (i = 0, j = 0; i < 16; i++, j += 7)
139 tmp = a + I (b, c, d) + le32_to_cpu (x[j & 15]) + T[i+48];
140 tmp = ROTATE_LEFT (tmp, s4[i & 3]);
142 a = d; d = c; c = b; b = tmp;
154 memcpy ((char *) state, (char *) initstate, sizeof (initstate));
159 md5_update (const char *input, int inputlen)
161 int buflen = length & 63;
163 if (buflen + inputlen < 64)
165 memcpy (buffer + buflen, input, inputlen);
170 memcpy (buffer + buflen, input, 64 - buflen);
171 md5_transform (buffer);
172 input += 64 - buflen;
173 inputlen -= 64 - buflen;
174 while (inputlen >= 64)
176 md5_transform (input);
180 memcpy (buffer, input, inputlen);
184 static unsigned char *
187 int i, buflen = length & 63;
189 buffer[buflen++] = 0x80;
190 memset (buffer+buflen, 0, 64 - buflen);
193 md5_transform (buffer);
194 memset (buffer, 0, 64);
198 *(UINT4 *) (buffer + 56) = cpu_to_le32 (8 * length);
199 *(UINT4 *) (buffer + 60) = 0;
200 md5_transform (buffer);
202 for (i = 0; i < 4; i++)
203 state[i] = cpu_to_le32 (state[i]);
204 return (unsigned char *) state;
207 #ifdef USE_MD5_PASSWORDS
208 /* If CHECK is true, check a password for correctness. Returns 0
209 if password was correct, and a value != 0 for error, similarly
211 If CHECK is false, crypt KEY and save the result in CRYPTED.
212 CRYPTED must have a salt. */
214 md5_password (const char *key, char *crypted, int check)
216 int keylen = strlen (key);
217 char *salt = crypted + 3; /* skip $1$ header */
221 unsigned char alt_result[16];
222 unsigned char *digest;
225 saltlen = strstr (salt, "$") - salt;
228 char *end = strstr (salt, "$");
229 if (end && end - salt < 8)
230 saltlen = end - salt;
238 md5_update (key, keylen);
239 md5_update (salt, saltlen);
240 md5_update (key, keylen);
241 digest = md5_final ();
242 memcpy (alt_result, digest, 16);
244 memcpy ((char *) state, (char *) initstate, sizeof (initstate));
246 md5_update (key, keylen);
247 md5_update (crypted, 3 + saltlen); /* include the $1$ header */
248 for (i = keylen; i > 16; i -= 16)
249 md5_update (alt_result, 16);
250 md5_update (alt_result, i);
252 for (i = keylen; i > 0; i >>= 1)
253 md5_update (key + ((i & 1) ? keylen : 0), 1);
254 digest = md5_final ();
256 for (i = 0; i < 1000; i++)
258 memcpy (alt_result, digest, 16);
260 memcpy ((char *) state, (char *) initstate, sizeof (initstate));
263 md5_update (key, keylen);
265 md5_update (alt_result, 16);
268 md5_update (salt, saltlen);
271 md5_update (key, keylen);
274 md5_update (alt_result, 16);
276 md5_update (key, keylen);
277 digest = md5_final ();
280 p = salt + saltlen + 1;
281 for (i = 0; i < 5; i++)
284 digest[i == 4 ? 5 : 12+i] | (digest[6+i] << 8) | (digest[i] << 16);
285 for (n = 4; n-- > 0;)
289 if (*p++ != b64t[w & 0x3f])
294 *p++ = b64t[w & 0x3f];
301 unsigned int w = digest[11];
302 for (n = 2; n-- > 0;)
306 if (*p++ != b64t[w & 0x3f])
311 *p++ = b64t[w & 0x3f];
327 md5 (const char *input)
329 memcpy ((char *) state, (char *) initstate, sizeof (initstate));
331 md5_update (input, strlen (input));
336 test (char *buffer, char *expected)
338 char result[16 * 3 +1];
339 unsigned char* digest = md5 (buffer);
342 for (i=0; i < 16; i++)
343 sprintf (result+2*i, "%02x", digest[i]);
345 if (strcmp (result, expected))
346 printf ("MD5(%s) failed: %s\n", buffer, result);
348 printf ("MD5(%s) OK\n", buffer);
354 test ("", "d41d8cd98f00b204e9800998ecf8427e");
355 test ("a", "0cc175b9c0f1b6a831c399e269772661");
356 test ("abc", "900150983cd24fb0d6963f7d28e17f72");
357 test ("message digest", "f96b697d7cb7938d525a2f31aaf161d0");
358 test ("abcdefghijklmnopqrstuvwxyz", "c3fcd3d76192e4007dfb496cca67e13b");
359 test ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
360 "d174ab98d277d9f5a5611c2c9f419d9f");
361 test ("12345678901234567890123456789012345678901234567890123456789012345678901234567890",
362 "57edf4a22be3c955ac49da2e2107b67a");
363 test ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz3456",
364 "6831fa90115bb9a54fbcd4f9fee0b5c4");
365 test ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz345",
366 "bc40505cc94a43b7ff3e2ac027325233");
367 test ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz34567",
368 "fa94b73a6f072a0239b52acacfbcf9fa");
369 test ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz345678901234",
370 "bd201eae17f29568927414fa326f1267");
371 test ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz34567890123",
372 "80063db1e6b70a2e91eac903f0e46b85");
374 if (check_md5_password ("Hello world!",
375 "$1$saltstri$YMyguxXMBpd2TEZ.vS/3q1"))
376 printf ("Password differs\n");
378 printf ("Password OK\n");