1 line
14 KiB
C
Executable File
1 line
14 KiB
C
Executable File
/* Copyright (c) 2017, Computer History Museum
|
|
All rights reserved.
|
|
Redistribution and use in source and binary forms, with or without modification, are permitted (subject to
|
|
the limitations in the disclaimer below) provided that the following conditions are met:
|
|
* Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
|
|
* Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following
|
|
disclaimer in the documentation and/or other materials provided with the distribution.
|
|
* Neither the name of Computer History Museum nor the names of its contributors may be used to endorse or promote products
|
|
derived from this software without specific prior written permission.
|
|
NO EXPRESS OR IMPLIED LICENSES TO ANY PARTY'S PATENT RIGHTS ARE GRANTED BY THIS LICENSE. THIS SOFTWARE IS PROVIDED BY THE
|
|
COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
|
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
|
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
|
|
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
|
|
DAMAGE. */
|
|
|
|
#include "md5.h"
|
|
/*
|
|
***********************************************************************
|
|
** md5.c -- the source code for MD5 routines **
|
|
** RSA Data Security, Inc. MD5 Message-Digest Algorithm **
|
|
** Created: 2/17/90 RLR **
|
|
** Revised: 1/91 SRD,AJ,BSK,JT Reference C ver., 7/10 constant corr. **
|
|
***********************************************************************
|
|
*/
|
|
|
|
/*
|
|
***********************************************************************
|
|
** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. **
|
|
** **
|
|
** License to copy and use this software is granted provided that **
|
|
** it is identified as the "RSA Data Security, Inc. MD5 Message- **
|
|
** Digest Algorithm" in all material mentioning or referencing this **
|
|
** software or this function. **
|
|
** **
|
|
** License is also granted to make and use derivative works **
|
|
** provided that such works are identified as "derived from the RSA **
|
|
** Data Security, Inc. MD5 Message-Digest Algorithm" in all **
|
|
** material mentioning or referencing the derived work. **
|
|
** **
|
|
** RSA Data Security, Inc. makes no representations concerning **
|
|
** either the merchantability of this software or the suitability **
|
|
** of this software for any particular purpose. It is provided "as **
|
|
** is" without express or implied warranty of any kind. **
|
|
** **
|
|
** These notices must be retained in any copies of any part of this **
|
|
** documentation and/or software. **
|
|
***********************************************************************
|
|
*/
|
|
|
|
#pragma segment MD5
|
|
#ifdef applec
|
|
#include "md5.h"
|
|
#endif
|
|
|
|
/*
|
|
***********************************************************************
|
|
** Message-digest routines: **
|
|
** To form the message digest for a message M **
|
|
** (1) Initialize a context buffer mdContext using MD5Init **
|
|
** (2) Call MD5Update on mdContext and M **
|
|
** (3) Call MD5Final on mdContext **
|
|
** The message digest is now in mdContext->digest[0...15] **
|
|
***********************************************************************
|
|
*/
|
|
|
|
/* forward declaration */
|
|
static void Transform (UINT4 *buf, UINT4 *in);
|
|
|
|
static unsigned char PADDING[64] = {
|
|
0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
|
|
};
|
|
|
|
/* F, G, H and I are basic MD5 functions */
|
|
#define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
|
|
#define G(x, y, z) (((x) & (z)) | ((y) & (~z)))
|
|
#define H(x, y, z) ((x) ^ (y) ^ (z))
|
|
#define I(x, y, z) ((y) ^ ((x) | (~z)))
|
|
|
|
/* ROTATE_LEFT rotates x left n bits */
|
|
#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n))))
|
|
|
|
/* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4 */
|
|
/* Rotation is separate from addition to prevent recomputation */
|
|
#define FF(a, b, c, d, x, s, ac) \
|
|
{(a) += F ((b), (c), (d)) + (x) + (UINT4)(ac); \
|
|
(a) = ROTATE_LEFT ((a), (s)); \
|
|
(a) += (b); \
|
|
}
|
|
#define GG(a, b, c, d, x, s, ac) \
|
|
{(a) += G ((b), (c), (d)) + (x) + (UINT4)(ac); \
|
|
(a) = ROTATE_LEFT ((a), (s)); \
|
|
(a) += (b); \
|
|
}
|
|
#define HH(a, b, c, d, x, s, ac) \
|
|
{(a) += H ((b), (c), (d)) + (x) + (UINT4)(ac); \
|
|
(a) = ROTATE_LEFT ((a), (s)); \
|
|
(a) += (b); \
|
|
}
|
|
#define II(a, b, c, d, x, s, ac) \
|
|
{(a) += I ((b), (c), (d)) + (x) + (UINT4)(ac); \
|
|
(a) = ROTATE_LEFT ((a), (s)); \
|
|
(a) += (b); \
|
|
}
|
|
|
|
/* The routine MD5Init initializes the message-digest context
|
|
mdContext. All fields are set to zero.
|
|
*/
|
|
void MD5Init (MD5_CTX *mdContext)
|
|
{
|
|
mdContext->i[0] = mdContext->i[1] = (UINT4)0;
|
|
|
|
/* Load magic initialization constants.
|
|
*/
|
|
mdContext->buf[0] = (UINT4)0x67452301;
|
|
mdContext->buf[1] = (UINT4)0xefcdab89;
|
|
mdContext->buf[2] = (UINT4)0x98badcfe;
|
|
mdContext->buf[3] = (UINT4)0x10325476;
|
|
}
|
|
|
|
/* The routine MD5Update updates the message-digest context to
|
|
account for the presence of each of the characters inBuf[0..inLen-1]
|
|
in the message whose digest is being computed.
|
|
*/
|
|
void MD5Update (MD5_CTX *mdContext, unsigned char *inBuf, unsigned int inLen)
|
|
{
|
|
UINT4 in[16];
|
|
int mdi;
|
|
unsigned int i, ii;
|
|
|
|
/* compute number of bytes mod 64 */
|
|
mdi = (int)((mdContext->i[0] >> 3) & 0x3F);
|
|
|
|
/* update number of bits */
|
|
if ((mdContext->i[0] + ((UINT4)inLen << 3)) < mdContext->i[0])
|
|
mdContext->i[1]++;
|
|
mdContext->i[0] += ((UINT4)inLen << 3);
|
|
mdContext->i[1] += ((UINT4)inLen >> 29);
|
|
|
|
while (inLen--) {
|
|
/* add new character to buffer, increment mdi */
|
|
mdContext->in[mdi++] = *inBuf++;
|
|
|
|
/* transform if necessary */
|
|
if (mdi == 0x40) {
|
|
for (i = 0, ii = 0; i < 16; i++, ii += 4)
|
|
in[i] = (((UINT4)mdContext->in[ii+3]) << 24) |
|
|
(((UINT4)mdContext->in[ii+2]) << 16) |
|
|
(((UINT4)mdContext->in[ii+1]) << 8) |
|
|
((UINT4)mdContext->in[ii]);
|
|
Transform (mdContext->buf, in);
|
|
mdi = 0;
|
|
}
|
|
}
|
|
}
|
|
|
|
/* The routine MD5Final terminates the message-digest computation and
|
|
ends with the desired message digest in mdContext->digest[0...15].
|
|
*/
|
|
void MD5Final (MD5_CTX *mdContext)
|
|
{
|
|
UINT4 in[16];
|
|
int mdi;
|
|
unsigned int i, ii;
|
|
unsigned int padLen;
|
|
|
|
/* save number of bits */
|
|
in[14] = mdContext->i[0];
|
|
in[15] = mdContext->i[1];
|
|
|
|
/* compute number of bytes mod 64 */
|
|
mdi = (int)((mdContext->i[0] >> 3) & 0x3F);
|
|
|
|
/* pad out to 56 mod 64 */
|
|
padLen = (mdi < 56) ? (56 - mdi) : (120 - mdi);
|
|
MD5Update (mdContext, PADDING, padLen);
|
|
|
|
/* append length in bits and transform */
|
|
for (i = 0, ii = 0; i < 14; i++, ii += 4)
|
|
in[i] = (((UINT4)mdContext->in[ii+3]) << 24) |
|
|
(((UINT4)mdContext->in[ii+2]) << 16) |
|
|
(((UINT4)mdContext->in[ii+1]) << 8) |
|
|
((UINT4)mdContext->in[ii]);
|
|
Transform (mdContext->buf, in);
|
|
|
|
/* store buffer in digest */
|
|
for (i = 0, ii = 0; i < 4; i++, ii += 4) {
|
|
mdContext->digest[ii] = (unsigned char)(mdContext->buf[i] & 0xFF);
|
|
mdContext->digest[ii+1] =
|
|
(unsigned char)((mdContext->buf[i] >> 8) & 0xFF);
|
|
mdContext->digest[ii+2] =
|
|
(unsigned char)((mdContext->buf[i] >> 16) & 0xFF);
|
|
mdContext->digest[ii+3] =
|
|
(unsigned char)((mdContext->buf[i] >> 24) & 0xFF);
|
|
}
|
|
}
|
|
|
|
/* Basic MD5 step. Transforms buf based on in.
|
|
*/
|
|
static void Transform (UINT4 *buf, UINT4 *in)
|
|
{
|
|
UINT4 a = buf[0], b = buf[1], c = buf[2], d = buf[3];
|
|
|
|
/* Round 1 */
|
|
#define S11 7
|
|
#define S12 12
|
|
#define S13 17
|
|
#define S14 22
|
|
FF ( a, b, c, d, in[ 0], S11, 3614090360); /* 1 */
|
|
FF ( d, a, b, c, in[ 1], S12, 3905402710); /* 2 */
|
|
FF ( c, d, a, b, in[ 2], S13, 606105819); /* 3 */
|
|
FF ( b, c, d, a, in[ 3], S14, 3250441966); /* 4 */
|
|
FF ( a, b, c, d, in[ 4], S11, 4118548399); /* 5 */
|
|
FF ( d, a, b, c, in[ 5], S12, 1200080426); /* 6 */
|
|
FF ( c, d, a, b, in[ 6], S13, 2821735955); /* 7 */
|
|
FF ( b, c, d, a, in[ 7], S14, 4249261313); /* 8 */
|
|
FF ( a, b, c, d, in[ 8], S11, 1770035416); /* 9 */
|
|
FF ( d, a, b, c, in[ 9], S12, 2336552879); /* 10 */
|
|
FF ( c, d, a, b, in[10], S13, 4294925233); /* 11 */
|
|
FF ( b, c, d, a, in[11], S14, 2304563134); /* 12 */
|
|
FF ( a, b, c, d, in[12], S11, 1804603682); /* 13 */
|
|
FF ( d, a, b, c, in[13], S12, 4254626195); /* 14 */
|
|
FF ( c, d, a, b, in[14], S13, 2792965006); /* 15 */
|
|
FF ( b, c, d, a, in[15], S14, 1236535329); /* 16 */
|
|
|
|
/* Round 2 */
|
|
#define S21 5
|
|
#define S22 9
|
|
#define S23 14
|
|
#define S24 20
|
|
GG ( a, b, c, d, in[ 1], S21, 4129170786); /* 17 */
|
|
GG ( d, a, b, c, in[ 6], S22, 3225465664); /* 18 */
|
|
GG ( c, d, a, b, in[11], S23, 643717713); /* 19 */
|
|
GG ( b, c, d, a, in[ 0], S24, 3921069994); /* 20 */
|
|
GG ( a, b, c, d, in[ 5], S21, 3593408605); /* 21 */
|
|
GG ( d, a, b, c, in[10], S22, 38016083); /* 22 */
|
|
GG ( c, d, a, b, in[15], S23, 3634488961); /* 23 */
|
|
GG ( b, c, d, a, in[ 4], S24, 3889429448); /* 24 */
|
|
GG ( a, b, c, d, in[ 9], S21, 568446438); /* 25 */
|
|
GG ( d, a, b, c, in[14], S22, 3275163606); /* 26 */
|
|
GG ( c, d, a, b, in[ 3], S23, 4107603335); /* 27 */
|
|
GG ( b, c, d, a, in[ 8], S24, 1163531501); /* 28 */
|
|
GG ( a, b, c, d, in[13], S21, 2850285829); /* 29 */
|
|
GG ( d, a, b, c, in[ 2], S22, 4243563512); /* 30 */
|
|
GG ( c, d, a, b, in[ 7], S23, 1735328473); /* 31 */
|
|
GG ( b, c, d, a, in[12], S24, 2368359562); /* 32 */
|
|
|
|
/* Round 3 */
|
|
#define S31 4
|
|
#define S32 11
|
|
#define S33 16
|
|
#define S34 23
|
|
HH ( a, b, c, d, in[ 5], S31, 4294588738); /* 33 */
|
|
HH ( d, a, b, c, in[ 8], S32, 2272392833); /* 34 */
|
|
HH ( c, d, a, b, in[11], S33, 1839030562); /* 35 */
|
|
HH ( b, c, d, a, in[14], S34, 4259657740); /* 36 */
|
|
HH ( a, b, c, d, in[ 1], S31, 2763975236); /* 37 */
|
|
HH ( d, a, b, c, in[ 4], S32, 1272893353); /* 38 */
|
|
HH ( c, d, a, b, in[ 7], S33, 4139469664); /* 39 */
|
|
HH ( b, c, d, a, in[10], S34, 3200236656); /* 40 */
|
|
HH ( a, b, c, d, in[13], S31, 681279174); /* 41 */
|
|
HH ( d, a, b, c, in[ 0], S32, 3936430074); /* 42 */
|
|
HH ( c, d, a, b, in[ 3], S33, 3572445317); /* 43 */
|
|
HH ( b, c, d, a, in[ 6], S34, 76029189); /* 44 */
|
|
HH ( a, b, c, d, in[ 9], S31, 3654602809); /* 45 */
|
|
HH ( d, a, b, c, in[12], S32, 3873151461); /* 46 */
|
|
HH ( c, d, a, b, in[15], S33, 530742520); /* 47 */
|
|
HH ( b, c, d, a, in[ 2], S34, 3299628645); /* 48 */
|
|
|
|
/* Round 4 */
|
|
#define S41 6
|
|
#define S42 10
|
|
#define S43 15
|
|
#define S44 21
|
|
II ( a, b, c, d, in[ 0], S41, 4096336452); /* 49 */
|
|
II ( d, a, b, c, in[ 7], S42, 1126891415); /* 50 */
|
|
II ( c, d, a, b, in[14], S43, 2878612391); /* 51 */
|
|
II ( b, c, d, a, in[ 5], S44, 4237533241); /* 52 */
|
|
II ( a, b, c, d, in[12], S41, 1700485571); /* 53 */
|
|
II ( d, a, b, c, in[ 3], S42, 2399980690); /* 54 */
|
|
II ( c, d, a, b, in[10], S43, 4293915773); /* 55 */
|
|
II ( b, c, d, a, in[ 1], S44, 2240044497); /* 56 */
|
|
II ( a, b, c, d, in[ 8], S41, 1873313359); /* 57 */
|
|
II ( d, a, b, c, in[15], S42, 4264355552); /* 58 */
|
|
II ( c, d, a, b, in[ 6], S43, 2734768916); /* 59 */
|
|
II ( b, c, d, a, in[13], S44, 1309151649); /* 60 */
|
|
II ( a, b, c, d, in[ 4], S41, 4149444226); /* 61 */
|
|
II ( d, a, b, c, in[11], S42, 3174756917); /* 62 */
|
|
II ( c, d, a, b, in[ 2], S43, 718787259); /* 63 */
|
|
II ( b, c, d, a, in[ 9], S44, 3951481745); /* 64 */
|
|
|
|
buf[0] += a;
|
|
buf[1] += b;
|
|
buf[2] += c;
|
|
buf[3] += d;
|
|
}
|
|
|
|
/*
|
|
** Function: hmac_md5
|
|
** Stolen and adapted from the sample code of RFC 2104 by Pete Resnick.
|
|
*/
|
|
void
|
|
hmac_md5(text, text_len, key, key_len, digest)
|
|
unsigned char* text; /* pointer to data stream */
|
|
int text_len; /* length of data stream */
|
|
unsigned char* key; /* pointer to authentication key */
|
|
int key_len; /* length of authentication key */
|
|
unsigned char* digest; /* caller digest to be filled in (length is 16) */
|
|
|
|
{
|
|
MD5_CTX context, tctx;
|
|
unsigned char k_ipad[65]; /* inner padding -
|
|
* key XORd with ipad
|
|
*/
|
|
unsigned char k_opad[65]; /* outer padding -
|
|
* key XORd with opad
|
|
*/
|
|
int i;
|
|
/* if key is longer than 64 bytes reset it to key=MD5(key) */
|
|
if (key_len > 64) {
|
|
|
|
MD5Init(&tctx);
|
|
MD5Update(&tctx, key, key_len);
|
|
MD5Final(&tctx);
|
|
|
|
key = &tctx.digest;
|
|
key_len = 16;
|
|
}
|
|
|
|
/*
|
|
* the HMAC_MD5 transform looks like:
|
|
*
|
|
* MD5(K XOR opad, MD5(K XOR ipad, text))
|
|
*
|
|
* where K is an n byte key
|
|
* ipad is the byte 0x36 repeated 64 times
|
|
* opad is the byte 0x5c repeated 64 times
|
|
* and text is the data being protected
|
|
*/
|
|
|
|
/* start out by storing key in pads */
|
|
Zero( k_ipad );
|
|
Zero( k_opad );
|
|
BMD( key, k_ipad, key_len);
|
|
BMD( key, k_opad, key_len);
|
|
|
|
/* XOR key with ipad and opad values */
|
|
for (i=0; i<64; i++) {
|
|
k_ipad[i] ^= 0x36;
|
|
k_opad[i] ^= 0x5c;
|
|
}
|
|
/*
|
|
* perform inner MD5
|
|
*/
|
|
MD5Init(&context); /* init context for 1st
|
|
* pass */
|
|
MD5Update(&context, k_ipad, 64); /* start with inner pad */
|
|
MD5Update(&context, text, text_len); /* then text of datagram */
|
|
MD5Final(&context); /* finish up 1st pass */
|
|
BMD(context.digest, digest, 16); /* Save the digest */
|
|
/*
|
|
* perform outer MD5
|
|
*/
|
|
MD5Init(&context); /* init context for 2nd
|
|
* pass */
|
|
MD5Update(&context, k_opad, 64); /* start with outer pad */
|
|
MD5Update(&context, digest, 16); /* then results of 1st
|
|
* hash */
|
|
MD5Final(&context); /* finish up 2nd pass */
|
|
BMD(context.digest, digest, 16); /* Save the digest */
|
|
}
|
|
|
|
/*
|
|
***********************************************************************
|
|
** End of md5.c **
|
|
******************************** (cut) ********************************
|
|
*/
|