Botan  2.1.0
Crypto and TLS for C++11
md5.cpp
Go to the documentation of this file.
1 /*
2 * MD5
3 * (C) 1999-2008 Jack Lloyd
4 *
5 * Botan is released under the Simplified BSD License (see license.txt)
6 */
7 
8 #include <botan/md5.h>
9 
10 namespace Botan {
11 
12 namespace {
13 
14 /*
15 * MD5 FF Function
16 */
17 inline void FF(uint32_t& A, uint32_t B, uint32_t C, uint32_t D, uint32_t msg,
18  uint8_t S, uint32_t magic)
19  {
20  A += (D ^ (B & (C ^ D))) + msg + magic;
21  A = rotate_left(A, S) + B;
22  }
23 
24 /*
25 * MD5 GG Function
26 */
27 inline void GG(uint32_t& A, uint32_t B, uint32_t C, uint32_t D, uint32_t msg,
28  uint8_t S, uint32_t magic)
29  {
30  A += (C ^ (D & (B ^ C))) + msg + magic;
31  A = rotate_left(A, S) + B;
32  }
33 
34 /*
35 * MD5 HH Function
36 */
37 inline void HH(uint32_t& A, uint32_t B, uint32_t C, uint32_t D, uint32_t msg,
38  uint8_t S, uint32_t magic)
39  {
40  A += (B ^ C ^ D) + msg + magic;
41  A = rotate_left(A, S) + B;
42  }
43 
44 /*
45 * MD5 II Function
46 */
47 inline void II(uint32_t& A, uint32_t B, uint32_t C, uint32_t D, uint32_t msg,
48  uint8_t S, uint32_t magic)
49  {
50  A += (C ^ (B | ~D)) + msg + magic;
51  A = rotate_left(A, S) + B;
52  }
53 
54 }
55 
56 /*
57 * MD5 Compression Function
58 */
59 void MD5::compress_n(const uint8_t input[], size_t blocks)
60  {
61  uint32_t A = m_digest[0], B = m_digest[1], C = m_digest[2], D = m_digest[3];
62 
63  for(size_t i = 0; i != blocks; ++i)
64  {
65  load_le(m_M.data(), input, m_M.size());
66 
67  FF(A,B,C,D,m_M[ 0], 7,0xD76AA478); FF(D,A,B,C,m_M[ 1],12,0xE8C7B756);
68  FF(C,D,A,B,m_M[ 2],17,0x242070DB); FF(B,C,D,A,m_M[ 3],22,0xC1BDCEEE);
69  FF(A,B,C,D,m_M[ 4], 7,0xF57C0FAF); FF(D,A,B,C,m_M[ 5],12,0x4787C62A);
70  FF(C,D,A,B,m_M[ 6],17,0xA8304613); FF(B,C,D,A,m_M[ 7],22,0xFD469501);
71  FF(A,B,C,D,m_M[ 8], 7,0x698098D8); FF(D,A,B,C,m_M[ 9],12,0x8B44F7AF);
72  FF(C,D,A,B,m_M[10],17,0xFFFF5BB1); FF(B,C,D,A,m_M[11],22,0x895CD7BE);
73  FF(A,B,C,D,m_M[12], 7,0x6B901122); FF(D,A,B,C,m_M[13],12,0xFD987193);
74  FF(C,D,A,B,m_M[14],17,0xA679438E); FF(B,C,D,A,m_M[15],22,0x49B40821);
75 
76  GG(A,B,C,D,m_M[ 1], 5,0xF61E2562); GG(D,A,B,C,m_M[ 6], 9,0xC040B340);
77  GG(C,D,A,B,m_M[11],14,0x265E5A51); GG(B,C,D,A,m_M[ 0],20,0xE9B6C7AA);
78  GG(A,B,C,D,m_M[ 5], 5,0xD62F105D); GG(D,A,B,C,m_M[10], 9,0x02441453);
79  GG(C,D,A,B,m_M[15],14,0xD8A1E681); GG(B,C,D,A,m_M[ 4],20,0xE7D3FBC8);
80  GG(A,B,C,D,m_M[ 9], 5,0x21E1CDE6); GG(D,A,B,C,m_M[14], 9,0xC33707D6);
81  GG(C,D,A,B,m_M[ 3],14,0xF4D50D87); GG(B,C,D,A,m_M[ 8],20,0x455A14ED);
82  GG(A,B,C,D,m_M[13], 5,0xA9E3E905); GG(D,A,B,C,m_M[ 2], 9,0xFCEFA3F8);
83  GG(C,D,A,B,m_M[ 7],14,0x676F02D9); GG(B,C,D,A,m_M[12],20,0x8D2A4C8A);
84 
85  HH(A,B,C,D,m_M[ 5], 4,0xFFFA3942); HH(D,A,B,C,m_M[ 8],11,0x8771F681);
86  HH(C,D,A,B,m_M[11],16,0x6D9D6122); HH(B,C,D,A,m_M[14],23,0xFDE5380C);
87  HH(A,B,C,D,m_M[ 1], 4,0xA4BEEA44); HH(D,A,B,C,m_M[ 4],11,0x4BDECFA9);
88  HH(C,D,A,B,m_M[ 7],16,0xF6BB4B60); HH(B,C,D,A,m_M[10],23,0xBEBFBC70);
89  HH(A,B,C,D,m_M[13], 4,0x289B7EC6); HH(D,A,B,C,m_M[ 0],11,0xEAA127FA);
90  HH(C,D,A,B,m_M[ 3],16,0xD4EF3085); HH(B,C,D,A,m_M[ 6],23,0x04881D05);
91  HH(A,B,C,D,m_M[ 9], 4,0xD9D4D039); HH(D,A,B,C,m_M[12],11,0xE6DB99E5);
92  HH(C,D,A,B,m_M[15],16,0x1FA27CF8); HH(B,C,D,A,m_M[ 2],23,0xC4AC5665);
93 
94  II(A,B,C,D,m_M[ 0], 6,0xF4292244); II(D,A,B,C,m_M[ 7],10,0x432AFF97);
95  II(C,D,A,B,m_M[14],15,0xAB9423A7); II(B,C,D,A,m_M[ 5],21,0xFC93A039);
96  II(A,B,C,D,m_M[12], 6,0x655B59C3); II(D,A,B,C,m_M[ 3],10,0x8F0CCC92);
97  II(C,D,A,B,m_M[10],15,0xFFEFF47D); II(B,C,D,A,m_M[ 1],21,0x85845DD1);
98  II(A,B,C,D,m_M[ 8], 6,0x6FA87E4F); II(D,A,B,C,m_M[15],10,0xFE2CE6E0);
99  II(C,D,A,B,m_M[ 6],15,0xA3014314); II(B,C,D,A,m_M[13],21,0x4E0811A1);
100  II(A,B,C,D,m_M[ 4], 6,0xF7537E82); II(D,A,B,C,m_M[11],10,0xBD3AF235);
101  II(C,D,A,B,m_M[ 2],15,0x2AD7D2BB); II(B,C,D,A,m_M[ 9],21,0xEB86D391);
102 
103  A = (m_digest[0] += A);
104  B = (m_digest[1] += B);
105  C = (m_digest[2] += C);
106  D = (m_digest[3] += D);
107 
108  input += hash_block_size();
109  }
110  }
111 
112 /*
113 * Copy out the digest
114 */
115 void MD5::copy_out(uint8_t output[])
116  {
117  copy_out_vec_le(output, output_length(), m_digest);
118  }
119 
120 /*
121 * Clear memory of sensitive data
122 */
124  {
126  zeroise(m_M);
127  m_digest[0] = 0x67452301;
128  m_digest[1] = 0xEFCDAB89;
129  m_digest[2] = 0x98BADCFE;
130  m_digest[3] = 0x10325476;
131  }
132 
133 }
void clear() override
Definition: md5.cpp:123
void clear() override
Definition: mdx_hash.cpp:32
T rotate_left(T input, size_t rot)
Definition: rotate.h:21
size_t hash_block_size() const override
Definition: mdx_hash.h:32
size_t output_length() const override
Definition: md5.h:22
T load_le(const uint8_t in[], size_t off)
Definition: loadstor.h:129
Definition: alg_id.cpp:13
void compress_n(const uint8_t[], size_t blocks) override
Definition: md5.cpp:59
void zeroise(std::vector< T, Alloc > &vec)
Definition: secmem.h:211
void copy_out_vec_le(uint8_t out[], size_t out_bytes, const std::vector< T, Alloc > &in)
Definition: loadstor.h:697
void copy_out(uint8_t[]) override
Definition: md5.cpp:115