Botan 3.9.0
Crypto and TLS for C&
md4.cpp
Go to the documentation of this file.
1/*
2* MD4
3* (C) 1999-2007 Jack Lloyd
4*
5* Botan is released under the Simplified BSD License (see license.txt)
6*/
7
8#include <botan/internal/md4.h>
9
10#include <botan/internal/bit_ops.h>
11#include <botan/internal/loadstor.h>
12#include <botan/internal/rotate.h>
13
14namespace Botan {
15
16namespace {
17
18inline void FF4(uint32_t& A, uint32_t& B, uint32_t& C, uint32_t& D, uint32_t M0, uint32_t M1, uint32_t M2, uint32_t M3)
19
20{
21 A += choose(B, C, D) + M0;
22 A = rotl<3>(A);
23
24 D += choose(A, B, C) + M1;
25 D = rotl<7>(D);
26
27 C += choose(D, A, B) + M2;
28 C = rotl<11>(C);
29
30 B += choose(C, D, A) + M3;
31 B = rotl<19>(B);
32}
33
34inline void GG4(uint32_t& A, uint32_t& B, uint32_t& C, uint32_t& D, uint32_t M0, uint32_t M1, uint32_t M2, uint32_t M3)
35
36{
37 /*
38 These are choose(D, B | C, B & C) but the below expression
39 takes advantage of the fact that B & C is a subset of B | C
40 to eliminate an and
41 */
42
43 A += ((B & C) | (D & (B | C))) + M0 + 0x5A827999;
44 A = rotl<3>(A);
45
46 D += ((A & B) | (C & (A | B))) + M1 + 0x5A827999;
47 D = rotl<5>(D);
48
49 C += ((D & A) | (B & (D | A))) + M2 + 0x5A827999;
50 C = rotl<9>(C);
51
52 B += ((C & D) | (A & (C | D))) + M3 + 0x5A827999;
53 B = rotl<13>(B);
54}
55
56inline void HH4(uint32_t& A, uint32_t& B, uint32_t& C, uint32_t& D, uint32_t M0, uint32_t M1, uint32_t M2, uint32_t M3)
57
58{
59 A += (B ^ C ^ D) + M0 + 0x6ED9EBA1;
60 A = rotl<3>(A);
61
62 D += (A ^ B ^ C) + M1 + 0x6ED9EBA1;
63 D = rotl<9>(D);
64
65 C += (A ^ B ^ D) + M2 + 0x6ED9EBA1;
66 C = rotl<11>(C);
67
68 B += (A ^ C ^ D) + M3 + 0x6ED9EBA1;
69 B = rotl<15>(B);
70}
71
72} // namespace
73
74/*
75* MD4 Compression Function
76*/
77void MD4::compress_n(digest_type& digest, std::span<const uint8_t> input, size_t blocks) {
78 uint32_t A = digest[0];
79 uint32_t B = digest[1];
80 uint32_t C = digest[2];
81 uint32_t D = digest[3];
82
83 BufferSlicer in(input);
84
85 std::array<uint32_t, 16> M{};
86
87 for(size_t i = 0; i != blocks; ++i) {
88 load_le(M, in.take<block_bytes>());
89
90 // clang-format off
91
92 FF4(A, B, C, D, M[ 0], M[ 1], M[ 2], M[ 3]);
93 FF4(A, B, C, D, M[ 4], M[ 5], M[ 6], M[ 7]);
94 FF4(A, B, C, D, M[ 8], M[ 9], M[10], M[11]);
95 FF4(A, B, C, D, M[12], M[13], M[14], M[15]);
96
97 GG4(A, B, C, D, M[ 0], M[ 4], M[ 8], M[12]);
98 GG4(A, B, C, D, M[ 1], M[ 5], M[ 9], M[13]);
99 GG4(A, B, C, D, M[ 2], M[ 6], M[10], M[14]);
100 GG4(A, B, C, D, M[ 3], M[ 7], M[11], M[15]);
101
102 HH4(A, B, C, D, M[ 0], M[ 8], M[ 4], M[12]);
103 HH4(A, B, C, D, M[ 2], M[10], M[ 6], M[14]);
104 HH4(A, B, C, D, M[ 1], M[ 9], M[ 5], M[13]);
105 HH4(A, B, C, D, M[ 3], M[11], M[ 7], M[15]);
106
107 // clang-format on
108
109 A = (digest[0] += A);
110 B = (digest[1] += B);
111 C = (digest[2] += C);
112 D = (digest[3] += D);
113 }
114
115 BOTAN_ASSERT_NOMSG(in.empty());
116}
117
118void MD4::init(digest_type& digest) {
119 digest.assign({0x67452301, 0xEFCDAB89, 0x98BADCFE, 0x10325476});
120}
121
122std::unique_ptr<HashFunction> MD4::new_object() const {
123 return std::make_unique<MD4>();
124}
125
126std::unique_ptr<HashFunction> MD4::copy_state() const {
127 return std::make_unique<MD4>(*this);
128}
129
130void MD4::add_data(std::span<const uint8_t> input) {
131 m_md.update(input);
132}
133
134void MD4::final_result(std::span<uint8_t> output) {
135 m_md.final(output);
136}
137
138} // namespace Botan
BOTAN_ASSERT_NOMSG
#define BOTAN_ASSERT_NOMSG(expr)
Definition assert.h:75
Botan::BufferSlicer::empty
bool empty() const
Definition stl_util.h:121
Botan::BufferSlicer::take
std::span< const uint8_t > take(const size_t count)
Definition stl_util.h:90
Botan::MD4::digest_type
secure_vector< uint32_t > digest_type
Definition md4.h:20
Botan::MD4::init
static void init(digest_type &digest)
Definition md4.cpp:118
Botan::MD4::compress_n
static void compress_n(digest_type &digest, std::span< const uint8_t > input, size_t blocks)
Definition md4.cpp:77
Botan::MD4::copy_state
std::unique_ptr< HashFunction > copy_state() const override
Definition md4.cpp:126
Botan::MD4::block_bytes
static constexpr size_t block_bytes
Definition md4.h:24
Botan::MD4::new_object
std::unique_ptr< HashFunction > new_object() const override
Definition md4.cpp:122
Botan::rotl
BOTAN_FORCE_INLINE constexpr T rotl(T input)
Definition rotate.h:23
Botan::choose
BOTAN_FORCE_INLINE constexpr T choose(T mask, T a, T b)
Definition bit_ops.h:196
Botan::load_le
constexpr auto load_le(ParamTs &&... params)
Definition loadstor.h:495
Generated by doxygen 1.14.0