Botan 3.9.0
Crypto and TLS for C&
md5.cpp
Go to the documentation of this file.
1/*
2* MD5
3* (C) 1999-2008 Jack Lloyd
4*
5* Botan is released under the Simplified BSD License (see license.txt)
6*/
7
8#include <botan/internal/md5.h>
9
10#include <botan/internal/bit_ops.h>
11#include <botan/internal/loadstor.h>
12#include <botan/internal/rotate.h>
13#include <botan/internal/stl_util.h>
14
15#include <array>
16
17namespace Botan {
18namespace {
19
20/*
21* MD5 FF Function
22*/
23template <size_t S>
24inline void FF(uint32_t& A, uint32_t B, uint32_t C, uint32_t D, uint32_t M) {
25 A += choose(B, C, D) + M;
26 A = rotl<S>(A) + B;
27}
28
29/*
30* MD5 GG Function
31*/
32template <size_t S>
33inline void GG(uint32_t& A, uint32_t B, uint32_t C, uint32_t D, uint32_t M) {
34 A += choose(D, B, C) + M;
35 A = rotl<S>(A) + B;
36}
37
38/*
39* MD5 HH Function
40*/
41template <size_t S>
42inline void HH(uint32_t& A, uint32_t B, uint32_t C, uint32_t D, uint32_t M) {
43 A += (B ^ C ^ D) + M;
44 A = rotl<S>(A) + B;
45}
46
47/*
48* MD5 II Function
49*/
50template <size_t S>
51inline void II(uint32_t& A, uint32_t B, uint32_t C, uint32_t D, uint32_t M) {
52 // This expr is choose(D, B ^ C, ~C), but that is slower
53 A += (C ^ (B | ~D)) + M;
54 A = rotl<S>(A) + B;
55}
56
57} // namespace
58
59/*
60* MD5 Compression Function
61*/
62void MD5::compress_n(MD5::digest_type& digest, std::span<const uint8_t> input, size_t blocks) {
63 uint32_t A = digest[0];
64 uint32_t B = digest[1];
65 uint32_t C = digest[2];
66 uint32_t D = digest[3];
67 std::array<uint32_t, 16> M{};
68
69 BufferSlicer in(input);
70
71 for(size_t i = 0; i != blocks; ++i) {
72 load_le(M, in.take<block_bytes>());
73
74 // clang-format off
75
76 FF< 7>(A, B, C, D, M[ 0] + 0xD76AA478);
77 FF<12>(D, A, B, C, M[ 1] + 0xE8C7B756);
78 FF<17>(C, D, A, B, M[ 2] + 0x242070DB);
79 FF<22>(B, C, D, A, M[ 3] + 0xC1BDCEEE);
80 FF< 7>(A, B, C, D, M[ 4] + 0xF57C0FAF);
81 FF<12>(D, A, B, C, M[ 5] + 0x4787C62A);
82 FF<17>(C, D, A, B, M[ 6] + 0xA8304613);
83 FF<22>(B, C, D, A, M[ 7] + 0xFD469501);
84 FF< 7>(A, B, C, D, M[ 8] + 0x698098D8);
85 FF<12>(D, A, B, C, M[ 9] + 0x8B44F7AF);
86 FF<17>(C, D, A, B, M[10] + 0xFFFF5BB1);
87 FF<22>(B, C, D, A, M[11] + 0x895CD7BE);
88 FF< 7>(A, B, C, D, M[12] + 0x6B901122);
89 FF<12>(D, A, B, C, M[13] + 0xFD987193);
90 FF<17>(C, D, A, B, M[14] + 0xA679438E);
91 FF<22>(B, C, D, A, M[15] + 0x49B40821);
92
93 GG< 5>(A, B, C, D, M[ 1] + 0xF61E2562);
94 GG< 9>(D, A, B, C, M[ 6] + 0xC040B340);
95 GG<14>(C, D, A, B, M[11] + 0x265E5A51);
96 GG<20>(B, C, D, A, M[ 0] + 0xE9B6C7AA);
97 GG< 5>(A, B, C, D, M[ 5] + 0xD62F105D);
98 GG< 9>(D, A, B, C, M[10] + 0x02441453);
99 GG<14>(C, D, A, B, M[15] + 0xD8A1E681);
100 GG<20>(B, C, D, A, M[ 4] + 0xE7D3FBC8);
101 GG< 5>(A, B, C, D, M[ 9] + 0x21E1CDE6);
102 GG< 9>(D, A, B, C, M[14] + 0xC33707D6);
103 GG<14>(C, D, A, B, M[ 3] + 0xF4D50D87);
104 GG<20>(B, C, D, A, M[ 8] + 0x455A14ED);
105 GG< 5>(A, B, C, D, M[13] + 0xA9E3E905);
106 GG< 9>(D, A, B, C, M[ 2] + 0xFCEFA3F8);
107 GG<14>(C, D, A, B, M[ 7] + 0x676F02D9);
108 GG<20>(B, C, D, A, M[12] + 0x8D2A4C8A);
109
110 HH< 4>(A, B, C, D, M[ 5] + 0xFFFA3942);
111 HH<11>(D, A, B, C, M[ 8] + 0x8771F681);
112 HH<16>(C, D, A, B, M[11] + 0x6D9D6122);
113 HH<23>(B, C, D, A, M[14] + 0xFDE5380C);
114 HH< 4>(A, B, C, D, M[ 1] + 0xA4BEEA44);
115 HH<11>(D, A, B, C, M[ 4] + 0x4BDECFA9);
116 HH<16>(C, D, A, B, M[ 7] + 0xF6BB4B60);
117 HH<23>(B, C, D, A, M[10] + 0xBEBFBC70);
118 HH< 4>(A, B, C, D, M[13] + 0x289B7EC6);
119 HH<11>(D, A, B, C, M[ 0] + 0xEAA127FA);
120 HH<16>(C, D, A, B, M[ 3] + 0xD4EF3085);
121 HH<23>(B, C, D, A, M[ 6] + 0x04881D05);
122 HH< 4>(A, B, C, D, M[ 9] + 0xD9D4D039);
123 HH<11>(D, A, B, C, M[12] + 0xE6DB99E5);
124 HH<16>(C, D, A, B, M[15] + 0x1FA27CF8);
125 HH<23>(B, C, D, A, M[ 2] + 0xC4AC5665);
126
127 II< 6>(A, B, C, D, M[ 0] + 0xF4292244);
128 II<10>(D, A, B, C, M[ 7] + 0x432AFF97);
129 II<15>(C, D, A, B, M[14] + 0xAB9423A7);
130 II<21>(B, C, D, A, M[ 5] + 0xFC93A039);
131 II< 6>(A, B, C, D, M[12] + 0x655B59C3);
132 II<10>(D, A, B, C, M[ 3] + 0x8F0CCC92);
133 II<15>(C, D, A, B, M[10] + 0xFFEFF47D);
134 II<21>(B, C, D, A, M[ 1] + 0x85845DD1);
135 II< 6>(A, B, C, D, M[ 8] + 0x6FA87E4F);
136 II<10>(D, A, B, C, M[15] + 0xFE2CE6E0);
137 II<15>(C, D, A, B, M[ 6] + 0xA3014314);
138 II<21>(B, C, D, A, M[13] + 0x4E0811A1);
139 II< 6>(A, B, C, D, M[ 4] + 0xF7537E82);
140 II<10>(D, A, B, C, M[11] + 0xBD3AF235);
141 II<15>(C, D, A, B, M[ 2] + 0x2AD7D2BB);
142 II<21>(B, C, D, A, M[ 9] + 0xEB86D391);
143
144 // clang-format off
145
146 A = (digest[0] += A);
147 B = (digest[1] += B);
148 C = (digest[2] += C);
149 D = (digest[3] += D);
150 }
151}
152
153void MD5::init(digest_type& digest) {
154 digest.assign({0x67452301, 0xEFCDAB89, 0x98BADCFE, 0x10325476});
155}
156
157std::unique_ptr<HashFunction> MD5::new_object() const {
158 return std::make_unique<MD5>();
159}
160
161std::unique_ptr<HashFunction> MD5::copy_state() const {
162 return std::make_unique<MD5>(*this);
163}
164
165void MD5::add_data(std::span<const uint8_t> input) {
166 m_md.update(input);
167}
168
169void MD5::final_result(std::span<uint8_t> output) {
170 m_md.final(output);
171}
172
173} // namespace Botan
Botan::BufferSlicer::take
std::span< const uint8_t > take(const size_t count)
Definition stl_util.h:90
Botan::MD5::digest_type
secure_vector< uint32_t > digest_type
Definition md5.h:20
Botan::MD5::init
static void init(digest_type &digest)
Definition md5.cpp:153
Botan::MD5::block_bytes
static constexpr size_t block_bytes
Definition md5.h:24
Botan::MD5::compress_n
static void compress_n(digest_type &digest, std::span< const uint8_t > input, size_t blocks)
Definition md5.cpp:62
Botan::MD5::copy_state
std::unique_ptr< HashFunction > copy_state() const override
Definition md5.cpp:161
Botan::MD5::new_object
std::unique_ptr< HashFunction > new_object() const override
Definition md5.cpp:157
Botan::rotl
BOTAN_FORCE_INLINE constexpr T rotl(T input)
Definition rotate.h:23
Botan::choose
BOTAN_FORCE_INLINE constexpr T choose(T mask, T a, T b)
Definition bit_ops.h:196
Botan::load_le
constexpr auto load_le(ParamTs &&... params)
Definition loadstor.h:495
Generated by doxygen 1.14.0