Botan 3.4.0
Crypto and TLS for C&
md5.cpp
Go to the documentation of this file.
1/*
2* MD5
3* (C) 1999-2008 Jack Lloyd
4*
5* Botan is released under the Simplified BSD License (see license.txt)
6*/
7
8#include <botan/internal/md5.h>
9
10#include <botan/internal/bit_ops.h>
11#include <botan/internal/loadstor.h>
12#include <botan/internal/rotate.h>
13#include <botan/internal/stl_util.h>
14
15#include <array>
16
17namespace Botan {
18namespace {
19
20/*
21* MD5 FF Function
22*/
23template <size_t S>
24inline void FF(uint32_t& A, uint32_t B, uint32_t C, uint32_t D, uint32_t M) {
25 A += choose(B, C, D) + M;
26 A = rotl<S>(A) + B;
27}
28
29/*
30* MD5 GG Function
31*/
32template <size_t S>
33inline void GG(uint32_t& A, uint32_t B, uint32_t C, uint32_t D, uint32_t M) {
34 A += choose(D, B, C) + M;
35 A = rotl<S>(A) + B;
36}
37
38/*
39* MD5 HH Function
40*/
41template <size_t S>
42inline void HH(uint32_t& A, uint32_t B, uint32_t C, uint32_t D, uint32_t M) {
43 A += (B ^ C ^ D) + M;
44 A = rotl<S>(A) + B;
45}
46
47/*
48* MD5 II Function
49*/
50template <size_t S>
51inline void II(uint32_t& A, uint32_t B, uint32_t C, uint32_t D, uint32_t M) {
52 // This expr is choose(D, B ^ C, ~C), but that is slower
53 A += (C ^ (B | ~D)) + M;
54 A = rotl<S>(A) + B;
55}
56
57} // namespace
58
59/*
60* MD5 Compression Function
61*/
62void MD5::compress_n(MD5::digest_type& digest, std::span<const uint8_t> input, size_t blocks) {
63 uint32_t A = digest[0], B = digest[1], C = digest[2], D = digest[3];
64 std::array<uint32_t, 16> M;
65
66 BufferSlicer in(input);
67
68 for(size_t i = 0; i != blocks; ++i) {
69 load_le(M.data(), in.take(block_bytes).data(), M.size());
70
71 FF<7>(A, B, C, D, M[0] + 0xD76AA478);
72 FF<12>(D, A, B, C, M[1] + 0xE8C7B756);
73 FF<17>(C, D, A, B, M[2] + 0x242070DB);
74 FF<22>(B, C, D, A, M[3] + 0xC1BDCEEE);
75 FF<7>(A, B, C, D, M[4] + 0xF57C0FAF);
76 FF<12>(D, A, B, C, M[5] + 0x4787C62A);
77 FF<17>(C, D, A, B, M[6] + 0xA8304613);
78 FF<22>(B, C, D, A, M[7] + 0xFD469501);
79 FF<7>(A, B, C, D, M[8] + 0x698098D8);
80 FF<12>(D, A, B, C, M[9] + 0x8B44F7AF);
81 FF<17>(C, D, A, B, M[10] + 0xFFFF5BB1);
82 FF<22>(B, C, D, A, M[11] + 0x895CD7BE);
83 FF<7>(A, B, C, D, M[12] + 0x6B901122);
84 FF<12>(D, A, B, C, M[13] + 0xFD987193);
85 FF<17>(C, D, A, B, M[14] + 0xA679438E);
86 FF<22>(B, C, D, A, M[15] + 0x49B40821);
87
88 GG<5>(A, B, C, D, M[1] + 0xF61E2562);
89 GG<9>(D, A, B, C, M[6] + 0xC040B340);
90 GG<14>(C, D, A, B, M[11] + 0x265E5A51);
91 GG<20>(B, C, D, A, M[0] + 0xE9B6C7AA);
92 GG<5>(A, B, C, D, M[5] + 0xD62F105D);
93 GG<9>(D, A, B, C, M[10] + 0x02441453);
94 GG<14>(C, D, A, B, M[15] + 0xD8A1E681);
95 GG<20>(B, C, D, A, M[4] + 0xE7D3FBC8);
96 GG<5>(A, B, C, D, M[9] + 0x21E1CDE6);
97 GG<9>(D, A, B, C, M[14] + 0xC33707D6);
98 GG<14>(C, D, A, B, M[3] + 0xF4D50D87);
99 GG<20>(B, C, D, A, M[8] + 0x455A14ED);
100 GG<5>(A, B, C, D, M[13] + 0xA9E3E905);
101 GG<9>(D, A, B, C, M[2] + 0xFCEFA3F8);
102 GG<14>(C, D, A, B, M[7] + 0x676F02D9);
103 GG<20>(B, C, D, A, M[12] + 0x8D2A4C8A);
104
105 HH<4>(A, B, C, D, M[5] + 0xFFFA3942);
106 HH<11>(D, A, B, C, M[8] + 0x8771F681);
107 HH<16>(C, D, A, B, M[11] + 0x6D9D6122);
108 HH<23>(B, C, D, A, M[14] + 0xFDE5380C);
109 HH<4>(A, B, C, D, M[1] + 0xA4BEEA44);
110 HH<11>(D, A, B, C, M[4] + 0x4BDECFA9);
111 HH<16>(C, D, A, B, M[7] + 0xF6BB4B60);
112 HH<23>(B, C, D, A, M[10] + 0xBEBFBC70);
113 HH<4>(A, B, C, D, M[13] + 0x289B7EC6);
114 HH<11>(D, A, B, C, M[0] + 0xEAA127FA);
115 HH<16>(C, D, A, B, M[3] + 0xD4EF3085);
116 HH<23>(B, C, D, A, M[6] + 0x04881D05);
117 HH<4>(A, B, C, D, M[9] + 0xD9D4D039);
118 HH<11>(D, A, B, C, M[12] + 0xE6DB99E5);
119 HH<16>(C, D, A, B, M[15] + 0x1FA27CF8);
120 HH<23>(B, C, D, A, M[2] + 0xC4AC5665);
121
122 II<6>(A, B, C, D, M[0] + 0xF4292244);
123 II<10>(D, A, B, C, M[7] + 0x432AFF97);
124 II<15>(C, D, A, B, M[14] + 0xAB9423A7);
125 II<21>(B, C, D, A, M[5] + 0xFC93A039);
126 II<6>(A, B, C, D, M[12] + 0x655B59C3);
127 II<10>(D, A, B, C, M[3] + 0x8F0CCC92);
128 II<15>(C, D, A, B, M[10] + 0xFFEFF47D);
129 II<21>(B, C, D, A, M[1] + 0x85845DD1);
130 II<6>(A, B, C, D, M[8] + 0x6FA87E4F);
131 II<10>(D, A, B, C, M[15] + 0xFE2CE6E0);
132 II<15>(C, D, A, B, M[6] + 0xA3014314);
133 II<21>(B, C, D, A, M[13] + 0x4E0811A1);
134 II<6>(A, B, C, D, M[4] + 0xF7537E82);
135 II<10>(D, A, B, C, M[11] + 0xBD3AF235);
136 II<15>(C, D, A, B, M[2] + 0x2AD7D2BB);
137 II<21>(B, C, D, A, M[9] + 0xEB86D391);
138
139 A = (digest[0] += A);
140 B = (digest[1] += B);
141 C = (digest[2] += C);
142 D = (digest[3] += D);
143 }
144}
145
146void MD5::init(digest_type& digest) {
147 digest.assign({0x67452301, 0xEFCDAB89, 0x98BADCFE, 0x10325476});
148}
149
150std::unique_ptr<HashFunction> MD5::new_object() const {
151 return std::make_unique<MD5>();
152}
153
154std::unique_ptr<HashFunction> MD5::copy_state() const {
155 return std::make_unique<MD5>(*this);
156}
157
158void MD5::add_data(std::span<const uint8_t> input) {
159 m_md.update(input);
160}
161
162void MD5::final_result(std::span<uint8_t> output) {
163 m_md.final(output);
164}
165
166} // namespace Botan
Botan::BufferSlicer::take
std::span< const uint8_t > take(const size_t count)
Definition stl_util.h:156
Botan::MD5::digest_type
secure_vector< uint32_t > digest_type
Definition md5.h:20
Botan::MD5::init
static void init(digest_type &digest)
Definition md5.cpp:146
Botan::MD5::block_bytes
static constexpr size_t block_bytes
Definition md5.h:24
Botan::MD5::compress_n
static void compress_n(digest_type &digest, std::span< const uint8_t > input, size_t blocks)
Definition md5.cpp:62
Botan::MD5::copy_state
std::unique_ptr< HashFunction > copy_state() const override
Definition md5.cpp:154
Botan::MD5::new_object
std::unique_ptr< HashFunction > new_object() const override
Definition md5.cpp:150
Botan::choose
constexpr T choose(T mask, T a, T b)
Definition bit_ops.h:180
Botan::load_le
constexpr auto load_le(ParamTs &&... params)
Definition loadstor.h:462
Generated by doxygen 1.10.0