Botan 3.6.1
Crypto and TLS for C&
md5.cpp
Go to the documentation of this file.
1/*
2* MD5
3* (C) 1999-2008 Jack Lloyd
4*
5* Botan is released under the Simplified BSD License (see license.txt)
6*/
7
8#include <botan/internal/md5.h>
9
10#include <botan/internal/bit_ops.h>
11#include <botan/internal/loadstor.h>
12#include <botan/internal/rotate.h>
13#include <botan/internal/stl_util.h>
14
15#include <array>
16
17namespace Botan {
18namespace {
19
20/*
21* MD5 FF Function
22*/
23template <size_t S>
24inline void FF(uint32_t& A, uint32_t B, uint32_t C, uint32_t D, uint32_t M) {
25 A += choose(B, C, D) + M;
26 A = rotl<S>(A) + B;
27}
28
29/*
30* MD5 GG Function
31*/
32template <size_t S>
33inline void GG(uint32_t& A, uint32_t B, uint32_t C, uint32_t D, uint32_t M) {
34 A += choose(D, B, C) + M;
35 A = rotl<S>(A) + B;
36}
37
38/*
39* MD5 HH Function
40*/
41template <size_t S>
42inline void HH(uint32_t& A, uint32_t B, uint32_t C, uint32_t D, uint32_t M) {
43 A += (B ^ C ^ D) + M;
44 A = rotl<S>(A) + B;
45}
46
47/*
48* MD5 II Function
49*/
50template <size_t S>
51inline void II(uint32_t& A, uint32_t B, uint32_t C, uint32_t D, uint32_t M) {
52 // This expr is choose(D, B ^ C, ~C), but that is slower
53 A += (C ^ (B | ~D)) + M;
54 A = rotl<S>(A) + B;
55}
56
57} // namespace
58
59/*
60* MD5 Compression Function
61*/
62void MD5::compress_n(MD5::digest_type& digest, std::span<const uint8_t> input, size_t blocks) {
63 uint32_t A = digest[0], B = digest[1], C = digest[2], D = digest[3];
64 std::array<uint32_t, 16> M;
65
66 BufferSlicer in(input);
67
68 for(size_t i = 0; i != blocks; ++i) {
69 load_le(M, in.take<block_bytes>());
70
71 // clang-format off
72
73 FF< 7>(A, B, C, D, M[ 0] + 0xD76AA478);
74 FF<12>(D, A, B, C, M[ 1] + 0xE8C7B756);
75 FF<17>(C, D, A, B, M[ 2] + 0x242070DB);
76 FF<22>(B, C, D, A, M[ 3] + 0xC1BDCEEE);
77 FF< 7>(A, B, C, D, M[ 4] + 0xF57C0FAF);
78 FF<12>(D, A, B, C, M[ 5] + 0x4787C62A);
79 FF<17>(C, D, A, B, M[ 6] + 0xA8304613);
80 FF<22>(B, C, D, A, M[ 7] + 0xFD469501);
81 FF< 7>(A, B, C, D, M[ 8] + 0x698098D8);
82 FF<12>(D, A, B, C, M[ 9] + 0x8B44F7AF);
83 FF<17>(C, D, A, B, M[10] + 0xFFFF5BB1);
84 FF<22>(B, C, D, A, M[11] + 0x895CD7BE);
85 FF< 7>(A, B, C, D, M[12] + 0x6B901122);
86 FF<12>(D, A, B, C, M[13] + 0xFD987193);
87 FF<17>(C, D, A, B, M[14] + 0xA679438E);
88 FF<22>(B, C, D, A, M[15] + 0x49B40821);
89
90 GG< 5>(A, B, C, D, M[ 1] + 0xF61E2562);
91 GG< 9>(D, A, B, C, M[ 6] + 0xC040B340);
92 GG<14>(C, D, A, B, M[11] + 0x265E5A51);
93 GG<20>(B, C, D, A, M[ 0] + 0xE9B6C7AA);
94 GG< 5>(A, B, C, D, M[ 5] + 0xD62F105D);
95 GG< 9>(D, A, B, C, M[10] + 0x02441453);
96 GG<14>(C, D, A, B, M[15] + 0xD8A1E681);
97 GG<20>(B, C, D, A, M[ 4] + 0xE7D3FBC8);
98 GG< 5>(A, B, C, D, M[ 9] + 0x21E1CDE6);
99 GG< 9>(D, A, B, C, M[14] + 0xC33707D6);
100 GG<14>(C, D, A, B, M[ 3] + 0xF4D50D87);
101 GG<20>(B, C, D, A, M[ 8] + 0x455A14ED);
102 GG< 5>(A, B, C, D, M[13] + 0xA9E3E905);
103 GG< 9>(D, A, B, C, M[ 2] + 0xFCEFA3F8);
104 GG<14>(C, D, A, B, M[ 7] + 0x676F02D9);
105 GG<20>(B, C, D, A, M[12] + 0x8D2A4C8A);
106
107 HH< 4>(A, B, C, D, M[ 5] + 0xFFFA3942);
108 HH<11>(D, A, B, C, M[ 8] + 0x8771F681);
109 HH<16>(C, D, A, B, M[11] + 0x6D9D6122);
110 HH<23>(B, C, D, A, M[14] + 0xFDE5380C);
111 HH< 4>(A, B, C, D, M[ 1] + 0xA4BEEA44);
112 HH<11>(D, A, B, C, M[ 4] + 0x4BDECFA9);
113 HH<16>(C, D, A, B, M[ 7] + 0xF6BB4B60);
114 HH<23>(B, C, D, A, M[10] + 0xBEBFBC70);
115 HH< 4>(A, B, C, D, M[13] + 0x289B7EC6);
116 HH<11>(D, A, B, C, M[ 0] + 0xEAA127FA);
117 HH<16>(C, D, A, B, M[ 3] + 0xD4EF3085);
118 HH<23>(B, C, D, A, M[ 6] + 0x04881D05);
119 HH< 4>(A, B, C, D, M[ 9] + 0xD9D4D039);
120 HH<11>(D, A, B, C, M[12] + 0xE6DB99E5);
121 HH<16>(C, D, A, B, M[15] + 0x1FA27CF8);
122 HH<23>(B, C, D, A, M[ 2] + 0xC4AC5665);
123
124 II< 6>(A, B, C, D, M[ 0] + 0xF4292244);
125 II<10>(D, A, B, C, M[ 7] + 0x432AFF97);
126 II<15>(C, D, A, B, M[14] + 0xAB9423A7);
127 II<21>(B, C, D, A, M[ 5] + 0xFC93A039);
128 II< 6>(A, B, C, D, M[12] + 0x655B59C3);
129 II<10>(D, A, B, C, M[ 3] + 0x8F0CCC92);
130 II<15>(C, D, A, B, M[10] + 0xFFEFF47D);
131 II<21>(B, C, D, A, M[ 1] + 0x85845DD1);
132 II< 6>(A, B, C, D, M[ 8] + 0x6FA87E4F);
133 II<10>(D, A, B, C, M[15] + 0xFE2CE6E0);
134 II<15>(C, D, A, B, M[ 6] + 0xA3014314);
135 II<21>(B, C, D, A, M[13] + 0x4E0811A1);
136 II< 6>(A, B, C, D, M[ 4] + 0xF7537E82);
137 II<10>(D, A, B, C, M[11] + 0xBD3AF235);
138 II<15>(C, D, A, B, M[ 2] + 0x2AD7D2BB);
139 II<21>(B, C, D, A, M[ 9] + 0xEB86D391);
140
141 // clang-format off
142
143 A = (digest[0] += A);
144 B = (digest[1] += B);
145 C = (digest[2] += C);
146 D = (digest[3] += D);
147 }
148}
149
150void MD5::init(digest_type& digest) {
151 digest.assign({0x67452301, 0xEFCDAB89, 0x98BADCFE, 0x10325476});
152}
153
154std::unique_ptr<HashFunction> MD5::new_object() const {
155 return std::make_unique<MD5>();
156}
157
158std::unique_ptr<HashFunction> MD5::copy_state() const {
159 return std::make_unique<MD5>(*this);
160}
161
162void MD5::add_data(std::span<const uint8_t> input) {
163 m_md.update(input);
164}
165
166void MD5::final_result(std::span<uint8_t> output) {
167 m_md.final(output);
168}
169
170} // namespace Botan
Botan::BufferSlicer::take
std::span< const uint8_t > take(const size_t count)
Definition stl_util.h:98
Botan::MD5::digest_type
secure_vector< uint32_t > digest_type
Definition md5.h:20
Botan::MD5::init
static void init(digest_type &digest)
Definition md5.cpp:150
Botan::MD5::block_bytes
static constexpr size_t block_bytes
Definition md5.h:24
Botan::MD5::compress_n
static void compress_n(digest_type &digest, std::span< const uint8_t > input, size_t blocks)
Definition md5.cpp:62
Botan::MD5::copy_state
std::unique_ptr< HashFunction > copy_state() const override
Definition md5.cpp:158
Botan::MD5::new_object
std::unique_ptr< HashFunction > new_object() const override
Definition md5.cpp:154
Botan::rotl
constexpr T rotl(T input)
Definition rotate.h:21
Botan::choose
constexpr T choose(T mask, T a, T b)
Definition bit_ops.h:193
Botan::load_le
constexpr auto load_le(ParamTs &&... params)
Definition loadstor.h:521
Generated by doxygen 1.12.0