reactos/sdk/lib/cryptlib/md4.c

   1 /*
   2  * Copyright (C) 2001 Nikos Mavroyanopoulos
   3  * Copyright (C) 2004 Hans Leidekker
   4  *
   5  * This library is free software; you can redistribute it and/or
   6  * modify it under the terms of the GNU Lesser General Public
   7  * License as published by the Free Software Foundation; either
   8  * version 2.1 of the License, or (at your option) any later version.
   9  *
  10  * This library is distributed in the hope that it will be useful,
  11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  13  * Lesser General Public License for more details.
  14  *
  15  * You should have received a copy of the GNU Lesser General Public
  16  * License along with this library; if not, write to the Free Software
  17  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  18  */
  19
  20 /*
  21  * This code implements the MD4 message-digest algorithm.
  22  * It is based on code in the public domain written by Colin
  23  * Plumb in 1993. The algorithm is due to Ron Rivest.
  24  *
  25  * Equivalent code is available from RSA Data Security, Inc.
  26  * This code has been tested against that, and is equivalent,
  27  * except that you don't need to include two pages of legalese
  28  * with every copy.
  29  *
  30  * To compute the message digest of a chunk of bytes, declare an
  31  * MD4_CTX structure, pass it to MD4Init, call MD4Update as
  32  * needed on buffers full of bytes, and then call MD4Final, which
  33  * will fill a supplied 16-byte array with the digest.
  34  */
  35
  36 #include "md4.h"
  37 #include "util.h"
  38
  39 static void MD4Transform( unsigned int buf[4], unsigned int const in[16] );
  40
  41 /*
  42  * Start MD4 accumulation.  Set bit count to 0 and buffer to mysterious
  43  * initialization constants.
  44  */
  45 VOID NTAPI MD4Init( MD4_CTX *ctx )
  46 {
  47     ctx->buf[0] = 0x67452301;
  48     ctx->buf[1] = 0xefcdab89;
  49     ctx->buf[2] = 0x98badcfe;
  50     ctx->buf[3] = 0x10325476;
  51
  52     ctx->i[0] = ctx->i[1] = 0;
  53 }
  54
  55 /*
  56  * Update context to reflect the concatenation of another buffer full
  57  * of bytes.
  58  */
  59 VOID NTAPI MD4Update( MD4_CTX *ctx, const unsigned char *buf, unsigned int len )
  60 {
  61     register unsigned int t;
  62
  63     /* Update bitcount */
  64     t = ctx->i[0];
  65
  66     if ((ctx->i[0] = t + (len << 3)) < t)
  67         ctx->i[1]++;        /* Carry from low to high */
  68
  69     ctx->i[1] += len >> 29;
  70     t = (t >> 3) & 0x3f;
  71
  72     /* Handle any leading odd-sized chunks */
  73     if (t)
  74     {
  75         unsigned char *p = (unsigned char *)ctx->in + t;
  76         t = 64 - t;
  77
  78         if (len < t)
  79         {
  80             memcpy( p, buf, len );
  81             return;
  82         }
  83
  84         memcpy( p, buf, t );
  85         byteReverse( ctx->in, 16 );
  86
  87         MD4Transform( ctx->buf, (unsigned int *)ctx->in );
  88
  89         buf += t;
  90         len -= t;
  91     }
  92
  93     /* Process data in 64-byte chunks */
  94     while (len >= 64)
  95     {
  96         memcpy( ctx->in, buf, 64 );
  97         byteReverse( ctx->in, 16 );
  98
  99         MD4Transform( ctx->buf, (unsigned int *)ctx->in );
 100
 101         buf += 64;
 102         len -= 64;
 103     }
 104
 105     /* Handle any remaining bytes of data. */
 106     memcpy( ctx->in, buf, len );
 107 }
 108
 109 /*
 110  * Final wrapup - pad to 64-byte boundary with the bit pattern
 111  * 1 0* (64-bit count of bits processed, MSB-first)
 112  */
 113 VOID NTAPI MD4Final( MD4_CTX *ctx )
 114 {
 115     unsigned int count;
 116     unsigned char *p;
 117
 118     /* Compute number of bytes mod 64 */
 119     count = (ctx->i[0] >> 3) & 0x3F;
 120
 121     /* Set the first char of padding to 0x80.  This is safe since there is
 122        always at least one byte free */
 123     p = ctx->in + count;
 124     *p++ = 0x80;
 125
 126     /* Bytes of padding needed to make 64 bytes */
 127     count = 64 - 1 - count;
 128
 129     /* Pad out to 56 mod 64 */
 130     if (count < 8)
 131     {
 132         /* Two lots of padding:  Pad the first block to 64 bytes */
 133         memset( p, 0, count );
 134         byteReverse( ctx->in, 16 );
 135         MD4Transform( ctx->buf, (unsigned int *)ctx->in );
 136
 137         /* Now fill the next block with 56 bytes */
 138         memset( ctx->in, 0, 56 );
 139     }
 140     else
 141     {
 142         /* Pad block to 56 bytes */
 143         memset( p, 0, count - 8 );
 144     }
 145
 146     byteReverse( ctx->in, 14 );
 147
 148     /* Append length in bits and transform */
 149     ((unsigned int *)ctx->in)[14] = ctx->i[0];
 150     ((unsigned int *)ctx->in)[15] = ctx->i[1];
 151
 152     MD4Transform( ctx->buf, (unsigned int *)ctx->in );
 153     byteReverse( (unsigned char *)ctx->buf, 4 );
 154     memcpy( ctx->digest, ctx->buf, 16 );
 155 }
 156
 157 /* The three core functions */
 158
 159 #define rotl32(x,n)  (((x) << ((unsigned int)(n))) | ((x) >> (32 - (unsigned int)(n))))
 160
 161 #define F( x, y, z ) (((x) & (y)) | ((~x) & (z)))
 162 #define G( x, y, z ) (((x) & (y)) | ((x) & (z)) | ((y) & (z)))
 163 #define H( x, y, z ) ((x) ^ (y) ^ (z))
 164
 165 #define FF( a, b, c, d, x, s ) { \
 166     (a) += F( (b), (c), (d) ) + (x); \
 167     (a) = rotl32( (a), (s) ); \
 168   }
 169 #define GG( a, b, c, d, x, s ) { \
 170     (a) += G( (b), (c), (d) ) + (x) + (unsigned int)0x5a827999; \
 171     (a) = rotl32( (a), (s) ); \
 172   }
 173 #define HH( a, b, c, d, x, s ) { \
 174     (a) += H( (b), (c), (d) ) + (x) + (unsigned int)0x6ed9eba1; \
 175     (a) = rotl32( (a), (s) ); \
 176   }
 177
 178 /*
 179  * The core of the MD4 algorithm
 180  */
 181 static void MD4Transform( unsigned int buf[4], const unsigned int in[16] )
 182 {
 183     register unsigned int a, b, c, d;
 184
 185     a = buf[0];
 186     b = buf[1];
 187     c = buf[2];
 188     d = buf[3];
 189
 190     FF( a, b, c, d, in[0], 3 );
 191     FF( d, a, b, c, in[1], 7 );
 192     FF( c, d, a, b, in[2], 11 );
 193     FF( b, c, d, a, in[3], 19 );
 194     FF( a, b, c, d, in[4], 3 );
 195     FF( d, a, b, c, in[5], 7 );
 196     FF( c, d, a, b, in[6], 11 );
 197     FF( b, c, d, a, in[7], 19 );
 198     FF( a, b, c, d, in[8], 3 );
 199     FF( d, a, b, c, in[9], 7 );
 200     FF( c, d, a, b, in[10], 11 );
 201     FF( b, c, d, a, in[11], 19 );
 202     FF( a, b, c, d, in[12], 3 );
 203     FF( d, a, b, c, in[13], 7 );
 204     FF( c, d, a, b, in[14], 11 );
 205     FF( b, c, d, a, in[15], 19 );
 206
 207     GG( a, b, c, d, in[0], 3 );
 208     GG( d, a, b, c, in[4], 5 );
 209     GG( c, d, a, b, in[8], 9 );
 210     GG( b, c, d, a, in[12], 13 );
 211     GG( a, b, c, d, in[1], 3 );
 212     GG( d, a, b, c, in[5], 5 );
 213     GG( c, d, a, b, in[9], 9 );
 214     GG( b, c, d, a, in[13], 13 );
 215     GG( a, b, c, d, in[2], 3 );
 216     GG( d, a, b, c, in[6], 5 );
 217     GG( c, d, a, b, in[10], 9 );
 218     GG( b, c, d, a, in[14], 13 );
 219     GG( a, b, c, d, in[3], 3 );
 220     GG( d, a, b, c, in[7], 5 );
 221     GG( c, d, a, b, in[11], 9 );
 222     GG( b, c, d, a, in[15], 13 );
 223
 224     HH( a, b, c, d, in[0], 3 );
 225     HH( d, a, b, c, in[8], 9 );
 226     HH( c, d, a, b, in[4], 11 );
 227     HH( b, c, d, a, in[12], 15 );
 228     HH( a, b, c, d, in[2], 3 );
 229     HH( d, a, b, c, in[10], 9 );
 230     HH( c, d, a, b, in[6], 11 );
 231     HH( b, c, d, a, in[14], 15 );
 232     HH( a, b, c, d, in[1], 3 );
 233     HH( d, a, b, c, in[9], 9 );
 234     HH( c, d, a, b, in[5], 11 );
 235     HH( b, c, d, a, in[13], 15 );
 236     HH( a, b, c, d, in[3], 3 );
 237     HH( d, a, b, c, in[11], 9 );
 238     HH( c, d, a, b, in[7], 11 );
 239     HH( b, c, d, a, in[15], 15 );
 240
 241     buf[0] += a;
 242     buf[1] += b;
 243     buf[2] += c;
 244     buf[3] += d;
 245 }
 246