1// Licensed to the .NET Foundation under one or more agreements.
2// The .NET Foundation licenses this file to you under the MIT license.
3// See the LICENSE file in the project root for more information.
4//
5// md5.cpp
6//
7
8//
9
10#include "stdafx.h"
11
12#include <stdlib.h>
13#include "stdmacros.h"
14#include "md5.h"
15#include "contract.h"
16
17void MD5::Init(BOOL fConstructed)
18 {
19 STATIC_CONTRACT_NOTHROW;
20 STATIC_CONTRACT_GC_NOTRIGGER;
21
22 // These two fields are read only, and so initialization thereof can be
23 // omitted on the second and subsequent hashes using this same instance.
24 //
25 if (!fConstructed)
26 {
27 memset(m_padding, 0, 64);
28 m_padding[0]=0x80;
29 }
30
31 m_cbitHashed = 0;
32 m_cbData = 0;
33 u.m_a = 0x67452301; // magic
34 u.m_b = 0xefcdab89; // ... constants
35 u.m_c = 0x98badcfe; // ... per
36 u.m_d = 0x10325476; // .. RFC1321
37 }
38
39
40void MD5::HashMore(const void* pvInput, ULONG cbInput)
41// Hash the additional data into the state
42 {
43 STATIC_CONTRACT_NOTHROW;
44 STATIC_CONTRACT_GC_NOTRIGGER;
45
46 const BYTE* pbInput = (const BYTE*)pvInput;
47
48 m_cbitHashed += (((ULONGLONG)cbInput) <<3);
49
50 ULONG cbRemaining = 64 - m_cbData;
51 if (cbInput < cbRemaining)
52 {
53 // It doesn't fill up the buffer, so just store it
54 memcpy(&m_data[m_cbData], pbInput, cbInput);
55 m_cbData += cbInput;
56 }
57 else
58 {
59 // It does fill up the buffer. Fill up all that it will take
60 memcpy(&m_data[m_cbData], pbInput, cbRemaining);
61
62 // Hash the now-full buffer
63 MD5Transform(m_state, (ULONG*)&m_data[0]);
64#ifdef _PREFAST_
65#pragma warning(push)
66#pragma warning(disable:22019) // Suppress this OACR warning 22019:
67 // 'cbInput-=cbRemaining' may be greater than 'cbInput'. This can be caused by integer underflow.
68 // This could yield an incorrect loop index 'cbInput>=64'
69 // We only enter the else clause here if cbInput >= cbRemaining
70#endif
71 cbInput -= cbRemaining;
72#ifdef _PREFAST_
73#pragma warning(pop)
74#endif
75 pbInput += cbRemaining;
76
77 // Hash the data in 64-byte runs, starting just after what we've copied
78 while (cbInput >= 64)
79 {
80 if (IS_ALIGNED(pbInput, sizeof(ULONG)))
81 {
82 MD5Transform(m_state, (ULONG*)pbInput);
83 }
84 else
85 {
86 ULONG inputCopy[64 / sizeof(ULONG)];
87 memcpy(inputCopy, pbInput, sizeof(inputCopy));
88 MD5Transform(m_state, inputCopy);
89 }
90 pbInput += 64;
91 cbInput -= 64;
92 }
93
94 // Store the tail of the input into the buffer
95 memcpy(&m_data[0], pbInput, cbInput);
96 m_cbData = cbInput;
97 }
98 }
99
100
101void MD5::GetHashValue(MD5HASHDATA* phash)
102// Finalize the hash by appending the necessary padding and length count. Then
103// return the final hash value.
104 {
105 STATIC_CONTRACT_NOTHROW;
106 STATIC_CONTRACT_GC_NOTRIGGER;
107
108 union {
109 ULONGLONG cbitHashed;
110 BYTE rgb[8];
111 }u;
112
113 // Remember how many bits there were in the input data
114 u.cbitHashed = m_cbitHashed;
115
116 // Calculate amount of padding needed. Enough so total byte count hashed is 56 mod 64
117 ULONG cbPad = (m_cbData < 56 ? 56-m_cbData : 120-m_cbData);
118
119 // Hash the padding
120 HashMore(&m_padding[0], cbPad);
121
122 // Hash the (before padding) bit length
123 HashMore(&u.rgb[0], 8);
124
125 // Return the hash value
126 memcpy(phash, &this->u.m_a, 16);
127 }
128
129
130
131
132 ////////////////////////////////////////////////////////////////
133 //
134 // ROTATE_LEFT should be a macro that updates its first operand
135 // with its present value rotated left by the amount of its
136 // second operand, which is always a constant.
137 //
138 // One way to portably do it would be
139 //
140 // #define ROL(x, n) (((x) << (n)) | ((x) >> (32-(n))))
141 // #define ROTATE_LEFT(x,n) (x) = ROL(x,n)
142 //
143 // but our compiler has an intrinsic!
144
145 #if (defined(_X86_) || defined(_ARM_)) && defined(PLATFORM_UNIX)
146 #define ROL(x, n) (((x) << (n)) | ((x) >> (32-(n))))
147 #define ROTATE_LEFT(x,n) (x) = ROL(x,n)
148 #else
149 #define ROTATE_LEFT(x,n) (x) = _lrotl(x,n)
150 #endif
151
152 ////////////////////////////////////////////////////////////////
153 //
154 // Constants used in each of the various rounds
155
156 #define MD5_S11 7
157 #define MD5_S12 12
158 #define MD5_S13 17
159 #define MD5_S14 22
160 #define MD5_S21 5
161 #define MD5_S22 9
162 #define MD5_S23 14
163 #define MD5_S24 20
164 #define MD5_S31 4
165 #define MD5_S32 11
166 #define MD5_S33 16
167 #define MD5_S34 23
168 #define MD5_S41 6
169 #define MD5_S42 10
170 #define MD5_S43 15
171 #define MD5_S44 21
172
173 ////////////////////////////////////////////////////////////////
174 //
175 // The core twiddle functions
176
177// #define F(x, y, z) (((x) & (y)) | ((~x) & (z))) // the function per the standard
178 #define F(x, y, z) ((((z) ^ (y)) & (x)) ^ (z)) // an alternate encoding
179
180// #define G(x, y, z) (((x) & (z)) | ((y) & (~z))) // the function per the standard
181 #define G(x, y, z) ((((x) ^ (y)) & (z)) ^ (y)) // an alternate encoding
182
183 #define H(x, y, z) ((x) ^ (y) ^ (z))
184
185 #define I(x, y, z) ((y) ^ ((x) | (~z)))
186
187 #define AC(ac) ((ULONG)(ac))
188
189 ////////////////////////////////////////////////////////////////
190
191 #define FF(a, b, c, d, x, s, ac) { \
192 (a) += F (b,c,d) + (x) + (AC(ac)); \
193 ROTATE_LEFT (a, s); \
194 (a) += (b); \
195 }
196
197 ////////////////////////////////////////////////////////////////
198
199 #define GG(a, b, c, d, x, s, ac) { \
200 (a) += G (b,c,d) + (x) + (AC(ac)); \
201 ROTATE_LEFT (a, s); \
202 (a) += (b); \
203 }
204
205 ////////////////////////////////////////////////////////////////
206
207 #define HH(a, b, c, d, x, s, ac) { \
208 (a) += H (b,c,d) + (x) + (AC(ac)); \
209 ROTATE_LEFT (a, s); \
210 (a) += (b); \
211 }
212
213 ////////////////////////////////////////////////////////////////
214
215 #define II(a, b, c, d, x, s, ac) { \
216 (a) += I (b,c,d) + (x) + (AC(ac)); \
217 ROTATE_LEFT (a, s); \
218 (a) += (b); \
219 }
220
221 void __stdcall MD5Transform(ULONG state[4], const ULONG* data)
222 {
223 STATIC_CONTRACT_NOTHROW;
224 STATIC_CONTRACT_GC_NOTRIGGER;
225
226 _ASSERTE(IS_ALIGNED(data, sizeof(ULONG)));
227
228 ULONG a=state[0];
229 ULONG b=state[1];
230 ULONG c=state[2];
231 ULONG d=state[3];
232
233 // Round 1
234 FF (a, b, c, d, data[ 0], MD5_S11, 0xd76aa478); // 1
235 FF (d, a, b, c, data[ 1], MD5_S12, 0xe8c7b756); // 2
236 FF (c, d, a, b, data[ 2], MD5_S13, 0x242070db); // 3
237 FF (b, c, d, a, data[ 3], MD5_S14, 0xc1bdceee); // 4
238 FF (a, b, c, d, data[ 4], MD5_S11, 0xf57c0faf); // 5
239 FF (d, a, b, c, data[ 5], MD5_S12, 0x4787c62a); // 6
240 FF (c, d, a, b, data[ 6], MD5_S13, 0xa8304613); // 7
241 FF (b, c, d, a, data[ 7], MD5_S14, 0xfd469501); // 8
242 FF (a, b, c, d, data[ 8], MD5_S11, 0x698098d8); // 9
243 FF (d, a, b, c, data[ 9], MD5_S12, 0x8b44f7af); // 10
244 FF (c, d, a, b, data[10], MD5_S13, 0xffff5bb1); // 11
245 FF (b, c, d, a, data[11], MD5_S14, 0x895cd7be); // 12
246 FF (a, b, c, d, data[12], MD5_S11, 0x6b901122); // 13
247 FF (d, a, b, c, data[13], MD5_S12, 0xfd987193); // 14
248 FF (c, d, a, b, data[14], MD5_S13, 0xa679438e); // 15
249 FF (b, c, d, a, data[15], MD5_S14, 0x49b40821); // 16
250
251 // Round 2
252 GG (a, b, c, d, data[ 1], MD5_S21, 0xf61e2562); // 17
253 GG (d, a, b, c, data[ 6], MD5_S22, 0xc040b340); // 18
254 GG (c, d, a, b, data[11], MD5_S23, 0x265e5a51); // 19
255 GG (b, c, d, a, data[ 0], MD5_S24, 0xe9b6c7aa); // 20
256 GG (a, b, c, d, data[ 5], MD5_S21, 0xd62f105d); // 21
257 GG (d, a, b, c, data[10], MD5_S22, 0x2441453); // 22
258 GG (c, d, a, b, data[15], MD5_S23, 0xd8a1e681); // 23
259 GG (b, c, d, a, data[ 4], MD5_S24, 0xe7d3fbc8); // 24
260 GG (a, b, c, d, data[ 9], MD5_S21, 0x21e1cde6); // 25
261 GG (d, a, b, c, data[14], MD5_S22, 0xc33707d6); // 26
262 GG (c, d, a, b, data[ 3], MD5_S23, 0xf4d50d87); // 27
263 GG (b, c, d, a, data[ 8], MD5_S24, 0x455a14ed); // 28
264 GG (a, b, c, d, data[13], MD5_S21, 0xa9e3e905); // 29
265 GG (d, a, b, c, data[ 2], MD5_S22, 0xfcefa3f8); // 30
266 GG (c, d, a, b, data[ 7], MD5_S23, 0x676f02d9); // 31
267 GG (b, c, d, a, data[12], MD5_S24, 0x8d2a4c8a); // 32
268
269 // Round 3
270 HH (a, b, c, d, data[ 5], MD5_S31, 0xfffa3942); // 33
271 HH (d, a, b, c, data[ 8], MD5_S32, 0x8771f681); // 34
272 HH (c, d, a, b, data[11], MD5_S33, 0x6d9d6122); // 35
273 HH (b, c, d, a, data[14], MD5_S34, 0xfde5380c); // 36
274 HH (a, b, c, d, data[ 1], MD5_S31, 0xa4beea44); // 37
275 HH (d, a, b, c, data[ 4], MD5_S32, 0x4bdecfa9); // 38
276 HH (c, d, a, b, data[ 7], MD5_S33, 0xf6bb4b60); // 39
277 HH (b, c, d, a, data[10], MD5_S34, 0xbebfbc70); // 40
278 HH (a, b, c, d, data[13], MD5_S31, 0x289b7ec6); // 41
279 HH (d, a, b, c, data[ 0], MD5_S32, 0xeaa127fa); // 42
280 HH (c, d, a, b, data[ 3], MD5_S33, 0xd4ef3085); // 43
281 HH (b, c, d, a, data[ 6], MD5_S34, 0x4881d05); // 44
282 HH (a, b, c, d, data[ 9], MD5_S31, 0xd9d4d039); // 45
283 HH (d, a, b, c, data[12], MD5_S32, 0xe6db99e5); // 46
284 HH (c, d, a, b, data[15], MD5_S33, 0x1fa27cf8); // 47
285 HH (b, c, d, a, data[ 2], MD5_S34, 0xc4ac5665); // 48
286
287 // Round 4
288 II (a, b, c, d, data[ 0], MD5_S41, 0xf4292244); // 49
289 II (d, a, b, c, data[ 7], MD5_S42, 0x432aff97); // 50
290 II (c, d, a, b, data[14], MD5_S43, 0xab9423a7); // 51
291 II (b, c, d, a, data[ 5], MD5_S44, 0xfc93a039); // 52
292 II (a, b, c, d, data[12], MD5_S41, 0x655b59c3); // 53
293 II (d, a, b, c, data[ 3], MD5_S42, 0x8f0ccc92); // 54
294 II (c, d, a, b, data[10], MD5_S43, 0xffeff47d); // 55
295 II (b, c, d, a, data[ 1], MD5_S44, 0x85845dd1); // 56
296 II (a, b, c, d, data[ 8], MD5_S41, 0x6fa87e4f); // 57
297 II (d, a, b, c, data[15], MD5_S42, 0xfe2ce6e0); // 58
298 II (c, d, a, b, data[ 6], MD5_S43, 0xa3014314); // 59
299 II (b, c, d, a, data[13], MD5_S44, 0x4e0811a1); // 60
300 II (a, b, c, d, data[ 4], MD5_S41, 0xf7537e82); // 61
301 II (d, a, b, c, data[11], MD5_S42, 0xbd3af235); // 62
302 II (c, d, a, b, data[ 2], MD5_S43, 0x2ad7d2bb); // 63
303 II (b, c, d, a, data[ 9], MD5_S44, 0xeb86d391); // 64
304
305 state[0] += a;
306 state[1] += b;
307 state[2] += c;
308 state[3] += d;
309 }
310