3 * The MD2 hash function, described in RFC 1319.
6 /* nettle, low-level cryptographics library
8 * Copyright (C) 2003 Niels Möller, Andreas Sigfridsson
10 * The nettle library is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU Lesser General Public License as published by
12 * the Free Software Foundation; either version 2.1 of the License, or (at your
13 * option) any later version.
15 * The nettle library is distributed in the hope that it will be useful, but
16 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
17 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
18 * License for more details.
20 * You should have received a copy of the GNU Lesser General Public License
21 * along with the nettle library; see the file COPYING.LIB. If not, write to
22 * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
26 /* This code originates from the Python Cryptography Toolkit, version 1.0.1.
27 Further hacked by Andreas Sigfridsson and Niels Möller. Original license:
29 ===================================================================
30 Distribute and use freely; there are no restrictions on further
31 dissemination and usage except those imposed by the laws of your
32 country of residence. This software is provided "as is" without
33 warranty of fitness for use or suitability for any purpose, express
34 or implied. Use at your own risk or not at all.
35 ===================================================================
37 Incorporating the code into commercial products is permitted; you do
38 not have to make source available or contribute your changes back
39 (though that would be nice).
56 41, 46, 67, 201, 162, 216, 124, 1, 61, 54, 84, 161, 236, 240, 6,
57 19, 98, 167, 5, 243, 192, 199, 115, 140, 152, 147, 43, 217, 188,
58 76, 130, 202, 30, 155, 87, 60, 253, 212, 224, 22, 103, 66, 111, 24,
59 138, 23, 229, 18, 190, 78, 196, 214, 218, 158, 222, 73, 160, 251,
60 245, 142, 187, 47, 238, 122, 169, 104, 121, 145, 21, 178, 7, 63,
61 148, 194, 16, 137, 11, 34, 95, 33, 128, 127, 93, 154, 90, 144, 50,
62 39, 53, 62, 204, 231, 191, 247, 151, 3, 255, 25, 48, 179, 72, 165,
63 181, 209, 215, 94, 146, 42, 172, 86, 170, 198, 79, 184, 56, 210,
64 150, 164, 125, 182, 118, 252, 107, 226, 156, 116, 4, 241, 69, 157,
65 112, 89, 100, 113, 135, 32, 134, 91, 207, 101, 230, 45, 168, 2, 27,
66 96, 37, 173, 174, 176, 185, 246, 28, 70, 97, 105, 52, 64, 126, 15,
67 85, 71, 163, 35, 221, 81, 175, 58, 195, 92, 249, 206, 186, 197,
68 234, 38, 44, 83, 13, 110, 133, 40, 132, 9, 211, 223, 205, 244, 65,
69 129, 77, 82, 106, 220, 55, 200, 108, 193, 171, 250, 36, 225, 123,
70 8, 12, 189, 177, 74, 120, 136, 149, 139, 227, 99, 232, 109, 233,
71 203, 213, 254, 59, 0, 29, 57, 242, 239, 183, 14, 102, 88, 208, 228,
72 166, 119, 114, 248, 235, 117, 75, 10, 49, 68, 80, 180, 143, 237,
73 31, 26, 219, 153, 141, 51, 159, 17, 131, 20
77 md2_transform(struct md2_ctx *ctx, const uint8_t *data)
82 memcpy(ctx->X + 16, data, MD2_DATA_SIZE);
84 for (i = 0, t = ctx->C[15];
87 ctx->X[2 * MD2_DATA_SIZE + i]
88 = ctx->X[i] ^ ctx->X[MD2_DATA_SIZE + i];
89 t = (ctx->C[i] ^= S[data[i]^t]);
93 t = (t + i) & 0xff, i++)
96 for (j = 0; j < 3 * MD2_DATA_SIZE; j++)
97 t = (ctx->X[j] ^= S[t]);
102 md2_init(struct md2_ctx *ctx)
104 memset(ctx, 0, sizeof(*ctx));
108 md2_update(struct md2_ctx *ctx,
112 MD_UPDATE(ctx, length, data, md2_transform, (void)0);
116 md2_digest(struct md2_ctx *ctx,
122 assert(length <= MD2_DIGEST_SIZE);
124 left = MD2_DATA_SIZE - ctx->index;
125 memset(ctx->block + ctx->index, left, left);
126 md2_transform(ctx, ctx->block);
128 md2_transform(ctx, ctx->C);
129 memcpy(digest, ctx->X, length);