1 /***************************************************************************
3 * Project ___| | | | _ \| |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
8 * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at http://curl.haxx.se/docs/copyright.html.
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
21 ***************************************************************************/
23 #include "curl_setup.h"
25 #ifndef CURL_DISABLE_CRYPTO_AUTH
28 #include "curl_hmac.h"
31 #include "curl_memory.h"
33 #if defined(USE_GNUTLS_NETTLE)
35 #include <nettle/md5.h>
36 /* The last #include file should be: */
39 typedef struct md5_ctx MD5_CTX;
41 static void MD5_Init(MD5_CTX * ctx)
46 static void MD5_Update(MD5_CTX * ctx,
47 const unsigned char * input,
48 unsigned int inputLen)
50 md5_update(ctx, inputLen, input);
53 static void MD5_Final(unsigned char digest[16], MD5_CTX * ctx)
55 md5_digest(ctx, 16, digest);
58 #elif defined(USE_GNUTLS)
61 /* The last #include file should be: */
64 typedef gcry_md_hd_t MD5_CTX;
66 static void MD5_Init(MD5_CTX * ctx)
68 gcry_md_open(ctx, GCRY_MD_MD5, 0);
71 static void MD5_Update(MD5_CTX * ctx,
72 const unsigned char * input,
73 unsigned int inputLen)
75 gcry_md_write(*ctx, input, inputLen);
78 static void MD5_Final(unsigned char digest[16], MD5_CTX * ctx)
80 memcpy(digest, gcry_md_read(*ctx, 0), 16);
84 #elif defined(USE_SSLEAY)
85 /* When OpenSSL is available we use the MD5-function from OpenSSL */
88 # include <openssl/md5.h>
93 #elif (defined(__MAC_OS_X_VERSION_MAX_ALLOWED) && \
94 (__MAC_OS_X_VERSION_MAX_ALLOWED >= 1040)) || \
95 (defined(__IPHONE_OS_VERSION_MAX_ALLOWED) && \
96 (__IPHONE_OS_VERSION_MAX_ALLOWED >= 20000))
98 /* For Apple operating systems: CommonCrypto has the functions we need.
99 These functions are available on Tiger and later, as well as iOS 2.0
100 and later. If you're building for an older cat, well, sorry.
102 Declaring the functions as static like this seems to be a bit more
103 reliable than defining COMMON_DIGEST_FOR_OPENSSL on older cats. */
104 # include <CommonCrypto/CommonDigest.h>
105 # define MD5_CTX CC_MD5_CTX
107 static void MD5_Init(MD5_CTX *ctx)
112 static void MD5_Update(MD5_CTX *ctx,
113 const unsigned char *input,
114 unsigned int inputLen)
116 CC_MD5_Update(ctx, input, inputLen);
119 static void MD5_Final(unsigned char digest[16], MD5_CTX *ctx)
121 CC_MD5_Final(digest, ctx);
124 #elif defined(_WIN32)
126 #include <wincrypt.h>
129 HCRYPTPROV hCryptProv;
133 static void MD5_Init(MD5_CTX *ctx)
135 if(CryptAcquireContext(&ctx->hCryptProv, NULL, NULL,
136 PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) {
137 CryptCreateHash(ctx->hCryptProv, CALG_MD5, 0, 0, &ctx->hHash);
141 static void MD5_Update(MD5_CTX *ctx,
142 const unsigned char *input,
143 unsigned int inputLen)
145 CryptHashData(ctx->hHash, (unsigned char *)input, inputLen, 0);
148 static void MD5_Final(unsigned char digest[16], MD5_CTX *ctx)
150 unsigned long length = 0;
151 CryptGetHashParam(ctx->hHash, HP_HASHVAL, NULL, &length, 0);
153 CryptGetHashParam(ctx->hHash, HP_HASHVAL, digest, &length, 0);
155 CryptDestroyHash(ctx->hHash);
157 CryptReleaseContext(ctx->hCryptProv, 0);
161 /* When no other crypto library is available we use this code segment */
163 /* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
166 License to copy and use this software is granted provided that it
167 is identified as the "RSA Data Security, Inc. MD5 Message-Digest
168 Algorithm" in all material mentioning or referencing this software
171 License is also granted to make and use derivative works provided
172 that such works are identified as "derived from the RSA Data
173 Security, Inc. MD5 Message-Digest Algorithm" in all material
174 mentioning or referencing the derived work.
176 RSA Data Security, Inc. makes no representations concerning either
177 the merchantability of this software or the suitability of this
178 software for any particular purpose. It is provided "as is"
179 without express or implied warranty of any kind.
181 These notices must be retained in any copies of any part of this
182 documentation and/or software.
185 /* UINT4 defines a four byte word */
186 typedef unsigned int UINT4;
190 UINT4 state[4]; /* state (ABCD) */
191 UINT4 count[2]; /* number of bits, modulo 2^64 (lsb first) */
192 unsigned char buffer[64]; /* input buffer */
195 typedef struct md5_ctx MD5_CTX;
197 static void MD5_Init(struct md5_ctx *);
198 static void MD5_Update(struct md5_ctx *, const unsigned char *, unsigned int);
199 static void MD5_Final(unsigned char [16], struct md5_ctx *);
201 /* Constants for MD5Transform routine.
221 static void MD5Transform(UINT4 [4], const unsigned char [64]);
222 static void Encode(unsigned char *, UINT4 *, unsigned int);
223 static void Decode(UINT4 *, const unsigned char *, unsigned int);
225 static const unsigned char PADDING[64] = {
226 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
227 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
228 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
231 /* F, G, H and I are basic MD5 functions.
233 #define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
234 #define G(x, y, z) (((x) & (z)) | ((y) & (~z)))
235 #define H(x, y, z) ((x) ^ (y) ^ (z))
236 #define I(x, y, z) ((y) ^ ((x) | (~z)))
238 /* ROTATE_LEFT rotates x left n bits.
240 #define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n))))
242 /* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4.
243 Rotation is separate from addition to prevent recomputation.
245 #define FF(a, b, c, d, x, s, ac) { \
246 (a) += F ((b), (c), (d)) + (x) + (UINT4)(ac); \
247 (a) = ROTATE_LEFT ((a), (s)); \
250 #define GG(a, b, c, d, x, s, ac) { \
251 (a) += G ((b), (c), (d)) + (x) + (UINT4)(ac); \
252 (a) = ROTATE_LEFT ((a), (s)); \
255 #define HH(a, b, c, d, x, s, ac) { \
256 (a) += H ((b), (c), (d)) + (x) + (UINT4)(ac); \
257 (a) = ROTATE_LEFT ((a), (s)); \
260 #define II(a, b, c, d, x, s, ac) { \
261 (a) += I ((b), (c), (d)) + (x) + (UINT4)(ac); \
262 (a) = ROTATE_LEFT ((a), (s)); \
266 /* MD5 initialization. Begins an MD5 operation, writing a new context.
268 static void MD5_Init(struct md5_ctx *context)
270 context->count[0] = context->count[1] = 0;
271 /* Load magic initialization constants. */
272 context->state[0] = 0x67452301;
273 context->state[1] = 0xefcdab89;
274 context->state[2] = 0x98badcfe;
275 context->state[3] = 0x10325476;
278 /* MD5 block update operation. Continues an MD5 message-digest
279 operation, processing another message block, and updating the
282 static void MD5_Update (struct md5_ctx *context, /* context */
283 const unsigned char *input, /* input block */
284 unsigned int inputLen) /* length of input block */
286 unsigned int i, bufindex, partLen;
288 /* Compute number of bytes mod 64 */
289 bufindex = (unsigned int)((context->count[0] >> 3) & 0x3F);
291 /* Update number of bits */
292 if((context->count[0] += ((UINT4)inputLen << 3))
293 < ((UINT4)inputLen << 3))
295 context->count[1] += ((UINT4)inputLen >> 29);
297 partLen = 64 - bufindex;
299 /* Transform as many times as possible. */
300 if(inputLen >= partLen) {
301 memcpy(&context->buffer[bufindex], input, partLen);
302 MD5Transform(context->state, context->buffer);
304 for(i = partLen; i + 63 < inputLen; i += 64)
305 MD5Transform(context->state, &input[i]);
312 /* Buffer remaining input */
313 memcpy(&context->buffer[bufindex], &input[i], inputLen-i);
316 /* MD5 finalization. Ends an MD5 message-digest operation, writing the
317 the message digest and zeroizing the context.
319 static void MD5_Final(unsigned char digest[16], /* message digest */
320 struct md5_ctx *context) /* context */
322 unsigned char bits[8];
323 unsigned int count, padLen;
325 /* Save number of bits */
326 Encode (bits, context->count, 8);
328 /* Pad out to 56 mod 64. */
329 count = (unsigned int)((context->count[0] >> 3) & 0x3f);
330 padLen = (count < 56) ? (56 - count) : (120 - count);
331 MD5_Update (context, PADDING, padLen);
333 /* Append length (before padding) */
334 MD5_Update (context, bits, 8);
336 /* Store state in digest */
337 Encode (digest, context->state, 16);
339 /* Zeroize sensitive information. */
340 memset ((void *)context, 0, sizeof (*context));
343 /* MD5 basic transformation. Transforms state based on block. */
344 static void MD5Transform(UINT4 state[4],
345 const unsigned char block[64])
347 UINT4 a = state[0], b = state[1], c = state[2], d = state[3], x[16];
349 Decode (x, block, 64);
352 FF (a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */
353 FF (d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */
354 FF (c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */
355 FF (b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */
356 FF (a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */
357 FF (d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */
358 FF (c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */
359 FF (b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */
360 FF (a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */
361 FF (d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */
362 FF (c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */
363 FF (b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */
364 FF (a, b, c, d, x[12], S11, 0x6b901122); /* 13 */
365 FF (d, a, b, c, x[13], S12, 0xfd987193); /* 14 */
366 FF (c, d, a, b, x[14], S13, 0xa679438e); /* 15 */
367 FF (b, c, d, a, x[15], S14, 0x49b40821); /* 16 */
370 GG (a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */
371 GG (d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */
372 GG (c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */
373 GG (b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */
374 GG (a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */
375 GG (d, a, b, c, x[10], S22, 0x2441453); /* 22 */
376 GG (c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */
377 GG (b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */
378 GG (a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */
379 GG (d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */
380 GG (c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */
381 GG (b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */
382 GG (a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */
383 GG (d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */
384 GG (c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */
385 GG (b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */
388 HH (a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */
389 HH (d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */
390 HH (c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */
391 HH (b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */
392 HH (a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */
393 HH (d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */
394 HH (c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */
395 HH (b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */
396 HH (a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */
397 HH (d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */
398 HH (c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */
399 HH (b, c, d, a, x[ 6], S34, 0x4881d05); /* 44 */
400 HH (a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */
401 HH (d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */
402 HH (c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */
403 HH (b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */
406 II (a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */
407 II (d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */
408 II (c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */
409 II (b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */
410 II (a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */
411 II (d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */
412 II (c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */
413 II (b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */
414 II (a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */
415 II (d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */
416 II (c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */
417 II (b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */
418 II (a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */
419 II (d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */
420 II (c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */
421 II (b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */
428 /* Zeroize sensitive information. */
429 memset((void *)x, 0, sizeof (x));
432 /* Encodes input (UINT4) into output (unsigned char). Assumes len is
435 static void Encode (unsigned char *output,
441 for(i = 0, j = 0; j < len; i++, j += 4) {
442 output[j] = (unsigned char)(input[i] & 0xff);
443 output[j+1] = (unsigned char)((input[i] >> 8) & 0xff);
444 output[j+2] = (unsigned char)((input[i] >> 16) & 0xff);
445 output[j+3] = (unsigned char)((input[i] >> 24) & 0xff);
449 /* Decodes input (unsigned char) into output (UINT4). Assumes len is
452 static void Decode (UINT4 *output,
453 const unsigned char *input,
458 for(i = 0, j = 0; j < len; i++, j += 4)
459 output[i] = ((UINT4)input[j]) | (((UINT4)input[j+1]) << 8) |
460 (((UINT4)input[j+2]) << 16) | (((UINT4)input[j+3]) << 24);
463 #endif /* CRYPTO LIBS */
465 /* The last #include file should be: */
466 #include "memdebug.h"
468 const HMAC_params Curl_HMAC_MD5[] = {
470 (HMAC_hinit_func) MD5_Init, /* Hash initialization function. */
471 (HMAC_hupdate_func) MD5_Update, /* Hash update function. */
472 (HMAC_hfinal_func) MD5_Final, /* Hash computation end function. */
473 sizeof(MD5_CTX), /* Size of hash context structure. */
474 64, /* Maximum key length. */
475 16 /* Result size. */
479 const MD5_params Curl_DIGEST_MD5[] = {
481 (Curl_MD5_init_func) MD5_Init, /* Digest initialization function */
482 (Curl_MD5_update_func) MD5_Update, /* Digest update function */
483 (Curl_MD5_final_func) MD5_Final, /* Digest computation end function */
484 sizeof(MD5_CTX), /* Size of digest context struct */
489 void Curl_md5it(unsigned char *outbuffer, /* 16 bytes */
490 const unsigned char *input)
494 MD5_Update(&ctx, input, curlx_uztoui(strlen((char *)input)));
495 MD5_Final(outbuffer, &ctx);
498 MD5_context *Curl_MD5_init(const MD5_params *md5params)
502 /* Create MD5 context */
503 ctxt = malloc(sizeof *ctxt);
508 ctxt->md5_hashctx = malloc(md5params->md5_ctxtsize);
510 if(!ctxt->md5_hashctx) {
515 ctxt->md5_hash = md5params;
517 (*md5params->md5_init_func)(ctxt->md5_hashctx);
522 int Curl_MD5_update(MD5_context *context,
523 const unsigned char *data,
526 (*context->md5_hash->md5_update_func)(context->md5_hashctx, data, len);
531 int Curl_MD5_final(MD5_context *context, unsigned char *result)
533 (*context->md5_hash->md5_final_func)(result, context->md5_hashctx);
535 free(context->md5_hashctx);
541 #endif /* CURL_DISABLE_CRYPTO_AUTH */