Codebase list ntl / b59e2b1
replace md5 implementation Replace RSA's md5 implementation with a public domain one to get rid of the advertisement clause. Bernhard R. Link authored 12 years ago Julien Puydt committed 7 years ago
1 changed file(s) with 140 addition(s) and 190 deletion(s). Raw diff Collapse all Expand all
+140
-190
src/ZZ.c less more
13831383 // which I've modified to work on 64-bit machines
13841384
13851385
1386 #ifndef uint32
1387 # if NTL_BITS_PER_INT == 32
1388 typedef unsigned int uint32;
1389 # elif NTL_BITS_PER_LONG == 32
1390 typedef unsigned long uint32;
1391 # else
1392 # error unable to find 32 bit type
1393 # endif
1394 #endif
13861395 /*
1387 * BEGIN RSA's md5 stuff
1396 * BEGIN md5 stuff
13881397 *
13891398 */
13901399
13911400 /*
1392 **********************************************************************
1393 ** md5.c **
1394 ** RSA Data Security, Inc. MD5 Message Digest Algorithm **
1395 ** Created: 2/17/90 RLR **
1396 ** Revised: 1/91 SRD,AJ,BSK,JT Reference C Version **
1397 **********************************************************************
1401 * This code implements the MD5 message-digest algorithm.
1402 * The algorithm is due to Ron Rivest. This code was
1403 * written by Colin Plumb in 1993, no copyright is claimed.
1404 * This code is in the public domain; do with it what you wish.
1405 *
1406 * Equivalent code is available from RSA Data Security, Inc.
1407 * This code has been tested against that, and is equivalent,
1408 * except that you don't need to include two pages of legalese
1409 * with every copy.
1410 *
1411 Modified to only contain the functions needed here.
13981412 */
13991413
14001414 /*
1401 **********************************************************************
1402 ** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. **
1403 ** **
1404 ** License to copy and use this software is granted provided that **
1405 ** it is identified as the "RSA Data Security, Inc. MD5 Message **
1406 ** Digest Algorithm" in all material mentioning or referencing this **
1407 ** software or this function. **
1408 ** **
1409 ** License is also granted to make and use derivative works **
1410 ** provided that such works are identified as "derived from the RSA **
1411 ** Data Security, Inc. MD5 Message Digest Algorithm" in all **
1412 ** material mentioning or referencing the derived work. **
1413 ** **
1414 ** RSA Data Security, Inc. makes no representations concerning **
1415 ** either the merchantability of this software or the suitability **
1416 ** of this software for any particular purpose. It is provided "as **
1417 ** is" without express or implied warranty of any kind. **
1418 ** **
1419 ** These notices must be retained in any copies of any part of this **
1420 ** documentation and/or software. **
1421 **********************************************************************
1415 * Start MD5 accumulation. Set bit count to 0 and buffer to mysterious
1416 * initialization constants.
14221417 */
1423
1424
1425 #if (NTL_BITS_PER_LONG <= 32)
1426 #define TRUNC32(x) (x)
1427 #else
1428 #define TRUNC32(x) ((x) & ((1UL << 32)-1UL))
1429 #endif
1430
1431 /* F, G and H are basic MD5 functions: selection, majority, parity */
1432 #define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
1433 #define G(x, y, z) (((x) & (z)) | ((y) & (~z)))
1434 #define H(x, y, z) ((x) ^ (y) ^ (z))
1435 #define I(x, y, z) (TRUNC32((y) ^ ((x) | (~z))))
1436
1437 /* ROTATE_LEFT rotates x left n bits */
1438 #define ROTATE_LEFT(x, n) (TRUNC32(((x) << (n)) | ((x) >> (32-(n)))))
1439
1440 /* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4 */
1441 /* Rotation is separate from addition to prevent recomputation */
1442 #define FF(a, b, c, d, x, s, ac) \
1443 {(a) = TRUNC32((a) + F((b), (c), (d)) + (x) + (ac)); \
1444 (a) = ROTATE_LEFT((a), (s)); \
1445 (a) = TRUNC32((a) + (b)); \
1446 }
1447 #define GG(a, b, c, d, x, s, ac) \
1448 {(a) = TRUNC32((a) + G((b), (c), (d)) + (x) + (ac)); \
1449 (a) = ROTATE_LEFT((a), (s)); \
1450 (a) = TRUNC32((a) + (b)); \
1451 }
1452 #define HH(a, b, c, d, x, s, ac) \
1453 {(a) = TRUNC32((a) + H((b), (c), (d)) + (x) + (ac)); \
1454 (a) = ROTATE_LEFT((a), (s)); \
1455 (a) = TRUNC32((a) + (b)); \
1456 }
1457 #define II(a, b, c, d, x, s, ac) \
1458 {(a) = TRUNC32((a) + I((b), (c), (d)) + (x) + (ac)); \
1459 (a) = ROTATE_LEFT((a), (s)); \
1460 (a) = TRUNC32((a) + (b)); \
1461 }
1462
1463
1464
14651418 static
1466 void MD5_default_IV(unsigned long *buf)
1467 {
1468 buf[0] = 0x67452301UL;
1469 buf[1] = 0xefcdab89UL;
1470 buf[2] = 0x98badcfeUL;
1471 buf[3] = 0x10325476UL;
1472 }
1473
1474
1475
1476 /* Basic MD5 step. Transform buf based on in.
1419 void MD5Init(uint32 buf[4])
1420 {
1421 buf[0] = 0x67452301U;
1422 buf[1] = 0xefcdab89U;
1423 buf[2] = 0x98badcfeU;
1424 buf[3] = 0x10325476U;
1425 }
1426
1427 /* The four core functions - F1 is optimized somewhat */
1428
1429 /* #define F1(x, y, z) (x & y | ~x & z) */
1430 #define F1(x, y, z) (z ^ (x & (y ^ z)))
1431 #define F2(x, y, z) F1(z, x, y)
1432 #define F3(x, y, z) (x ^ y ^ z)
1433 #define F4(x, y, z) (y ^ (x | ~z))
1434
1435 /* This is the central step in the MD5 algorithm. */
1436 #define MD5STEP(f, w, x, y, z, data, s) \
1437 ( w += f(x, y, z) + data, w = w<<s | w>>(32-s), w += x )
1438
1439 /*
1440 * The core of the MD5 algorithm, this alters an existing MD5 hash to
1441 * reflect the addition of 16 longwords of new data. MD5Update blocks
1442 * the data and converts bytes into longwords for this routine.
14771443 */
1478
14791444 static
1480 void MD5_compress(unsigned long *buf, unsigned long *in)
1481 {
1482 unsigned long a = buf[0], b = buf[1], c = buf[2], d = buf[3];
1483
1484 /* Round 1 */
1485 #define S11 7
1486 #define S12 12
1487 #define S13 17
1488 #define S14 22
1489 FF ( a, b, c, d, in[ 0], S11, 3614090360UL); /* 1 */
1490 FF ( d, a, b, c, in[ 1], S12, 3905402710UL); /* 2 */
1491 FF ( c, d, a, b, in[ 2], S13, 606105819UL); /* 3 */
1492 FF ( b, c, d, a, in[ 3], S14, 3250441966UL); /* 4 */
1493 FF ( a, b, c, d, in[ 4], S11, 4118548399UL); /* 5 */
1494 FF ( d, a, b, c, in[ 5], S12, 1200080426UL); /* 6 */
1495 FF ( c, d, a, b, in[ 6], S13, 2821735955UL); /* 7 */
1496 FF ( b, c, d, a, in[ 7], S14, 4249261313UL); /* 8 */
1497 FF ( a, b, c, d, in[ 8], S11, 1770035416UL); /* 9 */
1498 FF ( d, a, b, c, in[ 9], S12, 2336552879UL); /* 10 */
1499 FF ( c, d, a, b, in[10], S13, 4294925233UL); /* 11 */
1500 FF ( b, c, d, a, in[11], S14, 2304563134UL); /* 12 */
1501 FF ( a, b, c, d, in[12], S11, 1804603682UL); /* 13 */
1502 FF ( d, a, b, c, in[13], S12, 4254626195UL); /* 14 */
1503 FF ( c, d, a, b, in[14], S13, 2792965006UL); /* 15 */
1504 FF ( b, c, d, a, in[15], S14, 1236535329UL); /* 16 */
1505
1506 /* Round 2 */
1507 #define S21 5
1508 #define S22 9
1509 #define S23 14
1510 #define S24 20
1511 GG ( a, b, c, d, in[ 1], S21, 4129170786UL); /* 17 */
1512 GG ( d, a, b, c, in[ 6], S22, 3225465664UL); /* 18 */
1513 GG ( c, d, a, b, in[11], S23, 643717713UL); /* 19 */
1514 GG ( b, c, d, a, in[ 0], S24, 3921069994UL); /* 20 */
1515 GG ( a, b, c, d, in[ 5], S21, 3593408605UL); /* 21 */
1516 GG ( d, a, b, c, in[10], S22, 38016083UL); /* 22 */
1517 GG ( c, d, a, b, in[15], S23, 3634488961UL); /* 23 */
1518 GG ( b, c, d, a, in[ 4], S24, 3889429448UL); /* 24 */
1519 GG ( a, b, c, d, in[ 9], S21, 568446438UL); /* 25 */
1520 GG ( d, a, b, c, in[14], S22, 3275163606UL); /* 26 */
1521 GG ( c, d, a, b, in[ 3], S23, 4107603335UL); /* 27 */
1522 GG ( b, c, d, a, in[ 8], S24, 1163531501UL); /* 28 */
1523 GG ( a, b, c, d, in[13], S21, 2850285829UL); /* 29 */
1524 GG ( d, a, b, c, in[ 2], S22, 4243563512UL); /* 30 */
1525 GG ( c, d, a, b, in[ 7], S23, 1735328473UL); /* 31 */
1526 GG ( b, c, d, a, in[12], S24, 2368359562UL); /* 32 */
1527
1528 /* Round 3 */
1529 #define S31 4
1530 #define S32 11
1531 #define S33 16
1532 #define S34 23
1533 HH ( a, b, c, d, in[ 5], S31, 4294588738UL); /* 33 */
1534 HH ( d, a, b, c, in[ 8], S32, 2272392833UL); /* 34 */
1535 HH ( c, d, a, b, in[11], S33, 1839030562UL); /* 35 */
1536 HH ( b, c, d, a, in[14], S34, 4259657740UL); /* 36 */
1537 HH ( a, b, c, d, in[ 1], S31, 2763975236UL); /* 37 */
1538 HH ( d, a, b, c, in[ 4], S32, 1272893353UL); /* 38 */
1539 HH ( c, d, a, b, in[ 7], S33, 4139469664UL); /* 39 */
1540 HH ( b, c, d, a, in[10], S34, 3200236656UL); /* 40 */
1541 HH ( a, b, c, d, in[13], S31, 681279174UL); /* 41 */
1542 HH ( d, a, b, c, in[ 0], S32, 3936430074UL); /* 42 */
1543 HH ( c, d, a, b, in[ 3], S33, 3572445317UL); /* 43 */
1544 HH ( b, c, d, a, in[ 6], S34, 76029189UL); /* 44 */
1545 HH ( a, b, c, d, in[ 9], S31, 3654602809UL); /* 45 */
1546 HH ( d, a, b, c, in[12], S32, 3873151461UL); /* 46 */
1547 HH ( c, d, a, b, in[15], S33, 530742520UL); /* 47 */
1548 HH ( b, c, d, a, in[ 2], S34, 3299628645UL); /* 48 */
1549
1550 /* Round 4 */
1551 #define S41 6
1552 #define S42 10
1553 #define S43 15
1554 #define S44 21
1555 II ( a, b, c, d, in[ 0], S41, 4096336452UL); /* 49 */
1556 II ( d, a, b, c, in[ 7], S42, 1126891415UL); /* 50 */
1557 II ( c, d, a, b, in[14], S43, 2878612391UL); /* 51 */
1558 II ( b, c, d, a, in[ 5], S44, 4237533241UL); /* 52 */
1559 II ( a, b, c, d, in[12], S41, 1700485571UL); /* 53 */
1560 II ( d, a, b, c, in[ 3], S42, 2399980690UL); /* 54 */
1561 II ( c, d, a, b, in[10], S43, 4293915773UL); /* 55 */
1562 II ( b, c, d, a, in[ 1], S44, 2240044497UL); /* 56 */
1563 II ( a, b, c, d, in[ 8], S41, 1873313359UL); /* 57 */
1564 II ( d, a, b, c, in[15], S42, 4264355552UL); /* 58 */
1565 II ( c, d, a, b, in[ 6], S43, 2734768916UL); /* 59 */
1566 II ( b, c, d, a, in[13], S44, 1309151649UL); /* 60 */
1567 II ( a, b, c, d, in[ 4], S41, 4149444226UL); /* 61 */
1568 II ( d, a, b, c, in[11], S42, 3174756917UL); /* 62 */
1569 II ( c, d, a, b, in[ 2], S43, 718787259UL); /* 63 */
1570 II ( b, c, d, a, in[ 9], S44, 3951481745UL); /* 64 */
1571
1572 buf[0] = TRUNC32(buf[0] + a);
1573 buf[1] = TRUNC32(buf[1] + b);
1574 buf[2] = TRUNC32(buf[2] + c);
1575 buf[3] = TRUNC32(buf[3] + d);
1445 void MD5Transform(uint32 buf[4], uint32 const in[16])
1446 {
1447 register uint32 a, b, c, d;
1448
1449 a = buf[0];
1450 b = buf[1];
1451 c = buf[2];
1452 d = buf[3];
1453
1454 MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478U, 7);
1455 MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756U, 12);
1456 MD5STEP(F1, c, d, a, b, in[2] + 0x242070dbU, 17);
1457 MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceeeU, 22);
1458 MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0fafU, 7);
1459 MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62aU, 12);
1460 MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613U, 17);
1461 MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501U, 22);
1462 MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8U, 7);
1463 MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7afU, 12);
1464 MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1U, 17);
1465 MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7beU, 22);
1466 MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122U, 7);
1467 MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193U, 12);
1468 MD5STEP(F1, c, d, a, b, in[14] + 0xa679438eU, 17);
1469 MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821U, 22);
1470
1471 MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562U, 5);
1472 MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340U, 9);
1473 MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51U, 14);
1474 MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aaU, 20);
1475 MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105dU, 5);
1476 MD5STEP(F2, d, a, b, c, in[10] + 0x02441453U, 9);
1477 MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681, 14);
1478 MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8U, 20);
1479 MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6U, 5);
1480 MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6U, 9);
1481 MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87U, 14);
1482 MD5STEP(F2, b, c, d, a, in[8] + 0x455a14edU, 20);
1483 MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905U, 5);
1484 MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8U, 9);
1485 MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9U, 14);
1486 MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8aU, 20);
1487
1488 MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942U, 4);
1489 MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681U, 11);
1490 MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122U, 16);
1491 MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380cU, 23);
1492 MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44U, 4);
1493 MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9U, 11);
1494 MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60U, 16);
1495 MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70U, 23);
1496 MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6U, 4);
1497 MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127faU, 11);
1498 MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085U, 16);
1499 MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05U, 23);
1500 MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039U, 4);
1501 MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5U, 11);
1502 MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8U, 16);
1503 MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665U, 23);
1504
1505 MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244U, 6);
1506 MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97U, 10);
1507 MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7U, 15);
1508 MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039U, 21);
1509 MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3U, 6);
1510 MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92U, 10);
1511 MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47dU, 15);
1512 MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1U, 21);
1513 MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4fU, 6);
1514 MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0U, 10);
1515 MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314U, 15);
1516 MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1U, 21);
1517 MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82U, 6);
1518 MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235U, 10);
1519 MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bbU, 15);
1520 MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391U, 21);
1521
1522 buf[0] += a;
1523 buf[1] += b;
1524 buf[2] += c;
1525 buf[3] += d;
15761526 }
15771527
15781528
15791529 /*
1580 * END RSA's md5 stuff
1530 * END md5 stuff
15811531 *
15821532 */
15831533
15841534
15851535 static
1586 void words_from_bytes(unsigned long *txtl, const unsigned char *txtc, long n)
1536 void words_from_bytes(uint32 *txtl, unsigned char *txtc, long n)
15871537 {
15881538 long i;
15891539 unsigned long v;
15981548 }
15991549
16001550 static
1601 void bytes_from_words(unsigned char *txtc, const unsigned long *txtl, long n)
1551 void bytes_from_words(unsigned char *txtc, uint32 *txtl, long n)
16021552 {
16031553 long i;
16041554 unsigned long v;
16171567
16181568
16191569 static
1620 void MD5_compress1(unsigned long *buf, unsigned char *in, long n)
1621 {
1622 unsigned long txtl[16];
1570 void MD5_compress1(uint32 *buf, unsigned char *in, long n)
1571 {
1572 uint32 txtl[16];
16231573 unsigned char txtc[64];
16241574 long i, j, k;
16251575
16341584 for (; j < 64; j++)
16351585 txtc[j] = 0;
16361586 words_from_bytes(txtl, txtc, 16);
1637 MD5_compress(buf, txtl);
1587 MD5Transform(buf, txtl);
16381588 i += k;
16391589 }
16401590 }
17191669 NTL_THREAD_LOCAL static long ran_initialized = 0;
17201670 NTL_THREAD_LOCAL static _ZZ_arc4_key ran_key;
17211671
1722 static const unsigned long default_md5_tab[16] = {
1672 static uint32 default_md5_tab[16] = {
17231673 744663023UL, 1011602954UL, 3163087192UL, 3383838527UL,
17241674 3305324122UL, 3197458079UL, 2266495600UL, 2760303563UL,
17251675 346234297UL, 1919920720UL, 1896169861UL, 2192176675UL,
17431693
17441694 bytes_from_words(txt + nb + 4, default_md5_tab, 16);
17451695
1746 unsigned long buf[4];
1747
1748 unsigned long i;
1696 uint32 buf[4];
1697
1698 uint32 i;
17491699 for (i = 0; i < 16; i++) {
1750 MD5_default_IV(buf);
1700 MD5Init(buf);
17511701 bytes_from_words(txt, &i, 1);
17521702
17531703 MD5_compress1(buf, txt, nb + 68);