| 1 | // The original file was copied from sqlite, and was in the public domain. |
|---|---|
| 2 | // Modifications Copyright 2006 Google Inc. All Rights Reserved |
| 3 | /* |
| 4 | * Copyright (C) 2010 Google Inc. All rights reserved. |
| 5 | * Copyright (C) 2015 Apple Inc. All rights reserved. |
| 6 | * |
| 7 | * Redistribution and use in source and binary forms, with or without |
| 8 | * modification, are permitted provided that the following conditions are |
| 9 | * met: |
| 10 | * |
| 11 | * * Redistributions of source code must retain the above copyright |
| 12 | * notice, this list of conditions and the following disclaimer. |
| 13 | * * Redistributions in binary form must reproduce the above |
| 14 | * copyright notice, this list of conditions and the following disclaimer |
| 15 | * in the documentation and/or other materials provided with the |
| 16 | * distribution. |
| 17 | * * Neither the name of Google Inc. nor the names of its |
| 18 | * contributors may be used to endorse or promote products derived from |
| 19 | * this software without specific prior written permission. |
| 20 | * |
| 21 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
| 22 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
| 23 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
| 24 | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |
| 25 | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
| 26 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
| 27 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| 28 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| 29 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| 30 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
| 31 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 32 | */ |
| 33 | /* |
| 34 | * This code implements the MD5 message-digest algorithm. |
| 35 | * The algorithm is due to Ron Rivest. This code was |
| 36 | * written by Colin Plumb in 1993, no copyright is claimed. |
| 37 | * This code is in the public domain; do with it what you wish. |
| 38 | * |
| 39 | * Equivalent code is available from RSA Data Security, Inc. |
| 40 | * This code has been tested against that, and is equivalent, |
| 41 | * except that you don't need to include two pages of legalese |
| 42 | * with every copy. |
| 43 | * |
| 44 | * To compute the message digest of a chunk of bytes, construct an |
| 45 | * MD5 instance, call addBytes as needed on buffers full of bytes, |
| 46 | * and then call checksum, which will fill a supplied 16-byte array |
| 47 | * with the digest. |
| 48 | */ |
| 49 | |
| 50 | #include "config.h" |
| 51 | #include <wtf/MD5.h> |
| 52 | |
| 53 | #include <wtf/Assertions.h> |
| 54 | #include <wtf/StdLibExtras.h> |
| 55 | |
| 56 | namespace WTF { |
| 57 | |
| 58 | #if PLATFORM(COCOA) |
| 59 | |
| 60 | MD5::MD5() |
| 61 | { |
| 62 | ALLOW_DEPRECATED_DECLARATIONS_BEGIN |
| 63 | CC_MD5_Init(&m_context); |
| 64 | ALLOW_DEPRECATED_DECLARATIONS_END |
| 65 | } |
| 66 | |
| 67 | void MD5::addBytes(const uint8_t* input, size_t length) |
| 68 | { |
| 69 | ALLOW_DEPRECATED_DECLARATIONS_BEGIN |
| 70 | CC_MD5_Update(&m_context, input, length); |
| 71 | ALLOW_DEPRECATED_DECLARATIONS_END |
| 72 | } |
| 73 | |
| 74 | void MD5::checksum(Digest& hash) |
| 75 | { |
| 76 | ALLOW_DEPRECATED_DECLARATIONS_BEGIN |
| 77 | CC_MD5_Final(hash.data(), &m_context); |
| 78 | ALLOW_DEPRECATED_DECLARATIONS_END |
| 79 | } |
| 80 | |
| 81 | #else |
| 82 | |
| 83 | // Note: this code is harmless on little-endian machines. |
| 84 | |
| 85 | static void toLittleEndian(uint8_t* buf, unsigned longs) |
| 86 | { |
| 87 | ASSERT(longs > 0); |
| 88 | do { |
| 89 | uint32_t t = static_cast<uint32_t>(buf[3] << 8 | buf[2]) << 16 | buf[1] << 8 | buf[0]; |
| 90 | ASSERT_WITH_MESSAGE(!(reinterpret_cast<uintptr_t>(buf) % sizeof(t)), "alignment error of buf"); |
| 91 | memcpy(buf, &t, sizeof(t)); |
| 92 | buf += sizeof(t); |
| 93 | } while (--longs); |
| 94 | } |
| 95 | |
| 96 | // The four core functions. |
| 97 | // F1 is originally defined as (x & y | ~x & z), but optimized somewhat: 4 bit ops -> 3 bit ops. |
| 98 | #define F1(x, y, z) (z ^ (x & (y ^ z))) |
| 99 | #define F2(x, y, z) F1(z, x, y) |
| 100 | #define F3(x, y, z) (x ^ y ^ z) |
| 101 | #define F4(x, y, z) (y ^ (x | ~z)) |
| 102 | |
| 103 | // This is the central step in the MD5 algorithm. |
| 104 | #define MD5STEP(f, w, x, y, z, data, s) \ |
| 105 | (w += f(x, y, z) + data, w = w << s | w >> (32 - s), w += x) |
| 106 | |
| 107 | static void MD5Transform(uint32_t buf[4], const uint32_t in[16]) |
| 108 | { |
| 109 | uint32_t a = buf[0]; |
| 110 | uint32_t b = buf[1]; |
| 111 | uint32_t c = buf[2]; |
| 112 | uint32_t d = buf[3]; |
| 113 | |
| 114 | MD5STEP(F1, a, b, c, d, in[ 0]+0xd76aa478, 7); |
| 115 | MD5STEP(F1, d, a, b, c, in[ 1]+0xe8c7b756, 12); |
| 116 | MD5STEP(F1, c, d, a, b, in[ 2]+0x242070db, 17); |
| 117 | MD5STEP(F1, b, c, d, a, in[ 3]+0xc1bdceee, 22); |
| 118 | MD5STEP(F1, a, b, c, d, in[ 4]+0xf57c0faf, 7); |
| 119 | MD5STEP(F1, d, a, b, c, in[ 5]+0x4787c62a, 12); |
| 120 | MD5STEP(F1, c, d, a, b, in[ 6]+0xa8304613, 17); |
| 121 | MD5STEP(F1, b, c, d, a, in[ 7]+0xfd469501, 22); |
| 122 | MD5STEP(F1, a, b, c, d, in[ 8]+0x698098d8, 7); |
| 123 | MD5STEP(F1, d, a, b, c, in[ 9]+0x8b44f7af, 12); |
| 124 | MD5STEP(F1, c, d, a, b, in[10]+0xffff5bb1, 17); |
| 125 | MD5STEP(F1, b, c, d, a, in[11]+0x895cd7be, 22); |
| 126 | MD5STEP(F1, a, b, c, d, in[12]+0x6b901122, 7); |
| 127 | MD5STEP(F1, d, a, b, c, in[13]+0xfd987193, 12); |
| 128 | MD5STEP(F1, c, d, a, b, in[14]+0xa679438e, 17); |
| 129 | MD5STEP(F1, b, c, d, a, in[15]+0x49b40821, 22); |
| 130 | |
| 131 | MD5STEP(F2, a, b, c, d, in[ 1]+0xf61e2562, 5); |
| 132 | MD5STEP(F2, d, a, b, c, in[ 6]+0xc040b340, 9); |
| 133 | MD5STEP(F2, c, d, a, b, in[11]+0x265e5a51, 14); |
| 134 | MD5STEP(F2, b, c, d, a, in[ 0]+0xe9b6c7aa, 20); |
| 135 | MD5STEP(F2, a, b, c, d, in[ 5]+0xd62f105d, 5); |
| 136 | MD5STEP(F2, d, a, b, c, in[10]+0x02441453, 9); |
| 137 | MD5STEP(F2, c, d, a, b, in[15]+0xd8a1e681, 14); |
| 138 | MD5STEP(F2, b, c, d, a, in[ 4]+0xe7d3fbc8, 20); |
| 139 | MD5STEP(F2, a, b, c, d, in[ 9]+0x21e1cde6, 5); |
| 140 | MD5STEP(F2, d, a, b, c, in[14]+0xc33707d6, 9); |
| 141 | MD5STEP(F2, c, d, a, b, in[ 3]+0xf4d50d87, 14); |
| 142 | MD5STEP(F2, b, c, d, a, in[ 8]+0x455a14ed, 20); |
| 143 | MD5STEP(F2, a, b, c, d, in[13]+0xa9e3e905, 5); |
| 144 | MD5STEP(F2, d, a, b, c, in[ 2]+0xfcefa3f8, 9); |
| 145 | MD5STEP(F2, c, d, a, b, in[ 7]+0x676f02d9, 14); |
| 146 | MD5STEP(F2, b, c, d, a, in[12]+0x8d2a4c8a, 20); |
| 147 | |
| 148 | MD5STEP(F3, a, b, c, d, in[ 5]+0xfffa3942, 4); |
| 149 | MD5STEP(F3, d, a, b, c, in[ 8]+0x8771f681, 11); |
| 150 | MD5STEP(F3, c, d, a, b, in[11]+0x6d9d6122, 16); |
| 151 | MD5STEP(F3, b, c, d, a, in[14]+0xfde5380c, 23); |
| 152 | MD5STEP(F3, a, b, c, d, in[ 1]+0xa4beea44, 4); |
| 153 | MD5STEP(F3, d, a, b, c, in[ 4]+0x4bdecfa9, 11); |
| 154 | MD5STEP(F3, c, d, a, b, in[ 7]+0xf6bb4b60, 16); |
| 155 | MD5STEP(F3, b, c, d, a, in[10]+0xbebfbc70, 23); |
| 156 | MD5STEP(F3, a, b, c, d, in[13]+0x289b7ec6, 4); |
| 157 | MD5STEP(F3, d, a, b, c, in[ 0]+0xeaa127fa, 11); |
| 158 | MD5STEP(F3, c, d, a, b, in[ 3]+0xd4ef3085, 16); |
| 159 | MD5STEP(F3, b, c, d, a, in[ 6]+0x04881d05, 23); |
| 160 | MD5STEP(F3, a, b, c, d, in[ 9]+0xd9d4d039, 4); |
| 161 | MD5STEP(F3, d, a, b, c, in[12]+0xe6db99e5, 11); |
| 162 | MD5STEP(F3, c, d, a, b, in[15]+0x1fa27cf8, 16); |
| 163 | MD5STEP(F3, b, c, d, a, in[ 2]+0xc4ac5665, 23); |
| 164 | |
| 165 | MD5STEP(F4, a, b, c, d, in[ 0]+0xf4292244, 6); |
| 166 | MD5STEP(F4, d, a, b, c, in[ 7]+0x432aff97, 10); |
| 167 | MD5STEP(F4, c, d, a, b, in[14]+0xab9423a7, 15); |
| 168 | MD5STEP(F4, b, c, d, a, in[ 5]+0xfc93a039, 21); |
| 169 | MD5STEP(F4, a, b, c, d, in[12]+0x655b59c3, 6); |
| 170 | MD5STEP(F4, d, a, b, c, in[ 3]+0x8f0ccc92, 10); |
| 171 | MD5STEP(F4, c, d, a, b, in[10]+0xffeff47d, 15); |
| 172 | MD5STEP(F4, b, c, d, a, in[ 1]+0x85845dd1, 21); |
| 173 | MD5STEP(F4, a, b, c, d, in[ 8]+0x6fa87e4f, 6); |
| 174 | MD5STEP(F4, d, a, b, c, in[15]+0xfe2ce6e0, 10); |
| 175 | MD5STEP(F4, c, d, a, b, in[ 6]+0xa3014314, 15); |
| 176 | MD5STEP(F4, b, c, d, a, in[13]+0x4e0811a1, 21); |
| 177 | MD5STEP(F4, a, b, c, d, in[ 4]+0xf7537e82, 6); |
| 178 | MD5STEP(F4, d, a, b, c, in[11]+0xbd3af235, 10); |
| 179 | MD5STEP(F4, c, d, a, b, in[ 2]+0x2ad7d2bb, 15); |
| 180 | MD5STEP(F4, b, c, d, a, in[ 9]+0xeb86d391, 21); |
| 181 | |
| 182 | buf[0] += a; |
| 183 | buf[1] += b; |
| 184 | buf[2] += c; |
| 185 | buf[3] += d; |
| 186 | } |
| 187 | |
| 188 | MD5::MD5() |
| 189 | { |
| 190 | m_buf[0] = 0x67452301; |
| 191 | m_buf[1] = 0xefcdab89; |
| 192 | m_buf[2] = 0x98badcfe; |
| 193 | m_buf[3] = 0x10325476; |
| 194 | m_bits[0] = 0; |
| 195 | m_bits[1] = 0; |
| 196 | memset(m_in, 0, sizeof(m_in)); |
| 197 | ASSERT_WITH_MESSAGE(!(reinterpret_cast<uintptr_t>(m_in) % sizeof(uint32_t)), "alignment error of m_in"); |
| 198 | } |
| 199 | |
| 200 | void MD5::addBytes(const uint8_t* input, size_t length) |
| 201 | { |
| 202 | const uint8_t* buf = input; |
| 203 | |
| 204 | // Update bitcount |
| 205 | uint32_t t = m_bits[0]; |
| 206 | m_bits[0] = t + (length << 3); |
| 207 | if (m_bits[0] < t) |
| 208 | m_bits[1]++; // Carry from low to high |
| 209 | m_bits[1] += length >> 29; |
| 210 | |
| 211 | t = (t >> 3) & 0x3f; // Bytes already in shsInfo->data |
| 212 | |
| 213 | // Handle any leading odd-sized chunks |
| 214 | |
| 215 | if (t) { |
| 216 | uint8_t* p = m_in + t; |
| 217 | |
| 218 | t = 64 - t; |
| 219 | if (length < t) { |
| 220 | memcpy(p, buf, length); |
| 221 | return; |
| 222 | } |
| 223 | memcpy(p, buf, t); |
| 224 | toLittleEndian(m_in, 16); |
| 225 | MD5Transform(m_buf, reinterpret_cast_ptr<uint32_t*>(m_in)); // m_in is 4-byte aligned. |
| 226 | buf += t; |
| 227 | length -= t; |
| 228 | } |
| 229 | |
| 230 | // Process data in 64-byte chunks |
| 231 | |
| 232 | while (length >= 64) { |
| 233 | memcpy(m_in, buf, 64); |
| 234 | toLittleEndian(m_in, 16); |
| 235 | MD5Transform(m_buf, reinterpret_cast_ptr<uint32_t*>(m_in)); // m_in is 4-byte aligned. |
| 236 | buf += 64; |
| 237 | length -= 64; |
| 238 | } |
| 239 | |
| 240 | // Handle any remaining bytes of data. |
| 241 | memcpy(m_in, buf, length); |
| 242 | } |
| 243 | |
| 244 | void MD5::checksum(Digest& digest) |
| 245 | { |
| 246 | // Compute number of bytes mod 64 |
| 247 | unsigned count = (m_bits[0] >> 3) & 0x3F; |
| 248 | |
| 249 | // Set the first char of padding to 0x80. This is safe since there is |
| 250 | // always at least one byte free |
| 251 | uint8_t* p = m_in + count; |
| 252 | *p++ = 0x80; |
| 253 | |
| 254 | // Bytes of padding needed to make 64 bytes |
| 255 | count = 64 - 1 - count; |
| 256 | |
| 257 | // Pad out to 56 mod 64 |
| 258 | if (count < 8) { |
| 259 | // Two lots of padding: Pad the first block to 64 bytes |
| 260 | memset(p, 0, count); |
| 261 | toLittleEndian(m_in, 16); |
| 262 | MD5Transform(m_buf, reinterpret_cast_ptr<uint32_t *>(m_in)); // m_in is 4-byte aligned. |
| 263 | |
| 264 | // Now fill the next block with 56 bytes |
| 265 | memset(m_in, 0, 56); |
| 266 | } else { |
| 267 | // Pad block to 56 bytes |
| 268 | memset(p, 0, count - 8); |
| 269 | } |
| 270 | toLittleEndian(m_in, 14); |
| 271 | |
| 272 | // Append length in bits and transform |
| 273 | memcpy(m_in + 56, m_bits, sizeof(m_bits)); |
| 274 | |
| 275 | MD5Transform(m_buf, reinterpret_cast_ptr<uint32_t*>(m_in)); |
| 276 | toLittleEndian(reinterpret_cast<uint8_t*>(m_buf), 4); |
| 277 | |
| 278 | // Now, m_buf contains checksum result. |
| 279 | uint8_t* mBufUInt8 = reinterpret_cast<uint8_t*>(m_buf); |
| 280 | for (size_t i = 0; i < hashSize; ++i) |
| 281 | digest[i] = mBufUInt8[i]; |
| 282 | |
| 283 | // In case it's sensitive |
| 284 | memset(m_buf, 0, sizeof(m_buf)); |
| 285 | memset(m_bits, 0, sizeof(m_bits)); |
| 286 | memset(m_in, 0, sizeof(m_in)); |
| 287 | } |
| 288 | |
| 289 | #endif |
| 290 | |
| 291 | } // namespace WTF |
| 292 |
Generated on 2019-Jul-08 from project webcore revision master
Powered by 
Code Browser 2.1
Generator usage only permitted with license.