Inicio Explorar Ayuda
Iniciar sesión
c
/
libtom.libtomcrypt
espejo de https://github.com/libtom/libtomcrypt.git
2
0
Fork 0
Archivos Incidencias 0 Wiki
Árbol: 30f8aaad8c
Ramas Etiquetas
libtom.libtomcr...
/
src
/
hashes
/
md2.c

md2.c 6.5 KB
Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252 
  1. /* LibTomCrypt, modular cryptographic library -- Tom St Denis
    2. 

  2.  *
    3. 

  3.  * LibTomCrypt is a library that provides various cryptographic
    4. 

  4.  * algorithms in a highly modular and flexible manner.
    5. 

  5.  *
    6. 

  6.  * The library is free for all purposes without any express
    7. 

  7.  * guarantee it works.
    8. 

  8.  *
    9. 

  9.  * Tom St Denis, [email protected], http://libtom.org
    10. 

  10.  */
    11. 

  11. #include "tomcrypt.h"
    12. 

  12. 

  13. /**
    14. 

  14.    @param md2.c
    15. 

  15.    LTC_MD2 (RFC 1319) hash function implementation by Tom St Denis
    16. 

  16. */
    17. 

  17. 

  18. #ifdef LTC_MD2
    19. 

  19. 

  20. const struct ltc_hash_descriptor md2_desc =
    21. 

  21. {
    22. 

  22.     "md2",
    23. 

  23.     7,
    24. 

  24.     16,
    25. 

  25.     16,
    26. 

  26. 

  27.     /* OID */
    28. 

  28.    { 1, 2, 840, 113549, 2, 2,  },
    29. 

  29.    6,
    30. 

  30. 

  31.     &md2_init,
    32. 

  32.     &md2_process,
    33. 

  33.     &md2_done,
    34. 

  34.     &md2_test,
    35. 

  35.     NULL
    36. 

  36. };
    37. 

  37. 

  38. static const unsigned char PI_SUBST[256] = {
    39. 

  39.   41, 46, 67, 201, 162, 216, 124, 1, 61, 54, 84, 161, 236, 240, 6,
    40. 

  40.   19, 98, 167, 5, 243, 192, 199, 115, 140, 152, 147, 43, 217, 188,
    41. 

  41.   76, 130, 202, 30, 155, 87, 60, 253, 212, 224, 22, 103, 66, 111, 24,
    42. 

  42.   138, 23, 229, 18, 190, 78, 196, 214, 218, 158, 222, 73, 160, 251,
    43. 

  43.   245, 142, 187, 47, 238, 122, 169, 104, 121, 145, 21, 178, 7, 63,
    44. 

  44.   148, 194, 16, 137, 11, 34, 95, 33, 128, 127, 93, 154, 90, 144, 50,
    45. 

  45.   39, 53, 62, 204, 231, 191, 247, 151, 3, 255, 25, 48, 179, 72, 165,
    46. 

  46.   181, 209, 215, 94, 146, 42, 172, 86, 170, 198, 79, 184, 56, 210,
    47. 

  47.   150, 164, 125, 182, 118, 252, 107, 226, 156, 116, 4, 241, 69, 157,
    48. 

  48.   112, 89, 100, 113, 135, 32, 134, 91, 207, 101, 230, 45, 168, 2, 27,
    49. 

  49.   96, 37, 173, 174, 176, 185, 246, 28, 70, 97, 105, 52, 64, 126, 15,
    50. 

  50.   85, 71, 163, 35, 221, 81, 175, 58, 195, 92, 249, 206, 186, 197,
    51. 

  51.   234, 38, 44, 83, 13, 110, 133, 40, 132, 9, 211, 223, 205, 244, 65,
    52. 

  52.   129, 77, 82, 106, 220, 55, 200, 108, 193, 171, 250, 36, 225, 123,
    53. 

  53.   8, 12, 189, 177, 74, 120, 136, 149, 139, 227, 99, 232, 109, 233,
    54. 

  54.   203, 213, 254, 59, 0, 29, 57, 242, 239, 183, 14, 102, 88, 208, 228,
    55. 

  55.   166, 119, 114, 248, 235, 117, 75, 10, 49, 68, 80, 180, 143, 237,
    56. 

  56.   31, 26, 219, 153, 141, 51, 159, 17, 131, 20
    57. 

  57. };
    58. 

  58. 

  59. /* adds 16 bytes to the checksum */
    60. 

  60. static void md2_update_chksum(hash_state *md)
    61. 

  61. {
    62. 

  62.    int j;
    63. 

  63.    unsigned char L;
    64. 

  64.    L = md->md2.chksum[15];
    65. 

  65.    for (j = 0; j < 16; j++) {
    66. 

  66. 

  67. /* caution, the RFC says its "C[j] = S[M[i*16+j] xor L]" but the reference source code [and test vectors] say
    68. 

  68.    otherwise.
    69. 

  69. */
    70. 

  70.        L = (md->md2.chksum[j] ^= PI_SUBST[(int)(md->md2.buf[j] ^ L)] & 255);
    71. 

  71.    }
    72. 

  72. }
    73. 

  73. 

  74. static void md2_compress(hash_state *md)
    75. 

  75. {
    76. 

  76.    int j, k;
    77. 

  77.    unsigned char t;
    78. 

  78. 

  79.    /* copy block */
    80. 

  80.    for (j = 0; j < 16; j++) {
    81. 

  81.        md->md2.X[16+j] = md->md2.buf[j];
    82. 

  82.        md->md2.X[32+j] = md->md2.X[j] ^ md->md2.X[16+j];
    83. 

  83.    }
    84. 

  84. 

  85.    t = (unsigned char)0;
    86. 

  86. 

  87.    /* do 18 rounds */
    88. 

  88.    for (j = 0; j < 18; j++) {
    89. 

  89.        for (k = 0; k < 48; k++) {
    90. 

  90.            t = (md->md2.X[k] ^= PI_SUBST[(int)(t & 255)]);
    91. 

  91.        }
    92. 

  92.        t = (t + (unsigned char)j) & 255;
    93. 

  93.    }
    94. 

  94. }
    95. 

  95. 

  96. /**
    97. 

  97.    Initialize the hash state
    98. 

  98.    @param md   The hash state you wish to initialize
    99. 

  99.    @return CRYPT_OK if successful
    100. 

  100. */
    101. 

  101. int md2_init(hash_state *md)
    102. 

  102. {
    103. 

  103.    LTC_ARGCHK(md != NULL);
    104. 

  104. 

  105.    /* LTC_MD2 uses a zero'ed state... */
    106. 

  106.    zeromem(md->md2.X, sizeof(md->md2.X));
    107. 

  107.    zeromem(md->md2.chksum, sizeof(md->md2.chksum));
    108. 

  108.    zeromem(md->md2.buf, sizeof(md->md2.buf));
    109. 

  109.    md->md2.curlen = 0;
    110. 

  110.    return CRYPT_OK;
    111. 

  111. }
    112. 

  112. 

  113. /**
    114. 

  114.    Process a block of memory though the hash
    115. 

  115.    @param md     The hash state
    116. 

  116.    @param in     The data to hash
    117. 

  117.    @param inlen  The length of the data (octets)
    118. 

  118.    @return CRYPT_OK if successful
    119. 

  119. */
    120. 

  120. int md2_process(hash_state *md, const unsigned char *in, unsigned long inlen)
    121. 

  121. {
    122. 

  122.     unsigned long n;
    123. 

  123.     LTC_ARGCHK(md != NULL);
    124. 

  124.     LTC_ARGCHK(in != NULL);
    125. 

  125.     if (md-> md2 .curlen > sizeof(md-> md2 .buf)) {
    126. 

  126.        return CRYPT_INVALID_ARG;
    127. 

  127.     }
    128. 

  128.     while (inlen > 0) {
    129. 

  129.         n = MIN(inlen, (16 - md->md2.curlen));
    130. 

  130.         XMEMCPY(md->md2.buf + md->md2.curlen, in, (size_t)n);
    131. 

  131.         md->md2.curlen += n;
    132. 

  132.         in             += n;
    133. 

  133.         inlen          -= n;
    134. 

  134. 

  135.         /* is 16 bytes full? */
    136. 

  136.         if (md->md2.curlen == 16) {
    137. 

  137.             md2_compress(md);
    138. 

  138.             md2_update_chksum(md);
    139. 

  139.             md->md2.curlen = 0;
    140. 

  140.         }
    141. 

  141.     }
    142. 

  142.     return CRYPT_OK;
    143. 

  143. }
    144. 

  144. 

  145. /**
    146. 

  146.    Terminate the hash to get the digest
    147. 

  147.    @param md  The hash state
    148. 

  148.    @param out [out] The destination of the hash (16 bytes)
    149. 

  149.    @return CRYPT_OK if successful
    150. 

  150. */
    151. 

  151. int md2_done(hash_state * md, unsigned char *out)
    152. 

  152. {
    153. 

  153.     unsigned long i, k;
    154. 

  154. 

  155.     LTC_ARGCHK(md  != NULL);
    156. 

  156.     LTC_ARGCHK(out != NULL);
    157. 

  157. 

  158.     if (md->md2.curlen >= sizeof(md->md2.buf)) {
    159. 

  159.        return CRYPT_INVALID_ARG;
    160. 

  160.     }
    161. 

  161. 

  162. 

  163.     /* pad the message */
    164. 

  164.     k = 16 - md->md2.curlen;
    165. 

  165.     for (i = md->md2.curlen; i < 16; i++) {
    166. 

  166.         md->md2.buf[i] = (unsigned char)k;
    167. 

  167.     }
    168. 

  168. 

  169.     /* hash and update */
    170. 

  170.     md2_compress(md);
    171. 

  171.     md2_update_chksum(md);
    172. 

  172. 

  173.     /* hash checksum */
    174. 

  174.     XMEMCPY(md->md2.buf, md->md2.chksum, 16);
    175. 

  175.     md2_compress(md);
    176. 

  176. 

  177.     /* output is lower 16 bytes of X */
    178. 

  178.     XMEMCPY(out, md->md2.X, 16);
    179. 

  179. 

  180. #ifdef LTC_CLEAN_STACK
    181. 

  181.     zeromem(md, sizeof(hash_state));
    182. 

  182. #endif
    183. 

  183.     return CRYPT_OK;
    184. 

  184. }
    185. 

  185. 

  186. /**
    187. 

  187.   Self-test the hash
    188. 

  188.   @return CRYPT_OK if successful, CRYPT_NOP if self-tests have been disabled
    189. 

  189. */
    190. 

  190. int md2_test(void)
    191. 

  191. {
    192. 

  192.  #ifndef LTC_TEST
    193. 

  193.     return CRYPT_NOP;
    194. 

  194.  #else
    195. 

  195.    static const struct {
    196. 

  196.         char *msg;
    197. 

  197.         unsigned char hash[16];
    198. 

  198.    } tests[] = {
    199. 

  199.       { "",
    200. 

  200.         {0x83,0x50,0xe5,0xa3,0xe2,0x4c,0x15,0x3d,
    201. 

  201.          0xf2,0x27,0x5c,0x9f,0x80,0x69,0x27,0x73
    202. 

  202.         }
    203. 

  203.       },
    204. 

  204.       { "a",
    205. 

  205.         {0x32,0xec,0x01,0xec,0x4a,0x6d,0xac,0x72,
    206. 

  206.          0xc0,0xab,0x96,0xfb,0x34,0xc0,0xb5,0xd1
    207. 

  207.         }
    208. 

  208.       },
    209. 

  209.       { "message digest",
    210. 

  210.         {0xab,0x4f,0x49,0x6b,0xfb,0x2a,0x53,0x0b,
    211. 

  211.          0x21,0x9f,0xf3,0x30,0x31,0xfe,0x06,0xb0
    212. 

  212.         }
    213. 

  213.       },
    214. 

  214.       { "abcdefghijklmnopqrstuvwxyz",
    215. 

  215.         {0x4e,0x8d,0xdf,0xf3,0x65,0x02,0x92,0xab,
    216. 

  216.          0x5a,0x41,0x08,0xc3,0xaa,0x47,0x94,0x0b
    217. 

  217.         }
    218. 

  218.       },
    219. 

  219.       { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
    220. 

  220.         {0xda,0x33,0xde,0xf2,0xa4,0x2d,0xf1,0x39,
    221. 

  221.          0x75,0x35,0x28,0x46,0xc3,0x03,0x38,0xcd
    222. 

  222.         }
    223. 

  223.       },
    224. 

  224.       { "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
    225. 

  225.         {0xd5,0x97,0x6f,0x79,0xd8,0x3d,0x3a,0x0d,
    226. 

  226.          0xc9,0x80,0x6c,0x3c,0x66,0xf3,0xef,0xd8
    227. 

  227.         }
    228. 

  228.       }
    229. 

  229.    };
    230. 

  230. 

  231.    int i;
    232. 

  232.    unsigned char tmp[16];
    233. 

  233.    hash_state md;
    234. 

  234. 

  235.    for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) {
    236. 

  236.        md2_init(&md);
    237. 

  237.        md2_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg));
    238. 

  238.        md2_done(&md, tmp);
    239. 

  239.        if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "MD2", i)) {
    240. 

  240.           return CRYPT_FAIL_TESTVECTOR;
    241. 

  241.        }
    242. 

  242.    }
    243. 

  243.    return CRYPT_OK;
    244. 

  244.   #endif
    245. 

  245. }
    246. 

  246. 

  247. #endif
    248. 

  248. 

  249. 

  250. /* $Source$ */
    251. 

  251. /* $Revision$ */
    252. 

  252. /* $Date$ */
    253.