michael@0: /* This Source Code Form is subject to the terms of the Mozilla Public michael@0: * License, v. 2.0. If a copy of the MPL was not distributed with this michael@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ michael@0: michael@0: #ifdef FREEBL_NO_DEPEND michael@0: #include "stubs.h" michael@0: #endif michael@0: michael@0: #include "prerr.h" michael@0: #include "secerr.h" michael@0: michael@0: #include "prtypes.h" michael@0: michael@0: #include "blapi.h" michael@0: michael@0: #define MD2_DIGEST_LEN 16 michael@0: #define MD2_BUFSIZE 16 michael@0: #define MD2_X_SIZE 48 /* The X array, [CV | INPUT | TMP VARS] */ michael@0: #define MD2_CV 0 /* index into X for chaining variables */ michael@0: #define MD2_INPUT 16 /* index into X for input */ michael@0: #define MD2_TMPVARS 32 /* index into X for temporary variables */ michael@0: #define MD2_CHECKSUM_SIZE 16 michael@0: michael@0: struct MD2ContextStr { michael@0: unsigned char checksum[MD2_BUFSIZE]; michael@0: unsigned char X[MD2_X_SIZE]; michael@0: PRUint8 unusedBuffer; michael@0: }; michael@0: michael@0: static const PRUint8 MD2S[256] = { michael@0: 0051, 0056, 0103, 0311, 0242, 0330, 0174, 0001, michael@0: 0075, 0066, 0124, 0241, 0354, 0360, 0006, 0023, michael@0: 0142, 0247, 0005, 0363, 0300, 0307, 0163, 0214, michael@0: 0230, 0223, 0053, 0331, 0274, 0114, 0202, 0312, michael@0: 0036, 0233, 0127, 0074, 0375, 0324, 0340, 0026, michael@0: 0147, 0102, 0157, 0030, 0212, 0027, 0345, 0022, michael@0: 0276, 0116, 0304, 0326, 0332, 0236, 0336, 0111, michael@0: 0240, 0373, 0365, 0216, 0273, 0057, 0356, 0172, michael@0: 0251, 0150, 0171, 0221, 0025, 0262, 0007, 0077, michael@0: 0224, 0302, 0020, 0211, 0013, 0042, 0137, 0041, michael@0: 0200, 0177, 0135, 0232, 0132, 0220, 0062, 0047, michael@0: 0065, 0076, 0314, 0347, 0277, 0367, 0227, 0003, michael@0: 0377, 0031, 0060, 0263, 0110, 0245, 0265, 0321, michael@0: 0327, 0136, 0222, 0052, 0254, 0126, 0252, 0306, michael@0: 0117, 0270, 0070, 0322, 0226, 0244, 0175, 0266, michael@0: 0166, 0374, 0153, 0342, 0234, 0164, 0004, 0361, michael@0: 0105, 0235, 0160, 0131, 0144, 0161, 0207, 0040, michael@0: 0206, 0133, 0317, 0145, 0346, 0055, 0250, 0002, michael@0: 0033, 0140, 0045, 0255, 0256, 0260, 0271, 0366, michael@0: 0034, 0106, 0141, 0151, 0064, 0100, 0176, 0017, michael@0: 0125, 0107, 0243, 0043, 0335, 0121, 0257, 0072, michael@0: 0303, 0134, 0371, 0316, 0272, 0305, 0352, 0046, michael@0: 0054, 0123, 0015, 0156, 0205, 0050, 0204, 0011, michael@0: 0323, 0337, 0315, 0364, 0101, 0201, 0115, 0122, michael@0: 0152, 0334, 0067, 0310, 0154, 0301, 0253, 0372, michael@0: 0044, 0341, 0173, 0010, 0014, 0275, 0261, 0112, michael@0: 0170, 0210, 0225, 0213, 0343, 0143, 0350, 0155, michael@0: 0351, 0313, 0325, 0376, 0073, 0000, 0035, 0071, michael@0: 0362, 0357, 0267, 0016, 0146, 0130, 0320, 0344, michael@0: 0246, 0167, 0162, 0370, 0353, 0165, 0113, 0012, michael@0: 0061, 0104, 0120, 0264, 0217, 0355, 0037, 0032, michael@0: 0333, 0231, 0215, 0063, 0237, 0021, 0203, 0024 michael@0: }; michael@0: michael@0: SECStatus michael@0: MD2_Hash(unsigned char *dest, const char *src) michael@0: { michael@0: unsigned int len; michael@0: MD2Context *cx = MD2_NewContext(); michael@0: if (!cx) { michael@0: PORT_SetError(PR_OUT_OF_MEMORY_ERROR); michael@0: return SECFailure; michael@0: } michael@0: MD2_Begin(cx); michael@0: MD2_Update(cx, (const unsigned char *)src, PORT_Strlen(src)); michael@0: MD2_End(cx, dest, &len, MD2_DIGEST_LEN); michael@0: MD2_DestroyContext(cx, PR_TRUE); michael@0: return SECSuccess; michael@0: } michael@0: michael@0: MD2Context * michael@0: MD2_NewContext(void) michael@0: { michael@0: MD2Context *cx = (MD2Context *)PORT_ZAlloc(sizeof(MD2Context)); michael@0: if (cx == NULL) { michael@0: PORT_SetError(PR_OUT_OF_MEMORY_ERROR); michael@0: return NULL; michael@0: } michael@0: return cx; michael@0: } michael@0: michael@0: void michael@0: MD2_DestroyContext(MD2Context *cx, PRBool freeit) michael@0: { michael@0: if (freeit) michael@0: PORT_ZFree(cx, sizeof(*cx)); michael@0: } michael@0: michael@0: void michael@0: MD2_Begin(MD2Context *cx) michael@0: { michael@0: memset(cx, 0, sizeof(*cx)); michael@0: cx->unusedBuffer = MD2_BUFSIZE; michael@0: } michael@0: michael@0: static void michael@0: md2_compress(MD2Context *cx) michael@0: { michael@0: int j; michael@0: unsigned char P; michael@0: P = cx->checksum[MD2_CHECKSUM_SIZE-1]; michael@0: /* Compute the running checksum, and set the tmp variables to be michael@0: * CV[i] XOR input[i] michael@0: */ michael@0: #define CKSUMFN(n) \ michael@0: P = cx->checksum[n] ^ MD2S[cx->X[MD2_INPUT+n] ^ P]; \ michael@0: cx->checksum[n] = P; \ michael@0: cx->X[MD2_TMPVARS+n] = cx->X[n] ^ cx->X[MD2_INPUT+n]; michael@0: CKSUMFN(0); michael@0: CKSUMFN(1); michael@0: CKSUMFN(2); michael@0: CKSUMFN(3); michael@0: CKSUMFN(4); michael@0: CKSUMFN(5); michael@0: CKSUMFN(6); michael@0: CKSUMFN(7); michael@0: CKSUMFN(8); michael@0: CKSUMFN(9); michael@0: CKSUMFN(10); michael@0: CKSUMFN(11); michael@0: CKSUMFN(12); michael@0: CKSUMFN(13); michael@0: CKSUMFN(14); michael@0: CKSUMFN(15); michael@0: /* The compression function. */ michael@0: #define COMPRESS(n) \ michael@0: P = cx->X[n] ^ MD2S[P]; \ michael@0: cx->X[n] = P; michael@0: P = 0x00; michael@0: for (j=0; j<18; j++) { michael@0: COMPRESS(0); michael@0: COMPRESS(1); michael@0: COMPRESS(2); michael@0: COMPRESS(3); michael@0: COMPRESS(4); michael@0: COMPRESS(5); michael@0: COMPRESS(6); michael@0: COMPRESS(7); michael@0: COMPRESS(8); michael@0: COMPRESS(9); michael@0: COMPRESS(10); michael@0: COMPRESS(11); michael@0: COMPRESS(12); michael@0: COMPRESS(13); michael@0: COMPRESS(14); michael@0: COMPRESS(15); michael@0: COMPRESS(16); michael@0: COMPRESS(17); michael@0: COMPRESS(18); michael@0: COMPRESS(19); michael@0: COMPRESS(20); michael@0: COMPRESS(21); michael@0: COMPRESS(22); michael@0: COMPRESS(23); michael@0: COMPRESS(24); michael@0: COMPRESS(25); michael@0: COMPRESS(26); michael@0: COMPRESS(27); michael@0: COMPRESS(28); michael@0: COMPRESS(29); michael@0: COMPRESS(30); michael@0: COMPRESS(31); michael@0: COMPRESS(32); michael@0: COMPRESS(33); michael@0: COMPRESS(34); michael@0: COMPRESS(35); michael@0: COMPRESS(36); michael@0: COMPRESS(37); michael@0: COMPRESS(38); michael@0: COMPRESS(39); michael@0: COMPRESS(40); michael@0: COMPRESS(41); michael@0: COMPRESS(42); michael@0: COMPRESS(43); michael@0: COMPRESS(44); michael@0: COMPRESS(45); michael@0: COMPRESS(46); michael@0: COMPRESS(47); michael@0: P = (P + j) % 256; michael@0: } michael@0: cx->unusedBuffer = MD2_BUFSIZE; michael@0: } michael@0: michael@0: void michael@0: MD2_Update(MD2Context *cx, const unsigned char *input, unsigned int inputLen) michael@0: { michael@0: PRUint32 bytesToConsume; michael@0: michael@0: /* Fill the remaining input buffer. */ michael@0: if (cx->unusedBuffer != MD2_BUFSIZE) { michael@0: bytesToConsume = PR_MIN(inputLen, cx->unusedBuffer); michael@0: memcpy(&cx->X[MD2_INPUT + (MD2_BUFSIZE - cx->unusedBuffer)], michael@0: input, bytesToConsume); michael@0: if (cx->unusedBuffer + bytesToConsume >= MD2_BUFSIZE) michael@0: md2_compress(cx); michael@0: inputLen -= bytesToConsume; michael@0: input += bytesToConsume; michael@0: } michael@0: michael@0: /* Iterate over 16-byte chunks of the input. */ michael@0: while (inputLen >= MD2_BUFSIZE) { michael@0: memcpy(&cx->X[MD2_INPUT], input, MD2_BUFSIZE); michael@0: md2_compress(cx); michael@0: inputLen -= MD2_BUFSIZE; michael@0: input += MD2_BUFSIZE; michael@0: } michael@0: michael@0: /* Copy any input that remains into the buffer. */ michael@0: if (inputLen) michael@0: memcpy(&cx->X[MD2_INPUT], input, inputLen); michael@0: cx->unusedBuffer = MD2_BUFSIZE - inputLen; michael@0: } michael@0: michael@0: void michael@0: MD2_End(MD2Context *cx, unsigned char *digest, michael@0: unsigned int *digestLen, unsigned int maxDigestLen) michael@0: { michael@0: PRUint8 padStart; michael@0: if (maxDigestLen < MD2_BUFSIZE) { michael@0: PORT_SetError(SEC_ERROR_INVALID_ARGS); michael@0: return; michael@0: } michael@0: padStart = MD2_BUFSIZE - cx->unusedBuffer; michael@0: memset(&cx->X[MD2_INPUT + padStart], cx->unusedBuffer, michael@0: cx->unusedBuffer); michael@0: md2_compress(cx); michael@0: memcpy(&cx->X[MD2_INPUT], cx->checksum, MD2_BUFSIZE); michael@0: md2_compress(cx); michael@0: *digestLen = MD2_DIGEST_LEN; michael@0: memcpy(digest, &cx->X[MD2_CV], MD2_DIGEST_LEN); michael@0: } michael@0: michael@0: unsigned int michael@0: MD2_FlattenSize(MD2Context *cx) michael@0: { michael@0: return sizeof(*cx); michael@0: } michael@0: michael@0: SECStatus michael@0: MD2_Flatten(MD2Context *cx, unsigned char *space) michael@0: { michael@0: memcpy(space, cx, sizeof(*cx)); michael@0: return SECSuccess; michael@0: } michael@0: michael@0: MD2Context * michael@0: MD2_Resurrect(unsigned char *space, void *arg) michael@0: { michael@0: MD2Context *cx = MD2_NewContext(); michael@0: if (cx) michael@0: memcpy(cx, space, sizeof(*cx)); michael@0: return cx; michael@0: } michael@0: michael@0: void MD2_Clone(MD2Context *dest, MD2Context *src) michael@0: { michael@0: memcpy(dest, src, sizeof *dest); michael@0: }