Linux Kernel  3.7.1
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
md4.c
Go to the documentation of this file.
1 /*
2  * Cryptographic API.
3  *
4  * MD4 Message Digest Algorithm (RFC1320).
5  *
6  * Implementation derived from Andrew Tridgell and Steve French's
7  * CIFS MD4 implementation, and the cryptoapi implementation
8  * originally based on the public domain implementation written
9  * by Colin Plumb in 1993.
10  *
11  * Copyright (c) Andrew Tridgell 1997-1998.
12  * Modified by Steve French ([email protected]) 2002
13  * Copyright (c) Cryptoapi developers.
14  * Copyright (c) 2002 David S. Miller ([email protected])
15  * Copyright (c) 2002 James Morris <[email protected]>
16  *
17  * This program is free software; you can redistribute it and/or modify
18  * it under the terms of the GNU General Public License as published by
19  * the Free Software Foundation; either version 2 of the License, or
20  * (at your option) any later version.
21  *
22  */
23 #include <crypto/internal/hash.h>
24 #include <linux/init.h>
25 #include <linux/kernel.h>
26 #include <linux/module.h>
27 #include <linux/string.h>
28 #include <linux/types.h>
29 #include <asm/byteorder.h>
30 
31 #define MD4_DIGEST_SIZE 16
32 #define MD4_HMAC_BLOCK_SIZE 64
33 #define MD4_BLOCK_WORDS 16
34 #define MD4_HASH_WORDS 4
35 
36 struct md4_ctx {
37  u32 hash[MD4_HASH_WORDS];
38  u32 block[MD4_BLOCK_WORDS];
39  u64 byte_count;
40 };
41 
42 static inline u32 lshift(u32 x, unsigned int s)
43 {
44  x &= 0xFFFFFFFF;
45  return ((x << s) & 0xFFFFFFFF) | (x >> (32 - s));
46 }
47 
48 static inline u32 F(u32 x, u32 y, u32 z)
49 {
50  return (x & y) | ((~x) & z);
51 }
52 
53 static inline u32 G(u32 x, u32 y, u32 z)
54 {
55  return (x & y) | (x & z) | (y & z);
56 }
57 
58 static inline u32 H(u32 x, u32 y, u32 z)
59 {
60  return x ^ y ^ z;
61 }
62 
63 #define ROUND1(a,b,c,d,k,s) (a = lshift(a + F(b,c,d) + k, s))
64 #define ROUND2(a,b,c,d,k,s) (a = lshift(a + G(b,c,d) + k + (u32)0x5A827999,s))
65 #define ROUND3(a,b,c,d,k,s) (a = lshift(a + H(b,c,d) + k + (u32)0x6ED9EBA1,s))
66 
67 /* XXX: this stuff can be optimized */
68 static inline void le32_to_cpu_array(u32 *buf, unsigned int words)
69 {
70  while (words--) {
71  __le32_to_cpus(buf);
72  buf++;
73  }
74 }
75 
76 static inline void cpu_to_le32_array(u32 *buf, unsigned int words)
77 {
78  while (words--) {
79  __cpu_to_le32s(buf);
80  buf++;
81  }
82 }
83 
84 static void md4_transform(u32 *hash, u32 const *in)
85 {
86  u32 a, b, c, d;
87 
88  a = hash[0];
89  b = hash[1];
90  c = hash[2];
91  d = hash[3];
92 
93  ROUND1(a, b, c, d, in[0], 3);
94  ROUND1(d, a, b, c, in[1], 7);
95  ROUND1(c, d, a, b, in[2], 11);
96  ROUND1(b, c, d, a, in[3], 19);
97  ROUND1(a, b, c, d, in[4], 3);
98  ROUND1(d, a, b, c, in[5], 7);
99  ROUND1(c, d, a, b, in[6], 11);
100  ROUND1(b, c, d, a, in[7], 19);
101  ROUND1(a, b, c, d, in[8], 3);
102  ROUND1(d, a, b, c, in[9], 7);
103  ROUND1(c, d, a, b, in[10], 11);
104  ROUND1(b, c, d, a, in[11], 19);
105  ROUND1(a, b, c, d, in[12], 3);
106  ROUND1(d, a, b, c, in[13], 7);
107  ROUND1(c, d, a, b, in[14], 11);
108  ROUND1(b, c, d, a, in[15], 19);
109 
110  ROUND2(a, b, c, d,in[ 0], 3);
111  ROUND2(d, a, b, c, in[4], 5);
112  ROUND2(c, d, a, b, in[8], 9);
113  ROUND2(b, c, d, a, in[12], 13);
114  ROUND2(a, b, c, d, in[1], 3);
115  ROUND2(d, a, b, c, in[5], 5);
116  ROUND2(c, d, a, b, in[9], 9);
117  ROUND2(b, c, d, a, in[13], 13);
118  ROUND2(a, b, c, d, in[2], 3);
119  ROUND2(d, a, b, c, in[6], 5);
120  ROUND2(c, d, a, b, in[10], 9);
121  ROUND2(b, c, d, a, in[14], 13);
122  ROUND2(a, b, c, d, in[3], 3);
123  ROUND2(d, a, b, c, in[7], 5);
124  ROUND2(c, d, a, b, in[11], 9);
125  ROUND2(b, c, d, a, in[15], 13);
126 
127  ROUND3(a, b, c, d,in[ 0], 3);
128  ROUND3(d, a, b, c, in[8], 9);
129  ROUND3(c, d, a, b, in[4], 11);
130  ROUND3(b, c, d, a, in[12], 15);
131  ROUND3(a, b, c, d, in[2], 3);
132  ROUND3(d, a, b, c, in[10], 9);
133  ROUND3(c, d, a, b, in[6], 11);
134  ROUND3(b, c, d, a, in[14], 15);
135  ROUND3(a, b, c, d, in[1], 3);
136  ROUND3(d, a, b, c, in[9], 9);
137  ROUND3(c, d, a, b, in[5], 11);
138  ROUND3(b, c, d, a, in[13], 15);
139  ROUND3(a, b, c, d, in[3], 3);
140  ROUND3(d, a, b, c, in[11], 9);
141  ROUND3(c, d, a, b, in[7], 11);
142  ROUND3(b, c, d, a, in[15], 15);
143 
144  hash[0] += a;
145  hash[1] += b;
146  hash[2] += c;
147  hash[3] += d;
148 }
149 
150 static inline void md4_transform_helper(struct md4_ctx *ctx)
151 {
152  le32_to_cpu_array(ctx->block, ARRAY_SIZE(ctx->block));
153  md4_transform(ctx->hash, ctx->block);
154 }
155 
156 static int md4_init(struct shash_desc *desc)
157 {
158  struct md4_ctx *mctx = shash_desc_ctx(desc);
159 
160  mctx->hash[0] = 0x67452301;
161  mctx->hash[1] = 0xefcdab89;
162  mctx->hash[2] = 0x98badcfe;
163  mctx->hash[3] = 0x10325476;
164  mctx->byte_count = 0;
165 
166  return 0;
167 }
168 
169 static int md4_update(struct shash_desc *desc, const u8 *data, unsigned int len)
170 {
171  struct md4_ctx *mctx = shash_desc_ctx(desc);
172  const u32 avail = sizeof(mctx->block) - (mctx->byte_count & 0x3f);
173 
174  mctx->byte_count += len;
175 
176  if (avail > len) {
177  memcpy((char *)mctx->block + (sizeof(mctx->block) - avail),
178  data, len);
179  return 0;
180  }
181 
182  memcpy((char *)mctx->block + (sizeof(mctx->block) - avail),
183  data, avail);
184 
185  md4_transform_helper(mctx);
186  data += avail;
187  len -= avail;
188 
189  while (len >= sizeof(mctx->block)) {
190  memcpy(mctx->block, data, sizeof(mctx->block));
191  md4_transform_helper(mctx);
192  data += sizeof(mctx->block);
193  len -= sizeof(mctx->block);
194  }
195 
196  memcpy(mctx->block, data, len);
197 
198  return 0;
199 }
200 
201 static int md4_final(struct shash_desc *desc, u8 *out)
202 {
203  struct md4_ctx *mctx = shash_desc_ctx(desc);
204  const unsigned int offset = mctx->byte_count & 0x3f;
205  char *p = (char *)mctx->block + offset;
206  int padding = 56 - (offset + 1);
207 
208  *p++ = 0x80;
209  if (padding < 0) {
210  memset(p, 0x00, padding + sizeof (u64));
211  md4_transform_helper(mctx);
212  p = (char *)mctx->block;
213  padding = 56;
214  }
215 
216  memset(p, 0, padding);
217  mctx->block[14] = mctx->byte_count << 3;
218  mctx->block[15] = mctx->byte_count >> 29;
219  le32_to_cpu_array(mctx->block, (sizeof(mctx->block) -
220  sizeof(u64)) / sizeof(u32));
221  md4_transform(mctx->hash, mctx->block);
222  cpu_to_le32_array(mctx->hash, ARRAY_SIZE(mctx->hash));
223  memcpy(out, mctx->hash, sizeof(mctx->hash));
224  memset(mctx, 0, sizeof(*mctx));
225 
226  return 0;
227 }
228 
229 static struct shash_alg alg = {
230  .digestsize = MD4_DIGEST_SIZE,
231  .init = md4_init,
232  .update = md4_update,
233  .final = md4_final,
234  .descsize = sizeof(struct md4_ctx),
235  .base = {
236  .cra_name = "md4",
237  .cra_flags = CRYPTO_ALG_TYPE_SHASH,
238  .cra_blocksize = MD4_HMAC_BLOCK_SIZE,
239  .cra_module = THIS_MODULE,
240  }
241 };
242 
243 static int __init md4_mod_init(void)
244 {
245  return crypto_register_shash(&alg);
246 }
247 
248 static void __exit md4_mod_fini(void)
249 {
250  crypto_unregister_shash(&alg);
251 }
252 
253 module_init(md4_mod_init);
254 module_exit(md4_mod_fini);
255 
256 MODULE_LICENSE("GPL");
257 MODULE_DESCRIPTION("MD4 Message Digest Algorithm");
258 
Generated on Thu Jan 10 2013 13:23:05 for Linux Kernel by   doxygen 1.8.2