Thank you for fix.
I assume now the patch is ready to commit.
I'll commit it tomorrow in case of no objections.
Thanks. Dmitry.
Solar Designer wrote:
I wrote:
OK, I think I found it. ext/hash/php_hash_md.h has this:
#define PHP_MD4Init PHP_MD5Init
which breaks when the two implementations are not that similar anymore.
Replacing the MD4 implementation with mine as well would fix this (or
hide the bug, depending on your point of view), but for now I think the
right fix would be to define a PHP_MD4Init() function explicitly.
The patch is attached. It contains two other tiny changes:
1. Replaces two of MD4's basic functions with more optimal versions
(faster and smaller code).
2. Corrects a typo in a nearby comment.
This patch may be applied independently and before the MD5 replacement
patch - but it is required for the MD5 replacement patch.
Alexander
Index: ext/standard/md5.c
===================================================================
RCS file: /repository/php-src/ext/standard/md5.c,v
retrieving revision 1.39.2.1.2.4.2.1
diff -u -p -d -r1.39.2.1.2.4.2.1 md5.c
--- ext/standard/md5.c 31 Dec 2007 07:17:15 -0000 1.39.2.1.2.4.2.1
+++ ext/standard/md5.c 7 Feb 2008 13:18:51 -0000
@@ -12,26 +12,24 @@
| obtain it through the world-wide-web, please send a note to |
| [EMAIL PROTECTED] so we can mail you a copy immediately. |
+----------------------------------------------------------------------+
- | Author: Lachlan Roche |
+ | Author: Alexander Peslyak (Solar Designer) <solar at openwall.com> |
+ | Lachlan Roche |
+ | Alessandro Astarita <[EMAIL PROTECTED]> |
+----------------------------------------------------------------------+
*/
-/* $Id: md5.c,v 1.39.2.1.2.4.2.1 2007/12/31 07:17:15 sebastian Exp $ */
-
-/*
- * md5.c - Copyright 1997 Lachlan Roche
- * md5_file() added by Alessandro Astarita <[EMAIL PROTECTED]>
- */
+/* $Id:$ */
#include "php.h"
#include "md5.h"
-PHPAPI void make_digest(char *md5str, unsigned char *digest)
+PHPAPI void make_digest(char *md5str, const unsigned char *digest) /* {{{ */
{
make_digest_ex(md5str, digest, 16);
}
+/* }}} */
-PHPAPI void make_digest_ex(char *md5str, unsigned char *digest, int len)
+PHPAPI void make_digest_ex(char *md5str, const unsigned char *digest, int len)
/* {{{ */
{
static const char hexits[17] = "0123456789abcdef";
int i;
@@ -42,6 +40,7 @@ PHPAPI void make_digest_ex(char *md5str,
}
md5str[len * 2] = '\0';
}
+/* }}} */
/* {{{ proto string md5(string str, [ bool raw_output])
Calculate the md5 hash of a string */
@@ -119,322 +118,272 @@ PHP_NAMED_FUNCTION(php_if_md5_file)
/* }}} */
/*
- * The remaining code is the reference MD5 code (md5c.c) from rfc1321
- */
-/* MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm
- */
-
-/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
- rights reserved.
-
- License to copy and use this software is granted provided that it
- is identified as the "RSA Data Security, Inc. MD5 Message-Digest
- Algorithm" in all material mentioning or referencing this software
- or this function.
-
- License is also granted to make and use derivative works provided
- that such works are identified as "derived from the RSA Data
- Security, Inc. MD5 Message-Digest Algorithm" in all material
- mentioning or referencing the derived work.
-
- RSA Data Security, Inc. makes no representations concerning either
- the merchantability of this software or the suitability of this
- software for any particular purpose. It is provided "as is"
- without express or implied warranty of any kind.
-
- These notices must be retained in any copies of any part of this
- documentation and/or software.
- */
+ * * This is an OpenSSL-compatible implementation of the RSA Data Security,
+ * * Inc. MD5 Message-Digest Algorithm (RFC 1321).
+ * *
+ * * Written by Solar Designer <solar at openwall.com> in 2001, and placed
+ * * in the public domain. There's absolutely no warranty.
+ * *
+ * * This differs from Colin Plumb's older public domain implementation
in
+ * * that no 32-bit integer data type is required, there's no
compile-time
+ * * endianness configuration, and the function prototypes match
OpenSSL's.
+ * * The primary goals are portability and ease of use.
+ * *
+ * * This implementation is meant to be fast, but not as fast as
possible.
+ * * Some known optimizations are not included to reduce source
code size
+ * * and avoid compile-time configuration.
+ * */
-/* Constants for MD5Transform routine.
- */
+#include <string.h>
+/*
+ * * The basic MD5 functions.
+ * *
+ * * F and G are optimized compared to their RFC 1321 definitions for
+ * * architectures that lack an AND-NOT instruction, just like in Colin
Plumb's
+ * * implementation.
+ * */
+#define F(x, y, z) ((z) ^ ((x) & ((y) ^ (z))))
+#define G(x, y, z) ((y) ^ ((z) & ((x) ^ (y))))
+#define H(x, y, z) ((x) ^ (y) ^ (z))
+#define I(x, y, z) ((y) ^ ((x) | ~(z)))
-#define S11 7
-#define S12 12
-#define S13 17
-#define S14 22
-#define S21 5
-#define S22 9
-#define S23 14
-#define S24 20
-#define S31 4
-#define S32 11
-#define S33 16
-#define S34 23
-#define S41 6
-#define S42 10
-#define S43 15
-#define S44 21
+/*
+ * * The MD5 transformation for all four rounds.
+ * */
+#define STEP(f, a, b, c, d, x, t, s) \
+ (a) += f((b), (c), (d)) + (x) + (t); \
+ (a) = (((a) << (s)) | (((a) & 0xffffffff) >> (32 - (s)))); \
+ (a) += (b);
-static void MD5Transform(php_uint32[4], const unsigned char[64]);
-static void Encode(unsigned char *, php_uint32 *, unsigned int);
-static void Decode(php_uint32 *, const unsigned char *, unsigned int);
+/*
+ * * SET reads 4 input bytes in little-endian byte order and stores them
+ * * in a properly aligned word in host byte order.
+ * *
+ * * The check for little-endian architectures that tolerate unaligned
+ * * memory accesses is just an optimization. Nothing will break if it
+ * * doesn't work.
+ * */
+#if defined(__i386__) || defined(__x86_64__) || defined(__vax__)
+# define SET(n) \
+ (*(php_uint32 *)&ptr[(n) * 4])
+# define GET(n) \
+ SET(n)
+#else
+# define SET(n) \
+ (ctx->block[(n)] = \
+ (php_uint32)ptr[(n) * 4] | \
+ ((php_uint32)ptr[(n) * 4 + 1] << 8) | \
+ ((php_uint32)ptr[(n) * 4 + 2] << 16) | \
+ ((php_uint32)ptr[(n) * 4 + 3] << 24))
+# define GET(n) \
+ (ctx->block[(n)])
+#endif
-static unsigned char PADDING[64] =
+/*
+ * * This processes one or more 64-byte data blocks, but does NOT update
+ * * the bit counters. There are no alignment requirements.
+ * */
+static const void *body(PHP_MD5_CTX *ctx, const void *data, size_t size)
{
- 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
-};
-
-/* F, G, H and I are basic MD5 functions.
- */
-#define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
-#define G(x, y, z) (((x) & (z)) | ((y) & (~z)))
-#define H(x, y, z) ((x) ^ (y) ^ (z))
-#define I(x, y, z) ((y) ^ ((x) | (~z)))
+ const unsigned char *ptr;
+ php_uint32 a, b, c, d;
+ php_uint32 saved_a, saved_b, saved_c, saved_d;
-/* ROTATE_LEFT rotates x left n bits.
- */
-#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n))))
+ ptr = data;
-/* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4.
- Rotation is separate from addition to prevent recomputation.
- */
-#define FF(a, b, c, d, x, s, ac) { \
- (a) += F ((b), (c), (d)) + (x) + (php_uint32)(ac); \
- (a) = ROTATE_LEFT ((a), (s)); \
- (a) += (b); \
- }
-#define GG(a, b, c, d, x, s, ac) { \
- (a) += G ((b), (c), (d)) + (x) + (php_uint32)(ac); \
- (a) = ROTATE_LEFT ((a), (s)); \
- (a) += (b); \
- }
-#define HH(a, b, c, d, x, s, ac) { \
- (a) += H ((b), (c), (d)) + (x) + (php_uint32)(ac); \
- (a) = ROTATE_LEFT ((a), (s)); \
- (a) += (b); \
- }
-#define II(a, b, c, d, x, s, ac) { \
- (a) += I ((b), (c), (d)) + (x) + (php_uint32)(ac); \
- (a) = ROTATE_LEFT ((a), (s)); \
- (a) += (b); \
- }
+ a = ctx->a;
+ b = ctx->b;
+ c = ctx->c;
+ d = ctx->d;
-/* {{{ PHP_MD5Init
- * MD5 initialization. Begins an MD5 operation, writing a new context.
- */
-PHPAPI void PHP_MD5Init(PHP_MD5_CTX * context)
-{
- context->count[0] = context->count[1] = 0;
- /* Load magic initialization constants.
- */
- context->state[0] = 0x67452301;
- context->state[1] = 0xefcdab89;
- context->state[2] = 0x98badcfe;
- context->state[3] = 0x10325476;
-}
-/* }}} */
+ do {
+ saved_a = a;
+ saved_b = b;
+ saved_c = c;
+ saved_d = d;
-/* {{{ PHP_MD5Update
- MD5 block update operation. Continues an MD5 message-digest
- operation, processing another message block, and updating the
- context.
- */
-PHPAPI void PHP_MD5Update(PHP_MD5_CTX * context, const unsigned char *input,
- unsigned int inputLen)
-{
- unsigned int i, index, partLen;
+/* Round 1 */
+ STEP(F, a, b, c, d, SET(0), 0xd76aa478, 7)
+ STEP(F, d, a, b, c, SET(1), 0xe8c7b756, 12)
+ STEP(F, c, d, a, b, SET(2), 0x242070db, 17)
+ STEP(F, b, c, d, a, SET(3), 0xc1bdceee, 22)
+ STEP(F, a, b, c, d, SET(4), 0xf57c0faf, 7)
+ STEP(F, d, a, b, c, SET(5), 0x4787c62a, 12)
+ STEP(F, c, d, a, b, SET(6), 0xa8304613, 17)
+ STEP(F, b, c, d, a, SET(7), 0xfd469501, 22)
+ STEP(F, a, b, c, d, SET(8), 0x698098d8, 7)
+ STEP(F, d, a, b, c, SET(9), 0x8b44f7af, 12)
+ STEP(F, c, d, a, b, SET(10), 0xffff5bb1, 17)
+ STEP(F, b, c, d, a, SET(11), 0x895cd7be, 22)
+ STEP(F, a, b, c, d, SET(12), 0x6b901122, 7)
+ STEP(F, d, a, b, c, SET(13), 0xfd987193, 12)
+ STEP(F, c, d, a, b, SET(14), 0xa679438e, 17)
+ STEP(F, b, c, d, a, SET(15), 0x49b40821, 22)
- /* Compute number of bytes mod 64 */
- index = (unsigned int) ((context->count[0] >> 3) & 0x3F);
+/* Round 2 */
+ STEP(G, a, b, c, d, GET(1), 0xf61e2562, 5)
+ STEP(G, d, a, b, c, GET(6), 0xc040b340, 9)
+ STEP(G, c, d, a, b, GET(11), 0x265e5a51, 14)
+ STEP(G, b, c, d, a, GET(0), 0xe9b6c7aa, 20)
+ STEP(G, a, b, c, d, GET(5), 0xd62f105d, 5)
+ STEP(G, d, a, b, c, GET(10), 0x02441453, 9)
+ STEP(G, c, d, a, b, GET(15), 0xd8a1e681, 14)
+ STEP(G, b, c, d, a, GET(4), 0xe7d3fbc8, 20)
+ STEP(G, a, b, c, d, GET(9), 0x21e1cde6, 5)
+ STEP(G, d, a, b, c, GET(14), 0xc33707d6, 9)
+ STEP(G, c, d, a, b, GET(3), 0xf4d50d87, 14)
+ STEP(G, b, c, d, a, GET(8), 0x455a14ed, 20)
+ STEP(G, a, b, c, d, GET(13), 0xa9e3e905, 5)
+ STEP(G, d, a, b, c, GET(2), 0xfcefa3f8, 9)
+ STEP(G, c, d, a, b, GET(7), 0x676f02d9, 14)
+ STEP(G, b, c, d, a, GET(12), 0x8d2a4c8a, 20)
- /* Update number of bits */
- if ((context->count[0] += ((php_uint32) inputLen << 3))
- < ((php_uint32) inputLen << 3))
- context->count[1]++;
- context->count[1] += ((php_uint32) inputLen >> 29);
+/* Round 3 */
+ STEP(H, a, b, c, d, GET(5), 0xfffa3942, 4)
+ STEP(H, d, a, b, c, GET(8), 0x8771f681, 11)
+ STEP(H, c, d, a, b, GET(11), 0x6d9d6122, 16)
+ STEP(H, b, c, d, a, GET(14), 0xfde5380c, 23)
+ STEP(H, a, b, c, d, GET(1), 0xa4beea44, 4)
+ STEP(H, d, a, b, c, GET(4), 0x4bdecfa9, 11)
+ STEP(H, c, d, a, b, GET(7), 0xf6bb4b60, 16)
+ STEP(H, b, c, d, a, GET(10), 0xbebfbc70, 23)
+ STEP(H, a, b, c, d, GET(13), 0x289b7ec6, 4)
+ STEP(H, d, a, b, c, GET(0), 0xeaa127fa, 11)
+ STEP(H, c, d, a, b, GET(3), 0xd4ef3085, 16)
+ STEP(H, b, c, d, a, GET(6), 0x04881d05, 23)
+ STEP(H, a, b, c, d, GET(9), 0xd9d4d039, 4)
+ STEP(H, d, a, b, c, GET(12), 0xe6db99e5, 11)
+ STEP(H, c, d, a, b, GET(15), 0x1fa27cf8, 16)
+ STEP(H, b, c, d, a, GET(2), 0xc4ac5665, 23)
- partLen = 64 - index;
+/* Round 4 */
+ STEP(I, a, b, c, d, GET(0), 0xf4292244, 6)
+ STEP(I, d, a, b, c, GET(7), 0x432aff97, 10)
+ STEP(I, c, d, a, b, GET(14), 0xab9423a7, 15)
+ STEP(I, b, c, d, a, GET(5), 0xfc93a039, 21)
+ STEP(I, a, b, c, d, GET(12), 0x655b59c3, 6)
+ STEP(I, d, a, b, c, GET(3), 0x8f0ccc92, 10)
+ STEP(I, c, d, a, b, GET(10), 0xffeff47d, 15)
+ STEP(I, b, c, d, a, GET(1), 0x85845dd1, 21)
+ STEP(I, a, b, c, d, GET(8), 0x6fa87e4f, 6)
+ STEP(I, d, a, b, c, GET(15), 0xfe2ce6e0, 10)
+ STEP(I, c, d, a, b, GET(6), 0xa3014314, 15)
+ STEP(I, b, c, d, a, GET(13), 0x4e0811a1, 21)
+ STEP(I, a, b, c, d, GET(4), 0xf7537e82, 6)
+ STEP(I, d, a, b, c, GET(11), 0xbd3af235, 10)
+ STEP(I, c, d, a, b, GET(2), 0x2ad7d2bb, 15)
+ STEP(I, b, c, d, a, GET(9), 0xeb86d391, 21)
- /* Transform as many times as possible.
- */
- if (inputLen >= partLen) {
- memcpy
- ((unsigned char*) & context->buffer[index], (unsigned
char*) input, partLen);
- MD5Transform(context->state, context->buffer);
+ a += saved_a;
+ b += saved_b;
+ c += saved_c;
+ d += saved_d;
- for (i = partLen; i + 63 < inputLen; i += 64)
- MD5Transform(context->state, &input[i]);
+ ptr += 64;
+ } while (size -= 64);
- index = 0;
- } else
- i = 0;
+ ctx->a = a;
+ ctx->b = b;
+ ctx->c = c;
+ ctx->d = d;
- /* Buffer remaining input */
- memcpy
- ((unsigned char*) & context->buffer[index], (unsigned char*) &
input[i],
- inputLen - i);
+ return ptr;
}
-/* }}} */
-/* {{{ PHP_MD5Final
- MD5 finalization. Ends an MD5 message-digest operation, writing the
- the message digest and zeroizing the context.
- */
-PHPAPI void PHP_MD5Final(unsigned char digest[16], PHP_MD5_CTX * context)
+PHPAPI void PHP_MD5Init(PHP_MD5_CTX *ctx)
{
- unsigned char bits[8];
- unsigned int index, padLen;
-
- /* Save number of bits */
- Encode(bits, context->count, 8);
-
- /* Pad out to 56 mod 64.
- */
- index = (unsigned int) ((context->count[0] >> 3) & 0x3f);
- padLen = (index < 56) ? (56 - index) : (120 - index);
- PHP_MD5Update(context, PADDING, padLen);
-
- /* Append length (before padding) */
- PHP_MD5Update(context, bits, 8);
-
- /* Store state in digest */
- Encode(digest, context->state, 16);
+ ctx->a = 0x67452301;
+ ctx->b = 0xefcdab89;
+ ctx->c = 0x98badcfe;
+ ctx->d = 0x10325476;
- /* Zeroize sensitive information.
- */
- memset((unsigned char*) context, 0, sizeof(*context));
+ ctx->lo = 0;
+ ctx->hi = 0;
}
-/* }}} */
-/* {{{ MD5Transform
- * MD5 basic transformation. Transforms state based on block.
- */
-static void MD5Transform(state, block)
-php_uint32 state[4];
-const unsigned char block[64];
+PHPAPI void PHP_MD5Update(PHP_MD5_CTX *ctx, const void *data, size_t size)
{
- php_uint32 a = state[0], b = state[1], c = state[2], d = state[3],
x[16];
+ php_uint32 saved_lo;
+ size_t used, free;
- Decode(x, block, 64);
+ saved_lo = ctx->lo;
+ if ((ctx->lo = (saved_lo + size) & 0x1fffffff) < saved_lo) {
+ ctx->hi++;
+ }
+ ctx->hi += size >> 29;
- /* Round 1 */
- FF(a, b, c, d, x[0], S11, 0xd76aa478); /* 1 */
- FF(d, a, b, c, x[1], S12, 0xe8c7b756); /* 2 */
- FF(c, d, a, b, x[2], S13, 0x242070db); /* 3 */
- FF(b, c, d, a, x[3], S14, 0xc1bdceee); /* 4 */
- FF(a, b, c, d, x[4], S11, 0xf57c0faf); /* 5 */
- FF(d, a, b, c, x[5], S12, 0x4787c62a); /* 6 */
- FF(c, d, a, b, x[6], S13, 0xa8304613); /* 7 */
- FF(b, c, d, a, x[7], S14, 0xfd469501); /* 8 */
- FF(a, b, c, d, x[8], S11, 0x698098d8); /* 9 */
- FF(d, a, b, c, x[9], S12, 0x8b44f7af); /* 10 */
- FF(c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */
- FF(b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */
- FF(a, b, c, d, x[12], S11, 0x6b901122); /* 13 */
- FF(d, a, b, c, x[13], S12, 0xfd987193); /* 14 */
- FF(c, d, a, b, x[14], S13, 0xa679438e); /* 15 */
- FF(b, c, d, a, x[15], S14, 0x49b40821); /* 16 */
+ used = saved_lo & 0x3f;
- /* Round 2 */
- GG(a, b, c, d, x[1], S21, 0xf61e2562); /* 17 */
- GG(d, a, b, c, x[6], S22, 0xc040b340); /* 18 */
- GG(c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */
- GG(b, c, d, a, x[0], S24, 0xe9b6c7aa); /* 20 */
- GG(a, b, c, d, x[5], S21, 0xd62f105d); /* 21 */
- GG(d, a, b, c, x[10], S22, 0x2441453); /* 22 */
- GG(c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */
- GG(b, c, d, a, x[4], S24, 0xe7d3fbc8); /* 24 */
- GG(a, b, c, d, x[9], S21, 0x21e1cde6); /* 25 */
- GG(d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */
- GG(c, d, a, b, x[3], S23, 0xf4d50d87); /* 27 */
- GG(b, c, d, a, x[8], S24, 0x455a14ed); /* 28 */
- GG(a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */
- GG(d, a, b, c, x[2], S22, 0xfcefa3f8); /* 30 */
- GG(c, d, a, b, x[7], S23, 0x676f02d9); /* 31 */
- GG(b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */
+ if (used) {
+ free = 64 - used;
- /* Round 3 */
- HH(a, b, c, d, x[5], S31, 0xfffa3942); /* 33 */
- HH(d, a, b, c, x[8], S32, 0x8771f681); /* 34 */
- HH(c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */
- HH(b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */
- HH(a, b, c, d, x[1], S31, 0xa4beea44); /* 37 */
- HH(d, a, b, c, x[4], S32, 0x4bdecfa9); /* 38 */
- HH(c, d, a, b, x[7], S33, 0xf6bb4b60); /* 39 */
- HH(b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */
- HH(a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */
- HH(d, a, b, c, x[0], S32, 0xeaa127fa); /* 42 */
- HH(c, d, a, b, x[3], S33, 0xd4ef3085); /* 43 */
- HH(b, c, d, a, x[6], S34, 0x4881d05); /* 44 */
- HH(a, b, c, d, x[9], S31, 0xd9d4d039); /* 45 */
- HH(d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */
- HH(c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */
- HH(b, c, d, a, x[2], S34, 0xc4ac5665); /* 48 */
+ if (size < free) {
+ memcpy(&ctx->buffer[used], data, size);
+ return;
+ }
- /* Round 4 */
- II(a, b, c, d, x[0], S41, 0xf4292244); /* 49 */
- II(d, a, b, c, x[7], S42, 0x432aff97); /* 50 */
- II(c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */
- II(b, c, d, a, x[5], S44, 0xfc93a039); /* 52 */
- II(a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */
- II(d, a, b, c, x[3], S42, 0x8f0ccc92); /* 54 */
- II(c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */
- II(b, c, d, a, x[1], S44, 0x85845dd1); /* 56 */
- II(a, b, c, d, x[8], S41, 0x6fa87e4f); /* 57 */
- II(d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */
- II(c, d, a, b, x[6], S43, 0xa3014314); /* 59 */
- II(b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */
- II(a, b, c, d, x[4], S41, 0xf7537e82); /* 61 */
- II(d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */
- II(c, d, a, b, x[2], S43, 0x2ad7d2bb); /* 63 */
- II(b, c, d, a, x[9], S44, 0xeb86d391); /* 64 */
+ memcpy(&ctx->buffer[used], data, free);
+ data = (unsigned char *)data + free;
+ size -= free;
+ body(ctx, ctx->buffer, 64);
+ }
- state[0] += a;
- state[1] += b;
- state[2] += c;
- state[3] += d;
+ if (size >= 64) {
+ data = body(ctx, data, size & ~(size_t)0x3f);
+ size &= 0x3f;
+ }
- /* Zeroize sensitive information. */
- memset((unsigned char*) x, 0, sizeof(x));
+ memcpy(ctx->buffer, data, size);
}
-/* }}} */
-/* {{{ Encode
- Encodes input (php_uint32) into output (unsigned char). Assumes len is
- a multiple of 4.
- */
-static void Encode(output, input, len)
-unsigned char *output;
-php_uint32 *input;
-unsigned int len;
+PHPAPI void PHP_MD5Final(unsigned char *result, PHP_MD5_CTX *ctx)
{
- unsigned int i, j;
+ php_uint32 used, free;
- for (i = 0, j = 0; j < len; i++, j += 4) {
- output[j] = (unsigned char) (input[i] & 0xff);
- output[j + 1] = (unsigned char) ((input[i] >> 8) & 0xff);
- output[j + 2] = (unsigned char) ((input[i] >> 16) & 0xff);
- output[j + 3] = (unsigned char) ((input[i] >> 24) & 0xff);
+ used = ctx->lo & 0x3f;
+
+ ctx->buffer[used++] = 0x80;
+
+ free = 64 - used;
+
+ if (free < 8) {
+ memset(&ctx->buffer[used], 0, free);
+ body(ctx, ctx->buffer, 64);
+ used = 0;
+ free = 64;
}
-}
-/* }}} */
-/* {{{ Decode
- Decodes input (unsigned char) into output (php_uint32). Assumes len is
- a multiple of 4.
- */
-static void Decode(output, input, len)
-php_uint32 *output;
-const unsigned char *input;
-unsigned int len;
-{
- unsigned int i, j;
+ memset(&ctx->buffer[used], 0, free - 8);
- for (i = 0, j = 0; j < len; i++, j += 4)
- output[i] = ((php_uint32) input[j]) | (((php_uint32) input[j +
1]) << 8) |
- (((php_uint32) input[j + 2]) << 16) | (((php_uint32)
input[j + 3]) << 24);
-}
-/* }}} */
+ ctx->lo <<= 3;
+ ctx->buffer[56] = ctx->lo;
+ ctx->buffer[57] = ctx->lo >> 8;
+ ctx->buffer[58] = ctx->lo >> 16;
+ ctx->buffer[59] = ctx->lo >> 24;
+ ctx->buffer[60] = ctx->hi;
+ ctx->buffer[61] = ctx->hi >> 8;
+ ctx->buffer[62] = ctx->hi >> 16;
+ ctx->buffer[63] = ctx->hi >> 24;
-/*
- * Local variables:
- * tab-width: 4
- * c-basic-offset: 4
- * End:
- * vim600: sw=4 ts=4 fdm=marker
- * vim<600: sw=4 ts=4
- */
+ body(ctx, ctx->buffer, 64);
+
+ result[0] = ctx->a;
+ result[1] = ctx->a >> 8;
+ result[2] = ctx->a >> 16;
+ result[3] = ctx->a >> 24;
+ result[4] = ctx->b;
+ result[5] = ctx->b >> 8;
+ result[6] = ctx->b >> 16;
+ result[7] = ctx->b >> 24;
+ result[8] = ctx->c;
+ result[9] = ctx->c >> 8;
+ result[10] = ctx->c >> 16;
+ result[11] = ctx->c >> 24;
+ result[12] = ctx->d;
+ result[13] = ctx->d >> 8;
+ result[14] = ctx->d >> 16;
+ result[15] = ctx->d >> 24;
+
+ memset(ctx, 0, sizeof(*ctx));
+}
Index: ext/standard/md5.h
===================================================================
RCS file: /repository/php-src/ext/standard/md5.h,v
retrieving revision 1.17.2.1.2.2.2.1
diff -u -p -d -r1.17.2.1.2.2.2.1 md5.h
--- ext/standard/md5.h 31 Dec 2007 07:17:15 -0000 1.17.2.1.2.2.2.1
+++ ext/standard/md5.h 7 Feb 2008 13:18:51 -0000
@@ -12,55 +12,44 @@
| obtain it through the world-wide-web, please send a note to |
| [EMAIL PROTECTED] so we can mail you a copy immediately. |
+----------------------------------------------------------------------+
- | Author: Rasmus Lerdorf <[EMAIL PROTECTED]> |
+ | Author: Alexander Peslyak (Solar Designer) <solar at openwall.com> |
+ | Rasmus Lerdorf <[EMAIL PROTECTED]> |
+----------------------------------------------------------------------+
*/
-/* $Id: md5.h,v 1.17.2.1.2.2.2.1 2007/12/31 07:17:15 sebastian Exp $ */
+/* $Id:$ */
#ifndef MD5_H
#define MD5_H
-/* MD5.H - header file for MD5C.C
- */
-
-/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
- rights reserved.
-
- License to copy and use this software is granted provided that it
- is identified as the "RSA Data Security, Inc. MD5 Message-Digest
- Algorithm" in all material mentioning or referencing this software
- or this function.
- License is also granted to make and use derivative works provided
- that such works are identified as "derived from the RSA Data
- Security, Inc. MD5 Message-Digest Algorithm" in all material
- mentioning or referencing the derived work.
-
- RSA Data Security, Inc. makes no representations concerning either
- the merchantability of this software or the suitability of this
- software for any particular purpose. It is provided "as is"
- without express or implied warranty of any kind.
+PHPAPI void make_digest(char *md5str, const unsigned char *digest);
+PHPAPI void make_digest_ex(char *md5str, const unsigned char *digest, int len);
- These notices must be retained in any copies of any part of this
- documentation and/or software.
- */
+PHP_NAMED_FUNCTION(php_if_md5);
+PHP_NAMED_FUNCTION(php_if_md5_file);
#include "ext/standard/basic_functions.h"
+/*
+ * * This is an OpenSSL-compatible implementation of the RSA Data Security,
+ * * Inc. MD5 Message-Digest Algorithm (RFC 1321).
+ * *
+ * * Written by Solar Designer <solar at openwall.com> in 2001, and placed
+ * * in the public domain. There's absolutely no warranty.
+ * *
+ * * See md5.c for more information.
+ * */
+
/* MD5 context. */
typedef struct {
- php_uint32 state[4]; /* state (ABCD) */
- php_uint32 count[2]; /* number of bits,
modulo 2^64 (lsb first) */
- unsigned char buffer[64]; /* input buffer */
+ php_uint32 lo, hi;
+ php_uint32 a, b, c, d;
+ unsigned char buffer[64];
+ php_uint32 block[16];
} PHP_MD5_CTX;
-PHPAPI void make_digest(char *md5str, unsigned char *digest);
-PHPAPI void make_digest_ex(char *md5str, unsigned char *digest, int len);
-PHPAPI void PHP_MD5Init(PHP_MD5_CTX *);
-PHPAPI void PHP_MD5Update(PHP_MD5_CTX *, const unsigned char *, unsigned int);
-PHPAPI void PHP_MD5Final(unsigned char[16], PHP_MD5_CTX *);
-
-PHP_NAMED_FUNCTION(php_if_md5);
-PHP_NAMED_FUNCTION(php_if_md5_file);
+PHPAPI void PHP_MD5Init(PHP_MD5_CTX *ctx);
+PHPAPI void PHP_MD5Update(PHP_MD5_CTX *ctx, const void *data, size_t size);
+PHPAPI void PHP_MD5Final(unsigned char *result, PHP_MD5_CTX *ctx);
#endif
Index: ext/hash/hash_md.c
===================================================================
RCS file: /repository/php-src/ext/hash/hash_md.c,v
retrieving revision 1.6.2.4.2.3.2.1
diff -u -p -d -r1.6.2.4.2.3.2.1 hash_md.c
--- ext/hash/hash_md.c 31 Dec 2007 07:17:08 -0000 1.6.2.4.2.3.2.1
+++ ext/hash/hash_md.c 7 Feb 2008 13:18:51 -0000
@@ -442,8 +442,8 @@ const unsigned char block[64];
/* MD4 */
-#define MD4_F(x,y,z) (((x) & (y)) | ((~(x)) & (z)))
-#define MD4_G(x,y,z) (((x) & (y)) | ((x) & (z)) | ((y) &
(z)))
+#define MD4_F(x,y,z) ((z) ^ ((x) & ((y) ^ (z))))
+#define MD4_G(x,y,z) (((x) & ((y) | (z))) | ((y) & (z)))
#define MD4_H(x,y,z) ((x) ^ (y) ^ (z))
#define ROTL32(s,v) (((v) << (s)) | ((v) >> (32 -
(s))))
@@ -518,8 +518,23 @@ static void MD4Transform(php_hash_uint32
state[3] += d;
}
+/* {{{ PHP_MD4Init
+ * MD4 initialization. Begins an MD4 operation, writing a new context.
+ */
+PHP_HASH_API void PHP_MD4Init(PHP_MD4_CTX * context)
+{
+ context->count[0] = context->count[1] = 0;
+ /* Load magic initialization constants.
+ */
+ context->state[0] = 0x67452301;
+ context->state[1] = 0xefcdab89;
+ context->state[2] = 0x98badcfe;
+ context->state[3] = 0x10325476;
+}
+/* }}} */
+
/* {{{ PHP_MD4Update
- MD4 block update operation. Continues an MD5 message-digest
+ MD4 block update operation. Continues an MD4 message-digest
operation, processing another message block, and updating the
context.
*/
Index: ext/hash/php_hash_md.h
===================================================================
RCS file: /repository/php-src/ext/hash/php_hash_md.h,v
retrieving revision 1.2.2.4.2.2.2.1
diff -u -p -d -r1.2.2.4.2.2.2.1 php_hash_md.h
--- ext/hash/php_hash_md.h 31 Dec 2007 07:17:08 -0000 1.2.2.4.2.2.2.1
+++ ext/hash/php_hash_md.h 7 Feb 2008 13:18:51 -0000
@@ -81,7 +81,7 @@ typedef struct {
unsigned char buffer[64];
} PHP_MD4_CTX;
-#define PHP_MD4Init PHP_MD5Init
+PHP_HASH_API void PHP_MD4Init(PHP_MD4_CTX *);
PHP_HASH_API void PHP_MD4Update(PHP_MD4_CTX *context, const unsigned char *,
unsigned int);
PHP_HASH_API void PHP_MD4Final(unsigned char[16], PHP_MD4_CTX *);
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
