RELEASE -> !RELEASE

[irc.git] / software / !RELEASES / ircservices / achurch.org / services / lists / ircservices-coding / 2007 / 003291.html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
 <HEAD>
   <TITLE> [IRCServices Coding] md5 licensing
   </TITLE>
   <LINK REL="Index" HREF="index.html" >
   <LINK REL="made" HREF="mailto:ircservices-coding%40ircservices.za.net?Subject=%5BIRCServices%20Coding%5D%20md5%20licensing&In-Reply-To=1179320110.6934.18.camel%40regulus.retout.co.uk">
   <META NAME="robots" CONTENT="index,nofollow">
   <META http-equiv="Content-Type" content="text/html; charset=us-ascii">
   <LINK REL="Previous"  HREF="003289.html">
   <LINK REL="Next"  HREF="003299.html">
 </HEAD>
 <BODY BGCOLOR="#ffffff">
   <H1>[IRCServices Coding] md5 licensing</H1>
    <B>Andrew Church</B> 
    <A HREF="mailto:ircservices-coding%40ircservices.za.net?Subject=%5BIRCServices%20Coding%5D%20md5%20licensing&In-Reply-To=1179320110.6934.18.camel%40regulus.retout.co.uk"
       TITLE="[IRCServices Coding] md5 licensing">achurch at achurch.org
       </A><BR>
    <I>Thu May 17 04:48:47 PDT 2007</I>
    <P><UL>
        <LI>Previous message: <A HREF="003289.html">[IRCServices Coding] md5 licensing
</A></li>
        <LI>Next message: <A HREF="003299.html">[IRCServices Coding] md5 licensing
</A></li>
         <LI> <B>Messages sorted by:</B> 
              <a href="date.html#3291">[ date ]</a>
              <a href="thread.html#3291">[ thread ]</a>
              <a href="subject.html#3291">[ subject ]</a>
              <a href="author.html#3291">[ author ]</a>
         </LI>
       </UL>
    <HR>  
<!--beginarticle-->
<PRE>&gt;<i>The copyright notice on the md5 hashing code used in ircservices does
</I>&gt;<i>not grant a licence to redistribute modified versions. The clause about
</I>&gt;<i>mentioning &quot;RSA Data Security, Inc.&quot; looks GPL-incompatible to me as
</I>&gt;<i>well. The same code was removed from Apache last year:
</I>&gt;<i><A HREF="http://bugs.debian.org/340538">http://bugs.debian.org/340538</A>
</I>&gt;<i>
</I>&gt;<i>Please review this patch (against 5.1pre1) to port the md5 code to an
</I>&gt;<i>implementation licensed under a revised-BSD-style licence, found at:
</I>&gt;<i><A HREF="http://sourceforge.net/project/showfiles.php?group_id=42360">http://sourceforge.net/project/showfiles.php?group_id=42360</A>
</I>
     Thanks for pointing this out.  I've applied the patch below to
5.1pre1; let me know if you see any problems.

  --Andrew Church
    <A HREF="http://lists.ircservices.za.net/mailman/listinfo/ircservices-coding">achurch at achurch.org</A>
    <A HREF="http://achurch.org/">http://achurch.org/</A>

------------------------------------------------------------------------

Index: docs/3.html
===================================================================
RCS file: /var/local/cvsroot/ircservices/docs/3.html,v
retrieving revision 2.74
diff -u -r2.74 3.html
--- docs/3.html 6 May 2007 06:49:48 -0000       2.74
+++ docs/3.html 16 May 2007 19:58:14 -0000
@@ -2279,10 +2279,10 @@
 &lt;p&gt;The available encryption modules are as follows:
 
 &lt;p&gt;&lt;ul&gt;
-&lt;li&gt;&lt;b&gt;&lt;tt&gt;encryption/md5&lt;/tt&gt;&lt;/b&gt;: Uses the MD5 hashing
-algorithm&lt;sup&gt;1&lt;/sup&gt; to encrypt passwords.  This is a one-way encryption
-algorithm which generates a 128-bit &quot;digest&quot; of the password, and is used
-by several Unix systems to encrypt user passwords as well.
+&lt;li&gt;&lt;b&gt;&lt;tt&gt;encryption/md5&lt;/tt&gt;&lt;/b&gt;: Uses the MD5 hashing algorithm to
+encrypt passwords.  This is a one-way encryption algorithm which generates
+a 128-bit &quot;digest&quot; of the password, and is used by several Unix systems to
+encrypt user passwords as well.
 &lt;p&gt;&lt;li&gt;&lt;b&gt;&lt;tt&gt;encryption/unix-crypt&lt;/tt&gt;&lt;/b&gt;: &lt;b&gt;DISCOURAGED.&lt;/b&gt;  Uses the
 &lt;tt&gt;crypt()&lt;/tt&gt; function available in most Unix systems, typically a
 variant of the DES encryption algorithm, to encrypt passwords.  This is a
@@ -2300,9 +2300,6 @@
 older passwords can still be used (provided the appropriate module is
 loaded).
 
-&lt;p&gt;&lt;sup&gt;1&lt;/sup&gt;&lt;font size=-1&gt;Technically, the &quot;RSA Data Security, Inc. MD5
-Message-Digest Algorithm&quot;.&lt;/font&gt;
-
 &lt;p align=right&gt;&lt;font size=&quot;-1&quot;&gt;&lt;a href=&quot;#top&quot;&gt;Back to top&lt;/a&gt;&lt;/font&gt;
 
 &lt;!------------------------------------------------------------------------&gt;
Index: docs/Changes
===================================================================
RCS file: /var/local/cvsroot/ircservices/docs/Changes,v
retrieving revision 2.7
diff -u -r2.7 Changes
--- docs/Changes        13 May 2007 16:40:05 -0000      2.7
+++ docs/Changes        16 May 2007 19:58:14 -0000
@@ -1,5 +1,8 @@
 Version 5.1
 -----------
+2007/05/17     Replaced RSA's MD5 implementation with one licensed under
+                   more lenient terms.  Suggested by Tim Retout
+                   &lt;<A HREF="http://lists.ircservices.za.net/mailman/listinfo/ircservices-coding">tim at retout.co.uk</A>&gt;
 2007/05/14 pre1        Fixed a bug in XML import that caused channel mode locks to
                    be lost.  Reported by &lt;<A HREF="http://lists.ircservices.za.net/mailman/listinfo/ircservices-coding">loverboy at irc.doruk.net.tr</A>&gt;
 2007/05/14     Fixed Services being unable to start if both the compatibility
Index: modules/encryption/md5.c
===================================================================
RCS file: /var/local/cvsroot/ircservices/modules/encryption/md5.c,v
retrieving revision 2.24
diff -u -r2.24 md5.c
--- modules/encryption/md5.c    15 Feb 2007 14:53:30 -0000      2.24
+++ modules/encryption/md5.c    16 May 2007 19:58:14 -0000
@@ -22,322 +22,483 @@
 #define XTOI(c) ((c)&gt;9 ? (c)-'A'+10 : (c)-'0')
 
 /*************************************************************************/
-/*======== Beginning of RSA's md5c.c ========*/
-
-/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
-rights reserved.
-
-License to copy and use this software is granted provided that it
-is identified as the &quot;RSA Data Security, Inc. MD5 Message-Digest
-Algorithm&quot; in all material mentioning or referencing this software
-or this function.
-
-License is also granted to make and use derivative works provided
-that such works are identified as &quot;derived from the RSA Data
-Security, Inc. MD5 Message-Digest Algorithm&quot; in all material
-mentioning or referencing the derived work.
-
-RSA Data Security, Inc. makes no representations concerning either
-the merchantability of this software or the suitability of this
-software for any particular purpose. It is provided &quot;as is&quot;
-without express or implied warranty of any kind.
+/*======== Beginning of L. Peter Deutsch's md5.h ========*/
+/*
+  Copyright (C) 1999, 2002 Aladdin Enterprises.  All rights reserved.
 
-These notices must be retained in any copies of any part of this
-documentation and/or software.
- */
+  This software is provided 'as-is', without any express or implied
+  warranty.  In no event will the authors be held liable for any damages
+  arising from the use of this software.
 
-#include &lt;string.h&gt;
+  Permission is granted to anyone to use this software for any purpose,
+  including commercial applications, and to alter it and redistribute it
+  freely, subject to the following restrictions:
 
-typedef unsigned int UINT4;
+  1. The origin of this software must not be misrepresented; you must not
+     claim that you wrote the original software. If you use this software
+     in a product, an acknowledgment in the product documentation would be
+     appreciated but is not required.
+  2. Altered source versions must be plainly marked as such, and must not be
+     misrepresented as being the original software.
+  3. This notice may not be removed or altered from any source distribution.
 
-/* MD5 context. */
-typedef struct {
-  UINT4 state[4];                                   /* state (ABCD) */
-  UINT4 count[2];        /* number of bits, modulo 2^64 (lsb first) */
-  unsigned char buffer[64];                         /* input buffer */
-} MD5_CTX;
+  L. Peter Deutsch
+  <A HREF="http://lists.ircservices.za.net/mailman/listinfo/ircservices-coding">ghost at aladdin.com</A>
 
-/* MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm
  */
+/* $Id: md5.h,v 1.4 2002/04/13 19:20:28 lpd Exp $ */
+/*
+  Independent implementation of MD5 (RFC 1321).
 
-typedef void *POINTER;
-
-/* Constants for MD5Transform routine.
+  This code implements the MD5 Algorithm defined in RFC 1321, whose
+  text is available at
+       <A HREF="http://www.ietf.org/rfc/rfc1321.txt">http://www.ietf.org/rfc/rfc1321.txt</A>
+  The code is derived from the text of the RFC, including the test suite
+  (section A.5) but excluding the rest of Appendix A.  It does not include
+  any code or documentation that is identified in the RFC as being
+  copyrighted.
+
+  The original and principal author of md5.h is L. Peter Deutsch
+  &lt;<A HREF="http://lists.ircservices.za.net/mailman/listinfo/ircservices-coding">ghost at aladdin.com</A>&gt;.  Other authors are noted in the change history
+  that follows (in reverse chronological order):
+
+  2002-04-13 lpd Removed support for non-ANSI compilers; removed
+       references to Ghostscript; clarified derivation from RFC 1321;
+       now handles byte order either statically or dynamically.
+  1999-11-04 lpd Edited comments slightly for automatic TOC extraction.
+  1999-10-18 lpd Fixed typo in header comment (ansi2knr rather than md5);
+       added conditionalization for C++ compilation from Martin
+       Purschke &lt;<A HREF="http://lists.ircservices.za.net/mailman/listinfo/ircservices-coding">purschke at bnl.gov</A>&gt;.
+  1999-05-03 lpd Original version.
  */
-#define S11 7
-#define S12 12
-#define S13 17
-#define S14 22
-#define S21 5
-#define S22 9
-#define S23 14
-#define S24 20
-#define S31 4
-#define S32 11
-#define S33 16
-#define S34 23
-#define S41 6
-#define S42 10
-#define S43 15
-#define S44 21
-
-static void MD5Transform (UINT4 [4], unsigned char [64]);
-static void Encode (unsigned char *, UINT4 *, unsigned int);
-static void Decode (UINT4 *, unsigned char *, unsigned int);
-
-static unsigned char PADDING[64] = {
-  0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
-};
 
-/* F, G, H and I are basic MD5 functions.
- */
-#define F(x, y, z) (((x) &amp; (y)) | ((~x) &amp; (z)))
-#define G(x, y, z) (((x) &amp; (z)) | ((y) &amp; (~z)))
-#define H(x, y, z) ((x) ^ (y) ^ (z))
-#define I(x, y, z) ((y) ^ ((x) | (~z)))
+#ifndef md5_INCLUDED
+#  define md5_INCLUDED
 
-/* ROTATE_LEFT rotates x left n bits.
+/*
+ * This package supports both compile-time and run-time determination of CPU
+ * byte order.  If ARCH_IS_BIG_ENDIAN is defined as 0, the code will be
+ * compiled to run only on little-endian CPUs; if ARCH_IS_BIG_ENDIAN is
+ * defined as non-zero, the code will be compiled to run only on big-endian
+ * CPUs; if ARCH_IS_BIG_ENDIAN is not defined, the code will be compiled to
+ * run on either big- or little-endian CPUs, but will run slightly less
+ * efficiently on either one than if ARCH_IS_BIG_ENDIAN is defined.
  */
-#define ROTATE_LEFT(x, n) (((x) &lt;&lt; (n)) | ((x) &gt;&gt; (32-(n))))
 
-/* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4.
-Rotation is separate from addition to prevent recomputation.
- */
-#define FF(a, b, c, d, x, s, ac) { \
- (a) += F ((b), (c), (d)) + (x) + (UINT4)(ac); \
- (a) = ROTATE_LEFT ((a), (s)); \
- (a) += (b); \
-  }
-#define GG(a, b, c, d, x, s, ac) { \
- (a) += G ((b), (c), (d)) + (x) + (UINT4)(ac); \
- (a) = ROTATE_LEFT ((a), (s)); \
- (a) += (b); \
-  }
-#define HH(a, b, c, d, x, s, ac) { \
- (a) += H ((b), (c), (d)) + (x) + (UINT4)(ac); \
- (a) = ROTATE_LEFT ((a), (s)); \
- (a) += (b); \
-  }
-#define II(a, b, c, d, x, s, ac) { \
- (a) += I ((b), (c), (d)) + (x) + (UINT4)(ac); \
- (a) = ROTATE_LEFT ((a), (s)); \
- (a) += (b); \
-  }
+typedef unsigned char md5_byte_t; /* 8-bit byte */
+typedef unsigned int md5_word_t; /* 32-bit word */
 
-/* MD5 initialization. Begins an MD5 operation, writing a new context.
- */
-static void MD5Init (context)
-MD5_CTX *context;                                        /* context */
-{
-  context-&gt;count[0] = context-&gt;count[1] = 0;
-  /* Load magic initialization constants.
-*/
-  context-&gt;state[0] = 0x67452301;
-  context-&gt;state[1] = 0xefcdab89;
-  context-&gt;state[2] = 0x98badcfe;
-  context-&gt;state[3] = 0x10325476;
-}
+/* Define the state of the MD5 Algorithm. */
+typedef struct md5_state_s {
+    md5_word_t count[2];       /* message length in bits, lsw first */
+    md5_word_t abcd[4];                /* digest buffer */
+    md5_byte_t buf[64];                /* accumulate block */
+} md5_state_t;
 
-/* MD5 block update operation. Continues an MD5 message-digest
-  operation, processing another message block, and updating the
-  context.
- */
-static void MD5Update (context, input, inputLen)
-MD5_CTX *context;                                        /* context */
-unsigned char *input;                                /* input block */
-unsigned int inputLen;                     /* length of input block */
+#ifdef __cplusplus
+extern &quot;C&quot; 
 {
-  unsigned int i, index, partLen;
+#endif
 
-  /* Compute number of bytes mod 64 */
-  index = (unsigned int)((context-&gt;count[0] &gt;&gt; 3) &amp; 0x3F);
+/* Initialize the algorithm. */
+void md5_init(md5_state_t *pms);
 
-  /* Update number of bits */
-  if ((context-&gt;count[0] += ((UINT4)inputLen &lt;&lt; 3))
-   &lt; ((UINT4)inputLen &lt;&lt; 3))
- context-&gt;count[1]++;
-  context-&gt;count[1] += ((UINT4)inputLen &gt;&gt; 29);
-
-  partLen = 64 - index;
-
-  /* Transform as many times as possible.
-*/
-  if (inputLen &gt;= partLen) {
- memcpy
-   ((POINTER)&amp;context-&gt;buffer[index], (POINTER)input, partLen);
- MD5Transform (context-&gt;state, context-&gt;buffer);
-
- for (i = partLen; i + 63 &lt; inputLen; i += 64)
-   MD5Transform (context-&gt;state, &amp;input[i]);
-
- index = 0;
-  }
-  else
- i = 0;
-
-  /* Buffer remaining input */
-  memcpy
- ((POINTER)&amp;context-&gt;buffer[index], (POINTER)&amp;input[i],
-  inputLen-i);
-}
+/* Append a string to the message. */
+void md5_append(md5_state_t *pms, const md5_byte_t *data, int nbytes);
 
-/* MD5 finalization. Ends an MD5 message-digest operation, writing the
-  the message digest and zeroizing the context.
- */
-static void MD5Final (digest, context)
-unsigned char digest[16];                         /* message digest */
-MD5_CTX *context;                                       /* context */
-{
-  unsigned char bits[8];
-  unsigned int index, padLen;
+/* Finish the message and return the digest. */
+void md5_finish(md5_state_t *pms, md5_byte_t digest[16]);
 
-  /* Save number of bits */
-  Encode (bits, context-&gt;count, 8);
+#ifdef __cplusplus
+}  /* end extern &quot;C&quot; */
+#endif
 
-  /* Pad out to 56 mod 64.
-*/
-  index = (unsigned int)((context-&gt;count[0] &gt;&gt; 3) &amp; 0x3f);
-  padLen = (index &lt; 56) ? (56 - index) : (120 - index);
-  MD5Update (context, PADDING, padLen);
-
-  /* Append length (before padding) */
-  MD5Update (context, bits, 8);
-  /* Store state in digest */
-  Encode (digest, context-&gt;state, 16);
-
-  /* Zeroize sensitive information.
-*/
-  memset ((POINTER)context, 0, sizeof (*context));
-}
+#endif /* md5_INCLUDED */
+/*======== End of L. Peter Deutsch's md5.h ========*/
 
-/* MD5 basic transformation. Transforms state based on block.
- */
-static void MD5Transform (state, block)
-UINT4 state[4];
-unsigned char block[64];
-{
-  UINT4 a = state[0], b = state[1], c = state[2], d = state[3], x[16];
+/*======== Beginning of L. Peter Deutsch's md5.c (with the line ========
+  ======== [#include &quot;md5.h&quot;] removed)                          ========*/
+/*
+  Copyright (C) 1999, 2000, 2002 Aladdin Enterprises.  All rights reserved.
 
-  Decode (x, block, 64);
+  This software is provided 'as-is', without any express or implied
+  warranty.  In no event will the authors be held liable for any damages
+  arising from the use of this software.
 
-  /* Round 1 */
-  FF (a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */
-  FF (d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */
-  FF (c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */
-  FF (b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */
-  FF (a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */
-  FF (d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */
-  FF (c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */
-  FF (b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */
-  FF (a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */
-  FF (d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */
-  FF (c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */
-  FF (b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */
-  FF (a, b, c, d, x[12], S11, 0x6b901122); /* 13 */
-  FF (d, a, b, c, x[13], S12, 0xfd987193); /* 14 */
-  FF (c, d, a, b, x[14], S13, 0xa679438e); /* 15 */
-  FF (b, c, d, a, x[15], S14, 0x49b40821); /* 16 */
-
- /* Round 2 */
-  GG (a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */
-  GG (d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */
-  GG (c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */
-  GG (b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */
-  GG (a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */
-  GG (d, a, b, c, x[10], S22,  0x2441453); /* 22 */
-  GG (c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */
-  GG (b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */
-  GG (a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */
-  GG (d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */
-  GG (c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */
-  GG (b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */
-  GG (a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */
-  GG (d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */
-  GG (c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */
-  GG (b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */
-
-  /* Round 3 */
-  HH (a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */
-  HH (d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */
-  HH (c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */
-  HH (b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */
-  HH (a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */
-  HH (d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */
-  HH (c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */
-  HH (b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */
-  HH (a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */
-  HH (d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */
-  HH (c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */
-  HH (b, c, d, a, x[ 6], S34,  0x4881d05); /* 44 */
-  HH (a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */
-  HH (d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */
-  HH (c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */
-  HH (b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */
-
-  /* Round 4 */
-  II (a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */
-  II (d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */
-  II (c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */
-  II (b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */
-  II (a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */
-  II (d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */
-  II (c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */
-  II (b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */
-  II (a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */
-  II (d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */
-  II (c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */
-  II (b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */
-  II (a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */
-  II (d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */
-  II (c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */
-  II (b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */
-
-  state[0] += a;
-  state[1] += b;
-  state[2] += c;
-  state[3] += d;
-
-  /* Zeroize sensitive information.
-*/
-  memset ((POINTER)x, 0, sizeof (x));
-}
+  Permission is granted to anyone to use this software for any purpose,
+  including commercial applications, and to alter it and redistribute it
+  freely, subject to the following restrictions:
 
-/* Encodes input (UINT4) into output (unsigned char). Assumes len is
-  a multiple of 4.
- */
-static void Encode (output, input, len)
-unsigned char *output;
-UINT4 *input;
-unsigned int len;
-{
-  unsigned int i, j;
+  1. The origin of this software must not be misrepresented; you must not
+     claim that you wrote the original software. If you use this software
+     in a product, an acknowledgment in the product documentation would be
+     appreciated but is not required.
+  2. Altered source versions must be plainly marked as such, and must not be
+     misrepresented as being the original software.
+  3. This notice may not be removed or altered from any source distribution.
 
-  for (i = 0, j = 0; j &lt; len; i++, j += 4) {
- output[j] = (unsigned char)(input[i] &amp; 0xff);
- output[j+1] = (unsigned char)((input[i] &gt;&gt; 8) &amp; 0xff);
- output[j+2] = (unsigned char)((input[i] &gt;&gt; 16) &amp; 0xff);
- output[j+3] = (unsigned char)((input[i] &gt;&gt; 24) &amp; 0xff);
-  }
-}
+  L. Peter Deutsch
+  <A HREF="http://lists.ircservices.za.net/mailman/listinfo/ircservices-coding">ghost at aladdin.com</A>
 
-/* Decodes input (unsigned char) into output (UINT4). Assumes len is
-  a multiple of 4.
  */
-static void Decode (output, input, len)
-UINT4 *output;
-unsigned char *input;
-unsigned int len;
-{
-  unsigned int i, j;
+/* $Id: md5.c,v 1.6 2002/04/13 19:20:28 lpd Exp $ */
+/*
+  Independent implementation of MD5 (RFC 1321).
 
-  for (i = 0, j = 0; j &lt; len; i++, j += 4)
- output[i] = ((UINT4)input[j]) | (((UINT4)input[j+1]) &lt;&lt; 8) |
-   (((UINT4)input[j+2]) &lt;&lt; 16) | (((UINT4)input[j+3]) &lt;&lt; 24);
-}
+  This code implements the MD5 Algorithm defined in RFC 1321, whose
+  text is available at
+       <A HREF="http://www.ietf.org/rfc/rfc1321.txt">http://www.ietf.org/rfc/rfc1321.txt</A>
+  The code is derived from the text of the RFC, including the test suite
+  (section A.5) but excluding the rest of Appendix A.  It does not include
+  any code or documentation that is identified in the RFC as being
+  copyrighted.
+
+  The original and principal author of md5.c is L. Peter Deutsch
+  &lt;<A HREF="http://lists.ircservices.za.net/mailman/listinfo/ircservices-coding">ghost at aladdin.com</A>&gt;.  Other authors are noted in the change history
+  that follows (in reverse chronological order):
+
+  2002-04-13 lpd Clarified derivation from RFC 1321; now handles byte order
+       either statically or dynamically; added missing #include &lt;string.h&gt;
+       in library.
+  2002-03-11 lpd Corrected argument list for main(), and added int return
+       type, in test program and T value program.
+  2002-02-21 lpd Added missing #include &lt;stdio.h&gt; in test program.
+  2000-07-03 lpd Patched to eliminate warnings about &quot;constant is
+       unsigned in ANSI C, signed in traditional&quot;; made test program
+       self-checking.
+  1999-11-04 lpd Edited comments slightly for automatic TOC extraction.
+  1999-10-18 lpd Fixed typo in header comment (ansi2knr rather than md5).
+  1999-05-03 lpd Original version.
+ */
 
-/*======== End of md5c.c ========*/
+#include &lt;string.h&gt;
+
+#undef BYTE_ORDER      /* 1 = big-endian, -1 = little-endian, 0 = unknown */
+#ifdef ARCH_IS_BIG_ENDIAN
+#  define BYTE_ORDER (ARCH_IS_BIG_ENDIAN ? 1 : -1)
+#else
+#  define BYTE_ORDER 0
+#endif
+
+#define T_MASK ((md5_word_t)~0)
+#define T1 /* 0xd76aa478 */ (T_MASK ^ 0x28955b87)
+#define T2 /* 0xe8c7b756 */ (T_MASK ^ 0x173848a9)
+#define T3    0x242070db
+#define T4 /* 0xc1bdceee */ (T_MASK ^ 0x3e423111)
+#define T5 /* 0xf57c0faf */ (T_MASK ^ 0x0a83f050)
+#define T6    0x4787c62a
+#define T7 /* 0xa8304613 */ (T_MASK ^ 0x57cfb9ec)
+#define T8 /* 0xfd469501 */ (T_MASK ^ 0x02b96afe)
+#define T9    0x698098d8
+#define T10 /* 0x8b44f7af */ (T_MASK ^ 0x74bb0850)
+#define T11 /* 0xffff5bb1 */ (T_MASK ^ 0x0000a44e)
+#define T12 /* 0x895cd7be */ (T_MASK ^ 0x76a32841)
+#define T13    0x6b901122
+#define T14 /* 0xfd987193 */ (T_MASK ^ 0x02678e6c)
+#define T15 /* 0xa679438e */ (T_MASK ^ 0x5986bc71)
+#define T16    0x49b40821
+#define T17 /* 0xf61e2562 */ (T_MASK ^ 0x09e1da9d)
+#define T18 /* 0xc040b340 */ (T_MASK ^ 0x3fbf4cbf)
+#define T19    0x265e5a51
+#define T20 /* 0xe9b6c7aa */ (T_MASK ^ 0x16493855)
+#define T21 /* 0xd62f105d */ (T_MASK ^ 0x29d0efa2)
+#define T22    0x02441453
+#define T23 /* 0xd8a1e681 */ (T_MASK ^ 0x275e197e)
+#define T24 /* 0xe7d3fbc8 */ (T_MASK ^ 0x182c0437)
+#define T25    0x21e1cde6
+#define T26 /* 0xc33707d6 */ (T_MASK ^ 0x3cc8f829)
+#define T27 /* 0xf4d50d87 */ (T_MASK ^ 0x0b2af278)
+#define T28    0x455a14ed
+#define T29 /* 0xa9e3e905 */ (T_MASK ^ 0x561c16fa)
+#define T30 /* 0xfcefa3f8 */ (T_MASK ^ 0x03105c07)
+#define T31    0x676f02d9
+#define T32 /* 0x8d2a4c8a */ (T_MASK ^ 0x72d5b375)
+#define T33 /* 0xfffa3942 */ (T_MASK ^ 0x0005c6bd)
+#define T34 /* 0x8771f681 */ (T_MASK ^ 0x788e097e)
+#define T35    0x6d9d6122
+#define T36 /* 0xfde5380c */ (T_MASK ^ 0x021ac7f3)
+#define T37 /* 0xa4beea44 */ (T_MASK ^ 0x5b4115bb)
+#define T38    0x4bdecfa9
+#define T39 /* 0xf6bb4b60 */ (T_MASK ^ 0x0944b49f)
+#define T40 /* 0xbebfbc70 */ (T_MASK ^ 0x4140438f)
+#define T41    0x289b7ec6
+#define T42 /* 0xeaa127fa */ (T_MASK ^ 0x155ed805)
+#define T43 /* 0xd4ef3085 */ (T_MASK ^ 0x2b10cf7a)
+#define T44    0x04881d05
+#define T45 /* 0xd9d4d039 */ (T_MASK ^ 0x262b2fc6)
+#define T46 /* 0xe6db99e5 */ (T_MASK ^ 0x1924661a)
+#define T47    0x1fa27cf8
+#define T48 /* 0xc4ac5665 */ (T_MASK ^ 0x3b53a99a)
+#define T49 /* 0xf4292244 */ (T_MASK ^ 0x0bd6ddbb)
+#define T50    0x432aff97
+#define T51 /* 0xab9423a7 */ (T_MASK ^ 0x546bdc58)
+#define T52 /* 0xfc93a039 */ (T_MASK ^ 0x036c5fc6)
+#define T53    0x655b59c3
+#define T54 /* 0x8f0ccc92 */ (T_MASK ^ 0x70f3336d)
+#define T55 /* 0xffeff47d */ (T_MASK ^ 0x00100b82)
+#define T56 /* 0x85845dd1 */ (T_MASK ^ 0x7a7ba22e)
+#define T57    0x6fa87e4f
+#define T58 /* 0xfe2ce6e0 */ (T_MASK ^ 0x01d3191f)
+#define T59 /* 0xa3014314 */ (T_MASK ^ 0x5cfebceb)
+#define T60    0x4e0811a1
+#define T61 /* 0xf7537e82 */ (T_MASK ^ 0x08ac817d)
+#define T62 /* 0xbd3af235 */ (T_MASK ^ 0x42c50dca)
+#define T63    0x2ad7d2bb
+#define T64 /* 0xeb86d391 */ (T_MASK ^ 0x14792c6e)
+
+
+static void
+md5_process(md5_state_t *pms, const md5_byte_t *data /*[64]*/)
+{
+    md5_word_t
+       a = pms-&gt;abcd[0], b = pms-&gt;abcd[1],
+       c = pms-&gt;abcd[2], d = pms-&gt;abcd[3];
+    md5_word_t t;
+#if BYTE_ORDER &gt; 0
+    /* Define storage only for big-endian CPUs. */
+    md5_word_t X[16];
+#else
+    /* Define storage for little-endian or both types of CPUs. */
+    md5_word_t xbuf[16];
+    const md5_word_t *X;
+#endif
+
+    {
+#if BYTE_ORDER == 0
+       /*
+        * Determine dynamically whether this is a big-endian or
+        * little-endian machine, since we can use a more efficient
+        * algorithm on the latter.
+        */
+       static const int w = 1;
+
+       if (*((const md5_byte_t *)&amp;w)) /* dynamic little-endian */
+#endif
+#if BYTE_ORDER &lt;= 0         /* little-endian */
+       {
+           /*
+            * On little-endian machines, we can process properly aligned
+            * data without copying it.
+            */
+           if (!((data - (const md5_byte_t *)0) &amp; 3)) {
+               /* data are properly aligned */
+               X = (const md5_word_t *)data;
+           } else {
+               /* not aligned */
+               memcpy(xbuf, data, 64);
+               X = xbuf;
+           }
+       }
+#endif
+#if BYTE_ORDER == 0
+       else                    /* dynamic big-endian */
+#endif
+#if BYTE_ORDER &gt;= 0         /* big-endian */
+       {
+           /*
+            * On big-endian machines, we must arrange the bytes in the
+            * right order.
+            */
+           const md5_byte_t *xp = data;
+           int i;
+
+#  if BYTE_ORDER == 0
+           X = xbuf;           /* (dynamic only) */
+#  else
+#    define xbuf X             /* (static only) */
+#  endif
+           for (i = 0; i &lt; 16; ++i, xp += 4)
+               xbuf[i] = xp[0] + (xp[1] &lt;&lt; 8) + (xp[2] &lt;&lt; 16) + (xp[3] &lt;&lt; 24);
+       }
+#endif
+    }
+
+#define ROTATE_LEFT(x, n) (((x) &lt;&lt; (n)) | ((x) &gt;&gt; (32 - (n))))
+
+    /* Round 1. */
+    /* Let [abcd k s i] denote the operation
+       a = b + ((a + F(b,c,d) + X[k] + T[i]) &lt;&lt;&lt; s). */
+#define F(x, y, z) (((x) &amp; (y)) | (~(x) &amp; (z)))
+#define SET(a, b, c, d, k, s, Ti)\
+  t = a + F(b,c,d) + X[k] + Ti;\
+  a = ROTATE_LEFT(t, s) + b
+    /* Do the following 16 operations. */
+    SET(a, b, c, d,  0,  7,  T1);
+    SET(d, a, b, c,  1, 12,  T2);
+    SET(c, d, a, b,  2, 17,  T3);
+    SET(b, c, d, a,  3, 22,  T4);
+    SET(a, b, c, d,  4,  7,  T5);
+    SET(d, a, b, c,  5, 12,  T6);
+    SET(c, d, a, b,  6, 17,  T7);
+    SET(b, c, d, a,  7, 22,  T8);
+    SET(a, b, c, d,  8,  7,  T9);
+    SET(d, a, b, c,  9, 12, T10);
+    SET(c, d, a, b, 10, 17, T11);
+    SET(b, c, d, a, 11, 22, T12);
+    SET(a, b, c, d, 12,  7, T13);
+    SET(d, a, b, c, 13, 12, T14);
+    SET(c, d, a, b, 14, 17, T15);
+    SET(b, c, d, a, 15, 22, T16);
+#undef SET
+
+     /* Round 2. */
+     /* Let [abcd k s i] denote the operation
+          a = b + ((a + G(b,c,d) + X[k] + T[i]) &lt;&lt;&lt; s). */
+#define G(x, y, z) (((x) &amp; (z)) | ((y) &amp; ~(z)))
+#define SET(a, b, c, d, k, s, Ti)\
+  t = a + G(b,c,d) + X[k] + Ti;\
+  a = ROTATE_LEFT(t, s) + b
+     /* Do the following 16 operations. */
+    SET(a, b, c, d,  1,  5, T17);
+    SET(d, a, b, c,  6,  9, T18);
+    SET(c, d, a, b, 11, 14, T19);
+    SET(b, c, d, a,  0, 20, T20);
+    SET(a, b, c, d,  5,  5, T21);
+    SET(d, a, b, c, 10,  9, T22);
+    SET(c, d, a, b, 15, 14, T23);
+    SET(b, c, d, a,  4, 20, T24);
+    SET(a, b, c, d,  9,  5, T25);
+    SET(d, a, b, c, 14,  9, T26);
+    SET(c, d, a, b,  3, 14, T27);
+    SET(b, c, d, a,  8, 20, T28);
+    SET(a, b, c, d, 13,  5, T29);
+    SET(d, a, b, c,  2,  9, T30);
+    SET(c, d, a, b,  7, 14, T31);
+    SET(b, c, d, a, 12, 20, T32);
+#undef SET
+
+     /* Round 3. */
+     /* Let [abcd k s t] denote the operation
+          a = b + ((a + H(b,c,d) + X[k] + T[i]) &lt;&lt;&lt; s). */
+#define H(x, y, z) ((x) ^ (y) ^ (z))
+#define SET(a, b, c, d, k, s, Ti)\
+  t = a + H(b,c,d) + X[k] + Ti;\
+  a = ROTATE_LEFT(t, s) + b
+     /* Do the following 16 operations. */
+    SET(a, b, c, d,  5,  4, T33);
+    SET(d, a, b, c,  8, 11, T34);
+    SET(c, d, a, b, 11, 16, T35);
+    SET(b, c, d, a, 14, 23, T36);
+    SET(a, b, c, d,  1,  4, T37);
+    SET(d, a, b, c,  4, 11, T38);
+    SET(c, d, a, b,  7, 16, T39);
+    SET(b, c, d, a, 10, 23, T40);
+    SET(a, b, c, d, 13,  4, T41);
+    SET(d, a, b, c,  0, 11, T42);
+    SET(c, d, a, b,  3, 16, T43);
+    SET(b, c, d, a,  6, 23, T44);
+    SET(a, b, c, d,  9,  4, T45);
+    SET(d, a, b, c, 12, 11, T46);
+    SET(c, d, a, b, 15, 16, T47);
+    SET(b, c, d, a,  2, 23, T48);
+#undef SET
+
+     /* Round 4. */
+     /* Let [abcd k s t] denote the operation
+          a = b + ((a + I(b,c,d) + X[k] + T[i]) &lt;&lt;&lt; s). */
+#define I(x, y, z) ((y) ^ ((x) | ~(z)))
+#define SET(a, b, c, d, k, s, Ti)\
+  t = a + I(b,c,d) + X[k] + Ti;\
+  a = ROTATE_LEFT(t, s) + b
+     /* Do the following 16 operations. */
+    SET(a, b, c, d,  0,  6, T49);
+    SET(d, a, b, c,  7, 10, T50);
+    SET(c, d, a, b, 14, 15, T51);
+    SET(b, c, d, a,  5, 21, T52);
+    SET(a, b, c, d, 12,  6, T53);
+    SET(d, a, b, c,  3, 10, T54);
+    SET(c, d, a, b, 10, 15, T55);
+    SET(b, c, d, a,  1, 21, T56);
+    SET(a, b, c, d,  8,  6, T57);
+    SET(d, a, b, c, 15, 10, T58);
+    SET(c, d, a, b,  6, 15, T59);
+    SET(b, c, d, a, 13, 21, T60);
+    SET(a, b, c, d,  4,  6, T61);
+    SET(d, a, b, c, 11, 10, T62);
+    SET(c, d, a, b,  2, 15, T63);
+    SET(b, c, d, a,  9, 21, T64);
+#undef SET
+
+     /* Then perform the following additions. (That is increment each
+        of the four registers by the value it had before this block
+        was started.) */
+    pms-&gt;abcd[0] += a;
+    pms-&gt;abcd[1] += b;
+    pms-&gt;abcd[2] += c;
+    pms-&gt;abcd[3] += d;
+}
+
+void
+md5_init(md5_state_t *pms)
+{
+    pms-&gt;count[0] = pms-&gt;count[1] = 0;
+    pms-&gt;abcd[0] = 0x67452301;
+    pms-&gt;abcd[1] = /*0xefcdab89*/ T_MASK ^ 0x10325476;
+    pms-&gt;abcd[2] = /*0x98badcfe*/ T_MASK ^ 0x67452301;
+    pms-&gt;abcd[3] = 0x10325476;
+}
+
+void
+md5_append(md5_state_t *pms, const md5_byte_t *data, int nbytes)
+{
+    const md5_byte_t *p = data;
+    int left = nbytes;
+    int offset = (pms-&gt;count[0] &gt;&gt; 3) &amp; 63;
+    md5_word_t nbits = (md5_word_t)(nbytes &lt;&lt; 3);
+
+    if (nbytes &lt;= 0)
+       return;
+
+    /* Update the message length. */
+    pms-&gt;count[1] += nbytes &gt;&gt; 29;
+    pms-&gt;count[0] += nbits;
+    if (pms-&gt;count[0] &lt; nbits)
+       pms-&gt;count[1]++;
+
+    /* Process an initial partial block. */
+    if (offset) {
+       int copy = (offset + nbytes &gt; 64 ? 64 - offset : nbytes);
+
+       memcpy(pms-&gt;buf + offset, p, copy);
+       if (offset + copy &lt; 64)
+           return;
+       p += copy;
+       left -= copy;
+       md5_process(pms, pms-&gt;buf);
+    }
+
+    /* Process full blocks. */
+    for (; left &gt;= 64; p += 64, left -= 64)
+       md5_process(pms, p);
+
+    /* Process a final partial block. */
+    if (left)
+       memcpy(pms-&gt;buf, p, left);
+}
+
+void
+md5_finish(md5_state_t *pms, md5_byte_t digest[16])
+{
+    static const md5_byte_t pad[64] = {
+       0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+       0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+       0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+       0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
+    };
+    md5_byte_t data[8];
+    int i;
+
+    /* Save the length before padding. */
+    for (i = 0; i &lt; 8; ++i)
+       data[i] = (md5_byte_t)(pms-&gt;count[i &gt;&gt; 2] &gt;&gt; ((i &amp; 3) &lt;&lt; 3));
+    /* Pad to 56 bytes mod 64. */
+    md5_append(pms, pad, ((55 - (pms-&gt;count[0] &gt;&gt; 3)) &amp; 63) + 1);
+    /* Append the length. */
+    md5_append(pms, data, 8);
+    for (i = 0; i &lt; 16; ++i)
+       digest[i] = (md5_byte_t)(pms-&gt;abcd[i &gt;&gt; 2] &gt;&gt; ((i &amp; 3) &lt;&lt; 3));
+}
+/*======== End of L. Peter Deutsch's md5.c ========*/
 /*************************************************************************/
 /*************************************************************************/
 
@@ -347,13 +508,13 @@
 
 static int md5_encrypt(const char *src, int len, char *dest, int size)
 {
-    MD5_CTX context;
+    md5_state_t context;
 
     if (size &lt; 16)
         return 16;
-    MD5Init(&amp;context);
-    MD5Update(&amp;context, (unsigned char *)src, len);
-    MD5Final((unsigned char *)dest, &amp;context);
+    md5_init(&amp;context);
+    md5_append(&amp;context, (unsigned char *)src, len);
+    md5_finish(&amp;context, (unsigned char *)dest);
     return 0;
 }
 
</PRE>







<!--endarticle-->
    <HR>
    <P><UL>
        <!--threads-->
        <LI>Previous message: <A HREF="003289.html">[IRCServices Coding] md5 licensing
</A></li>
        <LI>Next message: <A HREF="003299.html">[IRCServices Coding] md5 licensing
</A></li>
         <LI> <B>Messages sorted by:</B> 
              <a href="date.html#3291">[ date ]</a>
              <a href="thread.html#3291">[ thread ]</a>
              <a href="subject.html#3291">[ subject ]</a>
              <a href="author.html#3291">[ author ]</a>
         </LI>
       </UL>

</body></html>