1c9502b53SPoul-Henning Kamp.\" 2c9502b53SPoul-Henning Kamp.\" ---------------------------------------------------------------------------- 3c9502b53SPoul-Henning Kamp.\" "THE BEER-WARE LICENSE" (Revision 42): 442c159feSPoul-Henning Kamp.\" <phk@FreeBSD.org> wrote this file. As long as you retain this notice you 5c9502b53SPoul-Henning Kamp.\" can do whatever you want with this stuff. If we meet some day, and you think 6c9502b53SPoul-Henning Kamp.\" this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp 7c9502b53SPoul-Henning Kamp.\" ---------------------------------------------------------------------------- 8c9502b53SPoul-Henning Kamp.\" 97f3dea24SPeter Wemm.\" $FreeBSD$ 10c9502b53SPoul-Henning Kamp.\" 11f26f4cf1SAllan Jude.Dd May 21, 2019 12c9502b53SPoul-Henning Kamp.Dt MDX 3 13a307d598SRuslan Ermilov.Os 14c9502b53SPoul-Henning Kamp.Sh NAME 15c9502b53SPoul-Henning Kamp.Nm MDXInit , 16c9502b53SPoul-Henning Kamp.Nm MDXUpdate , 17c6bcf724SPoul-Henning Kamp.Nm MDXPad , 18c9502b53SPoul-Henning Kamp.Nm MDXFinal , 19c9502b53SPoul-Henning Kamp.Nm MDXEnd , 20c9502b53SPoul-Henning Kamp.Nm MDXFile , 218a24546cSPoul-Henning Kamp.Nm MDXFileChunk , 22c211e812SMike Pritchard.Nm MDXData 2304422105SGarrett Wollman.Nd calculate the RSA Data Security, Inc., ``MDX'' message digest 249452ceebSAlexey Zelkin.Sh LIBRARY 259452ceebSAlexey Zelkin.Lb libmd 26c9502b53SPoul-Henning Kamp.Sh SYNOPSIS 2732eef9aeSRuslan Ermilov.In sys/types.h 2832eef9aeSRuslan Ermilov.In mdX.h 29c9502b53SPoul-Henning Kamp.Ft void 30c9502b53SPoul-Henning Kamp.Fn MDXInit "MDX_CTX *context" 31c9502b53SPoul-Henning Kamp.Ft void 3225a14196SPoul-Henning Kamp.Fn MDXUpdate "MDX_CTX *context" "const void *data" "unsigned int len" 33c9502b53SPoul-Henning Kamp.Ft void 34c6bcf724SPoul-Henning Kamp.Fn MDXPad "MDX_CTX *context" 35c6bcf724SPoul-Henning Kamp.Ft void 36c9502b53SPoul-Henning Kamp.Fn MDXFinal "unsigned char digest[16]" "MDX_CTX *context" 37c9502b53SPoul-Henning Kamp.Ft "char *" 3805f65b29SPoul-Henning Kamp.Fn MDXEnd "MDX_CTX *context" "char *buf" 39c9502b53SPoul-Henning Kamp.Ft "char *" 40f7787644SJoerg Wunsch.Fn MDXFile "const char *filename" "char *buf" 41c9502b53SPoul-Henning Kamp.Ft "char *" 428a24546cSPoul-Henning Kamp.Fn MDXFileChunk "const char *filename" "char *buf" "off_t offset" "off_t length" 438a24546cSPoul-Henning Kamp.Ft "char *" 4425a14196SPoul-Henning Kamp.Fn MDXData "const void *data" "unsigned int len" "char *buf" 45c9502b53SPoul-Henning Kamp.Sh DESCRIPTION 46c9502b53SPoul-Henning KampThe MDX functions calculate a 128-bit cryptographic checksum (digest) 47dc2af37dSHiten Pandyafor any number of input bytes. 48dc2af37dSHiten PandyaA cryptographic checksum is a one-way 49c9502b53SPoul-Henning Kamphash-function, that is, you cannot find (except by exhaustive search) 50dc2af37dSHiten Pandyathe input corresponding to a particular output. 51dc2af37dSHiten PandyaThis net result is a 52dc2af37dSHiten Pandya.Dq fingerprint 530227791bSRuslan Ermilovof the input-data, which does not disclose the actual input. 5404422105SGarrett Wollman.Pp 559b9c3018SDavid E. O'BrienMD4 is the fastest and MD5 is somewhat slower. 5648ee93d6SGarrett WollmanMD4 has now been broken; it should only be used where necessary for 5748ee93d6SGarrett Wollmanbackward compatibility. 5848ee93d6SGarrett WollmanMD5 has not yet (1999-02-11) been broken, but sufficient attacks have been 59dc2af37dSHiten Pandyamade that its security is in some doubt. 60dc2af37dSHiten PandyaThe attacks on both MD4 and MD5 61dc2af37dSHiten Pandyaare both in the nature of finding 62dc2af37dSHiten Pandya.Dq collisions 63dc2af37dSHiten Pandya\[en] 64dc2af37dSHiten Pandyathat is, multiple 6548ee93d6SGarrett Wollmaninputs which hash to the same value; it is still unlikely for an attacker 6648ee93d6SGarrett Wollmanto be able to determine the exact original input given a hash value. 6704422105SGarrett Wollman.Pp 68c9502b53SPoul-Henning KampThe 69c9502b53SPoul-Henning Kamp.Fn MDXInit , 7004422105SGarrett Wollman.Fn MDXUpdate , 71c9502b53SPoul-Henning Kampand 72c9502b53SPoul-Henning Kamp.Fn MDXFinal 73dc2af37dSHiten Pandyafunctions are the core functions. 74dc2af37dSHiten PandyaAllocate an 75dc2af37dSHiten Pandya.Vt MDX_CTX , 76dc2af37dSHiten Pandyainitialize it with 7704422105SGarrett Wollman.Fn MDXInit , 78c9502b53SPoul-Henning Kamprun over the data with 7904422105SGarrett Wollman.Fn MDXUpdate , 80c9502b53SPoul-Henning Kampand finally extract the result using 8166bdf50fSXin LI.Fn MDXFinal , 8266bdf50fSXin LIwhich will also erase the 8366bdf50fSXin LI.Vt MDX_CTX . 8404422105SGarrett Wollman.Pp 850552350eSPhilippe CharnierThe 86c6bcf724SPoul-Henning Kamp.Fn MDXPad 870552350eSPhilippe Charnierfunction can be used to pad message data in same way 88c6bcf724SPoul-Henning Kampas done by 89c6bcf724SPoul-Henning Kamp.Fn MDXFinal 90c6bcf724SPoul-Henning Kampwithout terminating calculation. 91c6bcf724SPoul-Henning Kamp.Pp 920552350eSPhilippe CharnierThe 93c9502b53SPoul-Henning Kamp.Fn MDXEnd 940552350eSPhilippe Charnierfunction is a wrapper for 9504422105SGarrett Wollman.Fn MDXFinal 9604422105SGarrett Wollmanwhich converts the return value to a 33-character 9704422105SGarrett Wollman(including the terminating '\e0') 9804422105SGarrett Wollman.Tn ASCII 9904422105SGarrett Wollmanstring which represents the 128 bits in hexadecimal. 10004422105SGarrett Wollman.Pp 1010552350eSPhilippe CharnierThe 102c9502b53SPoul-Henning Kamp.Fn MDXFile 1030552350eSPhilippe Charnierfunction calculates the digest of a file, and uses 104228a1015SJohn Polstra.Fn MDXEnd 10505f65b29SPoul-Henning Kampto return the result. 10604422105SGarrett WollmanIf the file cannot be opened, a null pointer is returned. 1070552350eSPhilippe CharnierThe 1088a24546cSPoul-Henning Kamp.Fn MDXFileChunk 1090552350eSPhilippe Charnierfunction is similar to 1108a24546cSPoul-Henning Kamp.Fn MDXFile , 1118a24546cSPoul-Henning Kampbut it only calculates the digest over a byte-range of the file specified, 1128a24546cSPoul-Henning Kampstarting at 1137e5d6de0SRuslan Ermilov.Fa offset 1148a24546cSPoul-Henning Kampand spanning 1157e5d6de0SRuslan Ermilov.Fa length 1168a24546cSPoul-Henning Kampbytes. 1178a24546cSPoul-Henning KampIf the 1187e5d6de0SRuslan Ermilov.Fa length 1198a24546cSPoul-Henning Kampparameter is specified as 0, or more than the length of the remaining part 1208a24546cSPoul-Henning Kampof the file, 1218a24546cSPoul-Henning Kamp.Fn MDXFileChunk 1228a24546cSPoul-Henning Kampcalculates the digest from 1237e5d6de0SRuslan Ermilov.Fa offset 1248a24546cSPoul-Henning Kampto the end of file. 1250552350eSPhilippe CharnierThe 126c9502b53SPoul-Henning Kamp.Fn MDXData 1270552350eSPhilippe Charnierfunction calculates the digest of a chunk of data in memory, and uses 128228a1015SJohn Polstra.Fn MDXEnd 12905f65b29SPoul-Henning Kampto return the result. 13004422105SGarrett Wollman.Pp 131c9502b53SPoul-Henning KampWhen using 132c9502b53SPoul-Henning Kamp.Fn MDXEnd , 13304422105SGarrett Wollman.Fn MDXFile , 13405f65b29SPoul-Henning Kampor 135c9502b53SPoul-Henning Kamp.Fn MDXData , 13605f65b29SPoul-Henning Kampthe 1377e5d6de0SRuslan Ermilov.Fa buf 13804422105SGarrett Wollmanargument can be a null pointer, in which case the returned string 13904422105SGarrett Wollmanis allocated with 14005f65b29SPoul-Henning Kamp.Xr malloc 3 14105f65b29SPoul-Henning Kampand subsequently must be explicitly deallocated using 142c9502b53SPoul-Henning Kamp.Xr free 3 143c9502b53SPoul-Henning Kampafter use. 14405f65b29SPoul-Henning KampIf the 1457e5d6de0SRuslan Ermilov.Fa buf 14604422105SGarrett Wollmanargument is non-null it must point to at least 33 characters of buffer space. 147f26f4cf1SAllan Jude.Sh ERRORS 148f26f4cf1SAllan JudeThe 149f26f4cf1SAllan Jude.Fn MDXEnd 150f26f4cf1SAllan Judefunction called with a null buf argument may fail and return NULL if: 151f26f4cf1SAllan Jude.Bl -tag -width Er 152f26f4cf1SAllan Jude.It Bq Er ENOMEM 153f26f4cf1SAllan JudeInsufficient storage space is available. 154f26f4cf1SAllan Jude.El 155f26f4cf1SAllan Jude.Pp 156f26f4cf1SAllan JudeThe 157f26f4cf1SAllan Jude.Fn MDXFile 158f26f4cf1SAllan Judeand 159f26f4cf1SAllan Jude.Fn MDXFileChunk 160f26f4cf1SAllan Judemay return NULL when underlying 161f26f4cf1SAllan Jude.Xr open 2 , 162f26f4cf1SAllan Jude.Xr fstat 2 , 163f26f4cf1SAllan Jude.Xr lseek 2 , 164f26f4cf1SAllan Judeor 165*30f62691SJens Schweikhardt.Xr MDXEnd 3 166f26f4cf1SAllan Judefail. 167c9502b53SPoul-Henning Kamp.Sh SEE ALSO 168c9502b53SPoul-Henning Kamp.Xr md4 3 , 169c177a86bSGarrett Wollman.Xr md5 3 , 170b468a9ffSAllan Jude.Xr ripemd 3 , 171b468a9ffSAllan Jude.Xr sha 3 , 172b468a9ffSAllan Jude.Xr sha256 3 , 173b468a9ffSAllan Jude.Xr sha512 3 , 174b468a9ffSAllan Jude.Xr skein 3 17504422105SGarrett Wollman.Rs 17604422105SGarrett Wollman.%A R. Rivest 17704422105SGarrett Wollman.%T The MD4 Message-Digest Algorithm 17804422105SGarrett Wollman.%O RFC 1186 17904422105SGarrett Wollman.Re 18004422105SGarrett Wollman.Rs 18104422105SGarrett Wollman.%A R. Rivest 18204422105SGarrett Wollman.%T The MD5 Message-Digest Algorithm 18304422105SGarrett Wollman.%O RFC 1321 18404422105SGarrett Wollman.Re 18504422105SGarrett Wollman.Rs 18648ee93d6SGarrett Wollman.%A H. Dobbertin 18748ee93d6SGarrett Wollman.%T Alf Swindles Ann 18848ee93d6SGarrett Wollman.%J CryptoBytes 18948ee93d6SGarrett Wollman.%N 1(3):5 19048ee93d6SGarrett Wollman.%D 1995 19148ee93d6SGarrett Wollman.Re 19248ee93d6SGarrett Wollman.Rs 19348ee93d6SGarrett Wollman.%A MJ. B. Robshaw 19448ee93d6SGarrett Wollman.%T On Recent Results for MD2, MD4 and MD5 19548ee93d6SGarrett Wollman.%J RSA Laboratories Bulletin 19648ee93d6SGarrett Wollman.%N 4 19748ee93d6SGarrett Wollman.%D November 12, 1996 19804422105SGarrett Wollman.Re 19924a0682cSRuslan Ermilov.Sh HISTORY 20024a0682cSRuslan ErmilovThese functions appeared in 20124a0682cSRuslan Ermilov.Fx 2.0 . 202a5941fc2SPhilippe Charnier.Sh AUTHORS 20304422105SGarrett WollmanThe original MDX routines were developed by 20404422105SGarrett Wollman.Tn RSA 20504422105SGarrett WollmanData Security, Inc., and published in the above references. 206a5941fc2SPhilippe CharnierThis code is derived directly from these implementations by 2072b7af31cSBaptiste Daroussin.An Poul-Henning Kamp Aq Mt phk@FreeBSD.org . 20804422105SGarrett Wollman.Pp 209c9502b53SPoul-Henning KampPhk ristede runen. 210c9502b53SPoul-Henning Kamp.Sh BUGS 21134841dd6SAllan JudeThe 21234841dd6SAllan Jude.Tn MD5 21334841dd6SAllan Judealgorithm has been proven to be vulnerable to practical collision 21434841dd6SAllan Judeattacks and should not be relied upon to produce unique outputs, 21534841dd6SAllan Jude.Em nor should they be used as part of a cryptographic signature scheme. 216