1c9502b53SPoul-Henning Kamp.\" 2c9502b53SPoul-Henning Kamp.\" ---------------------------------------------------------------------------- 3c9502b53SPoul-Henning Kamp.\" "THE BEER-WARE LICENSE" (Revision 42): 442c159feSPoul-Henning Kamp.\" <phk@FreeBSD.org> wrote this file. As long as you retain this notice you 5c9502b53SPoul-Henning Kamp.\" can do whatever you want with this stuff. If we meet some day, and you think 6c9502b53SPoul-Henning Kamp.\" this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp 7c9502b53SPoul-Henning Kamp.\" ---------------------------------------------------------------------------- 8c9502b53SPoul-Henning Kamp.\" 97f3dea24SPeter Wemm.\" $FreeBSD$ 10c9502b53SPoul-Henning Kamp.\" 11*66bdf50fSXin LI.Dd July 20, 2018 12c9502b53SPoul-Henning Kamp.Dt MDX 3 13a307d598SRuslan Ermilov.Os 14c9502b53SPoul-Henning Kamp.Sh NAME 15c9502b53SPoul-Henning Kamp.Nm MDXInit , 16c9502b53SPoul-Henning Kamp.Nm MDXUpdate , 17c6bcf724SPoul-Henning Kamp.Nm MDXPad , 18c9502b53SPoul-Henning Kamp.Nm MDXFinal , 19c9502b53SPoul-Henning Kamp.Nm MDXEnd , 20c9502b53SPoul-Henning Kamp.Nm MDXFile , 218a24546cSPoul-Henning Kamp.Nm MDXFileChunk , 22c211e812SMike Pritchard.Nm MDXData 2304422105SGarrett Wollman.Nd calculate the RSA Data Security, Inc., ``MDX'' message digest 249452ceebSAlexey Zelkin.Sh LIBRARY 259452ceebSAlexey Zelkin.Lb libmd 26c9502b53SPoul-Henning Kamp.Sh SYNOPSIS 2732eef9aeSRuslan Ermilov.In sys/types.h 2832eef9aeSRuslan Ermilov.In mdX.h 29c9502b53SPoul-Henning Kamp.Ft void 30c9502b53SPoul-Henning Kamp.Fn MDXInit "MDX_CTX *context" 31c9502b53SPoul-Henning Kamp.Ft void 3225a14196SPoul-Henning Kamp.Fn MDXUpdate "MDX_CTX *context" "const void *data" "unsigned int len" 33c9502b53SPoul-Henning Kamp.Ft void 34c6bcf724SPoul-Henning Kamp.Fn MDXPad "MDX_CTX *context" 35c6bcf724SPoul-Henning Kamp.Ft void 36c9502b53SPoul-Henning Kamp.Fn MDXFinal "unsigned char digest[16]" "MDX_CTX *context" 37c9502b53SPoul-Henning Kamp.Ft "char *" 3805f65b29SPoul-Henning Kamp.Fn MDXEnd "MDX_CTX *context" "char *buf" 39c9502b53SPoul-Henning Kamp.Ft "char *" 40f7787644SJoerg Wunsch.Fn MDXFile "const char *filename" "char *buf" 41c9502b53SPoul-Henning Kamp.Ft "char *" 428a24546cSPoul-Henning Kamp.Fn MDXFileChunk "const char *filename" "char *buf" "off_t offset" "off_t length" 438a24546cSPoul-Henning Kamp.Ft "char *" 4425a14196SPoul-Henning Kamp.Fn MDXData "const void *data" "unsigned int len" "char *buf" 45c9502b53SPoul-Henning Kamp.Sh DESCRIPTION 46c9502b53SPoul-Henning KampThe MDX functions calculate a 128-bit cryptographic checksum (digest) 47dc2af37dSHiten Pandyafor any number of input bytes. 48dc2af37dSHiten PandyaA cryptographic checksum is a one-way 49c9502b53SPoul-Henning Kamphash-function, that is, you cannot find (except by exhaustive search) 50dc2af37dSHiten Pandyathe input corresponding to a particular output. 51dc2af37dSHiten PandyaThis net result is a 52dc2af37dSHiten Pandya.Dq fingerprint 530227791bSRuslan Ermilovof the input-data, which does not disclose the actual input. 5404422105SGarrett Wollman.Pp 559b9c3018SDavid E. O'BrienMD4 is the fastest and MD5 is somewhat slower. 5648ee93d6SGarrett WollmanMD4 has now been broken; it should only be used where necessary for 5748ee93d6SGarrett Wollmanbackward compatibility. 5848ee93d6SGarrett WollmanMD5 has not yet (1999-02-11) been broken, but sufficient attacks have been 59dc2af37dSHiten Pandyamade that its security is in some doubt. 60dc2af37dSHiten PandyaThe attacks on both MD4 and MD5 61dc2af37dSHiten Pandyaare both in the nature of finding 62dc2af37dSHiten Pandya.Dq collisions 63dc2af37dSHiten Pandya\[en] 64dc2af37dSHiten Pandyathat is, multiple 6548ee93d6SGarrett Wollmaninputs which hash to the same value; it is still unlikely for an attacker 6648ee93d6SGarrett Wollmanto be able to determine the exact original input given a hash value. 6704422105SGarrett Wollman.Pp 68c9502b53SPoul-Henning KampThe 69c9502b53SPoul-Henning Kamp.Fn MDXInit , 7004422105SGarrett Wollman.Fn MDXUpdate , 71c9502b53SPoul-Henning Kampand 72c9502b53SPoul-Henning Kamp.Fn MDXFinal 73dc2af37dSHiten Pandyafunctions are the core functions. 74dc2af37dSHiten PandyaAllocate an 75dc2af37dSHiten Pandya.Vt MDX_CTX , 76dc2af37dSHiten Pandyainitialize it with 7704422105SGarrett Wollman.Fn MDXInit , 78c9502b53SPoul-Henning Kamprun over the data with 7904422105SGarrett Wollman.Fn MDXUpdate , 80c9502b53SPoul-Henning Kampand finally extract the result using 81*66bdf50fSXin LI.Fn MDXFinal , 82*66bdf50fSXin LIwhich will also erase the 83*66bdf50fSXin LI.Vt MDX_CTX . 8404422105SGarrett Wollman.Pp 850552350eSPhilippe CharnierThe 86c6bcf724SPoul-Henning Kamp.Fn MDXPad 870552350eSPhilippe Charnierfunction can be used to pad message data in same way 88c6bcf724SPoul-Henning Kampas done by 89c6bcf724SPoul-Henning Kamp.Fn MDXFinal 90c6bcf724SPoul-Henning Kampwithout terminating calculation. 91c6bcf724SPoul-Henning Kamp.Pp 920552350eSPhilippe CharnierThe 93c9502b53SPoul-Henning Kamp.Fn MDXEnd 940552350eSPhilippe Charnierfunction is a wrapper for 9504422105SGarrett Wollman.Fn MDXFinal 9604422105SGarrett Wollmanwhich converts the return value to a 33-character 9704422105SGarrett Wollman(including the terminating '\e0') 9804422105SGarrett Wollman.Tn ASCII 9904422105SGarrett Wollmanstring which represents the 128 bits in hexadecimal. 10004422105SGarrett Wollman.Pp 1010552350eSPhilippe CharnierThe 102c9502b53SPoul-Henning Kamp.Fn MDXFile 1030552350eSPhilippe Charnierfunction calculates the digest of a file, and uses 104228a1015SJohn Polstra.Fn MDXEnd 10505f65b29SPoul-Henning Kampto return the result. 10604422105SGarrett WollmanIf the file cannot be opened, a null pointer is returned. 1070552350eSPhilippe CharnierThe 1088a24546cSPoul-Henning Kamp.Fn MDXFileChunk 1090552350eSPhilippe Charnierfunction is similar to 1108a24546cSPoul-Henning Kamp.Fn MDXFile , 1118a24546cSPoul-Henning Kampbut it only calculates the digest over a byte-range of the file specified, 1128a24546cSPoul-Henning Kampstarting at 1137e5d6de0SRuslan Ermilov.Fa offset 1148a24546cSPoul-Henning Kampand spanning 1157e5d6de0SRuslan Ermilov.Fa length 1168a24546cSPoul-Henning Kampbytes. 1178a24546cSPoul-Henning KampIf the 1187e5d6de0SRuslan Ermilov.Fa length 1198a24546cSPoul-Henning Kampparameter is specified as 0, or more than the length of the remaining part 1208a24546cSPoul-Henning Kampof the file, 1218a24546cSPoul-Henning Kamp.Fn MDXFileChunk 1228a24546cSPoul-Henning Kampcalculates the digest from 1237e5d6de0SRuslan Ermilov.Fa offset 1248a24546cSPoul-Henning Kampto the end of file. 1250552350eSPhilippe CharnierThe 126c9502b53SPoul-Henning Kamp.Fn MDXData 1270552350eSPhilippe Charnierfunction calculates the digest of a chunk of data in memory, and uses 128228a1015SJohn Polstra.Fn MDXEnd 12905f65b29SPoul-Henning Kampto return the result. 13004422105SGarrett Wollman.Pp 131c9502b53SPoul-Henning KampWhen using 132c9502b53SPoul-Henning Kamp.Fn MDXEnd , 13304422105SGarrett Wollman.Fn MDXFile , 13405f65b29SPoul-Henning Kampor 135c9502b53SPoul-Henning Kamp.Fn MDXData , 13605f65b29SPoul-Henning Kampthe 1377e5d6de0SRuslan Ermilov.Fa buf 13804422105SGarrett Wollmanargument can be a null pointer, in which case the returned string 13904422105SGarrett Wollmanis allocated with 14005f65b29SPoul-Henning Kamp.Xr malloc 3 14105f65b29SPoul-Henning Kampand subsequently must be explicitly deallocated using 142c9502b53SPoul-Henning Kamp.Xr free 3 143c9502b53SPoul-Henning Kampafter use. 14405f65b29SPoul-Henning KampIf the 1457e5d6de0SRuslan Ermilov.Fa buf 14604422105SGarrett Wollmanargument is non-null it must point to at least 33 characters of buffer space. 147c9502b53SPoul-Henning Kamp.Sh SEE ALSO 148c9502b53SPoul-Henning Kamp.Xr md4 3 , 149c177a86bSGarrett Wollman.Xr md5 3 , 150b468a9ffSAllan Jude.Xr ripemd 3 , 151b468a9ffSAllan Jude.Xr sha 3 , 152b468a9ffSAllan Jude.Xr sha256 3 , 153b468a9ffSAllan Jude.Xr sha512 3 , 154b468a9ffSAllan Jude.Xr skein 3 15504422105SGarrett Wollman.Rs 15604422105SGarrett Wollman.%A R. Rivest 15704422105SGarrett Wollman.%T The MD4 Message-Digest Algorithm 15804422105SGarrett Wollman.%O RFC 1186 15904422105SGarrett Wollman.Re 16004422105SGarrett Wollman.Rs 16104422105SGarrett Wollman.%A R. Rivest 16204422105SGarrett Wollman.%T The MD5 Message-Digest Algorithm 16304422105SGarrett Wollman.%O RFC 1321 16404422105SGarrett Wollman.Re 16504422105SGarrett Wollman.Rs 16648ee93d6SGarrett Wollman.%A H. Dobbertin 16748ee93d6SGarrett Wollman.%T Alf Swindles Ann 16848ee93d6SGarrett Wollman.%J CryptoBytes 16948ee93d6SGarrett Wollman.%N 1(3):5 17048ee93d6SGarrett Wollman.%D 1995 17148ee93d6SGarrett Wollman.Re 17248ee93d6SGarrett Wollman.Rs 17348ee93d6SGarrett Wollman.%A MJ. B. Robshaw 17448ee93d6SGarrett Wollman.%T On Recent Results for MD2, MD4 and MD5 17548ee93d6SGarrett Wollman.%J RSA Laboratories Bulletin 17648ee93d6SGarrett Wollman.%N 4 17748ee93d6SGarrett Wollman.%D November 12, 1996 17804422105SGarrett Wollman.Re 17924a0682cSRuslan Ermilov.Sh HISTORY 18024a0682cSRuslan ErmilovThese functions appeared in 18124a0682cSRuslan Ermilov.Fx 2.0 . 182a5941fc2SPhilippe Charnier.Sh AUTHORS 18304422105SGarrett WollmanThe original MDX routines were developed by 18404422105SGarrett Wollman.Tn RSA 18504422105SGarrett WollmanData Security, Inc., and published in the above references. 186a5941fc2SPhilippe CharnierThis code is derived directly from these implementations by 1872b7af31cSBaptiste Daroussin.An Poul-Henning Kamp Aq Mt phk@FreeBSD.org . 18804422105SGarrett Wollman.Pp 189c9502b53SPoul-Henning KampPhk ristede runen. 190c9502b53SPoul-Henning Kamp.Sh BUGS 191c9502b53SPoul-Henning KampNo method is known to exist which finds two files having the same hash value, 192c9502b53SPoul-Henning Kampnor to find a file with a specific hash value. 1930227791bSRuslan ErmilovThere is on the other hand no guarantee that such a method does not exist. 194