1.\" 2.\" ---------------------------------------------------------------------------- 3.\" "THE BEER-WARE LICENSE" (Revision 42): 4.\" <phk@FreeBSD.org> wrote this file. As long as you retain this notice you 5.\" can do whatever you want with this stuff. If we meet some day, and you think 6.\" this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp 7.\" ---------------------------------------------------------------------------- 8.\" 9.\" $FreeBSD$ 10.\" 11.Dd May 21, 2019 12.Dt MDX 3 13.Os 14.Sh NAME 15.Nm MDXInit , 16.Nm MDXUpdate , 17.Nm MDXPad , 18.Nm MDXFinal , 19.Nm MDXEnd , 20.Nm MDXFile , 21.Nm MDXFileChunk , 22.Nm MDXData 23.Nd calculate the RSA Data Security, Inc., ``MDX'' message digest 24.Sh LIBRARY 25.Lb libmd 26.Sh SYNOPSIS 27.In sys/types.h 28.In mdX.h 29.Ft void 30.Fn MDXInit "MDX_CTX *context" 31.Ft void 32.Fn MDXUpdate "MDX_CTX *context" "const void *data" "unsigned int len" 33.Ft void 34.Fn MDXPad "MDX_CTX *context" 35.Ft void 36.Fn MDXFinal "unsigned char digest[16]" "MDX_CTX *context" 37.Ft "char *" 38.Fn MDXEnd "MDX_CTX *context" "char *buf" 39.Ft "char *" 40.Fn MDXFile "const char *filename" "char *buf" 41.Ft "char *" 42.Fn MDXFileChunk "const char *filename" "char *buf" "off_t offset" "off_t length" 43.Ft "char *" 44.Fn MDXData "const void *data" "unsigned int len" "char *buf" 45.Sh DESCRIPTION 46The MDX functions calculate a 128-bit cryptographic checksum (digest) 47for any number of input bytes. 48A cryptographic checksum is a one-way 49hash-function, that is, you cannot find (except by exhaustive search) 50the input corresponding to a particular output. 51This net result is a 52.Dq fingerprint 53of the input-data, which does not disclose the actual input. 54.Pp 55MD4 is the fastest and MD5 is somewhat slower. 56MD4 has now been broken; it should only be used where necessary for 57backward compatibility. 58MD5 has not yet (1999-02-11) been broken, but sufficient attacks have been 59made that its security is in some doubt. 60The attacks on both MD4 and MD5 61are both in the nature of finding 62.Dq collisions 63\[en] 64that is, multiple 65inputs which hash to the same value; it is still unlikely for an attacker 66to be able to determine the exact original input given a hash value. 67.Pp 68The 69.Fn MDXInit , 70.Fn MDXUpdate , 71and 72.Fn MDXFinal 73functions are the core functions. 74Allocate an 75.Vt MDX_CTX , 76initialize it with 77.Fn MDXInit , 78run over the data with 79.Fn MDXUpdate , 80and finally extract the result using 81.Fn MDXFinal , 82which will also erase the 83.Vt MDX_CTX . 84.Pp 85The 86.Fn MDXPad 87function can be used to pad message data in same way 88as done by 89.Fn MDXFinal 90without terminating calculation. 91.Pp 92The 93.Fn MDXEnd 94function is a wrapper for 95.Fn MDXFinal 96which converts the return value to a 33-character 97(including the terminating '\e0') 98.Tn ASCII 99string which represents the 128 bits in hexadecimal. 100.Pp 101The 102.Fn MDXFile 103function calculates the digest of a file, and uses 104.Fn MDXEnd 105to return the result. 106If the file cannot be opened, a null pointer is returned. 107The 108.Fn MDXFileChunk 109function is similar to 110.Fn MDXFile , 111but it only calculates the digest over a byte-range of the file specified, 112starting at 113.Fa offset 114and spanning 115.Fa length 116bytes. 117If the 118.Fa length 119parameter is specified as 0, or more than the length of the remaining part 120of the file, 121.Fn MDXFileChunk 122calculates the digest from 123.Fa offset 124to the end of file. 125The 126.Fn MDXData 127function calculates the digest of a chunk of data in memory, and uses 128.Fn MDXEnd 129to return the result. 130.Pp 131When using 132.Fn MDXEnd , 133.Fn MDXFile , 134or 135.Fn MDXData , 136the 137.Fa buf 138argument can be a null pointer, in which case the returned string 139is allocated with 140.Xr malloc 3 141and subsequently must be explicitly deallocated using 142.Xr free 3 143after use. 144If the 145.Fa buf 146argument is non-null it must point to at least 33 characters of buffer space. 147.Sh ERRORS 148The 149.Fn MDXEnd 150function called with a null buf argument may fail and return NULL if: 151.Bl -tag -width Er 152.It Bq Er ENOMEM 153Insufficient storage space is available. 154.El 155.Pp 156The 157.Fn MDXFile 158and 159.Fn MDXFileChunk 160may return NULL when underlying 161.Xr open 2 , 162.Xr fstat 2 , 163.Xr lseek 2 , 164or 165.Xr MDXEnd 3 166fail. 167.Sh SEE ALSO 168.Xr md4 3 , 169.Xr md5 3 , 170.Xr ripemd 3 , 171.Xr sha 3 , 172.Xr sha256 3 , 173.Xr sha512 3 , 174.Xr skein 3 175.Rs 176.%A R. Rivest 177.%T The MD4 Message-Digest Algorithm 178.%O RFC 1186 179.Re 180.Rs 181.%A R. Rivest 182.%T The MD5 Message-Digest Algorithm 183.%O RFC 1321 184.Re 185.Rs 186.%A H. Dobbertin 187.%T Alf Swindles Ann 188.%J CryptoBytes 189.%N 1(3):5 190.%D 1995 191.Re 192.Rs 193.%A MJ. B. Robshaw 194.%T On Recent Results for MD2, MD4 and MD5 195.%J RSA Laboratories Bulletin 196.%N 4 197.%D November 12, 1996 198.Re 199.Sh HISTORY 200These functions appeared in 201.Fx 2.0 . 202.Sh AUTHORS 203The original MDX routines were developed by 204.Tn RSA 205Data Security, Inc., and published in the above references. 206This code is derived directly from these implementations by 207.An Poul-Henning Kamp Aq Mt phk@FreeBSD.org . 208.Pp 209Phk ristede runen. 210.Sh BUGS 211The 212.Tn MD5 213algorithm has been proven to be vulnerable to practical collision 214attacks and should not be relied upon to produce unique outputs, 215.Em nor should they be used as part of a cryptographic signature scheme. 216