1 files changed, 570 insertions, 0 deletions
diff --git a/libetpan/src/data-types/md5.c b/libetpan/src/data-types/md5.c
new file mode 100644
index 0000000..3c46b5e
--- a/dev/null
+++ b/libetpan/src/data-types/md5.c
@@ -0,0 +1,570 @@
+/*
+ * libEtPan! -- a mail stuff library
+ *
+ * Copyright (C) 2001, 2005 - DINH Viet Hoa
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the libEtPan! project nor the names of its
+ *    contributors may be used to endorse or promote products derived
+ *    from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+/*
+ * $Id$
+ */
+/* MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm
+*/
+/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
+rights reserved.
+License to copy and use this software is granted provided that it
+is identified as the "RSA Data Security, Inc. MD5 Message-Digest
+Algorithm" in all material mentioning or referencing this software
+or this function.
+License is also granted to make and use derivative works provided
+that such works are identified as "derived from the RSA Data
+Security, Inc. MD5 Message-Digest Algorithm" in all material
+mentioning or referencing the derived work.
+RSA Data Security, Inc. makes no representations concerning either
+the merchantability of this software or the suitability of this
+software for any particular purpose. It is provided "as is"
+without express or implied warranty of any kind.
+These notices must be retained in any copies of any part of this
+documentation and/or software.
+*/
+/* do i need all of this just for htonl()? damn. */
+#include <sys/types.h>
+#include <sys/param.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include "md5global.h"
+#include "md5.h"
+#include "hmac-md5.h"
+/* Constants for MD5Transform routine.
+*/
+#define S11 7
+#define S12 12
+#define S13 17
+#define S14 22
+#define S21 5
+#define S22 9
+#define S23 14
+#define S24 20
+#define S31 4
+#define S32 11
+#define S33 16
+#define S34 23
+#define S41 6
+#define S42 10
+#define S43 15
+#define S44 21
+static void MD5Transform PROTO_LIST ((UINT4 [4], unsigned char [64]));
+static void Encode PROTO_LIST
+       ((unsigned char *, UINT4 *, unsigned int)); 
+static void Decode PROTO_LIST
+       ((UINT4 *, unsigned char *, unsigned int)); 
+static void MD5_memcpy PROTO_LIST ((POINTER, POINTER, unsigned int));
+static void MD5_memset PROTO_LIST ((POINTER, int, unsigned int));
+static unsigned char PADDING[64] = {
+       0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+       0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 
+};
+/* F, G, H and I are basic MD5 functions.
+        */
+#ifdef I
+/* This might be defined via NANA */
+#undef I
+#endif
+#define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
+#define G(x, y, z) (((x) & (z)) | ((y) & (~z)))
+#define H(x, y, z) ((x) ^ (y) ^ (z))
+#define I(x, y, z) ((y) ^ ((x) | (~z)))
+/* ROTATE_LEFT rotates x left n bits.
+        */
+#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n))))
+/* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4.
+Rotation is separate from addition to prevent recomputation.
+*/
+#define FF(a, b, c, d, x, s, ac) { (a) += F ((b), (c), (d)) + (x) + (UINT4)(ac); (a) = ROTATE_LEFT ((a), (s));        (a) += (b);        } 
+#define GG(a, b, c, d, x, s, ac) {        (a) += G ((b), (c), (d)) + (x) + (UINT4)(ac);        (a) = ROTATE_LEFT ((a), (s));        (a) += (b);         } 
+#define HH(a, b, c, d, x, s, ac) {        (a) += H ((b), (c), (d)) + (x) + (UINT4)(ac);        (a) = ROTATE_LEFT ((a), (s));        (a) += (b);        } 
+#define II(a, b, c, d, x, s, ac) {        (a) += I ((b), (c), (d)) + (x) + (UINT4)(ac);        (a) = ROTATE_LEFT ((a), (s));        (a) += (b);        } 
+/* MD5 initialization. Begins an MD5 operation, writing a new context.
+*/
+void MD5Init (context)
+MD5_CTX *context; /* context */
+{
+       context->count[0] = context->count[1] = 0; 
+         /* Load magic initialization constants.
+*/
+       context->state[0] = 0x67452301; 
+       context->state[1] = 0xefcdab89; 
+       context->state[2] = 0x98badcfe; 
+       context->state[3] = 0x10325476; 
+}
+/* MD5 block update operation. Continues an MD5 message-digest
+       operation, processing another message block, and updating the context. 
+*/
+void MD5Update (context, input, inputLen)
+MD5_CTX *context; /* context */
+unsigned char *input; /* input block */
+unsigned int inputLen; /* length of input block */
+{
+       unsigned int i, index, partLen; 
+         /* Compute number of bytes mod 64 */
+         index = (unsigned int)((context->count[0] >> 3) & 0x3F);
+         /* Update number of bits */
+         if ((context->count[0] += ((UINT4)inputLen << 3))
+          < ((UINT4)inputLen << 3))
+        context->count[1]++;
+         context->count[1] += ((UINT4)inputLen >> 29);
+       partLen = 64 - index; 
+         /* Transform as many times as possible.
+*/
+       if (inputLen >= partLen) { 
+       MD5_memcpy 
+       ((POINTER)&context->buffer[index], (POINTER)input, partLen); MD5Transform
+       (context->state, context->buffer); 
+       for (i = partLen; i + 63 < inputLen; i += 64) 
+       MD5Transform (context->state, &input[i]); 
+       index = 0; 
+       } 
+       else 
+       i = 0; 
+         /* Buffer remaining input */
+         MD5_memcpy
+        ((POINTER)&context->buffer[index], (POINTER)&input[i],
+         inputLen-i);
+}
+/* MD5 finalization. Ends an MD5 message-digest operation, writing the
+       the message digest and zeroizing the context. 
+        */
+void MD5Final (digest, context)
+unsigned char digest[16]; /* message digest */
+MD5_CTX *context; /* context */
+{
+       unsigned char bits[8]; 
+       unsigned int index, padLen; 
+         /* Save number of bits */
+         Encode (bits, context->count, 8);
+         /* Pad out to 56 mod 64.
+*/
+       index = (unsigned int)((context->count[0] >> 3) & 0x3f); 
+       padLen = (index < 56) ? (56 - index) : (120 - index); 
+       MD5Update (context, PADDING, padLen); 
+         /* Append length (before padding) */
+         MD5Update (context, bits, 8);
+         /* Store state in digest */
+         Encode (digest, context->state, 16);
+         /* Zeroize sensitive information.
+*/
+       MD5_memset ((POINTER)context, 0, sizeof (*context)); 
+}
+/* MD5 basic transformation. Transforms state based on block.
+        */
+static void MD5Transform (state, block)
+UINT4 state[4];
+unsigned char block[64];
+{
+       UINT4 a = state[0], b = state[1], c = state[2], d = state[3], x[16]; 
+       Decode (x, block, 64); 
+         /* Round 1 */
+         FF (a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */
+         FF (d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */
+         FF (c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */
+         FF (b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */
+         FF (a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */
+         FF (d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */
+         FF (c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */
+         FF (b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */
+         FF (a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */
+         FF (d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */
+         FF (c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */
+         FF (b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */
+         FF (a, b, c, d, x[12], S11, 0x6b901122); /* 13 */
+         FF (d, a, b, c, x[13], S12, 0xfd987193); /* 14 */
+         FF (c, d, a, b, x[14], S13, 0xa679438e); /* 15 */
+         FF (b, c, d, a, x[15], S14, 0x49b40821); /* 16 */
+        /* Round 2 */
+         GG (a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */
+         GG (d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */
+         GG (c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */
+         GG (b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */
+         GG (a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */
+         GG (d, a, b, c, x[10], S22,  0x2441453); /* 22 */
+         GG (c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */
+         GG (b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */
+         GG (a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */
+         GG (d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */
+         GG (c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */
+         GG (b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */ 
+         GG (a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */ 
+         GG (d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */ 
+         GG (c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */ 
+         GG (b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */ 
+         /* Round 3 */
+         HH (a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */
+         HH (d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */
+         HH (c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */
+         HH (b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */
+         HH (a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */
+         HH (d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */
+         HH (c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */
+         HH (b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */
+         HH (a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */
+         HH (d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */
+         HH (c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */
+         HH (b, c, d, a, x[ 6], S34,  0x4881d05); /* 44 */
+         HH (a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */
+         HH (d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */
+         HH (c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */
+         HH (b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */
+         /* Round 4 */
+         II (a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */
+         II (d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */
+         II (c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */
+         II (b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */
+         II (a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */
+         II (d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */
+         II (c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */
+         II (b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */
+         II (a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */
+         II (d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */
+         II (c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */
+         II (b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */
+         II (a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */
+         II (d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */
+         II (c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */
+         II (b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */
+       state[0] += a; 
+       state[1] += b; 
+       state[2] += c; 
+       state[3] += d; 
+         /* Zeroize sensitive information.
+         */
+       MD5_memset ((POINTER)x, 0, sizeof (x)); 
+}
+/* Encodes input (UINT4) into output (unsigned char). Assumes len is
+       a multiple of 4. 
+        */
+static void Encode (output, input, len)
+unsigned char *output;
+UINT4 *input;
+unsigned int len;
+{
+       unsigned int i, j; 
+       for (i = 0, j = 0; j < len; i++, j += 4) { 
+       output[j] = (unsigned char)(input[i] & 0xff); 
+       output[j+1] = (unsigned char)((input[i] >> 8) & 0xff); 
+       output[j+2] = (unsigned char)((input[i] >> 16) & 0xff); 
+       output[j+3] = (unsigned char)((input[i] >> 24) & 0xff); 
+       } 
+}
+/* Decodes input (unsigned char) into output (UINT4). Assumes len is
+       a multiple of 4. 
+        */
+static void Decode (output, input, len)
+UINT4 *output;
+unsigned char *input;
+unsigned int len;
+{
+       unsigned int i, j; 
+       for (i = 0, j = 0; j < len; i++, j += 4) 
+       output[i] = ((UINT4)input[j]) | (((UINT4)input[j+1]) << 8) | (((UINT4)input[j+2]) << 16)
+       | (((UINT4)input[j+3]) << 24); 
+}
+/* Note: Replace "for loop" with standard memcpy if possible.
+        */
+static void MD5_memcpy (output, input, len)
+POINTER output;
+POINTER input;
+unsigned int len;
+{
+       unsigned int i; 
+       for (i = 0; i < len; i++) 
+              output[i] = input[i]; 
+}
+/* Note: Replace "for loop" with standard memset if possible.
+*/
+static void MD5_memset (output, value, len)
+POINTER output;
+int value;
+unsigned int len;
+{
+       unsigned int i; 
+       for (i = 0; i < len; i++) 
+       ((char *)output)[i] = (char)value; 
+}
+void hmac_md5_init(HMAC_MD5_CTX *hmac,
+                   const unsigned char *key,
+                   int key_len)
+{
+  unsigned char k_ipad[65];    /* inner padding -
+                                * key XORd with ipad
+                                */
+  unsigned char k_opad[65];    /* outer padding -
+                                * key XORd with opad
+                                */
+  unsigned char tk[16];
+  int i;
+  /* if key is longer than 64 bytes reset it to key=MD5(key) */
+  if (key_len > 64) {
+    
+    MD5_CTX      tctx;
+    MD5Init(&tctx); 
+    MD5Update(&tctx, key, key_len); 
+    MD5Final(tk, &tctx); 
+    key = tk; 
+    key_len = 16; 
+  } 
+  /*
+   * the HMAC_MD5 transform looks like:
+   *
+   * MD5(K XOR opad, MD5(K XOR ipad, text))
+   *
+   * where K is an n byte key
+   * ipad is the byte 0x36 repeated 64 times
+   * opad is the byte 0x5c repeated 64 times
+   * and text is the data being protected
+   */
+  /* start out by storing key in pads */
+  MD5_memset(k_ipad, '\0', sizeof k_ipad);
+  MD5_memset(k_opad, '\0', sizeof k_opad);
+  MD5_memcpy( k_ipad, key, key_len);
+  MD5_memcpy( k_opad, key, key_len);
+  /* XOR key with ipad and opad values */
+  for (i=0; i<64; i++) {
+    k_ipad[i] ^= 0x36;
+    k_opad[i] ^= 0x5c;
+  }
+  MD5Init(&hmac->ictx);                   /* init inner context */
+  MD5Update(&hmac->ictx, k_ipad, 64);     /* apply inner pad */
+  MD5Init(&hmac->octx);                   /* init outer context */
+  MD5Update(&hmac->octx, k_opad, 64);     /* apply outer pad */
+  /* scrub the pads and key context (if used) */
+  MD5_memset(&k_ipad, 0, sizeof(k_ipad));
+  MD5_memset(&k_opad, 0, sizeof(k_opad));
+  MD5_memset(&tk, 0, sizeof(tk));
+  /* and we're done. */
+}
+/* The precalc and import routines here rely on the fact that we pad
+ * the key out to 64 bytes and use that to initialize the md5
+ * contexts, and that updating an md5 context with 64 bytes of data
+ * leaves nothing left over; all of the interesting state is contained
+ * in the state field, and none of it is left over in the count and
+ * buffer fields.  So all we have to do is save the state field; we
+ * can zero the others when we reload it.  Which is why the decision
+ * was made to pad the key out to 64 bytes in the first place. */
+void hmac_md5_precalc(HMAC_MD5_STATE *state,
+                      const unsigned char *key,
+                      int key_len)
+{
+  HMAC_MD5_CTX hmac;
+  unsigned lupe;
+  hmac_md5_init(&hmac, key, key_len);
+  for (lupe = 0; lupe < 4; lupe++) {
+    state->istate[lupe] = htonl(hmac.ictx.state[lupe]);
+    state->ostate[lupe] = htonl(hmac.octx.state[lupe]);
+  }
+  MD5_memset(&hmac, 0, sizeof(hmac));
+}
+void hmac_md5_import(HMAC_MD5_CTX *hmac,
+                     HMAC_MD5_STATE *state)
+{
+  unsigned lupe;
+  MD5_memset(hmac, 0, sizeof(HMAC_MD5_CTX));
+  for (lupe = 0; lupe < 4; lupe++) {
+    hmac->ictx.state[lupe] = ntohl(state->istate[lupe]);
+    hmac->octx.state[lupe] = ntohl(state->ostate[lupe]);
+  }
+  /* Init the counts to account for our having applied
+   * 64 bytes of key; this works out to 0x200 (64 << 3; see
+   * MD5Update above...) */
+  hmac->ictx.count[0] = hmac->octx.count[0] = 0x200;
+}
+void hmac_md5_final(unsigned char digest[HMAC_MD5_SIZE],
+                    HMAC_MD5_CTX *hmac)
+{
+  MD5Final(digest, &hmac->ictx);  /* Finalize inner md5 */
+  MD5Update(&hmac->octx, digest, 16); /* Update outer ctx */
+  MD5Final(digest, &hmac->octx); /* Finalize outer md5 */
+}
+void hmac_md5(text, text_len, key, key_len, digest)
+const unsigned char* text; /* pointer to data stream */
+int text_len; /* length of data stream */
+const unsigned char* key; /* pointer to authentication key */
+int key_len; /* length of authentication key */
+unsigned char *digest; /* caller digest to be filled in */
+{
+  MD5_CTX context; 
+  unsigned char k_ipad[65];    /* inner padding -
+                                * key XORd with ipad
+                                */
+  unsigned char k_opad[65];    /* outer padding -
+                                * key XORd with opad
+                                */
+  unsigned char tk[16];
+  int i;
+  /* if key is longer than 64 bytes reset it to key=MD5(key) */
+  if (key_len > 64) {
+    
+    MD5_CTX      tctx;
+    MD5Init(&tctx); 
+    MD5Update(&tctx, key, key_len); 
+    MD5Final(tk, &tctx); 
+    key = tk; 
+    key_len = 16; 
+  } 
+  /*
+   * the HMAC_MD5 transform looks like:
+   *
+   * MD5(K XOR opad, MD5(K XOR ipad, text))
+   *
+   * where K is an n byte key
+   * ipad is the byte 0x36 repeated 64 times
+   * opad is the byte 0x5c repeated 64 times
+   * and text is the data being protected
+   */
+  /* start out by storing key in pads */
+  MD5_memset(k_ipad, '\0', sizeof k_ipad);
+  MD5_memset(k_opad, '\0', sizeof k_opad);
+  MD5_memcpy( k_ipad, key, key_len);
+  MD5_memcpy( k_opad, key, key_len);
+  /* XOR key with ipad and opad values */
+  for (i=0; i<64; i++) {
+    k_ipad[i] ^= 0x36;
+    k_opad[i] ^= 0x5c;
+  }
+  /*
+   * perform inner MD5
+   */
+  MD5Init(&context);                   /* init context for 1st
+                                               * pass */
+  MD5Update(&context, k_ipad, 64);      /* start with inner pad */
+  MD5Update(&context, text, text_len); /* then text of datagram */
+  MD5Final(digest, &context);          /* finish up 1st pass */
+  /*
+   * perform outer MD5
+   */
+  MD5Init(&context);                   /* init context for 2nd
+                                        * pass */
+  MD5Update(&context, k_opad, 64);     /* start with outer pad */
+  MD5Update(&context, digest, 16);     /* then results of 1st
+                                        * hash */
+  MD5Final(digest, &context);          /* finish up 2nd pass */
+}

diff --git a/libetpan/src/data-types/md5.c b/libetpan/src/data-types/md5.c new file mode 100644 index 0000000..3c46b5e --- a/dev/null +++ b/libetpan/src/data-types/md5.c
@@ -0,0 +1,570 @@
	1	/*
	2	* libEtPan! -- a mail stuff library
	3	*
	4	* Copyright (C) 2001, 2005 - DINH Viet Hoa
	5	* All rights reserved.
	6	*
	7	* Redistribution and use in source and binary forms, with or without
	8	* modification, are permitted provided that the following conditions
	9	* are met:
	10	* 1. Redistributions of source code must retain the above copyright
	11	* notice, this list of conditions and the following disclaimer.
	12	* 2. Redistributions in binary form must reproduce the above copyright
	13	* notice, this list of conditions and the following disclaimer in the
	14	* documentation and/or other materials provided with the distribution.
	15	* 3. Neither the name of the libEtPan! project nor the names of its
	16	* contributors may be used to endorse or promote products derived
	17	* from this software without specific prior written permission.
	18	*
	19	* THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
	20	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	21	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	22	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
	23	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	24	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	25	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	26	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	27	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	28	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	29	* SUCH DAMAGE.
	30	*/
	31
	32	/*
	33	* $Id$
	34	*/
	35
	36	/* MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm
	37	*/
	38
	39	/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
	40	rights reserved.
	41
	42	License to copy and use this software is granted provided that it
	43	is identified as the "RSA Data Security, Inc. MD5 Message-Digest
	44	Algorithm" in all material mentioning or referencing this software
	45	or this function.
	46
	47	License is also granted to make and use derivative works provided
	48	that such works are identified as "derived from the RSA Data
	49	Security, Inc. MD5 Message-Digest Algorithm" in all material
	50	mentioning or referencing the derived work.
	51
	52	RSA Data Security, Inc. makes no representations concerning either
	53	the merchantability of this software or the suitability of this
	54	software for any particular purpose. It is provided "as is"
	55	without express or implied warranty of any kind.
	56
	57	These notices must be retained in any copies of any part of this
	58	documentation and/or software.
	59	*/
	60
	61	/* do i need all of this just for htonl()? damn. */
	62	#include <sys/types.h>
	63	#include <sys/param.h>
	64	#include <sys/socket.h>
	65	#include <netinet/in.h>
	66
	67	#include "md5global.h"
	68	#include "md5.h"
	69	#include "hmac-md5.h"
	70
	71	/* Constants for MD5Transform routine.
	72	*/
	73
	74	#define S11 7
	75	#define S12 12
	76	#define S13 17
	77	#define S14 22
	78	#define S21 5
	79	#define S22 9
	80	#define S23 14
	81	#define S24 20
	82	#define S31 4
	83	#define S32 11
	84	#define S33 16
	85	#define S34 23
	86	#define S41 6
	87	#define S42 10
	88	#define S43 15
	89	#define S44 21
	90
	91	static void MD5Transform PROTO_LIST ((UINT4 [4], unsigned char [64]));
	92	static void Encode PROTO_LIST
	93	((unsigned char , UINT4 , unsigned int));
	94	static void Decode PROTO_LIST
	95	((UINT4 , unsigned char , unsigned int));
	96	static void MD5_memcpy PROTO_LIST ((POINTER, POINTER, unsigned int));
	97	static void MD5_memset PROTO_LIST ((POINTER, int, unsigned int));
	98
	99	static unsigned char PADDING[64] = {
	100	0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
	101	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
	102	};
	103
	104	/* F, G, H and I are basic MD5 functions.
	105
	106	*/
	107	#ifdef I
	108	/* This might be defined via NANA */
	109	#undef I
	110	#endif
	111
	112	#define F(x, y, z) (((x) & (y)) \| ((~x) & (z)))
	113	#define G(x, y, z) (((x) & (z)) \| ((y) & (~z)))
	114	#define H(x, y, z) ((x) ^ (y) ^ (z))
	115	#define I(x, y, z) ((y) ^ ((x) \| (~z)))
	116
	117	/* ROTATE_LEFT rotates x left n bits.
	118
	119	*/
	120
	121	#define ROTATE_LEFT(x, n) (((x) << (n)) \| ((x) >> (32-(n))))
	122
	123	/* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4.
	124	Rotation is separate from addition to prevent recomputation.
	125	*/
	126
	127	#define FF(a, b, c, d, x, s, ac) { (a) += F ((b), (c), (d)) + (x) + (UINT4)(ac); (a) = ROTATE_LEFT ((a), (s)); (a) += (b); }
	128	#define GG(a, b, c, d, x, s, ac) { (a) += G ((b), (c), (d)) + (x) + (UINT4)(ac); (a) = ROTATE_LEFT ((a), (s)); (a) += (b); }
	129	#define HH(a, b, c, d, x, s, ac) { (a) += H ((b), (c), (d)) + (x) + (UINT4)(ac); (a) = ROTATE_LEFT ((a), (s)); (a) += (b); }
	130	#define II(a, b, c, d, x, s, ac) { (a) += I ((b), (c), (d)) + (x) + (UINT4)(ac); (a) = ROTATE_LEFT ((a), (s)); (a) += (b); }
	131
	132	/* MD5 initialization. Begins an MD5 operation, writing a new context.
	133	*/
	134
	135	void MD5Init (context)
	136	MD5_CTX context; / context */
	137	{
	138	context->count[0] = context->count[1] = 0;
	139
	140	/* Load magic initialization constants.
	141
	142	*/
	143	context->state[0] = 0x67452301;
	144	context->state[1] = 0xefcdab89;
	145	context->state[2] = 0x98badcfe;
	146	context->state[3] = 0x10325476;
	147	}
	148
	149	/* MD5 block update operation. Continues an MD5 message-digest
	150	operation, processing another message block, and updating the context.
	151	*/
	152
	153	void MD5Update (context, input, inputLen)
	154	MD5_CTX context; / context */
	155	unsigned char input; / input block */
	156	unsigned int inputLen; /* length of input block */
	157	{
	158	unsigned int i, index, partLen;
	159
	160	/* Compute number of bytes mod 64 */
	161	index = (unsigned int)((context->count[0] >> 3) & 0x3F);
	162
	163	/* Update number of bits */
	164	if ((context->count[0] += ((UINT4)inputLen << 3))
	165	< ((UINT4)inputLen << 3))
	166	context->count[1]++;
	167	context->count[1] += ((UINT4)inputLen >> 29);
	168
	169	partLen = 64 - index;
	170
	171	/* Transform as many times as possible.
	172
	173	*/
	174	if (inputLen >= partLen) {
	175	MD5_memcpy
	176	((POINTER)&context->buffer[index], (POINTER)input, partLen); MD5Transform
	177	(context->state, context->buffer);
	178
	179	for (i = partLen; i + 63 < inputLen; i += 64)
	180	MD5Transform (context->state, &input[i]);
	181
	182	index = 0;
	183	}
	184	else
	185	i = 0;
	186
	187	/* Buffer remaining input */
	188	MD5_memcpy
	189	((POINTER)&context->buffer[index], (POINTER)&input[i],
	190	inputLen-i);
	191
	192	}
	193
	194	/* MD5 finalization. Ends an MD5 message-digest operation, writing the
	195	the message digest and zeroizing the context.
	196
	197	*/
	198
	199	void MD5Final (digest, context)
	200	unsigned char digest[16]; /* message digest */
	201	MD5_CTX context; / context */
	202	{
	203	unsigned char bits[8];
	204	unsigned int index, padLen;
	205
	206	/* Save number of bits */
	207	Encode (bits, context->count, 8);
	208
	209	/* Pad out to 56 mod 64.
	210
	211	*/
	212	index = (unsigned int)((context->count[0] >> 3) & 0x3f);
	213	padLen = (index < 56) ? (56 - index) : (120 - index);
	214	MD5Update (context, PADDING, padLen);
	215
	216	/* Append length (before padding) */
	217	MD5Update (context, bits, 8);
	218
	219	/* Store state in digest */
	220	Encode (digest, context->state, 16);
	221
	222	/* Zeroize sensitive information.
	223
	224	*/
	225	MD5_memset ((POINTER)context, 0, sizeof (*context));
	226	}
	227
	228	/* MD5 basic transformation. Transforms state based on block.
	229
	230	*/
	231
	232	static void MD5Transform (state, block)
	233	UINT4 state[4];
	234	unsigned char block[64];
	235	{
	236	UINT4 a = state[0], b = state[1], c = state[2], d = state[3], x[16];
	237
	238	Decode (x, block, 64);
	239
	240	/* Round 1 */
	241	FF (a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */
	242	FF (d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */
	243	FF (c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */
	244	FF (b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */
	245	FF (a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */
	246	FF (d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */
	247	FF (c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */
	248	FF (b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */
	249	FF (a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */
	250	FF (d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */
	251	FF (c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */
	252	FF (b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */
	253	FF (a, b, c, d, x[12], S11, 0x6b901122); /* 13 */
	254	FF (d, a, b, c, x[13], S12, 0xfd987193); /* 14 */
	255	FF (c, d, a, b, x[14], S13, 0xa679438e); /* 15 */
	256	FF (b, c, d, a, x[15], S14, 0x49b40821); /* 16 */
	257
	258	/* Round 2 */
	259	GG (a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */
	260	GG (d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */
	261	GG (c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */
	262	GG (b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */
	263	GG (a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */
	264	GG (d, a, b, c, x[10], S22, 0x2441453); /* 22 */
	265	GG (c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */
	266	GG (b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */
	267	GG (a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */
	268	GG (d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */
	269	GG (c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */
	270	GG (b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */
	271	GG (a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */
	272	GG (d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */
	273	GG (c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */
	274	GG (b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */
	275
	276	/* Round 3 */
	277	HH (a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */
	278	HH (d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */
	279	HH (c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */
	280	HH (b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */
	281	HH (a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */
	282	HH (d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */
	283	HH (c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */
	284	HH (b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */
	285	HH (a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */
	286	HH (d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */
	287	HH (c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */
	288	HH (b, c, d, a, x[ 6], S34, 0x4881d05); /* 44 */
	289	HH (a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */
	290	HH (d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */
	291	HH (c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */
	292	HH (b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */
	293
	294	/* Round 4 */
	295	II (a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */
	296	II (d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */
	297	II (c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */
	298	II (b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */
	299	II (a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */
	300	II (d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */
	301	II (c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */
	302	II (b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */
	303	II (a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */
	304	II (d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */
	305	II (c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */
	306	II (b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */
	307	II (a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */
	308	II (d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */
	309	II (c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */
	310	II (b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */
	311
	312	state[0] += a;
	313	state[1] += b;
	314	state[2] += c;
	315	state[3] += d;
	316
	317	/* Zeroize sensitive information.
	318	*/
	319	MD5_memset ((POINTER)x, 0, sizeof (x));
	320	}
	321
	322	/* Encodes input (UINT4) into output (unsigned char). Assumes len is
	323	a multiple of 4.
	324
	325	*/
	326
	327	static void Encode (output, input, len)
	328	unsigned char *output;
	329	UINT4 *input;
	330	unsigned int len;
	331	{
	332	unsigned int i, j;
	333
	334	for (i = 0, j = 0; j < len; i++, j += 4) {
	335	output[j] = (unsigned char)(input[i] & 0xff);
	336	output[j+1] = (unsigned char)((input[i] >> 8) & 0xff);
	337	output[j+2] = (unsigned char)((input[i] >> 16) & 0xff);
	338	output[j+3] = (unsigned char)((input[i] >> 24) & 0xff);
	339	}
	340	}
	341
	342	/* Decodes input (unsigned char) into output (UINT4). Assumes len is
	343	a multiple of 4.
	344
	345	*/
	346
	347	static void Decode (output, input, len)
	348	UINT4 *output;
	349	unsigned char *input;
	350	unsigned int len;
	351	{
	352	unsigned int i, j;
	353
	354	for (i = 0, j = 0; j < len; i++, j += 4)
	355	output[i] = ((UINT4)input[j]) \| (((UINT4)input[j+1]) << 8) \| (((UINT4)input[j+2]) << 16)
	356	\| (((UINT4)input[j+3]) << 24);
	357	}
	358
	359	/* Note: Replace "for loop" with standard memcpy if possible.
	360
	361	*/
	362
	363	static void MD5_memcpy (output, input, len)
	364	POINTER output;
	365	POINTER input;
	366	unsigned int len;
	367	{
	368	unsigned int i;
	369
	370	for (i = 0; i < len; i++)
	371	output[i] = input[i];
	372	}
	373
	374	/* Note: Replace "for loop" with standard memset if possible.
	375	*/
	376
	377	static void MD5_memset (output, value, len)
	378	POINTER output;
	379	int value;
	380	unsigned int len;
	381	{
	382	unsigned int i;
	383
	384	for (i = 0; i < len; i++)
	385	((char *)output)[i] = (char)value;
	386	}
	387
	388	void hmac_md5_init(HMAC_MD5_CTX *hmac,
	389	const unsigned char *key,
	390	int key_len)
	391	{
	392	unsigned char k_ipad[65]; /* inner padding -
	393	* key XORd with ipad
	394	*/
	395	unsigned char k_opad[65]; /* outer padding -
	396	* key XORd with opad
	397	*/
	398	unsigned char tk[16];
	399	int i;
	400	/* if key is longer than 64 bytes reset it to key=MD5(key) */
	401	if (key_len > 64) {
	402
	403	MD5_CTX tctx;
	404
	405	MD5Init(&tctx);
	406	MD5Update(&tctx, key, key_len);
	407	MD5Final(tk, &tctx);
	408
	409	key = tk;
	410	key_len = 16;
	411	}
	412
	413	/*
	414	* the HMAC_MD5 transform looks like:
	415	*
	416	* MD5(K XOR opad, MD5(K XOR ipad, text))
	417	*
	418	* where K is an n byte key
	419	* ipad is the byte 0x36 repeated 64 times
	420	* opad is the byte 0x5c repeated 64 times
	421	* and text is the data being protected
	422	*/
	423
	424	/* start out by storing key in pads */
	425	MD5_memset(k_ipad, '\0', sizeof k_ipad);
	426	MD5_memset(k_opad, '\0', sizeof k_opad);
	427	MD5_memcpy( k_ipad, key, key_len);
	428	MD5_memcpy( k_opad, key, key_len);
	429
	430	/* XOR key with ipad and opad values */
	431	for (i=0; i<64; i++) {
	432	k_ipad[i] ^= 0x36;
	433	k_opad[i] ^= 0x5c;
	434	}
	435
	436	MD5Init(&hmac->ictx); /* init inner context */
	437	MD5Update(&hmac->ictx, k_ipad, 64); /* apply inner pad */
	438
	439	MD5Init(&hmac->octx); /* init outer context */
	440	MD5Update(&hmac->octx, k_opad, 64); /* apply outer pad */
	441
	442	/* scrub the pads and key context (if used) */
	443	MD5_memset(&k_ipad, 0, sizeof(k_ipad));
	444	MD5_memset(&k_opad, 0, sizeof(k_opad));
	445	MD5_memset(&tk, 0, sizeof(tk));
	446
	447	/* and we're done. */
	448	}
	449
	450	/* The precalc and import routines here rely on the fact that we pad
	451	* the key out to 64 bytes and use that to initialize the md5
	452	* contexts, and that updating an md5 context with 64 bytes of data
	453	* leaves nothing left over; all of the interesting state is contained
	454	* in the state field, and none of it is left over in the count and
	455	* buffer fields. So all we have to do is save the state field; we
	456	* can zero the others when we reload it. Which is why the decision
	457	* was made to pad the key out to 64 bytes in the first place. */
	458	void hmac_md5_precalc(HMAC_MD5_STATE *state,
	459	const unsigned char *key,
	460	int key_len)
	461	{
	462	HMAC_MD5_CTX hmac;
	463	unsigned lupe;
	464
	465	hmac_md5_init(&hmac, key, key_len);
	466	for (lupe = 0; lupe < 4; lupe++) {
	467	state->istate[lupe] = htonl(hmac.ictx.state[lupe]);
	468	state->ostate[lupe] = htonl(hmac.octx.state[lupe]);
	469	}
	470	MD5_memset(&hmac, 0, sizeof(hmac));
	471	}
	472
	473
	474	void hmac_md5_import(HMAC_MD5_CTX *hmac,
	475	HMAC_MD5_STATE *state)
	476	{
	477	unsigned lupe;
	478	MD5_memset(hmac, 0, sizeof(HMAC_MD5_CTX));
	479	for (lupe = 0; lupe < 4; lupe++) {
	480	hmac->ictx.state[lupe] = ntohl(state->istate[lupe]);
	481	hmac->octx.state[lupe] = ntohl(state->ostate[lupe]);
	482	}
	483	/* Init the counts to account for our having applied
	484	* 64 bytes of key; this works out to 0x200 (64 << 3; see
	485	* MD5Update above...) */
	486	hmac->ictx.count[0] = hmac->octx.count[0] = 0x200;
	487	}
	488
	489	void hmac_md5_final(unsigned char digest[HMAC_MD5_SIZE],
	490	HMAC_MD5_CTX *hmac)
	491	{
	492	MD5Final(digest, &hmac->ictx); /* Finalize inner md5 */
	493	MD5Update(&hmac->octx, digest, 16); /* Update outer ctx */
	494	MD5Final(digest, &hmac->octx); /* Finalize outer md5 */
	495	}
	496
	497
	498	void hmac_md5(text, text_len, key, key_len, digest)
	499	const unsigned char* text; /* pointer to data stream */
	500	int text_len; /* length of data stream */
	501	const unsigned char* key; /* pointer to authentication key */
	502	int key_len; /* length of authentication key */
	503	unsigned char digest; / caller digest to be filled in */
	504	{
	505	MD5_CTX context;
	506
	507	unsigned char k_ipad[65]; /* inner padding -
	508	* key XORd with ipad
	509	*/
	510	unsigned char k_opad[65]; /* outer padding -
	511	* key XORd with opad
	512	*/
	513	unsigned char tk[16];
	514	int i;
	515	/* if key is longer than 64 bytes reset it to key=MD5(key) */
	516	if (key_len > 64) {
	517
	518	MD5_CTX tctx;
	519
	520	MD5Init(&tctx);
	521	MD5Update(&tctx, key, key_len);
	522	MD5Final(tk, &tctx);
	523
	524	key = tk;
	525	key_len = 16;
	526	}
	527
	528	/*
	529	* the HMAC_MD5 transform looks like:
	530	*
	531	* MD5(K XOR opad, MD5(K XOR ipad, text))
	532	*
	533	* where K is an n byte key
	534	* ipad is the byte 0x36 repeated 64 times
	535	* opad is the byte 0x5c repeated 64 times
	536	* and text is the data being protected
	537	*/
	538
	539	/* start out by storing key in pads */
	540	MD5_memset(k_ipad, '\0', sizeof k_ipad);
	541	MD5_memset(k_opad, '\0', sizeof k_opad);
	542	MD5_memcpy( k_ipad, key, key_len);
	543	MD5_memcpy( k_opad, key, key_len);
	544
	545	/* XOR key with ipad and opad values */
	546	for (i=0; i<64; i++) {
	547	k_ipad[i] ^= 0x36;
	548	k_opad[i] ^= 0x5c;
	549	}
	550	/*
	551	* perform inner MD5
	552	*/
	553
	554	MD5Init(&context); /* init context for 1st
	555	* pass */
	556	MD5Update(&context, k_ipad, 64); /* start with inner pad */
	557	MD5Update(&context, text, text_len); /* then text of datagram */
	558	MD5Final(digest, &context); /* finish up 1st pass */
	559
	560	/*
	561	* perform outer MD5
	562	*/
	563	MD5Init(&context); /* init context for 2nd
	564	* pass */
	565	MD5Update(&context, k_opad, 64); /* start with outer pad */
	566	MD5Update(&context, digest, 16); /* then results of 1st
	567	* hash */
	568	MD5Final(digest, &context); /* finish up 2nd pass */
	569
	570	}