1MD5(3bsd)                            LOCAL                           MD5(3bsd)
2

NAME

4     MD5Init, MD5Update, MD5Pad, MD5Final, MD5Transform, MD5End, MD5File,
5     MD5FileChunk, MD5Data — calculate the RSA Data Security, Inc., ``MD5''
6     message digest
7

LIBRARY

9     Utility functions from BSD systems (libbsd, -lbsd)
10

SYNOPSIS

12     #include <sys/types.h>
13     #include <md5.h>
14     (See libbsd(7) for include usage.)
15
16     void
17     MD5Init(MD5_CTX *context);
18
19     void
20     MD5Update(MD5_CTX *context, const uint8_t *data, size_t len);
21
22     void
23     MD5Pad(MD5_CTX *context);
24
25     void
26     MD5Final(uint8_t digest[MD5_DIGEST_LENGTH], MD5_CTX *context);
27
28     void
29     MD5Transform(uint32_t state[4], uint8_t block[MD5_BLOCK_LENGTH]);
30
31     char *
32     MD5End(MD5_CTX *context, char *buf);
33
34     char *
35     MD5File(const char *filename, char *buf);
36
37     char *
38     MD5FileChunk(const char *filename, char *buf, off_t offset,
39         off_t length);
40
41     char *
42     MD5Data(const uint8_t *data, size_t len, char *buf);
43

DESCRIPTION

45     The MD5 functions calculate a 128-bit cryptographic checksum (digest) for
46     any number of input bytes.  A cryptographic checksum is a one-way hash-
47     function, that is, you cannot find (except by exhaustive search) the
48     input corresponding to a particular output.  This net result is a
49     “fingerprint” of the input-data, which doesn't disclose the actual input.
50
51     MD4 has been broken; it should only be used where necessary for backward
52     compatibility.  MD5 has not yet (1999-02-11) been broken, but recent
53     attacks have cast some doubt on its security properties.  The attacks on
54     both MD4 and MD5 are both in the nature of finding “collisions” - that
55     is, multiple inputs which hash to the same value; it is still unlikely
56     for an attacker to be able to determine the exact original input given a
57     hash value.
58
59     The MD5Init(), MD5Update(), and MD5Final() functions are the core func‐
60     tions.  Allocate an MD5_CTX, initialize it with MD5Init(), run over the
61     data with MD5Update(), and finally extract the result using MD5Final().
62
63     The MD5Pad() function can be used to apply padding to the message digest
64     as in MD5Final(), but the current context can still be used with
65     MD5Update().
66
67     The MD5Transform() function is used by MD5Update() to hash 512-bit blocks
68     and forms the core of the algorithm.  Most programs should use the inter‐
69     face provided by MD5Init(), MD5Update() and MD5Final() instead of calling
70     MD5Transform() directly.
71
72     MD5End() is a wrapper for MD5Final() which converts the return value to
73     an MD5_DIGEST_STRING_LENGTH-character (including the terminating '\0')
74     ASCII string which represents the 128 bits in hexadecimal.
75
76     MD5File() calculates the digest of a file, and uses MD5End() to return
77     the result.  If the file cannot be opened, a null pointer is returned.
78
79     MD5FileChunk() behaves like MD5File() but calculates the digest only for
80     that portion of the file starting at offset and continuing for length
81     bytes or until end of file is reached, whichever comes first.  A zero
82     length can be specified to read until end of file.  A negative length or
83     offset will be ignored.  MD5Data() calculates the digest of a chunk of
84     data in memory, and uses MD5End() to return the result.
85
86     When using MD5End(), MD5File(), MD5FileChunk(), or MD5Data(), the buf
87     argument can be a null pointer, in which case the returned string is
88     allocated with malloc(3) and subsequently must be explicitly deallocated
89     using free(3) after use.  If the buf argument is non-null it must point
90     to at least MD5_DIGEST_STRING_LENGTH characters of buffer space.
91

SEE ALSO

93     cksum(1), md5(1), adler32(3), md4(3), rmd160(3), sfv(3), sha1(3),
94     sha2(3), suma(3), tiger(3), whirlpool(3)
95
96     R. Rivest, The MD4 Message-Digest Algorithm, RFC 1186.
97
98     R. Rivest, The MD5 Message-Digest Algorithm, RFC 1321.
99
100     RSA Laboratories, Frequently Asked Questions About today's Cryptography,
101     <http://www.rsa.com/rsalabs/faq/>.
102
103     H. Dobbertin, "Alf Swindles Ann", CryptoBytes, 1(3):5, 1995.
104
105     MJ. B. Robshaw, "On Recent Results for MD4 and MD5", RSA Laboratories
106     Bulletin, 4, November 12, 1996.
107
108     Hans Dobbertin, Cryptanalysis of MD5 Compress.
109

HISTORY

111     These functions appeared in OpenBSD 2.0.
112

AUTHORS

114     The original MD5 routines were developed by RSA Data Security, Inc., and
115     published in the above references.  This code is derived from a public
116     domain implementation written by Colin Plumb.
117
118     The MD5End(), MD5File(), MD5FileChunk(), and MD5Data() helper functions
119     are derived from code written by Poul-Henning Kamp.
120

BUGS

122     Collisions have been found for the full versions of both MD4 and MD5 as
123     well as strong attacks against the SHA-0 and SHA-1 family.  The use of
124     sha2(3), or rmd160(3) is recommended instead.
125
126BSD                             April 29, 2004                             BSD
Impressum