MD5Init, MD5Update, MD5Pad, MD5Final, MD5Transform, MD5End,
MD5FileChunk, MD5Data - calculate the RSA Data Security,
MD5Update(MD5_CTX *context, const u_int8_t *data, size_t
MD5Final(u_int8_t digest[MD5_DIGEST_LENGTH], MD5_CTX
MD5Transform(u_int32_t state, u_int8_t
MD5End(MD5_CTX *context, char *buf);
MD5File(const char *filename, char *buf);
MD5FileChunk(const char *filename, char *buf, off_t offset,
MD5Data(const u_int8_t *data, size_t len, char *buf);
The MD5 functions calculate a 128-bit cryptographic checksum
any number of input bytes. A cryptographic checksum is a
that is, you cannot find (except by exhaustive
search) the input
corresponding to a particular output. This net result
``fingerprint'' of the input-data, which doesn't disclose
the actual input.
MD4 has been broken; it should only be used where necessary
compatibility. MD5 has not yet (1999-02-11) been broken,
but recent attacks
have cast some doubt on its security properties. The
both MD4 and MD5 are both in the nature of finding ``collisions'' - that
is, multiple inputs which hash to the same value; it is
for an attacker to be able to determine the exact original
input given a
The MD5Init(), MD5Update(), and MD5Final() functions are the
Allocate an MD5_CTX, initialize it with MD5Init(),
run over the
data with MD5Update(), and finally extract the result using
The MD5Pad() function can be used to apply padding to the
as in MD5Final(), but the current context can still be used
The MD5Transform() function is used by MD5Update() to hash
and forms the core of the algorithm. Most programs should
use the interface
provided by MD5Init(), MD5Update() and MD5Final() instead of calling
MD5End() is a wrapper for MD5Final() which converts the return value to
an MD5_DIGEST_STRING_LENGTH-character (including the terminating ' ')
ASCII string which represents the 128 bits in hexadecimal.
MD5File() calculates the digest of a file, and uses MD5End()
the result. If the file cannot be opened, a null pointer is
MD5FileChunk() behaves like MD5File() but calculates the digest only for
that portion of the file starting at offset and continuing
bytes or until end of file is reached, whichever comes
first. A zero
length can be specified to read until end of file. A negative length or
offset will be ignored. MD5Data() calculates the digest of
a chunk of
data in memory, and uses MD5End() to return the result.
When using MD5End(), MD5File(), MD5FileChunk(), or
MD5Data(), the buf argument
can be a null pointer, in which case the returned
string is allocated
with malloc(3) and subsequently must be explicitly
free(3) after use. If the buf argument is non-null it
must point to
at least MD5_DIGEST_STRING_LENGTH characters of buffer
cksum(1), md5(1), md4(3), rmd160(3), sha1(3), sha2(3)
R. Rivest, The MD4 Message-Digest Algorithm, RFC 1186.
R. Rivest, The MD5 Message-Digest Algorithm, RFC 1321.
RSA Laboratories, Frequently Asked Questions About today's
H. Dobbertin, "Alf Swindles Ann", CryptoBytes, 1(3):5, 1995.
MJ. B. Robshaw, "On Recent Results for MD4 and MD5", RSA
Bulletin, 4, November 12, 1996.
Hans Dobbertin, Cryptanalysis of MD5 Compress.
These functions appeared in OpenBSD 2.0.
The original MD5 routines were developed by RSA Data Security, Inc., and
published in the above references. This code is derived
from a public
domain implementation written by Colin Plumb.
The MD5End(), MD5File(), MD5FileChunk(), and MD5Data()
are derived from code written by Poul-Henning Kamp.
Collisions have been found for the full versions of both MD4
The use of sha1(3), sha2(3), or rmd160(3) is recommended instead.
OpenBSD 3.6 April 29, 2004
[ Back ]