MD5(3)                    OpenBSD Programmer's Manual                   MD5(3)

NAME
     MD5Init, MD5Update, MD5Final, MD5End, MD5File, MD5Data - calculate the
     RSA Data Security, Inc., ``MD5'' message digest



SYNOPSIS
     #include <sys/types.h>
     #include <md5.h>

     void
     MD5Init(MD5_CTX *context);

     void
     MD5Update(MD5_CTX *context, const unsigned char *data, unsigned int len);

     void
     MD5Final(unsigned char digest[16], MD5_CTX *context);

     char *
     MD5End(MD5_CTX *context, char *buf);

     char *
     MD5File(char *filename, char *buf);

     char *
     MD5Data(unsigned char *data, unsigned int len, char *buf);

DESCRIPTION
     The MD5 functions calculate a 128-bit cryptographic checksum (digest) for
     any number of input bytes.  A cryptographic checksum is a one-way hash-
     function, that is, you cannot find (except by exhaustive search) the in-
     put corresponding to a particular output.  This net result is a ``finger-
     print'' of the input-data, which doesn't disclose the actual input.

     MD2 is the slowest, MD4 is the fastest and MD5 is somewhere in the mid-
     dle.  MD2 can only be used for Privacy-Enhanced Mail.  MD4 has been shown
     to have severe vulnerabilities; it should only be used where necessary
     for backward compatibility.  MD5 has not yet (1999-02-11) been broken,
     but recent attacks have cast some doubt on its security properties.  The
     attacks on both MD4 and MD5 are both in the nature of finding ``colli-
     sions'' - that is, multiple inputs which hash to the same value; it is
     still unlikely for an attacker to be able to determine the exact original
     input given a hash value.

     The MD5Init(), MD5Update(), and MD5Final() functions are the core func-
     tions.  Allocate an MD5_CTX, initialize it with MD5Init(), run over the
     data with MD5Update(), and finally extract the result using MD5Final().
     When a null pointer is passed to MD5Final() as first argument only the
     final padding will be applied and the current context can still be used
     with MD5Update().

     MD5End() is a wrapper for MD5Final() which converts the return value to a
     33-character (including the terminating '\0') ASCII string which repre-
     sents the 128 bits in hexadecimal.

     MD5File() calculates the digest of a file, and uses MD5End() to return
     the result.  If the file cannot be opened, a null pointer is returned.
     MD5Data() calculates the digest of a chunk of data in memory, and uses
     MD5End() to return the result.

     When using MD5End(), MD5File(), or MD5Data(), the buf argument can be a
     null pointer, in which case the returned string is allocated with mal-
     loc(3) and subsequently must be explicitly deallocated using free(3) af-
     ter use.  If the buf argument is non-null it must point to at least 33
     characters of buffer space.

SEE ALSO
     md4(3),  rmd160(3),  sha1(3)

     B. Kaliski, The MD2 Message-Digest Algorithm, RFC 1319.

     R. Rivest, The MD4 Message-Digest Algorithm, RFC 1186.

     R. Rivest, The MD5 Message-Digest Algorithm, RFC 1321.

     RSA Laboratories, Frequently Asked Questions About today's Cryptography,
     <http://www.rsa.com/rsalabs/faq/>.

     H. Dobbertin, "Alf Swindles Ann", CryptoBytes, 1(3):5, 1995.

     MJ. B. Robshaw, "On Recent Results for MD2, MD4 and MD5", RSA
     Laboratories Bulletin, 4, November 12, 1996.

     Hans Dobbertin, Cryptanalysis of MD5 Compress.

AUTHOR
     The original MD5 routines were developed by RSA Data Security, Inc., and
     published in the above references.  This code is derived directly from
     these implementations by Poul-Henning Kamp <phk@login.dkuug.dk>

     Phk ristede runen.

HISTORY
     These functions appeared in OpenBSD 2.0.

BUGS
     Hans Dobbertin has shown collisions for the full version of MD4 and found
     a collision in the compress function of MD5. The use of SHA or RIPEMD-160
     is recommended instead.

     MD2 has only been licensed for use in Privacy Enhanced Mail.  Use MD4 or
     MD5 if that isn't what you're doing.

COPYRIGHT
     Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All rights
     reserved.

     License to copy and use this software is granted provided that it is
     identified as the "RSA Data Security, Inc. MD5 Message-Digest Algorithm"
     in all material mentioning or referencing this software or this function.

     License is also granted to make and use derivative works provided that
     such works are identified as "derived from the RSA Data Security, Inc.
     MD5 Message-Digest Algorithm" in all material mentioning or referencing
     the derived work.

     RSA Data Security, Inc. makes no representations concerning either the
     merchantability of this software or the suitability of this software for
     any particular purpose. It is provided "as is" without express or implied
     warranty of any kind.

     These notices must be retained in any copies of any part of this documen-
     tation and/or software.

OpenBSD 2.6                     October 9, 1996                              2