MirOS Manual: md4(3), MD4Data(3), MD4End(3), MD4File(3), MD4FileChunk(3), MD4Final(3), MD4Init(3), MD4Pad(3), MD4Transform(3), MD4Update(3)

MD4(3)                     BSD Programmer's Manual                      MD4(3)

NAME

     MD4Init, MD4Update, MD4Pad, MD4Final, MD4Transform, MD4End, MD4File,
     MD4FileChunk, MD4Data - calculate the RSA Data Security, Inc., ``MD4''
     message digest

SYNOPSIS

     #include <sys/types.h>
     #include <md4.h>

     void
     MD4Init(MD4_CTX *context);

     void
     MD4Update(MD4_CTX *context, const u_int8_t *data, size_t len);

     void
     MD4Pad(MD4_CTX *context);

     void
     MD4Final(u_int8_t digest[MD4_DIGEST_LENGTH], MD4_CTX *context);

     void
     MD4Transform(u_int32_t state[4], u_int8_t block[MD4_BLOCK_LENGTH]);

     char *
     MD4End(MD4_CTX *context, char *buf);

     char *
     MD4File(const char *filename, char *buf);

     char *
     MD4FileChunk(const char *filename, char *buf, off_t offset,
             off_t length);

     char *
     MD4Data(const u_int8_t *data, size_t len, char *buf);

DESCRIPTION

     The MD4 functions calculate a 128-bit cryptographic checksum (digest) for
     any number of input bytes. A cryptographic checksum is a one-way hash-
     function, that is, you cannot find (except by exhaustive search) the in-
     put corresponding to a particular output. This net result is a
     "fingerprint" of the input-data, which doesn't disclose the actual input.

     MD4 has been broken; it should only be used where necessary for backward
     compatibility. MD5 has not yet (1999-02-11) been broken, but recent at-
     tacks have cast some doubt on its security properties. The attacks on
     both MD4 and MD5 are both in the nature of finding "collisions" - that
     is, multiple inputs which hash to the same value; it is still unlikely
     for an attacker to be able to determine the exact original input given a
     hash value.

     The MD4Init(), MD4Update(), and MD4Final() functions are the core func-
     tions. Allocate an MD4_CTX, initialize it with MD4Init(), run over the
     data with MD4Update(), and finally extract the result using MD4Final().

     The MD4Pad() function can be used to apply padding to the message digest
     as in MD4Final(), but the current context can still be used with
     MD4Update().

     The MD4Transform() function is used by MD4Update() to hash 512-bit blocks
     and forms the core of the algorithm. Most programs should use the inter-
     face provided by MD4Init(), MD4Update() and MD4Final() instead of calling
     MD4Transform() directly.
     MD4End() is a wrapper for MD4Final() which converts the return value to
     an MD4_DIGEST_STRING_LENGTH-character (including the terminating '\0')
     ASCII string which represents the 128 bits in hexadecimal.

     MD4File() calculates the digest of a file, and uses MD4End() to return
     the result. If the file cannot be opened, a null pointer is returned.

     MD4FileChunk() behaves like MD4File() but calculates the digest only for
     that portion of the file starting at offset and continuing for length
     bytes or until end of file is reached, whichever comes first. A zero
     length can be specified to read until end of file. A negative length or
     offset will be ignored. MD4Data() calculates the digest of a chunk of
     data in memory, and uses MD4End() to return the result.

     When using MD4End(), MD4File(), MD4FileChunk(), or MD4Data(), the buf ar-
     gument can be a null pointer, in which case the returned string is allo-
     cated with malloc(3) and subsequently must be explicitly deallocated us-
     ing free(3) after use. If the buf argument is non-null it must point to
     at least MD4_DIGEST_STRING_LENGTH characters of buffer space.

SEE ALSO

     cksum(1), md5(1), adler32(3), md5(3), rmd160(3), sfv(3), sha1(3),
     sha2(3), suma(3), tiger(3), whirlpool(3)

     R. Rivest, The MD4 Message-Digest Algorithm, RFC 1186.

     R. Rivest, The MD5 Message-Digest Algorithm, RFC 1321.

     RSA Laboratories, Frequently Asked Questions About today's Cryptography,
     <http://www.rsa.com/rsalabs/faq/>.

     H. Dobbertin, "Alf Swindles Ann", CryptoBytes, 1(3):5, 1995.

     MJ. B. Robshaw, "On Recent Results for MD4 and MD5", RSA Laboratories
     Bulletin, 4, November 12, 1996.

     Hans Dobbertin, Cryptanalysis of MD5 Compress.

HISTORY

     These functions appeared in OpenBSD 2.0.

AUTHORS

     The original MD4 routines were developed by RSA Data Security, Inc., and
     published in the above references. This code is derived from a public
     domain implementation written by Colin Plumb.

     The MD4End(), MD4File(), MD4FileChunk(), and MD4Data() helper functions
     are derived from code written by Poul-Henning Kamp.

BUGS

     Collisions have been found for the full versions of both MD4 and MD5 as
     well as strong attacks against the SHA-0 and SHA-1 family. The use of
     sha2(3), or rmd160(3) is recommended instead.

MirOS BSD #10-current           April 29, 2004                               1

Generated on 2014-07-04 21:17:45 by $MirOS: src/scripts/roff2htm,v 1.79 2014/02/10 00:36:11 tg Exp $

These manual pages and other documentation are copyrighted by their respective writers; their source is available at our CVSweb, AnonCVS, and other mirrors. The rest is Copyright © 2002‒2014 The MirOS Project, Germany.
This product includes material provided by Thorsten Glaser.

This manual page’s HTML representation is supposed to be valid XHTML/1.1; if not, please send a bug report – diffs preferred.