2 .\" ----------------------------------------------------------------------------
3 .\" "THE BEER-WARE LICENSE" (Revision 42):
4 .\" <phk@login.dkuug.dk> wrote this file. As long as you retain this notice you
5 .\" can do whatever you want with this stuff. If we meet some day, and you think
6 .\" this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
7 .\" ----------------------------------------------------------------------------
9 .\" $FreeBSD: src/lib/libmd/mdX.3,v 1.16.2.5 2001/12/17 10:08:31 ru Exp $
22 .Nd calculate the RSA Data Security, Inc., ``MDX'' message digest
29 .Fn MDXInit "MDX_CTX *context"
31 .Fn MDXUpdate "MDX_CTX *context" "const unsigned char *data" "unsigned int len"
33 .Fn MDXPad "MDX_CTX *context"
35 .Fn MDXFinal "unsigned char digest[16]" "MDX_CTX *context"
37 .Fn MDXEnd "MDX_CTX *context" "char *buf"
39 .Fn MDXFile "const char *filename" "char *buf"
41 .Fn MDXData "const unsigned char *data" "unsigned int len" "char *buf"
43 The MDX functions calculate a 128-bit cryptographic checksum (digest)
44 for any number of input bytes. A cryptographic checksum is a one-way
45 hash-function, that is, you cannot find (except by exhaustive search)
46 the input corresponding to a particular output. This net result is
47 a ``fingerprint'' of the input-data, which doesn't disclose the actual
50 MD2 is the slowest, MD4 is the fastest and MD5 is somewhere in the middle.
51 MD2 can only be used for Privacy-Enhanced Mail.
52 MD4 has now been broken; it should only be used where necessary for
53 backward compatibility.
54 MD5 has not yet (1999-02-11) been broken, but sufficient attacks have been
55 made that its security is in some doubt. The attacks on both MD4 and MD5
56 are both in the nature of finding ``collisions'' \- that is, multiple
57 inputs which hash to the same value; it is still unlikely for an attacker
58 to be able to determine the exact original input given a hash value.
65 functions are the core functions. Allocate an MDX_CTX, initialize it with
67 run over the data with
69 and finally extract the result using
73 can be used to pad message data in same way
76 without terminating calculation.
81 which converts the return value to a 33-character
82 (including the terminating '\e0')
84 string which represents the 128 bits in hexadecimal.
87 calculates the digest of a file, and uses
90 If the file cannot be opened, a null pointer is returned.
92 calculates the digest of a chunk of data in memory, and uses
103 argument can be a null pointer, in which case the returned string
106 and subsequently must be explicitly deallocated using
111 argument is non-null it must point to at least 33 characters of buffer space.
119 .%T The MD2 Message-Digest Algorithm
124 .%T The MD4 Message-Digest Algorithm
129 .%T The MD5 Message-Digest Algorithm
134 .%T Frequently Asked Questions About today's Cryptography
135 .%O \&<http://www.rsa.com/rsalabs/faq/>
146 .%T On Recent Results for MD2, MD4 and MD5
147 .%J RSA Laboratories Bulletin
149 .%D November 12, 1996
152 The original MDX routines were developed by
154 Data Security, Inc., and published in the above references.
155 This code is derived directly from these implementations by
156 .An Poul-Henning Kamp Aq phk@login.dkuug.dk
160 These functions appeared in
163 No method is known to exist which finds two files having the same hash value,
164 nor to find a file with a specific hash value.
165 There is on the other hand no guarantee that such a method doesn't exist.
167 MD2 has only been licensed for use in Privacy Enhanced Mail.
168 Use MD4 or MD5 if that isn't what you're doing.