2023-04-01 20:05:01 +00:00
|
|
|
"""
|
|
|
|
The MD5 algorithm is a hash function that's commonly used as a checksum to
|
|
|
|
detect data corruption. The algorithm works by processing a given message in
|
|
|
|
blocks of 512 bits, padding the message as needed. It uses the blocks to operate
|
|
|
|
a 128-bit state and performs a total of 64 such operations. Note that all values
|
|
|
|
are little-endian, so inputs are converted as needed.
|
2016-09-16 19:29:34 +00:00
|
|
|
|
2023-04-01 20:05:01 +00:00
|
|
|
Although MD5 was used as a cryptographic hash function in the past, it's since
|
|
|
|
been cracked, so it shouldn't be used for security purposes.
|
2019-08-06 11:16:30 +00:00
|
|
|
|
2023-04-01 20:05:01 +00:00
|
|
|
For more info, see https://en.wikipedia.org/wiki/MD5
|
|
|
|
"""
|
|
|
|
|
|
|
|
from collections.abc import Generator
|
|
|
|
from math import sin
|
|
|
|
|
|
|
|
|
|
|
|
def to_little_endian(string_32: bytes) -> bytes:
|
|
|
|
"""
|
|
|
|
Converts the given string to little-endian in groups of 8 chars.
|
2019-08-06 11:16:30 +00:00
|
|
|
|
|
|
|
Arguments:
|
2023-04-01 20:05:01 +00:00
|
|
|
string_32 {[string]} -- [32-char string]
|
2019-08-06 11:16:30 +00:00
|
|
|
|
|
|
|
Raises:
|
2023-04-01 20:05:01 +00:00
|
|
|
ValueError -- [input is not 32 char]
|
2019-08-06 11:16:30 +00:00
|
|
|
|
|
|
|
Returns:
|
2023-04-01 20:05:01 +00:00
|
|
|
32-char little-endian string
|
|
|
|
>>> to_little_endian(b'1234567890abcdfghijklmnopqrstuvw')
|
|
|
|
b'pqrstuvwhijklmno90abcdfg12345678'
|
|
|
|
>>> to_little_endian(b'1234567890')
|
|
|
|
Traceback (most recent call last):
|
|
|
|
...
|
|
|
|
ValueError: Input must be of length 32
|
2019-08-06 11:16:30 +00:00
|
|
|
"""
|
2023-04-01 20:05:01 +00:00
|
|
|
if len(string_32) != 32:
|
|
|
|
raise ValueError("Input must be of length 32")
|
2019-08-06 11:16:30 +00:00
|
|
|
|
2023-04-01 20:05:01 +00:00
|
|
|
little_endian = b""
|
2019-10-05 05:14:13 +00:00
|
|
|
for i in [3, 2, 1, 0]:
|
2023-04-01 20:05:01 +00:00
|
|
|
little_endian += string_32[8 * i : 8 * i + 8]
|
|
|
|
return little_endian
|
|
|
|
|
|
|
|
|
|
|
|
def reformat_hex(i: int) -> bytes:
|
|
|
|
"""
|
|
|
|
Converts the given non-negative integer to hex string.
|
2019-08-06 11:16:30 +00:00
|
|
|
|
2023-04-01 20:05:01 +00:00
|
|
|
Example: Suppose the input is the following:
|
|
|
|
i = 1234
|
2016-09-16 19:29:34 +00:00
|
|
|
|
2023-04-01 20:05:01 +00:00
|
|
|
The input is 0x000004d2 in hex, so the little-endian hex string is
|
|
|
|
"d2040000".
|
2018-04-16 12:13:49 +00:00
|
|
|
|
2019-08-06 11:16:30 +00:00
|
|
|
Arguments:
|
2023-04-01 20:05:01 +00:00
|
|
|
i {[int]} -- [integer]
|
|
|
|
|
|
|
|
Raises:
|
|
|
|
ValueError -- [input is negative]
|
|
|
|
|
|
|
|
Returns:
|
|
|
|
8-char little-endian hex string
|
|
|
|
|
|
|
|
>>> reformat_hex(1234)
|
|
|
|
b'd2040000'
|
2022-10-12 22:54:20 +00:00
|
|
|
>>> reformat_hex(666)
|
2023-04-01 20:05:01 +00:00
|
|
|
b'9a020000'
|
|
|
|
>>> reformat_hex(0)
|
|
|
|
b'00000000'
|
|
|
|
>>> reformat_hex(1234567890)
|
|
|
|
b'd2029649'
|
|
|
|
>>> reformat_hex(1234567890987654321)
|
|
|
|
b'b11c6cb1'
|
|
|
|
>>> reformat_hex(-1)
|
|
|
|
Traceback (most recent call last):
|
|
|
|
...
|
|
|
|
ValueError: Input must be non-negative
|
2019-08-06 11:16:30 +00:00
|
|
|
"""
|
2023-04-01 20:05:01 +00:00
|
|
|
if i < 0:
|
|
|
|
raise ValueError("Input must be non-negative")
|
2019-08-06 11:16:30 +00:00
|
|
|
|
2023-04-01 20:05:01 +00:00
|
|
|
hex_rep = format(i, "08x")[-8:]
|
|
|
|
little_endian_hex = b""
|
2024-07-02 05:02:29 +00:00
|
|
|
for j in [3, 2, 1, 0]:
|
|
|
|
little_endian_hex += hex_rep[2 * j : 2 * j + 2].encode("utf-8")
|
2023-04-01 20:05:01 +00:00
|
|
|
return little_endian_hex
|
2018-04-16 12:13:49 +00:00
|
|
|
|
2016-09-16 19:29:34 +00:00
|
|
|
|
2023-04-01 20:05:01 +00:00
|
|
|
def preprocess(message: bytes) -> bytes:
|
|
|
|
"""
|
|
|
|
Preprocesses the message string:
|
|
|
|
- Convert message to bit string
|
|
|
|
- Pad bit string to a multiple of 512 chars:
|
|
|
|
- Append a 1
|
|
|
|
- Append 0's until length = 448 (mod 512)
|
|
|
|
- Append length of original message (64 chars)
|
|
|
|
|
|
|
|
Example: Suppose the input is the following:
|
|
|
|
message = "a"
|
|
|
|
|
|
|
|
The message bit string is "01100001", which is 8 bits long. Thus, the
|
|
|
|
bit string needs 439 bits of padding so that
|
|
|
|
(bit_string + "1" + padding) = 448 (mod 512).
|
|
|
|
The message length is "000010000...0" in 64-bit little-endian binary.
|
|
|
|
The combined bit string is then 512 bits long.
|
2019-08-06 11:16:30 +00:00
|
|
|
|
|
|
|
Arguments:
|
2023-04-01 20:05:01 +00:00
|
|
|
message {[string]} -- [message string]
|
2019-08-06 11:16:30 +00:00
|
|
|
|
|
|
|
Returns:
|
2023-04-01 20:05:01 +00:00
|
|
|
processed bit string padded to a multiple of 512 chars
|
|
|
|
|
|
|
|
>>> preprocess(b"a") == (b"01100001" + b"1" +
|
|
|
|
... (b"0" * 439) + b"00001000" + (b"0" * 56))
|
|
|
|
True
|
|
|
|
>>> preprocess(b"") == b"1" + (b"0" * 447) + (b"0" * 64)
|
|
|
|
True
|
2019-08-06 11:16:30 +00:00
|
|
|
"""
|
2023-04-01 20:05:01 +00:00
|
|
|
bit_string = b""
|
|
|
|
for char in message:
|
|
|
|
bit_string += format(char, "08b").encode("utf-8")
|
|
|
|
start_len = format(len(bit_string), "064b").encode("utf-8")
|
|
|
|
|
|
|
|
# Pad bit_string to a multiple of 512 chars
|
|
|
|
bit_string += b"1"
|
2022-10-12 22:54:20 +00:00
|
|
|
while len(bit_string) % 512 != 448:
|
2023-04-01 20:05:01 +00:00
|
|
|
bit_string += b"0"
|
|
|
|
bit_string += to_little_endian(start_len[32:]) + to_little_endian(start_len[:32])
|
|
|
|
|
2022-10-12 22:54:20 +00:00
|
|
|
return bit_string
|
2019-08-06 11:16:30 +00:00
|
|
|
|
2016-09-16 19:29:34 +00:00
|
|
|
|
2023-04-01 20:05:01 +00:00
|
|
|
def get_block_words(bit_string: bytes) -> Generator[list[int], None, None]:
|
|
|
|
"""
|
|
|
|
Splits bit string into blocks of 512 chars and yields each block as a list
|
|
|
|
of 32-bit words
|
|
|
|
|
|
|
|
Example: Suppose the input is the following:
|
|
|
|
bit_string =
|
|
|
|
"000000000...0" + # 0x00 (32 bits, padded to the right)
|
|
|
|
"000000010...0" + # 0x01 (32 bits, padded to the right)
|
|
|
|
"000000100...0" + # 0x02 (32 bits, padded to the right)
|
|
|
|
"000000110...0" + # 0x03 (32 bits, padded to the right)
|
|
|
|
...
|
|
|
|
"000011110...0" # 0x0a (32 bits, padded to the right)
|
|
|
|
|
|
|
|
Then len(bit_string) == 512, so there'll be 1 block. The block is split
|
|
|
|
into 32-bit words, and each word is converted to little endian. The
|
|
|
|
first word is interpreted as 0 in decimal, the second word is
|
|
|
|
interpreted as 1 in decimal, etc.
|
|
|
|
|
|
|
|
Thus, block_words == [[0, 1, 2, 3, ..., 15]].
|
2018-04-16 12:13:49 +00:00
|
|
|
|
2019-08-06 11:16:30 +00:00
|
|
|
Arguments:
|
2023-04-01 20:05:01 +00:00
|
|
|
bit_string {[string]} -- [bit string with multiple of 512 as length]
|
|
|
|
|
|
|
|
Raises:
|
|
|
|
ValueError -- [length of bit string isn't multiple of 512]
|
|
|
|
|
|
|
|
Yields:
|
|
|
|
a list of 16 32-bit words
|
|
|
|
|
|
|
|
>>> test_string = ("".join(format(n << 24, "032b") for n in range(16))
|
|
|
|
... .encode("utf-8"))
|
|
|
|
>>> list(get_block_words(test_string))
|
|
|
|
[[0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15]]
|
|
|
|
>>> list(get_block_words(test_string * 4)) == [list(range(16))] * 4
|
|
|
|
True
|
|
|
|
>>> list(get_block_words(b"1" * 512)) == [[4294967295] * 16]
|
|
|
|
True
|
|
|
|
>>> list(get_block_words(b""))
|
|
|
|
[]
|
|
|
|
>>> list(get_block_words(b"1111"))
|
|
|
|
Traceback (most recent call last):
|
|
|
|
...
|
|
|
|
ValueError: Input must have length that's a multiple of 512
|
2019-08-06 11:16:30 +00:00
|
|
|
"""
|
2023-04-01 20:05:01 +00:00
|
|
|
if len(bit_string) % 512 != 0:
|
|
|
|
raise ValueError("Input must have length that's a multiple of 512")
|
2016-09-16 19:29:34 +00:00
|
|
|
|
2023-04-01 20:05:01 +00:00
|
|
|
for pos in range(0, len(bit_string), 512):
|
|
|
|
block = bit_string[pos : pos + 512]
|
|
|
|
block_words = []
|
|
|
|
for i in range(0, 512, 32):
|
|
|
|
block_words.append(int(to_little_endian(block[i : i + 32]), 2))
|
|
|
|
yield block_words
|
2019-08-06 11:16:30 +00:00
|
|
|
|
|
|
|
|
2023-04-01 20:05:01 +00:00
|
|
|
def not_32(i: int) -> int:
|
2019-10-05 05:14:13 +00:00
|
|
|
"""
|
2023-04-01 20:05:01 +00:00
|
|
|
Perform bitwise NOT on given int.
|
|
|
|
|
|
|
|
Arguments:
|
|
|
|
i {[int]} -- [given int]
|
|
|
|
|
|
|
|
Raises:
|
|
|
|
ValueError -- [input is negative]
|
|
|
|
|
|
|
|
Returns:
|
|
|
|
Result of bitwise NOT on i
|
|
|
|
|
|
|
|
>>> not_32(34)
|
2019-08-06 11:16:30 +00:00
|
|
|
4294967261
|
2023-04-01 20:05:01 +00:00
|
|
|
>>> not_32(1234)
|
|
|
|
4294966061
|
|
|
|
>>> not_32(4294966061)
|
|
|
|
1234
|
|
|
|
>>> not_32(0)
|
|
|
|
4294967295
|
|
|
|
>>> not_32(1)
|
|
|
|
4294967294
|
|
|
|
>>> not_32(-1)
|
|
|
|
Traceback (most recent call last):
|
|
|
|
...
|
|
|
|
ValueError: Input must be non-negative
|
2019-10-05 05:14:13 +00:00
|
|
|
"""
|
2023-04-01 20:05:01 +00:00
|
|
|
if i < 0:
|
|
|
|
raise ValueError("Input must be non-negative")
|
|
|
|
|
2019-10-05 05:14:13 +00:00
|
|
|
i_str = format(i, "032b")
|
|
|
|
new_str = ""
|
2019-08-06 11:16:30 +00:00
|
|
|
for c in i_str:
|
2019-10-05 05:14:13 +00:00
|
|
|
new_str += "1" if c == "0" else "0"
|
2019-08-06 11:16:30 +00:00
|
|
|
return int(new_str, 2)
|
|
|
|
|
2019-10-05 05:14:13 +00:00
|
|
|
|
2023-04-01 20:05:01 +00:00
|
|
|
def sum_32(a: int, b: int) -> int:
|
|
|
|
"""
|
|
|
|
Add two numbers as 32-bit ints.
|
|
|
|
|
|
|
|
Arguments:
|
|
|
|
a {[int]} -- [first given int]
|
|
|
|
b {[int]} -- [second given int]
|
|
|
|
|
|
|
|
Returns:
|
|
|
|
(a + b) as an unsigned 32-bit int
|
|
|
|
|
|
|
|
>>> sum_32(1, 1)
|
|
|
|
2
|
|
|
|
>>> sum_32(2, 3)
|
|
|
|
5
|
|
|
|
>>> sum_32(0, 0)
|
|
|
|
0
|
|
|
|
>>> sum_32(-1, -1)
|
|
|
|
4294967294
|
|
|
|
>>> sum_32(4294967295, 1)
|
|
|
|
0
|
|
|
|
"""
|
2022-01-30 19:29:54 +00:00
|
|
|
return (a + b) % 2**32
|
2019-08-19 13:37:49 +00:00
|
|
|
|
2019-08-06 11:16:30 +00:00
|
|
|
|
2023-04-01 20:05:01 +00:00
|
|
|
def left_rotate_32(i: int, shift: int) -> int:
|
|
|
|
"""
|
|
|
|
Rotate the bits of a given int left by a given amount.
|
|
|
|
|
|
|
|
Arguments:
|
|
|
|
i {[int]} -- [given int]
|
|
|
|
shift {[int]} -- [shift amount]
|
|
|
|
|
|
|
|
Raises:
|
|
|
|
ValueError -- [either given int or shift is negative]
|
2016-09-16 19:29:34 +00:00
|
|
|
|
2023-04-01 20:05:01 +00:00
|
|
|
Returns:
|
|
|
|
`i` rotated to the left by `shift` bits
|
|
|
|
|
|
|
|
>>> left_rotate_32(1234, 1)
|
|
|
|
2468
|
|
|
|
>>> left_rotate_32(1111, 4)
|
|
|
|
17776
|
|
|
|
>>> left_rotate_32(2147483648, 1)
|
|
|
|
1
|
|
|
|
>>> left_rotate_32(2147483648, 3)
|
|
|
|
4
|
|
|
|
>>> left_rotate_32(4294967295, 4)
|
|
|
|
4294967295
|
|
|
|
>>> left_rotate_32(1234, 0)
|
|
|
|
1234
|
|
|
|
>>> left_rotate_32(0, 0)
|
|
|
|
0
|
|
|
|
>>> left_rotate_32(-1, 0)
|
|
|
|
Traceback (most recent call last):
|
|
|
|
...
|
|
|
|
ValueError: Input must be non-negative
|
|
|
|
>>> left_rotate_32(0, -1)
|
|
|
|
Traceback (most recent call last):
|
|
|
|
...
|
|
|
|
ValueError: Shift must be non-negative
|
|
|
|
"""
|
|
|
|
if i < 0:
|
|
|
|
raise ValueError("Input must be non-negative")
|
|
|
|
if shift < 0:
|
|
|
|
raise ValueError("Shift must be non-negative")
|
|
|
|
return ((i << shift) ^ (i >> (32 - shift))) % 2**32
|
|
|
|
|
|
|
|
|
|
|
|
def md5_me(message: bytes) -> bytes:
|
|
|
|
"""
|
|
|
|
Returns the 32-char MD5 hash of a given message.
|
2016-09-16 19:29:34 +00:00
|
|
|
|
2023-04-01 20:05:01 +00:00
|
|
|
Reference: https://en.wikipedia.org/wiki/MD5#Algorithm
|
2019-08-06 11:16:30 +00:00
|
|
|
|
|
|
|
Arguments:
|
2023-04-01 20:05:01 +00:00
|
|
|
message {[string]} -- [message]
|
|
|
|
|
|
|
|
Returns:
|
|
|
|
32-char MD5 hash string
|
|
|
|
|
|
|
|
>>> md5_me(b"")
|
|
|
|
b'd41d8cd98f00b204e9800998ecf8427e'
|
|
|
|
>>> md5_me(b"The quick brown fox jumps over the lazy dog")
|
|
|
|
b'9e107d9d372bb6826bd81d3542a419d6'
|
|
|
|
>>> md5_me(b"The quick brown fox jumps over the lazy dog.")
|
|
|
|
b'e4d909c290d0fb1ca068ffaddf22cbd0'
|
|
|
|
|
|
|
|
>>> import hashlib
|
|
|
|
>>> from string import ascii_letters
|
|
|
|
>>> msgs = [b"", ascii_letters.encode("utf-8"), "Üñîçø∂é".encode("utf-8"),
|
|
|
|
... b"The quick brown fox jumps over the lazy dog."]
|
|
|
|
>>> all(md5_me(msg) == hashlib.md5(msg).hexdigest().encode("utf-8") for msg in msgs)
|
|
|
|
True
|
2019-08-06 11:16:30 +00:00
|
|
|
"""
|
|
|
|
|
2023-04-01 20:05:01 +00:00
|
|
|
# Convert to bit string, add padding and append message length
|
|
|
|
bit_string = preprocess(message)
|
2019-08-06 11:16:30 +00:00
|
|
|
|
2023-04-01 20:05:01 +00:00
|
|
|
added_consts = [int(2**32 * abs(sin(i + 1))) for i in range(64)]
|
2019-08-06 11:16:30 +00:00
|
|
|
|
2023-04-01 20:05:01 +00:00
|
|
|
# Starting states
|
2019-08-06 11:16:30 +00:00
|
|
|
a0 = 0x67452301
|
2019-10-05 05:14:13 +00:00
|
|
|
b0 = 0xEFCDAB89
|
|
|
|
c0 = 0x98BADCFE
|
2019-08-06 11:16:30 +00:00
|
|
|
d0 = 0x10325476
|
|
|
|
|
2023-04-01 20:05:01 +00:00
|
|
|
shift_amounts = [
|
2019-10-05 05:14:13 +00:00
|
|
|
7,
|
|
|
|
12,
|
|
|
|
17,
|
|
|
|
22,
|
|
|
|
7,
|
|
|
|
12,
|
|
|
|
17,
|
|
|
|
22,
|
|
|
|
7,
|
|
|
|
12,
|
|
|
|
17,
|
|
|
|
22,
|
|
|
|
7,
|
|
|
|
12,
|
|
|
|
17,
|
|
|
|
22,
|
|
|
|
5,
|
|
|
|
9,
|
|
|
|
14,
|
|
|
|
20,
|
|
|
|
5,
|
|
|
|
9,
|
|
|
|
14,
|
|
|
|
20,
|
|
|
|
5,
|
|
|
|
9,
|
|
|
|
14,
|
|
|
|
20,
|
|
|
|
5,
|
|
|
|
9,
|
|
|
|
14,
|
|
|
|
20,
|
|
|
|
4,
|
|
|
|
11,
|
|
|
|
16,
|
|
|
|
23,
|
|
|
|
4,
|
|
|
|
11,
|
|
|
|
16,
|
|
|
|
23,
|
|
|
|
4,
|
|
|
|
11,
|
|
|
|
16,
|
|
|
|
23,
|
|
|
|
4,
|
|
|
|
11,
|
|
|
|
16,
|
|
|
|
23,
|
|
|
|
6,
|
|
|
|
10,
|
|
|
|
15,
|
|
|
|
21,
|
|
|
|
6,
|
|
|
|
10,
|
|
|
|
15,
|
|
|
|
21,
|
|
|
|
6,
|
|
|
|
10,
|
|
|
|
15,
|
|
|
|
21,
|
|
|
|
6,
|
|
|
|
10,
|
|
|
|
15,
|
|
|
|
21,
|
|
|
|
]
|
2019-08-06 11:16:30 +00:00
|
|
|
|
2023-04-01 20:05:01 +00:00
|
|
|
# Process bit string in chunks, each with 16 32-char words
|
|
|
|
for block_words in get_block_words(bit_string):
|
2022-10-12 22:54:20 +00:00
|
|
|
a = a0
|
|
|
|
b = b0
|
|
|
|
c = c0
|
|
|
|
d = d0
|
2023-04-01 20:05:01 +00:00
|
|
|
|
|
|
|
# Hash current chunk
|
2019-08-06 11:16:30 +00:00
|
|
|
for i in range(64):
|
|
|
|
if i <= 15:
|
2023-04-01 20:05:01 +00:00
|
|
|
# f = (b & c) | (not_32(b) & d) # Alternate definition for f
|
2022-10-12 22:54:20 +00:00
|
|
|
f = d ^ (b & (c ^ d))
|
2019-08-06 11:16:30 +00:00
|
|
|
g = i
|
|
|
|
elif i <= 31:
|
2023-04-01 20:05:01 +00:00
|
|
|
# f = (d & b) | (not_32(d) & c) # Alternate definition for f
|
2022-10-12 22:54:20 +00:00
|
|
|
f = c ^ (d & (b ^ c))
|
2019-10-05 05:14:13 +00:00
|
|
|
g = (5 * i + 1) % 16
|
2019-08-06 11:16:30 +00:00
|
|
|
elif i <= 47:
|
2022-10-12 22:54:20 +00:00
|
|
|
f = b ^ c ^ d
|
2019-10-05 05:14:13 +00:00
|
|
|
g = (3 * i + 5) % 16
|
2019-08-06 11:16:30 +00:00
|
|
|
else:
|
2023-04-01 20:05:01 +00:00
|
|
|
f = c ^ (b | not_32(d))
|
2019-10-05 05:14:13 +00:00
|
|
|
g = (7 * i) % 16
|
2023-04-01 20:05:01 +00:00
|
|
|
f = (f + a + added_consts[i] + block_words[g]) % 2**32
|
|
|
|
a = d
|
2022-10-12 22:54:20 +00:00
|
|
|
d = c
|
|
|
|
c = b
|
2023-04-01 20:05:01 +00:00
|
|
|
b = sum_32(b, left_rotate_32(f, shift_amounts[i]))
|
|
|
|
|
|
|
|
# Add hashed chunk to running total
|
|
|
|
a0 = sum_32(a0, a)
|
|
|
|
b0 = sum_32(b0, b)
|
|
|
|
c0 = sum_32(c0, c)
|
|
|
|
d0 = sum_32(d0, d)
|
2022-10-12 22:54:20 +00:00
|
|
|
|
|
|
|
digest = reformat_hex(a0) + reformat_hex(b0) + reformat_hex(c0) + reformat_hex(d0)
|
2019-08-06 11:16:30 +00:00
|
|
|
return digest
|
|
|
|
|
2016-09-16 19:29:34 +00:00
|
|
|
|
|
|
|
if __name__ == "__main__":
|
2019-08-06 11:16:30 +00:00
|
|
|
import doctest
|
2019-10-05 05:14:13 +00:00
|
|
|
|
2019-08-06 11:16:30 +00:00
|
|
|
doctest.testmod()
|