Tcl Library Source Code

Documentation
Login


[ Main Table Of Contents | Table Of Contents | Keyword Index | Categories | Modules | Applications ]

NAME

md5 - MD5 Message-Digest Algorithm

Table Of Contents

SYNOPSIS

package require Tcl 8.5 9
package require md5 ?2.0.9?

::md5::md5 ?-hex? [ -channel channel | -file filename | string ]
::md5::hmac ?-hex? -key key [ -channel channel | -file filename | string ]
::md5::MD5Init
::md5::MD5Update token data
::md5::MD5Final token
::md5::HMACInit key
::md5::HMACUpdate token data
::md5::HMACFinal token

DESCRIPTION

This package is an implementation in Tcl of the MD5 message-digest algorithm as described in RFC 1321 (1). This algorithm takes an arbitrary quantity of data and generates a 128-bit message digest from the input. The MD5 algorithm is related to the MD4 algorithm (2) but has been strengthened against certain types of potential attack. MD5 should be used in preference to MD4 for new applications.

If you have critcl and have built the tcllibc package then the implementation of the hashing function will be performed by compiled code. Alternatively if you have either cryptkit or Trf then either of these is used to accelerate the digest computation. If no suitable compiled package is available then the pure-Tcl implementation is used. The programming interface remains the same in all cases.

Note the previous version of this package always returned a hex encoded string. This has been changed to simplify the programming interface and to make this version more compatible with other implementations. To obtain the previous usage, either explicitly specify package version 1 or use the -hex option to the md5 command.

BEWARE The commands in this package expect binary data as their input. When a -file is provided then this is ensured by the commands themselves, as they open the referenced file in binary mode. When literal data, or a -channel are provided instead, then the command's caller is responsible for ensuring this fact. The necessary conversion command is encoding convertto utf-8 $string.

ATTENTION, there is a Tcl 9 COMPATIBILITY ISSUE here.

Tcl 8.x silently mishandles non-binary input by cutting it internally to size. I.e. by only using the low byte of a higher unicode point. No error is thrown, the result is simply wrong.

Tcl 9 throws an error instead, i.e.

expected byte sequence but character <location> was ...

COMMANDS

PROGRAMMING INTERFACE

For the programmer, the MD5 hash can be viewed as a bucket into which one pours data. When you have finished, you extract a value that is derived from the data that was poured into the bucket. The programming interface to the MD5 hash operates on a token (equivalent to the bucket). You call MD5Init to obtain a token and then call MD5Update as many times as required to add data to the hash. To release any resources and obtain the hash value, you then call MD5Final. An equivalent set of functions gives you a keyed digest (HMAC).

EXAMPLES

% md5::md5 -hex "Tcl does MD5"
8AAC1EE01E20BB347104FABB90310433

% md5::hmac -hex -key Sekret "Tcl does MD5"
35BBA244FD56D3EDF5F3C47474DACB5D

% set tok [md5::MD5Init]
::md5::1
% md5::MD5Update $tok "Tcl "
% md5::MD5Update $tok "does "
% md5::MD5Update $tok "MD5"
% md5::Hex [md5::MD5Final $tok]
8AAC1EE01E20BB347104FABB90310433

REFERENCES

  1. Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321, MIT and RSA Data Security, Inc, April 1992. (http://www.rfc-editor.org/rfc/rfc1321.txt)

  2. Rivest, R., "The MD4 Message Digest Algorithm", RFC 1320, MIT, April 1992. (http://www.rfc-editor.org/rfc/rfc1320.txt)

  3. Krawczyk, H., Bellare, M. and Canetti, R. "HMAC: Keyed-Hashing for Message Authentication", RFC 2104, February 1997. (http://www.rfc-editor.org/rfc/rfc2104.txt)

Bugs, Ideas, Feedback

This document, and the package it describes, will undoubtedly contain bugs and other problems. Please report such in the category md5 of the Tcllib Trackers. Please also report any ideas for enhancements you may have for either package and/or documentation.

When proposing code changes, please provide unified diffs, i.e the output of diff -u.

Note further that attachments are strongly preferred over inlined patches. Attachments can be made by going to the Edit form of the ticket immediately after its creation, and then using the left-most button in the secondary navigation bar.

SEE ALSO

md4, sha1

KEYWORDS

hashing, md5, message-digest, rfc 1320, rfc 1321, rfc 2104, security

CATEGORY

Hashes, checksums, and encryption

COPYRIGHT

Copyright © 2003, Pat Thoyts