Provided by: tcllib_1.20+dfsg-1_all bug

NAME

       md5 - MD5 Message-Digest Algorithm

SYNOPSIS

       package require Tcl  8.2

       package require md5  ?2.0.7?

       ::md5::md5 ?-hex? [ -channel channel | -file filename | string ]

       ::md5::hmac ?-hex? -key key [ -channel channel | -file filename | string ]

       ::md5::MD5Init

       ::md5::MD5Update token data

       ::md5::MD5Final token

       ::md5::HMACInit key

       ::md5::HMACUpdate token data

       ::md5::HMACFinal token

_________________________________________________________________________________________________

DESCRIPTION

       This  package is an implementation in Tcl of the MD5 message-digest algorithm as described
       in RFC 1321 (1). This algorithm takes an  arbitrary  quantity  of  data  and  generates  a
       128-bit  message  digest from the input. The MD5 algorithm is related to the MD4 algorithm
       (2) but has been strengthened against certain types of potential  attack.  MD5  should  be
       used in preference to MD4 for new applications.

       If  you  have  critcl  and  have  built the tcllibc package then the implementation of the
       hashing function will be performed by compiled code.  Alternatively  if  you  have  either
       cryptkit  or Trf then either of these can be used to accelerate the digest computation. If
       no suitable compiled package is available then the pure-Tcl implementation  wil  be  used.
       The programming interface remains the same in all cases.

       Note  the  previous version of this package always returned a hex encoded string. This has
       been changed to  simplify  the  programming  interface  and  to  make  this  version  more
       compatible  with  other  implementations.  To obtain the previous usage, either explicitly
       specify package version 1 or use the -hex option to the md5 command.

COMMANDS

       ::md5::md5 ?-hex? [ -channel channel | -file filename | string ]
              Calculate the MD5 digest of the data given in string. This is returned as a  binary
              string by default. Giving the -hex option will return a hexadecimal encoded version
              of the digest.

              The data to be hashed can be specified either as  a  string  argument  to  the  md5
              command,  or  as  a  filename or a pre-opened channel. If the -filename argument is
              given then the file is opened, the data read and hashed and the file is closed.  If
              the  -channel argument is given then data is read from the channel until the end of
              file. The channel is not closed.

              Only one of -file, -channel or string should be given.

       ::md5::hmac ?-hex? -key key [ -channel channel | -file filename | string ]
              Calculate an Hashed Message Authentication  digest  (HMAC)  using  the  MD5  digest
              algorithm.  HMACs  are  described  in  RFC  2104 (3) and provide an MD5 digest that
              includes a key. All options other than -key are as for the ::md5::md5 command.

PROGRAMMING INTERFACE

       For the programmer, the MD5 hash can be viewed as a bucket into which one pours data. When
       you  have finished, you extract a value that is derived from the data that was poured into
       the bucket. The programming interface to the MD5 hash operates on a token  (equivalent  to
       the  bucket).  You call MD5Init to obtain a token and then call MD5Update as many times as
       required to add data to the hash. To release any resources and obtain the hash value,  you
       then call MD5Final. An equivalent set of functions gives you a keyed digest (HMAC).

       ::md5::MD5Init
              Begins  a  new  MD5  hash.  Returns  a token ID that must be used for the remaining
              functions.

       ::md5::MD5Update token data
              Add data to the hash identified  by  token.  Calling  MD5Update  $token  "abcd"  is
              equivalent  to calling MD5Update $token "ab" followed by MD5Update $token "cb". See
              EXAMPLES.

       ::md5::MD5Final token
              Returns the hash value and releases any resources held by  this  token.  Once  this
              command  completes  the  token will be invalid. The result is a binary string of 16
              bytes representing the 128 bit MD5 digest value.

       ::md5::HMACInit key
              This is equivalent to the ::md5::MD5Init command except that it  requires  the  key
              that will be included in the HMAC.

       ::md5::HMACUpdate token data

       ::md5::HMACFinal token
              These commands are identical to the MD5 equivalent commands.

EXAMPLES

              % md5::md5 -hex "Tcl does MD5"
              8AAC1EE01E20BB347104FABB90310433

              % md5::hmac -hex -key Sekret "Tcl does MD5"
              35BBA244FD56D3EDF5F3C47474DACB5D

              % set tok [md5::MD5Init]
              ::md5::1
              % md5::MD5Update $tok "Tcl "
              % md5::MD5Update $tok "does "
              % md5::MD5Update $tok "MD5"
              % md5::Hex [md5::MD5Final $tok]
              8AAC1EE01E20BB347104FABB90310433

REFERENCES

       [1]    Rivest,  R.,  "The  MD5  Message-Digest  Algorithm",  RFC  1321,  MIT  and RSA Data
              Security, Inc, April 1992.  (http://www.rfc-editor.org/rfc/rfc1321.txt)

       [2]    Rivest, R., "The  MD4  Message  Digest  Algorithm",  RFC  1320,  MIT,  April  1992.
              (http://www.rfc-editor.org/rfc/rfc1320.txt)

       [3]    Krawczyk,  H.,  Bellare,  M.  and  Canetti,  R.  "HMAC:  Keyed-Hashing  for Message
              Authentication",     RFC      2104,      February      1997.       (http://www.rfc-
              editor.org/rfc/rfc2104.txt)

BUGS, IDEAS, FEEDBACK

       This  document,  and  the  package  it  describes, will undoubtedly contain bugs and other
       problems.   Please  report  such  in   the   category   md5   of   the   Tcllib   Trackers
       [http://core.tcl.tk/tcllib/reportlist].  Please also report any ideas for enhancements you
       may have for either package and/or documentation.

       When proposing code changes, please provide unified diffs, i.e the output of diff -u.

       Note further that attachments are strongly preferred over inlined patches. Attachments can
       be  made  by going to the Edit form of the ticket immediately after its creation, and then
       using the left-most button in the secondary navigation bar.

SEE ALSO

       md4, sha1

KEYWORDS

       hashing, md5, message-digest, rfc 1320, rfc 1321, rfc 2104, security

CATEGORY

       Hashes, checksums, and encryption

COPYRIGHT

       Copyright (c) 2003, Pat Thoyts <patthoyts@users.sourceforge.net>