MD2(3) BSD Library Functions Manual MD2(3)NAME
MD2Init, MD2Update, MD2Pad, MD2Final, MD2End, MD2File, MD2FileChunk,
MD2Data — calculate the RSA Data Security, Inc., ``MD2'' message digest
MD2Update(MD2_CTX *context, const void *data, unsigned int len);
MD2Final(unsigned char digest, MD2_CTX *context);
MD2End(MD2_CTX *context, char *buf);
MD2File(const char *filename, char *buf);
MD2FileChunk(const char *filename, char *buf, off_t offset,
MD2Data(const void *data, unsigned int len, char *buf);
The MD2 functions calculate a 128-bit cryptographic checksum (digest) for
any number of input bytes. A cryptographic checksum is a one-way hash-
function, that is, you cannot find (except by exhaustive search) the
input corresponding to a particular output. This net result is a
“fingerprint” of the input-data, which does not disclose the actual
MD2 is the slowest, MD4 is the fastest and MD5 is somewhere in the mid‐
dle. MD2 can only be used for Privacy-Enhanced Mail. MD4 has now been
broken; it should only be used where necessary for backward compatibil‐
ity. MD5 has not yet (1999-02-11) been broken, but sufficient attacks
have been made that its security is in some doubt. The attacks on both
MD4 and MD5 are both in the nature of finding “collisions” – that is,
multiple inputs which hash to the same value; it is still unlikely for an
attacker to be able to determine the exact original input given a hash
The MD2Init(), MD2Update(), and MD2Final() functions are the core func‐
tions. Allocate an MD2_CTX, initialize it with MD2Init(), run over the
data with MD2Update(), and finally extract the result using MD2Final().
The MD2Pad() function can be used to pad message data in same way as done
by MD2Final() without terminating calculation.
The MD2End() function is a wrapper for MD2Final() which converts the
return value to a 33-character (including the terminating '\0') ASCII
string which represents the 128 bits in hexadecimal.
The MD2File() function calculates the digest of a file, and uses MD2End()
to return the result. If the file cannot be opened, a null pointer is
returned. The MD2FileChunk() function is similar to MD2File(), but it
only calculates the digest over a byte-range of the file specified,
starting at offset and spanning length bytes. If the length parameter is
specified as 0, or more than the length of the remaining part of the
file, MD2FileChunk() calculates the digest from offset to the end of
file. The MD2Data() function calculates the digest of a chunk of data in
memory, and uses MD2End() to return the result.
When using MD2End(), MD2File(), or MD2Data(), the buf argument can be a
null pointer, in which case the returned string is allocated with
malloc(3) and subsequently must be explicitly deallocated using free(3)
after use. If the buf argument is non-null it must point to at least 33
characters of buffer space.
SEE ALSOmd2(3), md4(3), md5(3), sha(3)
B. Kaliski, The MD2 Message-Digest Algorithm, RFC 1319.
R. Rivest, The MD4 Message-Digest Algorithm, RFC 1186.
R. Rivest, The MD5 Message-Digest Algorithm, RFC 1321.
H. Dobbertin, "Alf Swindles Ann", CryptoBytes, 1(3):5, 1995.
MJ. B. Robshaw, "On Recent Results for MD2, MD4 and MD5", RSA
Laboratories Bulletin, 4, November 12, 1996.
These functions appeared in FreeBSD 2.0.
The original MD2 routines were developed by RSA Data Security, Inc., and
published in the above references. This code is derived directly from
these implementations by Poul-Henning Kamp ⟨phk@FreeBSD.org⟩
Phk ristede runen.
No method is known to exist which finds two files having the same hash
value, nor to find a file with a specific hash value. There is on the
other hand no guarantee that such a method does not exist.
MD2 has only been licensed for use in Privacy Enhanced Mail. Use MD4 or
MD5 if that is not what you are doing. Copyright (C) 1990-2, RSA Data
Security, Inc. Created 1990. All rights reserved.
License to copy and use this software is granted for non-commercial
Internet Privacy-Enhanced Mail provided that it is identified as the "RSA
Data Security, Inc. MD2 Message Digest Algorithm" in all material men‐
tioning or referencing this software or this function.
RSA Data Security, Inc. makes no representations concerning either the
merchantability of this software or the suitability of this software for
any particular purpose. It is provided "as is" without express or implied
warranty of any kind.
These notices must be retained in any copies of any part of this documen‐
tation and/or software.
BSD February 11, 1999 BSD