md5 - MD5 Message-Digest Algorithm
package require Tcl 8.2
package require md5 ?2.0.7?
? [ -channel channel
? -key key
[ -channel channel
::md5::MD5Update token data
::md5::HMACUpdate token data
This package is an implementation in Tcl of the MD5 message-digest algorithm as
described in RFC 1321 (1). This algorithm takes an arbitrary quantity of data
and generates a 128-bit message digest from the input. The MD5 algorithm is
related to the MD4 algorithm (2) but has been strengthened against certain
types of potential attack. MD5 should be used in preference to MD4 for new
If you have critcl
and have built the tcllibc
package then the
implementation of the hashing function will be performed by compiled code.
Alternatively if you have either cryptkit
then either of
these can be used to accelerate the digest computation. If no suitable
compiled package is available then the pure-Tcl implementation wil be used.
The programming interface remains the same in all cases.
the previous version of this package always returned a hex encoded
string. This has been changed to simplify the programming interface and to
make this version more compatible with other implementations. To obtain the
previous usage, either explicitly specify package version 1 or use the
option to the md5
- ::md5::md5 ?-hex? [ -channel channel | -file
filename | string ]
- Calculate the MD5 digest of the data given in string. This is returned as
a binary string by default. Giving the -hex option will return a
hexadecimal encoded version of the digest.
The data to be hashed can be specified either as a string argument to the
md5 command, or as a filename or a pre-opened channel. If the
-filename argument is given then the file is opened, the data read
and hashed and the file is closed. If the -channel argument is
given then data is read from the channel until the end of file. The
channel is not closed.
Only one of -file, -channel or string should be
- ::md5::hmac ?-hex? -key key [ -channel channel
| -file filename | string ]
- Calculate an Hashed Message Authentication digest (HMAC) using the MD5
digest algorithm. HMACs are described in RFC 2104 (3) and provide an MD5
digest that includes a key. All options other than -key are as for
the ::md5::md5 command.
For the programmer, the MD5 hash can be viewed as a bucket into which one pours
data. When you have finished, you extract a value that is derived from the
data that was poured into the bucket. The programming interface to the MD5
hash operates on a token (equivalent to the bucket). You call MD5Init
to obtain a token and then call MD5Update
as many times as required to
add data to the hash. To release any resources and obtain the hash value, you
then call MD5Final
. An equivalent set of functions gives you a keyed
- Begins a new MD5 hash. Returns a token ID that must be used for the
- ::md5::MD5Update token data
- Add data to the hash identified by token. Calling MD5Update $token
"abcd" is equivalent to calling MD5Update $token
"ab" followed by MD5Update $token "cb". See
- ::md5::MD5Final token
- Returns the hash value and releases any resources held by this token. Once
this command completes the token will be invalid. The result is a binary
string of 16 bytes representing the 128 bit MD5 digest value.
- ::md5::HMACInit key
- This is equivalent to the ::md5::MD5Init command except that it
requires the key that will be included in the HMAC.
- ::md5::HMACUpdate token data
- ::md5::HMACFinal token
- These commands are identical to the MD5 equivalent commands.
% md5::md5 -hex "Tcl does MD5"
% md5::hmac -hex -key Sekret "Tcl does MD5"
% set tok [md5::MD5Init]
% md5::MD5Update $tok "Tcl "
% md5::MD5Update $tok "does "
% md5::MD5Update $tok "MD5"
% md5::Hex [md5::MD5Final $tok]
- Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321, MIT
and RSA Data Security, Inc, April 1992. (
- Rivest, R., "The MD4 Message Digest Algorithm", RFC 1320, MIT,
April 1992. ( http://www.rfc-editor.org/rfc/rfc1320.txt)
- Krawczyk, H., Bellare, M. and Canetti, R. "HMAC: Keyed-Hashing for
Message Authentication", RFC 2104, February 1997. (
BUGS, IDEAS, FEEDBACK¶
This document, and the package it describes, will undoubtedly contain bugs and
other problems. Please report such in the category md5
of the Tcllib
Please also report any
ideas for enhancements you may have for either package and/or documentation.
hashing, md5, message-digest, rfc 1320, rfc 1321, rfc 2104, security
Hashes, checksums, and encryption
Copyright (c) 2003, Pat Thoyts <email@example.com>