Commit | Line | Data |
---|---|---|
460b9539 | 1 | /* |
2 | * This file is part of DisOrder | |
cca89d7c | 3 | * Copyright (C) 2004, 2006, 2007, 2009, 2013 Richard Kettlewell |
460b9539 | 4 | * |
e7eb3a27 | 5 | * This program is free software: you can redistribute it and/or modify |
460b9539 | 6 | * it under the terms of the GNU General Public License as published by |
e7eb3a27 | 7 | * the Free Software Foundation, either version 3 of the License, or |
460b9539 | 8 | * (at your option) any later version. |
e7eb3a27 RK |
9 | * |
10 | * This program is distributed in the hope that it will be useful, | |
11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
13 | * GNU General Public License for more details. | |
14 | * | |
460b9539 | 15 | * You should have received a copy of the GNU General Public License |
e7eb3a27 | 16 | * along with this program. If not, see <http://www.gnu.org/licenses/>. |
460b9539 | 17 | */ |
14ad73b9 | 18 | /** @file lib/authhash.c @brief The authorization hash */ |
460b9539 | 19 | |
05b75f8d | 20 | #include "common.h" |
460b9539 | 21 | |
22 | #include <stddef.h> | |
cca89d7c RK |
23 | #if HAVE_GCRYPT_H |
24 | # include <gcrypt.h> | |
25 | #else | |
26 | # error No crypto API available | |
27 | #endif | |
460b9539 | 28 | |
29 | #include "hex.h" | |
30 | #include "log.h" | |
31 | #include "authhash.h" | |
32 | ||
637fdea3 RK |
33 | /** @brief Structure of algorithm lookup table */ |
34 | struct algorithm { | |
4d82d579 | 35 | /** @brief DisOrder algorithm name */ |
637fdea3 | 36 | const char *name; |
4d82d579 | 37 | |
cca89d7c | 38 | #if HAVE_GCRYPT_H |
4d82d579 | 39 | /** @brief gcrypt algorithm ID */ |
637fdea3 | 40 | int id; |
cca89d7c RK |
41 | #endif |
42 | ||
637fdea3 RK |
43 | }; |
44 | ||
45 | /** @brief Algorithm lookup table | |
46 | * | |
47 | * We don't use gcry_md_map_name() since that would import gcrypt's API into | |
48 | * the disorder protocol. | |
49 | */ | |
50 | static const struct algorithm algorithms[] = { | |
cca89d7c | 51 | #if HAVE_GCRYPT_H |
637fdea3 RK |
52 | { "SHA1", GCRY_MD_SHA1 }, |
53 | { "sha1", GCRY_MD_SHA1 }, | |
54 | { "SHA256", GCRY_MD_SHA256 }, | |
55 | { "sha256", GCRY_MD_SHA256 }, | |
56 | { "SHA384", GCRY_MD_SHA384 }, | |
57 | { "sha384", GCRY_MD_SHA384 }, | |
58 | { "SHA512", GCRY_MD_SHA512 }, | |
59 | { "sha512", GCRY_MD_SHA512 }, | |
cca89d7c | 60 | #endif |
637fdea3 RK |
61 | }; |
62 | ||
63 | /** @brief Number of supported algorithms */ | |
64 | #define NALGORITHMS (sizeof algorithms / sizeof *algorithms) | |
460b9539 | 65 | |
d7b6f0d1 | 66 | /** @brief Perform the authorization hash function |
67 | * @param challenge Pointer to challange | |
68 | * @param nchallenge Size of challenge | |
69 | * @param password Password | |
637fdea3 | 70 | * @param algo Algorithm to use |
4d82d579 | 71 | * @return Hex string or NULL on error |
d7b6f0d1 | 72 | * |
73 | * Computes H(challenge|password) and returns it as a newly allocated hex | |
637fdea3 | 74 | * string, or returns NULL on error. |
d7b6f0d1 | 75 | */ |
f74f4f32 RK |
76 | char *authhash(const void *challenge, size_t nchallenge, |
77 | const char *password, const char *algo) { | |
cca89d7c | 78 | #if HAVE_GCRYPT_H |
460b9539 | 79 | gcrypt_hash_handle h; |
cca89d7c RK |
80 | int id; |
81 | #endif | |
f74f4f32 | 82 | char *res; |
637fdea3 | 83 | size_t n; |
1c0d78bd RK |
84 | |
85 | assert(challenge != 0); | |
86 | assert(password != 0); | |
637fdea3 RK |
87 | assert(algo != 0); |
88 | for(n = 0; n < NALGORITHMS; ++n) | |
89 | if(!strcmp(algo, algorithms[n].name)) | |
90 | break; | |
91 | if(n >= NALGORITHMS) | |
92 | return NULL; | |
cca89d7c | 93 | #if HAVE_GCRYPT_H |
637fdea3 | 94 | id = algorithms[n].id; |
460b9539 | 95 | #if HAVE_GCRY_ERROR_T |
96 | { | |
97 | gcry_error_t e; | |
98 | ||
637fdea3 | 99 | if((e = gcry_md_open(&h, id, 0))) { |
2e9ba080 | 100 | disorder_error(0, "gcry_md_open: %s", gcry_strerror(e)); |
460b9539 | 101 | return 0; |
102 | } | |
103 | } | |
104 | #else | |
637fdea3 | 105 | h = gcry_md_open(id, 0); |
460b9539 | 106 | #endif |
107 | gcry_md_write(h, password, strlen(password)); | |
108 | gcry_md_write(h, challenge, nchallenge); | |
637fdea3 | 109 | res = hex(gcry_md_read(h, id), gcry_md_get_algo_dlen(id)); |
460b9539 | 110 | gcry_md_close(h); |
cca89d7c | 111 | #endif |
460b9539 | 112 | return res; |
113 | } | |
114 | ||
637fdea3 RK |
115 | /** @brief Return non-zero if @p algo is a valid algorithm */ |
116 | int valid_authhash(const char *algo) { | |
117 | size_t n; | |
118 | ||
119 | for(n = 0; n < NALGORITHMS; ++n) | |
120 | if(!strcmp(algo, algorithms[n].name)) | |
121 | return 1; | |
122 | return 0; | |
123 | } | |
124 | ||
460b9539 | 125 | /* |
126 | Local Variables: | |
127 | c-basic-offset:2 | |
128 | comment-column:40 | |
129 | fill-column:79 | |
130 | End: | |
131 | */ |