| blob | ba5a354dc878b5b99ffdb07c084f383b7584635c |
1 /* digesthmac.c --- Compute DIGEST-MD5 response value.
2 * Copyright (C) 2002, 2003, 2004 Simon Josefsson
3 *
4 * This file is part of GNU SASL Library.
5 *
6 * GNU SASL Library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public License
8 * as published by the Free Software Foundation; either version 2.1 of
9 * the License, or (at your option) any later version.
10 *
11 * GNU SASL Library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with GNU SASL Library; if not, write to the Free
18 * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
19 * Boston, MA 02110-1301, USA.
20 *
21 */
23 #if HAVE_CONFIG_H
25 #endif
27 /* Get specification. */
30 /* Get malloc, free. */
31 #include <stdlib.h>
33 /* Get memcpy, strlen. */
34 #include <string.h>
36 /* Get sprintf. */
37 #include <stdio.h>
39 /* Get gc_md5. */
40 #include <gc.h>
51 #define MD5LEN 16
52 #define RESPONSE_LENGTH 32
53 #define RSPAUTH_LENGTH RESPONSE_LENGTH
54 #define DERIVE_CLIENT_INTEGRITY_KEY_STRING \
55 "Digest session key to client-to-server signing key magic constant"
56 #define DERIVE_CLIENT_INTEGRITY_KEY_STRING_LEN 65
57 #define DERIVE_SERVER_INTEGRITY_KEY_STRING \
58 "Digest session key to server-to-client signing key magic constant"
59 #define DERIVE_SERVER_INTEGRITY_KEY_STRING_LEN 65
60 #define DERIVE_CLIENT_CONFIDENTIALITY_KEY_STRING \
61 "Digest H(A1) to client-to-server sealing key magic constant"
62 #define DERIVE_CLIENT_CONFIDENTIALITY_KEY_STRING_LEN 59
63 #define DERIVE_SERVER_CONFIDENTIALITY_KEY_STRING \
64 "Digest H(A1) to server-to-client sealing key magic constant"
65 #define DERIVE_SERVER_CONFIDENTIALITY_KEY_STRING_LEN 59
67 /* Compute in 33 bytes large array OUTPUT the DIGEST-MD5 response
68 value. SECRET holds the 16 bytes MD5 hash SS, i.e.,
69 H(username:realm:passwd). NONCE is a zero terminated string with
70 the server nonce. NC is the nonce-count, typically 1 for initial
71 authentication. CNONCE is a zero terminated string with the client
72 nonce. QOP is the quality of protection to use. AUTHZID is a zero
73 terminated string with the authorization identity. DIGESTURI is a
74 zero terminated string with the server principal (e.g.,
75 imap/mail.example.org). RSPAUTH is a boolean which indicate
76 whether to compute a value for the RSPAUTH response or the "real"
77 authentication. CIPHER is the cipher to use. KIC, KIS, KCC, KCS
78 are either NULL, or points to 16 byte arrays that will hold the
79 computed keys on output. Returns 0 on success. */
80 int
84 digest_md5_cipher cipher,
86 {
97 /* A1 */
119 {
124 }
132 {
139 DERIVE_CLIENT_INTEGRITY_KEY_STRING_LEN);
146 }
149 {
155 DERIVE_SERVER_INTEGRITY_KEY_STRING_LEN);
159 hash2);
164 }
167 {
176 else
181 DERIVE_CLIENT_CONFIDENTIALITY_KEY_STRING_LEN);
184 hash2);
189 }
192 {
201 else
206 DERIVE_SERVER_CONFIDENTIALITY_KEY_STRING_LEN);
209 hash2);
214 }
217 {
220 }
222 /* A2 */
245 {
248 }
250 /* response_value */
285 {
288 }
290 {
293 }
295 {
298 }
309 {
312 }
316 }