modules_k/auth/rfc2617.c
dd2bef32
 /*
  * $Id: rfc2617.c 2 2005-06-13 16:47:24Z bogdan_iancu $
  *
  * Copyright (C) 2001-2003 FhG Fokus
  *
27642a08
  * This file is part of Kamailio, a free SIP server.
dd2bef32
  *
27642a08
  * Kamailio is free software; you can redistribute it and/or modify
dd2bef32
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation; either version 2 of the License, or
  * (at your option) any later version
  *
27642a08
  * Kamailio is distributed in the hope that it will be useful,
dd2bef32
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.
  *
  * You should have received a copy of the GNU General Public License 
  * along with this program; if not, write to the Free Software 
  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  */
 
fc54405e
 /*!
  * \file
  * \brief Digest response calculation as per RFC2617
  * \ingroup auth
  * - Module: \ref auth
  */
dd2bef32
 
 #include <sys/types.h>
 #include <stdlib.h>
 #include <string.h>
 
 #include "rfc2617.h"
 #include "../../md5.h"
 
 
fc54405e
 /*!
  * \brief Convert to hex form
6b22d1b8
  * \param _b hash value
  * \param _h hex value
fc54405e
  */
dd2bef32
 inline void cvt_hex(HASH _b, HASHHEX _h)
 {
 	unsigned short i;
 	unsigned char j;
 	
 	for (i = 0; i < HASHLEN; i++) {
 		j = (_b[i] >> 4) & 0xf;
 		if (j <= 9) {
 			_h[i * 2] = (j + '0');
 		} else {
 			_h[i * 2] = (j + 'a' - 10);
 		}
 
 		j = _b[i] & 0xf;
 
 		if (j <= 9) {
 			_h[i * 2 + 1] = (j + '0');
 		} else {
 			_h[i * 2 + 1] = (j + 'a' - 10);
 		}
 	};
 
 	_h[HASHHEXLEN] = '\0';
 }
 
 
fc54405e
 /*!
  * \brief Calculate H(A1) as per HTTP Digest spec
  * \param _alg type of hash algorithm
  * \param _username username
6c9eb389
  * \param _realm authentification realm
fc54405e
  * \param _password password
  * \param _nonce nonce value
  * \param _cnonce cnonce value
  * \param _sess_key session key, result will be stored there
dd2bef32
  */
 void calc_HA1(ha_alg_t _alg, str* _username, str* _realm, str* _password,
 	      str* _nonce, str* _cnonce, HASHHEX _sess_key)
 {
 	MD5_CTX Md5Ctx;
 	HASH HA1;
 	
 	MD5Init(&Md5Ctx);
 	MD5Update(&Md5Ctx, _username->s, _username->len);
 	MD5Update(&Md5Ctx, ":", 1);
 	MD5Update(&Md5Ctx, _realm->s, _realm->len);
 	MD5Update(&Md5Ctx, ":", 1);
 	MD5Update(&Md5Ctx, _password->s, _password->len);
 	MD5Final(HA1, &Md5Ctx);
 
 	if (_alg == HA_MD5_SESS) {
 		MD5Init(&Md5Ctx);
 		MD5Update(&Md5Ctx, HA1, HASHLEN);
 		MD5Update(&Md5Ctx, ":", 1);
 		MD5Update(&Md5Ctx, _nonce->s, _nonce->len);
 		MD5Update(&Md5Ctx, ":", 1);
 		MD5Update(&Md5Ctx, _cnonce->s, _cnonce->len);
 		MD5Final(HA1, &Md5Ctx);
 	};
 
 	cvt_hex(HA1, _sess_key);
 }
 
 
fc54405e
 /*!
  * \brief Calculate request-digest/response-digest as per HTTP Digest spec
  * \param _ha1 H(A1)
  * \param _nonce nonce from server
  * \param _nc 8 hex digits
f7235964
  * \param _cnonce cnonce value
fc54405e
  * \param _qop qop-value: "", "auth", "auth-int
  * \param _auth_int  1 if auth-int is used
  * \param _method method from the request
  * \param _uri requested URL/ URI
  * \param _hentity  H(entity body) if qop="auth-int"
  * \param _response request-digest or response-digest
dd2bef32
  */
 void calc_response(HASHHEX _ha1,      /* H(A1) */
 		   str* _nonce,       /* nonce from server */
 		   str* _nc,          /* 8 hex digits */
 		   str* _cnonce,      /* client nonce */
 		   str* _qop,         /* qop-value: "", "auth", "auth-int" */
 		   int _auth_int,     /* 1 if auth-int is used */
 		   str* _method,      /* method from the request */
 		   str* _uri,         /* requested URL */
 		   HASHHEX _hentity,  /* H(entity body) if qop="auth-int" */
 		   HASHHEX _response) /* request-digest or response-digest */
 {
 	MD5_CTX Md5Ctx;
 	HASH HA2;
 	HASH RespHash;
 	HASHHEX HA2Hex;
 	
fc54405e
 	/* calculate H(A2) */
dd2bef32
 	MD5Init(&Md5Ctx);
 	MD5Update(&Md5Ctx, _method->s, _method->len);
 	MD5Update(&Md5Ctx, ":", 1);
 	MD5Update(&Md5Ctx, _uri->s, _uri->len);
 
 	if (_auth_int) {
 		MD5Update(&Md5Ctx, ":", 1);
 		MD5Update(&Md5Ctx, _hentity, HASHHEXLEN);
 	};
 
 	MD5Final(HA2, &Md5Ctx);
 	cvt_hex(HA2, HA2Hex);
 	
fc54405e
 	/* calculate response */
dd2bef32
 	MD5Init(&Md5Ctx);
 	MD5Update(&Md5Ctx, _ha1, HASHHEXLEN);
 	MD5Update(&Md5Ctx, ":", 1);
 	MD5Update(&Md5Ctx, _nonce->s, _nonce->len);
 	MD5Update(&Md5Ctx, ":", 1);
 
 	if (_qop->len) {
 		MD5Update(&Md5Ctx, _nc->s, _nc->len);
 		MD5Update(&Md5Ctx, ":", 1);
 		MD5Update(&Md5Ctx, _cnonce->s, _cnonce->len);
 		MD5Update(&Md5Ctx, ":", 1);
 		MD5Update(&Md5Ctx, _qop->s, _qop->len);
 		MD5Update(&Md5Ctx, ":", 1);
 	};
 	MD5Update(&Md5Ctx, HA2Hex, HASHHEXLEN);
 	MD5Final(RespHash, &Md5Ctx);
 	cvt_hex(RespHash, _response);
 }