Browse code

auth: adapt SHA hash function to new location, remove srutils library dependency

Henning Westerholt authored on 02/10/2019 22:26:53
Showing 1 changed files
... ...
@@ -28,7 +28,7 @@
28 28
 #include <string.h>
29 29
 
30 30
 #include "rfc2617_sha256.h"
31
-#include "../../lib/srutils/sha256.h"
31
+#include "../../core/crypto/sha256.h"
32 32
 #include "../../core/dprint.h"
33 33
 
34 34
 
Browse code

core, lib, modules: updated include paths for header files

Daniel-Constantin Mierla authored on 07/12/2016 11:07:22
Showing 1 changed files
... ...
@@ -29,7 +29,7 @@
29 29
 
30 30
 #include "rfc2617_sha256.h"
31 31
 #include "../../lib/srutils/sha256.h"
32
-#include "../../dprint.h"
32
+#include "../../core/dprint.h"
33 33
 
34 34
 
35 35
 inline void cvt_hex_sha256(HASH_SHA256 _b, HASHHEX_SHA256 _h)
Browse code

core, lib, modules: restructured source code tree

- new folder src/ to hold the source code for main project applications
- main.c is in src/
- all core files are subfolder are in src/core/
- modules are in src/modules/
- libs are in src/lib/
- application Makefiles are in src/
- application binary is built in src/ (src/kamailio)

Daniel-Constantin Mierla authored on 07/12/2016 11:03:51
Showing 1 changed files
1 1
new file mode 100644
... ...
@@ -0,0 +1,150 @@
1
+/*
2
+ * Digest Authentication Module
3
+ * Digest response calculation as per RFC2617
4
+ *
5
+ * Copyright (C) 2001-2003 FhG Fokus
6
+ *
7
+ * This file is part of Kamailio, a free SIP server.
8
+ *
9
+ * Kamailio is free software; you can redistribute it and/or modify
10
+ * it under the terms of the GNU General Public License as published by
11
+ * the Free Software Foundation; either version 2 of the License, or
12
+ * (at your option) any later version
13
+ *
14
+ * Kamailio is distributed in the hope that it will be useful,
15
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
16
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
17
+ * GNU General Public License for more details.
18
+ *
19
+ * You should have received a copy of the GNU General Public License
20
+ * along with this program; if not, write to the Free Software
21
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
22
+ *
23
+ */
24
+
25
+
26
+#include <sys/types.h>
27
+#include <stdlib.h>
28
+#include <string.h>
29
+
30
+#include "rfc2617_sha256.h"
31
+#include "../../lib/srutils/sha256.h"
32
+#include "../../dprint.h"
33
+
34
+
35
+inline void cvt_hex_sha256(HASH_SHA256 _b, HASHHEX_SHA256 _h)
36
+{
37
+	unsigned short i;
38
+	unsigned char j;
39
+
40
+	for (i = 0; i < HASHLEN_SHA256; i++) {
41
+		j = (_b[i] >> 4) & 0xf;
42
+		if (j <= 9) {
43
+			_h[i * 2] = (j + '0');
44
+		} else {
45
+			_h[i * 2] = (j + 'a' - 10);
46
+		}
47
+
48
+		j = _b[i] & 0xf;
49
+
50
+		if (j <= 9) {
51
+			_h[i * 2 + 1] = (j + '0');
52
+		} else {
53
+			_h[i * 2 + 1] = (j + 'a' - 10);
54
+		}
55
+	};
56
+
57
+	_h[HASHHEXLEN_SHA256] = '\0';
58
+}
59
+
60
+/* Cast to unsigned values and forward to sr_SHA256_Update */
61
+static inline void SHA256_Update(SHA256_CTX* context, char *data, int len)
62
+{
63
+	sr_SHA256_Update(context, (unsigned char*)data, (unsigned int)len);
64
+}
65
+
66
+/*
67
+ * calculate H(A1) as per spec
68
+ */
69
+void calc_HA1_sha256(ha_alg_t _alg, str* _username, str* _realm, str* _password,
70
+		str* _nonce, str* _cnonce, HASHHEX_SHA256 _sess_key)
71
+{
72
+	SHA256_CTX Sha256Ctx;
73
+	HASH_SHA256 HA1;
74
+
75
+	sr_SHA256_Init(&Sha256Ctx);
76
+	SHA256_Update(&Sha256Ctx, _username->s, _username->len);
77
+	SHA256_Update(&Sha256Ctx, ":", 1);
78
+	SHA256_Update(&Sha256Ctx, _realm->s, _realm->len);
79
+	SHA256_Update(&Sha256Ctx, ":", 1);
80
+	SHA256_Update(&Sha256Ctx, _password->s, _password->len);
81
+	sr_SHA256_Final(HA1, &Sha256Ctx);
82
+
83
+	if (_alg == HA_MD5_SESS) {
84
+		sr_SHA256_Init(&Sha256Ctx);
85
+		sr_SHA256_Update(&Sha256Ctx, HA1, HASHLEN_SHA256);
86
+		SHA256_Update(&Sha256Ctx, ":", 1);
87
+		SHA256_Update(&Sha256Ctx, _nonce->s, _nonce->len);
88
+		SHA256_Update(&Sha256Ctx, ":", 1);
89
+		SHA256_Update(&Sha256Ctx, _cnonce->s, _cnonce->len);
90
+		sr_SHA256_Final(HA1, &Sha256Ctx);
91
+	};
92
+
93
+	cvt_hex_sha256(HA1, _sess_key);
94
+}
95
+
96
+
97
+/*
98
+ * calculate request-digest/response-digest as per HTTP Digest spec
99
+ */
100
+void calc_response_sha256(HASHHEX_SHA256 _ha1,      /* H(A1) */
101
+		str* _nonce,       /* nonce from server */
102
+		str* _nc,          /* 8 hex digits */
103
+		str* _cnonce,      /* client nonce */
104
+		str* _qop,         /* qop-value: "", "auth", "auth-int" */
105
+		int _auth_int,     /* 1 if auth-int is used */
106
+		str* _method,      /* method from the request */
107
+		str* _uri,         /* requested URL */
108
+		HASHHEX_SHA256 _hentity,  /* H(entity body) if qop="auth-int" */
109
+		HASHHEX_SHA256 _response) /* request-digest or response-digest */
110
+{
111
+	SHA256_CTX Sha256Ctx;
112
+	HASH_SHA256 HA2;
113
+	HASH_SHA256 RespHash;
114
+	HASHHEX_SHA256 HA2Hex;
115
+
116
+	/* calculate H(A2) */
117
+	sr_SHA256_Init(&Sha256Ctx);
118
+	if (_method) {
119
+		SHA256_Update(&Sha256Ctx, _method->s, _method->len);
120
+	}
121
+	SHA256_Update(&Sha256Ctx, ":", 1);
122
+	SHA256_Update(&Sha256Ctx, _uri->s, _uri->len);
123
+
124
+	if (_auth_int) {
125
+		SHA256_Update(&Sha256Ctx, ":", 1);
126
+		SHA256_Update(&Sha256Ctx, _hentity, HASHHEXLEN_SHA256);
127
+	};
128
+
129
+	sr_SHA256_Final(HA2, &Sha256Ctx);
130
+	cvt_hex_sha256(HA2, HA2Hex);
131
+
132
+	/* calculate response */
133
+	sr_SHA256_Init(&Sha256Ctx);
134
+	SHA256_Update(&Sha256Ctx, _ha1, HASHHEXLEN_SHA256);
135
+	SHA256_Update(&Sha256Ctx, ":", 1);
136
+	SHA256_Update(&Sha256Ctx, _nonce->s, _nonce->len);
137
+	SHA256_Update(&Sha256Ctx, ":", 1);
138
+
139
+	if (_qop->len) {
140
+		SHA256_Update(&Sha256Ctx, _nc->s, _nc->len);
141
+		SHA256_Update(&Sha256Ctx, ":", 1);
142
+		SHA256_Update(&Sha256Ctx, _cnonce->s, _cnonce->len);
143
+		SHA256_Update(&Sha256Ctx, ":", 1);
144
+		SHA256_Update(&Sha256Ctx, _qop->s, _qop->len);
145
+		SHA256_Update(&Sha256Ctx, ":", 1);
146
+	};
147
+	SHA256_Update(&Sha256Ctx, HA2Hex, HASHHEXLEN_SHA256);
148
+	sr_SHA256_Final(RespHash, &Sha256Ctx);
149
+	cvt_hex_sha256(RespHash, _response);
150
+}