18ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project/* 28ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project * chap-md5.c - New CHAP/MD5 implementation. 38ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project * 48ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project * Copyright (c) 2003 Paul Mackerras. All rights reserved. 58ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project * 68ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project * Redistribution and use in source and binary forms, with or without 78ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project * modification, are permitted provided that the following conditions 88ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project * are met: 98ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project * 108ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project * 1. Redistributions of source code must retain the above copyright 118ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project * notice, this list of conditions and the following disclaimer. 128ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project * 138ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project * 2. The name(s) of the authors of this software must not be used to 148ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project * endorse or promote products derived from this software without 158ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project * prior written permission. 168ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project * 178ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project * 3. Redistributions of any form whatsoever must retain the following 188ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project * acknowledgment: 198ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project * "This product includes software developed by Paul Mackerras 208ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project * <paulus@samba.org>". 218ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project * 228ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project * THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO 238ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 248ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project * AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY 258ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project * SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 268ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN 278ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING 288ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 298ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project */ 308ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project 318ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project#define RCSID "$Id: chap-md5.c,v 1.4 2004/11/09 22:39:25 paulus Exp $" 328ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project 338ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project#include <stdlib.h> 348ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project#include <string.h> 358ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project#include "pppd.h" 368ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project#include "chap-new.h" 378ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project#include "chap-md5.h" 388ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project#include "magic.h" 398ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project#include "md5.h" 408ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project 418ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project#define MD5_HASH_SIZE 16 428ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project#define MD5_MIN_CHALLENGE 16 438ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project#define MD5_MAX_CHALLENGE 24 448ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project 458ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Projectstatic void 468ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Projectchap_md5_generate_challenge(unsigned char *cp) 478ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project{ 488ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project int clen; 498ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project 508ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project clen = (int)(drand48() * (MD5_MAX_CHALLENGE - MD5_MIN_CHALLENGE)) 518ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project + MD5_MIN_CHALLENGE; 528ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project *cp++ = clen; 538ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project random_bytes(cp, clen); 548ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project} 558ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project 568ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Projectstatic int 578ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Projectchap_md5_verify_response(int id, char *name, 588ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project unsigned char *secret, int secret_len, 598ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project unsigned char *challenge, unsigned char *response, 608ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project char *message, int message_space) 618ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project{ 628ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project MD5_CTX ctx; 638ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project unsigned char idbyte = id; 648ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project unsigned char hash[MD5_HASH_SIZE]; 658ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project int challenge_len, response_len; 668ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project 678ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project challenge_len = *challenge++; 688ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project response_len = *response++; 698ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project if (response_len == MD5_HASH_SIZE) { 708ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project /* Generate hash of ID, secret, challenge */ 718ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project MD5_Init(&ctx); 728ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project MD5_Update(&ctx, &idbyte, 1); 738ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project MD5_Update(&ctx, secret, secret_len); 748ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project MD5_Update(&ctx, challenge, challenge_len); 758ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project MD5_Final(hash, &ctx); 768ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project 778ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project /* Test if our hash matches the peer's response */ 788ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project if (memcmp(hash, response, MD5_HASH_SIZE) == 0) { 798ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project slprintf(message, message_space, "Access granted"); 808ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project return 1; 818ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project } 828ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project } 838ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project slprintf(message, message_space, "Access denied"); 848ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project return 0; 858ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project} 868ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project 878ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Projectstatic void 888ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Projectchap_md5_make_response(unsigned char *response, int id, char *our_name, 898ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project unsigned char *challenge, char *secret, int secret_len, 908ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project unsigned char *private) 918ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project{ 928ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project MD5_CTX ctx; 938ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project unsigned char idbyte = id; 948ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project int challenge_len = *challenge++; 958ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project 968ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project MD5_Init(&ctx); 978ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project MD5_Update(&ctx, &idbyte, 1); 988ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project MD5_Update(&ctx, secret, secret_len); 998ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project MD5_Update(&ctx, challenge, challenge_len); 1008ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project MD5_Final(&response[1], &ctx); 1018ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project response[0] = MD5_HASH_SIZE; 1028ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project} 1038ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project 1048ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Projectstatic struct chap_digest_type md5_digest = { 1058ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project CHAP_MD5, /* code */ 1068ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project chap_md5_generate_challenge, 1078ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project chap_md5_verify_response, 1088ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project chap_md5_make_response, 1098ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project NULL, /* check_success */ 1108ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project NULL, /* handle_failure */ 1118ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project}; 1128ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project 1138ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Projectvoid 1148ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Projectchap_md5_init(void) 1158ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project{ 1168ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project chap_register_digest(&md5_digest); 1178ad0dd2a5c5f23cd210aedba72a43e48026e7436The Android Open Source Project} 118