/********************************************************/
#include <openssl/evp.h>
#include <openssl/hmac.h>
+#include <stdio.h>
#include <string.h>
#include "subrou.h"
"digest-uri",
"nc",
"nonce",
- "qpop",
+ "qop",
"realm",
"response",
"username",
resp->nonce=rou_freestr(resp->nonce);
resp->nonce=strdup(ptr);
break;
- case 5 : //qpop
- resp->qpop=rou_freestr(resp->qpop);
- resp->qpop=strdup(ptr);
+ case 5 : //qop
+ resp->qop=rou_freestr(resp->qop);
+ resp->qop=strdup(ptr);
break;
case 6 : //realm
resp->realm=rou_freestr(resp->realm);
if (resp!=(RSPTYP *)0) {
resp->response=rou_freestr(resp->response);
resp->charset=rou_freestr(resp->charset);
- resp->qpop=rou_freestr(resp->qpop);
+ resp->qop=rou_freestr(resp->qop);
resp->cnonce=rou_freestr(resp->cnonce);
resp->nonce=rou_freestr(resp->nonce);
resp->digesturi=rou_freestr(resp->digesturi);
#undef OPEP
}
+/*
+\f
+*/
+/********************************************************/
+/* */
+/* Procedure to compute local response to challenge*/
+/* and check if the compupted answer is the same as*/
+/* reponse available within RSPTYP record. */
+/* */
+/********************************************************/
+_Bool dig_checkresp(RSPTYP *resp,char *secret)
+
+{
+_Bool isok;
+char *HA1;
+char *HA2;
+char *HA3;
+char seq[400];
+int phase;
+_Bool proceed;
+
+
+isok=false;
+(void) memset(seq,'\000',sizeof(seq));
+HA1=(char *)0;
+HA2=(char *)0;
+HA3=(char *)0;
+phase=0;
+proceed=(resp!=(RSPTYP *)0);
+while (proceed==true) {
+ switch (phase) {
+ case 0 : { //computing hash HA1
+ MD5TYP *A1;
+
+ (void) snprintf(seq,sizeof(seq),"%s:%s:%s",resp->username,resp->realm,secret);
+ A1=dig_hashmd5((unsigned char *)seq);
+ //algorithm value is "MD5-sess"
+ (void) snprintf(seq,sizeof(seq),"%s:%s:%s",
+ (char *)A1,resp->nonce,resp->cnonce);
+ (void) free(A1);
+ A1=dig_hashmd5((unsigned char *)seq);
+ HA1=cnv_tohexa((char *)A1,sizeof(MD5TYP));
+ (void) free(A1);
+ }
+ break;
+ case 1 : { //computing HA2
+ MD5TYP *A2;
+
+ (void) snprintf(seq,sizeof(seq),"AUTHENTICATE:%s",resp->digesturi);
+ A2=dig_hashmd5((unsigned char *)seq);
+ HA2=cnv_tohexa((char *)A2,sizeof(MD5TYP));
+ (void) free(A2);
+ }
+ break;
+ case 2 : { //computing response
+ MD5TYP *A3;
+
+ (void) snprintf(seq,sizeof(seq),"%s:%s:%08lx:%s:%s:%s",
+ HA1,resp->nonce,resp->nc,
+ resp->cnonce,resp->qop,HA2);
+ A3=dig_hashmd5((unsigned char *)seq);
+ HA3=cnv_tohexa((char *)A3,sizeof(MD5TYP));
+ (void) free(A3);
+ }
+ break;
+ case 3 : //comparing annoced response versus computed response
+ if (strcmp(HA3,resp->response)==0)
+ isok=true;
+ break;
+ default : //SAFE Guard
+ proceed=false;
+ break;
+ }
+ phase++;
+ }
+HA3=rou_freestr(HA3);
+HA2=rou_freestr(HA2);
+HA1=rou_freestr(HA1);
+return isok;
+}
char *nonce; //server nonce
char *cnonce; //client nonce
u_long nc; //nonce count
- char *qpop; //protection quality (authentication)
+ char *qop; //protection quality (authentication)
char *charset; //used carset
char *response; //Challenge md5 response
}RSPTYP;
//MD5 hashing result
-typedef unsigned char MD5TYP[17];
+typedef unsigned char MD5TYP[16];
//procedure to free the response structure
extern RSPTYP *dig_freeresp(RSPTYP *resp);
//Procedure to crypt a string with MD5 hash function
extern char *dig_cryptmd5(const void *key,unsigned char *seq);
+//Procedure to compute local response to challenge and
+//check if the remote session is the same
+extern _Bool dig_checkresp(RSPTYP *resp,char *secret);
+
#endif
vps2: / jmp / mailleur / commitdiff