dist/src/mech_crammd5.c

*beea8b97Schristos/* $NetBSD: mech_crammd5.c,v 1.4 2011/02/12 23:21:32 christos Exp $ */
231558cbSagc
231558cbSagc/* Copyright (c) 2010 The NetBSD Foundation, Inc.
231558cbSagc * All rights reserved.
231558cbSagc *
231558cbSagc * This code is derived from software contributed to The NetBSD Foundation
231558cbSagc * by Mateusz Kocielski.
231558cbSagc *
231558cbSagc * Redistribution and use in source and binary forms, with or without
231558cbSagc * modification, are permitted provided that the following conditions
231558cbSagc * are met:
231558cbSagc * 1. Redistributions of source code must retain the above copyright
231558cbSagc *    notice, this list of conditions and the following disclaimer.
231558cbSagc * 2. Redistributions in binary form must reproduce the above copyright
231558cbSagc *    notice, this list of conditions and the following disclaimer in the
231558cbSagc *    documentation and/or other materials provided with the distribution.
231558cbSagc * 3. All advertising materials mentioning features or use of this software
231558cbSagc *    must display the following acknowledgement:
231558cbSagc *        This product includes software developed by the NetBSD
231558cbSagc *        Foundation, Inc. and its contributors.
231558cbSagc * 4. Neither the name of The NetBSD Foundation nor the names of its
231558cbSagc *    contributors may be used to endorse or promote products derived
231558cbSagc *    from this software without specific prior written permission.
231558cbSagc *
231558cbSagc * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
231558cbSagc * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
231558cbSagc * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
231558cbSagc * PURPOSE ARE DISCLAIMED.	IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
231558cbSagc * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
231558cbSagc * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
231558cbSagc * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
231558cbSagc * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
231558cbSagc * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
231558cbSagc * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
231558cbSagc * POSSIBILITY OF SUCH DAMAGE.
231558cbSagc */
19c14409Schristos#include <sys/cdefs.h>
*beea8b97Schristos__RCSID("$NetBSD: mech_crammd5.c,v 1.4 2011/02/12 23:21:32 christos Exp $");
*beea8b97Schristos
*beea8b97Schristos#include <sys/param.h>
231558cbSagc
231558cbSagc#include <saslc.h>
231558cbSagc#include <stdio.h>
231558cbSagc#include <stdlib.h>
231558cbSagc#include <string.h>
231558cbSagc
19c14409Schristos#include "crypto.h"
19c14409Schristos#include "mech.h"
19c14409Schristos#include "saslc_private.h"
19c14409Schristos
19c14409Schristos
19c14409Schristos/* See RFC 2195. */
231558cbSagc
231558cbSagc/* properties */
19c14409Schristos#define SASLC_CRAMMD5_AUTHCID		SASLC_PROP_AUTHCID
19c14409Schristos#define SASLC_CRAMMD5_PASSWD		SASLC_PROP_PASSWD
231558cbSagc
231558cbSagc/**
19c14409Schristos * @brief do one step of the sasl authentication
231558cbSagc * @param sess sasl session
231558cbSagc * @param in input data
231558cbSagc * @param inlen input data length
231558cbSagc * @param out place to store output data
231558cbSagc * @param outlen output data length
231558cbSagc * @return MECH_OK - success,
231558cbSagc * MECH_STEP - more steps are needed,
231558cbSagc * MECH_ERROR - error
231558cbSagc */
231558cbSagcstatic int
231558cbSagcsaslc__mech_crammd5_cont(saslc_sess_t *sess, const void *in, size_t inlen,
231558cbSagc    void **out, size_t *outlen)
231558cbSagc{
19c14409Schristos	const char *authcid, *passwd;
19c14409Schristos	char *digest, *name;
19c14409Schristos	int len, rv;
231558cbSagc
19c14409Schristos	/* in case we are called before getting challenge from server */
231558cbSagc	if (inlen == 0) {
231558cbSagc		*out = NULL;
231558cbSagc		*outlen = 0;
231558cbSagc		return MECH_STEP;
231558cbSagc	}
19c14409Schristos	if ((authcid = saslc_sess_getprop(sess, SASLC_CRAMMD5_AUTHCID))
19c14409Schristos	    == NULL) {
19c14409Schristos		saslc__error_set(ERR(sess), ERROR_MECH,
19c14409Schristos		    "authcid is required for an authentication");
19c14409Schristos		return MECH_ERROR;
19c14409Schristos	}
19c14409Schristos	if ((passwd = saslc_sess_getprop(sess, SASLC_CRAMMD5_PASSWD))
19c14409Schristos	    == NULL) {
19c14409Schristos		saslc__error_set(ERR(sess), ERROR_MECH,
19c14409Schristos		    "passwd is required for an authentication");
19c14409Schristos		return MECH_ERROR;
19c14409Schristos	}
19c14409Schristos	digest = saslc__crypto_hmac_md5_hex((const unsigned char *)passwd,
231558cbSagc					    strlen(passwd), in, inlen);
6b638291Sagc	if (digest == NULL) {
231558cbSagc		saslc__error_set_errno(ERR(sess), ERROR_NOMEM);
231558cbSagc		return MECH_ERROR;
231558cbSagc	}
19c14409Schristos	if ((len = asprintf(&name, "%s %s", authcid, digest)) == -1) {
6b638291Sagc		saslc__error_set_errno(ERR(sess), ERROR_NOMEM);
19c14409Schristos		rv = MECH_ERROR;
6b638291Sagc	}
19c14409Schristos	else {
19c14409Schristos		*out = name;
19c14409Schristos		*outlen = len;	/* don't count the '\0' byte */
19c14409Schristos		rv = MECH_OK;
19c14409Schristos	}
19c14409Schristos	memset(digest, 0, HMAC_MD5_DIGEST_LENGTH);
19c14409Schristos	free(digest);
19c14409Schristos	return rv;
231558cbSagc}
231558cbSagc
231558cbSagc/* mechanism definition */
231558cbSagcconst saslc__mech_t saslc__mech_crammd5 = {
19c14409Schristos	.name	 = "CRAM-MD5",
19c14409Schristos	.flags	 = FLAG_DICTIONARY,
19c14409Schristos	.create	 = saslc__mech_generic_create,
19c14409Schristos	.cont	 = saslc__mech_crammd5_cont,
19c14409Schristos	.encode	 = NULL,
19c14409Schristos	.decode	 = NULL,
19c14409Schristos	.destroy = saslc__mech_generic_destroy
231558cbSagc};