1*a6eb37b5Syasuoka /* $OpenBSD: radius_subr.c,v 1.1 2024/07/14 15:31:49 yasuoka Exp $ */
2*a6eb37b5Syasuoka
3*a6eb37b5Syasuoka /*
4*a6eb37b5Syasuoka * Copyright (c) 2013, 2023 Internet Initiative Japan Inc.
5*a6eb37b5Syasuoka *
6*a6eb37b5Syasuoka * Permission to use, copy, modify, and distribute this software for any
7*a6eb37b5Syasuoka * purpose with or without fee is hereby granted, provided that the above
8*a6eb37b5Syasuoka * copyright notice and this permission notice appear in all copies.
9*a6eb37b5Syasuoka *
10*a6eb37b5Syasuoka * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11*a6eb37b5Syasuoka * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12*a6eb37b5Syasuoka * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13*a6eb37b5Syasuoka * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14*a6eb37b5Syasuoka * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15*a6eb37b5Syasuoka * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16*a6eb37b5Syasuoka * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17*a6eb37b5Syasuoka */
18*a6eb37b5Syasuoka
19*a6eb37b5Syasuoka #include <sys/types.h>
20*a6eb37b5Syasuoka
21*a6eb37b5Syasuoka #include <md5.h>
22*a6eb37b5Syasuoka #include <string.h>
23*a6eb37b5Syasuoka
24*a6eb37b5Syasuoka #include "radius_subr.h"
25*a6eb37b5Syasuoka
26*a6eb37b5Syasuoka void
radius_attr_hide(const char * secret,const char * authenticator,const u_char * salt,u_char * plain,int plainlen)27*a6eb37b5Syasuoka radius_attr_hide(const char *secret, const char *authenticator,
28*a6eb37b5Syasuoka const u_char *salt, u_char *plain, int plainlen)
29*a6eb37b5Syasuoka {
30*a6eb37b5Syasuoka int i, j;
31*a6eb37b5Syasuoka u_char b[16];
32*a6eb37b5Syasuoka MD5_CTX md5ctx;
33*a6eb37b5Syasuoka
34*a6eb37b5Syasuoka i = 0;
35*a6eb37b5Syasuoka do {
36*a6eb37b5Syasuoka MD5Init(&md5ctx);
37*a6eb37b5Syasuoka MD5Update(&md5ctx, secret, strlen(secret));
38*a6eb37b5Syasuoka if (i == 0) {
39*a6eb37b5Syasuoka MD5Update(&md5ctx, authenticator, 16);
40*a6eb37b5Syasuoka if (salt != NULL)
41*a6eb37b5Syasuoka MD5Update(&md5ctx, salt, 2);
42*a6eb37b5Syasuoka } else
43*a6eb37b5Syasuoka MD5Update(&md5ctx, plain + i - 16, 16);
44*a6eb37b5Syasuoka MD5Final(b, &md5ctx);
45*a6eb37b5Syasuoka
46*a6eb37b5Syasuoka for (j = 0; j < 16 && i < plainlen; i++, j++)
47*a6eb37b5Syasuoka plain[i] ^= b[j];
48*a6eb37b5Syasuoka } while (i < plainlen);
49*a6eb37b5Syasuoka }
50*a6eb37b5Syasuoka
51*a6eb37b5Syasuoka void
radius_attr_unhide(const char * secret,const char * authenticator,const u_char * salt,u_char * crypt0,int crypt0len)52*a6eb37b5Syasuoka radius_attr_unhide(const char *secret, const char *authenticator,
53*a6eb37b5Syasuoka const u_char *salt, u_char *crypt0, int crypt0len)
54*a6eb37b5Syasuoka {
55*a6eb37b5Syasuoka int i, j;
56*a6eb37b5Syasuoka u_char b[16];
57*a6eb37b5Syasuoka MD5_CTX md5ctx;
58*a6eb37b5Syasuoka
59*a6eb37b5Syasuoka i = 16 * ((crypt0len - 1) / 16);
60*a6eb37b5Syasuoka while (i >= 0) {
61*a6eb37b5Syasuoka MD5Init(&md5ctx);
62*a6eb37b5Syasuoka MD5Update(&md5ctx, secret, strlen(secret));
63*a6eb37b5Syasuoka if (i == 0) {
64*a6eb37b5Syasuoka MD5Update(&md5ctx, authenticator, 16);
65*a6eb37b5Syasuoka if (salt != NULL)
66*a6eb37b5Syasuoka MD5Update(&md5ctx, salt, 2);
67*a6eb37b5Syasuoka } else
68*a6eb37b5Syasuoka MD5Update(&md5ctx, crypt0 + i - 16, 16);
69*a6eb37b5Syasuoka MD5Final(b, &md5ctx);
70*a6eb37b5Syasuoka
71*a6eb37b5Syasuoka for (j = 0; j < 16 && i + j < crypt0len; j++)
72*a6eb37b5Syasuoka crypt0[i + j] ^= b[j];
73*a6eb37b5Syasuoka i -= 16;
74*a6eb37b5Syasuoka }
75*a6eb37b5Syasuoka }
76