2 1757e76a 2005-02-13 devnull * HTTPDIGEST - MD5 challenge/response authentication (RFC 2617)
4 1757e76a 2005-02-13 devnull * Client protocol:
5 fa325e9b 2020-01-10 cross * write challenge: nonce method uri
6 1757e76a 2005-02-13 devnull * read response: 2*MD5dlen hex digits
8 1757e76a 2005-02-13 devnull * Server protocol:
9 1757e76a 2005-02-13 devnull * unimplemented
11 1757e76a 2005-02-13 devnull #include "std.h"
12 1757e76a 2005-02-13 devnull #include "dat.h"
14 1757e76a 2005-02-13 devnull static void
15 1757e76a 2005-02-13 devnull digest(char *user, char *realm, char *passwd,
16 1757e76a 2005-02-13 devnull char *nonce, char *method, char *uri,
17 1757e76a 2005-02-13 devnull char *dig);
19 1757e76a 2005-02-13 devnull static int
20 1757e76a 2005-02-13 devnull hdclient(Conv *c)
22 1757e76a 2005-02-13 devnull char *realm, *passwd, *user, *f[4], *s, resp[MD5dlen*2+1];
26 1757e76a 2005-02-13 devnull ret = -1;
29 1757e76a 2005-02-13 devnull c->state = "keylookup";
30 1757e76a 2005-02-13 devnull k = keyfetch(c, "%A", c->attr);
31 1757e76a 2005-02-13 devnull if(k == nil)
32 1757e76a 2005-02-13 devnull goto out;
34 1757e76a 2005-02-13 devnull user = strfindattr(k->attr, "user");
35 1757e76a 2005-02-13 devnull realm = strfindattr(k->attr, "realm");
36 1757e76a 2005-02-13 devnull passwd = strfindattr(k->attr, "!password");
38 1757e76a 2005-02-13 devnull if(convreadm(c, &s) < 0)
39 1757e76a 2005-02-13 devnull goto out;
40 1757e76a 2005-02-13 devnull if(tokenize(s, f, 4) != 3){
41 1757e76a 2005-02-13 devnull werrstr("bad challenge -- want nonce method uri");
42 1757e76a 2005-02-13 devnull goto out;
45 1757e76a 2005-02-13 devnull digest(user, realm, passwd, f[0], f[1], f[2], resp);
46 1757e76a 2005-02-13 devnull convwrite(c, resp, strlen(resp));
51 1757e76a 2005-02-13 devnull keyclose(k);
52 1757e76a 2005-02-13 devnull return ret;
55 1757e76a 2005-02-13 devnull static void
56 1757e76a 2005-02-13 devnull strtolower(char *s)
58 1757e76a 2005-02-13 devnull while(*s){
59 3bd56b04 2005-09-09 devnull *s = tolower((uchar)*s);
64 1757e76a 2005-02-13 devnull static void
65 1757e76a 2005-02-13 devnull digest(char *user, char *realm, char *passwd,
66 1757e76a 2005-02-13 devnull char *nonce, char *method, char *uri,
67 1757e76a 2005-02-13 devnull char *dig)
69 1757e76a 2005-02-13 devnull uchar b[MD5dlen];
70 1757e76a 2005-02-13 devnull char ha1[MD5dlen*2+1];
71 1757e76a 2005-02-13 devnull char ha2[MD5dlen*2+1];
72 1757e76a 2005-02-13 devnull DigestState *s;
75 1757e76a 2005-02-13 devnull * H(A1) = MD5(uid + ":" + realm ":" + passwd)
77 1757e76a 2005-02-13 devnull s = md5((uchar*)user, strlen(user), nil, nil);
78 1757e76a 2005-02-13 devnull md5((uchar*)":", 1, nil, s);
79 1757e76a 2005-02-13 devnull md5((uchar*)realm, strlen(realm), nil, s);
80 1757e76a 2005-02-13 devnull md5((uchar*)":", 1, nil, s);
81 1757e76a 2005-02-13 devnull md5((uchar*)passwd, strlen(passwd), b, s);
82 1757e76a 2005-02-13 devnull enc16(ha1, sizeof(ha1), b, MD5dlen);
83 1757e76a 2005-02-13 devnull strtolower(ha1);
86 1757e76a 2005-02-13 devnull * H(A2) = MD5(method + ":" + uri)
88 1757e76a 2005-02-13 devnull s = md5((uchar*)method, strlen(method), nil, nil);
89 1757e76a 2005-02-13 devnull md5((uchar*)":", 1, nil, s);
90 1757e76a 2005-02-13 devnull md5((uchar*)uri, strlen(uri), b, s);
91 1757e76a 2005-02-13 devnull enc16(ha2, sizeof(ha2), b, MD5dlen);
92 1757e76a 2005-02-13 devnull strtolower(ha2);
95 1757e76a 2005-02-13 devnull * digest = MD5(H(A1) + ":" + nonce + ":" + H(A2))
97 1757e76a 2005-02-13 devnull s = md5((uchar*)ha1, MD5dlen*2, nil, nil);
98 1757e76a 2005-02-13 devnull md5((uchar*)":", 1, nil, s);
99 1757e76a 2005-02-13 devnull md5((uchar*)nonce, strlen(nonce), nil, s);
100 1757e76a 2005-02-13 devnull md5((uchar*)":", 1, nil, s);
101 1757e76a 2005-02-13 devnull md5((uchar*)ha2, MD5dlen*2, b, s);
102 1757e76a 2005-02-13 devnull enc16(dig, MD5dlen*2+1, b, MD5dlen);
103 1757e76a 2005-02-13 devnull strtolower(dig);
106 fa325e9b 2020-01-10 cross static Role hdroles[] =
108 1757e76a 2005-02-13 devnull "client", hdclient,
112 1757e76a 2005-02-13 devnull Proto httpdigest =
114 1757e76a 2005-02-13 devnull "httpdigest",
115 1757e76a 2005-02-13 devnull hdroles,
116 1757e76a 2005-02-13 devnull "user? realm? !password?",