* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. The name(s) of the authors of this software must not be used to
+ * 2. The name(s) of the authors of this software must not be used to
* endorse or promote products derived from this software without
* prior written permission.
*
- * 4. Redistributions of any form whatsoever must retain the following
+ * 3. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by Paul Mackerras
* <paulus@samba.org>".
* OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
-#define RCSID "$Id"
+#define RCSID "$Id: chap-md5.c,v 1.4 2004/11/09 22:39:25 paulus Exp $"
+
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+#endif
#include <stdlib.h>
#include <string.h>
-#include "pppd.h"
-#include "chap-new.h"
+#include "pppd-private.h"
+#include "chap.h"
#include "chap-md5.h"
#include "magic.h"
-#include "md5.h"
+#include "crypto.h"
-#define MD5_HASH_SIZE 16
#define MD5_MIN_CHALLENGE 16
#define MD5_MAX_CHALLENGE 24
unsigned char *challenge, unsigned char *response,
char *message, int message_space)
{
- MD5_CTX ctx;
unsigned char idbyte = id;
- unsigned char hash[MD5_HASH_SIZE];
+ unsigned char hash[MD5_DIGEST_LENGTH];
+ unsigned int hash_len = MD5_DIGEST_LENGTH;
int challenge_len, response_len;
+ bool success = 0;
challenge_len = *challenge++;
response_len = *response++;
- if (response_len == MD5_HASH_SIZE) {
+ if (response_len == MD5_DIGEST_LENGTH) {
+
/* Generate hash of ID, secret, challenge */
- MD5Init(&ctx);
- MD5Update(&ctx, &idbyte, 1);
- MD5Update(&ctx, secret, secret_len);
- MD5Update(&ctx, challenge, challenge_len);
- MD5Final(hash, &ctx);
-
- /* Test if our hash matches the peer's response */
- if (memcmp(hash, response, MD5_HASH_SIZE) == 0) {
- slprintf(message, message_space, "Access granted");
- return 1;
+ PPP_MD_CTX* ctx = PPP_MD_CTX_new();
+ if (ctx) {
+
+ if (PPP_DigestInit(ctx, PPP_md5())) {
+
+ if (PPP_DigestUpdate(ctx, &idbyte, 1)) {
+
+ if (PPP_DigestUpdate(ctx, secret, secret_len)) {
+
+ if (PPP_DigestUpdate(ctx, challenge, challenge_len)) {
+
+ if (PPP_DigestFinal(ctx, hash, &hash_len)) {
+
+ success = 1;
+ }
+ }
+ }
+ }
+ }
+ PPP_MD_CTX_free(ctx);
}
}
+ if (success && memcmp(hash, response, hash_len) == 0) {
+ slprintf(message, message_space, "Access granted");
+ return 1;
+ }
slprintf(message, message_space, "Access denied");
return 0;
}
unsigned char *challenge, char *secret, int secret_len,
unsigned char *private)
{
- MD5_CTX ctx;
unsigned char idbyte = id;
int challenge_len = *challenge++;
+ int hash_len = MD5_DIGEST_LENGTH;
+
+ PPP_MD_CTX* ctx = PPP_MD_CTX_new();
+ if (ctx) {
+
+ if (PPP_DigestInit(ctx, PPP_md5())) {
+
+ if (PPP_DigestUpdate(ctx, &idbyte, 1)) {
+
+ if (PPP_DigestUpdate(ctx, secret, secret_len)) {
- MD5Init(&ctx);
- MD5Update(&ctx, &idbyte, 1);
- MD5Update(&ctx, secret, secret_len);
- MD5Update(&ctx, challenge, challenge_len);
- MD5Final(&response[1], &ctx);
- response[0] = MD5_HASH_SIZE;
+ if (PPP_DigestUpdate(ctx, challenge, challenge_len)) {
+
+ if (PPP_DigestFinal(ctx, &response[1], &hash_len)) {
+
+ response[0] = hash_len;
+ }
+ }
+ }
+ }
+ }
+ PPP_MD_CTX_free(ctx);
+ }
}
static struct chap_digest_type md5_digest = {