X-Git-Url: https://git.ozlabs.org/?a=blobdiff_plain;f=pppd%2Fchap-md5.c;h=8bcbbba6b025a41fee3716e47f0e3b2509ca54b8;hb=844b69d854d80925fa97e5f9c971ec5d27d19f32;hp=2529f4e54d34d40b571024295312e59615a7ede9;hpb=71d3de90eae52087b405e962ca650b71cec79c67;p=ppp.git diff --git a/pppd/chap-md5.c b/pppd/chap-md5.c index 2529f4e..8bcbbba 100644 --- a/pppd/chap-md5.c +++ b/pppd/chap-md5.c @@ -10,16 +10,11 @@ * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. The name(s) of the authors of this software must not be used to + * 2. The name(s) of the authors of this software must not be used to * endorse or promote products derived from this software without * prior written permission. * - * 4. Redistributions of any form whatsoever must retain the following + * 3. Redistributions of any form whatsoever must retain the following * acknowledgment: * "This product includes software developed by Paul Mackerras * ". @@ -33,7 +28,11 @@ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -#define RCSID "$Id" +#define RCSID "$Id: chap-md5.c,v 1.4 2004/11/09 22:39:25 paulus Exp $" + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif #include #include @@ -41,9 +40,8 @@ #include "chap-new.h" #include "chap-md5.h" #include "magic.h" -#include "md5.h" +#include "ppp-crypto.h" -#define MD5_HASH_SIZE 16 #define MD5_MIN_CHALLENGE 16 #define MD5_MAX_CHALLENGE 24 @@ -64,27 +62,43 @@ chap_md5_verify_response(int id, char *name, unsigned char *challenge, unsigned char *response, char *message, int message_space) { - MD5_CTX ctx; unsigned char idbyte = id; - unsigned char hash[MD5_HASH_SIZE]; + unsigned char hash[MD5_DIGEST_LENGTH]; + unsigned int hash_len = MD5_DIGEST_LENGTH; int challenge_len, response_len; + bool success = 0; challenge_len = *challenge++; response_len = *response++; - if (response_len == MD5_HASH_SIZE) { + if (response_len == MD5_DIGEST_LENGTH) { + /* Generate hash of ID, secret, challenge */ - MD5Init(&ctx); - MD5Update(&ctx, &idbyte, 1); - MD5Update(&ctx, secret, secret_len); - MD5Update(&ctx, challenge, challenge_len); - MD5Final(hash, &ctx); - - /* Test if our hash matches the peer's response */ - if (memcmp(hash, response, MD5_HASH_SIZE) == 0) { - slprintf(message, message_space, "Access granted"); - return 1; + PPP_MD_CTX* ctx = PPP_MD_CTX_new(); + if (ctx) { + + if (PPP_DigestInit(ctx, PPP_md5())) { + + if (PPP_DigestUpdate(ctx, &idbyte, 1)) { + + if (PPP_DigestUpdate(ctx, secret, secret_len)) { + + if (PPP_DigestUpdate(ctx, challenge, challenge_len)) { + + if (PPP_DigestFinal(ctx, hash, &hash_len)) { + + success = 1; + } + } + } + } + } + PPP_MD_CTX_free(ctx); } } + if (success && memcmp(hash, response, hash_len) == 0) { + slprintf(message, message_space, "Access granted"); + return 1; + } slprintf(message, message_space, "Access denied"); return 0; } @@ -94,16 +108,31 @@ chap_md5_make_response(unsigned char *response, int id, char *our_name, unsigned char *challenge, char *secret, int secret_len, unsigned char *private) { - MD5_CTX ctx; unsigned char idbyte = id; int challenge_len = *challenge++; + int hash_len = MD5_DIGEST_LENGTH; + + PPP_MD_CTX* ctx = PPP_MD_CTX_new(); + if (ctx) { + + if (PPP_DigestInit(ctx, PPP_md5())) { + + if (PPP_DigestUpdate(ctx, &idbyte, 1)) { + + if (PPP_DigestUpdate(ctx, secret, secret_len)) { - MD5Init(&ctx); - MD5Update(&ctx, &idbyte, 1); - MD5Update(&ctx, secret, secret_len); - MD5Update(&ctx, challenge, challenge_len); - MD5Final(&response[1], &ctx); - response[0] = MD5_HASH_SIZE; + if (PPP_DigestUpdate(ctx, challenge, challenge_len)) { + + if (PPP_DigestFinal(ctx, &response[1], &hash_len)) { + + response[0] = hash_len; + } + } + } + } + } + PPP_MD_CTX_free(ctx); + } } static struct chap_digest_type md5_digest = {