Lee Kai Xuan
/
mbed-os
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Fork of
mbed-os
by 
erkin yucel
Embed:
(wiki syntax)
Show/hide line numbers
lwip_chap-md5.c
00001 /* 00002 * chap-md5.c - New CHAP/MD5 implementation. 00003 * 00004 * Copyright (c) 2003 Paul Mackerras. All rights reserved. 00005 * 00006 * Redistribution and use in source and binary forms, with or without 00007 * modification, are permitted provided that the following conditions 00008 * are met: 00009 * 00010 * 1. Redistributions of source code must retain the above copyright 00011 * notice, this list of conditions and the following disclaimer. 00012 * 00013 * 2. The name(s) of the authors of this software must not be used to 00014 * endorse or promote products derived from this software without 00015 * prior written permission. 00016 * 00017 * 3. Redistributions of any form whatsoever must retain the following 00018 * acknowledgment: 00019 * "This product includes software developed by Paul Mackerras 00020 * <paulus@samba.org>". 00021 * 00022 * THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO 00023 * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 00024 * AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY 00025 * SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 00026 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN 00027 * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING 00028 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 00029 */ 00030 00031 #include "netif/ppp/ppp_opts.h" 00032 #if PPP_SUPPORT && CHAP_SUPPORT /* don't build if not configured for use in lwipopts.h */ 00033 00034 #if 0 /* UNUSED */ 00035 #include <stdlib.h> 00036 #include <string.h> 00037 #endif /* UNUSED */ 00038 00039 #include "netif/ppp/ppp_impl.h" 00040 00041 #include "netif/ppp/chap-new.h" 00042 #include "netif/ppp/chap-md5.h" 00043 #include "netif/ppp/magic.h" 00044 #include "netif/ppp/pppcrypt.h" 00045 00046 #define MD5_HASH_SIZE 16 00047 #define MD5_MIN_CHALLENGE 17 00048 #define MD5_MAX_CHALLENGE 24 00049 #define MD5_MIN_MAX_POWER_OF_TWO_CHALLENGE 3 /* 2^3-1 = 7, 17+7 = 24 */ 00050 00051 #if PPP_SERVER 00052 static void chap_md5_generate_challenge(ppp_pcb *pcb, unsigned char *cp) { 00053 int clen; 00054 LWIP_UNUSED_ARG(pcb); 00055 00056 clen = MD5_MIN_CHALLENGE + magic_pow(MD5_MIN_MAX_POWER_OF_TWO_CHALLENGE); 00057 *cp++ = clen; 00058 magic_random_bytes(cp, clen); 00059 } 00060 00061 static int chap_md5_verify_response(ppp_pcb *pcb, int id, const char *name, 00062 const unsigned char *secret, int secret_len, 00063 const unsigned char *challenge, const unsigned char *response, 00064 char *message, int message_space) { 00065 lwip_md5_context ctx; 00066 unsigned char idbyte = id; 00067 unsigned char hash[MD5_HASH_SIZE]; 00068 int challenge_len, response_len; 00069 LWIP_UNUSED_ARG(name); 00070 LWIP_UNUSED_ARG(pcb); 00071 00072 challenge_len = *challenge++; 00073 response_len = *response++; 00074 if (response_len == MD5_HASH_SIZE) { 00075 /* Generate hash of ID, secret, challenge */ 00076 lwip_md5_init(&ctx); 00077 lwip_md5_starts(&ctx); 00078 lwip_md5_update(&ctx, &idbyte, 1); 00079 lwip_md5_update(&ctx, secret, secret_len); 00080 lwip_md5_update(&ctx, challenge, challenge_len); 00081 lwip_md5_finish(&ctx, hash); 00082 lwip_md5_free(&ctx); 00083 00084 /* Test if our hash matches the peer's response */ 00085 if (memcmp(hash, response, MD5_HASH_SIZE) == 0) { 00086 ppp_slprintf(message, message_space, "Access granted"); 00087 return 1; 00088 } 00089 } 00090 ppp_slprintf(message, message_space, "Access denied"); 00091 return 0; 00092 } 00093 #endif /* PPP_SERVER */ 00094 00095 static void chap_md5_make_response(ppp_pcb *pcb, unsigned char *response, int id, const char *our_name, 00096 const unsigned char *challenge, const char *secret, int secret_len, 00097 unsigned char *private_) { 00098 lwip_md5_context ctx; 00099 unsigned char idbyte = id; 00100 int challenge_len = *challenge++; 00101 LWIP_UNUSED_ARG(our_name); 00102 LWIP_UNUSED_ARG(private_); 00103 LWIP_UNUSED_ARG(pcb); 00104 00105 lwip_md5_init(&ctx); 00106 lwip_md5_starts(&ctx); 00107 lwip_md5_update(&ctx, &idbyte, 1); 00108 lwip_md5_update(&ctx, (const u_char *)secret, secret_len); 00109 lwip_md5_update(&ctx, challenge, challenge_len); 00110 lwip_md5_finish(&ctx, &response[1]); 00111 lwip_md5_free(&ctx); 00112 response[0] = MD5_HASH_SIZE; 00113 } 00114 00115 const struct chap_digest_type md5_digest = { 00116 CHAP_MD5, /* code */ 00117 #if PPP_SERVER 00118 chap_md5_generate_challenge, 00119 chap_md5_verify_response, 00120 #endif /* PPP_SERVER */ 00121 chap_md5_make_response, 00122 NULL, /* check_success */ 00123 NULL, /* handle_failure */ 00124 }; 00125 00126 #endif /* PPP_SUPPORT && CHAP_SUPPORT */
Generated on Tue Jul 12 2022 13:15:52 by
1.7.2