Example #1
0
// Test vectors from RFC 6070.  (See file header, above.)
bool PBKDF2_TEST()
{  
   MemBuf mDig(100);
   MemBuf mOut(100);   
   
   CvtHex( "0c60c80f961f0e71f3a9b524af6012062fe037a6", mDig );
   if (0 != memcmp( mDig, PBKDF2("password", "salt", 1, 20, mOut), 20 )) { return false; }

   CvtHex( "ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957", mDig );
   if (0 != memcmp( mDig, PBKDF2("password", "salt", 2, 20, mOut), 20 )) { return false; }

   CvtHex( "4b007901b765489abead49d926f721d065a429c1", mDig );
   if (0 != memcmp( mDig, PBKDF2("password", "salt", 4096, 20, mOut), 20)) { return false; }

   // This one is rather time consuming.
   //CvtHex( "eefe3d61cd4da4e4e9945b3d6ba2158c2634e984", mDig );
   //if (0 != memcmp( mDig, PBKDF2("password", "salt", 16777216, 20, mOut), 20)) { return false; }

   CvtHex( "3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038", mDig );
   if (0 != memcmp( mDig, PBKDF2("passwordPASSWORDpassword", "saltSALTsaltSALTsaltSALTsaltSALTsalt", 4096, 25, mOut), 25)) { return false; }

   CvtHex( "56fa6aa75548099dcc37d7f03425e0c3", mDig );
   BYTE text[] = { 'p', 'a', 's', 's', 0, 'w', 'o', 'r', 'd' } ;
   BYTE salt[] = { 's', 'a', 0, 'l', 't' } ;   
   if (0 != memcmp( mDig, PBKDF2( MemBuf(text,NELEM(text)), MemBuf(salt,NELEM(salt)), 4096, 16, mOut), 16)) { return false; }

   return true;
}
Example #2
0
bool WPAPSK_TEST() {

   MemBuf mDig(32);
   MemBuf mOut(32);   
   
   CvtHex( "f42c6fc52df0ebef9ebb4b90b38a5f902e83fe1b135a70e23aed762e9710a12e", mDig );
   if (0 != memcmp( mDig, WPAPSK("password", "IEEE",  mOut), 32 )) { 
      return false; 
   }   
   
   CvtHex( "0dc0d6eb90555ed6419756b9a15ec3e3209b63df707dd508d14581f8982721af", mDig );
   if (0 != memcmp( mDig, WPAPSK("ThisIsAPassword", "ThisIsASSID",  mOut), 32 )) { return false; }      
   
   CvtHex( "becb93866bb8c3832cb777c2f559807c8c59afcb6eae734885001300a981cc62", mDig );   
   if (0 != memcmp( mDig, WPAPSK("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ",  mOut), 32 )) { return false; }      

   return true;   
}
Example #3
0
int
eXosip_reg_init (eXosip_reg_t ** jr, const char *from, const char *proxy,
                 const char *contact)
{
  static int r_id;

  *jr = (eXosip_reg_t *) osip_malloc (sizeof (eXosip_reg_t));
  if (*jr == NULL)
    return -1;

  if (r_id > 1000000)           /* keep it non-negative */
    r_id = 0;

  memset (*jr, '\0', sizeof (eXosip_reg_t));

  (*jr)->r_id = ++r_id;
  (*jr)->r_reg_period = 3600;   /* delay between registration */
  (*jr)->r_aor = osip_strdup (from);    /* sip identity */
  (*jr)->r_contact = osip_strdup (contact);     /* sip identity */
  (*jr)->r_registrar = osip_strdup (proxy);     /* registrar */

  {
	  MD5_CTX Md5Ctx;
	  HASH hval;
	  HASHHEX key_line;

	  MD5Init (&Md5Ctx);
	  MD5Update (&Md5Ctx, (unsigned char *) from, strlen (from));
	  MD5Update (&Md5Ctx, (unsigned char *) ":", 1);
	  MD5Update (&Md5Ctx, (unsigned char *) proxy, strlen (proxy));
	  MD5Final ((unsigned char *) hval, &Md5Ctx);
	  CvtHex (hval, key_line);

	  osip_strncpy((*jr)->r_line, key_line,
		  sizeof((*jr)->r_line));
  }

  return 0;
}
Example #4
0
int
eXosip_reg_init(eXosip_reg_t ** jr, const char *from, const char *proxy,
				const char *contact)
{
	static int r_id = 0;

	*jr = (eXosip_reg_t *) osip_malloc(sizeof(eXosip_reg_t));
	if (*jr == NULL)
		return OSIP_NOMEM;

	if (r_id == 32767)			/* keep it non-negative */
		r_id = 0;

	memset(*jr, '\0', sizeof(eXosip_reg_t));

	(*jr)->r_id = ++r_id;
	(*jr)->r_reg_period = 3600;	/* delay between registration */
	(*jr)->r_aor = osip_strdup(from);	/* sip identity */
	if ((*jr)->r_aor == NULL) {
		osip_free(*jr);
		*jr = NULL;
		return OSIP_NOMEM;
	}
	(*jr)->r_contact = osip_strdup(contact);	/* sip identity */
	(*jr)->r_registrar = osip_strdup(proxy);	/* registrar */
	if ((*jr)->r_registrar == NULL) {
		osip_free((*jr)->r_contact);
		osip_free((*jr)->r_aor);
		osip_free(*jr);
		*jr = NULL;
		return OSIP_NOMEM;
	}

	{
		osip_MD5_CTX Md5Ctx;
		HASH hval;
		HASHHEX key_line;
		char localip[128];
		char firewall_ip[65];
		char firewall_port[10];

		memset(localip, '\0', sizeof(localip));
		memset(firewall_ip, '\0', sizeof(firewall_ip));
		memset(firewall_port, '\0', sizeof(firewall_port));

		eXosip_guess_localip(AF_INET, localip, 128);
		if (eXosip.eXtl != NULL && eXosip.eXtl->tl_get_masquerade_contact != NULL) {
			eXosip.eXtl->tl_get_masquerade_contact(firewall_ip,
												   sizeof(firewall_ip),
												   firewall_port,
												   sizeof(firewall_port));
		}

		osip_MD5Init(&Md5Ctx);
		osip_MD5Update(&Md5Ctx, (unsigned char *) from, strlen(from));
		osip_MD5Update(&Md5Ctx, (unsigned char *) ":", 1);
		osip_MD5Update(&Md5Ctx, (unsigned char *) proxy, strlen(proxy));
		osip_MD5Update(&Md5Ctx, (unsigned char *) ":", 1);
		osip_MD5Update(&Md5Ctx, (unsigned char *) localip, strlen(localip));
		osip_MD5Update(&Md5Ctx, (unsigned char *) ":", 1);
		osip_MD5Update(&Md5Ctx, (unsigned char *) firewall_ip,
					   strlen(firewall_ip));
		osip_MD5Update(&Md5Ctx, (unsigned char *) ":", 1);
		osip_MD5Update(&Md5Ctx, (unsigned char *) firewall_port,
					   strlen(firewall_port));
		osip_MD5Final((unsigned char *) hval, &Md5Ctx);
		CvtHex(hval, key_line);

		osip_strncpy((*jr)->r_line, key_line, sizeof((*jr)->r_line) - 1);
	}

	return OSIP_SUCCESS;
}
Example #5
0
int
_eXosip_reg_init (struct eXosip_t *excontext, eXosip_reg_t ** jr, const char *from, const char *proxy, const char *contact)
{
  static int r_id = 0;

  *jr = (eXosip_reg_t *) osip_malloc (sizeof (eXosip_reg_t));
  if (*jr == NULL)
    return OSIP_NOMEM;

  if (r_id == INT_MAX)            /* keep it non-negative */
    r_id = 0;

  memset (*jr, '\0', sizeof (eXosip_reg_t));

  (*jr)->r_id = ++r_id;
  (*jr)->r_reg_period = 3600;   /* delay between registration */
  (*jr)->r_aor = osip_strdup (from);    /* sip identity */
  if ((*jr)->r_aor == NULL) {
    osip_free (*jr);
    *jr = NULL;
    return OSIP_NOMEM;
  }
  (*jr)->r_contact = osip_strdup (contact);     /* sip identity */
  (*jr)->r_registrar = osip_strdup (proxy);     /* registrar */
  if ((*jr)->r_registrar == NULL) {
    osip_free ((*jr)->r_contact);
    osip_free ((*jr)->r_aor);
    osip_free (*jr);
    *jr = NULL;
    return OSIP_NOMEM;
  }

  {
    osip_MD5_CTX Md5Ctx;
    HASH hval;
    HASHHEX key_line;
    char localip[128];
    char firewall_ip[65];
    char firewall_port[10];
    char somerandom[31];

    memset (somerandom, 0, sizeof (somerandom));
    eXosip_generate_random (somerandom, 16);

    memset (localip, '\0', sizeof (localip));
    memset (firewall_ip, '\0', sizeof (firewall_ip));
    memset (firewall_port, '\0', sizeof (firewall_port));

    eXosip_guess_localip (excontext, AF_INET, localip, 128);
    if (excontext->eXtl_transport.tl_get_masquerade_contact != NULL) {
      excontext->eXtl_transport.tl_get_masquerade_contact (excontext, firewall_ip, sizeof (firewall_ip), firewall_port, sizeof (firewall_port));
    }

    osip_MD5Init (&Md5Ctx);
    osip_MD5Update (&Md5Ctx, (unsigned char *) from, (unsigned int) strlen (from));
    osip_MD5Update (&Md5Ctx, (unsigned char *) ":", 1);
    osip_MD5Update (&Md5Ctx, (unsigned char *) proxy, (unsigned int) strlen (proxy));
    osip_MD5Update (&Md5Ctx, (unsigned char *) ":", 1);
    osip_MD5Update (&Md5Ctx, (unsigned char *) localip, (unsigned int) strlen (localip));
    osip_MD5Update (&Md5Ctx, (unsigned char *) ":", 1);
    osip_MD5Update (&Md5Ctx, (unsigned char *) firewall_ip, (unsigned int) strlen (firewall_ip));
    osip_MD5Update (&Md5Ctx, (unsigned char *) ":", 1);
    osip_MD5Update (&Md5Ctx, (unsigned char *) firewall_port, (unsigned int) strlen (firewall_port));

    /* previously, "line" was common accross several identical restart. */
    /* including random will help to read a correct "expires" parameter */
    /* from 2xx REGISTER answers */
    osip_MD5Update (&Md5Ctx, (unsigned char *) ":", 1);
    osip_MD5Update (&Md5Ctx, (unsigned char *) somerandom, (unsigned int) strlen (somerandom));

    osip_MD5Final ((unsigned char *) hval, &Md5Ctx);
    CvtHex (hval, key_line);

    osip_strncpy ((*jr)->r_line, key_line, sizeof ((*jr)->r_line) - 1);
  }

  return OSIP_SUCCESS;
}
Example #6
0
/*
 * SIP_CALCULATE_BRANCH
 *
 * Calculates a branch parameter according to RFC3261 section 16.11
 *
 * The returned 'id' will be HASHHEXLEN + strlen(magic_cookie)
 * characters (32 + 7) long. The caller must supply at least this
 * amount of space in 'id'.
 *
 * RETURNS
 *	STS_SUCCESS on success
 *	STS_FAILURE on error
 */
int  sip_calculate_branch_id (sip_ticket_t *ticket, char *id) {
/* RFC3261 section 16.11 recommends the following procedure:
 *   The stateless proxy MAY use any technique it likes to guarantee
 *   uniqueness of its branch IDs across transactions.  However, the
 *   following procedure is RECOMMENDED.  The proxy examines the
 *   branch ID in the topmost Via header field of the received
 *   request.  If it begins with the magic cookie, the first
 *   component of the branch ID of the outgoing request is computed
 *   as a hash of the received branch ID.  Otherwise, the first
 *   component of the branch ID is computed as a hash of the topmost
 *   Via, the tag in the To header field, the tag in the From header
 *   field, the Call-ID header field, the CSeq number (but not
 *   method), and the Request-URI from the received request.  One of
 *   these fields will always vary across two different
 *   transactions.
 *
 * The branch value will consist of:
 * - magic cookie "z9hG4bK"
 * - 1st part (unique calculated ID
 * - 2nd part (value for loop detection) <<- not yet used by siproxd
 */
   osip_message_t *sip_msg=ticket->sipmsg;
   static char *magic_cookie="z9hG4bK";
   osip_via_t *via;
   osip_uri_param_t *param=NULL;
   osip_call_id_t *call_id=NULL;
   HASHHEX hashstring;

   hashstring[0]='\0';

   /*
    * Examine topmost via and look for a magic cookie.
    * If it is there, I use THIS branch parameter as input for
    * our hash calculation
    */
   via = osip_list_get (sip_msg->vias, 0);
   if (via == NULL) {
      ERROR("have a SIP message without any via header");
      return STS_FAILURE;
   }

   param=NULL;
   osip_via_param_get_byname(via, "branch", &param);
   if (param && param->gvalue) {
      DEBUGC(DBCLASS_BABBLE, "looking for magic cookie [%s]",param->gvalue);
      if (strncmp(param->gvalue, magic_cookie,
                  strlen(magic_cookie))==0) {
         /* calculate MD5 hash */
         MD5_CTX Md5Ctx;
         HASH HA1;

         MD5Init(&Md5Ctx);
         MD5Update(&Md5Ctx, param->gvalue,
                   strlen(param->gvalue));
         MD5Final(HA1, &Md5Ctx);
         CvtHex(HA1, hashstring);

         DEBUGC(DBCLASS_BABBLE, "existing branch -> branch hash [%s]",
                hashstring);
      }
   }

   /*
    * If I don't have a branch parameter in the existing topmost via,
    * then I need:
    *   - the topmost via
    *   - the tag in the To header field
    *   - the tag in the From header field
    *   - the Call-ID header field
    *   - the CSeq number (but not method)
    *   - the Request-URI from the received request
    */
   if (hashstring[0] == '\0') {
      /* calculate MD5 hash */
      MD5_CTX Md5Ctx;
      HASH HA1;
      char *tmp;

      MD5Init(&Md5Ctx);

      /* topmost via */
      osip_via_to_str(via, &tmp);
      if (tmp) {
         MD5Update(&Md5Ctx, tmp, strlen(tmp));
         osip_free(tmp);
      }
     
      /* Tag in To header */
      osip_to_get_tag(sip_msg->to, &param);
      if (param && param->gvalue) {
         MD5Update(&Md5Ctx, param->gvalue, strlen(param->gvalue));
      }

      /* Tag in From header */
      osip_from_get_tag(sip_msg->from, &param);
      if (param && param->gvalue) {
         MD5Update(&Md5Ctx, param->gvalue, strlen(param->gvalue));
      }

      /* Call-ID */
      call_id = osip_message_get_call_id(sip_msg);
      osip_call_id_to_str(call_id, &tmp);
      if (tmp) {
         MD5Update(&Md5Ctx, tmp, strlen(tmp));
         osip_free(tmp);
      }

      /* CSeq number (but not method) */
      tmp = osip_cseq_get_number(sip_msg->cseq);
      if (tmp) {
         MD5Update(&Md5Ctx, tmp, strlen(tmp));
      }
 
      /* Request URI */
      osip_uri_to_str(sip_msg->req_uri, &tmp);
      if (tmp) {
         MD5Update(&Md5Ctx, tmp, strlen(tmp));
         osip_free(tmp);
      }

      MD5Final(HA1, &Md5Ctx);
      CvtHex(HA1, hashstring);

      DEBUGC(DBCLASS_BABBLE, "non-existing branch -> branch hash [%s]",
             hashstring);
   }

   /* include the magic cookie */
   sprintf(id, "%s%s", magic_cookie, hashstring);

   return STS_SUCCESS;
}