int crsha1(char *username, const char *password, const char *challenge, const char *response) { char buf[1024]; SHA1_CTX ctx; unsigned char digest[20]; char hexbuf[sizeof(digest) * 2 + 1]; hmacsha1 hmac; /* not sure how this helps but the RFC says to do it... */ SHA1Init(&ctx); SHA1Update(&ctx, (unsigned char *)password, strlen(password)); SHA1Final(digest, &ctx); snprintf(buf, sizeof(buf), "%s:%s", username, hmac_printhex(digest, hexbuf, sizeof(digest))); SHA1Init(&ctx); SHA1Update(&ctx, (unsigned char *)buf, strlen(buf)); SHA1Final(digest, &ctx); hmacsha1_init(&hmac, (unsigned char *)hmac_printhex(digest, hexbuf, sizeof(digest)), sizeof(digest) * 2); hmacsha1_update(&hmac, (unsigned char *)challenge, strlen(challenge)); hmacsha1_final(&hmac, digest); hmac_printhex(digest, hexbuf, sizeof(digest)); if(!hmac_strcmp(hmac_printhex(digest, hexbuf, sizeof(digest)), response)) return 1; return 0; }
int crmd5(char *username, const char *password, const char *challenge, const char *response) { char buf[1024]; MD5Context ctx; unsigned char digest[16]; char hexbuf[sizeof(digest) * 2 + 1]; hmacmd5 hmac; /* not sure how this helps but the RFC says to do it... */ MD5Init(&ctx); MD5Update(&ctx, (unsigned char *)password, strlen(password)); MD5Final(digest, &ctx); snprintf(buf, sizeof(buf), "%s:%s", username, hmac_printhex(digest, hexbuf, sizeof(digest))); MD5Init(&ctx); MD5Update(&ctx, (unsigned char *)buf, strlen(buf)); MD5Final(digest, &ctx); hmacmd5_init(&hmac, (unsigned char *)hmac_printhex(digest, hexbuf, sizeof(digest)), sizeof(digest) * 2); hmacmd5_update(&hmac, (unsigned char *)challenge, strlen(challenge)); hmacmd5_final(&hmac, digest); if(!hmac_strcmp(hmac_printhex(digest, hexbuf, sizeof(digest)), response)) return 1; return 0; }
int main(int argc, char* argv[]) { int rc, result; if (argc == 3) { rc = hmac_strcmp(argv[1], argv[2], &result, MAX_LEN); if (rc) printf("Got Error in HMAC function calls:%X\n", rc); if (result) printf("Not Equal:%d\n", result); else printf("Equal\n"); } return rc; }
int cs_checkhashpass(const char *username, const char *password, const char *junk, const char *hash) { MD5Context ctx; unsigned char digest[16]; char hexbuf[sizeof(digest) * 2 + 1], buf[512]; snprintf(buf, sizeof(buf), "%s %s%s%s", username, password, junk?" ":"", junk?junk:""); MD5Init(&ctx); MD5Update(&ctx, (unsigned char *)buf, strlen(buf)); MD5Final(digest, &ctx); if(hmac_strcmp(hash, hmac_printhex(digest, hexbuf, sizeof(digest)))) return 0; return 1; }
int crlegacymd5(char *username, const char *password, const char *challenge, const char *response) { MD5Context ctx; unsigned char digest[16]; char hexbuf[sizeof(digest) * 2 + 1]; MD5Init(&ctx); MD5Update(&ctx, (unsigned char *)password, strlen(password)); MD5Update(&ctx, (unsigned char *)" ", 1); MD5Update(&ctx, (unsigned char *)challenge, strlen(challenge)); MD5Final(digest, &ctx); if(!hmac_strcmp(hmac_printhex(digest, hexbuf, sizeof(digest)), response)) return 1; return 0; }
int csc_verifyqticket(char *data, char *digest) { hmacsha256 hmac; unsigned char digestbuf[32]; char hexbuf[sizeof(digestbuf) * 2 + 1]; if(!ticketsecret) return -1; hmacsha256_init(&hmac, (unsigned char *)ticketsecret->content, ticketsecret->length); hmacsha256_update(&hmac, (unsigned char *)data, strlen(data)); hmacsha256_final(&hmac, digestbuf); hmac_printhex(digestbuf, hexbuf, sizeof(digestbuf)); if(!hmac_strcmp(hexbuf, digest)) return 0; return 1; }