1
/* The source in this file is derived from the reference implementation
1
/* The source in this file is derived from the reference implementation
3
3
* RFC 2617 is Copyright (C) The Internet Society (1999). All Rights Reserved.
5
* The following copyright and licence statement covers all changes made to the
5
* The following copyright and licence statement covers all changes made to the
6
6
* reference implementation.
8
8
* Key changes were: alteration to a plain C layout.
9
9
* Create CvtBin function
10
10
* Allow CalcHA1 to make use of precaculated username:password:realm hash's
60
60
for (i = 0; i < HASHLEN; i++) {
61
j = (Bin[i] >> 4) & 0xf;
63
Hex[i * 2] = (j + '0');
65
Hex[i * 2] = (j + 'a' - 10);
68
Hex[i * 2 + 1] = (j + '0');
70
Hex[i * 2 + 1] = (j + 'a' - 10);
61
j = (Bin[i] >> 4) & 0xf;
63
Hex[i * 2] = (j + '0');
65
Hex[i * 2] = (j + 'a' - 10);
68
Hex[i * 2 + 1] = (j + '0');
70
Hex[i * 2 + 1] = (j + 'a' - 10);
72
72
Hex[HASHHEXLEN] = '\0';
81
81
for (i = 0; i < HASHHEXLEN; i++) {
84
if (('0' <= j) && (j <= '9'))
86
else if (('a' <= j) && (j <= 'f'))
88
else if (('A' <= j) && (j <= 'F'))
84
if (('0' <= j) && (j <= '9'))
86
else if (('a' <= j) && (j <= 'f'))
88
else if (('A' <= j) && (j <= 'F'))
97
/* FIXME: Coverity detects the below as dead code.
98
Why? :: right here i == 32
99
which means the first step of the for loop makes i==16
100
and cannot be < HASHLEN (which is also 16)
97
/* FIXME: Coverity detects the below as dead code.
98
Why? :: right here i == 32
99
which means the first step of the for loop makes i==16
100
and cannot be < HASHLEN (which is also 16)
102
102
for (i = i / 2; i < HASHLEN; i++) {
121
121
SquidMD5_CTX Md5Ctx;
123
123
if (pszUserName) {
124
SquidMD5Init(&Md5Ctx);
125
SquidMD5Update(&Md5Ctx, pszUserName, strlen(pszUserName));
126
SquidMD5Update(&Md5Ctx, ":", 1);
127
SquidMD5Update(&Md5Ctx, pszRealm, strlen(pszRealm));
128
SquidMD5Update(&Md5Ctx, ":", 1);
129
SquidMD5Update(&Md5Ctx, pszPassword, strlen(pszPassword));
130
SquidMD5Final((unsigned char *) HA1, &Md5Ctx);
124
SquidMD5Init(&Md5Ctx);
125
SquidMD5Update(&Md5Ctx, pszUserName, strlen(pszUserName));
126
SquidMD5Update(&Md5Ctx, ":", 1);
127
SquidMD5Update(&Md5Ctx, pszRealm, strlen(pszRealm));
128
SquidMD5Update(&Md5Ctx, ":", 1);
129
SquidMD5Update(&Md5Ctx, pszPassword, strlen(pszPassword));
130
SquidMD5Final((unsigned char *) HA1, &Md5Ctx);
132
132
if (strcasecmp(pszAlg, "md5-sess") == 0) {
134
CvtHex(HA1, HA1Hex); /* RFC2617 errata */
135
SquidMD5Init(&Md5Ctx);
136
SquidMD5Update(&Md5Ctx, HA1Hex, HASHHEXLEN);
137
SquidMD5Update(&Md5Ctx, ":", 1);
138
SquidMD5Update(&Md5Ctx, pszNonce, strlen(pszNonce));
139
SquidMD5Update(&Md5Ctx, ":", 1);
140
SquidMD5Update(&Md5Ctx, pszCNonce, strlen(pszCNonce));
141
SquidMD5Final((unsigned char *) HA1, &Md5Ctx);
134
CvtHex(HA1, HA1Hex); /* RFC2617 errata */
135
SquidMD5Init(&Md5Ctx);
136
SquidMD5Update(&Md5Ctx, HA1Hex, HASHHEXLEN);
137
SquidMD5Update(&Md5Ctx, ":", 1);
138
SquidMD5Update(&Md5Ctx, pszNonce, strlen(pszNonce));
139
SquidMD5Update(&Md5Ctx, ":", 1);
140
SquidMD5Update(&Md5Ctx, pszCNonce, strlen(pszCNonce));
141
SquidMD5Final((unsigned char *) HA1, &Md5Ctx);
143
143
CvtHex(HA1, SessionKey);
168
168
SquidMD5Update(&Md5Ctx, pszMethod, strlen(pszMethod));
169
169
SquidMD5Update(&Md5Ctx, ":", 1);
170
170
SquidMD5Update(&Md5Ctx, pszDigestUri, strlen(pszDigestUri));
171
if (strcasecmp(pszQop, "auth-int") == 0) {
172
SquidMD5Update(&Md5Ctx, ":", 1);
173
SquidMD5Update(&Md5Ctx, HEntity, HASHHEXLEN);
171
if (pszQop && strcasecmp(pszQop, "auth-int") == 0) {
172
SquidMD5Update(&Md5Ctx, ":", 1);
173
SquidMD5Update(&Md5Ctx, HEntity, HASHHEXLEN);
175
175
SquidMD5Final((unsigned char *) HA2, &Md5Ctx);
176
176
CvtHex(HA2, HA2Hex);
182
182
SquidMD5Update(&Md5Ctx, ":", 1);
183
183
SquidMD5Update(&Md5Ctx, pszNonce, strlen(pszNonce));
184
184
SquidMD5Update(&Md5Ctx, ":", 1);
186
SquidMD5Update(&Md5Ctx, pszNonceCount, strlen(pszNonceCount));
187
SquidMD5Update(&Md5Ctx, ":", 1);
188
SquidMD5Update(&Md5Ctx, pszCNonce, strlen(pszCNonce));
189
SquidMD5Update(&Md5Ctx, ":", 1);
190
SquidMD5Update(&Md5Ctx, pszQop, strlen(pszQop));
191
SquidMD5Update(&Md5Ctx, ":", 1);
186
SquidMD5Update(&Md5Ctx, pszNonceCount, strlen(pszNonceCount));
187
SquidMD5Update(&Md5Ctx, ":", 1);
188
SquidMD5Update(&Md5Ctx, pszCNonce, strlen(pszCNonce));
189
SquidMD5Update(&Md5Ctx, ":", 1);
190
SquidMD5Update(&Md5Ctx, pszQop, strlen(pszQop));
191
SquidMD5Update(&Md5Ctx, ":", 1);
193
193
SquidMD5Update(&Md5Ctx, HA2Hex, HASHHEXLEN);
194
194
SquidMD5Final((unsigned char *) RespHash, &Md5Ctx);