Browse Source

[mod_auth] http_auth_md5_hex2bin()

Note: http_auth_backend_t digest interface returns result as a
binary MD5 (16-bytes) so that caller consistently converts to
lowercase before using it in further digest calculation.

(Alternatively, the http_auth_backend_t digest interface could have
 taken a 33-char buffer and returned an explicitly lowercased hex str)
personal/stbuehler/mod-csrf-old
Glenn Strauss 5 years ago
parent
commit
cde68b7b23
  1. 33
      src/http_auth.c
  2. 2
      src/http_auth.h
  3. 8
      src/mod_authn_file.c

33
src/http_auth.c

@ -25,3 +25,36 @@ void http_auth_backend_set (const http_auth_backend_t *backend)
force_assert(i<(sizeof(http_auth_backends)/sizeof(http_auth_backend_t))-1);
memcpy(http_auth_backends+i, backend, sizeof(http_auth_backend_t));
}
int http_auth_md5_hex2bin (const char *md5hex, size_t len, unsigned char md5bin[16])
{
/* validate and transform 32-byte MD5 hex string to 16-byte binary MD5 */
if (32 != len) return -1; /*(Note: char *md5hex must be a 32-char string)*/
for (int i = 0; i < 32; i+=2) {
int hi = md5hex[i];
int lo = md5hex[i+1];
if ('0' <= hi && hi <= '9') hi -= '0';
else if ((hi |= 0x20), 'a' <= hi && hi <= 'f') hi += -'a' + 10;
else return -1;
if ('0' <= lo && lo <= '9') lo -= '0';
else if ((lo |= 0x20), 'a' <= lo && lo <= 'f') lo += -'a' + 10;
else return -1;
md5bin[(i >> 1)] = (unsigned char)((hi << 4) | lo);
}
return 0;
}
#if 0
int http_auth_md5_hex2lc (char *md5hex)
{
/* validate and transform 32-byte MD5 hex string to lowercase */
int i;
for (i = 0; md5hex[i]; ++i) {
int c = md5hex[i];
if ('0' <= c && c <= '9') continue;
else if ((c |= 0x20), 'a' <= c && c <= 'f') md5hex[i] = c;
else return -1;
}
return (32 == i) ? 0 : -1; /*(Note: char *md5hex must be a 32-char string)*/
}
#endif

2
src/http_auth.h

@ -14,4 +14,6 @@ typedef struct http_auth_backend_t {
const http_auth_backend_t * http_auth_backend_get (const buffer *name);
void http_auth_backend_set (const http_auth_backend_t *backend);
int http_auth_md5_hex2bin (const char *md5hex, size_t len, unsigned char md5bin[16]);
#endif

8
src/mod_authn_file.c

@ -259,13 +259,7 @@ static int mod_authn_file_htdigest_get(server *srv, const buffer *auth_fn, const
fclose(fp);
if (pwd_len != 32) return -1;
/* transform the 32-byte-hex-md5 (f_pwd) to a 16-byte-md5 (HA1) */
for (int i = 0; i < 16; i++) {
HA1[i] = hex2int(f_pwd[i*2]) << 4;
HA1[i] |= hex2int(f_pwd[i*2+1]);
}
return 0;
return http_auth_md5_hex2bin(f_pwd, pwd_len, HA1);
}
}

Loading…
Cancel
Save