support alternative hashes for authentication
[disorder] / lib / authhash.c
1 /*
2 * This file is part of DisOrder
3 * Copyright (C) 2004, 2006 Richard Kettlewell
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
18 * USA
19 */
20 /** @file lib/authhash.c @brief The authorization hash */
21
22 #include <config.h>
23 #include "types.h"
24
25 #include <stddef.h>
26 #include <gcrypt.h>
27 #include <assert.h>
28
29 #include "hex.h"
30 #include "log.h"
31 #include "authhash.h"
32
33 /** @brief Structure of algorithm lookup table */
34 struct algorithm {
35 const char *name;
36 int id;
37 };
38
39 /** @brief Algorithm lookup table
40 *
41 * We don't use gcry_md_map_name() since that would import gcrypt's API into
42 * the disorder protocol.
43 */
44 static const struct algorithm algorithms[] = {
45 { "SHA1", GCRY_MD_SHA1 },
46 { "sha1", GCRY_MD_SHA1 },
47 { "SHA256", GCRY_MD_SHA256 },
48 { "sha256", GCRY_MD_SHA256 },
49 { "SHA384", GCRY_MD_SHA384 },
50 { "sha384", GCRY_MD_SHA384 },
51 { "SHA512", GCRY_MD_SHA512 },
52 { "sha512", GCRY_MD_SHA512 },
53 };
54
55 /** @brief Number of supported algorithms */
56 #define NALGORITHMS (sizeof algorithms / sizeof *algorithms)
57
58 /** @brief Perform the authorization hash function
59 * @param challenge Pointer to challange
60 * @param nchallenge Size of challenge
61 * @param password Password
62 * @param algo Algorithm to use
63 *
64 * Computes H(challenge|password) and returns it as a newly allocated hex
65 * string, or returns NULL on error.
66 */
67 const char *authhash(const void *challenge, size_t nchallenge,
68 const char *password, const char *algo) {
69 gcrypt_hash_handle h;
70 const char *res;
71 size_t n;
72 int id;
73
74 assert(challenge != 0);
75 assert(password != 0);
76 assert(algo != 0);
77 for(n = 0; n < NALGORITHMS; ++n)
78 if(!strcmp(algo, algorithms[n].name))
79 break;
80 if(n >= NALGORITHMS)
81 return NULL;
82 id = algorithms[n].id;
83 #if HAVE_GCRY_ERROR_T
84 {
85 gcry_error_t e;
86
87 if((e = gcry_md_open(&h, id, 0))) {
88 error(0, "gcry_md_open: %s", gcry_strerror(e));
89 return 0;
90 }
91 }
92 #else
93 h = gcry_md_open(id, 0);
94 #endif
95 gcry_md_write(h, password, strlen(password));
96 gcry_md_write(h, challenge, nchallenge);
97 res = hex(gcry_md_read(h, id), gcry_md_get_algo_dlen(id));
98 gcry_md_close(h);
99 return res;
100 }
101
102 /** @brief Return non-zero if @p algo is a valid algorithm */
103 int valid_authhash(const char *algo) {
104 size_t n;
105
106 for(n = 0; n < NALGORITHMS; ++n)
107 if(!strcmp(algo, algorithms[n].name))
108 return 1;
109 return 0;
110 }
111
112 /*
113 Local Variables:
114 c-basic-offset:2
115 comment-column:40
116 fill-column:79
117 End:
118 */