MD5: Mormalize naming style

2015-11-13 16:08:28 +01:00 · 2015-11-13 16:08:28 +01:00 · 33b4f40acc
commit 33b4f40acc
parent 90f78507f4
4 changed files with 310 additions and 212 deletions
--- a/lib/md5.c
+++ b/lib/md5.c
@ -1,53 +1,45 @@
 /*
- * This code implements the MD5 message-digest algorithm.
- * The algorithm is due to Ron Rivest.  This code was
- * written by Colin Plumb in 1993, no copyright is claimed.
- * This code is in the public domain; do with it what you wish.
+ *	BIRD Library -- MD5 Hash Function and HMAC-MD5 Function
 *
- * Equivalent code is available from RSA Data Security, Inc.
- * This code has been tested against that, and is equivalent,
- * except that you don't need to include two pages of legalese
- * with every copy.
+ *	(c) 2015 CZ.NIC z.s.p.o.
 *
- * To compute the message digest of a chunk of bytes, declare an
- * MD5Context structure, pass it to MD5Init, call MD5Update as
- * needed on buffers full of bytes, and then call MD5Final, which
- * will fill a supplied 16-byte array with the digest.
+ *	The code was written by Colin Plumb in 1993, no copyright is claimed.
+ *
+ *	Adapted for BIRD by Martin Mares <mj@ucw.cz>
+ *
+ *	Can be freely distributed and used under the terms of the GNU GPL.
 */

-/*
- * Adapted for BIRD by Martin Mares <mj@atrey.karlin.mff.cuni.cz>
- */
-
-#include "nest/bird.h"
-#include "lib/string.h"
-#include "md5.h"
+#include "lib/md5.h"

 #ifdef CPU_LITTLE_ENDIAN
 #define byteReverse(buf, len)	/* Nothing */
 #else
-void byteReverse(unsigned char *buf, unsigned longs);
+void byteReverse(byte *buf, uint longs);

 /*
 * Note: this code is harmless on little-endian machines.
 */
-void byteReverse(unsigned char *buf, unsigned longs)
+void byteReverse(byte *buf, uint longs)
 {
  u32 t;
  do {
-	t = (u32) ((unsigned) buf[3] << 8 | buf[2]) << 16 |
-	    ((unsigned) buf[1] << 8 | buf[0]);
+    t = (u32) ((uint) buf[3] << 8 | buf[2]) << 16 |
+	((uint) buf[1] << 8 | buf[0]);
    *(u32 *) buf = t;
    buf += 4;
  } while (--longs);
 }
 #endif

+static void md5_transform(u32 buf[4], u32 const in[16]);
+
 /*
 * Start MD5 accumulation.  Set bit count to 0 and buffer to mysterious
 * initialization constants.
 */
-void MD5Init(struct MD5Context *ctx)
+void
+md5_init(struct md5_context *ctx)
 {
  ctx->buf[0] = 0x67452301;
  ctx->buf[1] = 0xefcdab89;
@ -62,7 +54,8 @@ void MD5Init(struct MD5Context *ctx)
 * Update context to reflect the concatenation of another buffer full
 * of bytes.
 */
-void MD5Update(struct MD5Context *ctx, unsigned char const *buf, unsigned len)
+void
+md5_update(struct md5_context *ctx, const byte *buf, uint len)
 {
  u32 t;

@ -76,33 +69,34 @@ void MD5Update(struct MD5Context *ctx, unsigned char const *buf, unsigned len)
  t = (t >> 3) & 0x3f;	/* Bytes already in shsInfo->data */

  /* Handle any leading odd-sized chunks */
-
-    if (t) {
-	unsigned char *p = (unsigned char *) ctx->in + t;
+  if (t)
+  {
+    byte *p = (byte *) ctx->in + t;

    t = 64 - t;
-	if (len < t) {
+    if (len < t)
+    {
      memcpy(p, buf, len);
      return;
    }
    memcpy(p, buf, t);
    byteReverse(ctx->in, 16);
-	MD5Transform(ctx->buf, (u32 *) ctx->in);
+    md5_transform(ctx->buf, (u32 *) ctx->in);
    buf += t;
    len -= t;
  }
-    /* Process data in 64-byte chunks */

-    while (len >= 64) {
+  /* Process data in 64-byte chunks */
+  while (len >= 64)
+  {
    memcpy(ctx->in, buf, 64);
    byteReverse(ctx->in, 16);
-	MD5Transform(ctx->buf, (u32 *) ctx->in);
+    md5_transform(ctx->buf, (u32 *) ctx->in);
    buf += 64;
    len -= 64;
  }

  /* Handle any remaining bytes of data. */
-
  memcpy(ctx->in, buf, len);
 }

@ -110,10 +104,11 @@ void MD5Update(struct MD5Context *ctx, unsigned char const *buf, unsigned len)
 * Final wrapup - pad to 64-byte boundary with the bit pattern
 * 1 0* (64-bit count of bits processed, MSB-first)
 */
-void MD5Final(unsigned char digest[16], struct MD5Context *ctx)
+byte *
+md5_final(struct md5_context *ctx)
 {
-    unsigned count;
-    unsigned char *p;
+  uint count;
+  byte *p;

  /* Compute number of bytes mod 64 */
  count = (ctx->bits[0] >> 3) & 0x3F;
@ -127,15 +122,18 @@ void MD5Final(unsigned char digest[16], struct MD5Context *ctx)
  count = 64 - 1 - count;

  /* Pad out to 56 mod 64 */
-    if (count < 8) {
+  if (count < 8)
+  {
    /* Two lots of padding:  Pad the first block to 64 bytes */
    memset(p, 0, count);
    byteReverse(ctx->in, 16);
-	MD5Transform(ctx->buf, (u32 *) ctx->in);
+    md5_transform(ctx->buf, (u32 *) ctx->in);

    /* Now fill the next block with 56 bytes */
    memset(ctx->in, 0, 56);
-    } else {
+  }
+  else
+  {
    /* Pad block to 56 bytes */
    memset(p, 0, count - 8);
  }
@ -145,10 +143,17 @@ void MD5Final(unsigned char digest[16], struct MD5Context *ctx)
  ((u32 *) ctx->in)[14] = ctx->bits[0];
  ((u32 *) ctx->in)[15] = ctx->bits[1];

-    MD5Transform(ctx->buf, (u32 *) ctx->in);
-    byteReverse((unsigned char *) ctx->buf, 4);
-    memcpy(digest, ctx->buf, 16);
-    memset((char *) ctx, 0, sizeof(ctx));	/* In case it's sensitive */
+  md5_transform(ctx->buf, (u32 *) ctx->in);
+  byteReverse((byte *) ctx->buf, 4);
+
+  return (byte*) ctx->buf;
+}
+
+/* I am a hard paranoid */
+void
+md5_erase_ctx(struct md5_context *ctx)
+{
+  memset((char *) ctx, 0, sizeof(*ctx));	/* In case it's sensitive */
 }

 /* The four core functions - F1 is optimized somewhat */
@ -168,7 +173,8 @@ void MD5Final(unsigned char digest[16], struct MD5Context *ctx)
 * reflect the addition of 16 longwords of new data.  MD5Update blocks
 * the data and converts bytes into longwords for this routine.
 */
-void MD5Transform(u32 buf[4], u32 const in[16])
+void
+md5_transform(u32 buf[4], u32 const in[16])
 {
  register u32 a, b, c, d;

@ -250,3 +256,67 @@ void MD5Transform(u32 buf[4], u32 const in[16])
  buf[2] += c;
  buf[3] += d;
 }
+
+
+/*
+ * 	MD5-HMAC
+ */
+
+static void
+md5_hash_buffer(byte *outbuf, const byte *buffer, size_t length)
+{
+  struct md5_context hd_tmp;
+
+  md5_init(&hd_tmp);
+  md5_update(&hd_tmp, buffer, length);
+  memcpy(outbuf, md5_final(&hd_tmp), MD5_SIZE);
+}
+
+void
+md5_hmac_init(struct md5_hmac_context *ctx, const byte *key, size_t keylen)
+{
+  byte keybuf[MD5_BLOCK_SIZE], buf[MD5_BLOCK_SIZE];
+
+  /* Hash the key if necessary */
+  if (keylen <= MD5_BLOCK_SIZE)
+  {
+    memcpy(keybuf, key, keylen);
+    bzero(keybuf + keylen, MD5_BLOCK_SIZE - keylen);
+  }
+  else
+  {
+    md5_hash_buffer(keybuf, key, keylen);
+    bzero(keybuf + MD5_SIZE, MD5_BLOCK_SIZE - MD5_SIZE);
+  }
+
+  /* Initialize the inner digest */
+  md5_init(&ctx->ictx);
+  int i;
+  for (i = 0; i < MD5_BLOCK_SIZE; i++)
+    buf[i] = keybuf[i] ^ 0x36;
+  md5_update(&ctx->ictx, buf, MD5_BLOCK_SIZE);
+
+  /* Initialize the outer digest */
+  md5_init(&ctx->octx);
+  for (i = 0; i < MD5_BLOCK_SIZE; i++)
+    buf[i] = keybuf[i] ^ 0x5c;
+  md5_update(&ctx->octx, buf, MD5_BLOCK_SIZE);
+}
+
+void
+md5_hmac_update(struct md5_hmac_context *ctx, const byte *buf, size_t buflen)
+{
+  /* Just update the inner digest */
+  md5_update(&ctx->ictx, buf, buflen);
+}
+
+byte *
+md5_hmac_final(struct md5_hmac_context *ctx)
+{
+  /* Finish the inner digest */
+  byte *isha = md5_final(&ctx->ictx);
+
+  /* Finish the outer digest */
+  md5_update(&ctx->octx, isha, MD5_SIZE);
+  return md5_final(&ctx->octx);
+}
--- a/lib/md5.h
+++ b/lib/md5.h
@ -1,16 +1,47 @@
-#ifndef MD5_H
-#define MD5_H
+/*
+ *	BIRD Library -- MD5 Hash Function and HMAC-MD5 Function
+ *
+ *	(c) 2015 CZ.NIC z.s.p.o.
+ *
+ *	Adapted for BIRD by Martin Mares <mj@ucw.cz>
+ *
+ *	Can be freely distributed and used under the terms of the GNU GPL.
+ */

-struct MD5Context {
+#ifndef _BIRD_MD5_H_
+#define _BIRD_MD5_H_
+
+#include "nest/bird.h"
+
+
+#define MD5_SIZE		16
+#define MD5_HEX_SIZE		33
+#define MD5_BLOCK_SIZE		64
+
+
+struct md5_context {
  u32 buf[4];
  u32 bits[2];
-	unsigned char in[64];
+  byte in[64];
 };

-void MD5Init(struct MD5Context *context);
-void MD5Update(struct MD5Context *context, unsigned char const *buf,
-	       unsigned len);
-void MD5Final(unsigned char digest[16], struct MD5Context *context);
-void MD5Transform(u32 buf[4], u32 const in[16]);
+void md5_init(struct md5_context *ctx);
+void md5_update(struct md5_context *ctx, const byte *buf, uint len);
+byte *md5_final(struct md5_context *ctx);

-#endif /* !MD5_H */
+
+/*
+ *	HMAC-MD5
+ */
+
+struct md5_hmac_context {
+  struct md5_context ictx;
+  struct md5_context octx;
+};
+
+void md5_hmac_init(struct md5_hmac_context *ctx, const byte *key, size_t keylen);
+void md5_hmac_update(struct md5_hmac_context *ctx, const byte *buf, size_t buflen);
+byte *md5_hmac_final(struct md5_hmac_context *ctx);
+
+
+#endif /* _BIRD_MD5_H_ */
--- a/proto/ospf/packet.c
+++ b/proto/ospf/packet.c
@ -11,6 +11,7 @@
 #include "ospf.h"
 #include "nest/password.h"
 #include "lib/md5.h"
+#include "lib/socket.h"

 void
 ospf_pkt_fill_hdr(struct ospf_iface *ifa, void *buf, u8 h_type)
@ -108,11 +109,11 @@ ospf_pkt_finalize(struct ospf_iface *ifa, struct ospf_packet *pkt)
    char password[OSPF_AUTH_CRYPT_SIZE];
    strncpy(password, passwd->password, sizeof(password));

-    struct MD5Context ctxt;
-    MD5Init(&ctxt);
-    MD5Update(&ctxt, (char *) pkt, plen);
-    MD5Update(&ctxt, password, OSPF_AUTH_CRYPT_SIZE);
-    MD5Final(tail, &ctxt);
+    struct md5_context ctx;
+    md5_init(&ctx);
+    md5_update(&ctx, (char *) pkt, plen);
+    md5_update(&ctx, password, OSPF_AUTH_CRYPT_SIZE);
+    memcpy((byte *) tail, md5_final(&ctx), MD5_SIZE);
    break;

  default:
@ -174,19 +175,17 @@ ospf_pkt_checkauth(struct ospf_neighbor *n, struct ospf_iface *ifa, struct ospf_
    if (!pass)
      DROP("no suitable password found", auth->md5.keyid);

-    void *tail = ((void *) pkt) + plen;
-    char passwd[OSPF_AUTH_CRYPT_SIZE];
-    char md5sum[OSPF_AUTH_CRYPT_SIZE];
+    byte *tail = ((byte *) pkt) + plen;
+    char received[OSPF_AUTH_CRYPT_SIZE];
+    memcpy(received, tail, OSPF_AUTH_CRYPT_SIZE);
+    strncpy(tail, pass->password, OSPF_AUTH_CRYPT_SIZE);

-    strncpy(passwd, pass->password, OSPF_AUTH_CRYPT_SIZE);
+    struct md5_context ctx;
+    md5_init(&ctx);
+    md5_update(&ctx, (byte *) pkt, plen + OSPF_AUTH_CRYPT_SIZE);
+    char *computed = md5_final(&ctx);

-    struct MD5Context ctxt;
-    MD5Init(&ctxt);
-    MD5Update(&ctxt, (char *) pkt, plen);
-    MD5Update(&ctxt, passwd, OSPF_AUTH_CRYPT_SIZE);
-    MD5Final(md5sum, &ctxt);
-
-    if (memcmp(md5sum, tail, OSPF_AUTH_CRYPT_SIZE))
+    if (memcmp(received, computed, OSPF_AUTH_CRYPT_SIZE))
      DROP("wrong MD5 digest", pass->id);

    if (n)
--- a/proto/rip/packets.c
+++ b/proto/rip/packets.c
@ -241,10 +241,10 @@ rip_fill_authentication(struct rip_proto *p, struct rip_iface *ifa, struct rip_p

    *plen += sizeof(struct rip_auth_tail) + RIP_MD5_LENGTH;

-    struct MD5Context ctxt;
-    MD5Init(&ctxt);
-    MD5Update(&ctxt, (byte *) pkt, *plen);
-    MD5Final(tail->auth_data, &ctxt);
+    struct md5_context ctx;
+    md5_init(&ctx);
+    md5_update(&ctx, (byte *) pkt, *plen);
+    memcpy(tail->auth_data, md5_final(&ctx), RIP_MD5_LENGTH);
    return;

  default:
@ -312,15 +312,13 @@ rip_check_authentication(struct rip_proto *p, struct rip_iface *ifa, struct rip_
    }

    char received[RIP_MD5_LENGTH];
-    char computed[RIP_MD5_LENGTH];
-
    memcpy(received, tail->auth_data, RIP_MD5_LENGTH);
    strncpy(tail->auth_data, pass->password, RIP_MD5_LENGTH);

-    struct MD5Context ctxt;
-    MD5Init(&ctxt);
-    MD5Update(&ctxt, (byte *) pkt, *plen);
-    MD5Final(computed, &ctxt);
+    struct md5_context ctx;
+    md5_init(&ctx);
+    md5_update(&ctx, (byte *) pkt, *plen);
+    char *computed = md5_final(&ctx);

    if (memcmp(received, computed, RIP_MD5_LENGTH))
      DROP("wrong MD5 digest", pass->id);