diff options
author | Glenn Strauss <gstrauss@gluelogic.com> | 2020-05-24 12:21:13 -0400 |
---|---|---|
committer | Glenn Strauss <gstrauss@gluelogic.com> | 2020-07-08 22:51:31 -0400 |
commit | 1fc8a3e1f2c91ba7fc246b63e1db85d9d4875df2 (patch) | |
tree | 3961ffd46e824ac679be17feaab1d19aa480cd71 /src/mod_auth.c | |
parent | c18f442a63a5a7e591cbaa379bfaf1cfd2741aef (diff) | |
download | lighttpd-git-1fc8a3e1f2c91ba7fc246b63e1db85d9d4875df2.tar.gz |
[core] sys-crypto-md.h w/ inline message digest fn
sys-crypto-md.h w/ inline message digest functions; shared code
Diffstat (limited to 'src/mod_auth.c')
-rw-r--r-- | src/mod_auth.c | 94 |
1 files changed, 12 insertions, 82 deletions
diff --git a/src/mod_auth.c b/src/mod_auth.c index 812b8f5d..200ef5ec 100644 --- a/src/mod_auth.c +++ b/src/mod_auth.c @@ -1,86 +1,16 @@ #include "first.h" +#include <stdlib.h> +#include <string.h> + +#include "sys-crypto-md.h" /* USE_LIB_CRYPTO */ + #include "base.h" #include "plugin.h" #include "http_auth.h" #include "http_header.h" #include "log.h" -#include "sys-crypto.h" /* USE_LIB_CRYPTO */ -#ifdef USE_LIB_CRYPTO - -#if defined(USE_NETTLE_CRYPTO) - -#include <nettle/sha.h> -typedef struct sha256_ctx SHA256_CTX; -#define SHA256_Init(ctx) \ - sha256_init(ctx) -#define SHA256_Final(digest, ctx) \ - sha256_digest((ctx),sizeof(digest),(digest)) -static void -SHA256_Update(SHA256_CTX *ctx, const void *data, size_t length) -{ - sha256_update(ctx, length, data); -} - -#ifndef SHA512_256_DIGEST_LENGTH -#define SHA512_256_DIGEST_LENGTH 32 -#endif -typedef struct sha512_ctx SHA512_CTX; -#define SHA512_256_Init(ctx) \ - sha512_256_init(ctx) -#define SHA512_256_Final(digest, ctx) \ - sha512_256_digest((ctx),sizeof(digest),(digest)) -static void -SHA512_256_Update(SHA512_CTX *ctx, const void *data, size_t length) -{ - sha512_256_update(ctx, length, data); -} - -#elif defined(USE_MBEDTLS_CRYPTO) - -#include <mbedtls/sha256.h> -#ifdef MBEDTLS_SHA256_C -typedef struct mbedtls_sha256_context SHA256_CTX; -#define SHA256_Init(ctx) \ - (mbedtls_sha256_init(ctx), mbedtls_sha256_starts_ret((ctx),0)) -#define SHA256_Final(digest, ctx) \ - (mbedtls_sha256_finish_ret((ctx),(digest)), mbedtls_sha256_free(ctx)) -static void -SHA256_Update(SHA256_CTX *ctx, const void *data, size_t length) -{ - mbedtls_sha256_update_ret(ctx, data, length); -} -#endif - -#elif defined(USE_OPENSSL_CRYPTO) - -#include <openssl/sha.h> - -#elif defined(USE_GNUTLS_CRYPTO) - -#include <gnutls/crypto.h> -typedef gnutls_hash_hd_t SHA256_CTX; -#define SHA256_Init(ctx) \ - do { \ - if (gnutls_hash_init((ctx), GNUTLS_DIG_SHA256) < 0) \ - SEGFAULT(); \ - } while (0) -#define SHA256_Final(digest, ctx) \ - gnutls_hash_deinit(*(ctx),(digest)) -static void -SHA256_Update(SHA256_CTX *ctx, const void *data, size_t length) -{ - gnutls_hash(*ctx, data, length); -} - -#endif - -#endif /* USE_LIB_CRYPTO */ - -#include <stdlib.h> -#include <string.h> - /** * auth framework */ @@ -210,7 +140,7 @@ static int mod_auth_algorithm_parse(http_auth_info_t *ai, const char *s) { ai->dlen = HTTP_AUTH_DIGEST_SHA256_BINLEN; return 1; } - #ifdef SHA512_256_DIGEST_LENGTH + #ifdef USE_LIB_CRYPTO_SHA512_256 if (len == 11 && 0 == memcmp(s+4, "512-256", 7)) { ai->dalgo |= HTTP_AUTH_DIGEST_SHA512_256; ai->dlen = HTTP_AUTH_DIGEST_SHA512_256_BINLEN; @@ -579,8 +509,8 @@ int mod_auth_plugin_init(plugin *p) { * (could be in separate file from mod_auth.c as long as registration occurs) */ +#include "sys-crypto-md.h" #include "base64.h" -#include "md5.h" #include "rand.h" #include "http_header.h" @@ -753,7 +683,7 @@ static void mod_auth_digest_nonce_sha256(buffer *b, time_t cur_ts, int rnd, cons buffer_append_string_len(b, hh, sizeof(hh)-1); } -#ifdef SHA512_256_DIGEST_LENGTH +#ifdef USE_LIB_CRYPTO_SHA512_256 static void mod_auth_digest_mutate_sha512_256(http_auth_info_t *ai, const char *m, const char *uri, const char *nonce, const char *cnonce, const char *nc, const char *qop) { SHA512_CTX ctx; @@ -826,7 +756,7 @@ static void mod_auth_digest_nonce_sha512_256(buffer *b, time_t cur_ts, int rnd, buffer_append_string_len(b, hh, sizeof(hh)-1); } -#endif /* SHA512_256_DIGEST_LENGTH */ +#endif /* USE_LIB_CRYPTO_SHA512_256 */ #endif /* USE_LIB_CRYPTO */ @@ -909,7 +839,7 @@ static void mod_auth_digest_mutate(http_auth_info_t *ai, const char *m, const ch #ifdef USE_LIB_CRYPTO else if (ai->dalgo & HTTP_AUTH_DIGEST_SHA256) mod_auth_digest_mutate_sha256(ai, m, uri, nonce, cnonce, nc, qop); - #ifdef SHA512_256_DIGEST_LENGTH + #ifdef USE_LIB_CRYPTO_SHA512_256 else if (ai->dalgo & HTTP_AUTH_DIGEST_SHA512_256) mod_auth_digest_mutate_sha512_256(ai, m, uri, nonce, cnonce, nc, qop); #endif @@ -932,7 +862,7 @@ static void mod_auth_append_nonce(buffer *b, time_t cur_ts, const struct http_au } switch (dalgo) { #ifdef USE_LIB_CRYPTO - #ifdef SHA512_256_DIGEST_LENGTH + #ifdef USE_LIB_CRYPTO_SHA512_256 case HTTP_AUTH_DIGEST_SHA512_256: mod_auth_digest_nonce_sha512_256(b, cur_ts, rnd, nonce_secret); break; @@ -955,7 +885,7 @@ static void mod_auth_digest_www_authenticate(buffer *b, time_t cur_ts, const str unsigned int algolen[3]; const char *algoname[3]; #ifdef USE_LIB_CRYPTO - #ifdef SHA512_256_DIGEST_LENGTH + #ifdef USE_LIB_CRYPTO_SHA512_256 if (algos & HTTP_AUTH_DIGEST_SHA512_256) { algoid[n] = HTTP_AUTH_DIGEST_SHA512_256; algoname[n] = "SHA-512-256"; |