1 //-------------------------------------------------------------------
2 // Copyright (C) The Internet Society (1999). All Rights Reserved.
4 // This document and translations of it may be copied and furnished to
5 // others, and derivative works that comment on or otherwise explain it
6 // or assist in its implementation may be prepared, copied, published
7 // and distributed, in whole or in part, without restriction of any
8 // kind, provided that the above copyright notice and this paragraph are
9 // included on all such copies and derivative works. However, this
10 // document itself may not be modified in any way, such as by removing
11 // the copyright notice or references to the Internet Society or other
12 // Internet organizations, except as needed for the purpose of
13 // developing Internet standards in which case the procedures for
14 // copyrights defined in the Internet Standards process must be
15 // followed, or as required to translate it into languages other than
18 // The limited permissions granted above are perpetual and will not be
19 // revoked by the Internet Society or its successors or assigns.
21 // This document and the information contained herein is provided on an
22 // "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
23 // TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
24 // BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
25 // HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
26 // MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
29 // Modifiyed by Intel Corporation, 2005
30 //-------------------------------------------------------------------------
33 #include <openssl/md5.h>
38 int stricmp(const char *b, const char *a)
40 while (*a != '\0' && *b != '\0' && tolower(*a) == tolower(*b))
45 tolower(*a) < tolower(*b) ? -1 : 1;
56 for (i = 0; i < HASHLEN; i++) {
57 j = (Bin[i] >> 4) & 0xf;
61 Hex[i*2] = (j + 'a' - 10);
64 Hex[i*2+1] = (j + '0');
66 Hex[i*2+1] = (j + 'a' - 10);
68 Hex[HASHHEXLEN] = '\0';
71 /* calculate H(A1) as per spec */
87 MD5_Update(&Md5Ctx, pszUserName, strlen(pszUserName));
88 MD5_Update(&Md5Ctx, ":", 1);
89 MD5_Update(&Md5Ctx, pszRealm, strlen(pszRealm));
90 MD5_Update(&Md5Ctx, ":", 1);
91 MD5_Update(&Md5Ctx, pszPassword, strlen(pszPassword));
92 MD5_Final(HA1, &Md5Ctx);
93 if (stricmp(pszAlg, "md5-sess") == 0) {
96 MD5_Update(&Md5Ctx, HA1HEX, HASHHEXLEN);
97 MD5_Update(&Md5Ctx, ":", 1);
98 MD5_Update(&Md5Ctx, pszNonce, strlen(pszNonce));
99 MD5_Update(&Md5Ctx, ":", 1);
100 MD5_Update(&Md5Ctx, pszCNonce, strlen(pszCNonce));
101 MD5_Final(HA1, &Md5Ctx);
103 CvtHex(HA1, SessionKey);
106 /* calculate request-digest/response-digest as per HTTP Digest spec */
107 void DigestCalcResponse(
108 HASHHEX HA1, /* H(A1) */
109 char * pszNonce, /* nonce from server */
110 char * pszNonceCount, /* 8 hex digits */
111 char * pszCNonce, /* client nonce */
112 char * pszQop, /* qop-value: "", "auth", "auth-int" */
113 char * pszMethod, /* method from the request */
114 char * pszDigestUri, /* requested URL */
115 HASHHEX HEntity, /* H(entity body) if qop="auth-int" */
116 HASHHEX Response /* request-digest or response-digest */
126 MD5_Update(&Md5Ctx, pszMethod, strlen(pszMethod));
127 MD5_Update(&Md5Ctx, ":", 1);
128 MD5_Update(&Md5Ctx, pszDigestUri, strlen(pszDigestUri));
129 if (stricmp(pszQop, "auth-int") == 0) {
130 MD5_Update(&Md5Ctx, ":", 1);
131 MD5_Update(&Md5Ctx, HEntity, HASHHEXLEN);
133 MD5_Final(HA2, &Md5Ctx);
136 // calculate response
138 MD5_Update(&Md5Ctx, HA1, HASHHEXLEN);
139 MD5_Update(&Md5Ctx, ":", 1);
140 MD5_Update(&Md5Ctx, pszNonce, strlen(pszNonce));
141 MD5_Update(&Md5Ctx, ":", 1);
143 MD5_Update(&Md5Ctx, pszNonceCount, strlen(pszNonceCount));
144 MD5_Update(&Md5Ctx, ":", 1);
145 MD5_Update(&Md5Ctx, pszCNonce, strlen(pszCNonce));
146 MD5_Update(&Md5Ctx, ":", 1);
147 MD5_Update(&Md5Ctx, pszQop, strlen(pszQop));
148 MD5_Update(&Md5Ctx, ":", 1);
150 MD5_Update(&Md5Ctx, HA2Hex, HASHHEXLEN);
151 MD5_Final(RespHash, &Md5Ctx);
152 CvtHex(RespHash, Response);