Loading docs/RESOURCES +8 −0 Original line number Diff line number Diff line Loading @@ -32,12 +32,16 @@ This document lists documents and standards used by curl. RFC 2068 - HTTP 1.1 (obsoleted by RFC 2616) RFC 2104 - Keyed-Hashing for Message Authentication RFC 2109 - HTTP State Management Mechanism (cookie stuff) - Also, read Netscape's specification at http://curl.haxx.se/rfc/cookie_spec.html RFC 2183 - The Content-Disposition Header Field RFC 2195 - CRAM-MD5 authentication RFC 2229 - A Dictionary Server Protocol RFC 2255 - Newer LDAP URL syntax document. Loading Loading @@ -73,3 +77,7 @@ This document lists documents and standards used by curl. RFC 2965 - HTTP State Management Mechanism. Cookies. Obsoletes RFC2109 RFC 3207 - SMTP over TLS RFC 4616 - PLAIN authentication RFC 4954 - SMTP Authentication lib/Makefile.inc +2 −2 Original line number Diff line number Diff line Loading @@ -12,7 +12,7 @@ CSOURCES = file.c timeval.c base64.c hostip.c progress.c formdata.c \ strdup.c socks.c ssh.c nss.c qssl.c rawstr.c curl_addrinfo.c \ socks_gssapi.c socks_sspi.c curl_sspi.c slist.c nonblock.c \ curl_memrchr.c imap.c pop3.c smtp.c pingpong.c rtsp.c curl_threads.c \ warnless.c warnless.c hmac.c HHEADERS = arpa_telnet.h netrc.h file.h timeval.h qssl.h hostip.h \ progress.h formdata.h cookie.h http.h sendf.h ftp.h url.h dict.h \ Loading @@ -25,4 +25,4 @@ HHEADERS = arpa_telnet.h netrc.h file.h timeval.h qssl.h hostip.h \ tftp.h sockaddr.h splay.h strdup.h setup_once.h socks.h ssh.h nssg.h \ curl_base64.h rawstr.h curl_addrinfo.h curl_sspi.h slist.h nonblock.h \ curl_memrchr.h imap.h pop3.h smtp.h pingpong.h rtsp.h curl_threads.h \ warnless.h warnless.h curl_hmac.h lib/curl_hmac.h 0 → 100644 +67 −0 Original line number Diff line number Diff line #ifndef HEADER_CURL_HMAC_H #define HEADER_CURL_HMAC_H /*************************************************************************** * _ _ ____ _ * Project ___| | | | _ \| | * / __| | | | |_) | | * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms * are also available at http://curl.haxx.se/docs/copyright.html. * * You may opt to use, copy, modify, merge, publish, distribute and/or sell * copies of the Software, and permit persons to whom the Software is * furnished to do so, under the terms of the COPYING file. * * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY * KIND, either express or implied. * ***************************************************************************/ #ifndef CURL_DISABLE_CRYPTO_AUTH typedef void (* HMAC_hinit_func)(void * context); typedef void (* HMAC_hupdate_func)(void * context, const unsigned char * data, unsigned int len); typedef void (* HMAC_hfinal_func)(unsigned char * result, void * context); /* Per-hash function HMAC parameters. */ typedef struct { HMAC_hinit_func hmac_hinit; /* Initialize context procedure. */ HMAC_hupdate_func hmac_hupdate; /* Update context with data. */ HMAC_hfinal_func hmac_hfinal; /* Get final result procedure. */ unsigned int hmac_ctxtsize; /* Context structure size. */ unsigned int hmac_maxkeylen; /* Maximum key length (bytes). */ unsigned int hmac_resultlen; /* Result length (bytes). */ } HMAC_params; /* HMAC computation context. */ typedef struct { const HMAC_params * hmac_hash; /* Hash function definition. */ void * hmac_hashctxt1; /* Hash function context 1. */ void * hmac_hashctxt2; /* Hash function context 2. */ } HMAC_context; /* Prototypes. */ HMAC_context * Curl_HMAC_init(const HMAC_params * hashparams, const unsigned char * key, unsigned int keylen); int Curl_HMAC_update(HMAC_context * context, const unsigned char * data, unsigned int len); int Curl_HMAC_final(HMAC_context * context, unsigned char * result); #endif #endif lib/curl_md5.h +6 −0 Original line number Diff line number Diff line Loading @@ -22,7 +22,13 @@ * ***************************************************************************/ #ifndef CURL_DISABLE_CRYPTO_AUTH #include "curl_hmac.h" const HMAC_params Curl_HMAC_MD5[1]; void Curl_md5it(unsigned char *output, const unsigned char *input); #endif #endif /* HEADER_CURL_MD5_H */ lib/hmac.c 0 → 100644 +123 −0 Original line number Diff line number Diff line /*************************************************************************** * _ _ ____ _ * Project ___| | | | _ \| | * / __| | | | |_) | | * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms * are also available at http://curl.haxx.se/docs/copyright.html. * * You may opt to use, copy, modify, merge, publish, distribute and/or sell * copies of the Software, and permit persons to whom the Software is * furnished to do so, under the terms of the COPYING file. * * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY * KIND, either express or implied. * * RFC2104 Keyed-Hashing for Message Authentication * ***************************************************************************/ #ifndef CURL_DISABLE_CRYPTO_AUTH #include "setup.h" #include "curl_hmac.h" /* * Generic HMAC algorithm. * * This module computes HMAC digests based on any hash function. Parameters * and computing procedures are set-up dynamically at HMAC computation * context initialisation. */ static const unsigned char hmac_ipad = 0x36; static const unsigned char hmac_opad = 0x5C; HMAC_context * Curl_HMAC_init(const HMAC_params * hashparams, const unsigned char * key, unsigned int keylen) { unsigned int i; HMAC_context * ctxt; unsigned char * hkey; unsigned char b; /* Create HMAC context. */ i = sizeof *ctxt + 2 * hashparams->hmac_ctxtsize + hashparams->hmac_resultlen; ctxt = (HMAC_context *) malloc(i); if(!ctxt) return ctxt; ctxt->hmac_hash = hashparams; ctxt->hmac_hashctxt1 = (void *) (ctxt + 1); ctxt->hmac_hashctxt2 = (void *) ((char *) ctxt->hmac_hashctxt1 + hashparams->hmac_ctxtsize); /* If the key is too long, replace it by its hash digest. */ if(keylen > hashparams->hmac_maxkeylen) { (*hashparams->hmac_hinit)(ctxt->hmac_hashctxt1); (*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt1, key, keylen); hkey = (unsigned char *) ctxt->hmac_hashctxt2 + hashparams->hmac_ctxtsize; (*hashparams->hmac_hfinal)(hkey, ctxt->hmac_hashctxt1); key = hkey; keylen = hashparams->hmac_resultlen; } /* Prime the two hash contexts with the modified key. */ (*hashparams->hmac_hinit)(ctxt->hmac_hashctxt1); (*hashparams->hmac_hinit)(ctxt->hmac_hashctxt2); for (i = 0; i < keylen; i++) { b = *key ^ hmac_ipad; (*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt1, &b, 1); b = *key++ ^ hmac_opad; (*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt2, &b, 1); } for (; i < hashparams->hmac_maxkeylen; i++) { (*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt1, &hmac_ipad, 1); (*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt2, &hmac_opad, 1); } /* Done, return pointer to HMAC context. */ return ctxt; } int Curl_HMAC_update(HMAC_context * ctxt, const unsigned char * data, unsigned int len) { /* Update first hash calculation. */ (*ctxt->hmac_hash->hmac_hupdate)(ctxt->hmac_hashctxt1, data, len); return 0; } int Curl_HMAC_final(HMAC_context * ctxt, unsigned char * result) { const HMAC_params * hashparams = ctxt->hmac_hash; /* Do not get result if called with a null parameter: only release storage. */ if(!result) result = (unsigned char *) ctxt->hmac_hashctxt2 + ctxt->hmac_hash->hmac_ctxtsize; (*hashparams->hmac_hfinal)(result, ctxt->hmac_hashctxt1); (*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt2, result, hashparams->hmac_resultlen); (*hashparams->hmac_hfinal)(result, ctxt->hmac_hashctxt2); free((char *) ctxt); return 0; } #endif Loading
docs/RESOURCES +8 −0 Original line number Diff line number Diff line Loading @@ -32,12 +32,16 @@ This document lists documents and standards used by curl. RFC 2068 - HTTP 1.1 (obsoleted by RFC 2616) RFC 2104 - Keyed-Hashing for Message Authentication RFC 2109 - HTTP State Management Mechanism (cookie stuff) - Also, read Netscape's specification at http://curl.haxx.se/rfc/cookie_spec.html RFC 2183 - The Content-Disposition Header Field RFC 2195 - CRAM-MD5 authentication RFC 2229 - A Dictionary Server Protocol RFC 2255 - Newer LDAP URL syntax document. Loading Loading @@ -73,3 +77,7 @@ This document lists documents and standards used by curl. RFC 2965 - HTTP State Management Mechanism. Cookies. Obsoletes RFC2109 RFC 3207 - SMTP over TLS RFC 4616 - PLAIN authentication RFC 4954 - SMTP Authentication
lib/Makefile.inc +2 −2 Original line number Diff line number Diff line Loading @@ -12,7 +12,7 @@ CSOURCES = file.c timeval.c base64.c hostip.c progress.c formdata.c \ strdup.c socks.c ssh.c nss.c qssl.c rawstr.c curl_addrinfo.c \ socks_gssapi.c socks_sspi.c curl_sspi.c slist.c nonblock.c \ curl_memrchr.c imap.c pop3.c smtp.c pingpong.c rtsp.c curl_threads.c \ warnless.c warnless.c hmac.c HHEADERS = arpa_telnet.h netrc.h file.h timeval.h qssl.h hostip.h \ progress.h formdata.h cookie.h http.h sendf.h ftp.h url.h dict.h \ Loading @@ -25,4 +25,4 @@ HHEADERS = arpa_telnet.h netrc.h file.h timeval.h qssl.h hostip.h \ tftp.h sockaddr.h splay.h strdup.h setup_once.h socks.h ssh.h nssg.h \ curl_base64.h rawstr.h curl_addrinfo.h curl_sspi.h slist.h nonblock.h \ curl_memrchr.h imap.h pop3.h smtp.h pingpong.h rtsp.h curl_threads.h \ warnless.h warnless.h curl_hmac.h
lib/curl_hmac.h 0 → 100644 +67 −0 Original line number Diff line number Diff line #ifndef HEADER_CURL_HMAC_H #define HEADER_CURL_HMAC_H /*************************************************************************** * _ _ ____ _ * Project ___| | | | _ \| | * / __| | | | |_) | | * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms * are also available at http://curl.haxx.se/docs/copyright.html. * * You may opt to use, copy, modify, merge, publish, distribute and/or sell * copies of the Software, and permit persons to whom the Software is * furnished to do so, under the terms of the COPYING file. * * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY * KIND, either express or implied. * ***************************************************************************/ #ifndef CURL_DISABLE_CRYPTO_AUTH typedef void (* HMAC_hinit_func)(void * context); typedef void (* HMAC_hupdate_func)(void * context, const unsigned char * data, unsigned int len); typedef void (* HMAC_hfinal_func)(unsigned char * result, void * context); /* Per-hash function HMAC parameters. */ typedef struct { HMAC_hinit_func hmac_hinit; /* Initialize context procedure. */ HMAC_hupdate_func hmac_hupdate; /* Update context with data. */ HMAC_hfinal_func hmac_hfinal; /* Get final result procedure. */ unsigned int hmac_ctxtsize; /* Context structure size. */ unsigned int hmac_maxkeylen; /* Maximum key length (bytes). */ unsigned int hmac_resultlen; /* Result length (bytes). */ } HMAC_params; /* HMAC computation context. */ typedef struct { const HMAC_params * hmac_hash; /* Hash function definition. */ void * hmac_hashctxt1; /* Hash function context 1. */ void * hmac_hashctxt2; /* Hash function context 2. */ } HMAC_context; /* Prototypes. */ HMAC_context * Curl_HMAC_init(const HMAC_params * hashparams, const unsigned char * key, unsigned int keylen); int Curl_HMAC_update(HMAC_context * context, const unsigned char * data, unsigned int len); int Curl_HMAC_final(HMAC_context * context, unsigned char * result); #endif #endif
lib/curl_md5.h +6 −0 Original line number Diff line number Diff line Loading @@ -22,7 +22,13 @@ * ***************************************************************************/ #ifndef CURL_DISABLE_CRYPTO_AUTH #include "curl_hmac.h" const HMAC_params Curl_HMAC_MD5[1]; void Curl_md5it(unsigned char *output, const unsigned char *input); #endif #endif /* HEADER_CURL_MD5_H */
lib/hmac.c 0 → 100644 +123 −0 Original line number Diff line number Diff line /*************************************************************************** * _ _ ____ _ * Project ___| | | | _ \| | * / __| | | | |_) | | * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms * are also available at http://curl.haxx.se/docs/copyright.html. * * You may opt to use, copy, modify, merge, publish, distribute and/or sell * copies of the Software, and permit persons to whom the Software is * furnished to do so, under the terms of the COPYING file. * * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY * KIND, either express or implied. * * RFC2104 Keyed-Hashing for Message Authentication * ***************************************************************************/ #ifndef CURL_DISABLE_CRYPTO_AUTH #include "setup.h" #include "curl_hmac.h" /* * Generic HMAC algorithm. * * This module computes HMAC digests based on any hash function. Parameters * and computing procedures are set-up dynamically at HMAC computation * context initialisation. */ static const unsigned char hmac_ipad = 0x36; static const unsigned char hmac_opad = 0x5C; HMAC_context * Curl_HMAC_init(const HMAC_params * hashparams, const unsigned char * key, unsigned int keylen) { unsigned int i; HMAC_context * ctxt; unsigned char * hkey; unsigned char b; /* Create HMAC context. */ i = sizeof *ctxt + 2 * hashparams->hmac_ctxtsize + hashparams->hmac_resultlen; ctxt = (HMAC_context *) malloc(i); if(!ctxt) return ctxt; ctxt->hmac_hash = hashparams; ctxt->hmac_hashctxt1 = (void *) (ctxt + 1); ctxt->hmac_hashctxt2 = (void *) ((char *) ctxt->hmac_hashctxt1 + hashparams->hmac_ctxtsize); /* If the key is too long, replace it by its hash digest. */ if(keylen > hashparams->hmac_maxkeylen) { (*hashparams->hmac_hinit)(ctxt->hmac_hashctxt1); (*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt1, key, keylen); hkey = (unsigned char *) ctxt->hmac_hashctxt2 + hashparams->hmac_ctxtsize; (*hashparams->hmac_hfinal)(hkey, ctxt->hmac_hashctxt1); key = hkey; keylen = hashparams->hmac_resultlen; } /* Prime the two hash contexts with the modified key. */ (*hashparams->hmac_hinit)(ctxt->hmac_hashctxt1); (*hashparams->hmac_hinit)(ctxt->hmac_hashctxt2); for (i = 0; i < keylen; i++) { b = *key ^ hmac_ipad; (*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt1, &b, 1); b = *key++ ^ hmac_opad; (*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt2, &b, 1); } for (; i < hashparams->hmac_maxkeylen; i++) { (*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt1, &hmac_ipad, 1); (*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt2, &hmac_opad, 1); } /* Done, return pointer to HMAC context. */ return ctxt; } int Curl_HMAC_update(HMAC_context * ctxt, const unsigned char * data, unsigned int len) { /* Update first hash calculation. */ (*ctxt->hmac_hash->hmac_hupdate)(ctxt->hmac_hashctxt1, data, len); return 0; } int Curl_HMAC_final(HMAC_context * ctxt, unsigned char * result) { const HMAC_params * hashparams = ctxt->hmac_hash; /* Do not get result if called with a null parameter: only release storage. */ if(!result) result = (unsigned char *) ctxt->hmac_hashctxt2 + ctxt->hmac_hash->hmac_ctxtsize; (*hashparams->hmac_hfinal)(result, ctxt->hmac_hashctxt1); (*hashparams->hmac_hupdate)(ctxt->hmac_hashctxt2, result, hashparams->hmac_resultlen); (*hashparams->hmac_hfinal)(result, ctxt->hmac_hashctxt2); free((char *) ctxt); return 0; } #endif
