gsasl  2.2.2
challenge.c
Go to the documentation of this file.
1 /* challenge.c --- Generate a CRAM-MD5 challenge string.
2  * Copyright (C) 2002-2025 Simon Josefsson
3  *
4  * This file is part of GNU SASL Library.
5  *
6  * GNU SASL Library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public License
8  * as published by the Free Software Foundation; either version 2.1 of
9  * the License, or (at your option) any later version.
10  *
11  * GNU SASL Library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with GNU SASL Library; if not, see
18  * <https://www.gnu.org/licenses/>.
19  *
20  */
21 
22 #include <config.h>
23 
24 #include <stdio.h>
25 #include <string.h>
26 #include <assert.h>
27 
28 /* Get prototype. */
29 #include "challenge.h"
30 
31 /* Get gc_nonce. */
32 #include <gc.h>
33 
34 /*
35  * From draft-ietf-sasl-crammd5-02.txt:
36  *
37  * The data encoded in the challenge contains a presumptively
38  * arbitrary string of random digits, a time-stamp, and the
39  * fully-qualified primary host name of the server.
40  * ...
41  * challenge = "<" 1*DIGIT "." 1*DIGIT "@" hostname ">"
42  * hostname = 1*(ALPHA / DIGIT) *("." / "-" / ALPHA / DIGIT)
43  *
44  * This implementation avoid the information leakage by always using 0
45  * as the time-stamp and a fixed host name. This should be
46  * unproblematic, as any client that try to validate the challenge
47  * string somehow, would violate the same specification:
48  *
49  * The client MUST NOT interpret or attempt to validate the
50  * contents of the challenge in any way.
51  *
52  */
53 
54 /* The sequence of X in TEMPLATE must be twice as long as NONCELEN. */
55 #define NONCELEN 10
56 #define TEMPLATE "<XXXXXXXXXXXXXXXXXXXX.0@localhost>"
57 
58 /* The probabilities for each digit are skewed (0-5 is more likely to
59  occur than 6-9), but it is just used as a nonce anyway. */
60 #define DIGIT(c) (((c) & 0x0F) > 9 ? \
61  '0' + ((c) & 0x0F) - 10 : \
62  '0' + ((c) & 0x0F))
63 
64 int
65 cram_md5_challenge (char challenge[CRAM_MD5_CHALLENGE_LEN])
66 {
67  char nonce[NONCELEN];
68  size_t i;
69  int rc;
70 
71  assert (strlen (TEMPLATE) == CRAM_MD5_CHALLENGE_LEN - 1);
72 
73  memcpy (challenge, TEMPLATE, CRAM_MD5_CHALLENGE_LEN);
74 
75  rc = gc_nonce (nonce, sizeof (nonce));
76  if (rc != GC_OK)
77  return -1;
78 
79  for (i = 0; i < sizeof (nonce); i++)
80  {
81  challenge[1 + i] = DIGIT (nonce[i]);
82  challenge[11 + i] = DIGIT (nonce[i] >> 4);
83  }
84 
85  return 0;
86 }
NONCELEN
#define NONCELEN
Definition: challenge.c:55
TEMPLATE
#define TEMPLATE
Definition: challenge.c:56
DIGIT
#define DIGIT(c)
Definition: challenge.c:60
cram_md5_challenge
int cram_md5_challenge(char challenge[CRAM_MD5_CHALLENGE_LEN])
Definition: challenge.c:65
CRAM_MD5_CHALLENGE_LEN
#define CRAM_MD5_CHALLENGE_LEN
Definition: challenge.h:25
rc
int rc
Definition: error.c:36
Generated by doxygen 1.9.1