From: Stephan Bosch Date: Wed, 19 Feb 2025 00:37:27 +0000 (+0100) Subject: lib-auth: password-scheme - Move digest_md5_generate() innards to auth-digest as... X-Git-Tag: 2.4.2~147 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5fb7199d5cf14a5c22a8c3a75201a219d1e89878;p=thirdparty%2Fdovecot%2Fcore.git lib-auth: password-scheme - Move digest_md5_generate() innards to auth-digest as auth_digest_get_hash_a1_secret() --- diff --git a/src/lib-auth/Makefile.am b/src/lib-auth/Makefile.am index c12184d852..3b94f72155 100644 --- a/src/lib-auth/Makefile.am +++ b/src/lib-auth/Makefile.am @@ -7,6 +7,7 @@ AM_CPPFLAGS = \ -I$(top_srcdir)/src/lib-otp libauth_la_SOURCES = \ + auth-digest.c \ auth-gs2.c \ auth-scram.c \ auth-scram-client.c \ @@ -29,6 +30,7 @@ libauth_crypt_la_LIBADD = \ headers = \ mycrypt.h \ + auth-digest.h \ auth-gs2.h \ auth-scram.h \ auth-scram-client.h \ diff --git a/src/lib-auth/auth-digest.c b/src/lib-auth/auth-digest.c new file mode 100644 index 0000000000..281dac3b94 --- /dev/null +++ b/src/lib-auth/auth-digest.c @@ -0,0 +1,28 @@ +/* Copyright (c) 2025 Dovecot authors, see the included COPYING file */ + +#include "lib.h" +#include "hash-method.h" + +#include "auth-digest.h" + +/* + * Processing + */ + +void auth_digest_get_hash_a1_secret(const struct hash_method *hmethod, + const char *username, const char *realm, + const char *password, + unsigned char *digest_r) +{ + struct hash_method_context ctx; + + /* A1 = unq(username) ":" unq(realm) ":" passwd */ + + hash_method_init(&ctx, hmethod); + hash_method_loop(&ctx, username, strlen(username)); + hash_method_loop(&ctx, ":", 1); + hash_method_loop(&ctx, realm, strlen(realm)); + hash_method_loop(&ctx, ":", 1); + hash_method_loop(&ctx, password, strlen(password)); + hash_method_result(&ctx, digest_r); +} diff --git a/src/lib-auth/auth-digest.h b/src/lib-auth/auth-digest.h new file mode 100644 index 0000000000..9b8f74896d --- /dev/null +++ b/src/lib-auth/auth-digest.h @@ -0,0 +1,13 @@ +#ifndef AUTH_DIGEST_H +#define AUTH_DIGEST_H + +/* + * Processing + */ + +void auth_digest_get_hash_a1_secret(const struct hash_method *hmethod, + const char *username, const char *realm, + const char *password, + unsigned char *digest_r); + +#endif diff --git a/src/lib-auth/password-scheme.c b/src/lib-auth/password-scheme.c index 796feac702..29e7d639be 100644 --- a/src/lib-auth/password-scheme.c +++ b/src/lib-auth/password-scheme.c @@ -15,6 +15,7 @@ #include "sha2.h" #include "otp.h" #include "str.h" +#include "auth-digest.h" #include "password-scheme.h" #include "password-scheme-private.h" @@ -648,7 +649,8 @@ static void digest_md5_generate(const char *plaintext, const struct password_generate_params *params, const unsigned char **raw_password_r, size_t *size_r) { - const char *realm, *str, *user; + static const struct hash_method *const hmethod = &hash_method_md5; + const char *realm, *user; unsigned char *digest; if (params->user == NULL) @@ -668,12 +670,12 @@ digest_md5_generate(const char *plaintext, const struct password_generate_params } /* user:realm:passwd */ - digest = t_malloc_no0(MD5_RESULTLEN); - str = t_strdup_printf("%s:%s:%s", user, realm, plaintext); - md5_get_digest(str, strlen(str), digest); + digest = t_malloc_no0(hmethod->digest_size); + auth_digest_get_hash_a1_secret(hmethod, user, realm, plaintext, + digest); *raw_password_r = digest; - *size_r = MD5_RESULTLEN; + *size_r = hmethod->digest_size; } static void