From: Stephan Bosch Date: Mon, 26 Sep 2022 20:21:39 +0000 (+0200) Subject: auth: auth-scram - Rename Hi() to auth_scram_hi() and make it public. X-Git-Tag: 2.4.0~3149 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=669de97f49d84926e2941dc3096171105cd75cb3;p=thirdparty%2Fdovecot%2Fcore.git auth: auth-scram - Rename Hi() to auth_scram_hi() and make it public. --- diff --git a/src/auth/Makefile.am b/src/auth/Makefile.am index 3789546596..3b95dfdeb0 100644 --- a/src/auth/Makefile.am +++ b/src/auth/Makefile.am @@ -63,6 +63,7 @@ auth_LDFLAGS = -export-dynamic libpassword_la_SOURCES = \ crypt-blowfish.c \ mycrypt.c \ + auth-scram.c \ password-scheme.c \ password-scheme-crypt.c \ password-scheme-md5crypt.c \ @@ -181,6 +182,7 @@ headers = \ passdb-blocking.h \ passdb-cache.h \ passdb-template.h \ + auth-scram.h \ password-scheme.h \ userdb.h \ userdb-blocking.h \ diff --git a/src/auth/auth-scram.c b/src/auth/auth-scram.c index abdcb3a854..50be682e14 100644 --- a/src/auth/auth-scram.c +++ b/src/auth/auth-scram.c @@ -1,12 +1,34 @@ -static void -Hi(const struct hash_method *hmethod, const unsigned char *str, size_t str_size, - const unsigned char *salt, size_t salt_size, unsigned int i, - unsigned char *result) +/* Copyright (c) 2022-2023 Dovecot authors, see the included COPYING file */ + +#include "lib.h" +#include "hmac.h" + +#include "auth-scram.h" + +void auth_scram_hi(const struct hash_method *hmethod, + const unsigned char *str, size_t str_size, + const unsigned char *salt, size_t salt_size, unsigned int i, + unsigned char *result) { struct hmac_context ctx; unsigned char U[hmethod->digest_size]; unsigned int j, k; + /* Hi(str, salt, i): + + U1 := HMAC(str, salt + INT(1)) + U2 := HMAC(str, U1) + ... + Ui-1 := HMAC(str, Ui-2) + Ui := HMAC(str, Ui-1) + + Hi := U1 XOR U2 XOR ... XOR Ui + + where "i" is the iteration count, "+" is the string concatenation + operator, and INT(g) is a 4-octet encoding of the integer g, most + significant octet first. + */ + /* Calculate U1 */ hmac_init(&ctx, str, str_size, hmethod); hmac_update(&ctx, salt, salt_size); diff --git a/src/auth/auth-scram.h b/src/auth/auth-scram.h new file mode 100644 index 0000000000..d8ef1029f5 --- /dev/null +++ b/src/auth/auth-scram.h @@ -0,0 +1,9 @@ +#ifndef AUTH_SCRAM_H +#define AUTH_SCRAM_H + +void auth_scram_hi(const struct hash_method *hmethod, + const unsigned char *str, size_t str_size, + const unsigned char *salt, size_t salt_size, unsigned int i, + unsigned char *result); + +#endif diff --git a/src/auth/password-scheme-scram.c b/src/auth/password-scheme-scram.c index bb58456386..e6cdc62e87 100644 --- a/src/auth/password-scheme-scram.c +++ b/src/auth/password-scheme-scram.c @@ -17,6 +17,7 @@ #include "sha1.h" #include "sha2.h" #include "str.h" +#include "auth-scram.h" #include "password-scheme.h" /* SCRAM allowed iteration count range. RFC says it SHOULD be at least 4096 */ @@ -25,8 +26,6 @@ #define SCRAM_DEFAULT_ITERATE_COUNT 4096 -#include "auth-scram.c" - int scram_scheme_parse(const struct hash_method *hmethod, const char *name, const unsigned char *credentials, size_t size, unsigned int *iter_count_r, const char **salt_r, @@ -97,8 +96,9 @@ int scram_verify(const struct hash_method *hmethod, const char *scheme_name, salt = buffer_get_data(t_base64_decode_str(salt_base64), &salt_len); /* FIXME: credentials should be SASLprepped UTF8 data here */ - Hi(hmethod, (const unsigned char *)plaintext, strlen(plaintext), - salt, salt_len, iter_count, salted_password); + auth_scram_hi(hmethod, + (const unsigned char *)plaintext, strlen(plaintext), + salt, salt_len, iter_count, salted_password); /* Calculate ClientKey */ hmac_init(&ctx, salted_password, sizeof(salted_password), hmethod); @@ -143,8 +143,9 @@ void scram_generate(const struct hash_method *hmethod, const char *plaintext, base64_encode(salt, sizeof(salt), str); /* FIXME: credentials should be SASLprepped UTF8 data here */ - Hi(hmethod, (const unsigned char *)plaintext, strlen(plaintext), salt, - sizeof(salt), rounds, salted_password); + auth_scram_hi(hmethod, + (const unsigned char *)plaintext, strlen(plaintext), + salt, sizeof(salt), rounds, salted_password); /* Calculate ClientKey */ hmac_init(&ctx, salted_password, sizeof(salted_password), hmethod);