auth_cram.c File Reference

IMAP CRAM-MD5 authentication method. More...

#include "config.h"
#include <string.h>
#include "private.h"
#include "mutt/lib.h"
#include "conn/lib.h"
#include "adata.h"
#include "auth.h"

Include dependency graph for auth_cram.c:

Go to the source code of this file.

Macros
#define	MD5_BLOCK_LEN   64
#define	MD5_DIGEST_LEN   16

Functions
static void	hmac_md5 (const char *password, const char *challenge, unsigned char *response)
	Produce CRAM-MD5 challenge response.
enum ImapAuthRes	imap_auth_cram_md5 (struct ImapAccountData *adata, const char *method)
	Authenticate using CRAM-MD5 - Implements ImapAuth::authenticate() -.

Detailed Description

IMAP CRAM-MD5 authentication method.

Authors

• Brendan Cully
• Richard Russon
• Pietro Cerutti

Copyright

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.

Definition in file auth_cram.c.

Macro Definition Documentation

MD5_BLOCK_LEN

#define MD5_BLOCK_LEN   64

Definition at line 39 of file auth_cram.c.

MD5_DIGEST_LEN

#define MD5_DIGEST_LEN   16

Definition at line 40 of file auth_cram.c.

Function Documentation

hmac_md5()

static void hmac_md5 ( const char * password, const char * challenge, unsigned char * response )

static

Produce CRAM-MD5 challenge response.

Parameters

[in]	password	Password to encrypt
[in]	challenge	Challenge from server
[out]	response	Buffer for the response

Definition at line 48 of file auth_cram.c.

{
  struct Md5Ctx md5ctx = { 0 };
  unsigned char ipad[MD5_BLOCK_LEN] = { 0 };
  unsigned char opad[MD5_BLOCK_LEN] = { 0 };
  unsigned char secret[MD5_BLOCK_LEN + 1] = { 0 };
 
  size_t secret_len = strlen(password);
 
  /* passwords longer than MD5_BLOCK_LEN bytes are substituted with their MD5
   * digests */
  if (secret_len > MD5_BLOCK_LEN)
  {
    unsigned char hash_passwd[MD5_DIGEST_LEN];
    mutt_md5_bytes(password, secret_len, hash_passwd);
    mutt_str_copy((char *) secret, (char *) hash_passwd, MD5_DIGEST_LEN);
    secret_len = MD5_DIGEST_LEN;
  }
  else
  {
    mutt_str_copy((char *) secret, password, sizeof(secret));
  }
 
  memcpy(ipad, secret, secret_len);
  memcpy(opad, secret, secret_len);
 
  for (int i = 0; i < MD5_BLOCK_LEN; i++)
  {
    ipad[i] ^= 0x36;
    opad[i] ^= 0x5c;
  }
 
  /* inner hash: challenge and ipadded secret */
  mutt_md5_init_ctx(&md5ctx);
  mutt_md5_process_bytes(ipad, MD5_BLOCK_LEN, &md5ctx);
  mutt_md5_process(challenge, &md5ctx);
  mutt_md5_finish_ctx(&md5ctx, response);
 
  /* outer hash: inner hash and opadded secret */
  mutt_md5_init_ctx(&md5ctx);
  mutt_md5_process_bytes(opad, MD5_BLOCK_LEN, &md5ctx);
  mutt_md5_process_bytes(response, MD5_DIGEST_LEN, &md5ctx);
  mutt_md5_finish_ctx(&md5ctx, response);
}

Here is the call graph for this function:

Here is the caller graph for this function: