src/cmd/auth/factotum/httpdigest.c - plan9 - Git at Google

 /*
  * HTTPDIGEST - MD5 challenge/response authentication (RFC 2617)
  *
  * Client protocol:
  *	write challenge: nonce method uri
  *	read response: 2*MD5dlen hex digits
  *
  * Server protocol:
  *	unimplemented
  */
 #include "std.h"
 #include "dat.h"

 static void
 digest(char *user, char *realm, char *passwd,
 	char *nonce, char *method, char *uri,
 	char *dig);

 static int
 hdclient(Conv *c)
 {
 	char *realm, *passwd, *user, *f[4], *s, resp[MD5dlen*2+1];
 	int ret;
 	Key *k;

 	ret = -1;
 	s = nil;

 	c->state = "keylookup";
 	k = keyfetch(c, "%A", c->attr);
 	if(k == nil)
 		goto out;

 	user = strfindattr(k->attr, "user");
 	realm = strfindattr(k->attr, "realm");
 	passwd = strfindattr(k->attr, "!password");

 	if(convreadm(c, &s) < 0)
 		goto out;
 	if(tokenize(s, f, 4) != 3){
 		werrstr("bad challenge -- want nonce method uri");
 		goto out;
 	}

 	digest(user, realm, passwd, f[0], f[1], f[2], resp);
 	convwrite(c, resp, strlen(resp));
 	ret = 0;

 out:
 	free(s);
 	keyclose(k);
 	return ret;
 }

 static void
 strtolower(char *s)
 {
 	while(*s){
 		*s = tolower((uchar)*s);
 		s++;
 	}
 }

 static void
 digest(char *user, char *realm, char *passwd,
 	char *nonce, char *method, char *uri,
 	char *dig)
 {
 	uchar b[MD5dlen];
 	char ha1[MD5dlen*2+1];
 	char ha2[MD5dlen*2+1];
 	DigestState *s;

 	/*
 	 *  H(A1) = MD5(uid + ":" + realm ":" + passwd)
 	 */
 	s = md5((uchar*)user, strlen(user), nil, nil);
 	md5((uchar*)":", 1, nil, s);
 	md5((uchar*)realm, strlen(realm), nil, s);
 	md5((uchar*)":", 1, nil, s);
 	md5((uchar*)passwd, strlen(passwd), b, s);
 	enc16(ha1, sizeof(ha1), b, MD5dlen);
 	strtolower(ha1);

 	/*
 	 *  H(A2) = MD5(method + ":" + uri)
 	 */
 	s = md5((uchar*)method, strlen(method), nil, nil);
 	md5((uchar*)":", 1, nil, s);
 	md5((uchar*)uri, strlen(uri), b, s);
 	enc16(ha2, sizeof(ha2), b, MD5dlen);
 	strtolower(ha2);

 	/*
 	 *  digest = MD5(H(A1) + ":" + nonce + ":" + H(A2))
 	 */
 	s = md5((uchar*)ha1, MD5dlen*2, nil, nil);
 	md5((uchar*)":", 1, nil, s);
 	md5((uchar*)nonce, strlen(nonce), nil, s);
 	md5((uchar*)":", 1, nil, s);
 	md5((uchar*)ha2, MD5dlen*2, b, s);
 	enc16(dig, MD5dlen*2+1, b, MD5dlen);
 	strtolower(dig);
 }

 static Role hdroles[] =
 {
 	"client",	hdclient,
 	0
 };

 Proto httpdigest =
 {
 	"httpdigest",
 	hdroles,
 	"user? realm? !password?",
 	0,
 	0
 };
	/*
	* HTTPDIGEST - MD5 challenge/response authentication (RFC 2617)
	*
	* Client protocol:
	* write challenge: nonce method uri
	* read response: 2*MD5dlen hex digits
	*
	* Server protocol:
	* unimplemented
	*/
	#include "std.h"
	#include "dat.h"

	static void
	digest(char user, char realm, char *passwd,
	char nonce, char method, char *uri,
	char *dig);

	static int
	hdclient(Conv *c)
	{
	char realm, passwd, user, f[4], s, resp[MD5dlen2+1];
	int ret;
	Key *k;

	ret = -1;
	s = nil;

	c->state = "keylookup";
	k = keyfetch(c, "%A", c->attr);
	if(k == nil)
	goto out;

	user = strfindattr(k->attr, "user");
	realm = strfindattr(k->attr, "realm");
	passwd = strfindattr(k->attr, "!password");

	if(convreadm(c, &s) < 0)
	goto out;
	if(tokenize(s, f, 4) != 3){
	werrstr("bad challenge -- want nonce method uri");
	goto out;
	}

	digest(user, realm, passwd, f[0], f[1], f[2], resp);
	convwrite(c, resp, strlen(resp));
	ret = 0;

	out:
	free(s);
	keyclose(k);
	return ret;
	}

	static void
	strtolower(char *s)
	{
	while(*s){
	s = tolower((uchar)s);
	s++;
	}
	}

	static void
	digest(char user, char realm, char *passwd,
	char nonce, char method, char *uri,
	char *dig)
	{
	uchar b[MD5dlen];
	char ha1[MD5dlen*2+1];
	char ha2[MD5dlen*2+1];
	DigestState *s;

	/*
	* H(A1) = MD5(uid + ":" + realm ":" + passwd)
	*/
	s = md5((uchar*)user, strlen(user), nil, nil);
	md5((uchar*)":", 1, nil, s);
	md5((uchar*)realm, strlen(realm), nil, s);
	md5((uchar*)":", 1, nil, s);
	md5((uchar*)passwd, strlen(passwd), b, s);
	enc16(ha1, sizeof(ha1), b, MD5dlen);
	strtolower(ha1);

	/*
	* H(A2) = MD5(method + ":" + uri)
	*/
	s = md5((uchar*)method, strlen(method), nil, nil);
	md5((uchar*)":", 1, nil, s);
	md5((uchar*)uri, strlen(uri), b, s);
	enc16(ha2, sizeof(ha2), b, MD5dlen);
	strtolower(ha2);

	/*
	* digest = MD5(H(A1) + ":" + nonce + ":" + H(A2))
	*/
	s = md5((uchar)ha1, MD5dlen2, nil, nil);
	md5((uchar*)":", 1, nil, s);
	md5((uchar*)nonce, strlen(nonce), nil, s);
	md5((uchar*)":", 1, nil, s);
	md5((uchar)ha2, MD5dlen2, b, s);
	enc16(dig, MD5dlen*2+1, b, MD5dlen);
	strtolower(dig);
	}

	static Role hdroles[] =
	{
	"client", hdclient,
	0
	};

	Proto httpdigest =
	{
	"httpdigest",
	hdroles,
	"user? realm? !password?",
	0,
	0
	};