xref: /openbsd/usr.sbin/radiusd/radius_subr.c (revision a6eb37b5) 
1 /*	$OpenBSD: radius_subr.c,v 1.1 2024/07/14 15:31:49 yasuoka Exp $	*/
2 
3 /*
4  * Copyright (c) 2013, 2023 Internet Initiative Japan Inc.
5  *
6  * Permission to use, copy, modify, and distribute this software for any
7  * purpose with or without fee is hereby granted, provided that the above
8  * copyright notice and this permission notice appear in all copies.
9  *
10  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17  */
18 
19 #include <sys/types.h>
20 
21 #include <md5.h>
22 #include <string.h>
23 
24 #include "radius_subr.h"
25 
26 void
radius_attr_hide(const char * secret,const char * authenticator,const u_char * salt,u_char * plain,int plainlen)27 radius_attr_hide(const char *secret, const char *authenticator,
28     const u_char *salt, u_char *plain, int plainlen)
29 {
30 	int	  i, j;
31 	u_char	  b[16];
32 	MD5_CTX	  md5ctx;
33 
34 	i = 0;
35 	do {
36 		MD5Init(&md5ctx);
37 		MD5Update(&md5ctx, secret, strlen(secret));
38 		if (i == 0) {
39 			MD5Update(&md5ctx, authenticator, 16);
40 			if (salt != NULL)
41 				MD5Update(&md5ctx, salt, 2);
42 		} else
43 			MD5Update(&md5ctx, plain + i - 16, 16);
44 		MD5Final(b, &md5ctx);
45 
46 		for (j = 0; j < 16 && i < plainlen; i++, j++)
47 			plain[i] ^= b[j];
48 	} while (i < plainlen);
49 }
50 
51 void
radius_attr_unhide(const char * secret,const char * authenticator,const u_char * salt,u_char * crypt0,int crypt0len)52 radius_attr_unhide(const char *secret, const char *authenticator,
53     const u_char *salt, u_char *crypt0, int crypt0len)
54 {
55 	int	  i, j;
56 	u_char	  b[16];
57 	MD5_CTX	  md5ctx;
58 
59 	i = 16 * ((crypt0len - 1) / 16);
60 	while (i >= 0) {
61 		MD5Init(&md5ctx);
62 		MD5Update(&md5ctx, secret, strlen(secret));
63 		if (i == 0) {
64 			MD5Update(&md5ctx, authenticator, 16);
65 			if (salt != NULL)
66 				MD5Update(&md5ctx, salt, 2);
67 		} else
68 			MD5Update(&md5ctx, crypt0 + i - 16, 16);
69 		MD5Final(b, &md5ctx);
70 
71 		for (j = 0; j < 16 && i + j < crypt0len; j++)
72 			crypt0[i + j] ^= b[j];
73 		i -= 16;
74 	}
75 }
76