1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
2  *
3  * This Source Code Form is subject to the terms of the Mozilla Public
4  * License, v. 2.0. If a copy of the MPL was not distributed with this
5  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6 
7 #ifndef nsDigestAuth_h__
8 #define nsDigestAuth_h__
9 
10 #include "nsIHttpAuthenticator.h"
11 #include "nsStringFwd.h"
12 #include "nsCOMPtr.h"
13 #include "mozilla/Attributes.h"
14 
15 class nsICryptoHash;
16 
17 namespace mozilla {
18 namespace net {
19 
20 #define ALGO_SPECIFIED 0x01
21 #define ALGO_MD5 0x02
22 #define ALGO_MD5_SESS 0x04
23 #define QOP_AUTH 0x01
24 #define QOP_AUTH_INT 0x02
25 
26 #define DIGEST_LENGTH 16
27 #define EXPANDED_DIGEST_LENGTH 32
28 #define NONCE_COUNT_LENGTH 8
29 
30 //-----------------------------------------------------------------------------
31 // nsHttpDigestAuth
32 //-----------------------------------------------------------------------------
33 
34 class nsHttpDigestAuth final : public nsIHttpAuthenticator {
35  public:
36   NS_DECL_ISUPPORTS
37   NS_DECL_NSIHTTPAUTHENTICATOR
38 
39   nsHttpDigestAuth();
40 
41  protected:
42   ~nsHttpDigestAuth();
43 
44   MOZ_MUST_USE nsresult ExpandToHex(const char* digest, char* result);
45 
46   MOZ_MUST_USE nsresult CalculateResponse(const char* ha1_digest,
47                                           const char* ha2_digest,
48                                           const nsCString& nonce, uint16_t qop,
49                                           const char* nonce_count,
50                                           const nsCString& cnonce,
51                                           char* result);
52 
53   MOZ_MUST_USE nsresult CalculateHA1(const nsCString& username,
54                                      const nsCString& password,
55                                      const nsCString& realm, uint16_t algorithm,
56                                      const nsCString& nonce,
57                                      const nsCString& cnonce, char* result);
58 
59   MOZ_MUST_USE nsresult CalculateHA2(const nsCString& http_method,
60                                      const nsCString& http_uri_path,
61                                      uint16_t qop, const char* body_digest,
62                                      char* result);
63 
64   MOZ_MUST_USE nsresult ParseChallenge(const char* challenge, nsACString& realm,
65                                        nsACString& domain, nsACString& nonce,
66                                        nsACString& opaque, bool* stale,
67                                        uint16_t* algorithm, uint16_t* qop);
68 
69   // result is in mHashBuf
70   MOZ_MUST_USE nsresult MD5Hash(const char* buf, uint32_t len);
71 
72   MOZ_MUST_USE nsresult GetMethodAndPath(nsIHttpAuthenticableChannel*, bool,
73                                          nsCString&, nsCString&);
74 
75   // append the quoted version of value to aHeaderLine
76   MOZ_MUST_USE nsresult AppendQuotedString(const nsACString& value,
77                                            nsACString& aHeaderLine);
78 
79  protected:
80   nsCOMPtr<nsICryptoHash> mVerifier;
81   char mHashBuf[DIGEST_LENGTH];
82 };
83 
84 }  // namespace net
85 }  // namespace mozilla
86 
87 #endif  // nsHttpDigestAuth_h__
88