1 /*
2  *  OpenVPN -- An application to securely tunnel IP networks
3  *             over a single TCP/UDP port, with support for SSL/TLS-based
4  *             session authentication and key exchange,
5  *             packet encryption, packet authentication, and
6  *             packet compression.
7  *
8  *  Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>
9  *
10  *  This program is free software; you can redistribute it and/or modify
11  *  it under the terms of the GNU General Public License version 2
12  *  as published by the Free Software Foundation.
13  *
14  *  This program is distributed in the hope that it will be useful,
15  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
16  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
17  *  GNU General Public License for more details.
18  *
19  *  You should have received a copy of the GNU General Public License along
20  *  with this program; if not, write to the Free Software Foundation, Inc.,
21  *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22  */
23 
24 #if PROXY_DIGEST_AUTH
25 
26 #define HASHLEN 16
27 typedef unsigned char HASH[HASHLEN];
28 #define HASHHEXLEN 32
29 typedef unsigned char HASHHEX[HASHHEXLEN+1];
30 #undef IN
31 #undef OUT
32 #define IN const
33 #define OUT
34 
35 /* calculate H(A1) as per HTTP Digest spec */
36 void DigestCalcHA1(
37     IN char *pszAlg,
38     IN char *pszUserName,
39     IN char *pszRealm,
40     IN char *pszPassword,
41     IN char *pszNonce,
42     IN char *pszCNonce,
43     OUT HASHHEX SessionKey
44     );
45 
46 /* calculate request-digest/response-digest as per HTTP Digest spec */
47 void DigestCalcResponse(
48     IN HASHHEX HA1,           /* H(A1) */
49     IN char *pszNonce,        /* nonce from server */
50     IN char *pszNonceCount,   /* 8 hex digits */
51     IN char *pszCNonce,       /* client nonce */
52     IN char *pszQop,          /* qop-value: "", "auth", "auth-int" */
53     IN char *pszMethod,       /* method from the request */
54     IN char *pszDigestUri,    /* requested URL */
55     IN HASHHEX HEntity,       /* H(entity body) if qop="auth-int" */
56     OUT HASHHEX Response      /* request-digest or response-digest */
57     );
58 
59 #endif /* if PROXY_DIGEST_AUTH */
60