2 * Copyright (c) 2014 The FreeBSD Foundation
5 * This software was developed by Edward Tomasz Napierala under sponsorship
6 * from the FreeBSD Foundation.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 #include <sys/cdefs.h>
32 __FBSDID("$FreeBSD$");
36 #include <openssl/err.h>
37 #include <openssl/md5.h>
38 #include <openssl/rand.h>
43 chap_compute_md5(const char id, const char *secret,
44 const void *challenge, size_t challenge_len, void *response,
50 assert(response_len == MD5_DIGEST_LENGTH);
53 MD5_Update(&ctx, &id, sizeof(id));
54 MD5_Update(&ctx, secret, strlen(secret));
55 MD5_Update(&ctx, challenge, challenge_len);
56 rv = MD5_Final(response, &ctx);
58 log_errx(1, "MD5_Final");
62 chap_hex2int(const char hex)
109 * XXX: Review this _carefully_.
112 chap_hex2bin(const char *hex, void **binp, size_t *bin_lenp)
114 int i, hex_len, nibble;
115 bool lo = true; /* As opposed to 'hi'. */
117 size_t bin_off, bin_len;
119 if (strncasecmp(hex, "0x", strlen("0x")) != 0) {
120 log_warnx("malformed variable, should start with \"0x\"");
125 hex_len = strlen(hex);
127 log_warnx("malformed variable; doesn't contain anything "
132 bin_len = hex_len / 2 + hex_len % 2;
133 bin = calloc(bin_len, 1);
135 log_err(1, "calloc");
137 bin_off = bin_len - 1;
138 for (i = hex_len - 1; i >= 0; i--) {
139 nibble = chap_hex2int(hex[i]);
141 log_warnx("malformed variable, invalid char \"%c\"",
147 assert(bin_off < bin_len);
149 bin[bin_off] = nibble;
152 bin[bin_off] |= nibble << 4;
164 chap_bin2hex(const char *bin, size_t bin_len)
166 unsigned char *hex, *tmp, ch;
170 hex_len = bin_len * 2 + 3; /* +2 for "0x", +1 for '\0'. */
171 hex = malloc(hex_len);
173 log_err(1, "malloc");
176 tmp += sprintf(tmp, "0x");
177 for (i = 0; i < bin_len; i++) {
179 tmp += sprintf(tmp, "%02x", ch);
191 chap = calloc(sizeof(*chap), 1);
193 log_err(1, "calloc");
196 * Generate the challenge.
198 rv = RAND_bytes(chap->chap_challenge, sizeof(chap->chap_challenge));
200 log_errx(1, "RAND_bytes failed: %s",
201 ERR_error_string(ERR_get_error(), NULL));
203 rv = RAND_bytes(&chap->chap_id, sizeof(chap->chap_id));
205 log_errx(1, "RAND_bytes failed: %s",
206 ERR_error_string(ERR_get_error(), NULL));
213 chap_get_id(const struct chap *chap)
218 ret = asprintf(&chap_i, "%d", chap->chap_id);
220 log_err(1, "asprintf");
226 chap_get_challenge(const struct chap *chap)
230 chap_c = chap_bin2hex(chap->chap_challenge,
231 sizeof(chap->chap_challenge));
237 chap_receive_bin(struct chap *chap, void *response, size_t response_len)
240 if (response_len != sizeof(chap->chap_response)) {
241 log_debugx("got CHAP response with invalid length; "
242 "got %zd, should be %zd",
243 response_len, sizeof(chap->chap_response));
247 memcpy(chap->chap_response, response, response_len);
252 chap_receive(struct chap *chap, const char *response)
255 size_t response_bin_len;
258 error = chap_hex2bin(response, &response_bin, &response_bin_len);
260 log_debugx("got incorrectly encoded CHAP response \"%s\"",
265 error = chap_receive_bin(chap, response_bin, response_bin_len);
272 chap_authenticate(struct chap *chap, const char *secret)
274 char expected_response[MD5_DIGEST_LENGTH];
276 chap_compute_md5(chap->chap_id, secret,
277 chap->chap_challenge, sizeof(chap->chap_challenge),
278 expected_response, sizeof(expected_response));
280 if (memcmp(chap->chap_response,
281 expected_response, sizeof(expected_response)) != 0) {
289 chap_delete(struct chap *chap)
296 rchap_new(const char *secret)
300 rchap = calloc(sizeof(*rchap), 1);
302 log_err(1, "calloc");
304 rchap->rchap_secret = checked_strdup(secret);
310 rchap_receive_bin(struct rchap *rchap, const unsigned char id,
311 const void *challenge, size_t challenge_len)
314 rchap->rchap_id = id;
315 rchap->rchap_challenge = calloc(challenge_len, 1);
316 if (rchap->rchap_challenge == NULL)
317 log_err(1, "calloc");
318 memcpy(rchap->rchap_challenge, challenge, challenge_len);
319 rchap->rchap_challenge_len = challenge_len;
323 rchap_receive(struct rchap *rchap, const char *id, const char *challenge)
325 unsigned char id_bin;
327 size_t challenge_bin_len;
331 id_bin = strtoul(id, NULL, 10);
333 error = chap_hex2bin(challenge, &challenge_bin, &challenge_bin_len);
335 log_debugx("got incorrectly encoded CHAP challenge \"%s\"",
340 rchap_receive_bin(rchap, id_bin, challenge_bin, challenge_bin_len);
347 rchap_get_response_bin(struct rchap *rchap,
348 void **responsep, size_t *response_lenp)
351 size_t response_bin_len = MD5_DIGEST_LENGTH;
353 response_bin = calloc(response_bin_len, 1);
354 if (response_bin == NULL)
355 log_err(1, "calloc");
357 chap_compute_md5(rchap->rchap_id, rchap->rchap_secret,
358 rchap->rchap_challenge, rchap->rchap_challenge_len,
359 response_bin, response_bin_len);
361 *responsep = response_bin;
362 *response_lenp = response_bin_len;
366 rchap_get_response(struct rchap *rchap)
372 rchap_get_response_bin(rchap, &response, &response_len);
373 chap_r = chap_bin2hex(response, response_len);
380 rchap_delete(struct rchap *rchap)
383 free(rchap->rchap_secret);
384 free(rchap->rchap_challenge);