#endif
#endif
+#define EAP_START 2
+
#define AUTH_VECTOR_LEN 16
#define CHAP_VALUE_LENGTH 16
#define MAX_STRING_LEN 254 /* RFC2138: string 0-253 octets */
void librad_md5_calc(u_char *, u_char *, u_int);
+/* hmac.c */
+
+void lrad_hmac_md5(unsigned char *text, int text_len,
+ unsigned char *key, int key_len,
+ unsigned char *digest);
+
/* radius.c */
int rad_send(RADIUS_PACKET *, const char *secret);
RADIUS_PACKET *rad_recv(int fd);
#define PW_PORT_LIMIT 62
#define PW_CONNECT_INFO 77
+#define PW_EAP_MESSAGE 79
+#define PW_MESSAGE_AUTHENTICATOR 80
+
#define PW_FALL_THROUGH 500
#define PW_ADD_PORT_TO_IP_ADDRESS 501
#define PW_EXEC_PROGRAM 502
#define PW_AUTHTYPE_SECURID 2
#define PW_AUTHTYPE_CRYPT 3
#define PW_AUTHTYPE_REJECT 4
+#define PW_AUTHTYPE_EAP 252
#define PW_AUTHTYPE_PAM 253
#define PW_AUTHTYPE_ACCEPT 254
--- /dev/null
+/*
+ For the sake of illustration we provide the following sample code for
+ the implementation of HMAC-MD5 as well as some corresponding test
+ vectors (the code is based on MD5 code as described in [MD5]).
+*/
+
+/*
+** Function: hmac_md5
+*/
+
+#include <string.h>
+#include "../include/md5.h"
+
+/*
+unsigned char* text; pointer to data stream
+int text_len; length of data stream
+unsigned char* key; pointer to authentication key
+int key_len; length of authentication key
+unsigned char* digest; caller digest to be filled in
+*/
+
+void
+lrad_hmac_md5(unsigned char *text, int text_len,
+ unsigned char *key, int key_len,
+ unsigned char *digest)
+{
+ MD5_CTX context;
+ unsigned char k_ipad[65]; /* inner padding -
+ * key XORd with ipad
+ */
+ unsigned char k_opad[65]; /* outer padding -
+ * key XORd with opad
+ */
+ unsigned char tk[16];
+ int i;
+ /* if key is longer than 64 bytes reset it to key=MD5(key) */
+ if (key_len > 64) {
+
+ MD5_CTX tctx;
+
+ MD5Init(&tctx);
+ MD5Update(&tctx, key, key_len);
+ MD5Final(tk, &tctx);
+
+ key = tk;
+ key_len = 16;
+ }
+
+ /*
+ * the HMAC_MD5 transform looks like:
+ *
+ * MD5(K XOR opad, MD5(K XOR ipad, text))
+ *
+ * where K is an n byte key
+ * ipad is the byte 0x36 repeated 64 times
+
+ * opad is the byte 0x5c repeated 64 times
+ * and text is the data being protected
+ */
+
+ /* start out by storing key in pads */
+ memset( k_ipad, 0, sizeof(k_ipad));
+ memset( k_opad, 0, sizeof(k_opad));
+ memset( k_ipad, key, key_len);
+ memset( k_opad, key, key_len);
+
+ /* XOR key with ipad and opad values */
+ for (i = 0; i < 64; i++) {
+ k_ipad[i] ^= 0x36;
+ k_opad[i] ^= 0x5c;
+ }
+ /*
+ * perform inner MD5
+ */
+ MD5Init(&context); /* init context for 1st
+ * pass */
+ MD5Update(&context, k_ipad, 64); /* start with inner pad */
+ MD5Update(&context, text, text_len); /* then text of datagram */
+ MD5Final(digest, &context); /* finish up 1st pass */
+ /*
+ * perform outer MD5
+ */
+ MD5Init(&context); /* init context for 2nd
+ * pass */
+ MD5Update(&context, k_opad, 64); /* start with outer pad */
+ MD5Update(&context, digest, 16); /* then results of 1st
+ * hash */
+ MD5Final(digest, &context); /* finish up 2nd pass */
+}
+
+/*
+Test Vectors (Trailing '\0' of a character string not included in test):
+
+ key = 0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
+ key_len = 16 bytes
+ data = "Hi There"
+ data_len = 8 bytes
+ digest = 0x9294727a3638bb1c13f48ef8158bfc9d
+
+ key = "Jefe"
+ data = "what do ya want for nothing?"
+ data_len = 28 bytes
+ digest = 0x750c783e6ab0b503eaa86e310a5db738
+
+ key = 0xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+
+ key_len 16 bytes
+ data = 0xDDDDDDDDDDDDDDDDDDDD...
+ ..DDDDDDDDDDDDDDDDDDDD...
+ ..DDDDDDDDDDDDDDDDDDDD...
+ ..DDDDDDDDDDDDDDDDDDDD...
+ ..DDDDDDDDDDDDDDDDDDDD
+ data_len = 50 bytes
+ digest = 0x56be34521d144c88dbb8c733f0e8b3f6
+*/
projects / freeradius.git / commitdiff