[mod_auth] http_auth_md5_hex2bin()

Note: http_auth_backend_t digest interface returns result as a binary MD5 (16-bytes) so that caller consistently converts to lowercase before using it in further digest calculation. (Alternatively, the http_auth_backend_t digest interface could have taken a 33-char buffer and returned an explicitly lowercased hex str)
2016-09-09 22:28:01 -04:00 · 2016-09-09 22:28:01 -04:00 · cde68b7b23
parent ede5ea2d83
commit cde68b7b23
3 changed files with 36 additions and 7 deletions
--- a/src/http_auth.c
+++ b/src/http_auth.c
@ -25,3 +25,36 @@ void http_auth_backend_set (const http_auth_backend_t *backend)
    force_assert(i<(sizeof(http_auth_backends)/sizeof(http_auth_backend_t))-1);
    memcpy(http_auth_backends+i, backend, sizeof(http_auth_backend_t));
 }
+
+int http_auth_md5_hex2bin (const char *md5hex, size_t len, unsigned char md5bin[16])
+{
+    /* validate and transform 32-byte MD5 hex string to 16-byte binary MD5 */
+    if (32 != len) return -1; /*(Note: char *md5hex must be a 32-char string)*/
+    for (int i = 0; i < 32; i+=2) {
+        int hi = md5hex[i];
+        int lo = md5hex[i+1];
+        if ('0' <= hi && hi <= '9')                    hi -= '0';
+        else if ((hi |= 0x20), 'a' <= hi && hi <= 'f') hi += -'a' + 10;
+        else                                           return -1;
+        if ('0' <= lo && lo <= '9')                    lo -= '0';
+        else if ((lo |= 0x20), 'a' <= lo && lo <= 'f') lo += -'a' + 10;
+        else                                           return -1;
+        md5bin[(i >> 1)] = (unsigned char)((hi << 4) | lo);
+    }
+    return 0;
+}
+
+#if 0
+int http_auth_md5_hex2lc (char *md5hex)
+{
+    /* validate and transform 32-byte MD5 hex string to lowercase */
+    int i;
+    for (i = 0; md5hex[i]; ++i) {
+        int c = md5hex[i];
+        if ('0' <= c && c <= '9')                   continue;
+        else if ((c |= 0x20), 'a' <= c && c <= 'f') md5hex[i] = c;
+        else                                        return -1;
+    }
+    return (32 == i) ? 0 : -1; /*(Note: char *md5hex must be a 32-char string)*/
+}
+#endif
--- a/src/http_auth.h
+++ b/src/http_auth.h
@ -14,4 +14,6 @@ typedef struct http_auth_backend_t {
 const http_auth_backend_t * http_auth_backend_get (const buffer *name);
 void http_auth_backend_set (const http_auth_backend_t *backend);

+int http_auth_md5_hex2bin (const char *md5hex, size_t len, unsigned char md5bin[16]);
+
 #endif
--- a/src/mod_authn_file.c
+++ b/src/mod_authn_file.c
@ -259,13 +259,7 @@ static int mod_authn_file_htdigest_get(server *srv, const buffer *auth_fn, const

            fclose(fp);

-            if (pwd_len != 32) return -1;
-            /* transform the 32-byte-hex-md5 (f_pwd) to a 16-byte-md5 (HA1) */
-            for (int i = 0; i < 16; i++) {
-                HA1[i] = hex2int(f_pwd[i*2]) << 4;
-                HA1[i] |= hex2int(f_pwd[i*2+1]);
-            }
-            return 0;
+            return http_auth_md5_hex2bin(f_pwd, pwd_len, HA1);
        }
    }