11 int make_challenge(const char *id, const char *pass, const char *nonce,
12 unsigned char *challenge, int *challengesize)
16 if (serial_init(&srl, challenge, *challengesize)) return -1;
17 if (serial_put(&srl, id, strlen(id)) != strlen(id)) return -2;
18 if (serial_put(&srl, pass, strlen(pass)) != strlen(pass)) return -3;
19 if (serial_put(&srl, nonce, strlen(nonce)) != strlen(nonce)) return -4;
20 if (serial_put(&srl, NULL, 0) != 0) return -5;
21 *challengesize = serial_size(&srl);
25 int make_authobj(const char *id, const char *pass, const char *nonce,
26 const unsigned char *secret, const int secsize,
27 const unsigned char *payload, const int paysize,
28 unsigned char *buffer, int *bufsize)
32 unsigned char datahash[HASHSIZE];
33 int datahashsize = HASHSIZE;
34 unsigned char *challenge;
36 unsigned char key[HASHSIZE];
37 int keysize = HASHSIZE;
40 datasize = ((secsize + paysize + HASHSIZE * 4 * sizeof(short) - 1) /
41 CBLKSIZE + 1) * CBLKSIZE;
42 data = alloca(datasize);
43 if (serial_init(&srl, data, datasize)) return -1;
44 if (serial_put(&srl, secret, secsize) != secsize) return -2;
45 if (serial_put(&srl, payload, paysize) != paysize) return -3;
46 if (hash(data, serial_size(&srl), datahash, &datahashsize))
48 if (serial_put(&srl, datahash, datahashsize) != datahashsize)
50 if (serial_put(&srl, NULL, 0) != 0) return -6;
51 datasize = ((serial_size(&srl) -1) / CBLKSIZE + 1) * CBLKSIZE;
53 challengesize = ((strlen(id) + strlen(pass) + strlen(nonce) +
54 4 * sizeof(short) - 1) / CBLKSIZE + 1) * CBLKSIZE;
55 challenge = alloca(challengesize);
56 if (make_challenge(id, pass, nonce, challenge, &challengesize))
59 if (hmac(secret, secsize, challenge, challengesize,
60 key, &keysize)) return -8;
62 if (*bufsize < datasize) return -9;
63 if (encrypt(key, CBLKSIZE, data, buffer, datasize)) return -10;
69 int parse_authobj(const unsigned char *key, const int keysize,
70 const unsigned char *buffer, const int bufsize,
71 unsigned char *secret, int *secsize,
72 unsigned char *payload, int *paysize)
74 int datasize = bufsize;
75 unsigned char *data = alloca(datasize);
78 unsigned char myhash[HASHSIZE];
79 int myhashsize = HASHSIZE;
80 unsigned char theirhash[HASHSIZE];
81 int theirhashsize = HASHSIZE;
83 if (decrypt(key, CBLKSIZE, buffer, data, datasize))
85 if (serial_init(&srl, data, datasize)) return -2;
87 *secsize = serial_get(&srl, secret, tsize);
88 if (*secsize > tsize || *secsize <= 0) return -3;
90 *paysize = serial_get(&srl, payload, tsize);
91 if (*paysize > tsize || *paysize <= 0) return -4;
92 if (hash(data, serial_size(&srl), myhash, &myhashsize)) return -5;
93 theirhashsize = serial_get(&srl, theirhash, theirhashsize);
94 if (theirhashsize != HASHSIZE) return -6;
95 if ((myhashsize != theirhashsize) ||
96 memcmp(myhash, theirhash, myhashsize))