suplib/src/AuthMD5.m3


 Copyright 1999-2003 John D. Polstra.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgment:
 *      This product includes software developed by John D. Polstra.
 * 4. The name of the author may not be used to endorse or promote products
 *    derived from this software without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 

MODULE AuthMD5;

IMPORT ASCII, Fmt, IP, MD5, Process, Random, Text, Time;

VAR
  rand: Random.T := NIL;

PROCEDURE CheckResponse(response: TEXT;
		        challenge: TEXT;
		        sharedSecret: TEXT): BOOLEAN =
  BEGIN
    RETURN Text.Equal(response, GenResponse(challenge, sharedSecret));
  END CheckResponse;

PROCEDURE GenChallenge(peerAddr: IP.Address;
		       privateKey: TEXT): TEXT =
  VAR
    md5 := MD5.New();
  BEGIN
    IF rand = NIL THEN
      rand := NEW(Random.Default).init();
    END;
    md5.updateText(Fmt.Int(peerAddr.a[0]));
    md5.updateText(".");
    md5.updateText(Fmt.Int(peerAddr.a[1]));
    md5.updateText(".");
    md5.updateText(Fmt.Int(peerAddr.a[2]));
    md5.updateText(".");
    md5.updateText(Fmt.Int(peerAddr.a[3]));
    md5.updateText(":");
    md5.updateText(Fmt.LongReal(Time.Now(), Fmt.Style.Fix));
    md5.updateText(":");
    md5.updateText(Fmt.Int(Process.GetMyID()));
    md5.updateText(":");
    md5.updateText(Fmt.Int(rand.integer(0)));
    md5.updateText(":");
    md5.updateText(privateKey);
    RETURN md5.finish();
  END GenChallenge;

PROCEDURE GenResponse(challenge: TEXT;
                      sharedSecret: TEXT): TEXT =
  VAR
    md5 := MD5.New();
  BEGIN
    md5.updateText(sharedSecret);
    md5.updateText(":");
    md5.updateText(challenge);
    RETURN md5.finish();
  END GenResponse;

PROCEDURE MakeSecret(realm: TEXT;
                     user: TEXT;
		     password: TEXT): TEXT =
  VAR
    md5 := MD5.New();
  BEGIN
    md5.updateText(ToLower(user));
    md5.updateText(":");
    md5.updateText(ToLower(realm));
    md5.updateText(":");
    md5.updateText(password);
    RETURN "$md5$" & md5.finish();
  END MakeSecret;

PROCEDURE ToLower(t: TEXT): TEXT =
  VAR
    len := Text.Length(t);
    chars := NEW(REF ARRAY OF CHAR, len);
  BEGIN
    Text.SetChars(chars^, t);
    FOR i := 0 TO len-1 DO
      chars[i] := ASCII.Lower[chars[i]];
    END;
    RETURN Text.FromChars(chars^);
  END ToLower;

BEGIN
END AuthMD5.

interface ASCII is in: