diff options
| author | Sadie Powell <sadie@witchery.services> | 2024-03-09 22:51:23 +0000 |
|---|---|---|
| committer | Sadie Powell <sadie@witchery.services> | 2024-03-09 22:51:23 +0000 |
| commit | defb8348a79e499700cefaf2f4a63daefeaaac7e (patch) | |
| tree | 3b737a09c9565d7dcb1603716b571548e79f1385 | |
| parent | 1b86665d81c0beefb140dcd2eaac8274e88617da (diff) | |
Move the HMAC function to the encryption header.
This will be useful for doing challenge authentication on InspIRCd.
| -rw-r--r-- | include/modules/encryption.h | 21 | ||||
| -rw-r--r-- | modules/encryption/enc_sha2.cpp | 22 |
2 files changed, 23 insertions, 20 deletions
diff --git a/include/modules/encryption.h b/include/modules/encryption.h index 6b13fcf41..0eec23ec3 100644 --- a/include/modules/encryption.h +++ b/include/modules/encryption.h @@ -73,6 +73,27 @@ namespace Encryption context->Update(std::forward<Args>(args)...); return context->Finalize(); } + + inline Anope::string HMAC(const Anope::string &key, const Anope::string &data) + { + if (!block_size) + return {}; + + auto keybuf = key.length() > block_size ? Encrypt(key) : key; + keybuf.resize(block_size); + + Anope::string hmac1; + Anope::string hmac2; + for (size_t i = 0; i < block_size; ++i) + { + hmac1.push_back(static_cast<char>(keybuf[i] ^ 0x5C)); + hmac2.push_back(static_cast<char>(keybuf[i] ^ 0x36)); + } + hmac2.append(data); + hmac1.append(Encrypt(hmac2)); + + return Encrypt(hmac1); + } }; /** Helper template for creating simple providers of encryption contexts. */ diff --git a/modules/encryption/enc_sha2.cpp b/modules/encryption/enc_sha2.cpp index d625bf949..6770abe8d 100644 --- a/modules/encryption/enc_sha2.cpp +++ b/modules/encryption/enc_sha2.cpp @@ -100,24 +100,6 @@ private: return nullptr; } - Anope::string HMAC(Encryption::Provider *provider, const Anope::string &key, const Anope::string &data) - { - auto keybuf = key.length() > provider->block_size ? provider->Encrypt(key) : key; - keybuf.resize(provider->block_size); - - Anope::string hmac1; - Anope::string hmac2; - for (size_t i = 0; i < provider->block_size; ++i) - { - hmac1.push_back(static_cast<char>(keybuf[i] ^ 0x5C)); - hmac2.push_back(static_cast<char>(keybuf[i] ^ 0x36)); - } - hmac2.append(data); - hmac1.append(provider->Encrypt(hmac2)); - - return provider->Encrypt(hmac1); - } - public: ESHA2(const Anope::string &modname, const Anope::string &creator) : Module(modname, creator, ENCRYPTION | VENDOR) @@ -139,7 +121,7 @@ public: return EVENT_CONTINUE; auto key = GenerateKey(defaultprovider->digest_size); - auto hmac = HMAC(defaultprovider, key, src); + auto hmac = defaultprovider->HMAC(key, src); auto enc = "hmac-" + defaultprovider->name + ":" + Anope::Hex(hmac) + ":" + Anope::Hex(key); Log(LOG_DEBUG_2) << "(enc_sha2) hashed password from [" << src << "] to [" << enc << "]"; dest = enc; @@ -174,7 +156,7 @@ public: Anope::string key; Anope::Unhex(key_hex, key); - auto enc = Anope::Hex(HMAC(provider, key, req->GetPassword())); + auto enc = Anope::Hex(provider->HMAC(key, req->GetPassword())); if (pass_hex.equals_cs(enc)) { // If we are NOT the first encryption module or the algorithm is |