pegasus/anope
1
0
Fork 0
mirror of https://github.com/anope/anope.git synced 2026-06-12 18:54:47 +02:00
Code Activity

Move the HMAC function to the encryption header.

Browse Source 
This will be useful for doing challenge authentication on InspIRCd.
This commit is contained in:
Sadie Powell
2024-03-09 22:51:23 +00:00
parent 1b86665d81
commit defb8348a7
2 changed files with 23 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files
include/modules/encryption.h
+21
View File
@@ -73,6 +73,27 @@ namespace Encryption
context->Update(std::forward<Args>(args)...);
return context->Finalize();
}
inline Anope::string HMAC(const Anope::string &key, const Anope::string &data)
{
if (!block_size)
return {};
auto keybuf = key.length() > block_size ? Encrypt(key) : key;
keybuf.resize(block_size);
Anope::string hmac1;
Anope::string hmac2;
for (size_t i = 0; i < block_size; ++i)
{
hmac1.push_back(static_cast<char>(keybuf[i] ^ 0x5C));
hmac2.push_back(static_cast<char>(keybuf[i] ^ 0x36));
}
hmac2.append(data);
hmac1.append(Encrypt(hmac2));
return Encrypt(hmac1);
}
};
/** Helper template for creating simple providers of encryption contexts. */
modules/encryption/enc_sha2.cpp
+2 -20
View File
@@ -100,24 +100,6 @@ private:
return nullptr;
}
Anope::string HMAC(Encryption::Provider *provider, const Anope::string &key, const Anope::string &data)
{
auto keybuf = key.length() > provider->block_size ? provider->Encrypt(key) : key;
keybuf.resize(provider->block_size);
Anope::string hmac1;
Anope::string hmac2;
for (size_t i = 0; i < provider->block_size; ++i)
{
hmac1.push_back(static_cast<char>(keybuf[i] ^ 0x5C));
hmac2.push_back(static_cast<char>(keybuf[i] ^ 0x36));
}
hmac2.append(data);
hmac1.append(provider->Encrypt(hmac2));
return provider->Encrypt(hmac1);
}
public:
ESHA2(const Anope::string &modname, const Anope::string &creator)
: Module(modname, creator, ENCRYPTION | VENDOR)
@@ -139,7 +121,7 @@ public:
return EVENT_CONTINUE;
auto key = GenerateKey(defaultprovider->digest_size);
auto hmac = HMAC(defaultprovider, key, src);
auto hmac = defaultprovider->HMAC(key, src);
auto enc = "hmac-" + defaultprovider->name + ":" + Anope::Hex(hmac) + ":" + Anope::Hex(key);
Log(LOG_DEBUG_2) << "(enc_sha2) hashed password from [" << src << "] to [" << enc << "]";
dest = enc;
@@ -174,7 +156,7 @@ public:
Anope::string key;
Anope::Unhex(key_hex, key);
auto enc = Anope::Hex(HMAC(provider, key, req->GetPassword()));
auto enc = Anope::Hex(provider->HMAC(key, req->GetPassword()));
if (pass_hex.equals_cs(enc))
{
// If we are NOT the first encryption module or the algorithm is