On Wed, Jul 28, 2004 at 12:36:30AM +0300, Timo Sirainen wrote:
HMAC-MD5 code looks quite similiar to src/auth/password-scheme-cram-md5.c. Could they be merged somehow?
The use of HMAC in CRAM-MD5 is different to that in NTLM; although both start with the construction of the inner and outer pads, the stored form in CRAM-MD5 is the internal structures of the md5 contexts midway through the HMAC computation. As a result, the CRAM-MD5 generator reaches inside the md5_context struct itself and directly touches a,b,c & d.
There is one other possible issue with Andrey's code, in that it leaves the key in memory (XOR'd) in between hmac_md5_init and final, in the ipad and opad. The MD5 algorithm only leaves bits of the bits of the input if it wasn't a multiple of 512 bits, which is one reason I think CRAM-MD5 is deliberately using that block size. We can remove the issue, and make the struct smaller, by initializing the outer MD5 context first.
The attached files are a draft merge of the two, and the two new functions would be used by password-scheme-cram-md5.c and mech-cram-md5.c (and also wipe the ipad/opad after use). WARNING: Since Andrey's code isn't committed yet, I haven't tried to compile them, but this is how they should look, notwithstanding possible typos or missed #includes.
Joshua.