صفحهٔ اصلی گشت‌و‌گذار راهنما
ورود
RT-Thread-packages
/
esp-idf
mirrorاز https://github-proxy.rt-thread.io/RT-Thread-packages/esp-idf.git
2
0
انشعاب 0
پرونده‌ها مشکلات 0 ویکی
درخت: v5.0-dev
شاخه‌ها تگ‌ها
esp-idf
/
components
/
esp_http_client
/
lib
/
http_auth.c

http_auth.c 4.3 KB
لینک دائمی تاريخچه خام

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150 
  1. /*
    2. 

  2.  * SPDX-FileCopyrightText: 2015-2021 Espressif Systems (Shanghai) CO LTD
    3. 

  3.  *
    4. 

  4.  * SPDX-License-Identifier: Apache-2.0
    5. 

  5.  */
    6. 

  6. 

  7. #include <stdlib.h>
    8. 

  8. #include <string.h>
    9. 

  9. #include <stdio.h>
    10. 

  10. #include <stdarg.h>
    11. 

  11. 

  12. #include "esp_netif.h"
    13. 

  13. #include "lwip/sockets.h"
    14. 

  14. #include "esp_rom_md5.h"
    15. 

  15. #include "esp_tls_crypto.h"
    16. 

  16. 

  17. #include "esp_system.h"
    18. 

  18. #include "esp_log.h"
    19. 

  19. 

  20. #include "http_utils.h"
    21. 

  21. #include "http_auth.h"
    22. 

  22. 

  23. #define MD5_MAX_LEN (33)
    24. 

  24. #define HTTP_AUTH_BUF_LEN (1024)
    25. 

  25. 

  26. static const char *TAG = "HTTP_AUTH";
    27. 

  27. 

  28. /**
    29. 

  29.  * @brief      This function hash a formatted string with MD5 and format the result as ascii characters
    30. 

  30.  *
    31. 

  31.  * @param      md         The buffer will hold the ascii result
    32. 

  32.  * @param[in]  fmt        The format
    33. 

  33.  *
    34. 

  34.  * @return     Length of the result
    35. 

  35.  */
    36. 

  36. static int md5_printf(char *md, const char *fmt, ...)
    37. 

  37. {
    38. 

  38.     unsigned char *buf;
    39. 

  39.     unsigned char digest[MD5_MAX_LEN];
    40. 

  40.     int len, i;
    41. 

  41.     struct MD5Context md5_ctx;
    42. 

  42.     va_list ap;
    43. 

  43.     va_start(ap, fmt);
    44. 

  44.     len = vasprintf((char **)&buf, fmt, ap);
    45. 

  45.     if (buf == NULL) {
    46. 

  46.         va_end(ap);
    47. 

  47.         return ESP_FAIL;
    48. 

  48.     }
    49. 

  49. 

  50.     esp_rom_md5_init(&md5_ctx);
    51. 

  51.     esp_rom_md5_update(&md5_ctx, buf, len);
    52. 

  52.     esp_rom_md5_final(digest, &md5_ctx);
    53. 

  53. 

  54.     for (i = 0; i < 16; ++i) {
    55. 

  55.         sprintf(&md[i * 2], "%02x", (unsigned int)digest[i]);
    56. 

  56.     }
    57. 

  57.     va_end(ap);
    58. 

  58. 

  59.     free(buf);
    60. 

  60.     return MD5_MAX_LEN;
    61. 

  61. }
    62. 

  62. 

  63. char *http_auth_digest(const char *username, const char *password, esp_http_auth_data_t *auth_data)
    64. 

  64. {
    65. 

  65.     char *ha1, *ha2 = NULL;
    66. 

  66.     char *digest = NULL;
    67. 

  67.     char *auth_str = NULL;
    68. 

  68.     char *temp_auth_str = NULL;
    69. 

  69. 

  70.     if (username == NULL ||
    71. 

  71.         password == NULL ||
    72. 

  72.         auth_data->nonce == NULL ||
    73. 

  73.         auth_data->uri == NULL ||
    74. 

  74.         auth_data->realm == NULL) {
    75. 

  75.         return NULL;
    76. 

  76.     }
    77. 

  77. 

  78.     ha1 = calloc(1, MD5_MAX_LEN);
    79. 

  79.     HTTP_MEM_CHECK(TAG, ha1, goto _digest_exit);
    80. 

  80. 

  81.     ha2 = calloc(1, MD5_MAX_LEN);
    82. 

  82.     HTTP_MEM_CHECK(TAG, ha2, goto _digest_exit);
    83. 

  83. 

  84.     digest = calloc(1, MD5_MAX_LEN);
    85. 

  85.     HTTP_MEM_CHECK(TAG, digest, goto _digest_exit);
    86. 

  86. 

  87.     if (md5_printf(ha1, "%s:%s:%s", username, auth_data->realm, password) <= 0) {
    88. 

  88.         goto _digest_exit;
    89. 

  89.     }
    90. 

  90. 

  91.     ESP_LOGD(TAG, "%s %s %s %s\r\n", "Digest", username, auth_data->realm, password);
    92. 

  92.     if (strcasecmp(auth_data->algorithm, "md5-sess") == 0) {
    93. 

  93.         if (md5_printf(ha1, "%s:%s:%016llx", ha1, auth_data->nonce, auth_data->cnonce) <= 0) {
    94. 

  94.             goto _digest_exit;
    95. 

  95.         }
    96. 

  96.     }
    97. 

  97.     if (md5_printf(ha2, "%s:%s", auth_data->method, auth_data->uri) <= 0) {
    98. 

  98.         goto _digest_exit;
    99. 

  99.     }
    100. 

  100. 

  101.     //support qop = auth
    102. 

  102.     if (auth_data->qop && strcasecmp(auth_data->qop, "auth-int") == 0) {
    103. 

  103.         if (md5_printf(ha2, "%s:%s", ha2, "entity") <= 0) {
    104. 

  104.             goto _digest_exit;
    105. 

  105.         }
    106. 

  106.     }
    107. 

  107. 

  108.     if (auth_data->qop) {
    109. 

  109.         // response=MD5(HA1:nonce:nonceCount:cnonce:qop:HA2)
    110. 

  110.         if (md5_printf(digest, "%s:%s:%08x:%016llx:%s:%s", ha1, auth_data->nonce, auth_data->nc, auth_data->cnonce, auth_data->qop, ha2) <= 0) {
    111. 

  111.             goto _digest_exit;
    112. 

  112.         }
    113. 

  113.     } else {
    114. 

  114.         // response=MD5(HA1:nonce:HA2)
    115. 

  115.         if (md5_printf(digest, "%s:%s:%s", ha1, auth_data->nonce, ha2) <= 0) {
    116. 

  116.             goto _digest_exit;
    117. 

  117.         }
    118. 

  118.     }
    119. 

  119.     asprintf(&auth_str, "Digest username=\"%s\", realm=\"%s\", nonce=\"%s\", uri=\"%s\", algorithm=\"MD5\", "
    120. 

  120.              "response=\"%s\", qop=%s, nc=%08x, cnonce=\"%016llx\"",
    121. 

  121.              username, auth_data->realm, auth_data->nonce, auth_data->uri, digest, auth_data->qop, auth_data->nc, auth_data->cnonce);
    122. 

  122.     if (auth_data->opaque) {
    123. 

  123.         asprintf(&temp_auth_str, "%s, opaque=\"%s\"", auth_str, auth_data->opaque);
    124. 

  124.         free(auth_str);
    125. 

  125.         auth_str = temp_auth_str;
    126. 

  126.     }
    127. 

  127. _digest_exit:
    128. 

  128.     free(ha1);
    129. 

  129.     free(ha2);
    130. 

  130.     free(digest);
    131. 

  131.     return auth_str;
    132. 

  132. }
    133. 

  133. 

  134. char *http_auth_basic(const char *username, const char *password)
    135. 

  135. {
    136. 

  136.     int out;
    137. 

  137.     char *user_info = NULL;
    138. 

  138.     char *digest = NULL;
    139. 

  139.     size_t n = 0;
    140. 

  140.     asprintf(&user_info, "%s:%s", username, password);
    141. 

  141.     HTTP_MEM_CHECK(TAG, user_info, return NULL);
    142. 

  142.     esp_crypto_base64_encode(NULL, 0, &n, (const unsigned char *)user_info, strlen(user_info));
    143. 

  143.     digest = calloc(1, 6 + n + 1);
    144. 

  144.     HTTP_MEM_CHECK(TAG, digest, goto _basic_exit);
    145. 

  145.     strcpy(digest, "Basic ");
    146. 

  146.     esp_crypto_base64_encode((unsigned char *)digest + 6, n, (size_t *)&out, (const unsigned char *)user_info, strlen(user_info));
    147. 

  147. _basic_exit:
    148. 

  148.     free(user_info);
    149. 

  149.     return digest;
    150. 

  150. }
    151.