ApacheTrafficServer: ink_auth

Go to the documentation of this file.
00001 /** @file
00002 
00003   PE/TE authentication definitions
00004 
00005   @section license License
00006 
00007   Licensed to the Apache Software Foundation (ASF) under one
00008   or more contributor license agreements.  See the NOTICE file
00009   distributed with this work for additional information
00010   regarding copyright ownership.  The ASF licenses this file
00011   to you under the Apache License, Version 2.0 (the
00012   "License"); you may not use this file except in compliance
00013   with the License.  You may obtain a copy of the License at
00014 
00015       http://www.apache.org/licenses/LICENSE-2.0
00016 
00017   Unless required by applicable law or agreed to in writing, software
00018   distributed under the License is distributed on an "AS IS" BASIS,
00019   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
00020   See the License for the specific language governing permissions and
00021   limitations under the License.
00022  */
00023 
00024 #include <time.h>
00025 #include <stdint.h>
00026 #include "ink_rand.h"
00027 #include "ink_code.h"
00028 #include "ink_auth_api.h"
00029 
00030 static int s_rand_seed = time(NULL); // + s_rand_seed;
00031 static InkRand
00032 s_rand_gen(ink_rand_r((unsigned int *) &s_rand_seed) ^ (uintptr_t) &s_rand_seed);
00033 
00034 inline uint32_t
00035 ink_get_rand_intrn()
00036 {
00037   return s_rand_gen.random();
00038 }
00039 
00040 inline void
00041 ink_make_token_intrn(INK_AUTH_TOKEN * tok, const INK_AUTH_SEED * const *seeds, int slen)
00042 {
00043   INK_DIGEST_CTX ctx;
00044   ink_code_incr_md5_init(&ctx);
00045   while (slen-- > 0) {
00046     ink_code_incr_md5_update(&ctx, (const char *) seeds[slen]->data(), seeds[slen]->length());
00047   }
00048   ink_code_incr_md5_final((char *) &(tok->u8[0]), &ctx);
00049 }
00050 
00051 uint32_t
00052 ink_get_rand()
00053 {
00054   return ink_get_rand_intrn();
00055 }
00056 
00057 void
00058 ink_make_token(INK_AUTH_TOKEN * tok, const INK_AUTH_TOKEN & mask, const INK_AUTH_SEED * const *seeds, int slen)
00059 {
00060   ink_make_token_intrn(tok, seeds, slen);
00061   for (int i = 3; i >= 0; i--)  // randomize masked bits
00062     tok->u32[i] ^= mask.u32[i] & ink_get_rand_intrn();
00063 }
00064 
00065 uint32_t
00066 ink_make_token32(uint32_t mask, const INK_AUTH_SEED * const *seeds, int slen)
00067 {
00068   INK_AUTH_TOKEN tok;
00069   ink_make_token_intrn(&tok, seeds, slen);
00070   tok.u64[1] ^= tok.u64[0];
00071   tok.u32[3] ^= tok.u32[2];
00072   return tok.u32[3] ^ (mask & ink_get_rand_intrn());
00073 }
00074 
00075 uint64_t
00076 ink_make_token64(uint64_t mask, const INK_AUTH_SEED * const *seeds, int slen)
00077 {
00078   INK_AUTH_TOKEN tok;
00079   ink_make_token_intrn(&tok, seeds, slen);
00080   tok.u64[1] ^= tok.u64[0];
00081   return tok.u64[1] ^ (mask & ((uint64_t) ink_get_rand_intrn() + (((uint64_t) ink_get_rand_intrn()) << 32)));
00082 }
ink_auth_api.cc
