summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRemko Tronçon <git@el-tramo.be>2011-05-18 13:45:41 (GMT)
committerRemko Tronçon <git@el-tramo.be>2011-05-18 14:24:28 (GMT)
commit23fa0f462ddd0c686c677bfe5d4d743621432b7e (patch)
treeb8f0ea1860640f89eafba2460cc5d45bf28fc77c /Swiften/SASL
parent2456a8b12163b3249b6b9164b601c36772eb05a1 (diff)
downloadswift-contrib-23fa0f462ddd0c686c677bfe5d4d743621432b7e.zip
swift-contrib-23fa0f462ddd0c686c677bfe5d4d743621432b7e.tar.bz2
Introduce safe containers for storing passwords.
Diffstat (limited to 'Swiften/SASL')
-rw-r--r--Swiften/SASL/ClientAuthenticator.h15
-rw-r--r--Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp12
-rw-r--r--Swiften/SASL/DIGESTMD5ClientAuthenticator.h3
-rw-r--r--Swiften/SASL/PLAINClientAuthenticator.cpp4
-rw-r--r--Swiften/SASL/PLAINClientAuthenticator.h2
-rw-r--r--Swiften/SASL/PLAINMessage.cpp12
-rw-r--r--Swiften/SASL/PLAINMessage.h12
-rw-r--r--Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp12
-rw-r--r--Swiften/SASL/SCRAMSHA1ClientAuthenticator.h2
-rw-r--r--Swiften/SASL/UnitTest/DIGESTMD5ClientAuthenticatorTest.cpp9
-rw-r--r--Swiften/SASL/UnitTest/PLAINClientAuthenticatorTest.cpp4
-rw-r--r--Swiften/SASL/UnitTest/PLAINMessageTest.cpp20
-rw-r--r--Swiften/SASL/UnitTest/SCRAMSHA1ClientAuthenticatorTest.cpp37
13 files changed, 76 insertions, 68 deletions
diff --git a/Swiften/SASL/ClientAuthenticator.h b/Swiften/SASL/ClientAuthenticator.h
index 399a9d5..6557b9a 100644
--- a/Swiften/SASL/ClientAuthenticator.h
+++ b/Swiften/SASL/ClientAuthenticator.h
@@ -7,10 +7,13 @@
#pragma once
#include <boost/optional.hpp>
-
#include <string>
#include <vector>
+#include <Swiften/Base/SafeString.h>
+#include <Swiften/Base/SafeByteArray.h>
+#include <Swiften/Base/ByteArray.h>
+
namespace Swift {
class ClientAuthenticator {
public:
@@ -21,14 +24,14 @@ namespace Swift {
return name;
}
- void setCredentials(const std::string& authcid, const std::string& password, const std::string& authzid = std::string()) {
+ void setCredentials(const std::string& authcid, const SafeString& password, const std::string& authzid = std::string()) {
this->authcid = authcid;
this->password = password;
this->authzid = authzid;
}
- virtual boost::optional< std::vector<unsigned char> > getResponse() const = 0;
- virtual bool setChallenge(const boost::optional< std::vector<unsigned char> >&) = 0;
+ virtual boost::optional<SafeByteArray> getResponse() const = 0;
+ virtual bool setChallenge(const boost::optional<ByteArray>&) = 0;
const std::string& getAuthenticationID() const {
return authcid;
@@ -38,14 +41,14 @@ namespace Swift {
return authzid;
}
- const std::string& getPassword() const {
+ const SafeString& getPassword() const {
return password;
}
private:
std::string name;
std::string authcid;
- std::string password;
+ SafeString password;
std::string authzid;
};
}
diff --git a/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp b/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp
index 3ff0893..ffa098c 100644
--- a/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp
+++ b/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp
@@ -18,9 +18,9 @@ namespace Swift {
DIGESTMD5ClientAuthenticator::DIGESTMD5ClientAuthenticator(const std::string& host, const std::string& nonce) : ClientAuthenticator("DIGEST-MD5"), step(Initial), host(host), cnonce(nonce) {
}
-boost::optional<ByteArray> DIGESTMD5ClientAuthenticator::getResponse() const {
+boost::optional<SafeByteArray> DIGESTMD5ClientAuthenticator::getResponse() const {
if (step == Initial) {
- return boost::optional<ByteArray>();
+ return boost::optional<SafeByteArray>();
}
else if (step == Response) {
std::string realm;
@@ -33,7 +33,9 @@ boost::optional<ByteArray> DIGESTMD5ClientAuthenticator::getResponse() const {
// Compute the response value
ByteArray A1 = concat(
- MD5::getHash(createByteArray(getAuthenticationID() + ":" + realm + ":" + getPassword())), createByteArray(":"), createByteArray(*challenge.getValue("nonce")), createByteArray(":"), createByteArray(cnonce));
+ MD5::getHash(
+ createSafeByteArray(concat(SafeString(getAuthenticationID().c_str()), SafeString(":"), SafeString(realm.c_str()), SafeString(":"), getPassword()))),
+ createByteArray(":"), createByteArray(*challenge.getValue("nonce")), createByteArray(":"), createByteArray(cnonce));
if (!getAuthorizationID().empty()) {
append(A1, createByteArray(":" + getAuthenticationID()));
}
@@ -60,10 +62,10 @@ boost::optional<ByteArray> DIGESTMD5ClientAuthenticator::getResponse() const {
if (!getAuthorizationID().empty()) {
response.setValue("authzid", getAuthorizationID());
}
- return response.serialize();
+ return createSafeByteArray(response.serialize());
}
else {
- return boost::optional<ByteArray>();
+ return boost::optional<SafeByteArray>();
}
}
diff --git a/Swiften/SASL/DIGESTMD5ClientAuthenticator.h b/Swiften/SASL/DIGESTMD5ClientAuthenticator.h
index 82c8bc5..55bd592 100644
--- a/Swiften/SASL/DIGESTMD5ClientAuthenticator.h
+++ b/Swiften/SASL/DIGESTMD5ClientAuthenticator.h
@@ -12,13 +12,14 @@
#include <vector>
#include <Swiften/SASL/ClientAuthenticator.h>
#include <Swiften/SASL/DIGESTMD5Properties.h>
+#include <Swiften/Base/SafeByteArray.h>
namespace Swift {
class DIGESTMD5ClientAuthenticator : public ClientAuthenticator {
public:
DIGESTMD5ClientAuthenticator(const std::string& host, const std::string& nonce);
- virtual boost::optional<std::vector<unsigned char> > getResponse() const;
+ virtual boost::optional<SafeByteArray> getResponse() const;
virtual bool setChallenge(const boost::optional<std::vector<unsigned char> >&);
private:
diff --git a/Swiften/SASL/PLAINClientAuthenticator.cpp b/Swiften/SASL/PLAINClientAuthenticator.cpp
index 675542f..17f880a 100644
--- a/Swiften/SASL/PLAINClientAuthenticator.cpp
+++ b/Swiften/SASL/PLAINClientAuthenticator.cpp
@@ -12,8 +12,8 @@ namespace Swift {
PLAINClientAuthenticator::PLAINClientAuthenticator() : ClientAuthenticator("PLAIN") {
}
-boost::optional<ByteArray> PLAINClientAuthenticator::getResponse() const {
- return concat(createByteArray(getAuthorizationID()), createByteArray('\0'), createByteArray(getAuthenticationID()), createByteArray('\0'), createByteArray(getPassword()));
+boost::optional<SafeByteArray> PLAINClientAuthenticator::getResponse() const {
+ return concat(createSafeByteArray(getAuthorizationID()), createSafeByteArray('\0'), createSafeByteArray(getAuthenticationID()), createSafeByteArray('\0'), createSafeByteArray(getPassword()));
}
bool PLAINClientAuthenticator::setChallenge(const boost::optional<ByteArray>&) {
diff --git a/Swiften/SASL/PLAINClientAuthenticator.h b/Swiften/SASL/PLAINClientAuthenticator.h
index 4e8f8be..83e45c1 100644
--- a/Swiften/SASL/PLAINClientAuthenticator.h
+++ b/Swiften/SASL/PLAINClientAuthenticator.h
@@ -14,7 +14,7 @@ namespace Swift {
public:
PLAINClientAuthenticator();
- virtual boost::optional<ByteArray> getResponse() const;
+ virtual boost::optional<SafeByteArray> getResponse() const;
virtual bool setChallenge(const boost::optional<ByteArray>&);
};
}
diff --git a/Swiften/SASL/PLAINMessage.cpp b/Swiften/SASL/PLAINMessage.cpp
index 036887c..20ffea7 100644
--- a/Swiften/SASL/PLAINMessage.cpp
+++ b/Swiften/SASL/PLAINMessage.cpp
@@ -5,13 +5,14 @@
*/
#include <Swiften/SASL/PLAINMessage.h>
+#include <Swiften/Base/Concat.h>
namespace Swift {
-PLAINMessage::PLAINMessage(const std::string& authcid, const std::string& password, const std::string& authzid) : authcid(authcid), authzid(authzid), password(password) {
+PLAINMessage::PLAINMessage(const std::string& authcid, const SafeByteArray& password, const std::string& authzid) : authcid(authcid), authzid(authzid), password(password) {
}
-PLAINMessage::PLAINMessage(const ByteArray& value) {
+PLAINMessage::PLAINMessage(const SafeByteArray& value) {
size_t i = 0;
while (i < value.size() && value[i] != '\0') {
authzid += value[i];
@@ -31,14 +32,13 @@ PLAINMessage::PLAINMessage(const ByteArray& value) {
}
++i;
while (i < value.size()) {
- password += value[i];
+ password.push_back(value[i]);
++i;
}
}
-ByteArray PLAINMessage::getValue() const {
- std::string s = authzid + '\0' + authcid + '\0' + password;
- return createByteArray(s);
+SafeByteArray PLAINMessage::getValue() const {
+ return concat(createSafeByteArray(authzid), createSafeByteArray('\0'), createSafeByteArray(authcid), createSafeByteArray('\0'), password);
}
}
diff --git a/Swiften/SASL/PLAINMessage.h b/Swiften/SASL/PLAINMessage.h
index 916d267..46ee8f7 100644
--- a/Swiften/SASL/PLAINMessage.h
+++ b/Swiften/SASL/PLAINMessage.h
@@ -9,21 +9,21 @@
#pragma once
#include <string>
-#include <Swiften/Base/ByteArray.h>
+#include <Swiften/Base/SafeByteArray.h>
namespace Swift {
class PLAINMessage {
public:
- PLAINMessage(const std::string& authcid, const std::string& password, const std::string& authzid = "");
- PLAINMessage(const ByteArray& value);
+ PLAINMessage(const std::string& authcid, const SafeByteArray& password, const std::string& authzid = "");
+ PLAINMessage(const SafeByteArray& value);
- ByteArray getValue() const;
+ SafeByteArray getValue() const;
const std::string& getAuthenticationID() const {
return authcid;
}
- const std::string& getPassword() const {
+ const SafeByteArray& getPassword() const {
return password;
}
@@ -34,6 +34,6 @@ namespace Swift {
private:
std::string authcid;
std::string authzid;
- std::string password;
+ SafeByteArray password;
};
}
diff --git a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp
index bda35b9..a9855a5 100644
--- a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp
+++ b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp
@@ -39,23 +39,23 @@ static std::string escape(const std::string& s) {
SCRAMSHA1ClientAuthenticator::SCRAMSHA1ClientAuthenticator(const std::string& nonce, bool useChannelBinding) : ClientAuthenticator(useChannelBinding ? "SCRAM-SHA-1-PLUS" : "SCRAM-SHA-1"), step(Initial), clientnonce(nonce), useChannelBinding(useChannelBinding) {
}
-boost::optional<ByteArray> SCRAMSHA1ClientAuthenticator::getResponse() const {
+boost::optional<SafeByteArray> SCRAMSHA1ClientAuthenticator::getResponse() const {
if (step == Initial) {
- return concat(getGS2Header(), getInitialBareClientMessage());
+ return createSafeByteArray(concat(getGS2Header(), getInitialBareClientMessage()));
}
else if (step == Proof) {
ByteArray clientKey = HMACSHA1::getResult(saltedPassword, createByteArray("Client Key"));
ByteArray storedKey = SHA1::getHash(clientKey);
- ByteArray clientSignature = HMACSHA1::getResult(storedKey, authMessage);
+ ByteArray clientSignature = HMACSHA1::getResult(createSafeByteArray(storedKey), authMessage);
ByteArray clientProof = clientKey;
for (unsigned int i = 0; i < clientProof.size(); ++i) {
clientProof[i] ^= clientSignature[i];
}
ByteArray result = concat(getFinalMessageWithoutProof(), createByteArray(",p="), createByteArray(Base64::encode(clientProof)));
- return result;
+ return createSafeByteArray(result);
}
else {
- return boost::optional<ByteArray>();
+ return boost::optional<SafeByteArray>();
}
}
@@ -100,7 +100,7 @@ bool SCRAMSHA1ClientAuthenticator::setChallenge(const boost::optional<ByteArray>
}
// Compute all the values needed for the server signature
- saltedPassword = PBKDF2::encode(createByteArray(StringPrep::getPrepared(getPassword(), StringPrep::SASLPrep)), salt, iterations);
+ saltedPassword = PBKDF2::encode(createSafeByteArray(StringPrep::getPrepared(getPassword(), StringPrep::SASLPrep)), salt, iterations);
authMessage = concat(getInitialBareClientMessage(), createByteArray(","), initialServerMessage, createByteArray(","), getFinalMessageWithoutProof());
ByteArray serverKey = HMACSHA1::getResult(saltedPassword, createByteArray("Server Key"));
serverSignature = HMACSHA1::getResult(serverKey, authMessage);
diff --git a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.h b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.h
index 5780bc4..d140013 100644
--- a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.h
+++ b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.h
@@ -20,7 +20,7 @@ namespace Swift {
void setTLSChannelBindingData(const ByteArray& channelBindingData);
- virtual boost::optional<ByteArray> getResponse() const;
+ virtual boost::optional<SafeByteArray> getResponse() const;
virtual bool setChallenge(const boost::optional<ByteArray>&);
private:
diff --git a/Swiften/SASL/UnitTest/DIGESTMD5ClientAuthenticatorTest.cpp b/Swiften/SASL/UnitTest/DIGESTMD5ClientAuthenticatorTest.cpp
index a16ffac..a16eda8 100644
--- a/Swiften/SASL/UnitTest/DIGESTMD5ClientAuthenticatorTest.cpp
+++ b/Swiften/SASL/UnitTest/DIGESTMD5ClientAuthenticatorTest.cpp
@@ -9,6 +9,7 @@
#include <Swiften/SASL/DIGESTMD5ClientAuthenticator.h>
#include <Swiften/Base/ByteArray.h>
+#include <QA/Checker/IO.h>
using namespace Swift;
@@ -36,9 +37,9 @@ class DIGESTMD5ClientAuthenticatorTest : public CppUnit::TestFixture {
"nonce=\"O6skKPuaCZEny3hteI19qXMBXSadoWs840MchORo\","
"qop=auth,charset=utf-8,algorithm=md5-sess"));
- ByteArray response = *testling.getResponse();
+ SafeByteArray response = *testling.getResponse();
- CPPUNIT_ASSERT_EQUAL(std::string("charset=utf-8,cnonce=\"abcdefgh\",digest-uri=\"xmpp/xmpp.example.com\",nc=00000001,nonce=\"O6skKPuaCZEny3hteI19qXMBXSadoWs840MchORo\",qop=auth,realm=\"example.com\",response=088891c800ecff1b842159ad6459104a,username=\"user\""), byteArrayToString(response));
+ CPPUNIT_ASSERT_EQUAL(createSafeByteArray("charset=utf-8,cnonce=\"abcdefgh\",digest-uri=\"xmpp/xmpp.example.com\",nc=00000001,nonce=\"O6skKPuaCZEny3hteI19qXMBXSadoWs840MchORo\",qop=auth,realm=\"example.com\",response=088891c800ecff1b842159ad6459104a,username=\"user\""), response);
}
void testGetResponse_WithAuthorizationID() {
@@ -50,9 +51,9 @@ class DIGESTMD5ClientAuthenticatorTest : public CppUnit::TestFixture {
"nonce=\"O6skKPuaCZEny3hteI19qXMBXSadoWs840MchORo\","
"qop=auth,charset=utf-8,algorithm=md5-sess"));
- ByteArray response = *testling.getResponse();
+ SafeByteArray response = *testling.getResponse();
- CPPUNIT_ASSERT_EQUAL(std::string("authzid=\"myauthzid\",charset=utf-8,cnonce=\"abcdefgh\",digest-uri=\"xmpp/xmpp.example.com\",nc=00000001,nonce=\"O6skKPuaCZEny3hteI19qXMBXSadoWs840MchORo\",qop=auth,realm=\"example.com\",response=4293834432b6e7889a2dee7e8fe7dd06,username=\"user\""), byteArrayToString(response));
+ CPPUNIT_ASSERT_EQUAL(createSafeByteArray("authzid=\"myauthzid\",charset=utf-8,cnonce=\"abcdefgh\",digest-uri=\"xmpp/xmpp.example.com\",nc=00000001,nonce=\"O6skKPuaCZEny3hteI19qXMBXSadoWs840MchORo\",qop=auth,realm=\"example.com\",response=4293834432b6e7889a2dee7e8fe7dd06,username=\"user\""), response);
}
};
diff --git a/Swiften/SASL/UnitTest/PLAINClientAuthenticatorTest.cpp b/Swiften/SASL/UnitTest/PLAINClientAuthenticatorTest.cpp
index 5c35e79..d6c4188 100644
--- a/Swiften/SASL/UnitTest/PLAINClientAuthenticatorTest.cpp
+++ b/Swiften/SASL/UnitTest/PLAINClientAuthenticatorTest.cpp
@@ -24,7 +24,7 @@ class PLAINClientAuthenticatorTest : public CppUnit::TestFixture {
testling.setCredentials("user", "pass");
- CPPUNIT_ASSERT_EQUAL(*testling.getResponse(), createByteArray("\0user\0pass", 10));
+ CPPUNIT_ASSERT_EQUAL(*testling.getResponse(), createSafeByteArray("\0user\0pass", 10));
}
void testGetResponse_WithAuthzID() {
@@ -32,7 +32,7 @@ class PLAINClientAuthenticatorTest : public CppUnit::TestFixture {
testling.setCredentials("user", "pass", "authz");
- CPPUNIT_ASSERT_EQUAL(*testling.getResponse(), createByteArray("authz\0user\0pass", 15));
+ CPPUNIT_ASSERT_EQUAL(*testling.getResponse(), createSafeByteArray("authz\0user\0pass", 15));
}
};
diff --git a/Swiften/SASL/UnitTest/PLAINMessageTest.cpp b/Swiften/SASL/UnitTest/PLAINMessageTest.cpp
index dc3f82f..26331d6 100644
--- a/Swiften/SASL/UnitTest/PLAINMessageTest.cpp
+++ b/Swiften/SASL/UnitTest/PLAINMessageTest.cpp
@@ -29,39 +29,39 @@ class PLAINMessageTest : public CppUnit::TestFixture
PLAINMessageTest() {}
void testGetValue_WithoutAuthzID() {
- PLAINMessage message("user", "pass");
- CPPUNIT_ASSERT_EQUAL(message.getValue(), createByteArray("\0user\0pass", 10));
+ PLAINMessage message("user", createSafeByteArray("pass"));
+ CPPUNIT_ASSERT_EQUAL(message.getValue(), createSafeByteArray("\0user\0pass", 10));
}
void testGetValue_WithAuthzID() {
- PLAINMessage message("user", "pass", "authz");
- CPPUNIT_ASSERT_EQUAL(message.getValue(), createByteArray("authz\0user\0pass", 15));
+ PLAINMessage message("user", createSafeByteArray("pass"), "authz");
+ CPPUNIT_ASSERT_EQUAL(message.getValue(), createSafeByteArray("authz\0user\0pass", 15));
}
void testConstructor_WithoutAuthzID() {
- PLAINMessage message(createByteArray("\0user\0pass", 10));
+ PLAINMessage message(createSafeByteArray("\0user\0pass", 10));
CPPUNIT_ASSERT_EQUAL(std::string(""), message.getAuthorizationID());
CPPUNIT_ASSERT_EQUAL(std::string("user"), message.getAuthenticationID());
- CPPUNIT_ASSERT_EQUAL(std::string("pass"), message.getPassword());
+ CPPUNIT_ASSERT_EQUAL(createSafeByteArray("pass"), message.getPassword());
}
void testConstructor_WithAuthzID() {
- PLAINMessage message(createByteArray("authz\0user\0pass", 15));
+ PLAINMessage message(createSafeByteArray("authz\0user\0pass", 15));
CPPUNIT_ASSERT_EQUAL(std::string("authz"), message.getAuthorizationID());
CPPUNIT_ASSERT_EQUAL(std::string("user"), message.getAuthenticationID());
- CPPUNIT_ASSERT_EQUAL(std::string("pass"), message.getPassword());
+ CPPUNIT_ASSERT_EQUAL(createSafeByteArray("pass"), message.getPassword());
}
void testConstructor_NoAuthcid() {
- PLAINMessage message(createByteArray("authzid", 7));
+ PLAINMessage message(createSafeByteArray("authzid", 7));
CPPUNIT_ASSERT_EQUAL(std::string(""), message.getAuthenticationID());
}
void testConstructor_NoPassword() {
- PLAINMessage message(createByteArray("authzid\0authcid", 15));
+ PLAINMessage message(createSafeByteArray("authzid\0authcid", 15));
CPPUNIT_ASSERT_EQUAL(std::string(""), message.getAuthenticationID());
}
diff --git a/Swiften/SASL/UnitTest/SCRAMSHA1ClientAuthenticatorTest.cpp b/Swiften/SASL/UnitTest/SCRAMSHA1ClientAuthenticatorTest.cpp
index 78afaf7..0112691 100644
--- a/Swiften/SASL/UnitTest/SCRAMSHA1ClientAuthenticatorTest.cpp
+++ b/Swiften/SASL/UnitTest/SCRAMSHA1ClientAuthenticatorTest.cpp
@@ -9,6 +9,7 @@
#include <Swiften/SASL/SCRAMSHA1ClientAuthenticator.h>
#include <Swiften/Base/ByteArray.h>
+#include <QA/Checker/IO.h>
using namespace Swift;
@@ -43,36 +44,36 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH");
testling.setCredentials("user", "pass", "");
- ByteArray response = *testling.getResponse();
+ SafeByteArray response = *testling.getResponse();
- CPPUNIT_ASSERT_EQUAL(std::string("n,,n=user,r=abcdefghABCDEFGH"), byteArrayToString(response));
+ CPPUNIT_ASSERT_EQUAL(createSafeByteArray("n,,n=user,r=abcdefghABCDEFGH"), response);
}
void testGetInitialResponse_UsernameHasSpecialChars() {
SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH");
testling.setCredentials(",us=,er=", "pass", "");
- ByteArray response = *testling.getResponse();
+ SafeByteArray response = *testling.getResponse();
- CPPUNIT_ASSERT_EQUAL(std::string("n,,n==2Cus=3D=2Cer=3D,r=abcdefghABCDEFGH"), byteArrayToString(response));
+ CPPUNIT_ASSERT_EQUAL(createSafeByteArray("n,,n==2Cus=3D=2Cer=3D,r=abcdefghABCDEFGH"), response);
}
void testGetInitialResponse_WithAuthorizationID() {
SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH");
testling.setCredentials("user", "pass", "auth");
- ByteArray response = *testling.getResponse();
+ SafeByteArray response = *testling.getResponse();
- CPPUNIT_ASSERT_EQUAL(std::string("n,a=auth,n=user,r=abcdefghABCDEFGH"), byteArrayToString(response));
+ CPPUNIT_ASSERT_EQUAL(createSafeByteArray("n,a=auth,n=user,r=abcdefghABCDEFGH"), response);
}
void testGetInitialResponse_WithAuthorizationIDWithSpecialChars() {
SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH");
testling.setCredentials("user", "pass", "a=u,th");
- ByteArray response = *testling.getResponse();
+ SafeByteArray response = *testling.getResponse();
- CPPUNIT_ASSERT_EQUAL(std::string("n,a=a=3Du=2Cth,n=user,r=abcdefghABCDEFGH"), byteArrayToString(response));
+ CPPUNIT_ASSERT_EQUAL(createSafeByteArray("n,a=a=3Du=2Cth,n=user,r=abcdefghABCDEFGH"), response);
}
void testGetInitialResponse_WithoutChannelBindingWithTLSChannelBindingData() {
@@ -80,9 +81,9 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
testling.setTLSChannelBindingData(createByteArray("xyza"));
testling.setCredentials("user", "pass", "");
- ByteArray response = *testling.getResponse();
+ SafeByteArray response = *testling.getResponse();
- CPPUNIT_ASSERT_EQUAL(std::string("y,,n=user,r=abcdefghABCDEFGH"), byteArrayToString(response));
+ CPPUNIT_ASSERT_EQUAL(createSafeByteArray("y,,n=user,r=abcdefghABCDEFGH"), response);
}
void testGetInitialResponse_WithChannelBindingWithTLSChannelBindingData() {
@@ -90,9 +91,9 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
testling.setTLSChannelBindingData(createByteArray("xyza"));
testling.setCredentials("user", "pass", "");
- ByteArray response = *testling.getResponse();
+ SafeByteArray response = *testling.getResponse();
- CPPUNIT_ASSERT_EQUAL(std::string("p=tls-unique,,n=user,r=abcdefghABCDEFGH"), byteArrayToString(response));
+ CPPUNIT_ASSERT_EQUAL(createSafeByteArray("p=tls-unique,,n=user,r=abcdefghABCDEFGH"), response);
}
void testGetFinalResponse() {
@@ -100,9 +101,9 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
testling.setCredentials("user", "pass", "");
testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096"));
- ByteArray response = *testling.getResponse();
+ SafeByteArray response = *testling.getResponse();
- CPPUNIT_ASSERT_EQUAL(std::string("c=biws,r=abcdefghABCDEFGH,p=CZbjGDpIteIJwQNBgO0P8pKkMGY="), byteArrayToString(response));
+ CPPUNIT_ASSERT_EQUAL(createSafeByteArray("c=biws,r=abcdefghABCDEFGH,p=CZbjGDpIteIJwQNBgO0P8pKkMGY="), response);
}
void testGetFinalResponse_WithoutChannelBindingWithTLSChannelBindingData() {
@@ -111,9 +112,9 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
testling.setTLSChannelBindingData(createByteArray("xyza"));
testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096"));
- ByteArray response = *testling.getResponse();
+ SafeByteArray response = *testling.getResponse();
- CPPUNIT_ASSERT_EQUAL(std::string("c=eSws,r=abcdefghABCDEFGH,p=JNpsiFEcxZvNZ1+FFBBqrYvYxMk="), byteArrayToString(response));
+ CPPUNIT_ASSERT_EQUAL(createSafeByteArray("c=eSws,r=abcdefghABCDEFGH,p=JNpsiFEcxZvNZ1+FFBBqrYvYxMk="), response);
}
void testGetFinalResponse_WithChannelBindingWithTLSChannelBindingData() {
@@ -122,9 +123,9 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
testling.setTLSChannelBindingData(createByteArray("xyza"));
testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096"));
- ByteArray response = *testling.getResponse();
+ SafeByteArray response = *testling.getResponse();
- CPPUNIT_ASSERT_EQUAL(std::string("c=cD10bHMtdW5pcXVlLCx4eXph,r=abcdefghABCDEFGH,p=i6Rghite81P1ype8XxaVAa5l7v0="), byteArrayToString(response));
+ CPPUNIT_ASSERT_EQUAL(createSafeByteArray("c=cD10bHMtdW5pcXVlLCx4eXph,r=abcdefghABCDEFGH,p=i6Rghite81P1ype8XxaVAa5l7v0="), response);
}
void testSetFinalChallenge() {