Swiftdiff options
Diffstat (limited to 'Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp')
| -rw-r--r-- | Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp index 20b3d8a..bcd6c5d 100644 --- a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp +++ b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp @@ -6,19 +6,20 @@ #include <Swiften/SASL/SCRAMSHA1ClientAuthenticator.h> #include <cassert> #include <map> #include <boost/lexical_cast.hpp> #include <Swiften/StringCodecs/SHA1.h> #include <Swiften/StringCodecs/Base64.h> -#include <Swiften/StringCodecs/HMACSHA1.h> +#include <Swiften/StringCodecs/HMAC.h> +#include <Swiften/StringCodecs/SHA1.h> #include <Swiften/StringCodecs/PBKDF2.h> #include <Swiften/IDN/StringPrep.h> #include <Swiften/Base/Concat.h> namespace Swift { static std::string escape(const std::string& s) { std::string result; for (size_t i = 0; i < s.size(); ++i) { @@ -38,21 +39,21 @@ static std::string escape(const std::string& s) { SCRAMSHA1ClientAuthenticator::SCRAMSHA1ClientAuthenticator(const std::string& nonce, bool useChannelBinding) : ClientAuthenticator(useChannelBinding ? "SCRAM-SHA-1-PLUS" : "SCRAM-SHA-1"), step(Initial), clientnonce(nonce), useChannelBinding(useChannelBinding) { } boost::optional<SafeByteArray> SCRAMSHA1ClientAuthenticator::getResponse() const { if (step == Initial) { return createSafeByteArray(concat(getGS2Header(), getInitialBareClientMessage())); } else if (step == Proof) { - ByteArray clientKey = HMACSHA1::getResult(saltedPassword, createByteArray("Client Key")); + ByteArray clientKey = HMAC<SHA1>()(saltedPassword, createByteArray("Client Key")); ByteArray storedKey = SHA1::getHash(clientKey); - ByteArray clientSignature = HMACSHA1::getResult(createSafeByteArray(storedKey), authMessage); + ByteArray clientSignature = HMAC<SHA1>()(createSafeByteArray(storedKey), authMessage); ByteArray clientProof = clientKey; for (unsigned int i = 0; i < clientProof.size(); ++i) { clientProof[i] ^= clientSignature[i]; } ByteArray result = concat(getFinalMessageWithoutProof(), createByteArray(",p="), createByteArray(Base64::encode(clientProof))); return createSafeByteArray(result); } else { return boost::optional<SafeByteArray>(); @@ -95,25 +96,25 @@ bool SCRAMSHA1ClientAuthenticator::setChallenge(const boost::optional<ByteArray> } ByteArray channelBindData; if (useChannelBinding && tlsChannelBindingData) { channelBindData = *tlsChannelBindingData; } // Compute all the values needed for the server signature try { - saltedPassword = PBKDF2::encode(StringPrep::getPrepared(getPassword(), StringPrep::SASLPrep), salt, iterations); + saltedPassword = PBKDF2::encode<HMAC<SHA1> >(StringPrep::getPrepared(getPassword(), StringPrep::SASLPrep), salt, iterations); } catch (const std::exception&) { } authMessage = concat(getInitialBareClientMessage(), createByteArray(","), initialServerMessage, createByteArray(","), getFinalMessageWithoutProof()); - ByteArray serverKey = HMACSHA1::getResult(saltedPassword, createByteArray("Server Key")); - serverSignature = HMACSHA1::getResult(serverKey, authMessage); + ByteArray serverKey = HMAC<SHA1>()(saltedPassword, createByteArray("Server Key")); + serverSignature = HMAC<SHA1>()(serverKey, authMessage); step = Proof; return true; } else if (step == Proof) { ByteArray result = concat(createByteArray("v="), createByteArray(Base64::encode(serverSignature))); step = Final; return challenge && challenge == result; } |