Swiftdiff options
Diffstat (limited to 'Swiften/SASL')
| -rw-r--r-- | Swiften/SASL/ClientAuthenticator.cpp | 4 | ||||
| -rw-r--r-- | Swiften/SASL/ClientAuthenticator.h | 14 | ||||
| -rw-r--r-- | Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp | 34 | ||||
| -rw-r--r-- | Swiften/SASL/DIGESTMD5ClientAuthenticator.h | 11 | ||||
| -rw-r--r-- | Swiften/SASL/DIGESTMD5Properties.cpp | 53 | ||||
| -rw-r--r-- | Swiften/SASL/DIGESTMD5Properties.h | 2 | ||||
| -rw-r--r-- | Swiften/SASL/PLAINClientAuthenticator.cpp | 7 | ||||
| -rw-r--r-- | Swiften/SASL/PLAINClientAuthenticator.h | 5 | ||||
| -rw-r--r-- | Swiften/SASL/PLAINMessage.cpp | 24 | ||||
| -rw-r--r-- | Swiften/SASL/PLAINMessage.h | 12 | ||||
| -rw-r--r-- | Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp | 59 | ||||
| -rw-r--r-- | Swiften/SASL/SCRAMSHA1ClientAuthenticator.h | 6 | ||||
| -rw-r--r-- | Swiften/SASL/SConscript | 1 | ||||
| -rw-r--r-- | Swiften/SASL/UnitTest/DIGESTMD5ClientAuthenticatorTest.cpp | 22 | ||||
| -rw-r--r-- | Swiften/SASL/UnitTest/DIGESTMD5PropertiesTest.cpp | 8 | ||||
| -rw-r--r-- | Swiften/SASL/UnitTest/PLAINClientAuthenticatorTest.cpp | 11 | ||||
| -rw-r--r-- | Swiften/SASL/UnitTest/PLAINMessageTest.cpp | 25 | ||||
| -rw-r--r-- | Swiften/SASL/UnitTest/SCRAMSHA1ClientAuthenticatorTest.cpp | 120 |
18 files changed, 220 insertions, 198 deletions
diff --git a/Swiften/SASL/ClientAuthenticator.cpp b/Swiften/SASL/ClientAuthenticator.cpp index 533f172..e0900a3 100644 --- a/Swiften/SASL/ClientAuthenticator.cpp +++ b/Swiften/SASL/ClientAuthenticator.cpp @@ -1,10 +1,10 @@ /* - * Copyright (c) 2010 Remko Tronçon + * Copyright (c) 2010-2011 Remko Tronçon * Licensed under the GNU General Public License v3. * See Documentation/Licenses/GPLv3.txt for more information. */ -#include "Swiften/SASL/ClientAuthenticator.h" +#include <Swiften/SASL/ClientAuthenticator.h> namespace Swift { diff --git a/Swiften/SASL/ClientAuthenticator.h b/Swiften/SASL/ClientAuthenticator.h index 33db75f..8710ac8 100644 --- a/Swiften/SASL/ClientAuthenticator.h +++ b/Swiften/SASL/ClientAuthenticator.h @@ -7,9 +7,11 @@ #pragma once #include <boost/optional.hpp> - #include <string> -#include "Swiften/Base/ByteArray.h" +#include <vector> + +#include <Swiften/Base/SafeByteArray.h> +#include <Swiften/Base/ByteArray.h> namespace Swift { class ClientAuthenticator { @@ -21,13 +23,13 @@ namespace Swift { return name; } - void setCredentials(const std::string& authcid, const std::string& password, const std::string& authzid = std::string()) { + void setCredentials(const std::string& authcid, const SafeByteArray& password, const std::string& authzid = std::string()) { this->authcid = authcid; this->password = password; this->authzid = authzid; } - virtual boost::optional<ByteArray> getResponse() const = 0; + virtual boost::optional<SafeByteArray> getResponse() const = 0; virtual bool setChallenge(const boost::optional<ByteArray>&) = 0; const std::string& getAuthenticationID() const { @@ -38,14 +40,14 @@ namespace Swift { return authzid; } - const std::string& getPassword() const { + const SafeByteArray& getPassword() const { return password; } private: std::string name; std::string authcid; - std::string password; + SafeByteArray password; std::string authzid; }; } diff --git a/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp b/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp index 6892948..5e78ee2 100644 --- a/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp +++ b/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp @@ -4,21 +4,23 @@ * See Documentation/Licenses/GPLv3.txt for more information. */ -#include "Swiften/SASL/DIGESTMD5ClientAuthenticator.h" +#include <Swiften/SASL/DIGESTMD5ClientAuthenticator.h> #include <cassert> -#include "Swiften/StringCodecs/MD5.h" -#include "Swiften/StringCodecs/Hexify.h" +#include <Swiften/StringCodecs/MD5.h> +#include <Swiften/StringCodecs/Hexify.h> +#include <Swiften/Base/Concat.h> +#include <Swiften/Base/Algorithm.h> namespace Swift { DIGESTMD5ClientAuthenticator::DIGESTMD5ClientAuthenticator(const std::string& host, const std::string& nonce) : ClientAuthenticator("DIGEST-MD5"), step(Initial), host(host), cnonce(nonce) { } -boost::optional<ByteArray> DIGESTMD5ClientAuthenticator::getResponse() const { +boost::optional<SafeByteArray> DIGESTMD5ClientAuthenticator::getResponse() const { if (step == Initial) { - return boost::optional<ByteArray>(); + return boost::optional<SafeByteArray>(); } else if (step == Response) { std::string realm; @@ -30,16 +32,20 @@ boost::optional<ByteArray> DIGESTMD5ClientAuthenticator::getResponse() const { std::string nc = "00000001"; // Compute the response value - ByteArray A1 = MD5::getHash(getAuthenticationID() + ":" + realm + ":" + getPassword()) + ":" + *challenge.getValue("nonce") + ":" + cnonce; + ByteArray A1 = concat( + MD5::getHash( + concat(createSafeByteArray(getAuthenticationID().c_str()), createSafeByteArray(":"), createSafeByteArray(realm.c_str()), createSafeByteArray(":"), getPassword())), + createByteArray(":"), createByteArray(*challenge.getValue("nonce")), createByteArray(":"), createByteArray(cnonce)); if (!getAuthorizationID().empty()) { - A1 += ":" + getAuthenticationID(); + append(A1, createByteArray(":" + getAuthenticationID())); } - std::string A2 = "AUTHENTICATE:" + digestURI; + ByteArray A2 = createByteArray("AUTHENTICATE:" + digestURI); + + std::string responseValue = Hexify::hexify(MD5::getHash(createByteArray( + Hexify::hexify(MD5::getHash(A1)) + ":" + + *challenge.getValue("nonce") + ":" + nc + ":" + cnonce + ":" + qop + ":" + + Hexify::hexify(MD5::getHash(A2))))); - std::string responseValue = Hexify::hexify(MD5::getHash( - Hexify::hexify(MD5::getHash(A1)) + ":" - + *challenge.getValue("nonce") + ":" + nc + ":" + cnonce + ":" + qop + ":" - + Hexify::hexify(MD5::getHash(A2)))); DIGESTMD5Properties response; response.setValue("username", getAuthenticationID()); @@ -56,10 +62,10 @@ boost::optional<ByteArray> DIGESTMD5ClientAuthenticator::getResponse() const { if (!getAuthorizationID().empty()) { response.setValue("authzid", getAuthorizationID()); } - return response.serialize(); + return createSafeByteArray(response.serialize()); } else { - return boost::optional<ByteArray>(); + return boost::optional<SafeByteArray>(); } } diff --git a/Swiften/SASL/DIGESTMD5ClientAuthenticator.h b/Swiften/SASL/DIGESTMD5ClientAuthenticator.h index 50dd9aa..55bd592 100644 --- a/Swiften/SASL/DIGESTMD5ClientAuthenticator.h +++ b/Swiften/SASL/DIGESTMD5ClientAuthenticator.h @@ -9,17 +9,18 @@ #include <map> #include <string> -#include "Swiften/Base/ByteArray.h" -#include "Swiften/SASL/ClientAuthenticator.h" -#include "Swiften/SASL/DIGESTMD5Properties.h" +#include <vector> +#include <Swiften/SASL/ClientAuthenticator.h> +#include <Swiften/SASL/DIGESTMD5Properties.h> +#include <Swiften/Base/SafeByteArray.h> namespace Swift { class DIGESTMD5ClientAuthenticator : public ClientAuthenticator { public: DIGESTMD5ClientAuthenticator(const std::string& host, const std::string& nonce); - virtual boost::optional<ByteArray> getResponse() const; - virtual bool setChallenge(const boost::optional<ByteArray>&); + virtual boost::optional<SafeByteArray> getResponse() const; + virtual bool setChallenge(const boost::optional<std::vector<unsigned char> >&); private: enum Step { diff --git a/Swiften/SASL/DIGESTMD5Properties.cpp b/Swiften/SASL/DIGESTMD5Properties.cpp index dfff9c8..6d406e0 100644 --- a/Swiften/SASL/DIGESTMD5Properties.cpp +++ b/Swiften/SASL/DIGESTMD5Properties.cpp @@ -4,20 +4,21 @@ * See Documentation/Licenses/GPLv3.txt for more information. */ -#include "Swiften/SASL/DIGESTMD5Properties.h" +#include <Swiften/SASL/DIGESTMD5Properties.h> +#include <Swiften/Base/Algorithm.h> namespace Swift { namespace { bool insideQuotes(const ByteArray& v) { - if (v.getSize() == 0) { + if (v.empty()) { return false; } - else if (v.getSize() == 1) { + else if (v.size() == 1) { return v[0] == '"'; } else if (v[0] == '"') { - return v[v.getSize() - 1] != '"'; + return v[v.size() - 1] != '"'; } else { return false; @@ -25,16 +26,16 @@ namespace { } ByteArray stripQuotes(const ByteArray& v) { - const char* data = reinterpret_cast<const char*>(v.getData()); - size_t size = v.getSize(); + const char* data = reinterpret_cast<const char*>(vecptr(v)); + size_t size = v.size(); if (v[0] == '"') { data++; size--; } - if (v[v.getSize() - 1] == '"') { + if (v[v.size() - 1] == '"') { size--; } - return ByteArray(data, size); + return createByteArray(data, size); } } @@ -46,42 +47,42 @@ DIGESTMD5Properties DIGESTMD5Properties::parse(const ByteArray& data) { bool inKey = true; ByteArray currentKey; ByteArray currentValue; - for (size_t i = 0; i < data.getSize(); ++i) { + for (size_t i = 0; i < data.size(); ++i) { char c = data[i]; if (inKey) { if (c == '=') { inKey = false; } else { - currentKey += c; + currentKey.push_back(c); } } else { if (c == ',' && !insideQuotes(currentValue)) { - std::string key = currentKey.toString(); + std::string key = byteArrayToString(currentKey); if (isQuoted(key)) { - result.setValue(key, stripQuotes(currentValue).toString()); + result.setValue(key, byteArrayToString(stripQuotes(currentValue))); } else { - result.setValue(key, currentValue.toString()); + result.setValue(key, byteArrayToString(currentValue)); } inKey = true; currentKey = ByteArray(); currentValue = ByteArray(); } else { - currentValue += c; + currentValue.push_back(c); } } } - if (!currentKey.isEmpty()) { - std::string key = currentKey.toString(); + if (!currentKey.empty()) { + std::string key = byteArrayToString(currentKey); if (isQuoted(key)) { - result.setValue(key, stripQuotes(currentValue).toString()); + result.setValue(key, byteArrayToString(stripQuotes(currentValue))); } else { - result.setValue(key, currentValue.toString()); + result.setValue(key, byteArrayToString(currentValue)); } } @@ -92,15 +93,17 @@ ByteArray DIGESTMD5Properties::serialize() const { ByteArray result; for(DIGESTMD5PropertiesMap::const_iterator i = properties.begin(); i != properties.end(); ++i) { if (i != properties.begin()) { - result += ','; + result.push_back(','); } - result += i->first; - result += '='; + append(result, createByteArray(i->first)); + result.push_back('='); if (isQuoted(i->first)) { - result += "\"" + i->second + "\""; + append(result, createByteArray("\"")); + append(result, i->second); + append(result, createByteArray("\"")); } else { - result += i->second; + append(result, i->second); } } return result; @@ -109,7 +112,7 @@ ByteArray DIGESTMD5Properties::serialize() const { boost::optional<std::string> DIGESTMD5Properties::getValue(const std::string& key) const { DIGESTMD5PropertiesMap::const_iterator i = properties.find(key); if (i != properties.end()) { - return i->second.toString(); + return byteArrayToString(i->second); } else { return boost::optional<std::string>(); @@ -117,7 +120,7 @@ boost::optional<std::string> DIGESTMD5Properties::getValue(const std::string& ke } void DIGESTMD5Properties::setValue(const std::string& key, const std::string& value) { - properties.insert(DIGESTMD5PropertiesMap::value_type(key, ByteArray(value))); + properties.insert(DIGESTMD5PropertiesMap::value_type(key, createByteArray(value))); } bool DIGESTMD5Properties::isQuoted(const std::string& p) { diff --git a/Swiften/SASL/DIGESTMD5Properties.h b/Swiften/SASL/DIGESTMD5Properties.h index 6e2e592..ef87574 100644 --- a/Swiften/SASL/DIGESTMD5Properties.h +++ b/Swiften/SASL/DIGESTMD5Properties.h @@ -10,7 +10,7 @@ #include <boost/optional.hpp> #include <string> -#include "Swiften/Base/ByteArray.h" +#include <Swiften/Base/ByteArray.h> namespace Swift { class DIGESTMD5Properties { diff --git a/Swiften/SASL/PLAINClientAuthenticator.cpp b/Swiften/SASL/PLAINClientAuthenticator.cpp index 2ea2425..7872174 100644 --- a/Swiften/SASL/PLAINClientAuthenticator.cpp +++ b/Swiften/SASL/PLAINClientAuthenticator.cpp @@ -4,15 +4,16 @@ * See Documentation/Licenses/GPLv3.txt for more information. */ -#include "Swiften/SASL/PLAINClientAuthenticator.h" +#include <Swiften/SASL/PLAINClientAuthenticator.h> +#include <Swiften/Base/Concat.h> namespace Swift { PLAINClientAuthenticator::PLAINClientAuthenticator() : ClientAuthenticator("PLAIN") { } -boost::optional<ByteArray> PLAINClientAuthenticator::getResponse() const { - return ByteArray(getAuthorizationID()) + '\0' + ByteArray(getAuthenticationID()) + '\0' + ByteArray(getPassword()); +boost::optional<SafeByteArray> PLAINClientAuthenticator::getResponse() const { + return concat(createSafeByteArray(getAuthorizationID()), createSafeByteArray('\0'), createSafeByteArray(getAuthenticationID()), createSafeByteArray('\0'), getPassword()); } bool PLAINClientAuthenticator::setChallenge(const boost::optional<ByteArray>&) { diff --git a/Swiften/SASL/PLAINClientAuthenticator.h b/Swiften/SASL/PLAINClientAuthenticator.h index 959244d..83e45c1 100644 --- a/Swiften/SASL/PLAINClientAuthenticator.h +++ b/Swiften/SASL/PLAINClientAuthenticator.h @@ -6,14 +6,15 @@ #pragma once -#include "Swiften/SASL/ClientAuthenticator.h" +#include <Swiften/SASL/ClientAuthenticator.h> +#include <Swiften/Base/ByteArray.h> namespace Swift { class PLAINClientAuthenticator : public ClientAuthenticator { public: PLAINClientAuthenticator(); - virtual boost::optional<ByteArray> getResponse() const; + virtual boost::optional<SafeByteArray> getResponse() const; virtual bool setChallenge(const boost::optional<ByteArray>&); }; } diff --git a/Swiften/SASL/PLAINMessage.cpp b/Swiften/SASL/PLAINMessage.cpp index 3728b39..20ffea7 100644 --- a/Swiften/SASL/PLAINMessage.cpp +++ b/Swiften/SASL/PLAINMessage.cpp @@ -4,41 +4,41 @@ * See Documentation/Licenses/GPLv3.txt for more information. */ -#include "Swiften/SASL/PLAINMessage.h" +#include <Swiften/SASL/PLAINMessage.h> +#include <Swiften/Base/Concat.h> namespace Swift { -PLAINMessage::PLAINMessage(const std::string& authcid, const std::string& password, const std::string& authzid) : authcid(authcid), authzid(authzid), password(password) { +PLAINMessage::PLAINMessage(const std::string& authcid, const SafeByteArray& password, const std::string& authzid) : authcid(authcid), authzid(authzid), password(password) { } -PLAINMessage::PLAINMessage(const ByteArray& value) { +PLAINMessage::PLAINMessage(const SafeByteArray& value) { size_t i = 0; - while (i < value.getSize() && value[i] != '\0') { + while (i < value.size() && value[i] != '\0') { authzid += value[i]; ++i; } - if (i == value.getSize()) { + if (i == value.size()) { return; } ++i; - while (i < value.getSize() && value[i] != '\0') { + while (i < value.size() && value[i] != '\0') { authcid += value[i]; ++i; } - if (i == value.getSize()) { + if (i == value.size()) { authcid = ""; return; } ++i; - while (i < value.getSize()) { - password += value[i]; + while (i < value.size()) { + password.push_back(value[i]); ++i; } } -ByteArray PLAINMessage::getValue() const { - std::string s = authzid + '\0' + authcid + '\0' + password; - return ByteArray(s.c_str(), s.size()); +SafeByteArray PLAINMessage::getValue() const { + return concat(createSafeByteArray(authzid), createSafeByteArray('\0'), createSafeByteArray(authcid), createSafeByteArray('\0'), password); } } diff --git a/Swiften/SASL/PLAINMessage.h b/Swiften/SASL/PLAINMessage.h index d08d70d..46ee8f7 100644 --- a/Swiften/SASL/PLAINMessage.h +++ b/Swiften/SASL/PLAINMessage.h @@ -9,21 +9,21 @@ #pragma once #include <string> -#include "Swiften/Base/ByteArray.h" +#include <Swiften/Base/SafeByteArray.h> namespace Swift { class PLAINMessage { public: - PLAINMessage(const std::string& authcid, const std::string& password, const std::string& authzid = ""); - PLAINMessage(const ByteArray& value); + PLAINMessage(const std::string& authcid, const SafeByteArray& password, const std::string& authzid = ""); + PLAINMessage(const SafeByteArray& value); - ByteArray getValue() const; + SafeByteArray getValue() const; const std::string& getAuthenticationID() const { return authcid; } - const std::string& getPassword() const { + const SafeByteArray& getPassword() const { return password; } @@ -34,6 +34,6 @@ namespace Swift { private: std::string authcid; std::string authzid; - std::string password; + SafeByteArray password; }; } diff --git a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp index 33de014..7842b4f 100644 --- a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp +++ b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp @@ -4,17 +4,18 @@ * See Documentation/Licenses/GPLv3.txt for more information. */ -#include "Swiften/SASL/SCRAMSHA1ClientAuthenticator.h" +#include <Swiften/SASL/SCRAMSHA1ClientAuthenticator.h> #include <cassert> #include <map> #include <boost/lexical_cast.hpp> -#include "Swiften/StringCodecs/SHA1.h" -#include "Swiften/StringCodecs/Base64.h" -#include "Swiften/StringCodecs/HMACSHA1.h" -#include "Swiften/StringCodecs/PBKDF2.h" -#include "Swiften/IDN/StringPrep.h" +#include <Swiften/StringCodecs/SHA1.h> +#include <Swiften/StringCodecs/Base64.h> +#include <Swiften/StringCodecs/HMAC_SHA1.h> +#include <Swiften/StringCodecs/PBKDF2.h> +#include <Swiften/IDN/StringPrep.h> +#include <Swiften/Base/Concat.h> namespace Swift { @@ -38,23 +39,23 @@ static std::string escape(const std::string& s) { SCRAMSHA1ClientAuthenticator::SCRAMSHA1ClientAuthenticator(const std::string& nonce, bool useChannelBinding) : ClientAuthenticator(useChannelBinding ? "SCRAM-SHA-1-PLUS" : "SCRAM-SHA-1"), step(Initial), clientnonce(nonce), useChannelBinding(useChannelBinding) { } -boost::optional<ByteArray> SCRAMSHA1ClientAuthenticator::getResponse() const { +boost::optional<SafeByteArray> SCRAMSHA1ClientAuthenticator::getResponse() const { if (step == Initial) { - return getGS2Header() + getInitialBareClientMessage(); + return createSafeByteArray(concat(getGS2Header(), getInitialBareClientMessage())); } else if (step == Proof) { - ByteArray clientKey = HMACSHA1::getResult(saltedPassword, "Client Key"); + ByteArray clientKey = HMAC_SHA1()(saltedPassword, createByteArray("Client Key")); ByteArray storedKey = SHA1::getHash(clientKey); - ByteArray clientSignature = HMACSHA1::getResult(storedKey, authMessage); + ByteArray clientSignature = HMAC_SHA1()(createSafeByteArray(storedKey), authMessage); ByteArray clientProof = clientKey; - for (unsigned int i = 0; i < clientProof.getSize(); ++i) { + for (unsigned int i = 0; i < clientProof.size(); ++i) { clientProof[i] ^= clientSignature[i]; } - ByteArray result = getFinalMessageWithoutProof() + ",p=" + Base64::encode(clientProof); - return result; + ByteArray result = concat(getFinalMessageWithoutProof(), createByteArray(",p="), createByteArray(Base64::encode(clientProof))); + return createSafeByteArray(result); } else { - return boost::optional<ByteArray>(); + return boost::optional<SafeByteArray>(); } } @@ -65,7 +66,7 @@ bool SCRAMSHA1ClientAuthenticator::setChallenge(const boost::optional<ByteArray> } initialServerMessage = *challenge; - std::map<char, std::string> keys = parseMap(initialServerMessage.toString()); + std::map<char, std::string> keys = parseMap(byteArrayToString(initialServerMessage)); // Extract the salt ByteArray salt = Base64::decode(keys['s']); @@ -79,7 +80,7 @@ bool SCRAMSHA1ClientAuthenticator::setChallenge(const boost::optional<ByteArray> if (receivedClientNonce != clientnonce) { return false; } - serverNonce = clientServerNonce.substr(clientnonce.size(), clientServerNonce.npos); + serverNonce = createByteArray(clientServerNonce.substr(clientnonce.size(), clientServerNonce.npos)); // Extract the number of iterations int iterations = 0; @@ -100,19 +101,19 @@ bool SCRAMSHA1ClientAuthenticator::setChallenge(const boost::optional<ByteArray> // Compute all the values needed for the server signature try { - saltedPassword = PBKDF2::encode(StringPrep::getPrepared(getPassword(), StringPrep::SASLPrep), salt, iterations); + saltedPassword = PBKDF2::encode<HMAC_SHA1>(StringPrep::getPrepared(getPassword(), StringPrep::SASLPrep), salt, iterations); } catch (const std::exception&) { } - authMessage = getInitialBareClientMessage() + "," + initialServerMessage + "," + getFinalMessageWithoutProof(); - ByteArray serverKey = HMACSHA1::getResult(saltedPassword, "Server Key"); - serverSignature = HMACSHA1::getResult(serverKey, authMessage); + authMessage = concat(getInitialBareClientMessage(), createByteArray(","), initialServerMessage, createByteArray(","), getFinalMessageWithoutProof()); + ByteArray serverKey = HMAC_SHA1()(saltedPassword, createByteArray("Server Key")); + serverSignature = HMAC_SHA1()(serverKey, authMessage); step = Proof; return true; } else if (step == Proof) { - ByteArray result = ByteArray("v=") + ByteArray(Base64::encode(serverSignature)); + ByteArray result = concat(createByteArray("v="), createByteArray(Base64::encode(serverSignature))); step = Final; return challenge && challenge == result; } @@ -135,7 +136,7 @@ std::map<char, std::string> SCRAMSHA1ClientAuthenticator::parseMap(const std::st i++; } else if (s[i] == ',') { - result[key] = value; + result[static_cast<size_t>(key)] = value; value = ""; expectKey = true; } @@ -152,24 +153,24 @@ std::map<char, std::string> SCRAMSHA1ClientAuthenticator::parseMap(const std::st ByteArray SCRAMSHA1ClientAuthenticator::getInitialBareClientMessage() const { std::string authenticationID; try { - authenticationID = StringPrep::getPrepared(getAuthenticationID(), StringPrep::SASLPrep); + authenticationID = StringPrep::getPrepared(getAuthenticationID(), StringPrep::SASLPrep); } catch (const std::exception&) { } - return ByteArray(std::string("n=" + escape(authenticationID) + ",r=" + clientnonce)); + return createByteArray(std::string("n=" + escape(authenticationID) + ",r=" + clientnonce)); } ByteArray SCRAMSHA1ClientAuthenticator::getGS2Header() const { - ByteArray channelBindingHeader("n"); + ByteArray channelBindingHeader(createByteArray("n")); if (tlsChannelBindingData) { if (useChannelBinding) { - channelBindingHeader = ByteArray("p=tls-unique"); + channelBindingHeader = createByteArray("p=tls-unique"); } else { - channelBindingHeader = ByteArray("y"); + channelBindingHeader = createByteArray("y"); } } - return channelBindingHeader + ByteArray(",") + (getAuthorizationID().empty() ? "" : "a=" + escape(getAuthorizationID())) + ","; + return concat(channelBindingHeader, createByteArray(","), (getAuthorizationID().empty() ? ByteArray() : createByteArray("a=" + escape(getAuthorizationID()))), createByteArray(",")); } void SCRAMSHA1ClientAuthenticator::setTLSChannelBindingData(const ByteArray& channelBindingData) { @@ -181,7 +182,7 @@ ByteArray SCRAMSHA1ClientAuthenticator::getFinalMessageWithoutProof() const { if (useChannelBinding && tlsChannelBindingData) { channelBindData = *tlsChannelBindingData; } - return ByteArray("c=") + Base64::encode(getGS2Header() + channelBindData) + ",r=" + clientnonce + serverNonce; + return concat(createByteArray("c=" + Base64::encode(concat(getGS2Header(), channelBindData)) + ",r=" + clientnonce), serverNonce); } diff --git a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.h b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.h index 602fc94..d140013 100644 --- a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.h +++ b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.h @@ -10,8 +10,8 @@ #include <boost/optional.hpp> #include <string> -#include "Swiften/Base/ByteArray.h" -#include "Swiften/SASL/ClientAuthenticator.h" +#include <Swiften/Base/ByteArray.h> +#include <Swiften/SASL/ClientAuthenticator.h> namespace Swift { class SCRAMSHA1ClientAuthenticator : public ClientAuthenticator { @@ -20,7 +20,7 @@ namespace Swift { void setTLSChannelBindingData(const ByteArray& channelBindingData); - virtual boost::optional<ByteArray> getResponse() const; + virtual boost::optional<SafeByteArray> getResponse() const; virtual bool setChallenge(const boost::optional<ByteArray>&); private: diff --git a/Swiften/SASL/SConscript b/Swiften/SASL/SConscript index 5a0cdef..085e49d 100644 --- a/Swiften/SASL/SConscript +++ b/Swiften/SASL/SConscript @@ -12,6 +12,7 @@ objects = myenv.SwiftenObject([ "DIGESTMD5ClientAuthenticator.cpp", ]) swiften_env.Append(SWIFTEN_OBJECTS = [objects]) + env.Append(UNITTEST_SOURCES = [ File("UnitTest/PLAINMessageTest.cpp"), File("UnitTest/PLAINClientAuthenticatorTest.cpp"), diff --git a/Swiften/SASL/UnitTest/DIGESTMD5ClientAuthenticatorTest.cpp b/Swiften/SASL/UnitTest/DIGESTMD5ClientAuthenticatorTest.cpp index 54f0571..38bab15 100644 --- a/Swiften/SASL/UnitTest/DIGESTMD5ClientAuthenticatorTest.cpp +++ b/Swiften/SASL/UnitTest/DIGESTMD5ClientAuthenticatorTest.cpp @@ -4,11 +4,13 @@ * See Documentation/Licenses/GPLv3.txt for more information. */ +#include <QA/Checker/IO.h> + #include <cppunit/extensions/HelperMacros.h> #include <cppunit/extensions/TestFactoryRegistry.h> -#include "Swiften/SASL/DIGESTMD5ClientAuthenticator.h" -#include "Swiften/Base/ByteArray.h" +#include <Swiften/SASL/DIGESTMD5ClientAuthenticator.h> +#include <Swiften/Base/ByteArray.h> using namespace Swift; @@ -30,29 +32,29 @@ class DIGESTMD5ClientAuthenticatorTest : public CppUnit::TestFixture { void testGetResponse() { DIGESTMD5ClientAuthenticator testling("xmpp.example.com", "abcdefgh"); - testling.setCredentials("user", "pass", ""); - testling.setChallenge(ByteArray( + testling.setCredentials("user", createSafeByteArray("pass"), ""); + testling.setChallenge(createByteArray( "realm=\"example.com\"," "nonce=\"O6skKPuaCZEny3hteI19qXMBXSadoWs840MchORo\"," "qop=auth,charset=utf-8,algorithm=md5-sess")); - ByteArray response = *testling.getResponse(); + SafeByteArray response = *testling.getResponse(); - CPPUNIT_ASSERT_EQUAL(std::string("charset=utf-8,cnonce=\"abcdefgh\",digest-uri=\"xmpp/xmpp.example.com\",nc=00000001,nonce=\"O6skKPuaCZEny3hteI19qXMBXSadoWs840MchORo\",qop=auth,realm=\"example.com\",response=088891c800ecff1b842159ad6459104a,username=\"user\""), response.toString()); + CPPUNIT_ASSERT_EQUAL(createSafeByteArray("charset=utf-8,cnonce=\"abcdefgh\",digest-uri=\"xmpp/xmpp.example.com\",nc=00000001,nonce=\"O6skKPuaCZEny3hteI19qXMBXSadoWs840MchORo\",qop=auth,realm=\"example.com\",response=088891c800ecff1b842159ad6459104a,username=\"user\""), response); } void testGetResponse_WithAuthorizationID() { DIGESTMD5ClientAuthenticator testling("xmpp.example.com", "abcdefgh"); - testling.setCredentials("user", "pass", "myauthzid"); - testling.setChallenge(ByteArray( + testling.setCredentials("user", createSafeByteArray("pass"), "myauthzid"); + testling.setChallenge(createByteArray( "realm=\"example.com\"," "nonce=\"O6skKPuaCZEny3hteI19qXMBXSadoWs840MchORo\"," "qop=auth,charset=utf-8,algorithm=md5-sess")); - ByteArray response = *testling.getResponse(); + SafeByteArray response = *testling.getResponse(); - CPPUNIT_ASSERT_EQUAL(std::string("authzid=\"myauthzid\",charset=utf-8,cnonce=\"abcdefgh\",digest-uri=\"xmpp/xmpp.example.com\",nc=00000001,nonce=\"O6skKPuaCZEny3hteI19qXMBXSadoWs840MchORo\",qop=auth,realm=\"example.com\",response=4293834432b6e7889a2dee7e8fe7dd06,username=\"user\""), response.toString()); + CPPUNIT_ASSERT_EQUAL(createSafeByteArray("authzid=\"myauthzid\",charset=utf-8,cnonce=\"abcdefgh\",digest-uri=\"xmpp/xmpp.example.com\",nc=00000001,nonce=\"O6skKPuaCZEny3hteI19qXMBXSadoWs840MchORo\",qop=auth,realm=\"example.com\",response=4293834432b6e7889a2dee7e8fe7dd06,username=\"user\""), response); } }; diff --git a/Swiften/SASL/UnitTest/DIGESTMD5PropertiesTest.cpp b/Swiften/SASL/UnitTest/DIGESTMD5PropertiesTest.cpp index 152a41e..d664f14 100644 --- a/Swiften/SASL/UnitTest/DIGESTMD5PropertiesTest.cpp +++ b/Swiften/SASL/UnitTest/DIGESTMD5PropertiesTest.cpp @@ -7,7 +7,7 @@ #include <cppunit/extensions/HelperMacros.h> #include <cppunit/extensions/TestFactoryRegistry.h> -#include "Swiften/SASL/DIGESTMD5Properties.h" +#include <Swiften/SASL/DIGESTMD5Properties.h> using namespace Swift; @@ -19,7 +19,7 @@ class DIGESTMD5PropertiesTest : public CppUnit::TestFixture { public: void testParse() { - DIGESTMD5Properties properties = DIGESTMD5Properties::parse(ByteArray( + DIGESTMD5Properties properties = DIGESTMD5Properties::parse(createByteArray( "realm=\"myrealm1\",realm=\"myrealm2\",nonce=\"mynonce\"," "algorithm=md5-sess,charset=utf-8")); @@ -47,8 +47,8 @@ class DIGESTMD5PropertiesTest : public CppUnit::TestFixture { properties.setValue("username", "myuser"); ByteArray result = properties.serialize(); - ByteArray expected("authzid=\"myauthzid\",charset=utf-8,cnonce=\"mycnonce\",digest-uri=\"mydigesturi\",nc=1,nonce=\"mynonce\",qop=auth,realm=\"myrealm\",response=myresponse,username=\"myuser\""); - CPPUNIT_ASSERT_EQUAL(expected.toString(), result.toString()); + ByteArray expected(createByteArray("authzid=\"myauthzid\",charset=utf-8,cnonce=\"mycnonce\",digest-uri=\"mydigesturi\",nc=1,nonce=\"mynonce\",qop=auth,realm=\"myrealm\",response=myresponse,username=\"myuser\"")); + CPPUNIT_ASSERT_EQUAL(byteArrayToString(expected), byteArrayToString(result)); } }; diff --git a/Swiften/SASL/UnitTest/PLAINClientAuthenticatorTest.cpp b/Swiften/SASL/UnitTest/PLAINClientAuthenticatorTest.cpp index 33914b2..3416923 100644 --- a/Swiften/SASL/UnitTest/PLAINClientAuthenticatorTest.cpp +++ b/Swiften/SASL/UnitTest/PLAINClientAuthenticatorTest.cpp @@ -4,8 +4,9 @@ * See Documentation/Licenses/GPLv3.txt for more information. */ -#include "Swiften/SASL/PLAINClientAuthenticator.h" +#include <Swiften/SASL/PLAINClientAuthenticator.h> +#include <QA/Checker/IO.h> #include <cppunit/extensions/HelperMacros.h> #include <cppunit/extensions/TestFactoryRegistry.h> @@ -21,17 +22,17 @@ class PLAINClientAuthenticatorTest : public CppUnit::TestFixture { void testGetResponse_WithoutAuthzID() { PLAINClientAuthenticator testling; - testling.setCredentials("user", "pass"); + testling.setCredentials("user", createSafeByteArray("pass")); - CPPUNIT_ASSERT_EQUAL(*testling.getResponse(), ByteArray("\0user\0pass", 10)); + CPPUNIT_ASSERT_EQUAL(*testling.getResponse(), createSafeByteArray("\0user\0pass", 10)); } void testGetResponse_WithAuthzID() { PLAINClientAuthenticator testling; - testling.setCredentials("user", "pass", "authz"); + testling.setCredentials("user", createSafeByteArray("pass"), "authz"); - CPPUNIT_ASSERT_EQUAL(*testling.getResponse(), ByteArray("authz\0user\0pass", 15)); + CPPUNIT_ASSERT_EQUAL(*testling.getResponse(), createSafeByteArray("authz\0user\0pass", 15)); } }; diff --git a/Swiften/SASL/UnitTest/PLAINMessageTest.cpp b/Swiften/SASL/UnitTest/PLAINMessageTest.cpp index d517f0d..e917af5 100644 --- a/Swiften/SASL/UnitTest/PLAINMessageTest.cpp +++ b/Swiften/SASL/UnitTest/PLAINMessageTest.cpp @@ -4,12 +4,13 @@ * See Documentation/Licenses/GPLv3.txt for more information. */ -#include "Swiften/Base/ByteArray.h" +#include <Swiften/Base/ByteArray.h> +#include <QA/Checker/IO.h> #include <cppunit/extensions/HelperMacros.h> #include <cppunit/extensions/TestFactoryRegistry.h> -#include "Swiften/SASL/PLAINMessage.h" +#include <Swiften/SASL/PLAINMessage.h> using namespace Swift; @@ -28,39 +29,39 @@ class PLAINMessageTest : public CppUnit::TestFixture PLAINMessageTest() {} void testGetValue_WithoutAuthzID() { - PLAINMessage message("user", "pass"); - CPPUNIT_ASSERT_EQUAL(message.getValue(), ByteArray("\0user\0pass", 10)); + PLAINMessage message("user", createSafeByteArray("pass")); + CPPUNIT_ASSERT_EQUAL(message.getValue(), createSafeByteArray("\0user\0pass", 10)); } void testGetValue_WithAuthzID() { - PLAINMessage message("user", "pass", "authz"); - CPPUNIT_ASSERT_EQUAL(message.getValue(), ByteArray("authz\0user\0pass", 15)); + PLAINMessage message("user", createSafeByteArray("pass"), "authz"); + CPPUNIT_ASSERT_EQUAL(message.getValue(), createSafeByteArray("authz\0user\0pass", 15)); } void testConstructor_WithoutAuthzID() { - PLAINMessage message(ByteArray("\0user\0pass", 10)); + PLAINMessage message(createSafeByteArray("\0user\0pass", 10)); CPPUNIT_ASSERT_EQUAL(std::string(""), message.getAuthorizationID()); CPPUNIT_ASSERT_EQUAL(std::string("user"), message.getAuthenticationID()); - CPPUNIT_ASSERT_EQUAL(std::string("pass"), message.getPassword()); + CPPUNIT_ASSERT_EQUAL(createSafeByteArray("pass"), message.getPassword()); } void testConstructor_WithAuthzID() { - PLAINMessage message(ByteArray("authz\0user\0pass", 15)); + PLAINMessage message(createSafeByteArray("authz\0user\0pass", 15)); CPPUNIT_ASSERT_EQUAL(std::string("authz"), message.getAuthorizationID()); CPPUNIT_ASSERT_EQUAL(std::string("user"), message.getAuthenticationID()); - CPPUNIT_ASSERT_EQUAL(std::string("pass"), message.getPassword()); + CPPUNIT_ASSERT_EQUAL(createSafeByteArray("pass"), message.getPassword()); } void testConstructor_NoAuthcid() { - PLAINMessage message(ByteArray("authzid", 7)); + PLAINMessage message(createSafeByteArray("authzid", 7)); CPPUNIT_ASSERT_EQUAL(std::string(""), message.getAuthenticationID()); } void testConstructor_NoPassword() { - PLAINMessage message(ByteArray("authzid\0authcid", 15)); + PLAINMessage message(createSafeByteArray("authzid\0authcid", 15)); CPPUNIT_ASSERT_EQUAL(std::string(""), message.getAuthenticationID()); } diff --git a/Swiften/SASL/UnitTest/SCRAMSHA1ClientAuthenticatorTest.cpp b/Swiften/SASL/UnitTest/SCRAMSHA1ClientAuthenticatorTest.cpp index 5d0edbd..f0ca01c 100644 --- a/Swiften/SASL/UnitTest/SCRAMSHA1ClientAuthenticatorTest.cpp +++ b/Swiften/SASL/UnitTest/SCRAMSHA1ClientAuthenticatorTest.cpp @@ -4,11 +4,13 @@ * See Documentation/Licenses/GPLv3.txt for more information. */ +#include <QA/Checker/IO.h> + #include <cppunit/extensions/HelperMacros.h> #include <cppunit/extensions/TestFactoryRegistry.h> -#include "Swiften/SASL/SCRAMSHA1ClientAuthenticator.h" -#include "Swiften/Base/ByteArray.h" +#include <Swiften/SASL/SCRAMSHA1ClientAuthenticator.h> +#include <Swiften/Base/ByteArray.h> using namespace Swift; @@ -41,179 +43,179 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture { void testGetInitialResponse() { SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH"); - testling.setCredentials("user", "pass", ""); + testling.setCredentials("user", createSafeByteArray("pass"), ""); - ByteArray response = *testling.getResponse(); + SafeByteArray response = *testling.getResponse(); - CPPUNIT_ASSERT_EQUAL(std::string("n,,n=user,r=abcdefghABCDEFGH"), response.toString()); + CPPUNIT_ASSERT_EQUAL(createSafeByteArray("n,,n=user,r=abcdefghABCDEFGH"), response); } void testGetInitialResponse_UsernameHasSpecialChars() { SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH"); - testling.setCredentials(",us=,er=", "pass", ""); + testling.setCredentials(",us=,er=", createSafeByteArray("pass"), ""); - ByteArray response = *testling.getResponse(); + SafeByteArray response = *testling.getResponse(); - CPPUNIT_ASSERT_EQUAL(std::string("n,,n==2Cus=3D=2Cer=3D,r=abcdefghABCDEFGH"), response.toString()); + CPPUNIT_ASSERT_EQUAL(createSafeByteArray("n,,n==2Cus=3D=2Cer=3D,r=abcdefghABCDEFGH"), response); } void testGetInitialResponse_WithAuthorizationID() { SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH"); - testling.setCredentials("user", "pass", "auth"); + testling.setCredentials("user", createSafeByteArray("pass"), "auth"); - ByteArray response = *testling.getResponse(); + SafeByteArray response = *testling.getResponse(); - CPPUNIT_ASSERT_EQUAL(std::string("n,a=auth,n=user,r=abcdefghABCDEFGH"), response.toString()); + CPPUNIT_ASSERT_EQUAL(createSafeByteArray("n,a=auth,n=user,r=abcdefghABCDEFGH"), response); } void testGetInitialResponse_WithAuthorizationIDWithSpecialChars() { SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH"); - testling.setCredentials("user", "pass", "a=u,th"); + testling.setCredentials("user", createSafeByteArray("pass"), "a=u,th"); - ByteArray response = *testling.getResponse(); + SafeByteArray response = *testling.getResponse(); - CPPUNIT_ASSERT_EQUAL(std::string("n,a=a=3Du=2Cth,n=user,r=abcdefghABCDEFGH"), response.toString()); + CPPUNIT_ASSERT_EQUAL(createSafeByteArray("n,a=a=3Du=2Cth,n=user,r=abcdefghABCDEFGH"), response); } void testGetInitialResponse_WithoutChannelBindingWithTLSChannelBindingData() { SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH", false); - testling.setTLSChannelBindingData("xyza"); - testling.setCredentials("user", "pass", ""); + testling.setTLSChannelBindingData(createByteArray("xyza")); + testling.setCredentials("user", createSafeByteArray("pass"), ""); - ByteArray response = *testling.getResponse(); + SafeByteArray response = *testling.getResponse(); - CPPUNIT_ASSERT_EQUAL(std::string("y,,n=user,r=abcdefghABCDEFGH"), response.toString()); + CPPUNIT_ASSERT_EQUAL(createSafeByteArray("y,,n=user,r=abcdefghABCDEFGH"), response); } void testGetInitialResponse_WithChannelBindingWithTLSChannelBindingData() { SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH", true); - testling.setTLSChannelBindingData("xyza"); - testling.setCredentials("user", "pass", ""); + testling.setTLSChannelBindingData(createByteArray("xyza")); + testling.setCredentials("user", createSafeByteArray("pass"), ""); - ByteArray response = *testling.getResponse(); + SafeByteArray response = *testling.getResponse(); - CPPUNIT_ASSERT_EQUAL(std::string("p=tls-unique,,n=user,r=abcdefghABCDEFGH"), response.toString()); + CPPUNIT_ASSERT_EQUAL(createSafeByteArray("p=tls-unique,,n=user,r=abcdefghABCDEFGH"), response); } void testGetFinalResponse() { SCRAMSHA1ClientAuthenticator testling("abcdefgh"); - testling.setCredentials("user", "pass", ""); - testling.setChallenge(ByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096")); + testling.setCredentials("user", createSafeByteArray("pass"), ""); + testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096")); - ByteArray response = *testling.getResponse(); + SafeByteArray response = *testling.getResponse(); - CPPUNIT_ASSERT_EQUAL(std::string("c=biws,r=abcdefghABCDEFGH,p=CZbjGDpIteIJwQNBgO0P8pKkMGY="), response.toString()); + CPPUNIT_ASSERT_EQUAL(createSafeByteArray("c=biws,r=abcdefghABCDEFGH,p=CZbjGDpIteIJwQNBgO0P8pKkMGY="), response); } void testGetFinalResponse_WithoutChannelBindingWithTLSChannelBindingData() { SCRAMSHA1ClientAuthenticator testling("abcdefgh", false); - testling.setCredentials("user", "pass", ""); - testling.setTLSChannelBindingData("xyza"); - testling.setChallenge(ByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096")); + testling.setCredentials("user", createSafeByteArray("pass"), ""); + testling.setTLSChannelBindingData(createByteArray("xyza")); + testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096")); - ByteArray response = *testling.getResponse(); + SafeByteArray response = *testling.getResponse(); - CPPUNIT_ASSERT_EQUAL(std::string("c=eSws,r=abcdefghABCDEFGH,p=JNpsiFEcxZvNZ1+FFBBqrYvYxMk="), response.toString()); + CPPUNIT_ASSERT_EQUAL(createSafeByteArray("c=eSws,r=abcdefghABCDEFGH,p=JNpsiFEcxZvNZ1+FFBBqrYvYxMk="), response); } void testGetFinalResponse_WithChannelBindingWithTLSChannelBindingData() { SCRAMSHA1ClientAuthenticator testling("abcdefgh", true); - testling.setCredentials("user", "pass", ""); - testling.setTLSChannelBindingData("xyza"); - testling.setChallenge(ByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096")); + testling.setCredentials("user", createSafeByteArray("pass"), ""); + testling.setTLSChannelBindingData(createByteArray("xyza")); + testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096")); - ByteArray response = *testling.getResponse(); + SafeByteArray response = *testling.getResponse(); - CPPUNIT_ASSERT_EQUAL(std::string("c=cD10bHMtdW5pcXVlLCx4eXph,r=abcdefghABCDEFGH,p=i6Rghite81P1ype8XxaVAa5l7v0="), response.toString()); + CPPUNIT_ASSERT_EQUAL(createSafeByteArray("c=cD10bHMtdW5pcXVlLCx4eXph,r=abcdefghABCDEFGH,p=i6Rghite81P1ype8XxaVAa5l7v0="), response); } void testSetFinalChallenge() { SCRAMSHA1ClientAuthenticator testling("abcdefgh"); - testling.setCredentials("user", "pass", ""); - testling.setChallenge(ByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096")); + testling.setCredentials("user", createSafeByteArray("pass"), ""); + testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096")); - bool result = testling.setChallenge(ByteArray("v=Dd+Q20knZs9jeeK0pi1Mx1Se+yo=")); + bool result = testling.setChallenge(createByteArray("v=Dd+Q20knZs9jeeK0pi1Mx1Se+yo=")); CPPUNIT_ASSERT(result); } void testSetChallenge() { SCRAMSHA1ClientAuthenticator testling("abcdefgh"); - testling.setCredentials("user", "pass", ""); + testling.setCredentials("user", createSafeByteArray("pass"), ""); - bool result = testling.setChallenge(ByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096")); + bool result = testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096")); CPPUNIT_ASSERT(result); } void testSetChallenge_InvalidClientNonce() { SCRAMSHA1ClientAuthenticator testling("abcdefgh"); - testling.setCredentials("user", "pass", ""); + testling.setCredentials("user", createSafeByteArray("pass"), ""); - bool result = testling.setChallenge(ByteArray("r=abcdefgiABCDEFGH,s=MTIzNDU2NzgK,i=4096")); + bool result = testling.setChallenge(createByteArray("r=abcdefgiABCDEFGH,s=MTIzNDU2NzgK,i=4096")); CPPUNIT_ASSERT(!result); } void testSetChallenge_OnlyClientNonce() { SCRAMSHA1ClientAuthenticator testling("abcdefgh"); - testling.setCredentials("user", "pass", ""); + testling.setCredentials("user", createSafeByteArray("pass"), ""); - bool result = testling.setChallenge(ByteArray("r=abcdefgh,s=MTIzNDU2NzgK,i=4096")); + bool result = testling.setChallenge(createByteArray("r=abcdefgh,s=MTIzNDU2NzgK,i=4096")); CPPUNIT_ASSERT(!result); } void testSetChallenge_InvalidIterations() { SCRAMSHA1ClientAuthenticator testling("abcdefgh"); - testling.setCredentials("user", "pass", ""); + testling.setCredentials("user", createSafeByteArray("pass"), ""); - bool result = testling.setChallenge(ByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=bla")); + bool result = testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=bla")); CPPUNIT_ASSERT(!result); } void testSetChallenge_MissingIterations() { SCRAMSHA1ClientAuthenticator testling("abcdefgh"); - testling.setCredentials("user", "pass", ""); + testling.setCredentials("user", createSafeByteArray("pass"), ""); - bool result = testling.setChallenge(ByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK")); + bool result = testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK")); CPPUNIT_ASSERT(!result); } void testSetChallenge_ZeroIterations() { SCRAMSHA1ClientAuthenticator testling("abcdefgh"); - testling.setCredentials("user", "pass", ""); + testling.setCredentials("user", createSafeByteArray("pass"), ""); - bool result = testling.setChallenge(ByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=0")); + bool result = testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=0")); CPPUNIT_ASSERT(!result); } void testSetChallenge_NegativeIterations() { SCRAMSHA1ClientAuthenticator testling("abcdefgh"); - testling.setCredentials("user", "pass", ""); + testling.setCredentials("user", createSafeByteArray("pass"), ""); - bool result = testling.setChallenge(ByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=-1")); + bool result = testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=-1")); CPPUNIT_ASSERT(!result); } void testSetFinalChallenge_InvalidChallenge() { SCRAMSHA1ClientAuthenticator testling("abcdefgh"); - testling.setCredentials("user", "pass", ""); - testling.setChallenge(ByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096")); - bool result = testling.setChallenge(ByteArray("v=e26kI69ICb6zosapLLxrER/631A=")); + testling.setCredentials("user", createSafeByteArray("pass"), ""); + testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096")); + bool result = testling.setChallenge(createByteArray("v=e26kI69ICb6zosapLLxrER/631A=")); CPPUNIT_ASSERT(!result); } void testGetResponseAfterFinalChallenge() { SCRAMSHA1ClientAuthenticator testling("abcdefgh"); - testling.setCredentials("user", "pass", ""); - testling.setChallenge(ByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096")); - testling.setChallenge(ByteArray("v=Dd+Q20knZs9jeeK0pi1Mx1Se+yo=")); + testling.setCredentials("user", createSafeByteArray("pass"), ""); + testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096")); + testling.setChallenge(createByteArray("v=Dd+Q20knZs9jeeK0pi1Mx1Se+yo=")); CPPUNIT_ASSERT(!testling.getResponse()); } |