Swiftdiff options
| author | Remko Tronçon <git@el-tramo.be> | 2009-11-20 22:53:40 (GMT) |
|---|---|---|
| committer | Remko Tronçon <git@el-tramo.be> | 2009-11-20 22:53:40 (GMT) |
| commit | 4417a63a1acdf5f6e78655e8ae377bc24d5d8f02 (patch) | |
| tree | 0c682fcc582a9f1181f436d5e5d98180fdf5387a /Swiften/SASL | |
| parent | 4e944a225d91ff4622e50186120ef0bbbb3a1d69 (diff) | |
| download | swift-4417a63a1acdf5f6e78655e8ae377bc24d5d8f02.zip swift-4417a63a1acdf5f6e78655e8ae377bc24d5d8f02.tar.bz2 | |
Implement SCRAM-SHA1.
Actually found out that I implemented the old RFC. Need to reimplement
SCRAM-SHA1 from scratch based on
http://tools.ietf.org/html/draft-ietf-sasl-scram-10
Disabling for now.
Diffstat (limited to 'Swiften/SASL')
| -rw-r--r-- | Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp index 3109f56..f5c55c0 100644 --- a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp +++ b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp @@ -1,56 +1,56 @@ #include "Swiften/SASL/SCRAMSHA1ClientAuthenticator.h" #include <cassert> #include "Swiften/StringCodecs/SHA1.h" #include "Swiften/StringCodecs/HMACSHA1.h" namespace Swift { -SCRAMSHA1ClientAuthenticator::SCRAMSHA1ClientAuthenticator(const ByteArray& nonce) : ClientAuthenticator("SCRAM-SHA1"), step(Initial), clientnonce(nonce) { +SCRAMSHA1ClientAuthenticator::SCRAMSHA1ClientAuthenticator(const ByteArray& nonce) : ClientAuthenticator("SCRAM-SHA-1"), step(Initial), clientnonce(nonce) { } ByteArray SCRAMSHA1ClientAuthenticator::getResponse() const { if (step == Initial) { return getInitialClientMessage(); } else { ByteArray mask = HMACSHA1::getResult(getClientVerifier(), initialServerMessage + getInitialClientMessage()); ByteArray p = SHA1::getBinaryHash(getPassword()); for (unsigned int i = 0; i < p.getSize(); ++i) { p[i] ^= mask[i]; } return p; } } bool SCRAMSHA1ClientAuthenticator::setChallenge(const ByteArray& response) { if (step == Initial) { initialServerMessage = response; step = Proof; return getSalt().getSize() > 0; } else { return response == HMACSHA1::getResult(getClientVerifier(), getInitialClientMessage() + initialServerMessage); } } ByteArray SCRAMSHA1ClientAuthenticator::getSalt() const { if (initialServerMessage.getSize() < 8) { std::cerr << "ERROR: SCRAM-SHA1: Invalid server response" << std::endl; return ByteArray(); } else { return ByteArray(initialServerMessage.getData(), 8); } } ByteArray SCRAMSHA1ClientAuthenticator::getClientVerifier() const { return HMACSHA1::getResult(SHA1::getBinaryHash(getPassword()), getSalt()); } ByteArray SCRAMSHA1ClientAuthenticator::getInitialClientMessage() const { return ByteArray(getAuthorizationID()) + '\0' + ByteArray(getAuthenticationID()) + '\0' + ByteArray(clientnonce); } } |