summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKevin Smith <git@kismith.co.uk>2012-02-22 11:00:19 (GMT)
committerKevin Smith <git@kismith.co.uk>2012-02-28 16:02:29 (GMT)
commit0e4f068273ecaa2be24a046812893698a06481bc (patch)
tree9c3b7dbd3609a866c2123ea0c5a539b5c49d67dd /Swiften/SASL
parenteca0f020873f7620c5125101113e2c1eb25b273e (diff)
downloadswift-0e4f068273ecaa2be24a046812893698a06481bc.zip
swift-0e4f068273ecaa2be24a046812893698a06481bc.tar.bz2
Make Swift more usable in a FIPS-140 environment
Don't allow DIGEST-MD5 when Windows is set to FIPS mode. Use platform-provided hashing for SHA1.
Diffstat (limited to 'Swiften/SASL')
-rw-r--r--Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp4
-rw-r--r--Swiften/SASL/DIGESTMD5ClientAuthenticator.h1
2 files changed, 5 insertions, 0 deletions
diff --git a/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp b/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp
index 5e78ee2..249a538 100644
--- a/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp
+++ b/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp
@@ -18,6 +18,10 @@ namespace Swift {
DIGESTMD5ClientAuthenticator::DIGESTMD5ClientAuthenticator(const std::string& host, const std::string& nonce) : ClientAuthenticator("DIGEST-MD5"), step(Initial), host(host), cnonce(nonce) {
}
+bool DIGESTMD5ClientAuthenticator::canBeUsed() {
+ return MD5::isAllowedForCrypto();
+}
+
boost::optional<SafeByteArray> DIGESTMD5ClientAuthenticator::getResponse() const {
if (step == Initial) {
return boost::optional<SafeByteArray>();
diff --git a/Swiften/SASL/DIGESTMD5ClientAuthenticator.h b/Swiften/SASL/DIGESTMD5ClientAuthenticator.h
index 55bd592..7ced962 100644
--- a/Swiften/SASL/DIGESTMD5ClientAuthenticator.h
+++ b/Swiften/SASL/DIGESTMD5ClientAuthenticator.h
@@ -21,6 +21,7 @@ namespace Swift {
virtual boost::optional<SafeByteArray> getResponse() const;
virtual bool setChallenge(const boost::optional<std::vector<unsigned char> >&);
+ static bool canBeUsed();
private:
enum Step {