Limit the use of the SafeString type.

author: Remko Tronçon <git@el-tramo.be> 2011-06-03 12:25:57 (GMT)
committer: Remko Tronçon <git@el-tramo.be> 2011-06-03 12:46:12 (GMT)
commit: 21fda3308975201eeebeacd98e2b587ef4448862 (patch)
tree: e8aebe473a636cf5a312814d4054d8af0d9ad6a6 /Swiften/SASL
parent: 10334c139670861d4860da59ad837fc3fe6fd41e (diff)
download: swift-21fda3308975201eeebeacd98e2b587ef4448862.zip
swift-21fda3308975201eeebeacd98e2b587ef4448862.tar.bz2
7 files changed, 29 insertions, 30 deletions
diff --git a/Swiften/SASL/ClientAuthenticator.h b/Swiften/SASL/ClientAuthenticator.h
index 6557b9a..8710ac8 100644
--- a/Swiften/SASL/ClientAuthenticator.h
+++ b/Swiften/SASL/ClientAuthenticator.h
@@ -10,7 +10,6 @@
 #include <string>
 #include <vector>
 
-#include <Swiften/Base/SafeString.h>
 #include <Swiften/Base/SafeByteArray.h>
 #include <Swiften/Base/ByteArray.h>
 
@@ -24,7 +23,7 @@ namespace Swift {
 				return name;
 			}
 
-			void setCredentials(const std::string& authcid, const SafeString& password, const std::string& authzid = std::string()) {
+			void setCredentials(const std::string& authcid, const SafeByteArray& password, const std::string& authzid = std::string()) {
 				this->authcid = authcid;
 				this->password = password;
 				this->authzid = authzid;
@@ -41,14 +40,14 @@ namespace Swift {
 				return authzid;
 			}
 
-			const SafeString& getPassword() const {
+			const SafeByteArray& getPassword() const {
 				return password;
 			}
 		
 		private:
 			std::string name;
 			std::string authcid;
-			SafeString password;
+			SafeByteArray password;
 			std::string authzid;
 	};
 }
diff --git a/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp b/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp
index ffa098c..5e78ee2 100644
--- a/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp
+++ b/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp
@@ -34,7 +34,7 @@ boost::optional<SafeByteArray> DIGESTMD5ClientAuthenticator::getResponse() const
 		// Compute the response value
 		ByteArray A1 = concat(
 				MD5::getHash(
-					createSafeByteArray(concat(SafeString(getAuthenticationID().c_str()), SafeString(":"), SafeString(realm.c_str()), SafeString(":"), getPassword()))),
+					concat(createSafeByteArray(getAuthenticationID().c_str()), createSafeByteArray(":"), createSafeByteArray(realm.c_str()), createSafeByteArray(":"), getPassword())),
 				createByteArray(":"), createByteArray(*challenge.getValue("nonce")), createByteArray(":"), createByteArray(cnonce));
 		if (!getAuthorizationID().empty()) {
 			append(A1, createByteArray(":" + getAuthenticationID()));
diff --git a/Swiften/SASL/PLAINClientAuthenticator.cpp b/Swiften/SASL/PLAINClientAuthenticator.cpp
index 17f880a..7872174 100644
--- a/Swiften/SASL/PLAINClientAuthenticator.cpp
+++ b/Swiften/SASL/PLAINClientAuthenticator.cpp
@@ -13,7 +13,7 @@ PLAINClientAuthenticator::PLAINClientAuthenticator() : ClientAuthenticator("PLAI
 }
 
 boost::optional<SafeByteArray> PLAINClientAuthenticator::getResponse() const {
-	return concat(createSafeByteArray(getAuthorizationID()), createSafeByteArray('\0'), createSafeByteArray(getAuthenticationID()), createSafeByteArray('\0'), createSafeByteArray(getPassword()));
+	return concat(createSafeByteArray(getAuthorizationID()), createSafeByteArray('\0'), createSafeByteArray(getAuthenticationID()), createSafeByteArray('\0'), getPassword());
 }
 
 bool PLAINClientAuthenticator::setChallenge(const boost::optional<ByteArray>&) {
diff --git a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp
index a9855a5..1d0ad70 100644
--- a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp
+++ b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp
@@ -100,7 +100,7 @@ bool SCRAMSHA1ClientAuthenticator::setChallenge(const boost::optional<ByteArray>
 		}
 
 		// Compute all the values needed for the server signature
-		saltedPassword = PBKDF2::encode(createSafeByteArray(StringPrep::getPrepared(getPassword(), StringPrep::SASLPrep)), salt, iterations);
+		saltedPassword = PBKDF2::encode(StringPrep::getPrepared(getPassword(), StringPrep::SASLPrep), salt, iterations);
 		authMessage = concat(getInitialBareClientMessage(), createByteArray(","), initialServerMessage, createByteArray(","), getFinalMessageWithoutProof());
 		ByteArray serverKey = HMACSHA1::getResult(saltedPassword, createByteArray("Server Key"));
 		serverSignature = HMACSHA1::getResult(serverKey, authMessage);
diff --git a/Swiften/SASL/UnitTest/DIGESTMD5ClientAuthenticatorTest.cpp b/Swiften/SASL/UnitTest/DIGESTMD5ClientAuthenticatorTest.cpp
index e5f26ae..38bab15 100644
--- a/Swiften/SASL/UnitTest/DIGESTMD5ClientAuthenticatorTest.cpp
+++ b/Swiften/SASL/UnitTest/DIGESTMD5ClientAuthenticatorTest.cpp
@@ -32,7 +32,7 @@ class DIGESTMD5ClientAuthenticatorTest : public CppUnit::TestFixture {
 		void testGetResponse() {
 			DIGESTMD5ClientAuthenticator testling("xmpp.example.com", "abcdefgh");
 
-			testling.setCredentials("user", "pass", "");
+			testling.setCredentials("user", createSafeByteArray("pass"), "");
 			testling.setChallenge(createByteArray(
 				"realm=\"example.com\","
 				"nonce=\"O6skKPuaCZEny3hteI19qXMBXSadoWs840MchORo\","
@@ -46,7 +46,7 @@ class DIGESTMD5ClientAuthenticatorTest : public CppUnit::TestFixture {
 		void testGetResponse_WithAuthorizationID() {
 			DIGESTMD5ClientAuthenticator testling("xmpp.example.com", "abcdefgh");
 
-			testling.setCredentials("user", "pass", "myauthzid");
+			testling.setCredentials("user", createSafeByteArray("pass"), "myauthzid");
 			testling.setChallenge(createByteArray(
 				"realm=\"example.com\","
 				"nonce=\"O6skKPuaCZEny3hteI19qXMBXSadoWs840MchORo\","
diff --git a/Swiften/SASL/UnitTest/PLAINClientAuthenticatorTest.cpp b/Swiften/SASL/UnitTest/PLAINClientAuthenticatorTest.cpp
index d6c4188..3416923 100644
--- a/Swiften/SASL/UnitTest/PLAINClientAuthenticatorTest.cpp
+++ b/Swiften/SASL/UnitTest/PLAINClientAuthenticatorTest.cpp
@@ -22,7 +22,7 @@ class PLAINClientAuthenticatorTest : public CppUnit::TestFixture {
 		void testGetResponse_WithoutAuthzID() {
 			PLAINClientAuthenticator testling;
 
-			testling.setCredentials("user", "pass");
+			testling.setCredentials("user", createSafeByteArray("pass"));
 
 			CPPUNIT_ASSERT_EQUAL(*testling.getResponse(), createSafeByteArray("\0user\0pass", 10));
 		}
@@ -30,7 +30,7 @@ class PLAINClientAuthenticatorTest : public CppUnit::TestFixture {
 		void testGetResponse_WithAuthzID() {
 			PLAINClientAuthenticator testling;
 
-			testling.setCredentials("user", "pass", "authz");
+			testling.setCredentials("user", createSafeByteArray("pass"), "authz");
 
 			CPPUNIT_ASSERT_EQUAL(*testling.getResponse(), createSafeByteArray("authz\0user\0pass", 15));
 		}
diff --git a/Swiften/SASL/UnitTest/SCRAMSHA1ClientAuthenticatorTest.cpp b/Swiften/SASL/UnitTest/SCRAMSHA1ClientAuthenticatorTest.cpp
index 6db51fb..f0ca01c 100644
--- a/Swiften/SASL/UnitTest/SCRAMSHA1ClientAuthenticatorTest.cpp
+++ b/Swiften/SASL/UnitTest/SCRAMSHA1ClientAuthenticatorTest.cpp
@@ -43,7 +43,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
 
 		void testGetInitialResponse() {
 			SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH");
-			testling.setCredentials("user", "pass", "");
+			testling.setCredentials("user", createSafeByteArray("pass"), "");
 
 			SafeByteArray response = *testling.getResponse();
 
@@ -52,7 +52,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
 
 		void testGetInitialResponse_UsernameHasSpecialChars() {
 			SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH");
-			testling.setCredentials(",us=,er=", "pass", "");
+			testling.setCredentials(",us=,er=", createSafeByteArray("pass"), "");
 
 			SafeByteArray response = *testling.getResponse();
 
@@ -61,7 +61,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
 
 		void testGetInitialResponse_WithAuthorizationID() {
 			SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH");
-			testling.setCredentials("user", "pass", "auth");
+			testling.setCredentials("user", createSafeByteArray("pass"), "auth");
 
 			SafeByteArray response = *testling.getResponse();
 
@@ -70,7 +70,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
 
 		void testGetInitialResponse_WithAuthorizationIDWithSpecialChars() {
 			SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH");
-			testling.setCredentials("user", "pass", "a=u,th");
+			testling.setCredentials("user", createSafeByteArray("pass"), "a=u,th");
 
 			SafeByteArray response = *testling.getResponse();
 
@@ -80,7 +80,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
 		void testGetInitialResponse_WithoutChannelBindingWithTLSChannelBindingData() {
 			SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH", false);
 			testling.setTLSChannelBindingData(createByteArray("xyza"));
-			testling.setCredentials("user", "pass", "");
+			testling.setCredentials("user", createSafeByteArray("pass"), "");
 
 			SafeByteArray response = *testling.getResponse();
 
@@ -90,7 +90,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
 		void testGetInitialResponse_WithChannelBindingWithTLSChannelBindingData() {
 			SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH", true);
 			testling.setTLSChannelBindingData(createByteArray("xyza"));
-			testling.setCredentials("user", "pass", "");
+			testling.setCredentials("user", createSafeByteArray("pass"), "");
 
 			SafeByteArray response = *testling.getResponse();
 
@@ -99,7 +99,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
 
 		void testGetFinalResponse() {
 			SCRAMSHA1ClientAuthenticator testling("abcdefgh");
-			testling.setCredentials("user", "pass", "");
+			testling.setCredentials("user", createSafeByteArray("pass"), "");
 			testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096"));
 
 			SafeByteArray response = *testling.getResponse();
@@ -109,7 +109,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
 
 		void testGetFinalResponse_WithoutChannelBindingWithTLSChannelBindingData() {
 			SCRAMSHA1ClientAuthenticator testling("abcdefgh", false);
-			testling.setCredentials("user", "pass", "");
+			testling.setCredentials("user", createSafeByteArray("pass"), "");
 			testling.setTLSChannelBindingData(createByteArray("xyza"));
 			testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096"));
 
@@ -120,7 +120,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
 
 		void testGetFinalResponse_WithChannelBindingWithTLSChannelBindingData() {
 			SCRAMSHA1ClientAuthenticator testling("abcdefgh", true);
-			testling.setCredentials("user", "pass", "");
+			testling.setCredentials("user", createSafeByteArray("pass"), "");
 			testling.setTLSChannelBindingData(createByteArray("xyza"));
 			testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096"));
 
@@ -131,7 +131,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
 
 		void testSetFinalChallenge() {
 			SCRAMSHA1ClientAuthenticator testling("abcdefgh");
-			testling.setCredentials("user", "pass", "");
+			testling.setCredentials("user", createSafeByteArray("pass"), "");
 			testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096"));
 
 			bool result = testling.setChallenge(createByteArray("v=Dd+Q20knZs9jeeK0pi1Mx1Se+yo="));
@@ -141,7 +141,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
 
 		void testSetChallenge() {
 			SCRAMSHA1ClientAuthenticator testling("abcdefgh");
-			testling.setCredentials("user", "pass", "");
+			testling.setCredentials("user", createSafeByteArray("pass"), "");
 
 			bool result = testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096"));
 
@@ -150,7 +150,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
 
 		void testSetChallenge_InvalidClientNonce() {
 			SCRAMSHA1ClientAuthenticator testling("abcdefgh");
-			testling.setCredentials("user", "pass", "");
+			testling.setCredentials("user", createSafeByteArray("pass"), "");
 
 			bool result = testling.setChallenge(createByteArray("r=abcdefgiABCDEFGH,s=MTIzNDU2NzgK,i=4096"));
 
@@ -159,7 +159,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
 
 		void testSetChallenge_OnlyClientNonce() {
 			SCRAMSHA1ClientAuthenticator testling("abcdefgh");
-			testling.setCredentials("user", "pass", "");
+			testling.setCredentials("user", createSafeByteArray("pass"), "");
 
 			bool result = testling.setChallenge(createByteArray("r=abcdefgh,s=MTIzNDU2NzgK,i=4096"));
 
@@ -168,7 +168,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
 
 		void testSetChallenge_InvalidIterations() {
 			SCRAMSHA1ClientAuthenticator testling("abcdefgh");
-			testling.setCredentials("user", "pass", "");
+			testling.setCredentials("user", createSafeByteArray("pass"), "");
 
 			bool result = testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=bla"));
 
@@ -177,7 +177,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
 
 		void testSetChallenge_MissingIterations() {
 			SCRAMSHA1ClientAuthenticator testling("abcdefgh");
-			testling.setCredentials("user", "pass", "");
+			testling.setCredentials("user", createSafeByteArray("pass"), "");
 
 			bool result = testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK"));
 
@@ -186,7 +186,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
 
 		void testSetChallenge_ZeroIterations() {
 			SCRAMSHA1ClientAuthenticator testling("abcdefgh");
-			testling.setCredentials("user", "pass", "");
+			testling.setCredentials("user", createSafeByteArray("pass"), "");
 
 			bool result = testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=0"));
 
@@ -195,7 +195,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
 
 		void testSetChallenge_NegativeIterations() {
 			SCRAMSHA1ClientAuthenticator testling("abcdefgh");
-			testling.setCredentials("user", "pass", "");
+			testling.setCredentials("user", createSafeByteArray("pass"), "");
 
 			bool result = testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=-1"));
 
@@ -204,7 +204,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
 
 		void testSetFinalChallenge_InvalidChallenge() {
 			SCRAMSHA1ClientAuthenticator testling("abcdefgh");
-			testling.setCredentials("user", "pass", "");
+			testling.setCredentials("user", createSafeByteArray("pass"), "");
 			testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096"));
 			bool result = testling.setChallenge(createByteArray("v=e26kI69ICb6zosapLLxrER/631A="));
 
@@ -213,7 +213,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
 
 		void testGetResponseAfterFinalChallenge() {
 			SCRAMSHA1ClientAuthenticator testling("abcdefgh");
-			testling.setCredentials("user", "pass", "");
+			testling.setCredentials("user", createSafeByteArray("pass"), "");
 			testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096"));
 			testling.setChallenge(createByteArray("v=Dd+Q20knZs9jeeK0pi1Mx1Se+yo="));
author	Remko Tronçon <git@el-tramo.be>	2011-06-03 12:25:57 (GMT)
committer	Remko Tronçon <git@el-tramo.be>	2011-06-03 12:46:12 (GMT)
commit	21fda3308975201eeebeacd98e2b587ef4448862 (patch)
tree	e8aebe473a636cf5a312814d4054d8af0d9ad6a6 /Swiften/SASL
parent	10334c139670861d4860da59ad837fc3fe6fd41e (diff)
download	swift-21fda3308975201eeebeacd98e2b587ef4448862.zip swift-21fda3308975201eeebeacd98e2b587ef4448862.tar.bz2