Introduce safe containers for storing passwords.

author: Remko Tronçon <git@el-tramo.be> 2011-05-18 13:45:41 (GMT)
committer: Remko Tronçon <git@el-tramo.be> 2011-05-18 14:24:28 (GMT)
commit: 23fa0f462ddd0c686c677bfe5d4d743621432b7e (patch)
tree: b8f0ea1860640f89eafba2460cc5d45bf28fc77c /Swiften/SASL
parent: 2456a8b12163b3249b6b9164b601c36772eb05a1 (diff)
download: swift-23fa0f462ddd0c686c677bfe5d4d743621432b7e.zip
swift-23fa0f462ddd0c686c677bfe5d4d743621432b7e.tar.bz2
13 files changed, 76 insertions, 68 deletions
diff --git a/Swiften/SASL/ClientAuthenticator.h b/Swiften/SASL/ClientAuthenticator.h
index 399a9d5..6557b9a 100644
--- a/Swiften/SASL/ClientAuthenticator.h
+++ b/Swiften/SASL/ClientAuthenticator.h
@@ -7,10 +7,13 @@
 #pragma once
 
 #include <boost/optional.hpp>
-
 #include <string>
 #include <vector>
 
+#include <Swiften/Base/SafeString.h>
+#include <Swiften/Base/SafeByteArray.h>
+#include <Swiften/Base/ByteArray.h>
+
 namespace Swift {
 	class ClientAuthenticator {
 		public:
@@ -21,14 +24,14 @@ namespace Swift {
 				return name;
 			}
 
-			void setCredentials(const std::string& authcid, const std::string& password, const std::string& authzid = std::string()) {
+			void setCredentials(const std::string& authcid, const SafeString& password, const std::string& authzid = std::string()) {
 				this->authcid = authcid;
 				this->password = password;
 				this->authzid = authzid;
 			}
 
-			virtual boost::optional< std::vector<unsigned char> > getResponse() const = 0;
-			virtual bool setChallenge(const boost::optional< std::vector<unsigned char> >&) = 0;
+			virtual boost::optional<SafeByteArray> getResponse() const = 0;
+			virtual bool setChallenge(const boost::optional<ByteArray>&) = 0;
 
 			const std::string& getAuthenticationID() const {
 				return authcid;
@@ -38,14 +41,14 @@ namespace Swift {
 				return authzid;
 			}
 
-			const std::string& getPassword() const {
+			const SafeString& getPassword() const {
 				return password;
 			}
 		
 		private:
 			std::string name;
 			std::string authcid;
-			std::string password;
+			SafeString password;
 			std::string authzid;
 	};
 }
diff --git a/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp b/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp
index 3ff0893..ffa098c 100644
--- a/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp
+++ b/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp
@@ -18,9 +18,9 @@ namespace Swift {
 DIGESTMD5ClientAuthenticator::DIGESTMD5ClientAuthenticator(const std::string& host, const std::string& nonce) : ClientAuthenticator("DIGEST-MD5"), step(Initial), host(host), cnonce(nonce) {
 }
 
-boost::optional<ByteArray> DIGESTMD5ClientAuthenticator::getResponse() const {
+boost::optional<SafeByteArray> DIGESTMD5ClientAuthenticator::getResponse() const {
 	if (step == Initial) {
-		return boost::optional<ByteArray>();
+		return boost::optional<SafeByteArray>();
 	}
 	else if (step == Response) {
 		std::string realm;
@@ -33,7 +33,9 @@ boost::optional<ByteArray> DIGESTMD5ClientAuthenticator::getResponse() const {
 
 		// Compute the response value
 		ByteArray A1 = concat(
-			MD5::getHash(createByteArray(getAuthenticationID() + ":" + realm + ":" + getPassword())), createByteArray(":"), createByteArray(*challenge.getValue("nonce")), createByteArray(":"), createByteArray(cnonce));
+				MD5::getHash(
+					createSafeByteArray(concat(SafeString(getAuthenticationID().c_str()), SafeString(":"), SafeString(realm.c_str()), SafeString(":"), getPassword()))),
+				createByteArray(":"), createByteArray(*challenge.getValue("nonce")), createByteArray(":"), createByteArray(cnonce));
 		if (!getAuthorizationID().empty()) {
 			append(A1, createByteArray(":" + getAuthenticationID()));
 		}
@@ -60,10 +62,10 @@ boost::optional<ByteArray> DIGESTMD5ClientAuthenticator::getResponse() const {
 		if (!getAuthorizationID().empty()) {
 			response.setValue("authzid", getAuthorizationID());
 		}
-		return response.serialize();
+		return createSafeByteArray(response.serialize());
 	}
 	else {
-		return boost::optional<ByteArray>();
+		return boost::optional<SafeByteArray>();
 	}
 }
 
diff --git a/Swiften/SASL/DIGESTMD5ClientAuthenticator.h b/Swiften/SASL/DIGESTMD5ClientAuthenticator.h
index 82c8bc5..55bd592 100644
--- a/Swiften/SASL/DIGESTMD5ClientAuthenticator.h
+++ b/Swiften/SASL/DIGESTMD5ClientAuthenticator.h
@@ -12,13 +12,14 @@
 #include <vector>
 #include <Swiften/SASL/ClientAuthenticator.h>
 #include <Swiften/SASL/DIGESTMD5Properties.h>
+#include <Swiften/Base/SafeByteArray.h>
 
 namespace Swift {
 	class DIGESTMD5ClientAuthenticator : public ClientAuthenticator {
 		public:
 			DIGESTMD5ClientAuthenticator(const std::string& host, const std::string& nonce);
 			
-			virtual boost::optional<std::vector<unsigned char> > getResponse() const;
+			virtual boost::optional<SafeByteArray> getResponse() const;
 			virtual bool setChallenge(const boost::optional<std::vector<unsigned char> >&);
 
 		private:
diff --git a/Swiften/SASL/PLAINClientAuthenticator.cpp b/Swiften/SASL/PLAINClientAuthenticator.cpp
index 675542f..17f880a 100644
--- a/Swiften/SASL/PLAINClientAuthenticator.cpp
+++ b/Swiften/SASL/PLAINClientAuthenticator.cpp
@@ -12,8 +12,8 @@ namespace Swift {
 PLAINClientAuthenticator::PLAINClientAuthenticator() : ClientAuthenticator("PLAIN") {
 }
 
-boost::optional<ByteArray> PLAINClientAuthenticator::getResponse() const {
-	return concat(createByteArray(getAuthorizationID()), createByteArray('\0'), createByteArray(getAuthenticationID()), createByteArray('\0'), createByteArray(getPassword()));
+boost::optional<SafeByteArray> PLAINClientAuthenticator::getResponse() const {
+	return concat(createSafeByteArray(getAuthorizationID()), createSafeByteArray('\0'), createSafeByteArray(getAuthenticationID()), createSafeByteArray('\0'), createSafeByteArray(getPassword()));
 }
 
 bool PLAINClientAuthenticator::setChallenge(const boost::optional<ByteArray>&) {
diff --git a/Swiften/SASL/PLAINClientAuthenticator.h b/Swiften/SASL/PLAINClientAuthenticator.h
index 4e8f8be..83e45c1 100644
--- a/Swiften/SASL/PLAINClientAuthenticator.h
+++ b/Swiften/SASL/PLAINClientAuthenticator.h
@@ -14,7 +14,7 @@ namespace Swift {
 		public:
 			PLAINClientAuthenticator();
 
-			virtual boost::optional<ByteArray> getResponse() const;
+			virtual boost::optional<SafeByteArray> getResponse() const;
 			virtual bool setChallenge(const boost::optional<ByteArray>&);
 	};
 }
diff --git a/Swiften/SASL/PLAINMessage.cpp b/Swiften/SASL/PLAINMessage.cpp
index 036887c..20ffea7 100644
--- a/Swiften/SASL/PLAINMessage.cpp
+++ b/Swiften/SASL/PLAINMessage.cpp
@@ -5,13 +5,14 @@
  */
 
 #include <Swiften/SASL/PLAINMessage.h>
+#include <Swiften/Base/Concat.h>
 
 namespace Swift {
 
-PLAINMessage::PLAINMessage(const std::string& authcid, const std::string& password, const std::string& authzid) : authcid(authcid), authzid(authzid), password(password) {
+PLAINMessage::PLAINMessage(const std::string& authcid, const SafeByteArray& password, const std::string& authzid) : authcid(authcid), authzid(authzid), password(password) {
 }
 
-PLAINMessage::PLAINMessage(const ByteArray& value) {
+PLAINMessage::PLAINMessage(const SafeByteArray& value) {
 	size_t i = 0;
 	while (i < value.size() && value[i] != '\0') {
 		authzid += value[i];
@@ -31,14 +32,13 @@ PLAINMessage::PLAINMessage(const ByteArray& value) {
 	}
 	++i;
 	while (i < value.size()) {
-		password += value[i];
+		password.push_back(value[i]);
 		++i;
 	}
 }
 
-ByteArray PLAINMessage::getValue() const {
-	std::string s = authzid + '\0' + authcid + '\0' + password;
-	return createByteArray(s);
+SafeByteArray PLAINMessage::getValue() const {
+	return concat(createSafeByteArray(authzid), createSafeByteArray('\0'), createSafeByteArray(authcid), createSafeByteArray('\0'), password);
 }
 
 }
diff --git a/Swiften/SASL/PLAINMessage.h b/Swiften/SASL/PLAINMessage.h
index 916d267..46ee8f7 100644
--- a/Swiften/SASL/PLAINMessage.h
+++ b/Swiften/SASL/PLAINMessage.h
@@ -9,21 +9,21 @@
 #pragma once
 
 #include <string>
-#include <Swiften/Base/ByteArray.h>
+#include <Swiften/Base/SafeByteArray.h>
 
 namespace Swift {
 	class PLAINMessage {
 		public:
-			PLAINMessage(const std::string& authcid, const std::string& password, const std::string& authzid = "");
-			PLAINMessage(const ByteArray& value);
+			PLAINMessage(const std::string& authcid, const SafeByteArray& password, const std::string& authzid = "");
+			PLAINMessage(const SafeByteArray& value);
 
-			ByteArray getValue() const;
+			SafeByteArray getValue() const;
 
 			const std::string& getAuthenticationID() const {
 				return authcid;
 			}
 
-			const std::string& getPassword() const {
+			const SafeByteArray& getPassword() const {
 				return password;
 			}
 
@@ -34,6 +34,6 @@ namespace Swift {
 		private:
 			std::string authcid;
 			std::string authzid;
-			std::string password;
+			SafeByteArray password;
 	};
 }
diff --git a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp
index bda35b9..a9855a5 100644
--- a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp
+++ b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp
@@ -39,23 +39,23 @@ static std::string escape(const std::string& s) {
 SCRAMSHA1ClientAuthenticator::SCRAMSHA1ClientAuthenticator(const std::string& nonce, bool useChannelBinding) : ClientAuthenticator(useChannelBinding ? "SCRAM-SHA-1-PLUS" : "SCRAM-SHA-1"), step(Initial), clientnonce(nonce), useChannelBinding(useChannelBinding) {
 }
 
-boost::optional<ByteArray> SCRAMSHA1ClientAuthenticator::getResponse() const {
+boost::optional<SafeByteArray> SCRAMSHA1ClientAuthenticator::getResponse() const {
 	if (step == Initial) {
-		return concat(getGS2Header(), getInitialBareClientMessage());
+		return createSafeByteArray(concat(getGS2Header(), getInitialBareClientMessage()));
 	}
 	else if (step == Proof) {
 		ByteArray clientKey = HMACSHA1::getResult(saltedPassword, createByteArray("Client Key"));
 		ByteArray storedKey = SHA1::getHash(clientKey);
-		ByteArray clientSignature = HMACSHA1::getResult(storedKey, authMessage);
+		ByteArray clientSignature = HMACSHA1::getResult(createSafeByteArray(storedKey), authMessage);
 		ByteArray clientProof = clientKey;
 		for (unsigned int i = 0; i < clientProof.size(); ++i) {
 			clientProof[i] ^= clientSignature[i];
 		}
 		ByteArray result = concat(getFinalMessageWithoutProof(), createByteArray(",p="), createByteArray(Base64::encode(clientProof)));
-		return result;
+		return createSafeByteArray(result);
 	}
 	else {
-		return boost::optional<ByteArray>();
+		return boost::optional<SafeByteArray>();
 	}
 }
 
@@ -100,7 +100,7 @@ bool SCRAMSHA1ClientAuthenticator::setChallenge(const boost::optional<ByteArray>
 		}
 
 		// Compute all the values needed for the server signature
-		saltedPassword = PBKDF2::encode(createByteArray(StringPrep::getPrepared(getPassword(), StringPrep::SASLPrep)), salt, iterations);
+		saltedPassword = PBKDF2::encode(createSafeByteArray(StringPrep::getPrepared(getPassword(), StringPrep::SASLPrep)), salt, iterations);
 		authMessage = concat(getInitialBareClientMessage(), createByteArray(","), initialServerMessage, createByteArray(","), getFinalMessageWithoutProof());
 		ByteArray serverKey = HMACSHA1::getResult(saltedPassword, createByteArray("Server Key"));
 		serverSignature = HMACSHA1::getResult(serverKey, authMessage);
diff --git a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.h b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.h
index 5780bc4..d140013 100644
--- a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.h
+++ b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.h
@@ -20,7 +20,7 @@ namespace Swift {
 
 			void setTLSChannelBindingData(const ByteArray& channelBindingData);
 			
-			virtual boost::optional<ByteArray> getResponse() const;
+			virtual boost::optional<SafeByteArray> getResponse() const;
 			virtual bool setChallenge(const boost::optional<ByteArray>&);
 
 		private:
diff --git a/Swiften/SASL/UnitTest/DIGESTMD5ClientAuthenticatorTest.cpp b/Swiften/SASL/UnitTest/DIGESTMD5ClientAuthenticatorTest.cpp
index a16ffac..a16eda8 100644
--- a/Swiften/SASL/UnitTest/DIGESTMD5ClientAuthenticatorTest.cpp
+++ b/Swiften/SASL/UnitTest/DIGESTMD5ClientAuthenticatorTest.cpp
@@ -9,6 +9,7 @@
 
 #include <Swiften/SASL/DIGESTMD5ClientAuthenticator.h>
 #include <Swiften/Base/ByteArray.h>
+#include <QA/Checker/IO.h>
 
 using namespace Swift;
 
@@ -36,9 +37,9 @@ class DIGESTMD5ClientAuthenticatorTest : public CppUnit::TestFixture {
 				"nonce=\"O6skKPuaCZEny3hteI19qXMBXSadoWs840MchORo\","
 				"qop=auth,charset=utf-8,algorithm=md5-sess"));
 
-			ByteArray response = *testling.getResponse();
+			SafeByteArray response = *testling.getResponse();
 
-			CPPUNIT_ASSERT_EQUAL(std::string("charset=utf-8,cnonce=\"abcdefgh\",digest-uri=\"xmpp/xmpp.example.com\",nc=00000001,nonce=\"O6skKPuaCZEny3hteI19qXMBXSadoWs840MchORo\",qop=auth,realm=\"example.com\",response=088891c800ecff1b842159ad6459104a,username=\"user\""), byteArrayToString(response));
+			CPPUNIT_ASSERT_EQUAL(createSafeByteArray("charset=utf-8,cnonce=\"abcdefgh\",digest-uri=\"xmpp/xmpp.example.com\",nc=00000001,nonce=\"O6skKPuaCZEny3hteI19qXMBXSadoWs840MchORo\",qop=auth,realm=\"example.com\",response=088891c800ecff1b842159ad6459104a,username=\"user\""), response);
 		}
 
 		void testGetResponse_WithAuthorizationID() {
@@ -50,9 +51,9 @@ class DIGESTMD5ClientAuthenticatorTest : public CppUnit::TestFixture {
 				"nonce=\"O6skKPuaCZEny3hteI19qXMBXSadoWs840MchORo\","
 				"qop=auth,charset=utf-8,algorithm=md5-sess"));
 
-			ByteArray response = *testling.getResponse();
+			SafeByteArray response = *testling.getResponse();
 
-			CPPUNIT_ASSERT_EQUAL(std::string("authzid=\"myauthzid\",charset=utf-8,cnonce=\"abcdefgh\",digest-uri=\"xmpp/xmpp.example.com\",nc=00000001,nonce=\"O6skKPuaCZEny3hteI19qXMBXSadoWs840MchORo\",qop=auth,realm=\"example.com\",response=4293834432b6e7889a2dee7e8fe7dd06,username=\"user\""), byteArrayToString(response));
+			CPPUNIT_ASSERT_EQUAL(createSafeByteArray("authzid=\"myauthzid\",charset=utf-8,cnonce=\"abcdefgh\",digest-uri=\"xmpp/xmpp.example.com\",nc=00000001,nonce=\"O6skKPuaCZEny3hteI19qXMBXSadoWs840MchORo\",qop=auth,realm=\"example.com\",response=4293834432b6e7889a2dee7e8fe7dd06,username=\"user\""), response);
 		}
 };
 
diff --git a/Swiften/SASL/UnitTest/PLAINClientAuthenticatorTest.cpp b/Swiften/SASL/UnitTest/PLAINClientAuthenticatorTest.cpp
index 5c35e79..d6c4188 100644
--- a/Swiften/SASL/UnitTest/PLAINClientAuthenticatorTest.cpp
+++ b/Swiften/SASL/UnitTest/PLAINClientAuthenticatorTest.cpp
@@ -24,7 +24,7 @@ class PLAINClientAuthenticatorTest : public CppUnit::TestFixture {
 
 			testling.setCredentials("user", "pass");
 
-			CPPUNIT_ASSERT_EQUAL(*testling.getResponse(), createByteArray("\0user\0pass", 10));
+			CPPUNIT_ASSERT_EQUAL(*testling.getResponse(), createSafeByteArray("\0user\0pass", 10));
 		}
 
 		void testGetResponse_WithAuthzID() {
@@ -32,7 +32,7 @@ class PLAINClientAuthenticatorTest : public CppUnit::TestFixture {
 
 			testling.setCredentials("user", "pass", "authz");
 
-			CPPUNIT_ASSERT_EQUAL(*testling.getResponse(), createByteArray("authz\0user\0pass", 15));
+			CPPUNIT_ASSERT_EQUAL(*testling.getResponse(), createSafeByteArray("authz\0user\0pass", 15));
 		}
 };
 
diff --git a/Swiften/SASL/UnitTest/PLAINMessageTest.cpp b/Swiften/SASL/UnitTest/PLAINMessageTest.cpp
index dc3f82f..26331d6 100644
--- a/Swiften/SASL/UnitTest/PLAINMessageTest.cpp
+++ b/Swiften/SASL/UnitTest/PLAINMessageTest.cpp
@@ -29,39 +29,39 @@ class PLAINMessageTest : public CppUnit::TestFixture
 		PLAINMessageTest() {}
 
 		void testGetValue_WithoutAuthzID() {
-			PLAINMessage message("user", "pass");
-			CPPUNIT_ASSERT_EQUAL(message.getValue(), createByteArray("\0user\0pass", 10));
+			PLAINMessage message("user", createSafeByteArray("pass"));
+			CPPUNIT_ASSERT_EQUAL(message.getValue(), createSafeByteArray("\0user\0pass", 10));
 		}
 
 		void testGetValue_WithAuthzID() {
-			PLAINMessage message("user", "pass", "authz");
-			CPPUNIT_ASSERT_EQUAL(message.getValue(), createByteArray("authz\0user\0pass", 15));
+			PLAINMessage message("user", createSafeByteArray("pass"), "authz");
+			CPPUNIT_ASSERT_EQUAL(message.getValue(), createSafeByteArray("authz\0user\0pass", 15));
 		}
 
 		void testConstructor_WithoutAuthzID() {
-			PLAINMessage message(createByteArray("\0user\0pass", 10));
+			PLAINMessage message(createSafeByteArray("\0user\0pass", 10));
 
 			CPPUNIT_ASSERT_EQUAL(std::string(""), message.getAuthorizationID());
 			CPPUNIT_ASSERT_EQUAL(std::string("user"), message.getAuthenticationID());
-			CPPUNIT_ASSERT_EQUAL(std::string("pass"), message.getPassword());
+			CPPUNIT_ASSERT_EQUAL(createSafeByteArray("pass"), message.getPassword());
 		}
 
 		void testConstructor_WithAuthzID() {
-			PLAINMessage message(createByteArray("authz\0user\0pass", 15));
+			PLAINMessage message(createSafeByteArray("authz\0user\0pass", 15));
 
 			CPPUNIT_ASSERT_EQUAL(std::string("authz"), message.getAuthorizationID());
 			CPPUNIT_ASSERT_EQUAL(std::string("user"), message.getAuthenticationID());
-			CPPUNIT_ASSERT_EQUAL(std::string("pass"), message.getPassword());
+			CPPUNIT_ASSERT_EQUAL(createSafeByteArray("pass"), message.getPassword());
 		}
 
 		void testConstructor_NoAuthcid() {
-			PLAINMessage message(createByteArray("authzid", 7));
+			PLAINMessage message(createSafeByteArray("authzid", 7));
 
 			CPPUNIT_ASSERT_EQUAL(std::string(""), message.getAuthenticationID());
 		}
 
 		void testConstructor_NoPassword() {
-			PLAINMessage message(createByteArray("authzid\0authcid", 15));
+			PLAINMessage message(createSafeByteArray("authzid\0authcid", 15));
 
 			CPPUNIT_ASSERT_EQUAL(std::string(""), message.getAuthenticationID());
 		}
diff --git a/Swiften/SASL/UnitTest/SCRAMSHA1ClientAuthenticatorTest.cpp b/Swiften/SASL/UnitTest/SCRAMSHA1ClientAuthenticatorTest.cpp
index 78afaf7..0112691 100644
--- a/Swiften/SASL/UnitTest/SCRAMSHA1ClientAuthenticatorTest.cpp
+++ b/Swiften/SASL/UnitTest/SCRAMSHA1ClientAuthenticatorTest.cpp
@@ -9,6 +9,7 @@
 
 #include <Swiften/SASL/SCRAMSHA1ClientAuthenticator.h>
 #include <Swiften/Base/ByteArray.h>
+#include <QA/Checker/IO.h>
 
 using namespace Swift;
 
@@ -43,36 +44,36 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
 			SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH");
 			testling.setCredentials("user", "pass", "");
 
-			ByteArray response = *testling.getResponse();
+			SafeByteArray response = *testling.getResponse();
 
-			CPPUNIT_ASSERT_EQUAL(std::string("n,,n=user,r=abcdefghABCDEFGH"), byteArrayToString(response));
+			CPPUNIT_ASSERT_EQUAL(createSafeByteArray("n,,n=user,r=abcdefghABCDEFGH"), response);
 		}
 
 		void testGetInitialResponse_UsernameHasSpecialChars() {
 			SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH");
 			testling.setCredentials(",us=,er=", "pass", "");
 
-			ByteArray response = *testling.getResponse();
+			SafeByteArray response = *testling.getResponse();
 
-			CPPUNIT_ASSERT_EQUAL(std::string("n,,n==2Cus=3D=2Cer=3D,r=abcdefghABCDEFGH"), byteArrayToString(response));
+			CPPUNIT_ASSERT_EQUAL(createSafeByteArray("n,,n==2Cus=3D=2Cer=3D,r=abcdefghABCDEFGH"), response);
 		}
 
 		void testGetInitialResponse_WithAuthorizationID() {
 			SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH");
 			testling.setCredentials("user", "pass", "auth");
 
-			ByteArray response = *testling.getResponse();
+			SafeByteArray response = *testling.getResponse();
 
-			CPPUNIT_ASSERT_EQUAL(std::string("n,a=auth,n=user,r=abcdefghABCDEFGH"), byteArrayToString(response));
+			CPPUNIT_ASSERT_EQUAL(createSafeByteArray("n,a=auth,n=user,r=abcdefghABCDEFGH"), response);
 		}
 
 		void testGetInitialResponse_WithAuthorizationIDWithSpecialChars() {
 			SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH");
 			testling.setCredentials("user", "pass", "a=u,th");
 
-			ByteArray response = *testling.getResponse();
+			SafeByteArray response = *testling.getResponse();
 
-			CPPUNIT_ASSERT_EQUAL(std::string("n,a=a=3Du=2Cth,n=user,r=abcdefghABCDEFGH"), byteArrayToString(response));
+			CPPUNIT_ASSERT_EQUAL(createSafeByteArray("n,a=a=3Du=2Cth,n=user,r=abcdefghABCDEFGH"), response);
 		}
 
 		void testGetInitialResponse_WithoutChannelBindingWithTLSChannelBindingData() {
@@ -80,9 +81,9 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
 			testling.setTLSChannelBindingData(createByteArray("xyza"));
 			testling.setCredentials("user", "pass", "");
 
-			ByteArray response = *testling.getResponse();
+			SafeByteArray response = *testling.getResponse();
 
-			CPPUNIT_ASSERT_EQUAL(std::string("y,,n=user,r=abcdefghABCDEFGH"), byteArrayToString(response));
+			CPPUNIT_ASSERT_EQUAL(createSafeByteArray("y,,n=user,r=abcdefghABCDEFGH"), response);
 		}
 
 		void testGetInitialResponse_WithChannelBindingWithTLSChannelBindingData() {
@@ -90,9 +91,9 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
 			testling.setTLSChannelBindingData(createByteArray("xyza"));
 			testling.setCredentials("user", "pass", "");
 
-			ByteArray response = *testling.getResponse();
+			SafeByteArray response = *testling.getResponse();
 
-			CPPUNIT_ASSERT_EQUAL(std::string("p=tls-unique,,n=user,r=abcdefghABCDEFGH"), byteArrayToString(response));
+			CPPUNIT_ASSERT_EQUAL(createSafeByteArray("p=tls-unique,,n=user,r=abcdefghABCDEFGH"), response);
 		}
 
 		void testGetFinalResponse() {
@@ -100,9 +101,9 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
 			testling.setCredentials("user", "pass", "");
 			testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096"));
 
-			ByteArray response = *testling.getResponse();
+			SafeByteArray response = *testling.getResponse();
 
-			CPPUNIT_ASSERT_EQUAL(std::string("c=biws,r=abcdefghABCDEFGH,p=CZbjGDpIteIJwQNBgO0P8pKkMGY="), byteArrayToString(response));
+			CPPUNIT_ASSERT_EQUAL(createSafeByteArray("c=biws,r=abcdefghABCDEFGH,p=CZbjGDpIteIJwQNBgO0P8pKkMGY="), response);
 		}
 
 		void testGetFinalResponse_WithoutChannelBindingWithTLSChannelBindingData() {
@@ -111,9 +112,9 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
 			testling.setTLSChannelBindingData(createByteArray("xyza"));
 			testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096"));
 
-			ByteArray response = *testling.getResponse();
+			SafeByteArray response = *testling.getResponse();
 
-			CPPUNIT_ASSERT_EQUAL(std::string("c=eSws,r=abcdefghABCDEFGH,p=JNpsiFEcxZvNZ1+FFBBqrYvYxMk="), byteArrayToString(response));
+			CPPUNIT_ASSERT_EQUAL(createSafeByteArray("c=eSws,r=abcdefghABCDEFGH,p=JNpsiFEcxZvNZ1+FFBBqrYvYxMk="), response);
 		}
 
 		void testGetFinalResponse_WithChannelBindingWithTLSChannelBindingData() {
@@ -122,9 +123,9 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture {
 			testling.setTLSChannelBindingData(createByteArray("xyza"));
 			testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096"));
 
-			ByteArray response = *testling.getResponse();
+			SafeByteArray response = *testling.getResponse();
 
-			CPPUNIT_ASSERT_EQUAL(std::string("c=cD10bHMtdW5pcXVlLCx4eXph,r=abcdefghABCDEFGH,p=i6Rghite81P1ype8XxaVAa5l7v0="), byteArrayToString(response));
+			CPPUNIT_ASSERT_EQUAL(createSafeByteArray("c=cD10bHMtdW5pcXVlLCx4eXph,r=abcdefghABCDEFGH,p=i6Rghite81P1ype8XxaVAa5l7v0="), response);
 		}
 
 		void testSetFinalChallenge() {
author	Remko Tronçon <git@el-tramo.be>	2011-05-18 13:45:41 (GMT)
committer	Remko Tronçon <git@el-tramo.be>	2011-05-18 14:24:28 (GMT)
commit	23fa0f462ddd0c686c677bfe5d4d743621432b7e (patch)
tree	b8f0ea1860640f89eafba2460cc5d45bf28fc77c /Swiften/SASL
parent	2456a8b12163b3249b6b9164b601c36772eb05a1 (diff)
download	swift-23fa0f462ddd0c686c677bfe5d4d743621432b7e.zip swift-23fa0f462ddd0c686c677bfe5d4d743621432b7e.tar.bz2