diff options
Diffstat (limited to 'Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp')
-rw-r--r-- | Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp | 34 |
1 files changed, 20 insertions, 14 deletions
diff --git a/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp b/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp index 6892948..ffa098c 100644 --- a/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp +++ b/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp @@ -4,21 +4,23 @@ * See Documentation/Licenses/GPLv3.txt for more information. */ -#include "Swiften/SASL/DIGESTMD5ClientAuthenticator.h" +#include <Swiften/SASL/DIGESTMD5ClientAuthenticator.h> #include <cassert> -#include "Swiften/StringCodecs/MD5.h" -#include "Swiften/StringCodecs/Hexify.h" +#include <Swiften/StringCodecs/MD5.h> +#include <Swiften/StringCodecs/Hexify.h> +#include <Swiften/Base/Concat.h> +#include <Swiften/Base/Algorithm.h> namespace Swift { DIGESTMD5ClientAuthenticator::DIGESTMD5ClientAuthenticator(const std::string& host, const std::string& nonce) : ClientAuthenticator("DIGEST-MD5"), step(Initial), host(host), cnonce(nonce) { } -boost::optional<ByteArray> DIGESTMD5ClientAuthenticator::getResponse() const { +boost::optional<SafeByteArray> DIGESTMD5ClientAuthenticator::getResponse() const { if (step == Initial) { - return boost::optional<ByteArray>(); + return boost::optional<SafeByteArray>(); } else if (step == Response) { std::string realm; @@ -30,16 +32,20 @@ boost::optional<ByteArray> DIGESTMD5ClientAuthenticator::getResponse() const { std::string nc = "00000001"; // Compute the response value - ByteArray A1 = MD5::getHash(getAuthenticationID() + ":" + realm + ":" + getPassword()) + ":" + *challenge.getValue("nonce") + ":" + cnonce; + ByteArray A1 = concat( + MD5::getHash( + createSafeByteArray(concat(SafeString(getAuthenticationID().c_str()), SafeString(":"), SafeString(realm.c_str()), SafeString(":"), getPassword()))), + createByteArray(":"), createByteArray(*challenge.getValue("nonce")), createByteArray(":"), createByteArray(cnonce)); if (!getAuthorizationID().empty()) { - A1 += ":" + getAuthenticationID(); + append(A1, createByteArray(":" + getAuthenticationID())); } - std::string A2 = "AUTHENTICATE:" + digestURI; + ByteArray A2 = createByteArray("AUTHENTICATE:" + digestURI); + + std::string responseValue = Hexify::hexify(MD5::getHash(createByteArray( + Hexify::hexify(MD5::getHash(A1)) + ":" + + *challenge.getValue("nonce") + ":" + nc + ":" + cnonce + ":" + qop + ":" + + Hexify::hexify(MD5::getHash(A2))))); - std::string responseValue = Hexify::hexify(MD5::getHash( - Hexify::hexify(MD5::getHash(A1)) + ":" - + *challenge.getValue("nonce") + ":" + nc + ":" + cnonce + ":" + qop + ":" - + Hexify::hexify(MD5::getHash(A2)))); DIGESTMD5Properties response; response.setValue("username", getAuthenticationID()); @@ -56,10 +62,10 @@ boost::optional<ByteArray> DIGESTMD5ClientAuthenticator::getResponse() const { if (!getAuthorizationID().empty()) { response.setValue("authzid", getAuthorizationID()); } - return response.serialize(); + return createSafeByteArray(response.serialize()); } else { - return boost::optional<ByteArray>(); + return boost::optional<SafeByteArray>(); } } |