diff options
Diffstat (limited to 'Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp')
-rw-r--r-- | Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp | 134 |
1 files changed, 67 insertions, 67 deletions
diff --git a/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp b/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp index f27caec..a736a77 100644 --- a/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp +++ b/Swiften/SASL/DIGESTMD5ClientAuthenticator.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2013 Isode Limited. + * Copyright (c) 2010-2016 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ @@ -8,10 +8,10 @@ #include <cassert> -#include <Swiften/StringCodecs/Hexify.h> -#include <Swiften/Base/Concat.h> #include <Swiften/Base/Algorithm.h> +#include <Swiften/Base/Concat.h> #include <Swiften/Crypto/CryptoProvider.h> +#include <Swiften/StringCodecs/Hexify.h> namespace Swift { @@ -19,78 +19,78 @@ DIGESTMD5ClientAuthenticator::DIGESTMD5ClientAuthenticator(const std::string& ho } boost::optional<SafeByteArray> DIGESTMD5ClientAuthenticator::getResponse() const { - if (step == Initial) { - return boost::optional<SafeByteArray>(); - } - else if (step == Response) { - std::string realm; - if (challenge.getValue("realm")) { - realm = *challenge.getValue("realm"); - } - std::string qop = "auth"; - std::string digestURI = "xmpp/" + host; - std::string nc = "00000001"; + if (step == Initial) { + return boost::optional<SafeByteArray>(); + } + else if (step == Response) { + std::string realm; + if (challenge.getValue("realm")) { + realm = *challenge.getValue("realm"); + } + std::string qop = "auth"; + std::string digestURI = "xmpp/" + host; + std::string nc = "00000001"; - // Compute the response value - ByteArray A1 = concat( - crypto->getMD5Hash( - concat(createSafeByteArray(getAuthenticationID().c_str()), createSafeByteArray(":"), createSafeByteArray(realm.c_str()), createSafeByteArray(":"), getPassword())), - createByteArray(":"), createByteArray(*challenge.getValue("nonce")), createByteArray(":"), createByteArray(cnonce)); - if (!getAuthorizationID().empty()) { - append(A1, createByteArray(":" + getAuthenticationID())); - } - ByteArray A2 = createByteArray("AUTHENTICATE:" + digestURI); + // Compute the response value + ByteArray A1 = concat( + crypto->getMD5Hash( + concat(createSafeByteArray(getAuthenticationID().c_str()), createSafeByteArray(":"), createSafeByteArray(realm.c_str()), createSafeByteArray(":"), getPassword())), + createByteArray(":"), createByteArray(*challenge.getValue("nonce")), createByteArray(":"), createByteArray(cnonce)); + if (!getAuthorizationID().empty()) { + append(A1, createByteArray(":" + getAuthenticationID())); + } + ByteArray A2 = createByteArray("AUTHENTICATE:" + digestURI); - std::string responseValue = Hexify::hexify(crypto->getMD5Hash(createByteArray( - Hexify::hexify(crypto->getMD5Hash(A1)) + ":" - + *challenge.getValue("nonce") + ":" + nc + ":" + cnonce + ":" + qop + ":" - + Hexify::hexify(crypto->getMD5Hash(A2))))); + std::string responseValue = Hexify::hexify(crypto->getMD5Hash(createByteArray( + Hexify::hexify(crypto->getMD5Hash(A1)) + ":" + + *challenge.getValue("nonce") + ":" + nc + ":" + cnonce + ":" + qop + ":" + + Hexify::hexify(crypto->getMD5Hash(A2))))); - DIGESTMD5Properties response; - response.setValue("username", getAuthenticationID()); - if (!realm.empty()) { - response.setValue("realm", realm); - } - response.setValue("nonce", *challenge.getValue("nonce")); - response.setValue("cnonce", cnonce); - response.setValue("nc", "00000001"); - response.setValue("qop", qop); - response.setValue("digest-uri", digestURI); - response.setValue("charset", "utf-8"); - response.setValue("response", responseValue); - if (!getAuthorizationID().empty()) { - response.setValue("authzid", getAuthorizationID()); - } - return createSafeByteArray(response.serialize()); - } - else { - return boost::optional<SafeByteArray>(); - } + DIGESTMD5Properties response; + response.setValue("username", getAuthenticationID()); + if (!realm.empty()) { + response.setValue("realm", realm); + } + response.setValue("nonce", *challenge.getValue("nonce")); + response.setValue("cnonce", cnonce); + response.setValue("nc", "00000001"); + response.setValue("qop", qop); + response.setValue("digest-uri", digestURI); + response.setValue("charset", "utf-8"); + response.setValue("response", responseValue); + if (!getAuthorizationID().empty()) { + response.setValue("authzid", getAuthorizationID()); + } + return createSafeByteArray(response.serialize()); + } + else { + return boost::optional<SafeByteArray>(); + } } bool DIGESTMD5ClientAuthenticator::setChallenge(const boost::optional<ByteArray>& challengeData) { - if (step == Initial) { - if (!challengeData) { - return false; - } - challenge = DIGESTMD5Properties::parse(*challengeData); + if (step == Initial) { + if (!challengeData) { + return false; + } + challenge = DIGESTMD5Properties::parse(*challengeData); - // Sanity checks - if (!challenge.getValue("nonce")) { - return false; - } - if (!challenge.getValue("charset") || *challenge.getValue("charset") != "utf-8") { - return false; - } - step = Response; - return true; - } - else { - step = Final; - // TODO: Check RSPAuth - return true; - } + // Sanity checks + if (!challenge.getValue("nonce")) { + return false; + } + if (!challenge.getValue("charset") || *challenge.getValue("charset") != "utf-8") { + return false; + } + step = Response; + return true; + } + else { + step = Final; + // TODO: Check RSPAuth + return true; + } } } |