Swiftdiff options
Diffstat (limited to 'Swiften/SASL')
| -rw-r--r-- | Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp | 8 | ||||
| -rw-r--r-- | Swiften/SASL/SCRAMSHA1ClientAuthenticator.h | 5 | ||||
| -rw-r--r-- | Swiften/SASL/UnitTest/SCRAMSHA1ClientAuthenticatorTest.cpp | 45 |
3 files changed, 33 insertions, 25 deletions
diff --git a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp index 09e202e..38e3289 100644 --- a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp +++ b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp @@ -14,7 +14,7 @@ #include <Swiften/StringCodecs/Base64.h> #include <Swiften/StringCodecs/HMAC_SHA1.h> #include <Swiften/StringCodecs/PBKDF2.h> -#include <Swiften/IDN/StringPrep.h> +#include <Swiften/IDN/IDNConverter.h> #include <Swiften/Base/Concat.h> namespace Swift { @@ -36,7 +36,7 @@ static std::string escape(const std::string& s) { } -SCRAMSHA1ClientAuthenticator::SCRAMSHA1ClientAuthenticator(const std::string& nonce, bool useChannelBinding) : ClientAuthenticator(useChannelBinding ? "SCRAM-SHA-1-PLUS" : "SCRAM-SHA-1"), step(Initial), clientnonce(nonce), useChannelBinding(useChannelBinding) { +SCRAMSHA1ClientAuthenticator::SCRAMSHA1ClientAuthenticator(const std::string& nonce, bool useChannelBinding, IDNConverter* idnConverter) : ClientAuthenticator(useChannelBinding ? "SCRAM-SHA-1-PLUS" : "SCRAM-SHA-1"), step(Initial), clientnonce(nonce), useChannelBinding(useChannelBinding), idnConverter(idnConverter) { } boost::optional<SafeByteArray> SCRAMSHA1ClientAuthenticator::getResponse() const { @@ -96,7 +96,7 @@ bool SCRAMSHA1ClientAuthenticator::setChallenge(const boost::optional<ByteArray> // Compute all the values needed for the server signature try { - saltedPassword = PBKDF2::encode<HMAC_SHA1>(StringPrep::getPrepared(getPassword(), StringPrep::SASLPrep), salt, iterations); + saltedPassword = PBKDF2::encode<HMAC_SHA1>(idnConverter->getStringPrepared(getPassword(), IDNConverter::SASLPrep), salt, iterations); } catch (const std::exception&) { } @@ -148,7 +148,7 @@ std::map<char, std::string> SCRAMSHA1ClientAuthenticator::parseMap(const std::st ByteArray SCRAMSHA1ClientAuthenticator::getInitialBareClientMessage() const { std::string authenticationID; try { - authenticationID = StringPrep::getPrepared(getAuthenticationID(), StringPrep::SASLPrep); + authenticationID = idnConverter->getStringPrepared(getAuthenticationID(), IDNConverter::SASLPrep); } catch (const std::exception&) { } diff --git a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.h b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.h index ace69b0..da52bbc 100644 --- a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.h +++ b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.h @@ -15,9 +15,11 @@ #include <Swiften/Base/API.h> namespace Swift { + class IDNConverter; + class SWIFTEN_API SCRAMSHA1ClientAuthenticator : public ClientAuthenticator { public: - SCRAMSHA1ClientAuthenticator(const std::string& nonce, bool useChannelBinding = false); + SCRAMSHA1ClientAuthenticator(const std::string& nonce, bool useChannelBinding, IDNConverter*); void setTLSChannelBindingData(const ByteArray& channelBindingData); @@ -44,6 +46,7 @@ namespace Swift { ByteArray saltedPassword; ByteArray serverSignature; bool useChannelBinding; + IDNConverter* idnConverter; boost::optional<ByteArray> tlsChannelBindingData; }; } diff --git a/Swiften/SASL/UnitTest/SCRAMSHA1ClientAuthenticatorTest.cpp b/Swiften/SASL/UnitTest/SCRAMSHA1ClientAuthenticatorTest.cpp index f0ca01c..6266f3e 100644 --- a/Swiften/SASL/UnitTest/SCRAMSHA1ClientAuthenticatorTest.cpp +++ b/Swiften/SASL/UnitTest/SCRAMSHA1ClientAuthenticatorTest.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010 Remko Tronçon + * Copyright (c) 2010-2013 Remko Tronçon * Licensed under the GNU General Public License v3. * See Documentation/Licenses/GPLv3.txt for more information. */ @@ -11,6 +11,8 @@ #include <Swiften/SASL/SCRAMSHA1ClientAuthenticator.h> #include <Swiften/Base/ByteArray.h> +#include <Swiften/IDN/IDNConverter.h> +#include <Swiften/IDN/PlatformIDNConverter.h> using namespace Swift; @@ -39,10 +41,11 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture { public: void setUp() { + idnConverter = boost::shared_ptr<IDNConverter>(PlatformIDNConverter::create()); } void testGetInitialResponse() { - SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH"); + SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH", false, idnConverter.get()); testling.setCredentials("user", createSafeByteArray("pass"), ""); SafeByteArray response = *testling.getResponse(); @@ -51,7 +54,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture { } void testGetInitialResponse_UsernameHasSpecialChars() { - SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH"); + SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH", false, idnConverter.get()); testling.setCredentials(",us=,er=", createSafeByteArray("pass"), ""); SafeByteArray response = *testling.getResponse(); @@ -60,7 +63,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture { } void testGetInitialResponse_WithAuthorizationID() { - SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH"); + SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH", false, idnConverter.get()); testling.setCredentials("user", createSafeByteArray("pass"), "auth"); SafeByteArray response = *testling.getResponse(); @@ -69,7 +72,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture { } void testGetInitialResponse_WithAuthorizationIDWithSpecialChars() { - SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH"); + SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH", false, idnConverter.get()); testling.setCredentials("user", createSafeByteArray("pass"), "a=u,th"); SafeByteArray response = *testling.getResponse(); @@ -78,7 +81,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture { } void testGetInitialResponse_WithoutChannelBindingWithTLSChannelBindingData() { - SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH", false); + SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH", false, idnConverter.get()); testling.setTLSChannelBindingData(createByteArray("xyza")); testling.setCredentials("user", createSafeByteArray("pass"), ""); @@ -88,7 +91,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture { } void testGetInitialResponse_WithChannelBindingWithTLSChannelBindingData() { - SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH", true); + SCRAMSHA1ClientAuthenticator testling("abcdefghABCDEFGH", true, idnConverter.get()); testling.setTLSChannelBindingData(createByteArray("xyza")); testling.setCredentials("user", createSafeByteArray("pass"), ""); @@ -98,7 +101,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture { } void testGetFinalResponse() { - SCRAMSHA1ClientAuthenticator testling("abcdefgh"); + SCRAMSHA1ClientAuthenticator testling("abcdefgh", false, idnConverter.get()); testling.setCredentials("user", createSafeByteArray("pass"), ""); testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096")); @@ -108,7 +111,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture { } void testGetFinalResponse_WithoutChannelBindingWithTLSChannelBindingData() { - SCRAMSHA1ClientAuthenticator testling("abcdefgh", false); + SCRAMSHA1ClientAuthenticator testling("abcdefgh", false, idnConverter.get()); testling.setCredentials("user", createSafeByteArray("pass"), ""); testling.setTLSChannelBindingData(createByteArray("xyza")); testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096")); @@ -119,7 +122,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture { } void testGetFinalResponse_WithChannelBindingWithTLSChannelBindingData() { - SCRAMSHA1ClientAuthenticator testling("abcdefgh", true); + SCRAMSHA1ClientAuthenticator testling("abcdefgh", true, idnConverter.get()); testling.setCredentials("user", createSafeByteArray("pass"), ""); testling.setTLSChannelBindingData(createByteArray("xyza")); testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096")); @@ -130,7 +133,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture { } void testSetFinalChallenge() { - SCRAMSHA1ClientAuthenticator testling("abcdefgh"); + SCRAMSHA1ClientAuthenticator testling("abcdefgh", false, idnConverter.get()); testling.setCredentials("user", createSafeByteArray("pass"), ""); testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096")); @@ -140,7 +143,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture { } void testSetChallenge() { - SCRAMSHA1ClientAuthenticator testling("abcdefgh"); + SCRAMSHA1ClientAuthenticator testling("abcdefgh", false, idnConverter.get()); testling.setCredentials("user", createSafeByteArray("pass"), ""); bool result = testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096")); @@ -149,7 +152,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture { } void testSetChallenge_InvalidClientNonce() { - SCRAMSHA1ClientAuthenticator testling("abcdefgh"); + SCRAMSHA1ClientAuthenticator testling("abcdefgh", false, idnConverter.get()); testling.setCredentials("user", createSafeByteArray("pass"), ""); bool result = testling.setChallenge(createByteArray("r=abcdefgiABCDEFGH,s=MTIzNDU2NzgK,i=4096")); @@ -158,7 +161,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture { } void testSetChallenge_OnlyClientNonce() { - SCRAMSHA1ClientAuthenticator testling("abcdefgh"); + SCRAMSHA1ClientAuthenticator testling("abcdefgh", false, idnConverter.get()); testling.setCredentials("user", createSafeByteArray("pass"), ""); bool result = testling.setChallenge(createByteArray("r=abcdefgh,s=MTIzNDU2NzgK,i=4096")); @@ -167,7 +170,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture { } void testSetChallenge_InvalidIterations() { - SCRAMSHA1ClientAuthenticator testling("abcdefgh"); + SCRAMSHA1ClientAuthenticator testling("abcdefgh", false, idnConverter.get()); testling.setCredentials("user", createSafeByteArray("pass"), ""); bool result = testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=bla")); @@ -176,7 +179,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture { } void testSetChallenge_MissingIterations() { - SCRAMSHA1ClientAuthenticator testling("abcdefgh"); + SCRAMSHA1ClientAuthenticator testling("abcdefgh", false, idnConverter.get()); testling.setCredentials("user", createSafeByteArray("pass"), ""); bool result = testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK")); @@ -185,7 +188,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture { } void testSetChallenge_ZeroIterations() { - SCRAMSHA1ClientAuthenticator testling("abcdefgh"); + SCRAMSHA1ClientAuthenticator testling("abcdefgh", false, idnConverter.get()); testling.setCredentials("user", createSafeByteArray("pass"), ""); bool result = testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=0")); @@ -194,7 +197,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture { } void testSetChallenge_NegativeIterations() { - SCRAMSHA1ClientAuthenticator testling("abcdefgh"); + SCRAMSHA1ClientAuthenticator testling("abcdefgh", false, idnConverter.get()); testling.setCredentials("user", createSafeByteArray("pass"), ""); bool result = testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=-1")); @@ -203,7 +206,7 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture { } void testSetFinalChallenge_InvalidChallenge() { - SCRAMSHA1ClientAuthenticator testling("abcdefgh"); + SCRAMSHA1ClientAuthenticator testling("abcdefgh", false, idnConverter.get()); testling.setCredentials("user", createSafeByteArray("pass"), ""); testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096")); bool result = testling.setChallenge(createByteArray("v=e26kI69ICb6zosapLLxrER/631A=")); @@ -212,13 +215,15 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture { } void testGetResponseAfterFinalChallenge() { - SCRAMSHA1ClientAuthenticator testling("abcdefgh"); + SCRAMSHA1ClientAuthenticator testling("abcdefgh", false, idnConverter.get()); testling.setCredentials("user", createSafeByteArray("pass"), ""); testling.setChallenge(createByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=4096")); testling.setChallenge(createByteArray("v=Dd+Q20knZs9jeeK0pi1Mx1Se+yo=")); CPPUNIT_ASSERT(!testling.getResponse()); } + + boost::shared_ptr<IDNConverter> idnConverter; }; CPPUNIT_TEST_SUITE_REGISTRATION(SCRAMSHA1ClientAuthenticatorTest); |