From d9ca66fa828e99ec5b4067d954c97d882b9ab8fe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Remko=20Tron=C3=A7on?= Date: Sun, 22 Nov 2009 17:39:21 +0100 Subject: Added SCRAM-SHA-1 test for invalid iteration count. diff --git a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp index ab61ef5..b55e5e4 100644 --- a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp +++ b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp @@ -36,12 +36,13 @@ bool SCRAMSHA1ClientAuthenticator::setChallenge(const ByteArray& challenge) { if (step == Initial) { initialServerMessage = challenge; - // TODO: Check if this is correct std::map keys = parseMap(String(initialServerMessage.getData(), initialServerMessage.getSize())); + + // Extract the salt ByteArray salt = Base64::decode(keys['s']); - String clientServerNonce = keys['r']; // Extract the server nonce + String clientServerNonce = keys['r']; if (clientServerNonce.getUTF8Size() <= clientnonce.getUTF8Size()) { return false; } @@ -50,7 +51,18 @@ bool SCRAMSHA1ClientAuthenticator::setChallenge(const ByteArray& challenge) { return false; } serverNonce = clientServerNonce.getSubstring(clientnonce.getUTF8Size(), clientServerNonce.npos()); - int iterations = boost::lexical_cast(keys['i'].getUTF8String()); + + // Extract the number of iterations + int iterations = 0; + try { + iterations = boost::lexical_cast(keys['i'].getUTF8String()); + } + catch (const boost::bad_lexical_cast&) { + return false; + } + if (iterations <= 0) { + return false; + } // Compute all the values needed for the server signature saltedPassword = PBKDF2::encode(StringPrep::getPrepared(getPassword(), StringPrep::SASLPrep), salt, iterations); diff --git a/Swiften/SASL/UnitTest/SCRAMSHA1ClientAuthenticatorTest.cpp b/Swiften/SASL/UnitTest/SCRAMSHA1ClientAuthenticatorTest.cpp index 01adc18..6558ec7 100644 --- a/Swiften/SASL/UnitTest/SCRAMSHA1ClientAuthenticatorTest.cpp +++ b/Swiften/SASL/UnitTest/SCRAMSHA1ClientAuthenticatorTest.cpp @@ -14,6 +14,10 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture { CPPUNIT_TEST(testSetChallenge); CPPUNIT_TEST(testSetChallenge_InvalidClientNonce); CPPUNIT_TEST(testSetChallenge_OnlyClientNonce); + CPPUNIT_TEST(testSetChallenge_InvalidIterations); + CPPUNIT_TEST(testSetChallenge_ZeroIterations); + CPPUNIT_TEST(testSetChallenge_NegativeIterations); + CPPUNIT_TEST(testSetChallenge_MissingIterations); CPPUNIT_TEST(testSetFinalChallenge); CPPUNIT_TEST(testSetFinalChallenge_InvalidChallenge); CPPUNIT_TEST_SUITE_END(); @@ -86,6 +90,42 @@ class SCRAMSHA1ClientAuthenticatorTest : public CppUnit::TestFixture { CPPUNIT_ASSERT(!result); } + void testSetChallenge_InvalidIterations() { + SCRAMSHA1ClientAuthenticator testling("abcdefgh"); + testling.setCredentials("user", "pass", ""); + + bool result = testling.setChallenge(ByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=bla")); + + CPPUNIT_ASSERT(!result); + } + + void testSetChallenge_MissingIterations() { + SCRAMSHA1ClientAuthenticator testling("abcdefgh"); + testling.setCredentials("user", "pass", ""); + + bool result = testling.setChallenge(ByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK")); + + CPPUNIT_ASSERT(!result); + } + + void testSetChallenge_ZeroIterations() { + SCRAMSHA1ClientAuthenticator testling("abcdefgh"); + testling.setCredentials("user", "pass", ""); + + bool result = testling.setChallenge(ByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=0")); + + CPPUNIT_ASSERT(!result); + } + + void testSetChallenge_NegativeIterations() { + SCRAMSHA1ClientAuthenticator testling("abcdefgh"); + testling.setCredentials("user", "pass", ""); + + bool result = testling.setChallenge(ByteArray("r=abcdefghABCDEFGH,s=MTIzNDU2NzgK,i=-1")); + + CPPUNIT_ASSERT(!result); + } + void testSetFinalChallenge_InvalidChallenge() { SCRAMSHA1ClientAuthenticator testling("abcdefgh"); testling.setCredentials("user", "pass", ""); -- cgit v0.10.2-6-g49f6