changeset 29085:338eeaf371e2

jabber: Add the Hi() function (PBKDF2). The single test is taken from draft-josefsson-pbkdf2-test-vectors.
author Paul Aurich <paul@darkrain42.org>
date Sun, 08 Nov 2009 03:36:14 +0000
parents f3c65de7d864
children 398ff52e7d62
files libpurple/protocols/jabber/Makefile.am libpurple/protocols/jabber/auth_scram.c libpurple/protocols/jabber/auth_scram.h libpurple/tests/Makefile.am libpurple/tests/check_libpurple.c libpurple/tests/tests.h
diffstat 6 files changed, 120 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/libpurple/protocols/jabber/Makefile.am	Sun Nov 08 03:34:48 2009 +0000
+++ b/libpurple/protocols/jabber/Makefile.am	Sun Nov 08 03:36:14 2009 +0000
@@ -9,6 +9,8 @@
 			  auth.h \
 			  auth_digest_md5.c \
 			  auth_plain.c \
+			  auth_scram.c \
+			  auth_scram.h \
 			  buddy.c \
 			  buddy.h \
 			  bosh.c \
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/libpurple/protocols/jabber/auth_scram.c	Sun Nov 08 03:36:14 2009 +0000
@@ -0,0 +1,73 @@
+/*
+ * purple - Jabber Protocol Plugin
+ *
+ * Purple is the legal property of its developers, whose names are too numerous
+ * to list here.  Please refer to the COPYRIGHT file distributed with this
+ * source distribution.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02111-1301  USA
+ *
+ */
+#include "internal.h"
+
+#include "auth.h"
+#include "auth_scram.h"
+
+#include "cipher.h"
+#include "debug.h"
+
+
+GString *jabber_auth_scram_hi(const gchar *hash, const GString *str,
+                              GString *salt, guint iterations)
+{
+	PurpleCipherContext *context;
+	GString *result;
+	guint i;
+
+	g_return_val_if_fail(hash != NULL, NULL);
+	g_return_val_if_fail(str != NULL && str->len > 0, NULL);
+	g_return_val_if_fail(salt != NULL && salt->len > 0, NULL);
+	g_return_val_if_fail(iterations > 0, NULL);
+
+	context = purple_cipher_context_new_by_name("hmac", NULL);
+
+	/* Append INT(1), a four-octet encoding of the integer 1, most significant
+	 * octet first. */
+	g_string_append_len(salt, "\0\0\0\1", 4);
+
+	result = g_string_sized_new(20); /* FIXME: Hardcoded 20 */
+
+	/* Compute U0 */
+	purple_cipher_context_set_option(context, "hash", (gpointer)hash);
+	purple_cipher_context_set_key_with_len(context, (guchar *)str->str, str->len);
+	purple_cipher_context_append(context, (guchar *)salt->str, salt->len);
+	purple_cipher_context_digest(context, result->allocated_len, (guchar *)result->str, &(result->len));
+
+	/* Compute U1...Ui */
+	for (i = 1; i < iterations; ++i) {
+		guchar tmp[20]; /* FIXME: hardcoded 20 */
+		guint j;
+		purple_cipher_context_set_option(context, "hash", (gpointer)hash);
+		purple_cipher_context_set_key_with_len(context, (guchar *)str->str, str->len);
+		purple_cipher_context_append(context, (guchar *)result->str, result->len);
+		purple_cipher_context_digest(context, sizeof(tmp), tmp, NULL);
+
+		for (j = 0; j < 20; ++j)
+			result->str[j] ^= tmp[j];
+	}
+
+	purple_cipher_context_destroy(context);
+	return result;
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/libpurple/protocols/jabber/auth_scram.h	Sun Nov 08 03:36:14 2009 +0000
@@ -0,0 +1,42 @@
+/**
+ * @file auth_scram.h Implementation of SASL-SCRAM authentication
+ *
+ * purple
+ *
+ * Purple is the legal property of its developers, whose names are too numerous
+ * to list here.  Please refer to the COPYRIGHT file distributed with this
+ * source distribution.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02111-1301  USA
+ */
+#ifndef PURPLE_JABBER_AUTH_SCRAM_H_
+#define PURPLE_JABBER_AUTH_SCRAM_H_
+
+/**
+ * Implements the Hi() function as described in the SASL-SCRAM I-D.
+ *
+ * @param hash The name of a hash function to be used with HMAC.  This should
+ *             be suitable to be passed to the libpurple cipher API.  Typically
+ *             it will be "sha1".
+ * @param str  The string to perform the PBKDF2 operation on.
+ * @param salt The salt.
+ * @param iterations The number of iterations to perform.
+ *
+ * @returns A newly allocated string containing the result.
+ */
+GString *jabber_auth_scram_hi(const char *hash, const GString *str,
+                              GString *salt, guint iterations);
+
+#endif /* PURPLE_JABBER_AUTH_SCRAM_H_ */
--- a/libpurple/tests/Makefile.am	Sun Nov 08 03:34:48 2009 +0000
+++ b/libpurple/tests/Makefile.am	Sun Nov 08 03:36:14 2009 +0000
@@ -11,6 +11,7 @@
 	    tests.h \
 		test_cipher.c \
 		test_jabber_jutil.c \
+		test_jabber_scram.c \
 		test_qq.c \
 		test_yahoo_util.c \
 		test_util.c \
--- a/libpurple/tests/check_libpurple.c	Sun Nov 08 03:34:48 2009 +0000
+++ b/libpurple/tests/check_libpurple.c	Sun Nov 08 03:36:14 2009 +0000
@@ -76,6 +76,7 @@
 
 	srunner_add_suite(sr, cipher_suite());
 	srunner_add_suite(sr, jabber_jutil_suite());
+	srunner_add_suite(sr, jabber_scram_suite());
 	srunner_add_suite(sr, qq_suite());
 	srunner_add_suite(sr, yahoo_util_suite());
 	srunner_add_suite(sr, util_suite());
--- a/libpurple/tests/tests.h	Sun Nov 08 03:34:48 2009 +0000
+++ b/libpurple/tests/tests.h	Sun Nov 08 03:36:14 2009 +0000
@@ -10,6 +10,7 @@
 Suite * master_suite(void);
 Suite * cipher_suite(void);
 Suite * jabber_jutil_suite(void);
+Suite * jabber_scram_suite(void);
 Suite * qq_suite(void);
 Suite * yahoo_util_suite(void);
 Suite * util_suite(void);