Mercurial > pidgin
annotate libpurple/protocols/jabber/auth_scram.c @ 28707:c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Client proof calculations function properly, but parsing is untested.
author | Paul Aurich <paul@darkrain42.org> |
---|---|
date | Mon, 09 Nov 2009 03:42:26 +0000 |
parents | 2b4465db73f1 |
children | b0fb53868142 |
rev | line source |
---|---|
28703
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
1 /* |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
2 * purple - Jabber Protocol Plugin |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
3 * |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
4 * Purple is the legal property of its developers, whose names are too numerous |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
5 * to list here. Please refer to the COPYRIGHT file distributed with this |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
6 * source distribution. |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
7 * |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
8 * This program is free software; you can redistribute it and/or modify |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
9 * it under the terms of the GNU General Public License as published by |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
10 * the Free Software Foundation; either version 2 of the License, or |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
11 * (at your option) any later version. |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
12 * |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
13 * This program is distributed in the hope that it will be useful, |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
16 * GNU General Public License for more details. |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
17 * |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
18 * You should have received a copy of the GNU General Public License |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
19 * along with this program; if not, write to the Free Software |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02111-1301 USA |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
21 * |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
22 */ |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
23 #include "internal.h" |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
24 |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
25 #include "auth.h" |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
26 #include "auth_scram.h" |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
27 |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
28 #include "cipher.h" |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
29 #include "debug.h" |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
30 |
28705
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
31 static const struct { |
28707
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
32 const char *mech_substr; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
33 const char *hash; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
34 } mech_hashes[] = { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
35 { "-SHA-1-", "sha1" }, |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
36 }; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
37 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
38 static const struct { |
28705
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
39 const char *hash; |
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
40 guint size; |
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
41 } hash_sizes[] = { |
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
42 { "sha1", 20 }, |
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
43 }; |
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
44 |
28707
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
45 static const gchar *mech_to_hash(const char *mech) |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
46 { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
47 int i; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
48 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
49 g_return_val_if_fail(mech != NULL && *mech != '\0', NULL); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
50 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
51 for (i = 0; i < G_N_ELEMENTS(mech_hashes); ++i) { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
52 if (strstr(mech, mech_hashes[i].mech_substr)) |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
53 return mech_hashes[i].hash; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
54 } |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
55 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
56 return NULL; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
57 } |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
58 |
28705
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
59 static guint hash_to_output_len(const gchar *hash) |
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
60 { |
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
61 int i; |
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
62 |
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
63 g_return_val_if_fail(hash != NULL && *hash != '\0', 0); |
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
64 |
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
65 for (i = 0; i < G_N_ELEMENTS(hash_sizes); ++i) { |
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
66 if (g_str_equal(hash, hash_sizes[i].hash)) |
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
67 return hash_sizes[i].size; |
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
68 } |
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
69 |
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
70 purple_debug_error("jabber", "Unknown SCRAM hash function %s\n", hash); |
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
71 |
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
72 return 0; |
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
73 } |
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
74 |
28707
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
75 guchar *jabber_scram_hi(const gchar *hash, const GString *str, |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
76 GString *salt, guint iterations) |
28703
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
77 { |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
78 PurpleCipherContext *context; |
28707
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
79 guchar *result; |
28703
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
80 guint i; |
28705
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
81 guint hash_len; |
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
82 guchar *prev, *tmp; |
28703
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
83 |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
84 g_return_val_if_fail(hash != NULL, NULL); |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
85 g_return_val_if_fail(str != NULL && str->len > 0, NULL); |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
86 g_return_val_if_fail(salt != NULL && salt->len > 0, NULL); |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
87 g_return_val_if_fail(iterations > 0, NULL); |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
88 |
28705
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
89 hash_len = hash_to_output_len(hash); |
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
90 g_return_val_if_fail(hash_len > 0, NULL); |
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
91 |
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
92 prev = g_new0(guint8, hash_len); |
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
93 tmp = g_new0(guint8, hash_len); |
28707
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
94 result = g_new0(guint8, hash_len); |
28705
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
95 |
28703
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
96 context = purple_cipher_context_new_by_name("hmac", NULL); |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
97 |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
98 /* Append INT(1), a four-octet encoding of the integer 1, most significant |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
99 * octet first. */ |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
100 g_string_append_len(salt, "\0\0\0\1", 4); |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
101 |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
102 /* Compute U0 */ |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
103 purple_cipher_context_set_option(context, "hash", (gpointer)hash); |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
104 purple_cipher_context_set_key_with_len(context, (guchar *)str->str, str->len); |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
105 purple_cipher_context_append(context, (guchar *)salt->str, salt->len); |
28707
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
106 purple_cipher_context_digest(context, hash_len, result, NULL); |
28703
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
107 |
28707
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
108 memcpy(prev, result, hash_len); |
28704
398ff52e7d62
Fix the Hi() function and actually 'mtn add' the test file.
Paul Aurich <paul@darkrain42.org>
parents:
28703
diff
changeset
|
109 |
28703
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
110 /* Compute U1...Ui */ |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
111 for (i = 1; i < iterations; ++i) { |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
112 guint j; |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
113 purple_cipher_context_set_option(context, "hash", (gpointer)hash); |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
114 purple_cipher_context_set_key_with_len(context, (guchar *)str->str, str->len); |
28705
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
115 purple_cipher_context_append(context, prev, hash_len); |
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
116 purple_cipher_context_digest(context, hash_len, tmp, NULL); |
28703
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
117 |
28705
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
118 for (j = 0; j < hash_len; ++j) |
28707
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
119 result[j] ^= tmp[j]; |
28704
398ff52e7d62
Fix the Hi() function and actually 'mtn add' the test file.
Paul Aurich <paul@darkrain42.org>
parents:
28703
diff
changeset
|
120 |
28705
ec843b380a1d
How is it that there's no programmatic way to get the output size of the hash functions without resorting to a hardcoded table? Or did I miss something?
Paul Aurich <paul@darkrain42.org>
parents:
28704
diff
changeset
|
121 memcpy(prev, tmp, hash_len); |
28703
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
122 } |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
123 |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
124 purple_cipher_context_destroy(context); |
28706
2b4465db73f1
Clean up the two temporary buffers.
Paul Aurich <paul@darkrain42.org>
parents:
28705
diff
changeset
|
125 g_free(tmp); |
2b4465db73f1
Clean up the two temporary buffers.
Paul Aurich <paul@darkrain42.org>
parents:
28705
diff
changeset
|
126 g_free(prev); |
28703
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
127 return result; |
338eeaf371e2
jabber: Add the Hi() function (PBKDF2).
Paul Aurich <paul@darkrain42.org>
parents:
diff
changeset
|
128 } |
28707
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
129 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
130 /* |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
131 * Helper functions for doing the SCRAM calculations. The first argument |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
132 * is the hash algorithm and the second (len) is the length of the output |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
133 * buffer and key/data (the fourth argument). |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
134 * "str" is a NULL-terminated string for hmac(). |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
135 * |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
136 * Needless to say, these are fragile. |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
137 */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
138 static void |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
139 hmac(const gchar *hash_alg, gsize len, guchar *out, const guchar *key, const gchar *str) |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
140 { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
141 PurpleCipherContext *context; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
142 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
143 context = purple_cipher_context_new_by_name("hmac", NULL); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
144 purple_cipher_context_set_option(context, "hash", (gpointer)hash_alg); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
145 purple_cipher_context_set_key_with_len(context, key, len); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
146 purple_cipher_context_append(context, (guchar *)str, strlen(str)); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
147 purple_cipher_context_digest(context, len, out, NULL); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
148 purple_cipher_context_destroy(context); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
149 } |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
150 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
151 static void |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
152 hash(const gchar *hash_alg, gsize len, guchar *out, const guchar *data) |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
153 { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
154 PurpleCipherContext *context; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
155 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
156 context = purple_cipher_context_new_by_name(hash_alg, NULL); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
157 purple_cipher_context_append(context, data, len); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
158 purple_cipher_context_digest(context, len, out, NULL); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
159 purple_cipher_context_destroy(context); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
160 } |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
161 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
162 gboolean |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
163 jabber_scram_calc_proofs(JabberScramData *data, const char *password, |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
164 GString *salt, guint iterations) |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
165 { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
166 guint hash_len = hash_to_output_len(data->hash); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
167 guint i; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
168 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
169 GString *pass = g_string_new(password); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
170 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
171 guchar *salted_password; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
172 guchar client_key[hash_len]; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
173 guchar stored_key[hash_len]; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
174 guchar client_signature[hash_len]; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
175 guchar server_key[hash_len]; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
176 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
177 data->client_proof = g_string_sized_new(hash_len); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
178 data->client_proof->len = hash_len; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
179 data->server_signature = g_string_sized_new(hash_len); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
180 data->server_signature->len = hash_len; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
181 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
182 salted_password = jabber_scram_hi(data->hash, pass, salt, iterations); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
183 g_string_free(pass, TRUE); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
184 if (!salted_password) |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
185 return FALSE; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
186 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
187 /* client_key = HMAC(salted_password, "Client Key") */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
188 hmac(data->hash, hash_len, client_key, salted_password, "Client Key"); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
189 /* server_key = HMAC(salted_password, "Server Key") */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
190 hmac(data->hash, hash_len, server_key, salted_password, "Server Key"); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
191 g_free(salted_password); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
192 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
193 /* stored_key = HASH(client_key) */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
194 hash(data->hash, hash_len, stored_key, client_key); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
195 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
196 /* client_signature = HMAC(stored_key, auth_message) */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
197 hmac(data->hash, hash_len, client_signature, stored_key, data->auth_message->str); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
198 /* server_signature = HMAC(server_key, auth_message) */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
199 hmac(data->hash, hash_len, (guchar *)data->server_signature->str, server_key, data->auth_message->str); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
200 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
201 /* client_proof = client_key XOR client_signature */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
202 for (i = 0; i < hash_len; ++i) |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
203 data->client_proof->str[i] = client_key[i] ^ client_signature[i]; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
204 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
205 return TRUE; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
206 } |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
207 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
208 static gboolean |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
209 parse_challenge(JabberScramData *data, const char *challenge, |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
210 gchar **out_nonce, GString **out_salt, guint *out_iterations) |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
211 { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
212 gsize cnonce_len; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
213 const char *cur; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
214 const char *end; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
215 const char *val_start, *val_end; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
216 char *tmp, *decoded; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
217 gsize decoded_len; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
218 char *nonce; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
219 GString *salt; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
220 guint iterations; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
221 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
222 cur = challenge; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
223 end = challenge + strlen(challenge); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
224 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
225 if (cur[0] != 'r' || cur[1] != '=') |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
226 return FALSE; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
227 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
228 val_start = cur + 2; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
229 val_end = strchr(val_start, ','); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
230 if (val_end == NULL) |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
231 return FALSE; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
232 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
233 /* Ensure that the first cnonce_len bytes of the nonce are the original |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
234 * cnonce we sent to the server. |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
235 */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
236 cnonce_len = strlen(data->cnonce); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
237 if ((val_end - val_start + 1) <= cnonce_len || |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
238 strncmp(data->cnonce, val_start, cnonce_len) != 0) |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
239 return FALSE; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
240 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
241 nonce = g_strndup(val_start, val_end - val_start + 1); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
242 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
243 /* The Salt, base64-encoded */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
244 cur = val_end + 1; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
245 if (cur[0] != 's' || cur[1] != '=') { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
246 g_free(nonce); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
247 return FALSE; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
248 } |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
249 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
250 val_start = cur + 2; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
251 val_end = strchr(val_start, ','); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
252 if (val_end == NULL) { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
253 g_free(nonce); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
254 return FALSE; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
255 } |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
256 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
257 tmp = g_strndup(val_start, val_end - val_start + 1); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
258 decoded = (gchar *)purple_base64_decode(tmp, &decoded_len); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
259 g_free(tmp); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
260 salt = g_string_new_len(decoded, decoded_len); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
261 g_free(decoded); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
262 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
263 /* The iteration count */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
264 cur = val_end + 1; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
265 if (cur[0] != 'i' || cur[1] != '=') { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
266 g_free(nonce); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
267 g_string_free(salt, TRUE); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
268 return FALSE; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
269 } |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
270 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
271 val_start = cur + 2; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
272 val_end = strchr(val_start, ','); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
273 if (val_end == NULL) |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
274 /* There could be extensions. This should possibly be a hard fail. */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
275 val_end = end - 1; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
276 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
277 /* Validate the string */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
278 for (tmp = (gchar *)val_start; tmp != val_end; ++tmp) { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
279 if (!g_ascii_isdigit(*tmp)) { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
280 g_free(nonce); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
281 g_string_free(salt, TRUE); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
282 return FALSE; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
283 } |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
284 } |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
285 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
286 tmp = g_strndup(val_start, val_end - val_start + 1); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
287 iterations = strtoul(tmp, NULL, 10); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
288 g_free(tmp); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
289 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
290 *out_nonce = nonce; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
291 *out_salt = salt; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
292 *out_iterations = iterations; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
293 return TRUE; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
294 } |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
295 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
296 static gboolean |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
297 parse_success(JabberScramData *data, const char *success, |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
298 gchar **out_verifier) |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
299 { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
300 const char *cur; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
301 const char *val_start, *val_end; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
302 const char *end; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
303 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
304 char *verifier; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
305 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
306 g_return_val_if_fail(data != NULL, FALSE); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
307 g_return_val_if_fail(success != NULL, FALSE); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
308 g_return_val_if_fail(out_verifier != NULL, FALSE); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
309 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
310 cur = success; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
311 end = cur + strlen(cur); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
312 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
313 if (cur[0] != 'v' || cur[1] != '=') { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
314 /* TODO: Error handling */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
315 return FALSE; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
316 } |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
317 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
318 val_start = cur + 2; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
319 val_end = strchr(val_start, ','); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
320 if (val_end == NULL) |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
321 /* TODO: Maybe make this a strict check on not having any extensions? */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
322 val_end = end - 1; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
323 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
324 verifier = g_strndup(val_start, val_end - val_start + 1); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
325 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
326 *out_verifier = verifier; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
327 return TRUE; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
328 } |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
329 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
330 static xmlnode *scram_start(JabberStream *js, xmlnode *mechanisms) |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
331 { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
332 xmlnode *reply; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
333 JabberScramData *data; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
334 guint64 cnonce; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
335 #ifdef CHANNEL_BINDING |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
336 gboolean binding_supported = TRUE; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
337 #endif |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
338 gchar *dec_out, *enc_out; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
339 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
340 data = js->auth_mech_data = g_new0(JabberScramData, 1); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
341 data->hash = mech_to_hash(js->auth_mech->name); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
342 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
343 #ifdef CHANNEL_BINDING |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
344 if (strstr(js->auth_mech_name, "-PLUS")) |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
345 data->channel_binding = TRUE; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
346 #endif |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
347 cnonce = ((guint64)g_random_int() << 32) | g_random_int(); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
348 data->cnonce = purple_base64_encode((guchar *)cnonce, sizeof(cnonce)); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
349 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
350 data->auth_message = g_string_new(NULL); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
351 g_string_printf(data->auth_message, "n=%s,r=%s", |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
352 js->user->node /* TODO: SaslPrep */, |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
353 data->cnonce); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
354 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
355 reply = xmlnode_new("auth"); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
356 xmlnode_set_namespace(reply, "urn:ietf:params:xml:ns:xmpp-sasl"); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
357 xmlnode_set_attrib(reply, "mechanism", js->auth_mech->name); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
358 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
359 /* TODO: Channel binding */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
360 dec_out = g_strdup_printf("%c,,%s", 'n', data->auth_message->str); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
361 enc_out = purple_base64_encode((guchar *)dec_out, strlen(dec_out)); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
362 purple_debug_misc("jabber", "initial SCRAM message '%s'\n", dec_out); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
363 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
364 xmlnode_insert_data(reply, enc_out, -1); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
365 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
366 g_free(enc_out); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
367 g_free(dec_out); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
368 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
369 return reply; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
370 } |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
371 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
372 static xmlnode *scram_handle_challenge(JabberStream *js, xmlnode *challenge) |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
373 { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
374 JabberScramData *data = js->auth_mech_data; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
375 xmlnode *reply; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
376 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
377 gchar *enc_in, *dec_in; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
378 gchar *enc_out, *dec_out; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
379 gsize decoded_size; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
380 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
381 gchar *enc_proof; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
382 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
383 gchar *nonce; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
384 GString *salt; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
385 guint iterations; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
386 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
387 g_return_val_if_fail(data != NULL, NULL); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
388 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
389 enc_in = xmlnode_get_data(challenge); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
390 /* TODO: Error handling */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
391 g_return_val_if_fail(enc_in != NULL && *enc_in != '\0', NULL); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
392 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
393 dec_in = (gchar *)purple_base64_decode(enc_in, &decoded_size); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
394 g_free(enc_in); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
395 if (!dec_in || decoded_size != strlen(dec_in)) { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
396 /* Danger afoot; SCRAM shouldn't contain NUL bytes */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
397 /* TODO: Error handling */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
398 g_free(dec_in); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
399 return NULL; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
400 } |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
401 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
402 purple_debug_misc("jabber", "decoded challenge (%" G_GSIZE_FORMAT "): %s\n", |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
403 decoded_size, dec_in); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
404 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
405 g_string_append_c(data->auth_message, ','); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
406 g_string_append(data->auth_message, dec_in); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
407 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
408 if (!parse_challenge(data, dec_in, &nonce, &salt, &iterations)) { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
409 /* TODO: Error handling */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
410 return NULL; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
411 } |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
412 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
413 g_string_append_c(data->auth_message, ','); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
414 /* "biwsCg==" is the base64 encoding of "n,,". I promise. */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
415 g_string_append_printf(data->auth_message, "c=%s,r=%s", "biwsCg==", nonce); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
416 #ifdef CHANNEL_BINDING |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
417 #error fix this |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
418 #endif |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
419 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
420 if (!jabber_scram_calc_proofs(data, purple_connection_get_password(js->gc), salt, iterations)) { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
421 /* TODO: Error handling */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
422 return NULL; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
423 } |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
424 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
425 reply = xmlnode_new("response"); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
426 xmlnode_set_namespace(reply, "urn:ietf:params:xml:ns:xmpp-sasl"); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
427 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
428 enc_proof = purple_base64_encode((guchar *)data->client_proof->str, data->client_proof->len); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
429 dec_out = g_strdup_printf("c=%s,r=%s,p=%s", "biwsCg==", nonce, enc_proof); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
430 enc_out = purple_base64_encode((guchar *)dec_out, strlen(dec_out)); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
431 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
432 purple_debug_misc("jabber", "decoded response (%" G_GSIZE_FORMAT "): %s\n", |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
433 strlen(dec_out), dec_out); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
434 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
435 xmlnode_insert_data(reply, enc_out, -1); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
436 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
437 g_free(enc_out); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
438 g_free(dec_out); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
439 g_free(enc_proof); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
440 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
441 return reply; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
442 } |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
443 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
444 static gboolean scram_handle_success(JabberStream *js, xmlnode *packet) |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
445 { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
446 JabberScramData *data = js->auth_mech_data; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
447 char *enc_in, *dec_in; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
448 char *enc_server_signature; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
449 guchar *server_signature; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
450 gsize decoded_size; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
451 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
452 enc_in = xmlnode_get_data(packet); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
453 /* TODO: Error handling */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
454 g_return_val_if_fail(enc_in != NULL && *enc_in != '\0', FALSE); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
455 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
456 dec_in = (gchar *)purple_base64_decode(enc_in, &decoded_size); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
457 g_free(enc_in); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
458 if (!dec_in || decoded_size != strlen(dec_in)) { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
459 /* Danger afoot; SCRAM shouldn't contain NUL bytes */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
460 /* TODO: Error handling */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
461 g_free(dec_in); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
462 return FALSE; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
463 } |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
464 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
465 purple_debug_misc("jabber", "decoded success (%" G_GSIZE_FORMAT "): %s\n", |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
466 decoded_size, dec_in); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
467 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
468 if (!parse_success(data, dec_in, &enc_server_signature)) { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
469 /* TODO: Error handling */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
470 return FALSE; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
471 } |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
472 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
473 server_signature = purple_base64_decode(enc_server_signature, &decoded_size); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
474 if (server_signature == NULL) { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
475 /* TODO: Error handling */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
476 return FALSE; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
477 } |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
478 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
479 if (decoded_size != data->server_signature->len) { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
480 /* TODO: Error handling */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
481 purple_debug_error("jabber", "SCRAM server signature wrong length (was " |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
482 "(was %" G_GSIZE_FORMAT ", expected %" G_GSIZE_FORMAT ")\n", |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
483 decoded_size, data->server_signature->len); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
484 return FALSE; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
485 } |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
486 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
487 if (0 != memcmp(server_signature, data->server_signature->str, decoded_size)) { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
488 /* TODO: Error handling */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
489 purple_debug_error("jabber", "SCRAM server signature did not match!\n"); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
490 return FALSE; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
491 } |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
492 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
493 /* Hooray */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
494 return TRUE; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
495 } |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
496 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
497 static void scram_dispose(JabberStream *js) |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
498 { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
499 if (js->auth_mech_data) { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
500 JabberScramData *data = js->auth_mech_data; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
501 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
502 g_free(data->cnonce); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
503 if (data->auth_message) |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
504 g_string_free(data->auth_message, TRUE); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
505 if (data->client_proof) |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
506 g_string_free(data->client_proof, TRUE); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
507 if (data->server_signature) |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
508 g_string_free(data->server_signature, TRUE); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
509 g_free(data); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
510 js->auth_mech_data = NULL; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
511 } |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
512 } |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
513 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
514 static JabberSaslMech scram_sha1_mech = { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
515 50, /* priority */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
516 "SCRAM-SHA-1", /* name */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
517 scram_start, |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
518 scram_handle_challenge, |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
519 scram_handle_success, |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
520 NULL, /* handle_failure */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
521 scram_dispose |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
522 }; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
523 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
524 #ifdef CHANNEL_BINDING |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
525 /* With channel binding */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
526 static JabberSaslMech scram_sha1_plus_mech = { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
527 scram_sha1_mech.priority + 1, /* priority */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
528 "SCRAM-SHA-1-PLUS", /* name */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
529 scram_start, |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
530 scram_handle_challenge, |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
531 scram_handle_success, |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
532 NULL, /* handle_failure */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
533 scram_dispose |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
534 }; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
535 #endif |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
536 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
537 /* For tests */ |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
538 JabberSaslMech *jabber_scram_get_sha1(void) |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
539 { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
540 return &scram_sha1_mech; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
541 } |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
542 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
543 JabberSaslMech **jabber_auth_get_scram_mechs(gint *count) |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
544 { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
545 static JabberSaslMech *mechs[] = { |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
546 &scram_sha1_mech, |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
547 #ifdef CHANNEL_BINDING |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
548 &scram_sha1_plus_mech, |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
549 #endif |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
550 }; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
551 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
552 g_return_val_if_fail(count != NULL, NULL); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
553 |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
554 *count = G_N_ELEMENTS(mechs); |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
555 return mechs; |
c1d41b7484ff
jabber: Complete (though untested) SCRAM implementation.
Paul Aurich <paul@darkrain42.org>
parents:
28706
diff
changeset
|
556 } |