# HG changeset patch # User Paul Aurich # Date 1257660414 0 # Node ID 398ff52e7d62ba88b318d08d28224fb5c749c815 # Parent 338eeaf371e28c928f9786ba200eb45728515c27 Fix the Hi() function and actually 'mtn add' the test file. diff -r 338eeaf371e2 -r 398ff52e7d62 libpurple/protocols/jabber/auth_scram.c --- a/libpurple/protocols/jabber/auth_scram.c Sun Nov 08 03:36:14 2009 +0000 +++ b/libpurple/protocols/jabber/auth_scram.c Sun Nov 08 06:06:54 2009 +0000 @@ -28,13 +28,13 @@ #include "cipher.h" #include "debug.h" - GString *jabber_auth_scram_hi(const gchar *hash, const GString *str, GString *salt, guint iterations) { PurpleCipherContext *context; GString *result; guint i; + guchar prev[20], tmp[20]; /* FIXME: Hardcoded 20 */ g_return_val_if_fail(hash != NULL, NULL); g_return_val_if_fail(str != NULL && str->len > 0, NULL); @@ -55,17 +55,20 @@ purple_cipher_context_append(context, (guchar *)salt->str, salt->len); purple_cipher_context_digest(context, result->allocated_len, (guchar *)result->str, &(result->len)); + memcpy(prev, result->str, result->len); + /* Compute U1...Ui */ for (i = 1; i < iterations; ++i) { - guchar tmp[20]; /* FIXME: hardcoded 20 */ guint j; purple_cipher_context_set_option(context, "hash", (gpointer)hash); purple_cipher_context_set_key_with_len(context, (guchar *)str->str, str->len); - purple_cipher_context_append(context, (guchar *)result->str, result->len); + purple_cipher_context_append(context, prev, result->len); purple_cipher_context_digest(context, sizeof(tmp), tmp, NULL); for (j = 0; j < 20; ++j) result->str[j] ^= tmp[j]; + + memcpy(prev, tmp, result->len); } purple_cipher_context_destroy(context); diff -r 338eeaf371e2 -r 398ff52e7d62 libpurple/tests/test_jabber_scram.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/libpurple/tests/test_jabber_scram.c Sun Nov 08 06:06:54 2009 +0000 @@ -0,0 +1,44 @@ +#include + +#include "tests.h" +#include "../util.h" +#include "../protocols/jabber/auth_scram.h" + +#define assert_pbkdf2_equal(password, salt, count, expected) { \ + GString *p = g_string_new(password); \ + GString *s = g_string_new(salt); \ + GString *result = jabber_auth_scram_hi("sha1", p, s, count); \ + fail_if(result == NULL, "Hi() returned NULL"); \ + fail_if(result->len != 20, "Hi() returned with unexpected length %u", result->len); \ + fail_if(0 != memcmp(result->str, expected, 20), "Hi() returned invalid result"); \ + g_string_free(result, TRUE); \ + g_string_free(s, TRUE); \ + g_string_free(p, TRUE); \ +} + +START_TEST(test_pbkdf2) +{ + assert_pbkdf2_equal("password", "salt", 1, "\x0c\x60\xc8\x0f\x96\x1f\x0e\x71\xf3\xa9\xb5\x24\xaf\x60\x12\x06\x2f\xe0\x37\xa6"); + + assert_pbkdf2_equal("password", "salt", 2, "\xea\x6c\x01\x4d\xc7\x2d\x6f\x8c\xcd\x1e\xd9\x2a\xce\x1d\x41\xf0\xd8\xde\x89\x57"); + + assert_pbkdf2_equal("password", "salt", 4096, "\x4b\x00\x79\x01\xb7\x65\x48\x9a\xbe\xad\x49\xd9\x26\xf7\x21\xd0\x65\xa4\x29\xc1"); + +#if 0 + /* This causes libcheck to time out :-D */ + assert_pbkdf2_equal("password", "salt", 16777216, "\xee\xfe\x3d\x61\xcd\x4d\xa4\xe4\xe9\x94\x5b\x3d\x6b\xa2\x15\x8c\x26\x34\xe9\x84"); +#endif +} +END_TEST + +Suite * +jabber_scram_suite(void) +{ + Suite *s = suite_create("Jabber SASL SCRAM functions"); + + TCase *tc = tcase_create("PBKDF2 Functionality"); + tcase_add_test(tc, test_pbkdf2); + suite_add_tcase(s, tc); + + return s; +}