︙ | | | ︙ | |
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
#import "XMPPSCRAMAuth.h"
#import "XMPPExceptions.h"
#define HMAC_IPAD 0x36
#define HMAC_OPAD 0x5c
OF_ASSUME_NONNULL_BEGIN
@interface XMPPSCRAMAuth ()
- (OFString *)XMPP_genNonce;
- (const uint8_t *)XMPP_HMACWithKey: (OFData *)key
data: (OFData *)data;
- (OFData *)XMPP_hiWithData: (OFData *)str
salt: (OFData *)salt
iterationCount: (intmax_t)i;
- (OFData *)XMPP_parseServerFirstMessage: (OFData *)data;
- (OFData *)XMPP_parseServerFinalMessage: (OFData *)data;
@end
OF_ASSUME_NONNULL_END
@implementation XMPPSCRAMAuth
+ (instancetype)SCRAMAuthWithAuthcid: (OFString *)authcid
password: (OFString *)password
connection: (XMPPConnection *)connection
hash: (Class)hash
plusAvailable: (bool)plusAvailable
{
|
<
<
|
|
|
|
|
<
<
|
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
#import "XMPPSCRAMAuth.h"
#import "XMPPExceptions.h"
#define HMAC_IPAD 0x36
#define HMAC_OPAD 0x5c
@interface XMPPSCRAMAuth ()
- (OFString *)xmpp_genNonce;
- (const uint8_t *)xmpp_HMACWithKey: (OFData *)key
data: (OFData *)data;
- (OFData *)xmpp_hiWithData: (OFData *)str
salt: (OFData *)salt
iterationCount: (intmax_t)i;
- (OFData *)xmpp_parseServerFirstMessage: (OFData *)data;
- (OFData *)xmpp_parseServerFinalMessage: (OFData *)data;
@end
@implementation XMPPSCRAMAuth
+ (instancetype)SCRAMAuthWithAuthcid: (OFString *)authcid
password: (OFString *)password
connection: (XMPPConnection *)connection
hash: (Class)hash
plusAvailable: (bool)plusAvailable
{
|
︙ | | | ︙ | |
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
authcid: authcid
password: password
connection: connection
hash: hash
plusAvailable: plusAvailable] autorelease];
}
- initWithAuthcid: (OFString *)authcid
password: (OFString *)password
connection: (XMPPConnection *)connection
hash: (Class)hash
plusAvailable: (bool)plusAvailable
{
return [self initWithAuthzid: nil
authcid: authcid
password: password
connection: connection
hash: hash
plusAvailable: plusAvailable];
}
- initWithAuthzid: (OFString *)authzid
authcid: (OFString *)authcid
password: (OFString *)password
connection: (XMPPConnection *)connection
hash: (Class)hash
plusAvailable: (bool)plusAvailable
{
self = [super initWithAuthzid: authzid
authcid: authcid
password: password];
_hashType = hash;
_plusAvailable = plusAvailable;
|
|
|
|
|
|
|
|
|
|
|
|
|
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
|
authcid: authcid
password: password
connection: connection
hash: hash
plusAvailable: plusAvailable] autorelease];
}
- (instancetype)initWithAuthcid: (OFString *)authcid
password: (OFString *)password
connection: (XMPPConnection *)connection
hash: (Class)hash
plusAvailable: (bool)plusAvailable
{
return [self initWithAuthzid: nil
authcid: authcid
password: password
connection: connection
hash: hash
plusAvailable: plusAvailable];
}
- (instancetype)initWithAuthzid: (OFString *)authzid
authcid: (OFString *)authcid
password: (OFString *)password
connection: (XMPPConnection *)connection
hash: (Class)hash
plusAvailable: (bool)plusAvailable
{
self = [super initWithAuthzid: authzid
authcid: authcid
password: password];
_hashType = hash;
_plusAvailable = plusAvailable;
|
︙ | | | ︙ | |
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
|
_GS2Header = [[OFString alloc]
initWithFormat: @"%@,a=%@,",
(_plusAvailable ? @"p=tls-unique" : @"y"),
_authzid];
else
_GS2Header = (_plusAvailable ? @"p=tls-unique,," : @"y,,");
_cNonce = [[self XMPP_genNonce] retain];
[_clientFirstMessageBare release];
_clientFirstMessageBare = nil;
_clientFirstMessageBare = [[OFString alloc]
initWithFormat: @"n=%@,r=%@", _authcid, _cNonce];
[ret addItems: [_GS2Header UTF8String]
|
|
|
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
|
_GS2Header = [[OFString alloc]
initWithFormat: @"%@,a=%@,",
(_plusAvailable ? @"p=tls-unique" : @"y"),
_authzid];
else
_GS2Header = (_plusAvailable ? @"p=tls-unique,," : @"y,,");
_cNonce = [[self xmpp_genNonce] retain];
[_clientFirstMessageBare release];
_clientFirstMessageBare = nil;
_clientFirstMessageBare = [[OFString alloc]
initWithFormat: @"n=%@,r=%@", _authcid, _cNonce];
[ret addItems: [_GS2Header UTF8String]
|
︙ | | | ︙ | |
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
|
- (OFData *)continueWithData: (OFData *)data
{
OFAutoreleasePool *pool = [[OFAutoreleasePool alloc] init];
OFData *ret;
if (!_serverSignature)
ret = [self XMPP_parseServerFirstMessage: data];
else
ret = [self XMPP_parseServerFinalMessage: data];
[ret retain];
[pool release];
return [ret autorelease];
}
- (OFData *)XMPP_parseServerFirstMessage: (OFData *)data
{
size_t i;
const uint8_t *clientKey, *serverKey, *clientSignature;
intmax_t iterCount = 0;
id <OFCryptoHash> hash;
OFMutableData *ret, *authMessage, *tmpArray;
OFData *salt = nil, *saltedPassword;
OFString *tmpString, *sNonce = nil;
OFEnumerator *enumerator;
OFString *comp;
enum {
GOT_SNONCE = 0x01,
GOT_SALT = 0x02,
GOT_ITERCOUNT = 0x04
} got = 0;
hash = [[[_hashType alloc] init] autorelease];
ret = [OFMutableData data];
authMessage = [OFMutableData data];
OFString *chal = [OFString stringWithUTF8String: [data items]
length: [data count] *
[data itemSize]];
enumerator =
[[chal componentsSeparatedByString: @","] objectEnumerator];
while ((comp = [enumerator nextObject]) != nil) {
OFString *entry = [comp substringWithRange:
of_range(2, [comp length] - 2)];
if ([comp hasPrefix: @"r="]) {
if (![entry hasPrefix: _cNonce])
@throw [XMPPAuthFailedException
exceptionWithConnection: nil
reason: @"Received wrong "
@"nonce"];
sNonce = entry;
got |= GOT_SNONCE;
} else if ([comp hasPrefix: @"s="]) {
salt = [OFData dataWithBase64EncodedString: entry];
got |= GOT_SALT;
} else if ([comp hasPrefix: @"i="]) {
iterCount = [entry decimalValue];
got |= GOT_ITERCOUNT;
}
}
if (got != (GOT_SNONCE | GOT_SALT | GOT_ITERCOUNT))
@throw [OFInvalidServerReplyException exception];
|
|
|
|
<
<
|
|
|
|
|
<
|
|
|
|
|
|
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
|
- (OFData *)continueWithData: (OFData *)data
{
OFAutoreleasePool *pool = [[OFAutoreleasePool alloc] init];
OFData *ret;
if (!_serverSignature)
ret = [self xmpp_parseServerFirstMessage: data];
else
ret = [self xmpp_parseServerFinalMessage: data];
[ret retain];
[pool release];
return [ret autorelease];
}
- (OFData *)xmpp_parseServerFirstMessage: (OFData *)data
{
size_t i;
const uint8_t *clientKey, *serverKey, *clientSignature;
intmax_t iterCount = 0;
id <OFCryptoHash> hash;
OFMutableData *ret, *authMessage, *tmpArray;
OFData *salt = nil, *saltedPassword;
OFString *tmpString, *sNonce = nil;
enum {
GOT_SNONCE = 0x01,
GOT_SALT = 0x02,
GOT_ITERCOUNT = 0x04
} got = 0;
hash = [[[_hashType alloc] init] autorelease];
ret = [OFMutableData data];
authMessage = [OFMutableData data];
OFString *challenge = [OFString stringWithUTF8String: [data items]
length: [data count] *
[data itemSize]];
for (OFString *component in
[challenge componentsSeparatedByString: @","]) {
OFString *entry = [component substringWithRange:
of_range(2, [component length] - 2)];
if ([component hasPrefix: @"r="]) {
if (![entry hasPrefix: _cNonce])
@throw [XMPPAuthFailedException
exceptionWithConnection: nil
reason: @"Received wrong "
@"nonce"];
sNonce = entry;
got |= GOT_SNONCE;
} else if ([component hasPrefix: @"s="]) {
salt = [OFData dataWithBase64EncodedString: entry];
got |= GOT_SALT;
} else if ([component hasPrefix: @"i="]) {
iterCount = [entry decimalValue];
got |= GOT_ITERCOUNT;
}
}
if (got != (GOT_SNONCE | GOT_SALT | GOT_ITERCOUNT))
@throw [OFInvalidServerReplyException exception];
|
︙ | | | ︙ | |
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
|
/*
* IETF RFC 5802:
* SaltedPassword := Hi(Normalize(password), salt, i)
*/
tmpArray = [OFMutableData dataWithItems: [_password UTF8String]
count: [_password UTF8StringLength]];
saltedPassword = [self XMPP_hiWithData: tmpArray
salt: salt
iterationCount: iterCount];
/*
* IETF RFC 5802:
* AuthMessage := client-first-message-bare + "," +
* server-first-message + "," +
|
|
|
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
|
/*
* IETF RFC 5802:
* SaltedPassword := Hi(Normalize(password), salt, i)
*/
tmpArray = [OFMutableData dataWithItems: [_password UTF8String]
count: [_password UTF8StringLength]];
saltedPassword = [self xmpp_hiWithData: tmpArray
salt: salt
iterationCount: iterCount];
/*
* IETF RFC 5802:
* AuthMessage := client-first-message-bare + "," +
* server-first-message + "," +
|
︙ | | | ︙ | |
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
|
[authMessage addItems: [ret items]
count: [ret count]];
/*
* IETF RFC 5802:
* ClientKey := HMAC(SaltedPassword, "Client Key")
*/
clientKey = [self XMPP_HMACWithKey: saltedPassword
data: [OFData dataWithItems: "Client Key"
count: 10]];
/*
* IETF RFC 5802:
* StoredKey := H(ClientKey)
*/
[hash updateWithBuffer: (void *)clientKey
length: [_hashType digestSize]];
/*
* IETF RFC 5802:
* ClientSignature := HMAC(StoredKey, AuthMessage)
*/
clientSignature = [self
XMPP_HMACWithKey: [OFData dataWithItems: [hash digest]
count: [_hashType digestSize]]
data: authMessage];
/*
* IETF RFC 5802:
* ServerKey := HMAC(SaltedPassword, "Server Key")
*/
serverKey = [self XMPP_HMACWithKey: saltedPassword
data: [OFData dataWithItems: "Server Key"
count: 10]];
/*
* IETF RFC 5802:
* ServerSignature := HMAC(ServerKey, AuthMessage)
*/
tmpArray = [OFMutableData dataWithItems: serverKey
count: [_hashType digestSize]];
[_serverSignature release];
_serverSignature = [[OFData alloc]
initWithItems: [self XMPP_HMACWithKey: tmpArray
data: authMessage]
count: [_hashType digestSize]];
/*
* IETF RFC 5802:
* ClientProof := ClientKey XOR ClientSignature
*/
|
|
|
|
|
|
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
|
[authMessage addItems: [ret items]
count: [ret count]];
/*
* IETF RFC 5802:
* ClientKey := HMAC(SaltedPassword, "Client Key")
*/
clientKey = [self xmpp_HMACWithKey: saltedPassword
data: [OFData dataWithItems: "Client Key"
count: 10]];
/*
* IETF RFC 5802:
* StoredKey := H(ClientKey)
*/
[hash updateWithBuffer: (void *)clientKey
length: [_hashType digestSize]];
/*
* IETF RFC 5802:
* ClientSignature := HMAC(StoredKey, AuthMessage)
*/
clientSignature = [self
xmpp_HMACWithKey: [OFData dataWithItems: [hash digest]
count: [_hashType digestSize]]
data: authMessage];
/*
* IETF RFC 5802:
* ServerKey := HMAC(SaltedPassword, "Server Key")
*/
serverKey = [self xmpp_HMACWithKey: saltedPassword
data: [OFData dataWithItems: "Server Key"
count: 10]];
/*
* IETF RFC 5802:
* ServerSignature := HMAC(ServerKey, AuthMessage)
*/
tmpArray = [OFMutableData dataWithItems: serverKey
count: [_hashType digestSize]];
[_serverSignature release];
_serverSignature = [[OFData alloc]
initWithItems: [self xmpp_HMACWithKey: tmpArray
data: authMessage]
count: [_hashType digestSize]];
/*
* IETF RFC 5802:
* ClientProof := ClientKey XOR ClientSignature
*/
|
︙ | | | ︙ | |
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
|
tmpString = [tmpArray stringByBase64Encoding];
[ret addItems: [tmpString UTF8String]
count: [tmpString UTF8StringLength]];
return ret;
}
- (OFData *)XMPP_parseServerFinalMessage: (OFData *)data
{
OFString *mess, *value;
/*
* server-final-message already received,
* we were just waiting for the last word from the server
*/
|
|
|
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
|
tmpString = [tmpArray stringByBase64Encoding];
[ret addItems: [tmpString UTF8String]
count: [tmpString UTF8StringLength]];
return ret;
}
- (OFData *)xmpp_parseServerFinalMessage: (OFData *)data
{
OFString *mess, *value;
/*
* server-final-message already received,
* we were just waiting for the last word from the server
*/
|
︙ | | | ︙ | |
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
|
} else
@throw [XMPPAuthFailedException exceptionWithConnection: nil
reason: value];
return nil;
}
- (OFString *)XMPP_genNonce
{
uint8_t buf[64];
size_t i;
assert(RAND_pseudo_bytes(buf, 64) >= 0);
for (i = 0; i < 64; i++) {
// Restrict salt to printable range, but do not include '~'...
buf[i] = (buf[i] % ('~' - '!')) + '!';
// ...so we can use it to replace ','
if (buf[i] == ',')
buf[i] = '~';
}
return [OFString stringWithCString: (char *)buf
encoding: OF_STRING_ENCODING_ASCII
length: 64];
}
- (const uint8_t *)XMPP_HMACWithKey: (OFData *)key
data: (OFData *)data
{
void *pool = objc_autoreleasePoolPush();
OFMutableData *k = [OFMutableData data];
size_t i, kSize, blockSize = [_hashType blockSize];
uint8_t *kI = NULL, *kO = NULL;
id <OFCryptoHash> hashI, hashO;
|
|
|
|
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
|
} else
@throw [XMPPAuthFailedException exceptionWithConnection: nil
reason: value];
return nil;
}
- (OFString *)xmpp_genNonce
{
uint8_t buf[64];
size_t i;
assert(RAND_pseudo_bytes(buf, 64) >= 0);
for (i = 0; i < 64; i++) {
// Restrict salt to printable range, but do not include '~'...
buf[i] = (buf[i] % ('~' - '!')) + '!';
// ...so we can use it to replace ','
if (buf[i] == ',')
buf[i] = '~';
}
return [OFString stringWithCString: (char *)buf
encoding: OF_STRING_ENCODING_ASCII
length: 64];
}
- (const uint8_t *)xmpp_HMACWithKey: (OFData *)key
data: (OFData *)data
{
void *pool = objc_autoreleasePoolPush();
OFMutableData *k = [OFMutableData data];
size_t i, kSize, blockSize = [_hashType blockSize];
uint8_t *kI = NULL, *kO = NULL;
id <OFCryptoHash> hashI, hashO;
|
︙ | | | ︙ | |
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
|
[hashO retain];
objc_autoreleasePoolPop(pool);
return [[hashO autorelease] digest];
}
- (OFData *)XMPP_hiWithData: (OFData *)str
salt: (OFData *)salt
iterationCount: (intmax_t)i
{
void *pool = objc_autoreleasePoolPush();
size_t digestSize = [_hashType digestSize];
uint8_t *result = NULL;
const uint8_t *u, *uOld;
intmax_t j, k;
OFMutableData *salty, *tmp;
OFData *ret;
result = [self allocMemoryWithSize: digestSize];
@try {
memset(result, 0, digestSize);
salty = [[salt mutableCopy] autorelease];
[salty addItems: "\0\0\0\1"
count: 4];
uOld = [self XMPP_HMACWithKey: str
data: salty];
for (j = 0; j < digestSize; j++)
result[j] ^= uOld[j];
for (j = 0; j < i - 1; j++) {
tmp = [[OFMutableData alloc] init];
[tmp addItems: uOld
count: digestSize];
/* releases uOld and previous tmp */
objc_autoreleasePoolPop(pool);
pool = objc_autoreleasePoolPush();
[tmp autorelease];
u = [self XMPP_HMACWithKey: str
data: tmp];
for (k = 0; k < digestSize; k++)
result[k] ^= u[k];
uOld = u;
}
|
|
|
|
|
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
|
[hashO retain];
objc_autoreleasePoolPop(pool);
return [[hashO autorelease] digest];
}
- (OFData *)xmpp_hiWithData: (OFData *)str
salt: (OFData *)salt
iterationCount: (intmax_t)i
{
void *pool = objc_autoreleasePoolPush();
size_t digestSize = [_hashType digestSize];
uint8_t *result = NULL;
const uint8_t *u, *uOld;
intmax_t j, k;
OFMutableData *salty, *tmp;
OFData *ret;
result = [self allocMemoryWithSize: digestSize];
@try {
memset(result, 0, digestSize);
salty = [[salt mutableCopy] autorelease];
[salty addItems: "\0\0\0\1"
count: 4];
uOld = [self xmpp_HMACWithKey: str
data: salty];
for (j = 0; j < digestSize; j++)
result[j] ^= uOld[j];
for (j = 0; j < i - 1; j++) {
tmp = [[OFMutableData alloc] init];
[tmp addItems: uOld
count: digestSize];
/* releases uOld and previous tmp */
objc_autoreleasePoolPop(pool);
pool = objc_autoreleasePoolPush();
[tmp autorelease];
u = [self xmpp_HMACWithKey: str
data: tmp];
for (k = 0; k < digestSize; k++)
result[k] ^= u[k];
uOld = u;
}
|
︙ | | | ︙ | |