2N/A * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. 2N/A/* CRAM-MD5 SASL plugin 2N/A * $Id: cram.c,v 1.79 2003/02/18 18:27:37 rjs3 Exp $ 2N/A * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved. 2N/A * Redistribution and use in source and binary forms, with or without 2N/A * modification, are permitted provided that the following conditions 2N/A * 1. Redistributions of source code must retain the above copyright 2N/A * notice, this list of conditions and the following disclaimer. 2N/A * 2. Redistributions in binary form must reproduce the above copyright 2N/A * notice, this list of conditions and the following disclaimer in 2N/A * the documentation and/or other materials provided with the 2N/A * 3. The name "Carnegie Mellon University" must not be used to 2N/A * endorse or promote products derived from this software without 2N/A * prior written permission. For permission or any other legal 2N/A * details, please contact 2N/A * Office of Technology Transfer 2N/A * Carnegie Mellon University 2N/A * 5000 Forbes Avenue 2N/A * Pittsburgh, PA 15213-3890 2N/A * (412) 268-4387, fax: (412) 268-7395 2N/A * tech-transfer@andrew.cmu.edu 2N/A * 4. Redistributions of any form whatsoever must retain the following 2N/A * "This product includes software developed by Computing Services 2N/A * CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO 2N/A * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 2N/A * AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE 2N/A * FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 2N/A * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN 2N/A * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING 2N/A * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 2N/A#
endif /* _SUN_SDK_ */ 2N/A/***************************** Common Section *****************************/ 2N/A#
endif /* !_SUN_SDK_ */ 2N/A/* convert a string of 8bit chars to it's representation in hex 2N/A * using lowercase letters 2N/A static char hex[]=
"0123456789abcdef";
2N/A/***************************** Server Section *****************************/ 2N/A /* holds state are in */ 2N/A * Returns the current time (or part of it) in string form 2N/A /* the bottom bits are really the only random ones so if 2N/A we overflow we don't want to lose them */ 2N/A unsigned char temp[
5];
/* random 32-bit number */ 2N/A#
endif /* _DEV_URANDOM && _SUN_SDK_ */ 2N/A /* we shouldn't have received anything */ 2N/A "CRAM-MD5 does not accept inital data");
2N/A#
endif /* _SUN_SDK_ */ 2N/A /* get time and a random number for the nonce */ 2N/A /* allocate some space for the challenge */ 2N/A /* create the challenge */ 2N/A "*cmusaslsecretCRAM-MD5",
2N/A /* extract userid; everything before last space */ 2N/A "need authentication name");
2N/A#
endif /* _SUN_SDK_ */ 2N/A /* copy authstr out */ 2N/A /* this will trigger the getting of the aux properties */ 2N/A /* We didn't find this username */ 2N/A "no secret in database");
2N/A#
endif /* _INTEGRATED_SOLARIS_ */ 2N/A#
endif /* _INTEGRATED_SOLARIS_ */ 2N/A#
endif /* _SUN_SDK_ */ 2N/A /* Do precalculation on plaintext secret */ 2N/A /* We have a precomputed secret */ 2N/A "Have neither type of secret");
2N/A "Have neither type of secret");
2N/A#
endif /* _SUN_SDK_ */ 2N/A /* ok this is annoying: 2N/A so we have this half-way hmac transform instead of the plaintext 2N/A that means we half to: 2N/A -import it back into a md5 context 2N/A -do an md5update with the nonce 2N/A /* convert to base 16 with lower case letters */ 2N/A /* if same then verified 2N/A * - we know digest_str is null terminated but clientin might not be 2N/A "incorrect digest response");
2N/A#
endif /* _INTEGRATED_SOLARIS_ */ 2N/A /* this should be well more than is ever needed */ 2N/A "CRAM-MD5 input longer than 1024 bytes");
2N/A#
endif /* _SUN_SDK_ */ 2N/A default:
/* should never get here */ 2N/A#
endif /* _SUN_SDK_ */ 2N/A#
endif /* !_SUN_SDK_ */ 2N/A "CRAM-MD5",
/* mech_name */ 2N/A#
endif /* _SUN_SDK_ */ 2N/A/***************************** Client Section *****************************/ 2N/A#
endif /* _INTEGRATED_SOLARIS_ */ 2N/A /* holds state are in */ 2N/A /* fill in rest with 0's */ 2N/A /* do the hmac md5 hash output 128 bits */ 2N/A /* convert that to hex form */ 2N/A /* First check for absurd lengths */ 2N/A "CRAM-MD5 input longer than 1024 bytes");
2N/A "CRAM-MD5 input longer than 1024 bytes");
2N/A#
endif /* _SUN_SDK_ */ 2N/A /* check if sec layer strong enough */ 2N/A "SSF requested of CRAM-MD5 plugin");
2N/A#
endif /* _SUN_SDK_ */ 2N/A /* try to get the userid */ 2N/A /* try to get the password */ 2N/A /* free prompts we got */ 2N/A /* if there are prompts not filled in */ 2N/A /* make the prompt list */ 2N/A "Please enter your authentication name" :
NULL,
2N/A#
endif /* _INTEGRATED_SOLARIS_ */ 2N/A * username SP digest (keyed md5 where key is passwd) 2N/A "make_hashed failed");
2N/A#
endif /* _SUN_SDK_ */ 2N/A /* get rid of private information */ 2N/A /* get rid of all sensitive info */ 2N/A#
endif /* _INTEGRATED_SOLARIS_ */ 2N/A "CRAM-MD5",
/* mech_name */ 2N/A#
endif /* _SUN_SDK_ */