ObjFW/ObjXMPP
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix SCRAM auth

Browse source
This commit is contained in:
Jonathan Schleifer 2018-11-05 00:01:40 +01:00
parent 1061c08262
commit 3c10a522cd
No known key found for this signature in database
GPG key ID: D83A76BFE376345E
1 changed files with 17 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

35
src/XMPPSCRAMAuth.m
View file

@ -42,7 +42,7 @@ OF_ASSUME_NONNULL_BEGIN
@interface XMPPSCRAMAuth () @interface XMPPSCRAMAuth ()
- (OFString *)XMPP_genNonce; - (OFString *)XMPP_genNonce;
- (const uint8_t *)XMPP_HMACWithKey: (OFData *)key - (const uint8_t *)XMPP_HMACWithKey: (OFData *)key
data: (OFData *)data; data: (OFData *)data;
- (OFData *)XMPP_hiWithData: (OFData *)str - (OFData *)XMPP_hiWithData: (OFData *)str
salt: (OFData *)salt salt: (OFData *)salt
iterationCount: (intmax_t)i; iterationCount: (intmax_t)i;
@ -266,9 +266,8 @@ OF_ASSUME_NONNULL_END
@throw [OFInvalidServerReplyException exception]; @throw [OFInvalidServerReplyException exception];
// Add c=<base64(GS2Header+channelBindingData)> // Add c=<base64(GS2Header+channelBindingData)>
tmpArray = [OFMutableData data]; tmpArray = [OFMutableData dataWithItems: [_GS2Header UTF8String]
[tmpArray addItems: [_GS2Header UTF8String] count: [_GS2Header UTF8StringLength]];
count: [_GS2Header UTF8StringLength]];
if (_plusAvailable && [_connection encrypted]) { if (_plusAvailable && [_connection encrypted]) {
OFData *channelBinding = [((SSLSocket *)[_connection socket]) OFData *channelBinding = [((SSLSocket *)[_connection socket])
channelBindingDataWithType: @"tls-unique"]; channelBindingDataWithType: @"tls-unique"];
@ -318,7 +317,7 @@ OF_ASSUME_NONNULL_END
* ClientKey := HMAC(SaltedPassword, "Client Key") * ClientKey := HMAC(SaltedPassword, "Client Key")
*/ */
clientKey = [self XMPP_HMACWithKey: saltedPassword clientKey = [self XMPP_HMACWithKey: saltedPassword
data: [OFData dataWithItems: @"Client key" data: [OFData dataWithItems: "Client Key"
count: 10]]; count: 10]];
/* /*
@ -327,24 +326,23 @@ OF_ASSUME_NONNULL_END
*/ */
[hash updateWithBuffer: (void *)clientKey [hash updateWithBuffer: (void *)clientKey
length: [_hashType digestSize]]; length: [_hashType digestSize]];
tmpArray = [OFMutableData dataWithItems: [hash digest]
count: [_hashType digestSize]];
/* /*
* IETF RFC 5802: * IETF RFC 5802:
* ClientSignature := HMAC(StoredKey, AuthMessage) * ClientSignature := HMAC(StoredKey, AuthMessage)
*/ */
clientSignature = [self XMPP_HMACWithKey: tmpArray clientSignature = [self
data: authMessage]; XMPP_HMACWithKey: [OFData dataWithItems: [hash digest]
count: [_hashType digestSize]]
data: authMessage];
/* /*
* IETF RFC 5802: * IETF RFC 5802:
* ServerKey := HMAC(SaltedPassword, "Server Key") * ServerKey := HMAC(SaltedPassword, "Server Key")
*/ */
tmpArray = [OFMutableData dataWithItems: "Server Key"
count: 10];
serverKey = [self XMPP_HMACWithKey: saltedPassword serverKey = [self XMPP_HMACWithKey: saltedPassword
data: tmpArray]; data: [OFData dataWithItems: "Server Key"
count: 10]];
/* /*
* IETF RFC 5802: * IETF RFC 5802:
@ -354,7 +352,7 @@ OF_ASSUME_NONNULL_END
count: [_hashType digestSize]]; count: [_hashType digestSize]];
[_serverSignature release]; [_serverSignature release];
_serverSignature = [[OFMutableData alloc] _serverSignature = [[OFData alloc]
initWithItems: [self XMPP_HMACWithKey: tmpArray initWithItems: [self XMPP_HMACWithKey: tmpArray
data: authMessage] data: authMessage]
count: [_hashType digestSize]]; count: [_hashType digestSize]];
@ -363,7 +361,7 @@ OF_ASSUME_NONNULL_END
* IETF RFC 5802: * IETF RFC 5802:
* ClientProof := ClientKey XOR ClientSignature * ClientProof := ClientKey XOR ClientSignature
*/ */
tmpArray = [OFMutableData data]; tmpArray = [OFMutableData dataWithCapacity: [_hashType digestSize]];
for (i = 0; i < [_hashType digestSize]; i++) { for (i = 0; i < [_hashType digestSize]; i++) {
uint8_t c = clientKey[i] ^ clientSignature[i]; uint8_t c = clientKey[i] ^ clientSignature[i];
[tmpArray addItem: &c]; [tmpArray addItem: &c];
@ -495,14 +493,15 @@ OF_ASSUME_NONNULL_END
uint8_t *result = NULL; uint8_t *result = NULL;
const uint8_t *u, *uOld; const uint8_t *u, *uOld;
intmax_t j, k; intmax_t j, k;
OFMutableData *salty, *tmp, *ret; OFMutableData *salty, *tmp;
OFData *ret;
result = [self allocMemoryWithSize: digestSize]; result = [self allocMemoryWithSize: digestSize];
@try { @try {
memset(result, 0, digestSize); memset(result, 0, digestSize);
salty = [[salt copy] autorelease]; salty = [[salt mutableCopy] autorelease];
[salty addItems: "\0\0\0\1" [salty addItems: "\0\0\0\1"
count: 4]; count: 4];
@ -531,8 +530,8 @@ OF_ASSUME_NONNULL_END
uOld = u; uOld = u;
} }
ret = [OFMutableData dataWithItems: result ret = [OFData dataWithItems: result
count: digestSize]; count: digestSize];
} @finally { } @finally {
[self freeMemory: result]; [self freeMemory: result];
} }