1 /* $Id: authsaslclientcram.c,v 1.5 2008/07/10 02:43:55 mrsam Exp $ */
4 ** Copyright 2000-2008 Double Precision, Inc. See COPYING for
5 ** distribution information.
8 #include "courier_auth_config.h"
9 #include "courierauthsasl.h"
10 #include "libhmac/hmac.h"
11 #include "authsaslclient.h"
18 int authsaslclient_cram(const struct authsaslclientinfo
*info
,
19 const char *challenge
,
20 const struct hmac_hashinfo
*hashinfo
)
22 char *base64buf
=malloc(strlen(challenge
)+1);
23 unsigned char *keybuf
;
25 const char *userid
=info
->userid
? info
->userid
:"";
26 const char *password
=info
->password
? info
->password
:"";
32 return (AUTHSASL_ERROR
);
34 strcpy(base64buf
, challenge
);
36 if ( (i
=authsasl_frombase64(base64buf
))<0 ||
37 (keybuf
=(unsigned char *)malloc(hashinfo
->hh_L
*3)) == 0)
41 return (AUTHSASL_ERROR
);
44 hmac_hashkey( hashinfo
, password
, strlen(password
),
45 keybuf
, keybuf
+hashinfo
->hh_L
);
47 hmac_hashtext( hashinfo
, base64buf
, i
,
48 keybuf
, keybuf
+hashinfo
->hh_L
,
49 keybuf
+hashinfo
->hh_L
*2);
52 base64buf
=malloc(strlen(userid
)+2+hashinfo
->hh_L
*2);
57 return (AUTHSASL_ERROR
);
59 strcat(strcpy(base64buf
, userid
), " ");
60 p
=base64buf
+strlen(base64buf
);
61 for (i
=0; i
<hashinfo
->hh_L
; i
++)
63 static const char xdigit
[]="0123456789abcdef";
64 int c
=keybuf
[hashinfo
->hh_L
*2+i
];
66 *p
++ = xdigit
[ (c
>> 4) & 0x0F ];
67 *p
++ = xdigit
[c
& 0x0F];
71 keybuf
=(unsigned char *)authsasl_tobase64(base64buf
, -1);
78 return (AUTHSASL_ERROR
);
80 i
= (*info
->final_conv_func
)((char *)keybuf
, info
->conv_func_arg
);