3 use Digest
::MD5
qw(md5 md5_hex);
5 # Test CRAM-MD5 (RFC 2195) authentication. See also RFC 1734 for POP3 AUTH.
7 # To duplicate the example in RFC 2195:
8 # $ perl testcrammd5.pl
10 # Password? tanstaaftanstaaf
11 # Challenge? PDE4OTYuNjk3MTcwOTUyQHBvc3RvZmZpY2UucmVzdG9uLm1jaS5uZXQ+
13 # dGltIGI5MTNhNjAyYzdlZGE3YTQ5NWI0ZTZlNzMzNGQzODkw
15 # To use with courier-imap:
16 # telnet localhost 110
18 # << check for SASL CRAM-MD5 in response
20 # << note the challenge, paste it into this program
21 # << paste back the response
24 # telnet localhost 143
25 # << check for [CAPABILITY ... AUTH=CRAM-MD5 ...] in response
26 # a authenticate cram-md5
27 # << note the challenge, paste it into this program
28 # << paste back the response
30 # Remember: to get CRAM-MD5 authentication working in Courier-IMAP you
31 # need to set several things:
32 # - settings POP3AUTH in pop3d and/or IMAP_CAPABILITY in imapd
33 # - in userdb set attribute hmac-md5pw (or pop3-hmac-md5pw etc)
34 # userdbpw -hmac-md5 | userdb fred@flintstone.org set hmac-md5pw
38 # - in mysql/pgsql/ldap set cleartext password
47 print "Send: AUTH CRAM-MD5 (or for imap, A AUTHENTICATE CRAM-MD5)\n";
48 print "Paste the challenge here:\n+ ";
51 $challenge =~ s/^\+?\ *//;
52 $challenge = decode_base64
($challenge);
54 if (length($password) > 64) {
55 $password = md5
($password);
57 while (length($password) < 64) {
58 $password = $password . "\0";
61 $digest = md5_hex
(($password ^ "\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\") .
62 md5
(($password ^ "6666666666666666666666666666666666666666666666666666666666666666") . $challenge));
63 $resp = encode_base64
("$username $digest");
64 print "Send this response:\n$resp\n";