1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
|
/*
* Copyright (C) 2008-2010 The QXmpp developers
*
* Authors:
* Manjeet Dahiya
* Jeremy Lainé
*
* Source:
* http://code.google.com/p/qxmpp
*
* This file is a part of QXmpp library.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
*/
#include <cstdlib>
#include <QCryptographicHash>
#include "QXmppSaslAuth.h"
#include "QXmppUtils.h"
QByteArray QXmppSaslDigestMd5::authzid() const
{
return m_authzid;
}
void QXmppSaslDigestMd5::setAuthzid(const QByteArray &authzid)
{
m_authzid = authzid;
}
QByteArray QXmppSaslDigestMd5::cnonce() const
{
return m_cnonce;
}
void QXmppSaslDigestMd5::setCnonce(const QByteArray &cnonce)
{
m_cnonce = cnonce;
}
QByteArray QXmppSaslDigestMd5::digestUri() const
{
return m_digestUri;
}
void QXmppSaslDigestMd5::setDigestUri(const QByteArray &digestUri)
{
m_digestUri = digestUri;
}
QByteArray QXmppSaslDigestMd5::nc() const
{
return m_nc;
}
void QXmppSaslDigestMd5::setNc(const QByteArray &nc)
{
m_nc = nc;
}
QByteArray QXmppSaslDigestMd5::nonce() const
{
return m_nonce;
}
void QXmppSaslDigestMd5::setNonce(const QByteArray &nonce)
{
m_nonce = nonce;
}
QByteArray QXmppSaslDigestMd5::realm() const
{
return m_realm;
}
void QXmppSaslDigestMd5::setRealm(const QByteArray &realm)
{
m_realm = realm;
}
QByteArray QXmppSaslDigestMd5::username() const
{
return m_username;
}
void QXmppSaslDigestMd5::setUsername(const QByteArray &username)
{
m_username = username;
}
void QXmppSaslDigestMd5::setPassword(const QByteArray &password)
{
m_password = password;
}
QByteArray QXmppSaslDigestMd5::generateNonce()
{
QByteArray nonce = generateRandomBytes(32);
// The random data can the '=' char is not valid as it is a delimiter,
// so to be safe, base64 the nonce
return nonce.toBase64();
}
QByteArray QXmppSaslDigestMd5::calculateDigest(const QByteArray &A2) const
{
const QByteArray a1 = m_username + ':' + m_realm + ':' + m_password;
QByteArray ha1 = QCryptographicHash::hash(a1, QCryptographicHash::Md5);
ha1 += ':' + m_nonce + ':' + m_cnonce;
if (!m_authzid.isEmpty())
ha1 += ':' + m_authzid;
QByteArray A1(ha1);
QByteArray HA1 = QCryptographicHash::hash(A1, QCryptographicHash::Md5).toHex();
QByteArray HA2 = QCryptographicHash::hash(A2, QCryptographicHash::Md5).toHex();
QByteArray KD = HA1 + ':' + m_nonce + ':' + m_nc + ':' + m_cnonce + ':'
+ "auth" + ':' + HA2;
return QCryptographicHash::hash(KD, QCryptographicHash::Md5).toHex();
}
QMap<QByteArray, QByteArray> QXmppSaslDigestMd5::parseMessage(const QByteArray &ba)
{
QMap<QByteArray, QByteArray> map;
int startIndex = 0;
int pos = 0;
while ((pos = ba.indexOf("=", startIndex)) >= 0)
{
// key get name and skip equals
const QByteArray key = ba.mid(startIndex, pos - startIndex).trimmed();
pos++;
// check whether string is quoted
if (ba.at(pos) == '"')
{
// skip opening quote
pos++;
int endPos = ba.indexOf('"', pos);
// skip quoted quotes
while (endPos >= 0 && ba.at(endPos - 1) == '\\')
endPos = ba.indexOf('"', endPos + 1);
if (endPos < 0)
{
qWarning("Unfinished quoted string");
return map;
}
// unquote
QByteArray value = ba.mid(pos, endPos - pos);
value.replace("\\\"", "\"");
value.replace("\\\\", "\\");
map[key] = value;
// skip closing quote and comma
startIndex = endPos + 2;
} else {
// non-quoted string
int endPos = ba.indexOf(',', pos);
if (endPos < 0)
endPos = ba.size();
map[key] = ba.mid(pos, endPos - pos);
// skip comma
startIndex = endPos + 1;
}
}
return map;
}
QByteArray QXmppSaslDigestMd5::serializeMessage(const QMap<QByteArray, QByteArray> &map)
{
QByteArray ba;
foreach (const QByteArray &key, map.keys())
{
if (!ba.isEmpty())
ba.append(',');
ba.append(key + "=");
QByteArray value = map[key];
const char *separators = "()<>@,;:\\\"/[]?={} \t";
bool quote = false;
for (const char *c = separators; *c; c++)
{
if (value.contains(*c))
{
quote = true;
break;
}
}
if (quote)
{
value.replace("\\", "\\\\");
value.replace("\"", "\\\"");
ba.append("\"" + value + "\"");
}
else
ba.append(value);
}
return ba;
}
|
