Skip to content
This repository has been archived by the owner on Jan 29, 2024. It is now read-only.

Commit

Permalink
Added SCRAM-SHA-256 support #51
Browse files Browse the repository at this point in the history
  • Loading branch information
COM8 authored and KingKili committed Jan 17, 2019
1 parent 49c8c3f commit e661705
Show file tree
Hide file tree
Showing 4 changed files with 87 additions and 3 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -84,10 +84,15 @@ public override AbstractMessage generateResponse(AbstractMessage msg)
// Throw wrong order
}
itersStr = itersStr.Substring(2);
if (!int.TryParse(itersStr, out int iters))
int iters = -1;
if (!int.TryParse(itersStr, out iters))
{
// Throw could not pars iterations
}
else if (!isValidIterationsCount(iters))
{
// Throw invalid iterations count
}

return new ScramSha1ChallengeSolutionMessage(computeAnswer(iters));
}
Expand All @@ -106,7 +111,7 @@ public override SelectSASLMechanismMessage getSelectSASLMechanismMessage()
#endregion

#region --Misc Methods (Private)--
private string computeAnswer(int iterations)
protected string computeAnswer(int iterations)
{
string clientFinalMessageBare = "c=biws,r=" + serverNonce;
byte[] saltBytes = Convert.FromBase64String(saltBase64);
Expand All @@ -123,6 +128,11 @@ private string computeAnswer(int iterations)
return encodeStringBase64(clientFinalMessage);
}

protected virtual bool isValidIterationsCount(int iters)
{
return iters > 0;
}

#endregion

#region --Misc Methods (Protected)--
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
namespace XMPP_API.Classes.Network.XML.Messages.Features.SASL.SHA1
{
public class ScramSHA256SASLMechanism : ScramSHA1SASLMechanism
{
// https://tools.ietf.org/html/rfc7677
//--------------------------------------------------------Attributes:-----------------------------------------------------------------\\
#region --Attributes--
private const byte CLIENT_NONCE_LENGTH = 32;

private readonly string CLIENT_NONCE_BASE_64;
private readonly string PASSWORD_NORMALIZED;
private string serverNonce;
private string saltBase64;
private string clientFirstMsg;
private string serverFirstMsg;

#endregion
//--------------------------------------------------------Constructor:----------------------------------------------------------------\\
#region --Constructors--
/// <summary>
/// Basic Constructor
/// </summary>
/// <history>
/// 06/01/2019 Created [Fabian Sauter]
/// </history>
public ScramSHA256SASLMechanism(string id, string password) : base(id, password)
{
}

public ScramSHA256SASLMechanism(string id, string password, string clientNonceBase64) : base(id, password, clientNonceBase64)
{
}

#endregion
//--------------------------------------------------------Set-, Get- Methods:---------------------------------------------------------\\
#region --Set-, Get- Methods--


#endregion
//--------------------------------------------------------Misc Methods:---------------------------------------------------------------\\
#region --Misc Methods (Public)--
public override SelectSASLMechanismMessage getSelectSASLMechanismMessage()
{
clientFirstMsg = "n=" + ID + ",r=" + CLIENT_NONCE_BASE_64;
string encClientFirstMsg = encodeStringBase64("n,," + clientFirstMsg);

return new SelectSASLMechanismMessage("SCRAM-SHA-256", encClientFirstMsg);
}

#endregion

#region --Misc Methods (Private)--

#endregion

#region --Misc Methods (Protected)--
protected override bool isValidIterationsCount(int iters)
{
return iters >= 4096;
}

#endregion
//--------------------------------------------------------Events:---------------------------------------------------------------------\\
#region --Events--


#endregion
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ class SASLConnection : AbstractMessageProcessor
private SASLState state;
private AbstractSASLMechanism selectedMechanism;
// The offered authentication mechanism in preferred order:
private static readonly ArrayList OFFERED_MECHANISMS = new ArrayList() { "scram-sha-1", "plain" };
private static readonly ArrayList OFFERED_MECHANISMS = new ArrayList() { "scram-sha-256", "scram-sha-1", "plain" };

#endregion
//--------------------------------------------------------Constructor:----------------------------------------------------------------\\
Expand Down Expand Up @@ -83,6 +83,10 @@ private void selectMechanism(ArrayList mechanisms)
XMPPAccount sCC = XMPP_CONNECTION.account;
switch (selected)
{
case "scram-sha-256":
selectedMechanism = new ScramSHA256SASLMechanism(sCC.user.userId, sCC.user.userPassword);
break;

case "scram-sha-1":
selectedMechanism = new ScramSHA1SASLMechanism(sCC.user.userId, sCC.user.userPassword);
break;
Expand Down
1 change: 1 addition & 0 deletions XMPP_API/XMPP_API.csproj
Original file line number Diff line number Diff line change
Expand Up @@ -159,6 +159,7 @@
<Compile Include="Classes\Network\XML\Messages\BindResourceMessage.cs" />
<Compile Include="Classes\Network\XML\Messages\Error.cs" />
<Compile Include="Classes\Crypto\CryptoUtils.cs" />
<Compile Include="Classes\Network\XML\Messages\Features\SASL\SHA1\ScramSHA256SASLMechanism.cs" />
<Compile Include="Classes\Network\XML\Messages\StreamErrorType.cs" />
<Compile Include="Classes\Network\XML\Messages\StreamErrorMessage.cs" />
<Compile Include="Classes\Network\XML\Messages\Features\SASL\SASLErrorType.cs" />
Expand Down

0 comments on commit e661705

Please sign in to comment.