// // Private Methods // /// <summary> /// Process the first challenge from the server /// and calculate a response /// </summary> /// <param name="challenge">The server issued challenge</param> /// <returns>Client response</returns> private byte[] OnInitialChallenge(byte[] challenge) { DigestChallenge dch = DigestChallenge.Parse(_encoding.GetString(challenge)); // validate input challenge if (dch.Nonce == null || dch.Nonce.Length == 0) { throw new SaslException("Nonce value missing in server challenge"); } if (dch.Algorithm != "md5-sess") { throw new SaslException("Invalid or missing algorithm value in server challenge"); } NameCallback nameCB = new NameCallback(AuthorizationId); PasswordCallback pwdCB = new PasswordCallback(); RealmCallback realmCB = new RealmCallback(dch.Realm); ISaslCallback[] callbacks = { nameCB, pwdCB, realmCB }; Handler.Handle(callbacks); DigestResponse response = new DigestResponse(); response.Username = nameCB.Text; response.Realm = realmCB.Text; response.Nonce = dch.Nonce; response.Cnonce = Cnonce; response.NonceCount = 1; response.Qop = DigestQop.Auth; // only auth supported for now response.DigestUri = Protocol.ToLower() + "/" + ServerName; response.MaxBuffer = dch.MaxBuffer; response.Charset = dch.Charset; response.Cipher = null; // not supported for now response.Authzid = AuthorizationId; response.AuthParam = dch.AuthParam; response.Response = CalculateResponse( nameCB.Text, realmCB.Text, pwdCB.Text, dch.Nonce, response.NonceCount, response.Qop, response.DigestUri ); return(_encoding.GetBytes(response.ToString())); }
public void CanWriteResponse() { DigestResponse resp = new DigestResponse(); resp.Username = "******"; resp.Realm = "nowhere.com"; resp.Nonce = "OA9BSXrbuRhWay"; resp.Cnonce = "OA9BSuZWMSpW8m"; resp.NonceCount = 16; resp.DigestUri = "acap/elwood.innosoft.com"; resp.Response = "6084c6db3fede7352c551284490fd0fc"; resp.Qop = "auth"; resp.MaxBuffer = 65536; resp.Cipher = "3des"; resp.Authzid = "user2"; resp.AuthParam = "ap"; resp.Charset = "utf-8"; string expected = "username=\"user\",realm=\"nowhere.com\",nonce=\"OA9BSXrbuRhWay\",cnonce=\"OA9BSuZWMSpW8m\",nc=00000010,qop=auth,digest-uri=\"acap/elwood.innosoft.com\",response=\"6084c6db3fede7352c551284490fd0fc\",maxbuf=65536,charset=utf-8,cipher=3des,authzid=\"user2\",auth-param=\"ap\""; Assert.AreEqual(expected, resp.ToString()); }
public void CanWriteEscapedSecuence() { DigestResponse resp = new DigestResponse(); resp.Username = "******"er"; string expected = "username=\"us\\\"er\",nc=00000000,maxbuf=0"; Assert.AreEqual(expected, resp.ToString()); }
// // Private Methods // /// <summary> /// Process the first challenge from the server /// and calculate a response /// </summary> /// <param name="challenge">The server issued challenge</param> /// <returns>Client response</returns> private byte[] OnInitialChallenge(byte[] challenge) { DigestChallenge dch = DigestChallenge.Parse(_encoding.GetString(challenge)); // validate input challenge if ( dch.Nonce == null || dch.Nonce.Length == 0 ) throw new SaslException("Nonce value missing in server challenge"); if ( dch.Algorithm != "md5-sess" ) throw new SaslException("Invalid or missing algorithm value in server challenge"); NameCallback nameCB = new NameCallback(AuthorizationId); PasswordCallback pwdCB = new PasswordCallback(); RealmCallback realmCB = new RealmCallback(dch.Realm); ISaslCallback[] callbacks = { nameCB, pwdCB, realmCB }; Handler.Handle(callbacks); DigestResponse response = new DigestResponse(); response.Username = nameCB.Text; response.Realm = realmCB.Text; response.Nonce = dch.Nonce; response.Cnonce = Cnonce; response.NonceCount = 1; response.Qop = DigestQop.Auth; // only auth supported for now response.DigestUri = Protocol.ToLower() + "/" + ServerName; response.MaxBuffer = dch.MaxBuffer; response.Charset = dch.Charset; response.Cipher = null; // not supported for now response.Authzid = AuthorizationId; response.AuthParam = dch.AuthParam; response.Response = CalculateResponse( nameCB.Text, realmCB.Text, pwdCB.Text, dch.Nonce, response.NonceCount, response.Qop, response.DigestUri ); return _encoding.GetBytes(response.ToString()); }