pike.git / lib / modules / Crypto.pmod / SCRAM.pike

version» Context lines:

pike.git/lib/modules/Crypto.pmod/SCRAM.pike:146:    salt = MIME.decode_base64(salt);    nonce = [string(8bit)]sprintf("%s,%s,%d", pass, salt, iters);    if (!(first = .SCRAM_get_salted_password(H, nonce))) {    first = [string(8bit)]H->pbkdf2(pass, salt, iters, H->digest_size());    .SCRAM_set_salted_password(first, H, nonce);    }    Crypto.MAC.State hmacfirst = HMAC(first);    first = 0; // Free memory    salt = hmacfirst([string(8bit)]ClientKey);    salt = sprintf("%s,p=%s", line, -  encode64([string(8bit)]salt -  ^ HMAC(H->hash([string(8bit)]salt))([string(8bit)]r))); +  encode64([string(8bit)](salt +  ^ HMAC(H->hash([string(8bit)]salt))([string(8bit)]r))));    nonce = HMAC(hmacfirst([string(8bit)]ServerKey))([string(8bit)]r);    } else    salt = 0;    return [string(7bit)]salt;   }      //! Final server-side step in the SCRAM handshake.   //!   //! @param line   //! The received client-final challenge and response from the client.
pike.git/lib/modules/Crypto.pmod/SCRAM.pike:202:   //! @param line   //! The received server-final verification response.   //!   //! @returns   //! True if the server is valid, false if the server is invalid.   int(0..1) client_3(Stdio.Buffer|string(8bit) line) {    constant format = "v=%s";    string v;    return !catch([v] = stringp(line)    ? array_sscanf([string]line, format) -  : line->sscanf(format)) +  : [array(string)](line->sscanf(format)))    && MIME.decode_base64(v) == nonce;   }