pike.git / lib / modules / Crypto.pmod / SCRAM.pike

version» Context lines:

pike.git/lib/modules/Crypto.pmod/SCRAM.pike:14:   //! Most notably optional extension arguments are not supported (yet).      #pike __REAL_VERSION__   #pragma strict_types   #require constant(Crypto.Hash)      private .Hash H; // hash object      private string(8bit) first, nonce;    - constant ClientKey = "Client Key"; - constant ServerKey = "Server Key"; -  +    private string(7bit) encode64(string(8bit) raw) {    return MIME.encode_base64(raw, 1);   }      private string(7bit) randomstring() {    return encode64(random_string(18));   }      private .MAC.State HMAC(string(8bit) key) {    return H->HMAC(key);   }      private string(7bit) clientproof(string(8bit) salted_password) {    .MAC.State hmacsaltedpw = HMAC(salted_password); -  salted_password = hmacsaltedpw([string(8bit)]ClientKey); +  salted_password = hmacsaltedpw("Client Key");    // Returns ServerSignature through nonce -  nonce = encode64(HMAC(hmacsaltedpw([string(8bit)]ServerKey))(first)); +  nonce = encode64(HMAC(hmacsaltedpw("Server Key"))(first));    return encode64([string(8bit)]    (salted_password ^ HMAC(H->hash(salted_password))(first)));   }      //! Step 0 in the SCRAM handshake, prior to creating the object,   //! you need to have agreed with your peer on the hashfunction to be used.   //!   //! @param h   //! The hash object on which the SCRAM object should base its   //! operations. Typical input is @[Crypto.SHA256].