astro/xmpp-rs
astro/xmpp-rs
1
0
Fork 0
mirror of https://gitlab.com/xmpp-rs/xmpp-rs.git synced 2024-06-11 18:54:03 +02:00
Code Issues Releases Activity
a291ab2e83
xmpp-rs/sasl/src/client/mechanisms/scram.rs

253 lines
9.9 KiB
Rust
Raw Blame History

//! Provides the SASL "SCRAM-*" mechanisms and a way to implement more.
use base64::{engine::general_purpose::STANDARD as Base64, Engine};
use crate::client::{Mechanism, MechanismError};
use crate::common::scram::{generate_nonce, ScramProvider};
use crate::common::{parse_frame, xor, ChannelBinding, Credentials, Identity, Password, Secret};
use crate::error::Error;
use std::marker::PhantomData;
enum ScramState {
Init,
SentInitialMessage {
initial_message: Vec<u8>,
gs2_header: Vec<u8>,
},
GotServerData {
server_signature: Vec<u8>,
},
}
/// A struct for the SASL SCRAM-* and SCRAM-*-PLUS mechanisms.
pub struct Scram<S: ScramProvider> {
name: String,
name_plus: String,
username: String,
password: Password,
client_nonce: String,
state: ScramState,
channel_binding: ChannelBinding,
_marker: PhantomData<S>,
}
impl<S: ScramProvider> Scram<S> {
/// Constructs a new struct for authenticating using the SASL SCRAM-* and SCRAM-*-PLUS
/// mechanisms, depending on the passed channel binding.
///
/// It is recommended that instead you use a `Credentials` struct and turn it into the
/// requested mechanism using `from_credentials`.
pub fn new<N: Into<String>, P: Into<Password>>(
username: N,
password: P,
channel_binding: ChannelBinding,
) -> Result<Scram<S>, Error> {
Ok(Scram {
name: format!("SCRAM-{}", S::name()),
name_plus: format!("SCRAM-{}-PLUS", S::name()),
username: username.into(),
password: password.into(),
client_nonce: generate_nonce()?,
state: ScramState::Init,
channel_binding: channel_binding,
_marker: PhantomData,
})
}
// Used for testing.
#[doc(hidden)]
#[cfg(test)]
pub fn new_with_nonce<N: Into<String>, P: Into<Password>>(
username: N,
password: P,
nonce: String,
) -> Scram<S> {
Scram {
name: format!("SCRAM-{}", S::name()),
name_plus: format!("SCRAM-{}-PLUS", S::name()),
username: username.into(),
password: password.into(),
client_nonce: nonce,
state: ScramState::Init,
channel_binding: ChannelBinding::None,
_marker: PhantomData,
}
}
}
impl<S: ScramProvider> Mechanism for Scram<S> {
fn name(&self) -> &str {
// TODO: this is quite the workaround…
match self.channel_binding {
ChannelBinding::None | ChannelBinding::Unsupported => &self.name,
ChannelBinding::TlsUnique(_) | ChannelBinding::TlsExporter(_) => &self.name_plus,
}
}
fn from_credentials(credentials: Credentials) -> Result<Scram<S>, MechanismError> {
if let Secret::Password(password) = credentials.secret {
if let Identity::Username(username) = credentials.identity {
Scram::new(username, password, credentials.channel_binding)
.map_err(|_| MechanismError::CannotGenerateNonce)
} else {
Err(MechanismError::ScramRequiresUsername)
}
} else {
Err(MechanismError::ScramRequiresPassword)
}
}
fn initial(&mut self) -> Vec<u8> {
let mut gs2_header = Vec::new();
gs2_header.extend(self.channel_binding.header());
let mut bare = Vec::new();
bare.extend(b"n=");
bare.extend(self.username.bytes());
bare.extend(b",r=");
bare.extend(self.client_nonce.bytes());
let mut data = Vec::new();
data.extend(&gs2_header);
data.extend(&bare);
self.state = ScramState::SentInitialMessage {
initial_message: bare,
gs2_header: gs2_header,
};
data
}
fn response(&mut self, challenge: &[u8]) -> Result<Vec<u8>, MechanismError> {
let next_state;
let ret;
match self.state {
ScramState::SentInitialMessage {
ref initial_message,
ref gs2_header,
} => {
let frame =
parse_frame(challenge).map_err(|_| MechanismError::CannotDecodeChallenge)?;
let server_nonce = frame.get("r");
let salt = frame.get("s").and_then(|v| Base64.decode(v).ok());
let iterations = frame.get("i").and_then(|v| v.parse().ok());
let server_nonce = server_nonce.ok_or_else(|| MechanismError::NoServerNonce)?;
let salt = salt.ok_or_else(|| MechanismError::NoServerSalt)?;
let iterations = iterations.ok_or_else(|| MechanismError::NoServerIterations)?;
// TODO: SASLprep
let mut client_final_message_bare = Vec::new();
client_final_message_bare.extend(b"c=");
let mut cb_data: Vec<u8> = Vec::new();
cb_data.extend(gs2_header);
cb_data.extend(self.channel_binding.data());
client_final_message_bare.extend(Base64.encode(&cb_data).bytes());
client_final_message_bare.extend(b",r=");
client_final_message_bare.extend(server_nonce.bytes());
let salted_password = S::derive(&self.password, &salt, iterations)?;
let client_key = S::hmac(b"Client Key", &salted_password)?;
let server_key = S::hmac(b"Server Key", &salted_password)?;
let mut auth_message = Vec::new();
auth_message.extend(initial_message);
auth_message.push(b',');
auth_message.extend(challenge);
auth_message.push(b',');
auth_message.extend(&client_final_message_bare);
let stored_key = S::hash(&client_key);
let client_signature = S::hmac(&auth_message, &stored_key)?;
let client_proof = xor(&client_key, &client_signature);
let server_signature = S::hmac(&auth_message, &server_key)?;
let mut client_final_message = Vec::new();
client_final_message.extend(&client_final_message_bare);
client_final_message.extend(b",p=");
client_final_message.extend(Base64.encode(&client_proof).bytes());
next_state = ScramState::GotServerData {
server_signature: server_signature,
};
ret = client_final_message;
}
_ => {
return Err(MechanismError::InvalidState);
}
}
self.state = next_state;
Ok(ret)
}
fn success(&mut self, data: &[u8]) -> Result<(), MechanismError> {
let frame = parse_frame(data).map_err(|_| MechanismError::CannotDecodeSuccessResponse)?;
match self.state {
ScramState::GotServerData {
ref server_signature,
} => {
if let Some(sig) = frame.get("v").and_then(|v| Base64.decode(&v).ok()) {
if sig == *server_signature {
Ok(())
} else {
Err(MechanismError::InvalidSignatureInSuccessResponse)
}
} else {
Err(MechanismError::NoSignatureInSuccessResponse)
}
}
_ => Err(MechanismError::InvalidState),
}
}
}
#[cfg(test)]
mod tests {
use crate::client::mechanisms::Scram;
use crate::client::Mechanism;
use crate::common::scram::{Sha1, Sha256};
#[test]
fn scram_sha1_works() {
// Source: https://wiki.xmpp.org/web/SASLandSCRAM-SHA-1
let username = "user";
let password = "pencil";
let client_nonce = "fyko+d2lbbFgONRv9qkxdawL";
let client_init = b"n,,n=user,r=fyko+d2lbbFgONRv9qkxdawL";
let server_init = b"r=fyko+d2lbbFgONRv9qkxdawL3rfcNHYJY1ZVvWVs7j,s=QSXCR+Q6sek8bf92,i=4096";
let client_final =
b"c=biws,r=fyko+d2lbbFgONRv9qkxdawL3rfcNHYJY1ZVvWVs7j,p=v0X8v3Bz2T0CJGbJQyF0X+HI4Ts=";
let server_final = b"v=rmF9pqV8S7suAoZWja4dJRkFsKQ=";
let mut mechanism =
Scram::<Sha1>::new_with_nonce(username, password, client_nonce.to_owned());
let init = mechanism.initial();
assert_eq!(
String::from_utf8(init.clone()).unwrap(),
String::from_utf8(client_init[..].to_owned()).unwrap()
); // depends on ordering…
let resp = mechanism.response(&server_init[..]).unwrap();
assert_eq!(
String::from_utf8(resp.clone()).unwrap(),
String::from_utf8(client_final[..].to_owned()).unwrap()
); // again, depends on ordering…
mechanism.success(&server_final[..]).unwrap();
}
#[test]
fn scram_sha256_works() {
// Source: RFC 7677
let username = "user";
let password = "pencil";
let client_nonce = "rOprNGfwEbeRWgbNEkqO";
let client_init = b"n,,n=user,r=rOprNGfwEbeRWgbNEkqO";
let server_init = b"r=rOprNGfwEbeRWgbNEkqO%hvYDpWUa2RaTCAfuxFIlj)hNlF$k0,s=W22ZaJ0SNY7soEsUEjb6gQ==,i=4096";
let client_final = b"c=biws,r=rOprNGfwEbeRWgbNEkqO%hvYDpWUa2RaTCAfuxFIlj)hNlF$k0,p=dHzbZapWIk4jUhN+Ute9ytag9zjfMHgsqmmiz7AndVQ=";
let server_final = b"v=6rriTRBi23WpRR/wtup+mMhUZUn/dB5nLTJRsjl95G4=";
let mut mechanism =
Scram::<Sha256>::new_with_nonce(username, password, client_nonce.to_owned());
let init = mechanism.initial();
assert_eq!(
String::from_utf8(init.clone()).unwrap(),
String::from_utf8(client_init[..].to_owned()).unwrap()
); // depends on ordering…
let resp = mechanism.response(&server_init[..]).unwrap();
assert_eq!(
String::from_utf8(resp.clone()).unwrap(),
String::from_utf8(client_final[..].to_owned()).unwrap()
); // again, depends on ordering…
mechanism.success(&server_final[..]).unwrap();
}
}
Reference in New Issue View Git Blame Copy Permalink