1 ;;; sasl.el --- basic functions for SASL
3 ;; Copyright (C) 1995, 1996, 1998, 1999 Free Software Foundation, Inc.
5 ;; Author: Kenichi OKADA <okada@opaopa.org>
6 ;; Keywords: SMTP, SASL, RFC2222
8 ;; This file is part of FLIM (Faithful Library about Internet Message).
10 ;; This program is free software; you can redistribute it and/or
11 ;; modify it under the terms of the GNU General Public License as
12 ;; published by the Free Software Foundation; either version 2, or (at
13 ;; your option) any later version.
15 ;; This program is distributed in the hope that it will be useful, but
16 ;; WITHOUT ANY WARRANTY; without even the implied warranty of
17 ;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 ;; General Public License for more details.
20 ;; You should have received a copy of the GNU General Public License
21 ;; along with this program; see the file COPYING. If not, write to the
22 ;; Free Software Foundation, Inc., 59 Temple Place - Suite 330,
23 ;; Boston, MA 02111-1307, USA.
29 ;; (base64-encode-string
30 ;; (sasl-scram-md5-client-msg-2
31 ;; (base64-decode-string "dGVzdHNhbHQBAAAAaW1hcEBlbGVhbm9yLmlubm9zb2Z0LmNvbQBqaGNOWmxSdVBiemlGcCt2TFYrTkN3")
32 ;; (base64-decode-string "AGNocmlzADx0NG40UGFiOUhCMEFtL1FMWEI3MmVnQGVsZWFub3IuaW5ub3NvZnQuY29tPg==")
33 ;; (scram-md5-make-salted-pass
34 ;; "secret stuff" "testsalt")))
35 ;; => "AQAAAMg9jU8CeB4KOfk7sUhSQPs="
37 ;; (base64-encode-string
38 ;; (scram-md5-make-server-msg-2
39 ;; (base64-decode-string "dGVzdHNhbHQBAAAAaW1hcEBlbGVhbm9yLmlubm9zb2Z0LmNvbQBqaGNOWmxSdVBiemlGcCt2TFYrTkN3")
40 ;; (base64-decode-string "AGNocmlzADx0NG40UGFiOUhCMEFtL1FMWEI3MmVnQGVsZWFub3IuaW5ub3NvZnQuY29tPg==")
41 ;; (scram-make-security-info nil t 0)
43 ;; (scram-md5-make-salted-pass
44 ;; "secret stuff" "testsalt")))
45 ;; => "U0odqYw3B7XIIW0oSz65OQ=="
53 (require 'digest-md5))
56 (autoload 'open-ssl-stream "ssl")
57 (autoload 'base64-decode-string "base64")
58 (autoload 'base64-encode-string "base64")
59 (autoload 'starttls-open-stream "starttls")
60 (autoload 'starttls-negotiate "starttls")
61 (autoload 'digest-md5-parse-digest-challenge "digest-md5")
62 (autoload 'digest-md5-digest-response "digest-md5")
63 ; (autoload 'scram-make-security-info "scram-md5")
64 (autoload 'scram-md5-make-salted-pass "scram-md5")
65 (autoload 'scram-md5-parse-server-msg-1 "scram-md5")
66 (autoload 'scram-md5-make-client-msg-1 "scram-md5"))
69 (defun sasl-cram-md5 (username passphrase challenge)
70 (let ((secure-word (copy-sequence passphrase)))
71 (setq secure-word (unwind-protect
72 (hmac-md5 challenge secure-word)
73 (fillarray secure-word 0))
74 secure-word (unwind-protect
75 (encode-hex-string secure-word)
76 (fillarray secure-word 0))
77 secure-word (unwind-protect
78 (concat username " " secure-word)
79 (fillarray secure-word 0)))))
82 (defun sasl-plain (authorid authenid passphrase)
83 (concat authorid "\0" authenid "\0" passphrase))
87 (defvar sasl-scram-md5-client-security-info
88 (scram-make-security-info nil t 0)))
90 (defun sasl-scram-md5-make-salted-pass (server-msg-1 passphrase)
91 (scram-md5-make-salted-pass
94 (scram-md5-parse-server-msg-1 server-msg-1))))
96 (defun sasl-scram-md5-client-msg-1 (authenticate-id &optional authorize-id)
97 (scram-md5-make-client-msg-1 authenticate-id authorize-id))
99 (defun sasl-scram-md5-client-msg-2 (server-msg-1 client-msg-1 salted-pass)
100 (let (client-proof client-key shared-key client-verifier)
102 (scram-md5-make-client-key salted-pass))
103 (setq client-verifier
104 (scram-md5-make-client-verifier client-key))
107 (scram-md5-make-shared-key
110 sasl-scram-md5-client-security-info
112 (fillarray client-verifier 0)))
115 (scram-md5-make-client-proof
116 client-key shared-key)
117 (fillarray client-key 0)
118 (fillarray shared-key 0)))
120 (scram-md5-make-client-msg-2
121 sasl-scram-md5-client-security-info
123 (fillarray client-proof 0))))
125 (defun sasl-scram-md5-authenticate-server (server-msg-1
129 (string= server-msg-2
130 (scram-md5-make-server-msg-2
133 sasl-scram-md5-client-security-info
135 (scram-md5-parse-server-msg-1 server-msg-1))
140 (defvar sasl-digest-md5-nonce-count 1)
142 (defun sasl-digest-md5-digest-response (username passwd
143 serv-type host &optional realm)
144 (digest-md5-digest-response
146 (or realm (digest-md5-challenge 'realm)) ;; need to check.
148 (digest-md5-challenge 'nonce)
150 sasl-digest-md5-nonce-count
151 (digest-md5-digest-uri serv-type host) ;; MX host
154 (defun sasl-digest-md5-parse-digest-challenge (digest-challenge)
155 (digest-md5-parse-digest-challenge digest-challenge))
159 ;;; sasl.el ends here