115 |
115 |
116 self.state["servernonce"] = generate_uuid(); |
116 self.state["servernonce"] = generate_uuid(); |
117 |
117 |
118 -- retreive credentials |
118 -- retreive credentials |
119 if self.profile.plain then |
119 if self.profile.plain then |
120 password, state = self.profile.plain(self.state.name, self.realm) |
120 local password, state = self.profile.plain(self.state.name, self.realm) |
121 if state == nil then return "failure", "not-authorized" |
121 if state == nil then return "failure", "not-authorized" |
122 elseif state == false then return "failure", "account-disabled" end |
122 elseif state == false then return "failure", "account-disabled" end |
123 |
123 |
124 password = saslprep(password); |
124 password = saslprep(password); |
125 if not password then |
125 if not password then |
127 return "failure", "not-authorized", "Invalid password." |
127 return "failure", "not-authorized", "Invalid password." |
128 end |
128 end |
129 self.state.salt = generate_uuid(); |
129 self.state.salt = generate_uuid(); |
130 self.state.iteration_count = default_i; |
130 self.state.iteration_count = default_i; |
131 self.state.salted_password = Hi(HMAC_f, password, self.state.salt, default_i); |
131 self.state.salted_password = Hi(HMAC_f, password, self.state.salt, default_i); |
132 elseif self.profile["scram-"..hash_name] then |
132 elseif self.profile["scram_"..hash_name] then |
133 salted_password, iteration_count, salt, state = self.profile["scram-"..hash_name](self.state.name, self.realm); |
133 local salted_password, iteration_count, salt, state = self.profile["scram-"..hash_name](self.state.name, self.realm); |
134 if state == nil then return "failure", "not-authorized" |
134 if state == nil then return "failure", "not-authorized" |
135 elseif state == false then return "failure", "account-disabled" end |
135 elseif state == false then return "failure", "account-disabled" end |
136 |
136 |
137 self.state.salted_password = salted_password; |
137 self.state.salted_password = salted_password; |
138 self.state.iteration_count = iteration_count; |
138 self.state.iteration_count = iteration_count; |
175 return scram_hash; |
175 return scram_hash; |
176 end |
176 end |
177 |
177 |
178 function init(registerMechanism) |
178 function init(registerMechanism) |
179 local function registerSCRAMMechanism(hash_name, hash, hmac_hash) |
179 local function registerSCRAMMechanism(hash_name, hash, hmac_hash) |
180 registerMechanism("SCRAM-"..hash_name, {"plain", "scram-"..(hash_name:lower())}, scram_gen(hash_name:lower(), hash, hmac_hash)); |
180 registerMechanism("SCRAM-"..hash_name, {"plain", "scram_"..(hash_name:lower())}, scram_gen(hash_name:lower(), hash, hmac_hash)); |
181 end |
181 end |
182 |
182 |
183 registerSCRAMMechanism("SHA-1", sha1, hmac_sha1); |
183 registerSCRAMMechanism("SHA-1", sha1, hmac_sha1); |
184 end |
184 end |
185 |
185 |