diff options
Diffstat (limited to 'qpid/dotnet/Qpid.Sasl/Mechanisms/CramMD5SaslClient.cs')
| -rw-r--r-- | qpid/dotnet/Qpid.Sasl/Mechanisms/CramMD5SaslClient.cs | 91 |
1 files changed, 91 insertions, 0 deletions
diff --git a/qpid/dotnet/Qpid.Sasl/Mechanisms/CramMD5SaslClient.cs b/qpid/dotnet/Qpid.Sasl/Mechanisms/CramMD5SaslClient.cs new file mode 100644 index 0000000000..56b0f6ecd4 --- /dev/null +++ b/qpid/dotnet/Qpid.Sasl/Mechanisms/CramMD5SaslClient.cs @@ -0,0 +1,91 @@ +/* + * + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ + +using System; +using System.Collections; +using System.Security.Cryptography; +using System.Text; + +namespace Apache.Qpid.Sasl.Mechanisms +{ + /// <summary> + /// Implements the CRAM-MD5 authentication mechanism as outlined + /// in RFC 2195 + /// </summary> + public class CramMD5SaslClient : SaslClient + { + public const string Mechanism = "CRAM-MD5"; + private const int MinPwdLen = 16; + + public CramMD5SaslClient( + string authorizationId, + IDictionary properties, + ISaslCallbackHandler handler) + : base(authorizationId, null, null, properties, handler) + { + } + + #region ISaslClient Implementation + // + // ISaslClient Implementation + // + + public override string MechanismName + { + get { return Mechanism; } + } + + public override bool HasInitialResponse + { + get { return false; } + } + + public override byte[] EvaluateChallenge(byte[] challenge) + { + if ( challenge == null || challenge.Length == 0 ) + throw new ArgumentNullException("challenge"); + + NameCallback nameCB = new NameCallback(AuthorizationId); + PasswordCallback pwdCB = new PasswordCallback(); + ISaslCallback[] callbacks = { nameCB, pwdCB }; + Handler.Handle(callbacks); + + string username = nameCB.Text; + string passwd = pwdCB.Text.PadRight(MinPwdLen, '\0'); + + byte[] secret = Encoding.UTF8.GetBytes(passwd); + + //using ( HMAC hmac = new HMACMD5(secret) ) + using ( MD5HMAC hmac = new MD5HMAC(secret) ) + { + byte[] value = hmac.ComputeHash(challenge); + string encoded = ToHex(value); + SetComplete(); + return Encoding.UTF8.GetBytes(username + " " + encoded); + } + + } + + #endregion // ISaslClient Implementation + + } // class CramMD5SaslClient + +} // namespace Apache.Qpid.Sasl.Mechanisms |