gsasl  1.8.0
scram/validate.c
Go to the documentation of this file.
00001 /* validate.c --- Validate consistency of SCRAM tokens.
00002  * Copyright (C) 2009-2012 Simon Josefsson
00003  *
00004  * This file is part of GNU SASL Library.
00005  *
00006  * GNU SASL Library is free software; you can redistribute it and/or
00007  * modify it under the terms of the GNU Lesser General Public License
00008  * as published by the Free Software Foundation; either version 2.1 of
00009  * the License, or (at your option) any later version.
00010  *
00011  * GNU SASL Library is distributed in the hope that it will be useful,
00012  * but WITHOUT ANY WARRANTY; without even the implied warranty of
00013  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
00014  * Lesser General Public License for more details.
00015  *
00016  * You should have received a copy of the GNU Lesser General Public
00017  * License along with GNU SASL Library; if not, write to the Free
00018  * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
00019  * Boston, MA 02110-1301, USA.
00020  *
00021  */
00022 
00023 #ifdef HAVE_CONFIG_H
00024 #include "config.h"
00025 #endif
00026 
00027 /* Get prototypes. */
00028 #include "validate.h"
00029 
00030 /* Get strcmp, strlen. */
00031 #include <string.h>
00032 
00033 bool
00034 scram_valid_client_first (struct scram_client_first *cf)
00035 {
00036   /* Check that cbflag is one of permitted values. */
00037   switch (cf->cbflag)
00038     {
00039     case 'p':
00040     case 'n':
00041     case 'y':
00042       break;
00043 
00044     default:
00045       return false;
00046     }
00047 
00048   /* Check that cbname is only set when cbflag is p. */
00049   if (cf->cbflag == 'p' && cf->cbname == NULL)
00050     return false;
00051   else if (cf->cbflag != 'p' && cf->cbname != NULL)
00052     return false;
00053 
00054   if (cf->cbname)
00055     {
00056       const char *p = cf->cbname;
00057 
00058       while (*p && strchr ("ABCDEFGHIJKLMNOPQRSTUVWXYZ"
00059                            "abcdefghijklmnopqrstuvwxyz" "0123456789.-", *p))
00060         p++;
00061       if (*p)
00062         return false;
00063     }
00064 
00065   /* We require a non-zero username string. */
00066   if (cf->username == NULL || *cf->username == '\0')
00067     return false;
00068 
00069   /* We require a non-zero client nonce. */
00070   if (cf->client_nonce == NULL || *cf->client_nonce == '\0')
00071     return false;
00072 
00073   /* Nonce cannot contain ','. */
00074   if (strchr (cf->client_nonce, ','))
00075     return false;
00076 
00077   return true;
00078 }
00079 
00080 bool
00081 scram_valid_server_first (struct scram_server_first * sf)
00082 {
00083   /* We require a non-zero nonce. */
00084   if (sf->nonce == NULL || *sf->nonce == '\0')
00085     return false;
00086 
00087   /* Nonce cannot contain ','. */
00088   if (strchr (sf->nonce, ','))
00089     return false;
00090 
00091   /* We require a non-zero salt. */
00092   if (sf->salt == NULL || *sf->salt == '\0')
00093     return false;
00094 
00095   /* FIXME check that salt is valid base64. */
00096   if (strchr (sf->salt, ','))
00097     return false;
00098 
00099   if (sf->iter == 0)
00100     return false;
00101 
00102   return true;
00103 }
00104 
00105 bool
00106 scram_valid_client_final (struct scram_client_final * cl)
00107 {
00108   /* We require a non-zero cbind. */
00109   if (cl->cbind == NULL || *cl->cbind == '\0')
00110     return false;
00111 
00112   /* FIXME check that cbind is valid base64. */
00113   if (strchr (cl->cbind, ','))
00114     return false;
00115 
00116   /* We require a non-zero nonce. */
00117   if (cl->nonce == NULL || *cl->nonce == '\0')
00118     return false;
00119 
00120   /* Nonce cannot contain ','. */
00121   if (strchr (cl->nonce, ','))
00122     return false;
00123 
00124   /* We require a non-zero proof. */
00125   if (cl->proof == NULL || *cl->proof == '\0')
00126     return false;
00127 
00128   /* FIXME check that proof is valid base64. */
00129   if (strchr (cl->proof, ','))
00130     return false;
00131 
00132   return true;
00133 }
00134 
00135 bool
00136 scram_valid_server_final (struct scram_server_final * sl)
00137 {
00138   /* We require a non-zero verifier. */
00139   if (sl->verifier == NULL || *sl->verifier == '\0')
00140     return false;
00141 
00142   /* FIXME check that verifier is valid base64. */
00143   if (strchr (sl->verifier, ','))
00144     return false;
00145 
00146   return true;
00147 }