restemplate/indy/Protocols/IdSASLSKey.pas

118 lines
3.1 KiB
Plaintext
Raw Normal View History

{
$Project$
$Workfile$
$Revision$
$DateUTC$
$Id$
This file is part of the Indy (Internet Direct) project, and is offered
under the dual-licensing agreement described on the Indy website.
(http://www.indyproject.org/)
Copyright:
(c) 1993-2005, Chad Z. Hower and the Indy Pit Crew. All rights reserved.
}
{
$Log$
}
{
Rev 1.4 2004.02.03 5:45:42 PM czhower
Name changes
Rev 1.3 1/25/2004 2:17:54 PM JPMugaas
Should work better. Removed one GPF in S/Key.
Rev 1.2 1/21/2004 4:03:18 PM JPMugaas
InitComponent
Rev 1.1 10/19/2003 5:57:20 PM DSiders
Added localization comments.
Rev 1.0 5/10/2003 10:08:14 PM JPMugaas
SKEY SASL mechanism as defined in RFC 2222. Note that this is obsolete and
you should use RFC 2444 for new designs. This is only provided for backwards
compatibility.
}
unit IdSASLSKey;
interface
{$i IdCompilerDefines.inc}
uses
IdSASLUserPass, IdSASL;
{
S/KEY SASL mechanism based on RFC 2222.
NOte that this is depreciated and S/Key is a trademark of BelCore. This unit
is only provided for backwards compatiability with some older systems.
New designs should use IdSASLOTP (RFC 2444) which is more flexible and uses a
better hash (MD5 and SHA1).
}
type
TIdSASLSKey = class(TIdSASLUserPass)
protected
procedure InitComponent; override;
public
function IsReadyToStart: Boolean; override;
class function ServiceName: TIdSASLServiceName; override;
function TryStartAuthenticate(const AHost, AProtocolName : String; var VInitialResponse: String): Boolean; override;
function StartAuthenticate(const AChallenge, AHost, AProtocolName : String) : String; override;
function ContinueAuthenticate(const ALastResponse, AHost, AProtocolName : String): String; override;
end;
implementation
uses
IdBaseComponent, IdFIPS, IdGlobal, IdGlobalProtocols, IdOTPCalculator, IdUserPassProvider, SysUtils;
const
SKEYSERVICENAME = 'SKEY'; {do not localize}
{ TIdSASLSKey }
function TIdSASLSKey.ContinueAuthenticate(const ALastResponse, AHost, AProtocolName : String): String;
var
LBuf, LSeed : String;
LCount : UInt32;
begin
LBuf := Trim(ALastResponse);
LCount := IndyStrToInt(Fetch(LBuf), 0);
LSeed := Fetch(LBuf);
Result := TIdOTPCalculator.GenerateSixWordKey('md4', LSeed, GetPassword, LCount); {do not localize}
end;
procedure TIdSASLSKey.InitComponent;
begin
inherited InitComponent;
//less than 1000 because MD4 is broken and this is depreciated
FSecurityLevel := 900;
end;
function TIdSASLSKey.IsReadyToStart: Boolean;
begin
Result := not GetFIPSMode;
end;
class function TIdSASLSKey.ServiceName: TIdSASLServiceName;
begin
Result := SKEYSERVICENAME;
end;
function TIdSASLSKey.TryStartAuthenticate(const AHost, AProtocolName : String;
var VInitialResponse: String): Boolean;
begin
VInitialResponse := GetUsername;
Result := True;
end;
function TIdSASLSKey.StartAuthenticate(const AChallenge, AHost, AProtocolName : String): String;
begin
Result := GetUsername;
end;
end.