E-MailRelay
Static Public Member Functions | List of all members
GAuth::Cram Class Reference

Implements the standard challenge-response authentication mechanism of RFC-2195. More...

#include <gcram.h>

Static Public Member Functions

static std::string response (const std::string &hash_type, bool hmac, const Secret &secret, const std::string &challenge, const std::string &response_prefix)
 Constructs a response to a challenge comprising the response-prefix, space, and digest-or-hmac of secretkey-plus-challenge. More...
 
static std::string id (const std::string &response)
 Returns the leading id part of the response. More...
 
static bool validate (const std::string &hash_type, bool hmac, const Secret &secret, const std::string &challenge, const std::string &response)
 Validates the response with respect to the original challenge. More...
 
static G::StringArray hashTypes (const std::string &prefix=std::string(), bool require_state=false)
 Returns a list of supported hash types, such as "MD5" and "SHA1", ordered with the strongest first. More...
 
static std::string challenge (unsigned int random)
 Returns a challenge string that incorporates the given random number and the current time. More...
 

Detailed Description

Implements the standard challenge-response authentication mechanism of RFC-2195.

The response can be built from a simple digest or a hmac. It comprises the userid, followed by a space, followed by the printable digest or hmac. This is normally base64 encoded at higher protocol levels.

A hmac is (roughly) the hash of (1) the single-block shared key and (2) the hash of (2a) the single-block shared key and (2b) the challenge. The two intermediate hash states of stages (1) and (2a) can be stored instead of the the plaintext key (see GAuth::Secret::masked()).

Definition at line 50 of file gcram.h.

Member Function Documentation

◆ challenge()

std::string GAuth::Cram::challenge ( unsigned int  random)
static

Returns a challenge string that incorporates the given random number and the current time.

Definition at line 225 of file gcram.cpp.

◆ hashTypes()

G::StringArray GAuth::Cram::hashTypes ( const std::string &  prefix = std::string(),
bool  require_state = false 
)
static

Returns a list of supported hash types, such as "MD5" and "SHA1", ordered with the strongest first.

Optionally adds a prefix to each type, and optionally limits the list to those hash functions that support initialisation with intermediate state.

Definition at line 199 of file gcram.cpp.

◆ id()

std::string GAuth::Cram::id ( const std::string &  response)
static

Returns the leading id part of the response.

Returns the empty string on error.

Definition at line 142 of file gcram.cpp.

◆ response()

std::string GAuth::Cram::response ( const std::string &  hash_type,
bool  hmac,
const Secret secret,
const std::string &  challenge,
const std::string &  response_prefix 
)
static

Constructs a response to a challenge comprising the response-prefix, space, and digest-or-hmac of secretkey-plus-challenge.

Returns an empty string on error; does not throw.

Definition at line 96 of file gcram.cpp.

◆ validate()

bool GAuth::Cram::validate ( const std::string &  hash_type,
bool  hmac,
const Secret secret,
const std::string &  challenge,
const std::string &  response 
)
static

Validates the response with respect to the original challenge.

Returns false on error; does not throw.

Definition at line 118 of file gcram.cpp.


The documentation for this class was generated from the following files: