|
1 // Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
2 // All rights reserved. |
|
3 // This component and the accompanying materials are made available |
|
4 // under the terms of "Eclipse Public License v1.0" |
|
5 // which accompanies this distribution, and is available |
|
6 // at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
7 // |
|
8 // Initial Contributors: |
|
9 // Nokia Corporation - initial contribution. |
|
10 // |
|
11 // Contributors: |
|
12 // |
|
13 // Description: |
|
14 // |
|
15 |
|
16 #include "cpopsaslauthhelper.h" |
|
17 #include <e32des8.h> |
|
18 #include "POPS.PAN" // pop's panic codes |
|
19 |
|
20 //string constants containing POP3 AUTH command |
|
21 _LIT8(KPop3AuthCommand, "AUTH "); |
|
22 _LIT8(KCramMD5Mechanism, "CRAM-MD5"); |
|
23 _LIT8(KPlainMechanism, "PLAIN "); |
|
24 _LIT8(KPop3AuthLoginCommand, "AUTH LOGIN\r\n"); |
|
25 _LIT8(KPop3CrLf,"\r\n"); |
|
26 |
|
27 _LIT8(KPop3AuthBase64StringUsername,"username*"); // To match a folded 'username:' or 'username' |
|
28 _LIT8(KPop3AuthBase64StringPassword,"password*"); // To match a folded 'password:' or 'password' |
|
29 |
|
30 const TInt KMaxLengthOfPlainMessageComponent = 255; |
|
31 const TInt KMd5BlockLength = 64; |
|
32 |
|
33 #define BASE64LEN(x) ((x*4)/3) // Every 3 bytes will be turned into 4 bytes |
|
34 |
|
35 const TInt KPreambleLength = 18; //"AUTH LOGIN\r\nPLAIN " |
|
36 const TInt KMaxLengthOfPlainMessage= KPreambleLength + 1/*NUL*/ + KMaxLengthOfPlainMessageComponent/*Username*/ + 1/*NUL*/ + KMaxLengthOfPlainMessageComponent/*Password*/ + 2/* /r/n */; |
|
37 const TInt KMaxLengthOfPlainMessageBase64= BASE64LEN(KMaxLengthOfPlainMessage); |
|
38 |
|
39 |
|
40 /** |
|
41 Constructor for CPopAuthMechanismHelper |
|
42 */ |
|
43 CPopAuthMechanismHelper::CPopAuthMechanismHelper(const CImPop3Settings& aSettings) : iSettings(aSettings) |
|
44 { |
|
45 } |
|
46 |
|
47 /** |
|
48 Allocates and constructs a CPopAuthCramMd5MechanismHelper object. |
|
49 @param aSettings: Refence to CImPop3Settings |
|
50 @leave KErrNoMemory A memory allocation failed |
|
51 */ |
|
52 CPopAuthCramMd5MechanismHelper* CPopAuthCramMd5MechanismHelper::NewL(const CImPop3Settings& aSettings) |
|
53 { |
|
54 CPopAuthCramMd5MechanismHelper* self= new (ELeave) CPopAuthCramMd5MechanismHelper(aSettings); |
|
55 CleanupStack::PushL(self); |
|
56 self->ConstructL(); |
|
57 CleanupStack::Pop(); |
|
58 return self; |
|
59 } |
|
60 |
|
61 /** |
|
62 Constructor for CPopAuthMechanismHelper |
|
63 */ |
|
64 CPopAuthCramMd5MechanismHelper::CPopAuthCramMd5MechanismHelper(const CImPop3Settings& aSettings) : CPopAuthMechanismHelper(aSettings) |
|
65 { |
|
66 } |
|
67 |
|
68 |
|
69 /** |
|
70 Second phase construction |
|
71 */ |
|
72 void CPopAuthCramMd5MechanismHelper::ConstructL() |
|
73 { |
|
74 iMd5Hash = CMD5::NewL(); |
|
75 } |
|
76 |
|
77 /** |
|
78 Destructor |
|
79 */ |
|
80 CPopAuthCramMd5MechanismHelper::~CPopAuthCramMd5MechanismHelper() |
|
81 { |
|
82 delete iMd5Hash; |
|
83 } |
|
84 |
|
85 |
|
86 /** |
|
87 Function to form POP3 "AUTH CRAM-MD5" command and to handle base64 encoding of |
|
88 the challenges and responses as per RFC 2195 |
|
89 @param aNextMessage: contains response command |
|
90 */ |
|
91 void CPopAuthCramMd5MechanismHelper::GetNextClientMessageL(TDes8& aNextMessage) |
|
92 { |
|
93 iNextClientMessage.Zero(); |
|
94 |
|
95 if(iInProgress) |
|
96 { |
|
97 HBufC8* authbuffer = HBufC8::NewMaxLC(KImMailMaxBufferSize); |
|
98 TPtr8 authbufferptr = authbuffer->Des(); |
|
99 HBufC8* authbuffer2 = HBufC8::NewMaxLC(KImMailMaxBufferSize); |
|
100 TPtr8 authbufferptr2 = authbuffer2->Des(); |
|
101 HBufC8* authbuffer3 = HBufC8::NewMaxLC(KImMailMaxBufferSize); |
|
102 TPtr8 authbufferptr3 = authbuffer3->Des(); |
|
103 |
|
104 authbufferptr = iLastServerMessage; |
|
105 // to remove "+ " from the begining of server response |
|
106 authbufferptr.Delete(0,2); |
|
107 |
|
108 //timestamp info now in authbufferptr2 |
|
109 iEncoder.Decode(authbufferptr,authbufferptr2); |
|
110 |
|
111 authbufferptr.Zero(); |
|
112 authbufferptr3.Zero(); |
|
113 authbufferptr = iSettings.Password(); |
|
114 authbufferptr3 = FormSharedSecret(authbufferptr); |
|
115 authbufferptr.Zero(); |
|
116 //now authbufferptr and authbufferptr3 contain the shared secret null padded to 64 bytes. |
|
117 authbufferptr = authbufferptr3; |
|
118 |
|
119 TInt i=0; |
|
120 for (i=0; i<KMd5BlockLength; i++) |
|
121 { |
|
122 authbufferptr[i] ^= 0x36; //ipad |
|
123 authbufferptr3[i] ^= 0x5c; //opad |
|
124 } |
|
125 |
|
126 authbufferptr.Append(authbufferptr2); |
|
127 |
|
128 iMd5Hash->Reset(); ; |
|
129 authbufferptr2 = iMd5Hash->Hash(authbufferptr); |
|
130 |
|
131 authbufferptr3.Append(authbufferptr2); |
|
132 |
|
133 authbufferptr.Zero(); |
|
134 iMd5Hash->Reset(); |
|
135 authbufferptr = iMd5Hash->Hash(authbufferptr3); |
|
136 |
|
137 // MD5 algorithm ALWAYS returns 16 bytes of data - which will be converted into |
|
138 // 32 characters; each byte represented by a 2 character hex representation, |
|
139 // eg 255="ff" |
|
140 TBuf<32> hexHash; |
|
141 for (i=0;i<16;i++) |
|
142 { |
|
143 hexHash.AppendNumFixedWidth(authbufferptr[i],EHex,2); |
|
144 } |
|
145 |
|
146 authbufferptr3.Zero(); |
|
147 authbufferptr3.Append(iSettings.LoginName()); |
|
148 authbufferptr3.Append(_L8(" ")); |
|
149 authbufferptr3.Append(hexHash); |
|
150 |
|
151 iEncoder.Encode(authbufferptr3, iNextClientMessage); |
|
152 iNextClientMessage.Append(KPop3CrLf); |
|
153 CleanupStack::PopAndDestroy(3); // authbufferptr3 ,authbufferptr2, authbufferptr |
|
154 aNextMessage = iNextClientMessage; |
|
155 } |
|
156 else |
|
157 { |
|
158 iNextClientMessage.Append(KPop3AuthCommand); |
|
159 iNextClientMessage.Append(KCramMD5Mechanism); |
|
160 iNextClientMessage.Append(KPop3CrLf); |
|
161 iInProgress=ETrue; |
|
162 aNextMessage = iNextClientMessage; |
|
163 } |
|
164 } |
|
165 |
|
166 /** |
|
167 FormSharedSecret() |
|
168 @param aPassword: password |
|
169 */ |
|
170 TPtr8 CPopAuthCramMd5MechanismHelper::FormSharedSecret(TPtr8 aPassword) |
|
171 { |
|
172 TPtr8 secret = aPassword; |
|
173 |
|
174 if (aPassword.Length() <= KMd5BlockLength) |
|
175 { |
|
176 //pad up to 64 bytes with zeros |
|
177 secret.SetLength(64); |
|
178 TInt origLen = aPassword.Length(); |
|
179 TInt lengthToFill = KMd5BlockLength-aPassword.Length(); |
|
180 for (TInt i = 0; i<lengthToFill; i++) |
|
181 { |
|
182 secret[origLen+i]=0x00; |
|
183 } |
|
184 } |
|
185 else |
|
186 { |
|
187 //make shared secret the Digest of the password |
|
188 secret.Zero(); |
|
189 iMd5Hash->Reset(); |
|
190 secret = (iMd5Hash->Hash(aPassword)); |
|
191 } |
|
192 |
|
193 return secret; |
|
194 } |
|
195 |
|
196 |
|
197 /** |
|
198 To set the last message from server. |
|
199 @param aPassword: password |
|
200 */ |
|
201 void CPopAuthCramMd5MechanismHelper::SetLastServerMessageL(const TDesC8& aLastMessage, TBool /*aIsMultiLineResponse*/) |
|
202 { |
|
203 iLastServerMessage.Set(aLastMessage); |
|
204 } |
|
205 |
|
206 |
|
207 /** |
|
208 Constructor |
|
209 */ |
|
210 CPopAuthPlainMechanismHelper::CPopAuthPlainMechanismHelper(const CImPop3Settings& aSettings) : CPopAuthMechanismHelper(aSettings) |
|
211 { |
|
212 } |
|
213 |
|
214 |
|
215 /** |
|
216 Allocates and constructs a CPopAuthPlainMechanismHelper object. |
|
217 @param aSettings: Refence to CImPop3Settings |
|
218 @leave KErrNoMemory A memory allocation failed |
|
219 */ |
|
220 CPopAuthPlainMechanismHelper* CPopAuthPlainMechanismHelper::NewL(const CImPop3Settings& aSettings) |
|
221 { |
|
222 CPopAuthPlainMechanismHelper* self= new (ELeave) CPopAuthPlainMechanismHelper(aSettings); |
|
223 return self; |
|
224 } |
|
225 |
|
226 |
|
227 /** |
|
228 Function to handle POP3 "AUTH PLIAN" mechanism. |
|
229 Steps: |
|
230 1. Get the LoginName from CImPop3Settings |
|
231 2. Get the Password from CImPop3Settings |
|
232 3. Add "LoginName","NUL Char" and "Password" in a Buffer |
|
233 4. Convert the above buffer to BASE64 |
|
234 @param aNextMessage: Buffer contains BASE64 converted LoginName and Password. |
|
235 */ |
|
236 void CPopAuthPlainMechanismHelper::GetNextClientMessageL(TDes8& aNextMessage) |
|
237 { |
|
238 // Build up the un-encoded authorisation string in parts |
|
239 HBufC8* authString = HBufC8::NewMaxLC(KMaxLengthOfPlainMessage); |
|
240 TPtr8 authStringPtr = authString->Des(); |
|
241 |
|
242 TBuf8<1> nulChar; |
|
243 nulChar.SetLength(1); |
|
244 nulChar[0] = 0; |
|
245 authStringPtr = nulChar; // Start with the NUL |
|
246 |
|
247 TPtrC8 loginName = iSettings.LoginName(); |
|
248 TInt length= Min(loginName.Length(),KMaxLengthOfPlainMessageComponent); |
|
249 authStringPtr.Append(loginName.Left(length)); |
|
250 |
|
251 authStringPtr.Append(nulChar); // Separator between login and password |
|
252 |
|
253 length= Min(iSettings.Password().Length(), KMaxLengthOfPlainMessageComponent); |
|
254 authStringPtr.Append(iSettings.Password().Left(length)); |
|
255 |
|
256 // Auth string is now built, encode it |
|
257 HBufC8* encodedBuf = HBufC8::NewMaxLC(KMaxLengthOfPlainMessageBase64); |
|
258 TPtr8 encodedBufPtr = encodedBuf->Des(); |
|
259 |
|
260 iEncoder.Encode(authStringPtr,encodedBufPtr); |
|
261 |
|
262 // Now build the message |
|
263 iNextClientMessage.Zero(); |
|
264 iNextClientMessage.Append(KPop3AuthCommand); |
|
265 iNextClientMessage.Append(KPlainMechanism); |
|
266 iNextClientMessage.Append(encodedBufPtr); |
|
267 iNextClientMessage.Append(KPop3CrLf); |
|
268 |
|
269 aNextMessage = iNextClientMessage; |
|
270 |
|
271 CleanupStack::PopAndDestroy(2, authString); // encodedBuf, authString |
|
272 } |
|
273 |
|
274 /** |
|
275 To set the last message from server. |
|
276 @param aPassword: password |
|
277 */ |
|
278 void CPopAuthPlainMechanismHelper::SetLastServerMessageL(const TDesC8& /*aLastMessage*/, TBool /*aIsMultiLineResponse*/) |
|
279 { |
|
280 //iLastServerMessage.Set(aLastMessage); |
|
281 } |
|
282 |
|
283 /** |
|
284 Constructor |
|
285 */ |
|
286 CPopAuthLoginMechanismHelper::CPopAuthLoginMechanismHelper(const CImPop3Settings& aSettings) : CPopAuthMechanismHelper(aSettings) |
|
287 { |
|
288 } |
|
289 |
|
290 /** |
|
291 Allocates and constructs a CPopAuthLoginMechanismHelper object. |
|
292 @param aSettings: Refence to CImPop3Settings |
|
293 @leave KErrNoMemory A memory allocation failed |
|
294 */ |
|
295 CPopAuthLoginMechanismHelper* CPopAuthLoginMechanismHelper::NewL(const CImPop3Settings& aSettings) |
|
296 { |
|
297 CPopAuthLoginMechanismHelper* self= new (ELeave) CPopAuthLoginMechanismHelper(aSettings); |
|
298 CleanupStack::PushL(self); |
|
299 self->ConstructL(); |
|
300 CleanupStack::Pop(); |
|
301 return self; |
|
302 } |
|
303 |
|
304 /** |
|
305 Destructor |
|
306 */ |
|
307 CPopAuthLoginMechanismHelper::~CPopAuthLoginMechanismHelper() |
|
308 { |
|
309 delete iBase64LoginName; |
|
310 delete iBase64Password; |
|
311 } |
|
312 |
|
313 /** |
|
314 SecondPhase construction |
|
315 */ |
|
316 void CPopAuthLoginMechanismHelper::ConstructL() |
|
317 { |
|
318 // length of LoginName in base 64 + 2 for CRLF |
|
319 TInt len=(((iSettings.LoginName().Length()/3)+1)*4)+2; |
|
320 iBase64LoginName=HBufC8::NewL(len); |
|
321 TPtr8 authString(iBase64LoginName->Des()); |
|
322 iEncoder.Encode(iSettings.LoginName(),authString); |
|
323 authString.Append(KPop3CrLf); |
|
324 |
|
325 // length of Password in base 64 + 2 for CRLF |
|
326 len=(((iSettings.Password().Length()/3)+1)*4)+2; |
|
327 iBase64Password=HBufC8::NewL(len); |
|
328 authString.Set(iBase64Password->Des()); |
|
329 iEncoder.Encode(iSettings.Password(),authString); |
|
330 authString.Append(KPop3CrLf); |
|
331 } |
|
332 |
|
333 |
|
334 /** |
|
335 Function to handle POP3 "AUTH LOGIN" mechanism. |
|
336 @param aNextMessage: aNextMessage contains BASE64 converted LoginName/Password. |
|
337 */ |
|
338 void CPopAuthLoginMechanismHelper::GetNextClientMessageL(TDes8& aNextMessage) |
|
339 { |
|
340 iNextClientMessage.Zero(); |
|
341 switch (iState) |
|
342 { |
|
343 case ESendingAuth: |
|
344 iNextClientMessage=KPop3AuthLoginCommand; |
|
345 break; |
|
346 case ESendingLoginName: |
|
347 iNextClientMessage=*iBase64LoginName; |
|
348 break; |
|
349 case ESendingPassword: |
|
350 iNextClientMessage=*iBase64Password; |
|
351 break; |
|
352 default: |
|
353 Panic(EPopInvalidState); |
|
354 break; |
|
355 } |
|
356 aNextMessage=iNextClientMessage; |
|
357 } |
|
358 |
|
359 void CPopAuthLoginMechanismHelper::SetLastServerMessageL(const TDesC8& aLastMessage, TBool /*aIsMultiLineResponse*/) |
|
360 { |
|
361 HBufC8* decodedMessage = NULL; |
|
362 TInt lastMessageLength = aLastMessage.Length(); |
|
363 |
|
364 // Decode the POP response from the Base64 original |
|
365 if (lastMessageLength > 0) |
|
366 { |
|
367 decodedMessage = HBufC8::NewLC(lastMessageLength); // already on stack |
|
368 // Get pointer to response minus the "+ " at the start |
|
369 TPtrC8 response = aLastMessage.Right(lastMessageLength - 2); |
|
370 TPtr8 destination = decodedMessage->Des(); |
|
371 iEncoder.Decode(response, destination); |
|
372 } |
|
373 switch (iState) |
|
374 { |
|
375 case ESendingAuth: |
|
376 if (decodedMessage) |
|
377 { |
|
378 // Match against 'username*' |
|
379 if (decodedMessage->Des().MatchF(KPop3AuthBase64StringUsername) == KErrNotFound) |
|
380 { |
|
381 User::Leave(KErrNotSupported); |
|
382 } |
|
383 iEncoder.Initialise(); |
|
384 iState = ESendingLoginName; |
|
385 } |
|
386 else |
|
387 { |
|
388 User::Leave(KErrNotSupported); |
|
389 } |
|
390 break; |
|
391 case ESendingLoginName: |
|
392 if (decodedMessage) |
|
393 { |
|
394 // Match against 'password*' |
|
395 if (decodedMessage->Des().MatchF(KPop3AuthBase64StringPassword) == KErrNotFound) |
|
396 { |
|
397 User::Leave(KErrNotSupported); |
|
398 } |
|
399 iEncoder.Initialise(); |
|
400 iState = ESendingPassword; |
|
401 } |
|
402 else |
|
403 { |
|
404 User::Leave(KErrNotSupported); |
|
405 } |
|
406 break; |
|
407 case ESendingPassword: |
|
408 default: |
|
409 User::Leave(KErrNotSupported); |
|
410 break; |
|
411 } |
|
412 |
|
413 if (decodedMessage) |
|
414 { |
|
415 CleanupStack::PopAndDestroy(decodedMessage); |
|
416 } |
|
417 } |
|
418 |