[jdev] Seeking jabber implementers for SCRAM-SHA-1 testing

Simon Josefsson simon at josefsson.org
Thu Nov 5 03:08:36 CST 2009


Tobias Markmann <tmarkmann at googlemail.com> writes:

> Hi,
>
> On Wed, Nov 4, 2009 at 9:52 PM, Simon Josefsson <simon at josefsson.org> wrote:
>
>> And still not able to talk to GNU SASL?  Interesting -- can you show
>> some example attempts?
>>
>
> Well, I can perfectly talk to gsasl however the proof i calculate doesn't
> match the proof gsasl sends.

Ok that is relatively good progress.

> AuthMessage = n,,n=username at jabber.org,r=8jLxB5515dhFxBil5A0xSXMH,r=8jLxB5515dhFxBil5A0xSXMHabc,s=c2FsdA==,i=1,c=biws,r=8jLxB5515dhFxBil5A0xSXMHabc
...
> The last line practically shows the BASE64 of my calculated ClientProof and
> the one GSASL send. I wonder if the AuthMessage I use is valid according to
> the ABNF in the RFC.

Indeed, your AuthMessage appears wrong: it should start with n=..., so
you have to remove the 'n,,' part.  Check the document:

      AuthMessage     := client-first-message-bare + "," +
                         server-first-message + "," +
                         client-final-message-without-proof

   username        = "n=" saslname
                     ;; Usernames are prepared using SASLPrep.

   reserved-mext  = "m=" 1*(value-char)
                     ;; Reserved for signalling mandatory extensions.
                     ;; The exact syntax will be defined in
                     ;; the future.

   client-first-message-bare =
                     [reserved-mext ","]
                     username "," nonce ["," extensions]

Thanks,
/Simon


More information about the JDev mailing list