[jdev] How to build "response" in sasl digest MD5
IRcapmail
ircapmail at yahoo.es
Thu Feb 18 08:37:56 CST 2010
Thank you, Waqas.
I have fixed step 3, but I don't know how to compute the 16 octect in
step 2. The $md5(X) always returns 32 characters. I have tried to get
the first 16 and last 16 characters, but the response is wrong.
I don't know if its a limitation of the mIRC's language and its possible
to create md5 hashes with 16 chars in others more "professional"
languages, or I'm doing something wrong.
Waqas Hussain escribió:
> On Thu, Feb 18, 2010 at 4:04 AM, IRcapmail <ircapmail at yahoo.es> wrote:
>
>> 2. Compute the 16 octet MD5 hash of X. Call the result Y.
>>
>> %Y = $md5(%X)
>>
>> Result= 85434cc70bb832bc456c27834bfa5d25
>>
>>
> This is incorrect. You need 16 octets, but your result is 32 octets. Don't
> hex encode in this step.
>
>
>>
>> 3. Create a string of the form "Y:nonce:cnonce:authzid". Call this string
>> A1.
>>
>> %A1 = %Y $+
>> :x8djfKCd/aoKCUIeI5IwN0lNGzs91oSdMCR7SZT6L9s=:EzAaOdnJwGDj2ABlUat3a1ZPeH06Pyzic6PpnVnqkBE=:
>> testuser456 at jabber.org/Psi
>>
>> Result=
>> 85434cc70bb832bc456c27834bfa5d25:x8djfKCd/aoKCUIeI5IwN0lNGzs91oSdMCR7SZT6L9s=:EzAaOdnJwGDj2ABlUat3a1ZPeH06Pyzic6PpnVnqkBE=:
>> testuser456 at jabber.org/Psi
>>
>>
> You are including an authzid here, Psi didn't. When there is no authzid, you
> use:
> A1 = Y:nonce:cnonce
>
> A note about authzid: You must not provide an authzid when it's the same as
> the JID you are logging in with. And when provided, it has to be a bare JID.
> See the spec:
> http://xmpp.org/internet-drafts/draft-ietf-xmpp-3920bis-04.html#sasl-rules-authzid
>
> The rest of your code is correct, and I managed to get the correct result
> with the above two fixes.
>
> --
> Waqas Hussain
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> JDev mailing list
> Forum: http://www.jabberforum.org/forumdisplay.php?f=20
> Info: http://mail.jabber.org/mailman/listinfo/jdev
> Unsubscribe: JDev-unsubscribe at jabber.org
> _______________________________________________
More information about the JDev
mailing list