Hi,<br><br><div class="gmail_quote">On Wed, Nov 4, 2009 at 9:52 PM, Simon Josefsson <span dir="ltr"><<a href="mailto:simon@josefsson.org">simon@josefsson.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div id=":1ld" class="ii gt">And still not able to talk to GNU SASL? Interesting -- can you show<br>
some example attempts? </div></blockquote></div><br><div>Well, I can perfectly talk to gsasl however the proof i calculate doesn't match the proof gsasl sends.</div><div><br></div><div>Here the output of my current SCRAM implementation which always runs against GSASL.</div>
<div><span class="Apple-style-span" style="font-family: 'Lucida Grande'; font-size: medium; "><pre style="word-wrap: break-word; "><span class="Apple-style-span" style="font-family: 'Lucida Grande'; white-space: normal; "><pre style="word-wrap: break-word; ">
Invoked gsasl as in:<br>/Users/tfar/Downloads/gsasl-1.3.90/src/gsasl -d -c -a <a href="mailto:username@jabber.org">username@jabber.org</a> -p password -m SCRAM-SHA-1 --quiet<br>GSASL (out): SCRAM-SHA-1<br>GSASL (out): biwsbj11c2VybmFtZUBqYWJiZXIub3JnLHI9OGpMeEI1NTE1ZGhGeEJpbDVBMHhTWE1I<br>
C: n,,n=<a href="mailto:username@jabber.org">username@jabber.org</a>,r=8jLxB5515dhFxBil5A0xSXMH<br><br><a href="http://state.name">state.name</a> = <a href="mailto:username@jabber.org">username@jabber.org</a><br>state.clientnonce = 8jLxB5515dhFxBil5A0xSXMH<br>
S: r=8jLxB5515dhFxBil5A0xSXMHabc,s=c2FsdA==,i=1<br>GSASL (in): cj04akx4QjU1MTVkaEZ4QmlsNUEweFNYTUhhYmMscz1jMkZzZEE9PSxpPTE=<br>GSASL (out): Yz1iaXdzLHI9OGpMeEI1NTE1ZGhGeEJpbDVBMHhTWE1IYWJjLHA9U0dFd3BXRUxycm5rRWFqOXBjMDBIWW84S0JjPQ==<br>
C: c=biws,r=8jLxB5515dhFxBil5A0xSXMHabc,p=SGEwpWELrrnkEaj9pc00HYo8KBc=<br>state.proof = SGEwpWELrrnkEaj9pc00HYo8KBc=<br>state.proof (deB64) = Ha0�a ��� ���4 �<( <br>state.nonce = 8jLxB5515dhFxBil5A0xSXMHabc<br>state.channel-binding = biws<br>
<br>=======<br>SaltedPassword = `� � q�$�` /�7� [0c60c80f961f0e71f3a9b524af6012062fe037a6]<br>ClientKey = �X��Tƕ,����� _D� [dc58e38af4b554c6952cfec6ffe3ea175f44b60e]<br>StoredKey = �Y��XPfd H���,S �� [bd59e9d0585066641148cbf0f68ab52c530287c1]<br>
AuthMessage = n,,n=<a href="mailto:username@jabber.org">username@jabber.org</a>,r=8jLxB5515dhFxBil5A0xSXMH,r=8jLxB5515dhFxBil5A0xSXMHabc,s=c2FsdA==,i=1,c=biws,r=8jLxB5515dhFxBil5A0xSXMHabc<br>ClientSignature = 2Y�cs .��:�&Za��X� [32599563730e032e96fb3ab0265a61b1df58a613]<br>
ClientProof = � v釻W� ��vٹ��� [ee0176e987bb57e803d7c476d9b98ba6801c101d]<br><br><br> 7gF26Ye7V+gD18R22bmLpoAcEB0=<br>= SGEwpWELrrnkEaj9pc00HYo8KBc=</pre><pre style="word-wrap: break-word; "><br></pre><font class="Apple-style-span" face="arial"><span class="Apple-style-span" style="font-size: small;">The last line practically shows the BASE64 of my calculated ClientProof and the one GSASL send. I wonder if the AuthMessage I use is valid according to the ABNF in the RFC.<br>
<br>Cheers,<br>Tobias Markmann</span></font></span></pre></span></div>