ObjXMPP  Check-in [efaee4fc4c]

 * \return A initialized XMPPAuthenticator
 */
- initWithAuthzid: (nullable OFString *)authzid
	  authcid: (nullable OFString *)authcid
	 password: (nullable OFString *)password OF_DESIGNATED_INITIALIZER;

/**
 * \brief Returns OFData containing the initial authentication message.
 *
 * \return An OFDataAray containing the initial authentication message
 */
- (nullable OFData *)initialMessage;

/**
 * \brief Continue authentication with the specified data.
 *
 * \param data The continuation data send by the server
 * \return The appropriate response if the data was a challenge, nil otherwise
 */
- (nullable OFData *)continueWithData: (OFData *)data;
@end

OF_ASSUME_NONNULL_END

	[_authzid release];
	[_authcid release];
	[_password release];

	[super dealloc];
}

- (OFData *)initialMessage
{
	return nil;
}

- (OFData *)continueWithData: (OFData *)challenge
{
	return nil;
}
@end

	assert(0);
}

- (void)XMPP_handleSASL: (OFXMLElement *)element
{
	if ([[element name] isEqual: @"challenge"]) {
		OFXMLElement *responseTag;
		OFData *challenge =
		    [OFData dataWithBase64EncodedString: [element stringValue]];

		OFData *response = [_authModule continueWithData: challenge];

		responseTag = [OFXMLElement elementWithName: @"response"
						  namespace: XMPP_NS_SASL];
		if (response) {
			if ([response count] == 0)
				[responseTag setStringValue: @"="];
			else
				[responseTag setStringValue:
				    [response stringByBase64Encoding]];
		}

		[self sendStanza: responseTag];
		return;
	}

	if ([[element name] isEqual: @"success"]) {
		[_authModule continueWithData: [OFData
		    dataWithBase64EncodedString: [element stringValue]]];

		[_delegates broadcastSelector: @selector(
						   connectionWasAuthenticated:)
				   withObject: self];

		/* Stream restart */
		[self XMPP_startStream];

	assert(0);
}

- (void)XMPP_sendAuth: (OFString *)authName
{
	OFXMLElement *authTag;
	OFData *initialMessage = [_authModule initialMessage];

	authTag = [OFXMLElement elementWithName: @"auth"
				      namespace: XMPP_NS_SASL];
	[authTag addAttributeWithName: @"mechanism"
			  stringValue: authName];
	if (initialMessage) {
		if ([initialMessage count] == 0)

- (OFString *)capsHash
{
	OFEnumerator *enumerator;
	XMPPDiscoIdentity *identity;
	OFString *feature;
	OFMutableString *caps = [OFMutableString string];
	OFSHA1Hash *hash = [OFSHA1Hash cryptoHash];
	OFData *digest;

	enumerator = [_identities objectEnumerator];
	while ((identity = [enumerator nextObject]) != nil)
		[caps appendFormat: @"%@/%@//%@<", [identity category],
		    [identity type], [identity name]];

	enumerator = [_features objectEnumerator];
	while ((feature = [enumerator nextObject]) != nil)
		[caps appendFormat: @"%@<", feature];

	[hash updateWithBuffer: [caps UTF8String]
			length: [caps UTF8StringLength]];

	digest = [OFData dataWithItems: [hash digest]
				 count: [[hash class] digestSize]];

	return [digest stringByBase64Encoding];
}

- (void)connection: (XMPPConnection *)connection
     wasBoundToJID: (XMPPJID *)JID
{

+ (instancetype)EXTERNALAuthWithAuthzid: (OFString *)authzid
{
	return [[[self alloc] initWithAuthzid: authzid
				      authcid: nil
				     password: nil] autorelease];
}

- (OFData *)initialMessage
{
	OFMutableData *message = [OFMutableData data];

	/* authzid */
	if (_authzid != nil)
		[message addItems: [_authzid UTF8String]
			    count: [_authzid UTF8StringLength]];

	[message makeImmutable];

	return message;
}
@end

#include <stdlib.h>

#import <ObjFW/OFString.h>
#import <ObjFW/OFArray.h>
#import <ObjFW/OFDictionary.h>
#import <ObjFW/OFNumber.h>
#import <ObjFW/OFData.h>
#import <ObjFW/OFAutoreleasePool.h>

#import <ObjFW/OFNotImplementedException.h>

#import "XMPPFileStorage.h"

@implementation XMPPFileStorage

	self = [super init];

	@try {
		OFAutoreleasePool *pool = [[OFAutoreleasePool alloc] init];

		_file = [file copy];
		@try {
			_data = [[[OFData dataWithContentsOfFile: file]
			    messagePackValue] retain];
		} @catch (id e) {
			_data = [[OFMutableDictionary alloc] init];
		}

		[pool release];
	} @catch (id e) {
		[self release];

 * POSSIBILITY OF SUCH DAMAGE.
 */

#import <ObjFW/OFObject.h>

OF_ASSUME_NONNULL_BEGIN

@class OFMutableData;

/**
 * \brief A class to provide multiple delegates in a single class
 */
@interface XMPPMulticastDelegate: OFObject
{
	OFMutableData *_delegates;
}

/**
 * \brief Adds a delegate which should receive the broadcasts.
 *
 * \param delegate The delegate to add
 */

 */

#ifdef HAVE_CONFIG_H
# include "config.h"
#endif

#import <ObjFW/ObjFW.h>
#import <ObjFW/OFData.h>

#import "XMPPMulticastDelegate.h"

@implementation XMPPMulticastDelegate
- init
{
	self = [super init];

	@try {
		_delegates = [[OFMutableData alloc]
		    initWithItemSize: sizeof(id)];
	} @catch (id e) {
		[self release];
		@throw e;
	}

	return self;
}

		return;
	}
}

- (bool)broadcastSelector: (SEL)selector
	       withObject: (id)object
{
	OFAutoreleasePool *pool = [[OFAutoreleasePool alloc] init];
	OFMutableData *currentDelegates = [[_delegates copy] autorelease];
	id *items = [currentDelegates items];
	size_t i, count = [currentDelegates count];
	bool handled = false;

	for (i = 0; i < count; i++) {
		id responder = items[i];

		if (![responder respondsToSelector: selector])
			continue;

		bool (*imp)(id, SEL, id) = (bool(*)(id, SEL, id))
		    [responder methodForSelector: selector];

		handled |= imp(responder, selector, object);
	}

	[pool release];

	return handled;
}

- (bool)broadcastSelector: (SEL)selector
	       withObject: (id)object1
	       withObject: (id)object2
{
	OFAutoreleasePool *pool = [[OFAutoreleasePool alloc] init];
	OFMutableData *currentDelegates = [[_delegates copy] autorelease];
	id *items = [currentDelegates items];
	size_t i, count = [currentDelegates count];
	bool handled = false;

	for (i = 0; i < count; i++) {
		id responder = items[i];

		if (![responder respondsToSelector: selector])
			continue;

		bool (*imp)(id, SEL, id, id) = (bool(*)(id, SEL, id, id))
		    [responder methodForSelector: selector];

		handled |= imp(responder, selector, object1, object2);
	}

	[pool release];

	return handled;
}
@end

			    password: (OFString *)password
{
	return [[[self alloc] initWithAuthzid: authzid
				      authcid: authcid
				     password: password] autorelease];
}

- (OFData *)initialMessage
{
	OFMutableData *message = [OFMutableData data];

	/* authzid */
	if (_authzid != nil)
		[message addItems: [_authzid UTF8String]
			    count: [_authzid UTF8StringLength]];

	/* separator */
	[message addItem: ""];

	/* authcid */
	[message addItems: [_authcid UTF8String]
		    count: [_authcid UTF8StringLength]];

	/* separator */
	[message addItem: ""];

	/* passwd */
	[message addItems: [_password UTF8String]
		    count: [_password UTF8StringLength]];

	[message makeImmutable];

	return message;
}
@end

 */
@interface XMPPSCRAMAuth: XMPPAuthenticator
{
	Class _hashType;
	OFString *_cNonce;
	OFString *_GS2Header;
	OFString *_clientFirstMessageBare;
	OFData *_serverSignature;
	XMPPConnection *_connection;
	bool _plusAvailable;
	bool _authenticated;
}

/**
 * \brief Creates a new autoreleased XMPPSCRAMAuth with an authcid and password.

#define HMAC_IPAD 0x36
#define HMAC_OPAD 0x5c

OF_ASSUME_NONNULL_BEGIN

@interface XMPPSCRAMAuth ()
- (OFString *)XMPP_genNonce;
- (const uint8_t *)XMPP_HMACWithKey: (OFData *)key
			data: (OFData *)data;
- (OFData *)XMPP_hiWithData: (OFData *)str
		       salt: (OFData *)salt
	     iterationCount: (intmax_t)i;
- (OFData *)XMPP_parseServerFirstMessage: (OFData *)data;
- (OFData *)XMPP_parseServerFinalMessage: (OFData *)data;
@end

OF_ASSUME_NONNULL_END

@implementation XMPPSCRAMAuth
+ (instancetype)SCRAMAuthWithAuthcid: (OFString *)authcid
			    password: (OFString *)password

		_authcid = [new retain];
	} else
		_authcid = nil;

	[old release];
}

- (OFData *)initialMessage
{
	OFMutableData *ret = [OFMutableData data];

	/* New authentication attempt, reset status */
	[_cNonce release];
	_cNonce = nil;
	[_GS2Header release];
	_GS2Header = nil;
	[_serverSignature release];
	_serverSignature = nil;
	_authenticated = false;

	if (_authzid != nil)
		_GS2Header = [[OFString alloc]
		    initWithFormat: @"%@,a=%@,",
				    (_plusAvailable ? @"p=tls-unique" : @"y"),
				    _authzid];
	else
		_GS2Header = (_plusAvailable ? @"p=tls-unique,," : @"y,,");

	_cNonce = [[self XMPP_genNonce] retain];

	[_clientFirstMessageBare release];
	_clientFirstMessageBare = nil;
	_clientFirstMessageBare = [[OFString alloc]
	    initWithFormat: @"n=%@,r=%@", _authcid, _cNonce];

	[ret addItems: [_GS2Header UTF8String]
		count: [_GS2Header UTF8StringLength]];

	[ret addItems: [_clientFirstMessageBare UTF8String]
		count: [_clientFirstMessageBare UTF8StringLength]];

	[ret makeImmutable];

	return ret;
}

- (OFData *)continueWithData: (OFData *)data
{
	OFAutoreleasePool *pool = [[OFAutoreleasePool alloc] init];
	OFData *ret;

	if (!_serverSignature)
		ret = [self XMPP_parseServerFirstMessage: data];
	else
		ret = [self XMPP_parseServerFinalMessage: data];

	[ret retain];
	[pool release];

	return [ret autorelease];
}

- (OFData *)XMPP_parseServerFirstMessage: (OFData *)data
{
	size_t i;
	const uint8_t *clientKey, *serverKey, *clientSignature;
	intmax_t iterCount = 0;
	id <OFCryptoHash> hash;
	OFMutableData *ret, *authMessage, *tmpArray;
	OFData *salt = nil, *saltedPassword;
	OFString *tmpString, *sNonce = nil;
	OFEnumerator *enumerator;
	OFString *comp;
	enum {
		GOT_SNONCE    = 0x01,
		GOT_SALT      = 0x02,
		GOT_ITERCOUNT = 0x04
	} got = 0;

	hash = [[[_hashType alloc] init] autorelease];
	ret = [OFMutableData data];
	authMessage = [OFMutableData data];

	OFString *chal = [OFString stringWithUTF8String: [data items]
						 length: [data count] *
							 [data itemSize]];

	enumerator =
	    [[chal componentsSeparatedByString: @","] objectEnumerator];

				    exceptionWithConnection: nil
						     reason: @"Received wrong "
							     @"nonce"];

			sNonce = entry;
			got |= GOT_SNONCE;
		} else if ([comp hasPrefix: @"s="]) {

			salt = [OFData dataWithBase64EncodedString: entry];
			got |= GOT_SALT;
		} else if ([comp hasPrefix: @"i="]) {
			iterCount = [entry decimalValue];
			got |= GOT_ITERCOUNT;
		}
	}

	if (got != (GOT_SNONCE | GOT_SALT | GOT_ITERCOUNT))
		@throw [OFInvalidServerReplyException exception];

	// Add c=<base64(GS2Header+channelBindingData)>
	tmpArray = [OFMutableData data];
	[tmpArray addItems: [_GS2Header UTF8String]
		     count: [_GS2Header UTF8StringLength]];
	if (_plusAvailable && [_connection encrypted]) {

		OFData *channelBinding = [((SSLSocket *)[_connection socket])
		    channelBindingDataWithType: @"tls-unique"];
		[tmpArray addItems: [channelBinding items]
			     count: [channelBinding count]];
	}
	tmpString = [tmpArray stringByBase64Encoding];
	[ret addItems: "c="
		count: 2];

	[ret addItems: [sNonce UTF8String]
		count: [sNonce UTF8StringLength]];

	/*
	 * IETF RFC 5802:
	 * SaltedPassword := Hi(Normalize(password), salt, i)
	 */

	tmpArray = [OFMutableData dataWithItems: [_password UTF8String]
					  count: [_password UTF8StringLength]];

	saltedPassword = [self XMPP_hiWithData: tmpArray
					  salt: salt
				iterationCount: iterCount];

	/*
	 * IETF RFC 5802:
	 * AuthMessage := client-first-message-bare + "," +

	[authMessage addItems: [ret items]
			count: [ret count]];

	/*
	 * IETF RFC 5802:
	 * ClientKey := HMAC(SaltedPassword, "Client Key")
	 */



	clientKey = [self XMPP_HMACWithKey: saltedPassword
				      data: [OFData dataWithItems: @"Client key"
							    count: 10]];

	/*
	 * IETF RFC 5802:
	 * StoredKey := H(ClientKey)
	 */
	[hash updateWithBuffer: (void *)clientKey
			length: [_hashType digestSize]];

	tmpArray = [OFMutableData dataWithItems: [hash digest]
					  count: [_hashType digestSize]];

	/*
	 * IETF RFC 5802:
	 * ClientSignature := HMAC(StoredKey, AuthMessage)
	 */
	clientSignature = [self XMPP_HMACWithKey: tmpArray
					    data: authMessage];

	/*
	 * IETF RFC 5802:
	 * ServerKey := HMAC(SaltedPassword, "Server Key")
	 */

	tmpArray = [OFMutableData dataWithItems: "Server Key"
					  count: 10];
	serverKey = [self XMPP_HMACWithKey: saltedPassword
				      data: tmpArray];

	/*
	 * IETF RFC 5802:
	 * ServerSignature := HMAC(ServerKey, AuthMessage)
	 */

	tmpArray = [OFMutableData dataWithItems: serverKey
					  count: [_hashType digestSize]];

	[_serverSignature release];
	_serverSignature = [[OFMutableData alloc]
	    initWithItems: [self XMPP_HMACWithKey: tmpArray
					     data: authMessage]
		    count: [_hashType digestSize]];

	/*
	 * IETF RFC 5802:
	 * ClientProof := ClientKey XOR ClientSignature
	 */
	tmpArray = [OFMutableData data];
	for (i = 0; i < [_hashType digestSize]; i++) {
		uint8_t c = clientKey[i] ^ clientSignature[i];
		[tmpArray addItem: &c];
	}

	// Add p=<base64(ClientProof)>
	[ret addItem: ","];
	[ret addItems: "p="
		count: 2];
	tmpString = [tmpArray stringByBase64Encoding];
	[ret addItems: [tmpString UTF8String]
		count: [tmpString UTF8StringLength]];

	return ret;
}

- (OFData *)XMPP_parseServerFinalMessage: (OFData *)data
{
	OFString *mess, *value;

	/*
	 * server-final-message already received,
	 * we were just waiting for the last word from the server
	 */
	if (_authenticated)
		return nil;

	mess = [OFString stringWithUTF8String: [data items]
				       length: [data count] * [data itemSize]];

	value = [mess substringWithRange: of_range(2, [mess length] - 2)];

	if ([mess hasPrefix: @"v="]) {
		if (![value isEqual: [_serverSignature stringByBase64Encoding]])
			@throw [XMPPAuthFailedException
			    exceptionWithConnection: nil
					     reason: @"Received wrong "

	}

	return [OFString stringWithCString: (char *)buf
				  encoding: OF_STRING_ENCODING_ASCII
				    length: 64];
}

- (const uint8_t *)XMPP_HMACWithKey: (OFData *)key
			       data: (OFData *)data
{
	OFAutoreleasePool *pool = [[OFAutoreleasePool alloc] init];
	OFMutableData *k = [OFMutableData data];
	size_t i, kSize, blockSize = [_hashType blockSize];
	uint8_t *kI = NULL, *kO = NULL;
	id <OFCryptoHash> hashI, hashO;

	if ([key itemSize] * [key count] > blockSize) {
		hashI = [[[_hashType alloc] init] autorelease];
		[hashI updateWithBuffer: [key items]

	[hashO retain];
	[pool release];

	return [[hashO autorelease] digest];
}

- (OFData *)XMPP_hiWithData: (OFData *)str
		       salt: (OFData *)salt
	     iterationCount: (intmax_t)i
{
	OFAutoreleasePool *pool = [[OFAutoreleasePool alloc] init];
	size_t digestSize = [_hashType digestSize];
	uint8_t *result = NULL;
	const uint8_t *u, *uOld;
	intmax_t j, k;
	OFMutableData *salty, *tmp, *ret;

	result = [self allocMemoryWithSize: digestSize];

	@try {
		memset(result, 0, digestSize);

		salty = [[salt copy] autorelease];
		[salty addItems: "\0\0\0\1"
			  count: 4];

		uOld = [self XMPP_HMACWithKey: str
					 data: salty];

		for (j = 0; j < digestSize; j++)
			result[j] ^= uOld[j];

		for (j = 0; j < i - 1; j++) {
			tmp = [[OFMutableData alloc] init];
			[tmp addItems: uOld
				count: digestSize];

			[pool releaseObjects]; // releases uOld and previous tmp
			[tmp autorelease];

			u = [self XMPP_HMACWithKey: str
					      data: tmp];

			for (k = 0; k < digestSize; k++)
				result[k] ^= u[k];

			uOld = u;
		}


		ret = [OFMutableData dataWithItems: result
					     count: digestSize];
	} @finally {
		[self freeMemory: result];
	}

	[ret retain];
	[pool release];

	return [ret autorelease];
}
@end

}

- initWithName: (OFString *)name
	  type: (OFString *)type
	    ID: (OFString *)ID
{
	self = [super initWithName: name
			 namespace: XMPP_NS_CLIENT
		       stringValue: nil];

	@try {
		if (![name isEqual: @"iq"] && ![name isEqual: @"message"] &&
		    ![name isEqual: @"presence"])
			@throw [OFInvalidArgumentException exception];

		[self setDefaultNamespace: XMPP_NS_CLIENT];