IndySockets
/
Indy
mirror of https://github.com/IndySockets/Indy.git


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117
							{
  $Project$
  $Workfile$
  $Revision$
  $DateUTC$
  $Id$

  This file is part of the Indy (Internet Direct) project, and is offered
  under the dual-licensing agreement described on the Indy website.
  (http://www.indyproject.org/)

  Copyright:
   (c) 1993-2005, Chad Z. Hower and the Indy Pit Crew. All rights reserved.
}
{
  $Log$
}
{
  Rev 1.4    2004.02.03 5:45:42 PM  czhower
  Name changes

  Rev 1.3    1/25/2004 2:17:54 PM  JPMugaas
  Should work better.  Removed one GPF in S/Key.

  Rev 1.2    1/21/2004 4:03:18 PM  JPMugaas
  InitComponent

    Rev 1.1    10/19/2003 5:57:20 PM  DSiders
  Added localization comments.

  Rev 1.0    5/10/2003 10:08:14 PM  JPMugaas
  SKEY SASL mechanism as defined in RFC 2222.  Note that this is obsolete and
  you should use RFC 2444 for new designs.  This is only provided for backwards
  compatibility.
}

unit IdSASLSKey;

interface
{$i IdCompilerDefines.inc}
uses
  IdSASLUserPass, IdSASL;

{
S/KEY SASL mechanism based on RFC 2222.

NOte that this is depreciated and S/Key is a trademark of BelCore.  This unit
is only provided for backwards compatiability with some older systems.

  New designs should use IdSASLOTP (RFC 2444) which is more flexible and uses a
  better hash (MD5 and SHA1).
}

type
  TIdSASLSKey = class(TIdSASLUserPass)
  protected
    procedure InitComponent; override;
  public
    function IsReadyToStart: Boolean; override;
    class function ServiceName: TIdSASLServiceName; override;
    function TryStartAuthenticate(const AHost, AProtocolName : String; var VInitialResponse: String): Boolean; override;
    function StartAuthenticate(const AChallenge, AHost, AProtocolName : String) : String; override;
    function ContinueAuthenticate(const ALastResponse, AHost, AProtocolName : String): String; override;
  end;

implementation

uses
  IdFIPS, IdGlobal, IdGlobalProtocols, IdOTPCalculator, SysUtils;

const
  SKEYSERVICENAME = 'SKEY'; {do not localize}

{ TIdSASLSKey }

function TIdSASLSKey.ContinueAuthenticate(const ALastResponse, AHost, AProtocolName : String): String;
var
  LBuf, LSeed : String;
  LCount : UInt32;
begin
  LBuf := Trim(ALastResponse);
  LCount := IndyStrToInt(Fetch(LBuf), 0);
  LSeed := Fetch(LBuf);
  Result := TIdOTPCalculator.GenerateSixWordKey('md4', LSeed, GetPassword, LCount); {do not localize}
end;

procedure TIdSASLSKey.InitComponent;
begin
  inherited InitComponent;
  //less than 1000 because MD4 is broken and this is depreciated
  FSecurityLevel := 900;
end;

function TIdSASLSKey.IsReadyToStart: Boolean;
begin
  Result := not GetFIPSMode;
end;

class function TIdSASLSKey.ServiceName: TIdSASLServiceName;
begin
  Result := SKEYSERVICENAME;
end;

function TIdSASLSKey.TryStartAuthenticate(const AHost, AProtocolName : String;
  var VInitialResponse: String): Boolean;
begin
  VInitialResponse := GetUsername;
  Result := True;
end;

function TIdSASLSKey.StartAuthenticate(const AChallenge, AHost, AProtocolName : String): String;
begin
  Result := GetUsername;
end;

end.