#include #include #include #include #include #include #include #include #include #include #include namespace larra::xmpp { auto EncodeBase64(std::string_view val) -> std::string { using namespace boost::archive::iterators; // NOLINT using It = base64_from_binary>; // NOLINT auto tmp = std::string(It(std::begin(val)), It(std::end(val))); return tmp.append((3 - val.size() % 3) % 3, '='); } auto DecodeBase64(std::string_view val) -> std::string { using namespace boost::archive::iterators; // NOLINT using It = transform_width, 8, 6>; // NOLINT return boost::algorithm::trim_right_copy_if(std::string(It(std::begin(val)), It(std::end(val))), [](char c) { return c == '\0'; }); } auto GenerateNonce(std::size_t length) -> std::string { // NOLINT constexpr std::string_view characters = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" "abcdefghijklmnopqrstuvwxyz" "0123456789"; std::random_device rd; std::mt19937 generator(rd()); std::uniform_int_distribution<> distribution(0, characters.size() - 1); return std::views::iota(std::size_t{}, length) | std::views::transform([&](...) { return characters[distribution(generator)]; }) | std::ranges::to(); } template struct DataHolder { A first; B second; C third; }; consteval auto GetDataForTag(sha512sum::EncryptionTag) { return DataHolder{[] { return EVP_sha512(); }, kSha512ResultSize, [](auto... args) { return SHA512(args...); }}; } consteval auto GetDataForTag(sha256sum::EncryptionTag) { return DataHolder{[] { return EVP_sha256(); }, kSha256ResultSize, [](auto... args) { return SHA256(args...); }}; } consteval auto GetDataForTag(sha1sum::EncryptionTag) { return DataHolder{[] { return EVP_sha256(); }, kSha1ResultSize, [](auto... args) { return SHA1(args...); }}; } template inline auto HashImpl(UnsignedStringView input, TagType) -> UnsignedString { constexpr auto Size = GetDataForTag(TagType{}).second; constexpr auto F = GetDataForTag(TagType{}).third; UnsignedString response; response.resize(Size); F(input.data(), input.size(), response.data()); return response; } template inline auto HmacImpl(std::string_view key, UnsignedStringView message, TagType) -> UnsignedString { constexpr auto Size = GetDataForTag(TagType{}).second; constexpr auto F = GetDataForTag(TagType{}).first; UnsignedString result; result.resize(Size); unsigned int result_len{}; HMAC(F(), key.data(), static_cast(key.size()), message.data(), message.size(), result.data(), &result_len); result.resize(result_len); return result; } template inline auto Pbkdf2Impl(std::string_view password, UnsignedStringView salt, int iterations, TagType) -> UnsignedString { constexpr auto Size = GetDataForTag(TagType{}).second; constexpr auto F = GetDataForTag(TagType{}).first; UnsignedString response; response.resize(Size); PKCS5_PBKDF2_HMAC(password.data(), password.length(), salt.data(), salt.size(), iterations, F(), Size, response.data()); // NOLINT return response; } inline auto ToCharStringView(std::ranges::range auto& str) -> std::string_view { return {new(&*str.begin()) char[str.size()], str.size()}; } inline auto ToUnsignedCharStringView(std::ranges::range auto& str) -> UnsignedStringView { return {new(str.data()) unsigned char[str.size()], str.size()}; } template inline auto GenerateAuthScramMessageImpl(std::string_view password, std::string salt, std::string_view serverNonce, std::string_view firstServerMessage, std::string_view initialMessage, int iterations, TagType tag) -> std::string { auto clientFinalMessageBare = std::format("c=biws,r={}", serverNonce); auto saltedPassword = Pbkdf2Impl(password, ToUnsignedCharStringView(salt), iterations, tag); std::string clientKeyStr = "Client Key"; // NOLINT auto clientKey = HmacImpl(ToCharStringView(saltedPassword), ToUnsignedCharStringView(clientKeyStr), tag); auto storedKey = HashImpl(clientKey, tag); auto authMessage = std::format("{},{},{}", initialMessage, firstServerMessage, clientFinalMessageBare); auto clientSignature = HmacImpl(ToCharStringView(storedKey), ToUnsignedCharStringView(authMessage), tag); auto clientProof = std::views::iota(std::size_t{}, clientKey.size()) | // No std::views::enumerate in libc++ std::views::transform([&](auto i) { return clientKey[i] ^ clientSignature[i]; }) | std::ranges::to(); std::string serverKeyStr = "Server Key"; auto serverKey = HmacImpl(ToCharStringView(saltedPassword), ToUnsignedCharStringView(serverKeyStr), tag); auto serverSignature = HmacImpl(ToCharStringView(serverKey), ToUnsignedCharStringView(authMessage), tag); return std::format("{},p={}", clientFinalMessageBare, EncodeBase64(ToCharStringView(clientProof))); } namespace sha512sum { auto Pbdkf2(std::string_view password, UnsignedStringView salt, int iterations, EncryptionTag tag) -> UnsignedString { return Pbkdf2Impl(password, salt, iterations, tag); } auto Hash(UnsignedStringView data, EncryptionTag tag) -> UnsignedString { return HashImpl(data, tag); } auto Hmac(std::string_view key, UnsignedStringView message, EncryptionTag tag) -> UnsignedString { return HmacImpl(key, message, tag); } auto GenerateScramAuthMessage(std::string_view password, std::string salt, std::string_view serverNonce, std::string_view firstServerMessage, std::string_view initialMessage, int iterations, EncryptionTag tag) -> std::string { return GenerateAuthScramMessageImpl(password, std::move(salt), serverNonce, firstServerMessage, initialMessage, iterations, tag); } } // namespace sha512sum namespace sha256sum { auto Pbdkf2(std::string_view password, UnsignedStringView salt, int iterations, EncryptionTag tag) -> UnsignedString { return Pbkdf2Impl(password, salt, iterations, tag); } auto Hash(UnsignedStringView data, EncryptionTag tag) -> UnsignedString { return HashImpl(data, tag); } auto Hmac(std::string_view key, UnsignedStringView message, EncryptionTag tag) -> UnsignedString { return HmacImpl(key, message, tag); } auto GenerateScramAuthMessage(std::string_view password, std::string salt, std::string_view serverNonce, std::string_view firstServerMessage, std::string_view initialMessage, int iterations, EncryptionTag tag) -> std::string { return GenerateAuthScramMessageImpl(password, std::move(salt), serverNonce, firstServerMessage, initialMessage, iterations, tag); } } // namespace sha256sum namespace sha1sum { auto Pbdkf2(std::string_view password, UnsignedStringView salt, int iterations, EncryptionTag tag) -> UnsignedString { return Pbkdf2Impl(password, salt, iterations, tag); } auto Hash(UnsignedStringView data, EncryptionTag tag) -> UnsignedString { return HashImpl(data, tag); } auto Hmac(std::string_view key, UnsignedStringView message, EncryptionTag tag) -> UnsignedString { return HmacImpl(key, message, tag); } auto GenerateScramAuthMessage(std::string_view password, std::string salt, std::string_view serverNonce, std::string_view firstServerMessage, std::string_view initialMessage, int iterations, EncryptionTag tag) -> std::string { return GenerateAuthScramMessageImpl(password, std::move(salt), serverNonce, firstServerMessage, initialMessage, iterations, tag); } } // namespace sha1sum } // namespace larra::xmpp