Implements the standard challenge-response authentication mechanism of RFC-2195.
More...
|
static std::string | response (G::string_view hash_type, bool hmac, const Secret &secret, G::string_view challenge, G::string_view response_prefix) |
| Constructs a response to a challenge comprising the response-prefix, space, and digest-or-hmac of secretkey-plus-challenge. More...
|
|
static std::string | id (G::string_view response) |
| Returns the leading id part of the response. More...
|
|
static bool | validate (G::string_view hash_type, bool hmac, const Secret &secret, G::string_view challenge, G::string_view response) |
| Validates the response with respect to the original challenge. More...
|
|
static G::StringArray | hashTypes (G::string_view prefix={}, bool require_state=false) |
| Returns a list of supported hash types, such as "MD5" and "SHA1", ordered with the strongest first. More...
|
|
static std::string | challenge (unsigned int random, const std::string &challenge_domain) |
| Returns a challenge string that incorporates the given random number and the current time. More...
|
|
Implements the standard challenge-response authentication mechanism of RFC-2195.
The response can be built from a simple digest or a hmac. It comprises the userid, followed by a space, followed by the printable digest or hmac. This is normally base64 encoded at higher protocol levels.
A hmac is (roughly) the hash of (1) the single-block shared key and (2) the hash of (2a) the single-block shared key and (2b) the challenge. The two intermediate hash states of stages (1) and (2a) can be stored instead of the the plaintext key (see GAuth::Secret::masked()).
Definition at line 51 of file gcram.h.