src/util/cramtest.pl

   1 #!/usr/bin/perl
   2
   3 # This script is contributed by Vadim Vygonets to aid in debugging CRAM-MD5
   4 # authentication.
   5
   6 # A patch was contributed by Jon Warbrick to upgrade it to use the Digest::MD5
   7 # module instead of the deprecated MD5 module.
   8
   9 # The script prompts for three data values: a user name, a password, and the
  10 # challenge as sent out by an SMTP server. The challenge is a base-64 string.
  11 # It should be copied (cut-and-pasted) literally as the third data item. The
  12 # output of the program is the base-64 string that is to be returned as the
  13 # response to the challenge. Using the example in RFC 2195:
  14 #
  15 # User: tim
  16 # Password: tanstaaftanstaaf
  17 # Challenge: PDE4OTYuNjk3MTcwOTUyQHBvc3RvZmZpY2UucmVzdG9uLm1jaS5uZXQ+
  18 # dGltIGI5MTNhNjAyYzdlZGE3YTQ5NWI0ZTZlNzMzNGQzODkw
  19 #
  20 # The last line is what you you would send back to the server.
  21
  22
  23 # Copyright (c) 2002
  24 #       Vadim Vygonets <vadik-exim@vygo.net>.  All rights reserved.
  25 # Public domain is OK with me.
  26
  27 use MIME::Base64;
  28 use Digest::MD5;
  29
  30 print "User: ";
  31 chop($user = <>);
  32 print "Password: ";
  33 chop($passwd = <>);
  34 print "Challenge: ";
  35 chop($chal = <>);
  36 $chal =~ s/^334 //;
  37
  38 $context = new Digest::MD5;
  39 if (length($passwd) > 64) {
  40         $context->add($passwd);
  41         $passwd = $context->digest();
  42         $context->reset();
  43 }
  44
  45 @passwd = unpack("C*", pack("a64", $passwd));
  46 for ($i = 0; $i < 64; $i++) {
  47         $pass_ipad[$i] = $passwd[$i] ^ 0x36;
  48         $pass_opad[$i] = $passwd[$i] ^ 0x5C;
  49 }
  50 $context->add(pack("C64", @pass_ipad), decode_base64($chal));
  51 $digest = $context->digest();
  52 $context->reset();
  53 $context->add(pack("C64", @pass_opad), $digest);
  54 $digest = $context->digest();
  55
  56 print encode_base64($user . " " . unpack("H*", $digest));
  57
  58 # End