1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
|
<?php
/*
* This file is part of SwiftMailer.
* (c) 2004-2009 Chris Corbyn
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
/**
* Handles CRAM-MD5 authentication.
*
* @author Chris Corbyn
*/
class Swift_Transport_Esmtp_Auth_CramMd5Authenticator implements Swift_Transport_Esmtp_Authenticator
{
/**
* Get the name of the AUTH mechanism this Authenticator handles.
*
* @return string
*/
public function getAuthKeyword()
{
return 'CRAM-MD5';
}
/**
* Try to authenticate the user with $username and $password.
*
* @param Swift_Transport_SmtpAgent $agent
* @param string $username
* @param string $password
*
* @return bool
*/
public function authenticate(Swift_Transport_SmtpAgent $agent, $username, $password)
{
try {
$challenge = $agent->executeCommand("AUTH CRAM-MD5\r\n", array(334));
$challenge = base64_decode(substr($challenge, 4));
$message = base64_encode(
$username.' '.$this->_getResponse($password, $challenge)
);
$agent->executeCommand(sprintf("%s\r\n", $message), array(235));
return true;
} catch (Swift_TransportException $e) {
$agent->executeCommand("RSET\r\n", array(250));
return false;
}
}
/**
* Generate a CRAM-MD5 response from a server challenge.
*
* @param string $secret
* @param string $challenge
*
* @return string
*/
private function _getResponse($secret, $challenge)
{
if (strlen($secret) > 64) {
$secret = pack('H32', md5($secret));
}
if (strlen($secret) < 64) {
$secret = str_pad($secret, 64, chr(0));
}
$k_ipad = substr($secret, 0, 64) ^ str_repeat(chr(0x36), 64);
$k_opad = substr($secret, 0, 64) ^ str_repeat(chr(0x5C), 64);
$inner = pack('H32', md5($k_ipad.$challenge));
$digest = md5($k_opad.$inner);
return $digest;
}
}
|
