/library/swift/lib/Swift/Authenticator/CRAMMD5.php
PHP | 141 lines | 49 code | 10 blank | 82 comment | 5 complexity | 9862ea739a414046f918189afe31b47c MD5 | raw file
Possible License(s): AGPL-1.0, GPL-2.0, AGPL-3.0, LGPL-2.1, GPL-3.0
- <?php
- /**
- * This is the CRAM-MD5 Authentication for Swift Mailer, a PHP Mailer class.
- *
- * @package Swift
- * @version >= 2.0.0
- * @author Chris Corbyn
- * @date 4th August 2006
- * @license http://www.gnu.org/licenses/lgpl.txt Lesser GNU Public License
- *
- * @copyright Copyright © 2006 Chris Corbyn - All Rights Reserved.
- * @filesource
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to
- *
- * The Free Software Foundation, Inc.,
- * 51 Franklin Street,
- * Fifth Floor,
- * Boston,
- * MA 02110-1301 USA
- *
- * "Chris Corbyn" <chris@w3style.co.uk>
- *
- */
- /**
- * SMTP CRAM-MD5 Authenticator Class.
- * Runs the commands needed in order to use LOGIN SMTP authentication
- * @package Swift
- */
- class Swift_Authenticator_CRAMMD5 implements Swift_IAuthenticator
- {
- /**
- * The string the SMTP server returns to identify
- * that it supports this authentication mechanism
- * @var string serverString
- */
- public $serverString = 'CRAM-MD5';
- /**
- * SwiftInstance parent object
- * @var object SwiftInstance (reference)
- */
- protected $baseObject;
- public function __construct()
- {
- //
- }
- /**
- * Loads an instance of Swift to the Plugin
- *
- * @param object SwiftInstance
- * @return void
- */
- public function loadBaseObject(&$object)
- {
- $this->baseObject =& $object;
- }
- /**
- * Executes the logic in the authentication mechanism
- *
- * @param string username
- * @param string password
- * @return bool successful
- */
- public function run($username, $password)
- {
- return $this->authCRAM_MD5($username, $password);
- }
- /**
- * Executes the logic in the authentication mechanism
- *
- * @param string username
- * @param string password
- * @return bool successful
- */
- protected function authCRAM_MD5($username, $password)
- {
- $response = $this->baseObject->command("AUTH CRAM-MD5\r\n");
- preg_match('/^334\ (.*)$/', $response, $matches);
- if (!empty($matches[1]))
- {
- //This response is a base64 encoded challenge "<123456.123456789@domain.tld>"
- $decoded_response = base64_decode($matches[1]);
-
- //We need to generate a digest using this challenge
- $digest = $username.' '.$this->_authGenerateCRAM_MD5_Response($password, $decoded_response);
- //We then send the username and digest as a base64 encoded string
- $auth_string = base64_encode($digest);
- $this->baseObject->command("$auth_string\r\n");
-
- if ($this->baseObject->responseCode == 235) //235 means OK
- {
- return true;
- }
- }
- $this->baseObject->logError('Authentication failed using CRAM-MD5', $this->baseObject->responseCode);
- $this->baseObject->fail();
- return false;
- }
- /**
- * This has been lifted from a PEAR implementation at
- * http://pear.php.net/package/Auth_SASL/
- *
- * @param string password
- * @param string challenge
- * @return string digest
- */
- //This has been lifted from a PEAR implementation at
- // http://pear.php.net/package/Auth_SASL/
- protected function _authGenerateCRAM_MD5_Response($password, $challenge)
- {
- if (strlen($password) > 64)
- $password = pack('H32', md5($password));
- if (strlen($password) < 64)
- $password = str_pad($password, 64, chr(0));
- $k_ipad = substr($password, 0, 64) ^ str_repeat(chr(0x36), 64);
- $k_opad = substr($password, 0, 64) ^ str_repeat(chr(0x5C), 64);
- $inner = pack('H32', md5($k_ipad.$challenge));
- $digest = md5($k_opad.$inner);
- return $digest;
- }
- }
- ?>