smtp_client_auth.c
Go to the documentation of this file.
1 /**
2  * @file smtp_client_auth.c
3  * @brief SMTP authentication mechanism
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2010-2019 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneTCP Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @author Oryx Embedded SARL (www.oryx-embedded.com)
28  * @version 1.9.2
29  **/
30 
31 //Switch to the appropriate trace level
32 #define TRACE_LEVEL SMTP_TRACE_LEVEL
33 
34 //Dependencies
35 #include "core/net.h"
36 #include "smtp/smtp_client.h"
37 #include "smtp/smtp_client_auth.h"
38 #include "smtp/smtp_client_misc.h"
39 #include "debug.h"
40 
41 //Check TCP/IP stack configuration
42 #if (SMTP_CLIENT_SUPPORT == ENABLED)
43 
44 /**
45  * @brief Perform LOGIN authentication
46  * @param[in] context Pointer to the SMTP client context
47  * @param[in] username NULL-terminated string containing the user name
48  * @param[in] password NULL-terminated string containing the user's password
49  * @return Error code
50  **/
51 
53  const char_t *username, const char_t *password)
54 {
55 #if (SMTP_CLIENT_LOGIN_AUTH_SUPPORT == ENABLED)
56  error_t error;
57  size_t n;
58 
59  //Initialize status code
60  error = NO_ERROR;
61 
62  //Execute SMTP command sequence
63  while(!error)
64  {
65  //Check current state
66  if(context->state == SMTP_CLIENT_STATE_CONNECTED)
67  {
68  //Format AUTH LOGIN command
69  error = smtpClientFormatCommand(context, "AUTH LOGIN", NULL);
70 
71  //Check status code
72  if(!error)
73  {
74  //Send AUTH LOGIN command and wait for the server's response
76  }
77  }
78  else if(context->state == SMTP_CLIENT_STATE_SUB_COMMAND_1)
79  {
80  //Send AUTH LOGIN command and wait for the server's response
81  error = smtpClientSendCommand(context, NULL);
82 
83  //Check status code
84  if(!error)
85  {
86  //Check SMTP response code
87  if(SMTP_REPLY_CODE_3YZ(context->replyCode))
88  {
89  //Retrieve the length of the user name
90  n = strlen(username);
91 
92  //Encode the user name with Base64 algorithm
93  base64Encode(username, n, context->buffer, NULL);
94  //Terminate the line with a CRLF sequence
95  strcat(context->buffer, "\r\n");
96 
97  //Calculate the length of the SMTP command
98  context->commandLen = strlen(context->buffer);
99 
100  //Debug message
101  TRACE_DEBUG("SMTP client: %s", context->buffer);
102 
103  //Flush receive buffer
104  context->bufferPos = 0;
105  context->replyLen = 0;
106 
107  //Send the second command of the AUTH LOGIN sequence
109  }
110  else
111  {
112  //Update SMTP client state
114  //Report an error
116  }
117  }
118  }
119  else if(context->state == SMTP_CLIENT_STATE_SUB_COMMAND_2)
120  {
121  //Wait for the server's response
122  error = smtpClientSendCommand(context, NULL);
123 
124  //Check status code
125  if(!error)
126  {
127  //Check SMTP response code
128  if(SMTP_REPLY_CODE_3YZ(context->replyCode))
129  {
130  //Retrieve the length of the password
131  n = strlen(password);
132 
133  //Encode the password with Base64 algorithm
134  base64Encode(password, n, context->buffer, NULL);
135  //Terminate the line with a CRLF sequence
136  strcat(context->buffer, "\r\n");
137 
138  //Calculate the length of the SMTP command
139  context->commandLen = strlen(context->buffer);
140 
141  //Debug message
142  TRACE_DEBUG("SMTP client: %s", context->buffer);
143 
144  //Flush receive buffer
145  context->bufferPos = 0;
146  context->replyLen = 0;
147 
148  //Send the third command of the AUTH LOGIN sequence
150  }
151  else
152  {
153  //Update SMTP client state
155  //Report an error
157  }
158  }
159  }
160  else if(context->state == SMTP_CLIENT_STATE_SUB_COMMAND_3)
161  {
162  //Wait for the server's response
163  error = smtpClientSendCommand(context, NULL);
164 
165  //Check status code
166  if(!error)
167  {
168  //Check SMTP response code
169  if(SMTP_REPLY_CODE_2YZ(context->replyCode))
170  {
171  //Update SMTP client state
173  //Successful user authentication
174  break;
175  }
176  else
177  {
178  //Update SMTP client state
180  //Report an error
182  }
183  }
184  }
185  else
186  {
187  //Invalid state
188  error = ERROR_WRONG_STATE;
189  }
190  }
191 
192  //Check status code
193  if(error == ERROR_WOULD_BLOCK || error == ERROR_TIMEOUT)
194  {
195  //Check whether the timeout has elapsed
196  error = smtpClientCheckTimeout(context);
197  }
198 
199  //Return status code
200  return error;
201 #else
202  //LOGIN authentication is not supported
204 #endif
205 }
206 
207 
208 /**
209  * @brief Perform PLAIN authentication
210  * @param[in] context Pointer to the SMTP client context
211  * @param[in] username NULL-terminated string containing the user name
212  * @param[in] password NULL-terminated string containing the user's password
213  * @return Error code
214  **/
215 
217  const char_t *username, const char_t *password)
218 {
219 #if (SMTP_CLIENT_PLAIN_AUTH_SUPPORT == ENABLED)
220  error_t error;
221  size_t m;
222  size_t n;
223  char_t *p;
224 
225  //Initialize status code
226  error = NO_ERROR;
227 
228  //Execute SMTP command sequence
229  while(!error)
230  {
231  //Check current state
232  if(context->state == SMTP_CLIENT_STATE_CONNECTED)
233  {
234  //Point to the buffer
235  p = context->buffer;
236 
237  //Format AUTH PLAIN command
238  m = sprintf(p, "AUTH PLAIN ");
239 
240  //Authorization identity
241  n = sprintf(p + m, username) + 1;
242  //Authentication identity
243  n += sprintf(p + m + n, username) + 1;
244  //Password
245  n += sprintf(p + m + n, password);
246 
247  //Base64 encoding
248  base64Encode(p + m, n, p + m, NULL);
249  //Terminate the line with a CRLF sequence
250  strcat(p, "\r\n");
251 
252  //Calculate the length of the SMTP command
253  context->commandLen = strlen(p);
254 
255  //Debug message
256  TRACE_DEBUG("SMTP client: %s", context->buffer);
257 
258  //Flush receive buffer
259  context->bufferPos = 0;
260  context->replyLen = 0;
261 
262  //Send AUTH PLAIN command and wait for the server's response
264  }
265  else if(context->state == SMTP_CLIENT_STATE_SUB_COMMAND_1)
266  {
267  //Send AUTH PLAIN command and wait for the server's response
268  error = smtpClientSendCommand(context, NULL);
269 
270  //Check status code
271  if(!error)
272  {
273  //Check SMTP response code
274  if(SMTP_REPLY_CODE_2YZ(context->replyCode))
275  {
276  //Update SMTP client state
278  //Successful user authentication
279  break;
280  }
281  else
282  {
283  //Update SMTP client state
285  //Report an error
287  }
288  }
289  }
290  else
291  {
292  //Invalid state
293  error = ERROR_WRONG_STATE;
294  }
295  }
296 
297  //Check status code
298  if(error == ERROR_WOULD_BLOCK || error == ERROR_TIMEOUT)
299  {
300  //Check whether the timeout has elapsed
301  error = smtpClientCheckTimeout(context);
302  }
303 
304  //Return status code
305  return error;
306 #else
307  //PLAIN authentication is not supported
309 #endif
310 }
311 
312 
313 /**
314  * @brief Perform CRAM-MD5 authentication
315  * @param[in] context Pointer to the SMTP client context
316  * @param[in] username NULL-terminated string containing the user name
317  * @param[in] password NULL-terminated string containing the user's password
318  * @return Error code
319  **/
320 
322  const char_t *username, const char_t *password)
323 {
324 #if (SMTP_CLIENT_CRAM_MD5_AUTH_SUPPORT == ENABLED)
325  error_t error;
326  int_t i;
327  size_t n;
328  char_t *p;
329 
330  //Hex conversion table
331  static const char_t hexDigit[] =
332  {
333  '0', '1', '2', '3', '4', '5', '6', '7',
334  '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'
335  };
336 
337  //Initialize status code
338  error = NO_ERROR;
339 
340  //Execute SMTP command sequence
341  while(!error)
342  {
343  //Check current state
344  if(context->state == SMTP_CLIENT_STATE_CONNECTED)
345  {
346  //Format AUTH CRAM-MD5 command
347  error = smtpClientFormatCommand(context, "AUTH CRAM-MD5", NULL);
348 
349  //Check status code
350  if(!error)
351  {
352  //Send AUTH CRAM-MD5 command and wait for the server's response
354  }
355  }
356  else if(context->state == SMTP_CLIENT_STATE_SUB_COMMAND_1)
357  {
358  //Send AUTH CRAM-MD5 command and wait for the server's response
359  error = smtpClientSendCommand(context, NULL);
360 
361  //Check status code
362  if(!error)
363  {
364  //Check SMTP response code
365  if(SMTP_REPLY_CODE_3YZ(context->replyCode))
366  {
367  //Point to the buffer
368  p = context->buffer;
369  //Retrieve the length of the response
370  n = strlen(p);
371 
372  //Unexpected response from the SMTP server?
373  if(n <= 4)
374  {
375  //Report an error
376  error = ERROR_INVALID_SYNTAX;
377  }
378 
379  //Check status code
380  if(!error)
381  {
382  //Decrypt the Base64-encoded challenge
383  error = base64Decode(p + 4, n - 4, p, &n);
384  }
385 
386  //Check status code
387  if(!error)
388  {
389  //Compute HMAC using MD5
390  error = hmacCompute(MD5_HASH_ALGO, password, strlen(password),
391  p, n, p);
392  }
393 
394  //Check status code
395  if(!error)
396  {
397  //Convert the digest to hexadecimal string
398  for(i = MD5_DIGEST_SIZE - 1; i >= 0; i--)
399  {
400  //Convert the lower nibble
401  p[i * 2 + 1] = hexDigit[p[i] & 0x0F];
402  //Then convert the upper nibble
403  p[i * 2] = hexDigit[(p[i] >> 4) & 0x0F];
404  }
405 
406  //Properly terminate the string with a NULL character
407  p[MD5_DIGEST_SIZE * 2] = '\0';
408 
409  //Make room for the username
410  n = strlen(username);
411  memmove(p + n + 1, p, MD5_DIGEST_SIZE * 2 + 1);
412 
413  //Concatenate the user name and the text representation of
414  //the digest
415  strcpy(p, username);
416  p[n] = ' ';
417 
418  //Encode the resulting string with Base64 algorithm
419  base64Encode(p, strlen(p), p, NULL);
420  //Terminate the line with a CRLF sequence
421  strcat(p, "\r\n");
422 
423  //Calculate the length of the SMTP command
424  context->commandLen = strlen(p);
425 
426  //Debug message
427  TRACE_DEBUG("SMTP client: %s", context->buffer);
428 
429  //Flush receive buffer
430  context->bufferPos = 0;
431  context->replyLen = 0;
432 
433  //Send the second command of the AUTH CRAM-MD5 sequence
435  }
436  }
437  else
438  {
439  //Update SMTP client state
441  //Report an error
443  }
444  }
445  }
446  else if(context->state == SMTP_CLIENT_STATE_SUB_COMMAND_2)
447  {
448  //Wait for the server's response
449  error = smtpClientSendCommand(context, NULL);
450 
451  //Check status code
452  if(!error)
453  {
454  //Check SMTP response code
455  if(SMTP_REPLY_CODE_2YZ(context->replyCode))
456  {
457  //Update SMTP client state
459  //Successful user authentication
460  break;
461  }
462  else
463  {
464  //Update SMTP client state
466  //Report an error
468  }
469  }
470  }
471  else
472  {
473  //Invalid state
474  error = ERROR_WRONG_STATE;
475  }
476  }
477 
478  //Check status code
479  if(error == ERROR_WOULD_BLOCK || error == ERROR_TIMEOUT)
480  {
481  //Check whether the timeout has elapsed
482  error = smtpClientCheckTimeout(context);
483  }
484 
485  //Return status code
486  return error;
487 #else
488  //CRAM-MD5 authentication is not supported
490 #endif
491 }
492 
493 #endif
char char_t
Definition: compiler_port.h:43
Helper functions for SMTP client.
TCP/IP stack core.
Debugging facilities.
uint8_t p
Definition: ndp.h:297
error_t smtpClientLoginAuth(SmtpClientContext *context, const char_t *username, const char_t *password)
Perform LOGIN authentication.
error_t base64Decode(const char_t *input, size_t inputLen, void *output, size_t *outputLen)
Base64 decoding algorithm.
Definition: base64.c:188
void base64Encode(const void *input, size_t inputLen, char_t *output, size_t *outputLen)
Base64 encoding algorithm.
Definition: base64.c:78
error_t smtpClientSendCommand(SmtpClientContext *context, SmtpClientReplyCallback callback)
Send SMTP command and wait for a reply.
uint8_t m
Definition: ndp.h:301
error_t smtpClientCheckTimeout(SmtpClientContext *context)
Determine whether a timeout error has occurred.
error_t smtpClientPlainAuth(SmtpClientContext *context, const char_t *username, const char_t *password)
Perform PLAIN authentication.
signed int int_t
Definition: compiler_port.h:44
SMTP client (Simple Mail Transfer Protocol)
error_t smtpClientFormatCommand(SmtpClientContext *context, const char_t *command, const char_t *argument)
Format SMTP command.
#define SmtpClientContext
Definition: smtp_client.h:156
error_t smtpClientCramMd5Auth(SmtpClientContext *context, const char_t *username, const char_t *password)
Perform CRAM-MD5 authentication.
Success.
Definition: error.h:44
error_t
Error codes.
Definition: error.h:42
error_t hmacCompute(const HashAlgo *hash, const void *key, size_t keyLen, const void *data, size_t dataLen, uint8_t *digest)
Compute HMAC using the specified hash function.
Definition: hmac.c:85
SMTP authentication mechanism.
#define MD5_DIGEST_SIZE
Definition: md5.h:40
#define SMTP_REPLY_CODE_2YZ(code)
Definition: smtp_client.h:149
uint8_t n
#define SMTP_REPLY_CODE_3YZ(code)
Definition: smtp_client.h:150
#define MD5_HASH_ALGO
Definition: md5.h:46
void smtpClientChangeState(SmtpClientContext *context, SmtpClientState newState)
Update SMTP client state.
#define TRACE_DEBUG(...)
Definition: debug.h:106