CRAM-MD5 实现 [英] CRAM-MD5 Implementation

问题描述

我正在考虑为 IMAP 和 SMTP 服务器实施 CRAM-MD5 身份验证.问题是 CRAM 似乎需要一个始终可用的明文密码.服务器向客户端发送一个唯一的质询，客户端返回:

I'm looking at implementing CRAM-MD5 authentication for an IMAP and SMTP server. Problem is that CRAM seems to require a clear text password to be available at all times. The server sends the client a unique challenge and the client returns:

MD5( MD5(password, challenge), MD5( password ) )

如果没有明文密码，我看不到一种检查方法，规范没有说必须有一个可用的密码，但这似乎合乎逻辑.

I can't see a way to check this without having a clear text password, the specification doesn't say it has to have one available but it only seems logical.

我能想出的唯一解决方案是将密码加密(正确加密，而不是散列)到数据库中(可能使用基于 RSA 密钥的 AES，因为我已经有一些事情要处理)并在我需要时解密它相比之下，这似乎是一种非常缓慢的方法，因为它需要对 SMTP 和 IMAP 上的每次登录进行解密和散列.

The only solution I can come up with is to encrypt (properly encrypt, not hash) the password into the database (probably using RSA key based AES, as I already have something to deal with that) and decrypt it when I need to compare, seems a very slow way around though as it will need decrypting and hashing for every single login on SMTP and IMAP.

这是最好的解决方案/最有效的解决方案吗?

Is this the best solution / most efficient solution?

或者，更好的是，CRAM 现在是否已经过时，因为现在使用 SSL 保护了更不安全的在线身份验证?

Or, better, is CRAM out-of-date now because even less secure authentication over the wire is secured with SSL now?

推荐答案

诀窍在于，您真正需要的是密码的未完成 md5，它与完成前的 md5 上下文的中间状态相同.

the trick is that all you really need is the unfinalized md5 of the password which is the same as the intermediate state of the md5 context before finalizing.

MD5_CTX ctx;
MD5Init(&ctx);
MD5Update(&ctx, password, length);

如果你这样做，然后将 ctx 的值存储为 hashed，那么你就可以像这样在 CRAM MD5 中使用它的副本

if you do this and then store the value of ctx as hashed, then one can then use copies of it in CRAM MD5 like this

对于MD5(密码，挑战)

MD5Update(&hashed, challenge, length);
MD5Final(&digest, &hashed);

和MD5(密码)

MD5Final(&digest, &hashed);

其余的MD5(MD5(password,challenge), MD5(password))比较简单

我本来想在这个例子中使用 python，但在标准的 md5 中没有办法访问 md5 对象的状态，所以我使用了 libmd5 的 api

i would have liked to use python for this example but in the standard md5 there is no way to get access to the state of a md5 object so i used libmd5's api

这篇关于CRAM-MD5 实现的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！