1 files changed, 3 insertions, 3 deletions
diff --git a/lib/basic_op.cc b/lib/basic_op.cc
index 2d82147..c247493 100644
--- a/lib/basic_op.cc
+++ b/lib/basic_op.cc
@@ -1,301 +1,301 @@
 #include <time.h>
 #include <cassert>
 #include <openssl/sha.h>
 #include <openssl/hmac.h>
 #include <opkele/data.h>
 #include <opkele/basic_op.h>
 #include <opkele/exception.h>
 #include <opkele/util.h>
 #include <opkele/uris.h>
 namespace opkele {
    void basic_OP::reset_vars() {
        assoc.reset();
        return_to.clear(); realm.clear();
        claimed_id.clear(); identity.clear();
        invalidate_handle.clear();
    }
    bool basic_OP::has_return_to() const {
        return !return_to.empty();
    }
    const string& basic_OP::get_return_to() const {
        if(return_to.empty())
            throw no_return_to(OPKELE_CP_ "No return_to URL provided with request");
        return return_to;
    }
    const string& basic_OP::get_realm() const {
        assert(!realm.empty());
        return realm;
    }
    bool basic_OP::has_identity() const {
        return !identity.empty();
    }
    const string& basic_OP::get_claimed_id() const {
        if(claimed_id.empty())
            throw non_identity(OPKELE_CP_ "attempting to retrieve claimed_id of non-identity related request");
        assert(!identity.empty());
        return claimed_id;
    }
    const string& basic_OP::get_identity() const {
        if(identity.empty())
            throw non_identity(OPKELE_CP_ "attempting to retrieve identity of non-identity related request");
        assert(!claimed_id.empty());
        return identity;
    }
    bool basic_OP::is_id_select() const {
        return identity==IDURI_SELECT20;
    }
    void basic_OP::select_identity(const string& c,const string& i) {
        claimed_id = c; identity = i;
    }
    void basic_OP::set_claimed_id(const string& c) {
        claimed_id = c;
    }
    basic_openid_message& basic_OP::associate(
            basic_openid_message& oum,
            const basic_openid_message& inm) try {
        assert(inm.get_field("mode")=="associate");
        util::dh_t dh;
        util::bignum_t c_pub;
        unsigned char key_digest[SHA256_DIGEST_LENGTH];
        size_t d_len = 0;
        string sts = inm.get_field("session_type");
        string ats = inm.get_field("assoc_type");
        if(sts=="DH-SHA1" || sts=="DH-SHA256") {
            if(!(dh = DH_new()))
                throw exception_openssl(OPKELE_CP_ "failed to DH_new()");
            c_pub = util::base64_to_bignum(inm.get_field("dh_consumer_public"));
            try { dh->p = util::base64_to_bignum(inm.get_field("dh_modulus"));
            }catch(failed_lookup&) {
                dh->p = util::dec_to_bignum(data::_default_p); }
            try { dh->g = util::base64_to_bignum(inm.get_field("dh_gen"));
            }catch(failed_lookup&) {
                dh->g = util::dec_to_bignum(data::_default_g); }
            if(!DH_generate_key(dh))
                throw exception_openssl(OPKELE_CP_ "failed to DH_generate_key()");
            vector<unsigned char> ck(DH_size(dh)+1);
            unsigned char *ckptr = &(ck.front())+1;
            int cklen = DH_compute_key(ckptr,c_pub,dh);
            if(cklen<0)
                throw exception_openssl(OPKELE_CP_ "failed to DH_compute_key()");
            if(cklen && (*ckptr)&0x80) {
                (*(--ckptr)) = 0; ++cklen; }
            if(sts=="DH-SHA1") {
                SHA1(ckptr,cklen,key_digest); d_len = SHA_DIGEST_LENGTH;
            }else if(sts=="DH-SHA256") {
                SHA256(ckptr,cklen,key_digest); d_len = SHA256_DIGEST_LENGTH;
            }else
                throw internal_error(OPKELE_CP_ "I thought I knew the session type");
        }else
            throw unsupported(OPKELE_CP_ "Unsupported session_type");
        assoc_t a;
        if(ats=="HMAC-SHA1")
-            a = alloc_assoc(ats,SHA_DIGEST_LENGTH,true);
+            a = alloc_assoc(ats,SHA_DIGEST_LENGTH,false);
        else if(ats=="HMAC-SHA256")
-            a = alloc_assoc(ats,SHA256_DIGEST_LENGTH,true);
+            a = alloc_assoc(ats,SHA256_DIGEST_LENGTH,false);
        else
            throw unsupported(OPKELE_CP_ "Unsupported assoc_type");
        oum.reset_fields();
        oum.set_field("ns",OIURI_OPENID20);
        oum.set_field("assoc_type",a->assoc_type());
        oum.set_field("assoc_handle",a->handle());
-        oum.set_field("expires_in",util::long_to_string(assoc->expires_in()));
+        oum.set_field("expires_in",util::long_to_string(a->expires_in()));
        secret_t secret = a->secret();
        if(sts=="DH-SHA1" || sts=="DH-SHA256") {
            if(d_len != secret.size())
                throw bad_input(OPKELE_CP_ "Association secret and session MAC are not of the same size");
            oum.set_field("session_type",sts);
            oum.set_field("dh_server_public",util::bignum_to_base64(dh->pub_key));
            string b64; secret.enxor_to_base64(key_digest,b64);
            oum.set_field("enc_mac_key",b64);
        }else /* TODO: support cleartext over encrypted connection */
            throw unsupported(OPKELE_CP_ "Unsupported session type");
        return oum;
    } catch(unsupported& u) {
        oum.reset_fields();
        oum.set_field("ns",OIURI_OPENID20);
        oum.set_field("error",u.what());
        oum.set_field("error_code","unsupported-type");
        oum.set_field("session_type","DH-SHA256");
        oum.set_field("assoc_type","HMAC-SHA256");
        return oum;
    }
    void basic_OP::checkid_(const basic_openid_message& inm,
            extension_t *ext) {
        reset_vars();
        string modestr = inm.get_field("mode");
        if(modestr=="checkid_setup")
            mode = mode_checkid_setup;
        else if(modestr=="checkid_immediate")
            mode = mode_checkid_immediate;
        else
            throw bad_input(OPKELE_CP_ "Invalid checkid_* mode");
        try {
            assoc = retrieve_assoc(invalidate_handle=inm.get_field("assoc_handle"));
            invalidate_handle.clear();
        }catch(failed_lookup&) { }
        try {
            openid2 = (inm.get_field("ns")==OIURI_OPENID20);
        }catch(failed_lookup&) { openid2 = false; }
        try {
            return_to = inm.get_field("return_to");
        }catch(failed_lookup&) { }
        if(openid2) {
            try {
                realm = inm.get_field("realm");
            }catch(failed_lookup&) {
                try {
                    realm = inm.get_field("trust_root");
                }catch(failed_lookup&) {
                    if(return_to.empty())
                        throw bad_input(OPKELE_CP_
                                "Both realm and return_to are unset");
                    realm = return_to;
                }
            }
        }else{
            try {
                realm = inm.get_field("trust_root");
            }catch(failed_lookup&) {
                if(return_to.empty())
                    throw bad_input(OPKELE_CP_
                            "Both realm and return_to are unset");
                realm = return_to;
            }
        }
        try {
            identity = inm.get_field("identity");
            try {
                claimed_id = inm.get_field("claimed_id");
            }catch(failed_lookup&) {
                if(openid2)
                    throw bad_input(OPKELE_CP_
                            "claimed_id and identity must be either both present or both absent");
                claimed_id = identity;
            }
        }catch(failed_lookup&) {
            if(openid2 && inm.has_field("claimed_id"))
                throw bad_input(OPKELE_CP_
                    "claimed_id and identity must be either both present or both absent");
        }
        verify_return_to();
        if(ext) ext->op_checkid_hook(inm);
    }
    basic_openid_message& basic_OP::id_res(basic_openid_message& om,
            extension_t *ext) {
        assert(!return_to.empty());
        assert(!is_id_select());
        if(!assoc) {
            assoc = alloc_assoc("HMAC-SHA256",SHA256_DIGEST_LENGTH,true);
        }
        time_t now = time(0);
        struct tm gmt; gmtime_r(&now,&gmt);
        char w3timestr[24];
        if(!strftime(w3timestr,sizeof(w3timestr),"%Y-%m-%dT%H:%M:%SZ",&gmt))
            throw failed_conversion(OPKELE_CP_
                    "Failed to build time string for nonce" );
        om.set_field("ns",OIURI_OPENID20);
        om.set_field("mode","id_res");
        om.set_field("op_endpoint",get_op_endpoint());
        string ats = "ns,mode,op_endpoint,return_to,response_nonce,"
            "assoc_handle,signed";
        if(!identity.empty()) {
            om.set_field("identity",identity);
            om.set_field("claimed_id",claimed_id);
            ats += ",identity,claimed_id";
        }
        om.set_field("return_to",return_to);
        string nonce = w3timestr;
        om.set_field("response_nonce",alloc_nonce(nonce));
        if(!invalidate_handle.empty()) {
            om.set_field("invalidate_handle",invalidate_handle);
            ats += ",invalidate_handle";
        }
        om.set_field("assoc_handle",assoc->handle());
        om.add_to_signed(ats);
        if(ext) ext->op_id_res_hook(om);
        om.set_field("sig",util::base64_signature(assoc,om));
        return om;
    }
    basic_openid_message& basic_OP::cancel(basic_openid_message& om) {
        assert(!return_to.empty());
        om.set_field("ns",OIURI_OPENID20);
        om.set_field("mode","cancel");
        return om;
    }
    basic_openid_message& basic_OP::error(basic_openid_message& om,
            const string& err,const string& contact,
            const string& reference ) {
        assert(!return_to.empty());
        om.set_field("ns",OIURI_OPENID20);
        om.set_field("mode","error");
        om.set_field("error",err);
        if(!contact.empty()) om.set_field("contact",contact);
        if(!reference.empty()) om.set_field("reference",reference);
        return om;
    }
    basic_openid_message& basic_OP::setup_needed(
            basic_openid_message& oum,const basic_openid_message& inm) {
        assert(mode==mode_checkid_immediate);
        assert(!return_to.empty());
        if(openid2) {
            oum.set_field("ns",OIURI_OPENID20);
            oum.set_field("mode","setup_needed");
        }else{
            oum.set_field("mode","id_res");
            static const string setupmode = "checkid_setup";
            oum.set_field("user_setup_url",
                    util::change_mode_message_proxy(inm,setupmode)
                    .append_query(get_op_endpoint()));
        }
        return oum;
    }
    basic_openid_message& basic_OP::check_authentication(
            basic_openid_message& oum,
            const basic_openid_message& inm) try {
        assert(inm.get_field("mode")=="check_authentication");
        oum.reset_fields();
        oum.set_field("ns",OIURI_OPENID20);
        bool o2;
        try {
            o2 = (inm.get_field("ns")==OIURI_OPENID20);
        }catch(failed_lookup&) { o2 = false; }
        string nonce;
        if(o2) {
            try {
                if(!check_nonce(nonce = inm.get_field("response_nonce")))
                    throw failed_check_authentication(OPKELE_CP_ "Invalid nonce");
            }catch(failed_lookup&) {
                throw failed_check_authentication(OPKELE_CP_ "No nonce provided with check_authentication request");
            }
        }
        try {
            assoc = retrieve_assoc(inm.get_field("assoc_handle"));
            if(!assoc->stateless())
                throw failed_check_authentication(OPKELE_CP_ "Will not do check_authentication on a stateful handle");
        }catch(failed_lookup&) {
            throw failed_check_authentication(OPKELE_CP_ "No assoc_handle or invalid assoc_handle specified with check_authentication request");
        }
        static const string idresmode = "id_res";
        try {
            if(util::base64_signature(assoc,util::change_mode_message_proxy(inm,idresmode))!=inm.get_field("sig"))
                throw failed_check_authentication(OPKELE_CP_ "Signature mismatch");
        }catch(failed_lookup&) {
            throw failed_check_authentication(OPKELE_CP_ "failed to calculate signature");
        }
        oum.set_field("is_valid","true");
        try {
            string h = inm.get_field("invalidate_handle");

diff --git a/lib/basic_op.cc b/lib/basic_op.cc index 2d82147..c247493 100644 --- a/lib/basic_op.cc +++ b/lib/basic_op.cc
@@ -1,301 +1,301 @@
1	#include <time.h>	1	#include <time.h>
2	#include <cassert>	2	#include <cassert>
3	#include <openssl/sha.h>	3	#include <openssl/sha.h>
4	#include <openssl/hmac.h>	4	#include <openssl/hmac.h>
5	#include <opkele/data.h>	5	#include <opkele/data.h>
6	#include <opkele/basic_op.h>	6	#include <opkele/basic_op.h>
7	#include <opkele/exception.h>	7	#include <opkele/exception.h>
8	#include <opkele/util.h>	8	#include <opkele/util.h>
9	#include <opkele/uris.h>	9	#include <opkele/uris.h>
10		10
11	namespace opkele {	11	namespace opkele {
12		12
13	void basic_OP::reset_vars() {	13	void basic_OP::reset_vars() {
14	assoc.reset();	14	assoc.reset();
15	return_to.clear(); realm.clear();	15	return_to.clear(); realm.clear();
16	claimed_id.clear(); identity.clear();	16	claimed_id.clear(); identity.clear();
17	invalidate_handle.clear();	17	invalidate_handle.clear();
18	}	18	}
19		19
20	bool basic_OP::has_return_to() const {	20	bool basic_OP::has_return_to() const {
21	return !return_to.empty();	21	return !return_to.empty();
22	}	22	}
23	const string& basic_OP::get_return_to() const {	23	const string& basic_OP::get_return_to() const {
24	if(return_to.empty())	24	if(return_to.empty())
25	throw no_return_to(OPKELE_CP_ "No return_to URL provided with request");	25	throw no_return_to(OPKELE_CP_ "No return_to URL provided with request");
26	return return_to;	26	return return_to;
27	}	27	}
28		28
29	const string& basic_OP::get_realm() const {	29	const string& basic_OP::get_realm() const {
30	assert(!realm.empty());	30	assert(!realm.empty());
31	return realm;	31	return realm;
32	}	32	}
33		33
34	bool basic_OP::has_identity() const {	34	bool basic_OP::has_identity() const {
35	return !identity.empty();	35	return !identity.empty();
36	}	36	}
37	const string& basic_OP::get_claimed_id() const {	37	const string& basic_OP::get_claimed_id() const {
38	if(claimed_id.empty())	38	if(claimed_id.empty())
39	throw non_identity(OPKELE_CP_ "attempting to retrieve claimed_id of non-identity related request");	39	throw non_identity(OPKELE_CP_ "attempting to retrieve claimed_id of non-identity related request");
40	assert(!identity.empty());	40	assert(!identity.empty());
41	return claimed_id;	41	return claimed_id;
42	}	42	}
43	const string& basic_OP::get_identity() const {	43	const string& basic_OP::get_identity() const {
44	if(identity.empty())	44	if(identity.empty())
45	throw non_identity(OPKELE_CP_ "attempting to retrieve identity of non-identity related request");	45	throw non_identity(OPKELE_CP_ "attempting to retrieve identity of non-identity related request");
46	assert(!claimed_id.empty());	46	assert(!claimed_id.empty());
47	return identity;	47	return identity;
48	}	48	}
49		49
50	bool basic_OP::is_id_select() const {	50	bool basic_OP::is_id_select() const {
51	return identity==IDURI_SELECT20;	51	return identity==IDURI_SELECT20;
52	}	52	}
53		53
54	void basic_OP::select_identity(const string& c,const string& i) {	54	void basic_OP::select_identity(const string& c,const string& i) {
55	claimed_id = c; identity = i;	55	claimed_id = c; identity = i;
56	}	56	}
57	void basic_OP::set_claimed_id(const string& c) {	57	void basic_OP::set_claimed_id(const string& c) {
58	claimed_id = c;	58	claimed_id = c;
59	}	59	}
60		60
61	basic_openid_message& basic_OP::associate(	61	basic_openid_message& basic_OP::associate(
62	basic_openid_message& oum,	62	basic_openid_message& oum,
63	const basic_openid_message& inm) try {	63	const basic_openid_message& inm) try {
64	assert(inm.get_field("mode")=="associate");	64	assert(inm.get_field("mode")=="associate");
65	util::dh_t dh;	65	util::dh_t dh;
66	util::bignum_t c_pub;	66	util::bignum_t c_pub;
67	unsigned char key_digest[SHA256_DIGEST_LENGTH];	67	unsigned char key_digest[SHA256_DIGEST_LENGTH];
68	size_t d_len = 0;	68	size_t d_len = 0;
69	string sts = inm.get_field("session_type");	69	string sts = inm.get_field("session_type");
70	string ats = inm.get_field("assoc_type");	70	string ats = inm.get_field("assoc_type");
71	if(sts=="DH-SHA1" \|\| sts=="DH-SHA256") {	71	if(sts=="DH-SHA1" \|\| sts=="DH-SHA256") {
72	if(!(dh = DH_new()))	72	if(!(dh = DH_new()))
73	throw exception_openssl(OPKELE_CP_ "failed to DH_new()");	73	throw exception_openssl(OPKELE_CP_ "failed to DH_new()");
74	c_pub = util::base64_to_bignum(inm.get_field("dh_consumer_public"));	74	c_pub = util::base64_to_bignum(inm.get_field("dh_consumer_public"));
75	try { dh->p = util::base64_to_bignum(inm.get_field("dh_modulus"));	75	try { dh->p = util::base64_to_bignum(inm.get_field("dh_modulus"));
76	}catch(failed_lookup&) {	76	}catch(failed_lookup&) {
77	dh->p = util::dec_to_bignum(data::_default_p); }	77	dh->p = util::dec_to_bignum(data::_default_p); }
78	try { dh->g = util::base64_to_bignum(inm.get_field("dh_gen"));	78	try { dh->g = util::base64_to_bignum(inm.get_field("dh_gen"));
79	}catch(failed_lookup&) {	79	}catch(failed_lookup&) {
80	dh->g = util::dec_to_bignum(data::_default_g); }	80	dh->g = util::dec_to_bignum(data::_default_g); }
81	if(!DH_generate_key(dh))	81	if(!DH_generate_key(dh))
82	throw exception_openssl(OPKELE_CP_ "failed to DH_generate_key()");	82	throw exception_openssl(OPKELE_CP_ "failed to DH_generate_key()");
83	vector<unsigned char> ck(DH_size(dh)+1);	83	vector<unsigned char> ck(DH_size(dh)+1);
84	unsigned char *ckptr = &(ck.front())+1;	84	unsigned char *ckptr = &(ck.front())+1;
85	int cklen = DH_compute_key(ckptr,c_pub,dh);	85	int cklen = DH_compute_key(ckptr,c_pub,dh);
86	if(cklen<0)	86	if(cklen<0)
87	throw exception_openssl(OPKELE_CP_ "failed to DH_compute_key()");	87	throw exception_openssl(OPKELE_CP_ "failed to DH_compute_key()");
88	if(cklen && (*ckptr)&0x80) {	88	if(cklen && (*ckptr)&0x80) {
89	(*(--ckptr)) = 0; ++cklen; }	89	(*(--ckptr)) = 0; ++cklen; }
90	if(sts=="DH-SHA1") {	90	if(sts=="DH-SHA1") {
91	SHA1(ckptr,cklen,key_digest); d_len = SHA_DIGEST_LENGTH;	91	SHA1(ckptr,cklen,key_digest); d_len = SHA_DIGEST_LENGTH;
92	}else if(sts=="DH-SHA256") {	92	}else if(sts=="DH-SHA256") {
93	SHA256(ckptr,cklen,key_digest); d_len = SHA256_DIGEST_LENGTH;	93	SHA256(ckptr,cklen,key_digest); d_len = SHA256_DIGEST_LENGTH;
94	}else	94	}else
95	throw internal_error(OPKELE_CP_ "I thought I knew the session type");	95	throw internal_error(OPKELE_CP_ "I thought I knew the session type");
96	}else	96	}else
97	throw unsupported(OPKELE_CP_ "Unsupported session_type");	97	throw unsupported(OPKELE_CP_ "Unsupported session_type");
98	assoc_t a;	98	assoc_t a;
99	if(ats=="HMAC-SHA1")	99	if(ats=="HMAC-SHA1")
100	a = alloc_assoc(ats,SHA_DIGEST_LENGTH,true);	100	a = alloc_assoc(ats,SHA_DIGEST_LENGTH,false);
101	else if(ats=="HMAC-SHA256")	101	else if(ats=="HMAC-SHA256")
102	a = alloc_assoc(ats,SHA256_DIGEST_LENGTH,true);	102	a = alloc_assoc(ats,SHA256_DIGEST_LENGTH,false);
103	else	103	else
104	throw unsupported(OPKELE_CP_ "Unsupported assoc_type");	104	throw unsupported(OPKELE_CP_ "Unsupported assoc_type");
105	oum.reset_fields();	105	oum.reset_fields();
106	oum.set_field("ns",OIURI_OPENID20);	106	oum.set_field("ns",OIURI_OPENID20);
107	oum.set_field("assoc_type",a->assoc_type());	107	oum.set_field("assoc_type",a->assoc_type());
108	oum.set_field("assoc_handle",a->handle());	108	oum.set_field("assoc_handle",a->handle());
109	oum.set_field("expires_in",util::long_to_string(assoc->expires_in()));	109	oum.set_field("expires_in",util::long_to_string(a->expires_in()));
110	secret_t secret = a->secret();	110	secret_t secret = a->secret();
111	if(sts=="DH-SHA1" \|\| sts=="DH-SHA256") {	111	if(sts=="DH-SHA1" \|\| sts=="DH-SHA256") {
112	if(d_len != secret.size())	112	if(d_len != secret.size())
113	throw bad_input(OPKELE_CP_ "Association secret and session MAC are not of the same size");	113	throw bad_input(OPKELE_CP_ "Association secret and session MAC are not of the same size");
114	oum.set_field("session_type",sts);	114	oum.set_field("session_type",sts);
115	oum.set_field("dh_server_public",util::bignum_to_base64(dh->pub_key));	115	oum.set_field("dh_server_public",util::bignum_to_base64(dh->pub_key));
116	string b64; secret.enxor_to_base64(key_digest,b64);	116	string b64; secret.enxor_to_base64(key_digest,b64);
117	oum.set_field("enc_mac_key",b64);	117	oum.set_field("enc_mac_key",b64);
118	}else /* TODO: support cleartext over encrypted connection */	118	}else /* TODO: support cleartext over encrypted connection */
119	throw unsupported(OPKELE_CP_ "Unsupported session type");	119	throw unsupported(OPKELE_CP_ "Unsupported session type");
120	return oum;	120	return oum;
121	} catch(unsupported& u) {	121	} catch(unsupported& u) {
122	oum.reset_fields();	122	oum.reset_fields();
123	oum.set_field("ns",OIURI_OPENID20);	123	oum.set_field("ns",OIURI_OPENID20);
124	oum.set_field("error",u.what());	124	oum.set_field("error",u.what());
125	oum.set_field("error_code","unsupported-type");	125	oum.set_field("error_code","unsupported-type");
126	oum.set_field("session_type","DH-SHA256");	126	oum.set_field("session_type","DH-SHA256");
127	oum.set_field("assoc_type","HMAC-SHA256");	127	oum.set_field("assoc_type","HMAC-SHA256");
128	return oum;	128	return oum;
129	}	129	}
130		130
131	void basic_OP::checkid_(const basic_openid_message& inm,	131	void basic_OP::checkid_(const basic_openid_message& inm,
132	extension_t *ext) {	132	extension_t *ext) {
133	reset_vars();	133	reset_vars();
134	string modestr = inm.get_field("mode");	134	string modestr = inm.get_field("mode");
135	if(modestr=="checkid_setup")	135	if(modestr=="checkid_setup")
136	mode = mode_checkid_setup;	136	mode = mode_checkid_setup;
137	else if(modestr=="checkid_immediate")	137	else if(modestr=="checkid_immediate")
138	mode = mode_checkid_immediate;	138	mode = mode_checkid_immediate;
139	else	139	else
140	throw bad_input(OPKELE_CP_ "Invalid checkid_* mode");	140	throw bad_input(OPKELE_CP_ "Invalid checkid_* mode");
141	try {	141	try {
142	assoc = retrieve_assoc(invalidate_handle=inm.get_field("assoc_handle"));	142	assoc = retrieve_assoc(invalidate_handle=inm.get_field("assoc_handle"));
143	invalidate_handle.clear();	143	invalidate_handle.clear();
144	}catch(failed_lookup&) { }	144	}catch(failed_lookup&) { }
145	try {	145	try {
146	openid2 = (inm.get_field("ns")==OIURI_OPENID20);	146	openid2 = (inm.get_field("ns")==OIURI_OPENID20);
147	}catch(failed_lookup&) { openid2 = false; }	147	}catch(failed_lookup&) { openid2 = false; }
148	try {	148	try {
149	return_to = inm.get_field("return_to");	149	return_to = inm.get_field("return_to");
150	}catch(failed_lookup&) { }	150	}catch(failed_lookup&) { }
151	if(openid2) {	151	if(openid2) {
152	try {	152	try {
153	realm = inm.get_field("realm");	153	realm = inm.get_field("realm");
154	}catch(failed_lookup&) {	154	}catch(failed_lookup&) {
155	try {	155	try {
156	realm = inm.get_field("trust_root");	156	realm = inm.get_field("trust_root");
157	}catch(failed_lookup&) {	157	}catch(failed_lookup&) {
158	if(return_to.empty())	158	if(return_to.empty())
159	throw bad_input(OPKELE_CP_	159	throw bad_input(OPKELE_CP_
160	"Both realm and return_to are unset");	160	"Both realm and return_to are unset");
161	realm = return_to;	161	realm = return_to;
162	}	162	}
163	}	163	}
164	}else{	164	}else{
165	try {	165	try {
166	realm = inm.get_field("trust_root");	166	realm = inm.get_field("trust_root");
167	}catch(failed_lookup&) {	167	}catch(failed_lookup&) {
168	if(return_to.empty())	168	if(return_to.empty())
169	throw bad_input(OPKELE_CP_	169	throw bad_input(OPKELE_CP_
170	"Both realm and return_to are unset");	170	"Both realm and return_to are unset");
171	realm = return_to;	171	realm = return_to;
172	}	172	}
173	}	173	}
174	try {	174	try {
175	identity = inm.get_field("identity");	175	identity = inm.get_field("identity");
176	try {	176	try {
177	claimed_id = inm.get_field("claimed_id");	177	claimed_id = inm.get_field("claimed_id");
178	}catch(failed_lookup&) {	178	}catch(failed_lookup&) {
179	if(openid2)	179	if(openid2)
180	throw bad_input(OPKELE_CP_	180	throw bad_input(OPKELE_CP_
181	"claimed_id and identity must be either both present or both absent");	181	"claimed_id and identity must be either both present or both absent");
182	claimed_id = identity;	182	claimed_id = identity;
183	}	183	}
184	}catch(failed_lookup&) {	184	}catch(failed_lookup&) {
185	if(openid2 && inm.has_field("claimed_id"))	185	if(openid2 && inm.has_field("claimed_id"))
186	throw bad_input(OPKELE_CP_	186	throw bad_input(OPKELE_CP_
187	"claimed_id and identity must be either both present or both absent");	187	"claimed_id and identity must be either both present or both absent");
188	}	188	}
189	verify_return_to();	189	verify_return_to();
190	if(ext) ext->op_checkid_hook(inm);	190	if(ext) ext->op_checkid_hook(inm);
191	}	191	}
192		192
193	basic_openid_message& basic_OP::id_res(basic_openid_message& om,	193	basic_openid_message& basic_OP::id_res(basic_openid_message& om,
194	extension_t *ext) {	194	extension_t *ext) {
195	assert(!return_to.empty());	195	assert(!return_to.empty());
196	assert(!is_id_select());	196	assert(!is_id_select());
197	if(!assoc) {	197	if(!assoc) {
198	assoc = alloc_assoc("HMAC-SHA256",SHA256_DIGEST_LENGTH,true);	198	assoc = alloc_assoc("HMAC-SHA256",SHA256_DIGEST_LENGTH,true);
199	}	199	}
200	time_t now = time(0);	200	time_t now = time(0);
201	struct tm gmt; gmtime_r(&now,&gmt);	201	struct tm gmt; gmtime_r(&now,&gmt);
202	char w3timestr[24];	202	char w3timestr[24];
203	if(!strftime(w3timestr,sizeof(w3timestr),"%Y-%m-%dT%H:%M:%SZ",&gmt))	203	if(!strftime(w3timestr,sizeof(w3timestr),"%Y-%m-%dT%H:%M:%SZ",&gmt))
204	throw failed_conversion(OPKELE_CP_	204	throw failed_conversion(OPKELE_CP_
205	"Failed to build time string for nonce" );	205	"Failed to build time string for nonce" );
206	om.set_field("ns",OIURI_OPENID20);	206	om.set_field("ns",OIURI_OPENID20);
207	om.set_field("mode","id_res");	207	om.set_field("mode","id_res");
208	om.set_field("op_endpoint",get_op_endpoint());	208	om.set_field("op_endpoint",get_op_endpoint());
209	string ats = "ns,mode,op_endpoint,return_to,response_nonce,"	209	string ats = "ns,mode,op_endpoint,return_to,response_nonce,"
210	"assoc_handle,signed";	210	"assoc_handle,signed";
211	if(!identity.empty()) {	211	if(!identity.empty()) {
212	om.set_field("identity",identity);	212	om.set_field("identity",identity);
213	om.set_field("claimed_id",claimed_id);	213	om.set_field("claimed_id",claimed_id);
214	ats += ",identity,claimed_id";	214	ats += ",identity,claimed_id";
215	}	215	}
216	om.set_field("return_to",return_to);	216	om.set_field("return_to",return_to);
217	string nonce = w3timestr;	217	string nonce = w3timestr;
218	om.set_field("response_nonce",alloc_nonce(nonce));	218	om.set_field("response_nonce",alloc_nonce(nonce));
219	if(!invalidate_handle.empty()) {	219	if(!invalidate_handle.empty()) {
220	om.set_field("invalidate_handle",invalidate_handle);	220	om.set_field("invalidate_handle",invalidate_handle);
221	ats += ",invalidate_handle";	221	ats += ",invalidate_handle";
222	}	222	}
223	om.set_field("assoc_handle",assoc->handle());	223	om.set_field("assoc_handle",assoc->handle());
224	om.add_to_signed(ats);	224	om.add_to_signed(ats);
225	if(ext) ext->op_id_res_hook(om);	225	if(ext) ext->op_id_res_hook(om);
226	om.set_field("sig",util::base64_signature(assoc,om));	226	om.set_field("sig",util::base64_signature(assoc,om));
227	return om;	227	return om;
228	}	228	}
229		229
230	basic_openid_message& basic_OP::cancel(basic_openid_message& om) {	230	basic_openid_message& basic_OP::cancel(basic_openid_message& om) {
231	assert(!return_to.empty());	231	assert(!return_to.empty());
232	om.set_field("ns",OIURI_OPENID20);	232	om.set_field("ns",OIURI_OPENID20);
233	om.set_field("mode","cancel");	233	om.set_field("mode","cancel");
234	return om;	234	return om;
235	}	235	}
236		236
237	basic_openid_message& basic_OP::error(basic_openid_message& om,	237	basic_openid_message& basic_OP::error(basic_openid_message& om,
238	const string& err,const string& contact,	238	const string& err,const string& contact,
239	const string& reference ) {	239	const string& reference ) {
240	assert(!return_to.empty());	240	assert(!return_to.empty());
241	om.set_field("ns",OIURI_OPENID20);	241	om.set_field("ns",OIURI_OPENID20);
242	om.set_field("mode","error");	242	om.set_field("mode","error");
243	om.set_field("error",err);	243	om.set_field("error",err);
244	if(!contact.empty()) om.set_field("contact",contact);	244	if(!contact.empty()) om.set_field("contact",contact);
245	if(!reference.empty()) om.set_field("reference",reference);	245	if(!reference.empty()) om.set_field("reference",reference);
246	return om;	246	return om;
247	}	247	}
248		248
249	basic_openid_message& basic_OP::setup_needed(	249	basic_openid_message& basic_OP::setup_needed(
250	basic_openid_message& oum,const basic_openid_message& inm) {	250	basic_openid_message& oum,const basic_openid_message& inm) {
251	assert(mode==mode_checkid_immediate);	251	assert(mode==mode_checkid_immediate);
252	assert(!return_to.empty());	252	assert(!return_to.empty());
253	if(openid2) {	253	if(openid2) {
254	oum.set_field("ns",OIURI_OPENID20);	254	oum.set_field("ns",OIURI_OPENID20);
255	oum.set_field("mode","setup_needed");	255	oum.set_field("mode","setup_needed");
256	}else{	256	}else{
257	oum.set_field("mode","id_res");	257	oum.set_field("mode","id_res");
258	static const string setupmode = "checkid_setup";	258	static const string setupmode = "checkid_setup";
259	oum.set_field("user_setup_url",	259	oum.set_field("user_setup_url",
260	util::change_mode_message_proxy(inm,setupmode)	260	util::change_mode_message_proxy(inm,setupmode)
261	.append_query(get_op_endpoint()));	261	.append_query(get_op_endpoint()));
262	}	262	}
263	return oum;	263	return oum;
264	}	264	}
265		265
266	basic_openid_message& basic_OP::check_authentication(	266	basic_openid_message& basic_OP::check_authentication(
267	basic_openid_message& oum,	267	basic_openid_message& oum,
268	const basic_openid_message& inm) try {	268	const basic_openid_message& inm) try {
269	assert(inm.get_field("mode")=="check_authentication");	269	assert(inm.get_field("mode")=="check_authentication");
270	oum.reset_fields();	270	oum.reset_fields();
271	oum.set_field("ns",OIURI_OPENID20);	271	oum.set_field("ns",OIURI_OPENID20);
272	bool o2;	272	bool o2;
273	try {	273	try {
274	o2 = (inm.get_field("ns")==OIURI_OPENID20);	274	o2 = (inm.get_field("ns")==OIURI_OPENID20);
275	}catch(failed_lookup&) { o2 = false; }	275	}catch(failed_lookup&) { o2 = false; }
276	string nonce;	276	string nonce;
277	if(o2) {	277	if(o2) {
278	try {	278	try {
279	if(!check_nonce(nonce = inm.get_field("response_nonce")))	279	if(!check_nonce(nonce = inm.get_field("response_nonce")))
280	throw failed_check_authentication(OPKELE_CP_ "Invalid nonce");	280	throw failed_check_authentication(OPKELE_CP_ "Invalid nonce");
281	}catch(failed_lookup&) {	281	}catch(failed_lookup&) {
282	throw failed_check_authentication(OPKELE_CP_ "No nonce provided with check_authentication request");	282	throw failed_check_authentication(OPKELE_CP_ "No nonce provided with check_authentication request");
283	}	283	}
284	}	284	}
285	try {	285	try {
286	assoc = retrieve_assoc(inm.get_field("assoc_handle"));	286	assoc = retrieve_assoc(inm.get_field("assoc_handle"));
287	if(!assoc->stateless())	287	if(!assoc->stateless())
288	throw failed_check_authentication(OPKELE_CP_ "Will not do check_authentication on a stateful handle");	288	throw failed_check_authentication(OPKELE_CP_ "Will not do check_authentication on a stateful handle");
289	}catch(failed_lookup&) {	289	}catch(failed_lookup&) {
290	throw failed_check_authentication(OPKELE_CP_ "No assoc_handle or invalid assoc_handle specified with check_authentication request");	290	throw failed_check_authentication(OPKELE_CP_ "No assoc_handle or invalid assoc_handle specified with check_authentication request");
291	}	291	}
292	static const string idresmode = "id_res";	292	static const string idresmode = "id_res";
293	try {	293	try {
294	if(util::base64_signature(assoc,util::change_mode_message_proxy(inm,idresmode))!=inm.get_field("sig"))	294	if(util::base64_signature(assoc,util::change_mode_message_proxy(inm,idresmode))!=inm.get_field("sig"))
295	throw failed_check_authentication(OPKELE_CP_ "Signature mismatch");	295	throw failed_check_authentication(OPKELE_CP_ "Signature mismatch");
296	}catch(failed_lookup&) {	296	}catch(failed_lookup&) {
297	throw failed_check_authentication(OPKELE_CP_ "failed to calculate signature");	297	throw failed_check_authentication(OPKELE_CP_ "failed to calculate signature");
298	}	298	}
299	oum.set_field("is_valid","true");	299	oum.set_field("is_valid","true");
300	try {	300	try {
301	string h = inm.get_field("invalidate_handle");	301	string h = inm.get_field("invalidate_handle");