利用SMTP发送Mail详解(三)

5). DIGEST-MD5认证方式
DIGEST-MD5认证也是Challenge/Response的方式, 与CRAM-MD5相比, 它的Challenge信息更多, 其Response计算方式也非常复杂, 我在测试时也是以认证失败而告终, 只是将在网上找到的资料整理于此, 能为后来研究的人多提供点资料, 或者有兴趣的朋友们可以和我一起讨论下.

我们先看下DIGEST-MD5认证发送响应信息:

DIGEST-MD5服务器格式说明(见RFC 2831 Digest SASL Mechanism Mai 2000):
   digest-challenge =
         1 # (Reich | Nonce | qop-Optionen | schal | MAXBUF | charset
               Algorithmus | Chiffre-opts | auth-param)

        realm = "Reich" "=" < "> Reich-Wert <">
        Reich-Wert = qdstr-val
        Nonce = "Nonce" "=" < "> Nonce-Wert <">
        Nonce-Wert = qdstr-val
        qop-options = "qop" "=" < "> qop-Liste <">
        qop-list = 1 # qop-Wert
        qop-Wert = "auth" | "auth-int" | "auth-conf" |
                             Token
        stale = "veraltete" "=" "true"
        MAXBUF = "MAXBUF" "=" MAXBUF-Wert
        MAXBUF-Wert = 1 * DIGIT
        charset = "charset" = "" UTF-8 "
        algorithm = "Algorithmus" "=" "md5-sess"
        Chiffre-opts = "Chiffre" "=" < "> 1 # Null-Wert <">
        Chiffre-value = "3des" | "des" | "RC4-40" | "RC4" |
                            "RC4-56" | Token
        auth-param = Token "=" (token | quoted-string)
DIGEST-MD5客户端响应格式说明(见RFC 2831 Digest SASL Mechanism Mai 2000):
   digest-response = 1 # (Benutzername | Reich | Nonce | cnonce |
                          Nonce-count | qop | digest-uri | Antwort |
                          MAXBUF | charset | Chiffre | authzid |
                          auth-param)

       username = "username" = "<"> username-Wert < ">
       Benutzernamen-Wert = qdstr-val
       cnonce = "cnonce" "=" < "> cnonce-Wert <">
       cnonce-Wert = qdstr-val
       Nonce-count = "nc" "=" nc-Wert
       nc-Wert = 8LHEX
       qop = "qop" "=" qop-Wert
       digest-uri = "digest-uri" = "<"> digest-uri-value < ">
       digest-uri-value = serv-type "/" host [ "/" serv-name]   //eg: smtp/mail3