Search in sources :

Example 1 with SaslException

use of org.apache.harmony.javax.security.sasl.SaslException in project AsmackService by rtreffer.

the class DigestChallenge method checkSemantics.

/**
     * Checks the semantics of the directives in the directive list as parsed
     * from the digest challenge byte array.
     *
     * @param dirList  the list of directives parsed from the digest challenge
     *
     * @exception SaslException   If a semantic error occurs
     */
void checkSemantics(DirectiveList dirList) throws SaslException {
    Iterator directives = dirList.getIterator();
    ParsedDirective directive;
    String name;
    while (directives.hasNext()) {
        directive = (ParsedDirective) directives.next();
        name = directive.getName();
        if (name.equals("realm"))
            handleRealm(directive);
        else if (name.equals("nonce"))
            handleNonce(directive);
        else if (name.equals("qop"))
            handleQop(directive);
        else if (name.equals("maxbuf"))
            handleMaxbuf(directive);
        else if (name.equals("charset"))
            handleCharset(directive);
        else if (name.equals("algorithm"))
            handleAlgorithm(directive);
        else if (name.equals("cipher"))
            handleCipher(directive);
        else if (name.equals("stale"))
            handleStale(directive);
    }
    /* post semantic check */
    if (-1 == m_maxBuf)
        m_maxBuf = 65536;
    if (m_qop == 0)
        m_qop = QOP_AUTH;
    else if ((m_qop & QOP_AUTH) != QOP_AUTH)
        throw new SaslException("Only qop-auth is supported by client");
    else if (((m_qop & QOP_AUTH_CONF) == QOP_AUTH_CONF) && (0 == (m_cipherOptions & CIPHER_RECOGNIZED_MASK)))
        throw new SaslException("Invalid cipher options");
    else if (null == m_nonce)
        throw new SaslException("Missing nonce directive");
    else if (m_staleFlag)
        throw new SaslException("Unexpected stale flag");
    else if (null == m_algorithm)
        throw new SaslException("Missing algorithm directive");
}
Also used : SaslException(org.apache.harmony.javax.security.sasl.SaslException)

Example 2 with SaslException

use of org.apache.harmony.javax.security.sasl.SaslException in project AsmackService by rtreffer.

the class DigestMD5SaslClient method getClientNonce.

/**
     * Calculates the Nonce value of the Client
     * 
     * @return   Nonce value of the client
     *
     * @exception   SaslException If an error Occurs
     */
String getClientNonce() throws SaslException {
    byte[] nonceBytes = new byte[NONCE_BYTE_COUNT];
    SecureRandom prng;
    byte nonceByte;
    char[] hexNonce = new char[NONCE_HEX_COUNT];
    try {
        prng = SecureRandom.getInstance("SHA1PRNG");
        prng.nextBytes(nonceBytes);
        for (int i = 0; i < NONCE_BYTE_COUNT; i++) {
            //low nibble
            hexNonce[i * 2] = getHexChar((byte) (nonceBytes[i] & 0x0f));
            //high nibble
            hexNonce[(i * 2) + 1] = getHexChar((byte) ((nonceBytes[i] & 0xf0) >> 4));
        }
        return new String(hexNonce);
    } catch (NoSuchAlgorithmException e) {
        throw new SaslException("No random number generator available", e);
    }
}
Also used : SecureRandom(java.security.SecureRandom) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) SaslException(org.apache.harmony.javax.security.sasl.SaslException)

Example 3 with SaslException

use of org.apache.harmony.javax.security.sasl.SaslException in project AsmackService by rtreffer.

the class DirectiveList method parseDirectives.

/**
     * This function takes a US-ASCII character string containing a list of comma
     * separated directives, and parses the string into the individual directives
     * and their values. A directive consists of a token specifying the directive
     * name followed by an equal sign (=) and the directive value. The value is
     * either a token or a quoted string
     *
     * @exception SaslException  If an error Occurs
     */
void parseDirectives() throws SaslException {
    char prevChar;
    char currChar;
    int rc = 0;
    boolean haveQuotedPair = false;
    String currentName = "<no name>";
    if (m_state == STATE_NO_UTF8_SUPPORT)
        throw new SaslException("No UTF-8 support on platform");
    prevChar = 0;
    while (m_curPos < m_directives.length()) {
        currChar = m_directives.charAt(m_curPos);
        switch(m_state) {
            case STATE_LOOKING_FOR_FIRST_DIRECTIVE:
            case STATE_LOOKING_FOR_DIRECTIVE:
                if (isWhiteSpace(currChar)) {
                    break;
                } else if (isValidTokenChar(currChar)) {
                    m_scanStart = m_curPos;
                    m_state = STATE_SCANNING_NAME;
                } else {
                    m_errorPos = m_curPos;
                    throw new SaslException("Parse error: Invalid name character");
                }
                break;
            case STATE_SCANNING_NAME:
                if (isValidTokenChar(currChar)) {
                    break;
                } else if (isWhiteSpace(currChar)) {
                    currentName = m_directives.substring(m_scanStart, m_curPos);
                    m_state = STATE_LOOKING_FOR_EQUALS;
                } else if ('=' == currChar) {
                    currentName = m_directives.substring(m_scanStart, m_curPos);
                    m_state = STATE_LOOKING_FOR_VALUE;
                } else {
                    m_errorPos = m_curPos;
                    throw new SaslException("Parse error: Invalid name character");
                }
                break;
            case STATE_LOOKING_FOR_EQUALS:
                if (isWhiteSpace(currChar)) {
                    break;
                } else if ('=' == currChar) {
                    m_state = STATE_LOOKING_FOR_VALUE;
                } else {
                    m_errorPos = m_curPos;
                    throw new SaslException("Parse error: Expected equals sign '='.");
                }
                break;
            case STATE_LOOKING_FOR_VALUE:
                if (isWhiteSpace(currChar)) {
                    break;
                } else if ('"' == currChar) {
                    m_scanStart = m_curPos + 1;
                    /* don't include the quote */
                    m_state = STATE_SCANNING_QUOTED_STRING_VALUE;
                } else if (isValidTokenChar(currChar)) {
                    m_scanStart = m_curPos;
                    m_state = STATE_SCANNING_TOKEN_VALUE;
                } else {
                    m_errorPos = m_curPos;
                    throw new SaslException("Parse error: Unexpected character");
                }
                break;
            case STATE_SCANNING_TOKEN_VALUE:
                if (isValidTokenChar(currChar)) {
                    break;
                } else if (isWhiteSpace(currChar)) {
                    addDirective(currentName, false);
                    m_state = STATE_LOOKING_FOR_COMMA;
                } else if (',' == currChar) {
                    addDirective(currentName, false);
                    m_state = STATE_LOOKING_FOR_DIRECTIVE;
                } else {
                    m_errorPos = m_curPos;
                    throw new SaslException("Parse error: Invalid value character");
                }
                break;
            case STATE_SCANNING_QUOTED_STRING_VALUE:
                if ('\\' == currChar)
                    haveQuotedPair = true;
                if (('"' == currChar) && ('\\' != prevChar)) {
                    addDirective(currentName, haveQuotedPair);
                    haveQuotedPair = false;
                    m_state = STATE_LOOKING_FOR_COMMA;
                }
                break;
            case STATE_LOOKING_FOR_COMMA:
                if (isWhiteSpace(currChar))
                    break;
                else if (currChar == ',')
                    m_state = STATE_LOOKING_FOR_DIRECTIVE;
                else {
                    m_errorPos = m_curPos;
                    throw new SaslException("Parse error: Expected a comma.");
                }
                break;
        }
        if (0 != rc)
            break;
        prevChar = currChar;
        m_curPos++;
    }
    if (rc == 0) {
        /* check the ending state */
        switch(m_state) {
            case STATE_SCANNING_TOKEN_VALUE:
                addDirective(currentName, false);
                break;
            case STATE_LOOKING_FOR_FIRST_DIRECTIVE:
            case STATE_LOOKING_FOR_COMMA:
                break;
            case STATE_LOOKING_FOR_DIRECTIVE:
                throw new SaslException("Parse error: Trailing comma.");
            case STATE_SCANNING_NAME:
            case STATE_LOOKING_FOR_EQUALS:
            case STATE_LOOKING_FOR_VALUE:
                throw new SaslException("Parse error: Missing value.");
            case STATE_SCANNING_QUOTED_STRING_VALUE:
                throw new SaslException("Parse error: Missing closing quote.");
        }
    }
}
Also used : SaslException(org.apache.harmony.javax.security.sasl.SaslException)

Example 4 with SaslException

use of org.apache.harmony.javax.security.sasl.SaslException in project AsmackService by rtreffer.

the class ResponseAuth method checkSemantics.

/**
     * Checks the semantics of the directives in the directive list as parsed
     * from the digest challenge byte array.
     *
     * @param dirList  the list of directives parsed from the digest challenge
     *
     * @exception SaslException   If a semantic error occurs
     */
void checkSemantics(DirectiveList dirList) throws SaslException {
    Iterator directives = dirList.getIterator();
    ParsedDirective directive;
    String name;
    while (directives.hasNext()) {
        directive = (ParsedDirective) directives.next();
        name = directive.getName();
        if (name.equals("rspauth"))
            m_responseValue = directive.getValue();
    }
    /* post semantic check */
    if (m_responseValue == null)
        throw new SaslException("Missing response-auth directive.");
}
Also used : Iterator(java.util.Iterator) SaslException(org.apache.harmony.javax.security.sasl.SaslException)

Example 5 with SaslException

use of org.apache.harmony.javax.security.sasl.SaslException in project AsmackService by rtreffer.

the class SASLEngine method login.

/**
     * Perform the sasl roundtrip on a given connection.
     * @param xmppInputStream XmppInputStream The underlying xmpp input stream.
     * @param xmppOutputStream XmppOutputStream The underlying xmpp output
     *                                          stream.
     * @param methods Set<String> The set of allowed authentification methods.
     * @param account XmppAccount The internal xmpp account.
     * @return boolean True on success.
     * @throws XmppException In case of a hard xml/xmpp error.
     */
public static boolean login(XmppInputStream xmppInputStream, XmppOutputStream xmppOutputStream, Set<String> methods, XmppAccount account) throws XmppException {
    SaslClient saslClient = null;
    if (methods.contains("DIGEST-MD5")) {
        saslClient = DigestMD5SaslClient.getClient(XMPPUtils.getUser(account.getJid()), "xmpp", XMPPUtils.getDomain(account.getJid()), new TreeMap<Object, Object>(), new AccountCallbackHander(account));
    } else if (methods.contains("PLAIN")) {
        try {
            saslClient = new PlainSaslClient(null, new AccountCallbackHander(account));
        } catch (SaslException e) {
            throw new XmppSaslException("Could not instanciate plain auth", e);
        }
    }
    if (saslClient.hasInitialResponse()) {
        try {
            xmppOutputStream.sendUnchecked("<auth " + "xmlns='" + NAMESPACE + "' " + "mechanism='" + saslClient.getMechanismName() + "'>" + encodeBase64(saslClient.evaluateChallenge(null)) + "</auth>");
        } catch (SaslException e) {
            throw new XmppSaslException("Could not instanciate plain auth", e);
        }
    } else {
        xmppOutputStream.sendUnchecked("<auth " + "xmlns='" + NAMESPACE + "' " + "mechanism='" + saslClient.getMechanismName() + "'/>");
    }
    Node stanza = xmppInputStream.nextStanza().getDocumentNode();
    while (!XMLUtils.isInstance(stanza, NAMESPACE, "success")) {
        if (!XMLUtils.isInstance(stanza, NAMESPACE, "challenge")) {
            throw new XmppSaslException("Authentification failed: " + stanza.getNodeValue());
        }
        String content = stanza.getFirstChild().getNodeValue().trim();
        byte[] response;
        try {
            response = saslClient.evaluateChallenge(decodeBase64(content));
        } catch (SaslException e) {
            throw new XmppSaslException("Could not evaluate challenge", e);
        }
        if (saslClient.isComplete()) {
            xmppOutputStream.sendUnchecked("<response xmlns='" + NAMESPACE + "'/>");
        } else {
            xmppOutputStream.sendUnchecked("<response xmlns='" + NAMESPACE + "'>" + encodeBase64(response) + "</response>");
        }
        stanza = xmppInputStream.nextStanza().getDocumentNode();
    }
    return true;
}
Also used : Node(org.w3c.dom.Node) XmppSaslException(com.googlecode.asmack.XmppSaslException) PlainSaslClient(org.apache.qpid.management.common.sasl.PlainSaslClient) TreeMap(java.util.TreeMap) SaslException(org.apache.harmony.javax.security.sasl.SaslException) XmppSaslException(com.googlecode.asmack.XmppSaslException) DigestMD5SaslClient(com.novell.sasl.client.DigestMD5SaslClient) PlainSaslClient(org.apache.qpid.management.common.sasl.PlainSaslClient) SaslClient(org.apache.harmony.javax.security.sasl.SaslClient)

Aggregations

SaslException (org.apache.harmony.javax.security.sasl.SaslException)10 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)3 UnsupportedEncodingException (java.io.UnsupportedEncodingException)2 MessageDigest (java.security.MessageDigest)2 XmppSaslException (com.googlecode.asmack.XmppSaslException)1 DigestMD5SaslClient (com.novell.sasl.client.DigestMD5SaslClient)1 IOException (java.io.IOException)1 SecureRandom (java.security.SecureRandom)1 ArrayList (java.util.ArrayList)1 Iterator (java.util.Iterator)1 TreeMap (java.util.TreeMap)1 Callback (javax.security.auth.callback.Callback)1 UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)1 NameCallback (org.apache.harmony.javax.security.auth.callback.NameCallback)1 RealmCallback (org.apache.harmony.javax.security.sasl.RealmCallback)1 RealmChoiceCallback (org.apache.harmony.javax.security.sasl.RealmChoiceCallback)1 SaslClient (org.apache.harmony.javax.security.sasl.SaslClient)1 PlainSaslClient (org.apache.qpid.management.common.sasl.PlainSaslClient)1 Node (org.w3c.dom.Node)1