use of org.apache.harmony.javax.security.sasl.SaslException in project AsmackService by rtreffer.
the class DigestChallenge method checkSemantics.
/**
* Checks the semantics of the directives in the directive list as parsed
* from the digest challenge byte array.
*
* @param dirList the list of directives parsed from the digest challenge
*
* @exception SaslException If a semantic error occurs
*/
void checkSemantics(DirectiveList dirList) throws SaslException {
Iterator directives = dirList.getIterator();
ParsedDirective directive;
String name;
while (directives.hasNext()) {
directive = (ParsedDirective) directives.next();
name = directive.getName();
if (name.equals("realm"))
handleRealm(directive);
else if (name.equals("nonce"))
handleNonce(directive);
else if (name.equals("qop"))
handleQop(directive);
else if (name.equals("maxbuf"))
handleMaxbuf(directive);
else if (name.equals("charset"))
handleCharset(directive);
else if (name.equals("algorithm"))
handleAlgorithm(directive);
else if (name.equals("cipher"))
handleCipher(directive);
else if (name.equals("stale"))
handleStale(directive);
}
/* post semantic check */
if (-1 == m_maxBuf)
m_maxBuf = 65536;
if (m_qop == 0)
m_qop = QOP_AUTH;
else if ((m_qop & QOP_AUTH) != QOP_AUTH)
throw new SaslException("Only qop-auth is supported by client");
else if (((m_qop & QOP_AUTH_CONF) == QOP_AUTH_CONF) && (0 == (m_cipherOptions & CIPHER_RECOGNIZED_MASK)))
throw new SaslException("Invalid cipher options");
else if (null == m_nonce)
throw new SaslException("Missing nonce directive");
else if (m_staleFlag)
throw new SaslException("Unexpected stale flag");
else if (null == m_algorithm)
throw new SaslException("Missing algorithm directive");
}
use of org.apache.harmony.javax.security.sasl.SaslException in project AsmackService by rtreffer.
the class DigestMD5SaslClient method getClientNonce.
/**
* Calculates the Nonce value of the Client
*
* @return Nonce value of the client
*
* @exception SaslException If an error Occurs
*/
String getClientNonce() throws SaslException {
byte[] nonceBytes = new byte[NONCE_BYTE_COUNT];
SecureRandom prng;
byte nonceByte;
char[] hexNonce = new char[NONCE_HEX_COUNT];
try {
prng = SecureRandom.getInstance("SHA1PRNG");
prng.nextBytes(nonceBytes);
for (int i = 0; i < NONCE_BYTE_COUNT; i++) {
//low nibble
hexNonce[i * 2] = getHexChar((byte) (nonceBytes[i] & 0x0f));
//high nibble
hexNonce[(i * 2) + 1] = getHexChar((byte) ((nonceBytes[i] & 0xf0) >> 4));
}
return new String(hexNonce);
} catch (NoSuchAlgorithmException e) {
throw new SaslException("No random number generator available", e);
}
}
use of org.apache.harmony.javax.security.sasl.SaslException in project AsmackService by rtreffer.
the class DirectiveList method parseDirectives.
/**
* This function takes a US-ASCII character string containing a list of comma
* separated directives, and parses the string into the individual directives
* and their values. A directive consists of a token specifying the directive
* name followed by an equal sign (=) and the directive value. The value is
* either a token or a quoted string
*
* @exception SaslException If an error Occurs
*/
void parseDirectives() throws SaslException {
char prevChar;
char currChar;
int rc = 0;
boolean haveQuotedPair = false;
String currentName = "<no name>";
if (m_state == STATE_NO_UTF8_SUPPORT)
throw new SaslException("No UTF-8 support on platform");
prevChar = 0;
while (m_curPos < m_directives.length()) {
currChar = m_directives.charAt(m_curPos);
switch(m_state) {
case STATE_LOOKING_FOR_FIRST_DIRECTIVE:
case STATE_LOOKING_FOR_DIRECTIVE:
if (isWhiteSpace(currChar)) {
break;
} else if (isValidTokenChar(currChar)) {
m_scanStart = m_curPos;
m_state = STATE_SCANNING_NAME;
} else {
m_errorPos = m_curPos;
throw new SaslException("Parse error: Invalid name character");
}
break;
case STATE_SCANNING_NAME:
if (isValidTokenChar(currChar)) {
break;
} else if (isWhiteSpace(currChar)) {
currentName = m_directives.substring(m_scanStart, m_curPos);
m_state = STATE_LOOKING_FOR_EQUALS;
} else if ('=' == currChar) {
currentName = m_directives.substring(m_scanStart, m_curPos);
m_state = STATE_LOOKING_FOR_VALUE;
} else {
m_errorPos = m_curPos;
throw new SaslException("Parse error: Invalid name character");
}
break;
case STATE_LOOKING_FOR_EQUALS:
if (isWhiteSpace(currChar)) {
break;
} else if ('=' == currChar) {
m_state = STATE_LOOKING_FOR_VALUE;
} else {
m_errorPos = m_curPos;
throw new SaslException("Parse error: Expected equals sign '='.");
}
break;
case STATE_LOOKING_FOR_VALUE:
if (isWhiteSpace(currChar)) {
break;
} else if ('"' == currChar) {
m_scanStart = m_curPos + 1;
/* don't include the quote */
m_state = STATE_SCANNING_QUOTED_STRING_VALUE;
} else if (isValidTokenChar(currChar)) {
m_scanStart = m_curPos;
m_state = STATE_SCANNING_TOKEN_VALUE;
} else {
m_errorPos = m_curPos;
throw new SaslException("Parse error: Unexpected character");
}
break;
case STATE_SCANNING_TOKEN_VALUE:
if (isValidTokenChar(currChar)) {
break;
} else if (isWhiteSpace(currChar)) {
addDirective(currentName, false);
m_state = STATE_LOOKING_FOR_COMMA;
} else if (',' == currChar) {
addDirective(currentName, false);
m_state = STATE_LOOKING_FOR_DIRECTIVE;
} else {
m_errorPos = m_curPos;
throw new SaslException("Parse error: Invalid value character");
}
break;
case STATE_SCANNING_QUOTED_STRING_VALUE:
if ('\\' == currChar)
haveQuotedPair = true;
if (('"' == currChar) && ('\\' != prevChar)) {
addDirective(currentName, haveQuotedPair);
haveQuotedPair = false;
m_state = STATE_LOOKING_FOR_COMMA;
}
break;
case STATE_LOOKING_FOR_COMMA:
if (isWhiteSpace(currChar))
break;
else if (currChar == ',')
m_state = STATE_LOOKING_FOR_DIRECTIVE;
else {
m_errorPos = m_curPos;
throw new SaslException("Parse error: Expected a comma.");
}
break;
}
if (0 != rc)
break;
prevChar = currChar;
m_curPos++;
}
if (rc == 0) {
/* check the ending state */
switch(m_state) {
case STATE_SCANNING_TOKEN_VALUE:
addDirective(currentName, false);
break;
case STATE_LOOKING_FOR_FIRST_DIRECTIVE:
case STATE_LOOKING_FOR_COMMA:
break;
case STATE_LOOKING_FOR_DIRECTIVE:
throw new SaslException("Parse error: Trailing comma.");
case STATE_SCANNING_NAME:
case STATE_LOOKING_FOR_EQUALS:
case STATE_LOOKING_FOR_VALUE:
throw new SaslException("Parse error: Missing value.");
case STATE_SCANNING_QUOTED_STRING_VALUE:
throw new SaslException("Parse error: Missing closing quote.");
}
}
}
use of org.apache.harmony.javax.security.sasl.SaslException in project AsmackService by rtreffer.
the class ResponseAuth method checkSemantics.
/**
* Checks the semantics of the directives in the directive list as parsed
* from the digest challenge byte array.
*
* @param dirList the list of directives parsed from the digest challenge
*
* @exception SaslException If a semantic error occurs
*/
void checkSemantics(DirectiveList dirList) throws SaslException {
Iterator directives = dirList.getIterator();
ParsedDirective directive;
String name;
while (directives.hasNext()) {
directive = (ParsedDirective) directives.next();
name = directive.getName();
if (name.equals("rspauth"))
m_responseValue = directive.getValue();
}
/* post semantic check */
if (m_responseValue == null)
throw new SaslException("Missing response-auth directive.");
}
use of org.apache.harmony.javax.security.sasl.SaslException in project AsmackService by rtreffer.
the class SASLEngine method login.
/**
* Perform the sasl roundtrip on a given connection.
* @param xmppInputStream XmppInputStream The underlying xmpp input stream.
* @param xmppOutputStream XmppOutputStream The underlying xmpp output
* stream.
* @param methods Set<String> The set of allowed authentification methods.
* @param account XmppAccount The internal xmpp account.
* @return boolean True on success.
* @throws XmppException In case of a hard xml/xmpp error.
*/
public static boolean login(XmppInputStream xmppInputStream, XmppOutputStream xmppOutputStream, Set<String> methods, XmppAccount account) throws XmppException {
SaslClient saslClient = null;
if (methods.contains("DIGEST-MD5")) {
saslClient = DigestMD5SaslClient.getClient(XMPPUtils.getUser(account.getJid()), "xmpp", XMPPUtils.getDomain(account.getJid()), new TreeMap<Object, Object>(), new AccountCallbackHander(account));
} else if (methods.contains("PLAIN")) {
try {
saslClient = new PlainSaslClient(null, new AccountCallbackHander(account));
} catch (SaslException e) {
throw new XmppSaslException("Could not instanciate plain auth", e);
}
}
if (saslClient.hasInitialResponse()) {
try {
xmppOutputStream.sendUnchecked("<auth " + "xmlns='" + NAMESPACE + "' " + "mechanism='" + saslClient.getMechanismName() + "'>" + encodeBase64(saslClient.evaluateChallenge(null)) + "</auth>");
} catch (SaslException e) {
throw new XmppSaslException("Could not instanciate plain auth", e);
}
} else {
xmppOutputStream.sendUnchecked("<auth " + "xmlns='" + NAMESPACE + "' " + "mechanism='" + saslClient.getMechanismName() + "'/>");
}
Node stanza = xmppInputStream.nextStanza().getDocumentNode();
while (!XMLUtils.isInstance(stanza, NAMESPACE, "success")) {
if (!XMLUtils.isInstance(stanza, NAMESPACE, "challenge")) {
throw new XmppSaslException("Authentification failed: " + stanza.getNodeValue());
}
String content = stanza.getFirstChild().getNodeValue().trim();
byte[] response;
try {
response = saslClient.evaluateChallenge(decodeBase64(content));
} catch (SaslException e) {
throw new XmppSaslException("Could not evaluate challenge", e);
}
if (saslClient.isComplete()) {
xmppOutputStream.sendUnchecked("<response xmlns='" + NAMESPACE + "'/>");
} else {
xmppOutputStream.sendUnchecked("<response xmlns='" + NAMESPACE + "'>" + encodeBase64(response) + "</response>");
}
stanza = xmppInputStream.nextStanza().getDocumentNode();
}
return true;
}
Aggregations