use of org.apache.harmony.javax.security.sasl.SaslException in project AsmackService by rtreffer.
the class DigestMD5SaslClient method DigestCalcResponse.
/**
* This function calculates the response-value of the response directive of
* the digest-response as documented in RFC 2831
*
* @param HA1 H(A1)
* @param serverNonce nonce from server
* @param nonceCount 8 hex digits
* @param clientNonce client nonce
* @param qop qop-value: "", "auth", "auth-int"
* @param method method from the request
* @param digestUri requested URL
* @param clientResponseFlag request-digest or response-digest
*
* @return Response-value of the response directive of the digest-response
*
* @exception SaslException If an error occurs
*/
char[] DigestCalcResponse(char[] HA1, /* H(A1) */
String serverNonce, /* nonce from server */
String nonceCount, /* 8 hex digits */
String clientNonce, /* client nonce */
String qop, /* qop-value: "", "auth", "auth-int" */
String method, /* method from the request */
String digestUri, /* requested URL */
boolean clientResponseFlag) throws /* request-digest or response-digest */
SaslException {
byte[] HA2;
byte[] respHash;
char[] HA2Hex;
// calculate H(A2)
try {
MessageDigest md = MessageDigest.getInstance("MD5");
if (clientResponseFlag)
md.update(method.getBytes("UTF-8"));
md.update(":".getBytes("UTF-8"));
md.update(digestUri.getBytes("UTF-8"));
if ("auth-int".equals(qop)) {
md.update(":".getBytes("UTF-8"));
md.update("00000000000000000000000000000000".getBytes("UTF-8"));
}
HA2 = md.digest();
HA2Hex = convertToHex(HA2);
// calculate response
md.update(new String(HA1).getBytes("UTF-8"));
md.update(":".getBytes("UTF-8"));
md.update(serverNonce.getBytes("UTF-8"));
md.update(":".getBytes("UTF-8"));
if (qop.length() > 0) {
md.update(nonceCount.getBytes("UTF-8"));
md.update(":".getBytes("UTF-8"));
md.update(clientNonce.getBytes("UTF-8"));
md.update(":".getBytes("UTF-8"));
md.update(qop.getBytes("UTF-8"));
md.update(":".getBytes("UTF-8"));
}
md.update(new String(HA2Hex).getBytes("UTF-8"));
respHash = md.digest();
} catch (NoSuchAlgorithmException e) {
throw new SaslException("No provider found for MD5 hash", e);
} catch (UnsupportedEncodingException e) {
throw new SaslException("UTF-8 encoding not supported by platform.", e);
}
return convertToHex(respHash);
}
use of org.apache.harmony.javax.security.sasl.SaslException in project AsmackService by rtreffer.
the class DigestMD5SaslClient method createDigestResponse.
/**
* Creates the intial response to be sent to the server.
*
* @param challenge Challenge in bytes recived form the Server
*
* @return Initial response to be sent to the server
*/
private String createDigestResponse(byte[] challenge) throws SaslException {
char[] response;
StringBuffer digestResponse = new StringBuffer(512);
int realmSize;
m_dc = new DigestChallenge(challenge);
m_digestURI = m_protocol + "/" + m_serverName;
if ((m_dc.getQop() & DigestChallenge.QOP_AUTH) == DigestChallenge.QOP_AUTH)
m_qopValue = "auth";
else
throw new SaslException("Client only supports qop of 'auth'");
//get call back information
Callback[] callbacks = new Callback[3];
ArrayList realms = m_dc.getRealms();
realmSize = realms.size();
if (realmSize == 0) {
callbacks[0] = new RealmCallback("Realm");
} else if (realmSize == 1) {
callbacks[0] = new RealmCallback("Realm", (String) realms.get(0));
} else {
callbacks[0] = new RealmChoiceCallback("Realm", (String[]) realms.toArray(new String[realmSize]), //the default choice index
0, //no multiple selections
false);
}
callbacks[1] = new javax.security.auth.callback.PasswordCallback("Password", false);
if (m_authorizationId == null || m_authorizationId.length() == 0)
callbacks[2] = new NameCallback("Name");
else
callbacks[2] = new NameCallback("Name", m_authorizationId);
try {
m_cbh.handle(callbacks);
} catch (UnsupportedCallbackException e) {
throw new SaslException("Handler does not support" + " necessary callbacks", e);
} catch (IOException e) {
throw new SaslException("IO exception in CallbackHandler.", e);
}
if (realmSize > 1) {
int[] selections = ((RealmChoiceCallback) callbacks[0]).getSelectedIndexes();
if (selections.length > 0)
m_realm = ((RealmChoiceCallback) callbacks[0]).getChoices()[selections[0]];
else
m_realm = ((RealmChoiceCallback) callbacks[0]).getChoices()[0];
} else
m_realm = ((RealmCallback) callbacks[0]).getText();
m_clientNonce = getClientNonce();
m_name = ((NameCallback) callbacks[2]).getName();
if (m_name == null)
m_name = ((NameCallback) callbacks[2]).getDefaultName();
if (m_name == null)
throw new SaslException("No user name was specified.");
m_HA1 = DigestCalcHA1(m_dc.getAlgorithm(), m_name, m_realm, new String(((javax.security.auth.callback.PasswordCallback) callbacks[1]).getPassword()), m_dc.getNonce(), m_clientNonce);
response = DigestCalcResponse(m_HA1, m_dc.getNonce(), "00000001", m_clientNonce, m_qopValue, "AUTHENTICATE", m_digestURI, true);
digestResponse.append("username=\"");
digestResponse.append(m_authorizationId);
if (0 != m_realm.length()) {
digestResponse.append("\",realm=\"");
digestResponse.append(m_realm);
}
digestResponse.append("\",cnonce=\"");
digestResponse.append(m_clientNonce);
digestResponse.append("\",nc=");
//nounce count
digestResponse.append("00000001");
digestResponse.append(",qop=");
digestResponse.append(m_qopValue);
digestResponse.append(",digest-uri=\"");
digestResponse.append(m_digestURI);
digestResponse.append("\",response=");
digestResponse.append(response);
digestResponse.append(",charset=utf-8,nonce=\"");
digestResponse.append(m_dc.getNonce());
digestResponse.append("\"");
return digestResponse.toString();
}
use of org.apache.harmony.javax.security.sasl.SaslException in project AsmackService by rtreffer.
the class DigestMD5SaslClient method DigestCalcHA1.
/**
* Calculates the HA1 portion of the response
*
* @param algorithm Algorith to use.
* @param userName User being authenticated
* @param realm realm information
* @param password password of teh user
* @param nonce nonce value
* @param clientNonce Clients Nonce value
*
* @return HA1 portion of the response in a character array
*
* @exception SaslException If an error occurs
*/
char[] DigestCalcHA1(String algorithm, String userName, String realm, String password, String nonce, String clientNonce) throws SaslException {
byte[] hash;
try {
MessageDigest md = MessageDigest.getInstance("MD5");
md.update(userName.getBytes("UTF-8"));
md.update(":".getBytes("UTF-8"));
md.update(realm.getBytes("UTF-8"));
md.update(":".getBytes("UTF-8"));
md.update(password.getBytes("UTF-8"));
hash = md.digest();
if ("md5-sess".equals(algorithm)) {
md.update(hash);
md.update(":".getBytes("UTF-8"));
md.update(nonce.getBytes("UTF-8"));
md.update(":".getBytes("UTF-8"));
md.update(clientNonce.getBytes("UTF-8"));
hash = md.digest();
}
} catch (NoSuchAlgorithmException e) {
throw new SaslException("No provider found for MD5 hash", e);
} catch (UnsupportedEncodingException e) {
throw new SaslException("UTF-8 encoding not supported by platform.", e);
}
return convertToHex(hash);
}
use of org.apache.harmony.javax.security.sasl.SaslException in project AsmackService by rtreffer.
the class DigestChallenge method handleCipher.
/**
* This function implements the semenatics of the cipher-opts directive
* directive. The value of the qop directive is as defined below:
* qop-options = "qop" "=" <"> qop-list <">
* qop-list = 1#qop-value
* qop-value = "auth" | "auth-int" | "auth-conf" | token
*
* @param pd ParsedDirective
*
* @exception SaslException If an error occurs due to Too many cipher
* directives
*/
void handleCipher(ParsedDirective pd) throws SaslException {
String token;
TokenParser parser;
if (0 != m_cipherOptions)
throw new SaslException("Too many cipher directives.");
parser = new TokenParser(pd.getValue());
token = parser.parseToken();
for (token = parser.parseToken(); token != null; token = parser.parseToken()) {
if ("3des".equals(token))
m_cipherOptions |= CIPHER_3DES;
else if ("des".equals(token))
m_cipherOptions |= CIPHER_DES;
else if ("rc4-40".equals(token))
m_cipherOptions |= CIPHER_RC4_40;
else if ("rc4".equals(token))
m_cipherOptions |= CIPHER_RC4;
else if ("rc4-56".equals(token))
m_cipherOptions |= CIPHER_RC4_56;
else
m_cipherOptions |= CIPHER_UNRECOGNIZED;
}
if (m_cipherOptions == 0)
m_cipherOptions = CIPHER_UNRECOGNIZED;
}
use of org.apache.harmony.javax.security.sasl.SaslException in project AsmackService by rtreffer.
the class DigestChallenge method handleQop.
/**
* This function implements the semenatics of the qop (quality of protection)
* directive. The value of the qop directive is as defined below:
* qop-options = "qop" "=" <"> qop-list <">
* qop-list = 1#qop-value
* qop-value = "auth" | "auth-int" | "auth-conf" | token
*
* @param pd ParsedDirective
*
* @exception SaslException If an error occurs due to too many qop
* directives
*/
void handleQop(ParsedDirective pd) throws SaslException {
String token;
TokenParser parser;
if (m_qop != 0)
throw new SaslException("Too many qop directives.");
parser = new TokenParser(pd.getValue());
for (token = parser.parseToken(); token != null; token = parser.parseToken()) {
if (token.equals("auth"))
m_qop |= QOP_AUTH;
else if (token.equals("auth-int"))
m_qop |= QOP_AUTH_INT;
else if (token.equals("auth-conf"))
m_qop |= QOP_AUTH_CONF;
else
m_qop |= QOP_UNRECOGNIZED;
}
}
Aggregations