Search in sources :

Example 6 with SaslException

use of org.apache.harmony.javax.security.sasl.SaslException in project AsmackService by rtreffer.

the class DigestMD5SaslClient method DigestCalcResponse.

/**
     * This function calculates the response-value of the response directive of
     * the digest-response as documented in RFC 2831
     *
     * @param  HA1           H(A1)
     * @param  serverNonce   nonce from server
     * @param  nonceCount    8 hex digits
     * @param  clientNonce   client nonce 
     * @param  qop           qop-value: "", "auth", "auth-int"
     * @param  method        method from the request
     * @param  digestUri     requested URL
     * @param  clientResponseFlag request-digest or response-digest
     *
     * @return Response-value of the response directive of the digest-response
     *
     * @exception SaslException  If an error occurs
     */
char[] DigestCalcResponse(char[] HA1, /* H(A1) */
String serverNonce, /* nonce from server */
String nonceCount, /* 8 hex digits */
String clientNonce, /* client nonce */
String qop, /* qop-value: "", "auth", "auth-int" */
String method, /* method from the request */
String digestUri, /* requested URL */
boolean clientResponseFlag) throws /* request-digest or response-digest */
SaslException {
    byte[] HA2;
    byte[] respHash;
    char[] HA2Hex;
    // calculate H(A2)
    try {
        MessageDigest md = MessageDigest.getInstance("MD5");
        if (clientResponseFlag)
            md.update(method.getBytes("UTF-8"));
        md.update(":".getBytes("UTF-8"));
        md.update(digestUri.getBytes("UTF-8"));
        if ("auth-int".equals(qop)) {
            md.update(":".getBytes("UTF-8"));
            md.update("00000000000000000000000000000000".getBytes("UTF-8"));
        }
        HA2 = md.digest();
        HA2Hex = convertToHex(HA2);
        // calculate response
        md.update(new String(HA1).getBytes("UTF-8"));
        md.update(":".getBytes("UTF-8"));
        md.update(serverNonce.getBytes("UTF-8"));
        md.update(":".getBytes("UTF-8"));
        if (qop.length() > 0) {
            md.update(nonceCount.getBytes("UTF-8"));
            md.update(":".getBytes("UTF-8"));
            md.update(clientNonce.getBytes("UTF-8"));
            md.update(":".getBytes("UTF-8"));
            md.update(qop.getBytes("UTF-8"));
            md.update(":".getBytes("UTF-8"));
        }
        md.update(new String(HA2Hex).getBytes("UTF-8"));
        respHash = md.digest();
    } catch (NoSuchAlgorithmException e) {
        throw new SaslException("No provider found for MD5 hash", e);
    } catch (UnsupportedEncodingException e) {
        throw new SaslException("UTF-8 encoding not supported by platform.", e);
    }
    return convertToHex(respHash);
}
Also used : UnsupportedEncodingException(java.io.UnsupportedEncodingException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) MessageDigest(java.security.MessageDigest) SaslException(org.apache.harmony.javax.security.sasl.SaslException)

Example 7 with SaslException

use of org.apache.harmony.javax.security.sasl.SaslException in project AsmackService by rtreffer.

the class DigestMD5SaslClient method createDigestResponse.

/**
     * Creates the intial response to be sent to the server.
     *
     * @param challenge  Challenge in bytes recived form the Server
     *
     * @return Initial response to be sent to the server
     */
private String createDigestResponse(byte[] challenge) throws SaslException {
    char[] response;
    StringBuffer digestResponse = new StringBuffer(512);
    int realmSize;
    m_dc = new DigestChallenge(challenge);
    m_digestURI = m_protocol + "/" + m_serverName;
    if ((m_dc.getQop() & DigestChallenge.QOP_AUTH) == DigestChallenge.QOP_AUTH)
        m_qopValue = "auth";
    else
        throw new SaslException("Client only supports qop of 'auth'");
    //get call back information
    Callback[] callbacks = new Callback[3];
    ArrayList realms = m_dc.getRealms();
    realmSize = realms.size();
    if (realmSize == 0) {
        callbacks[0] = new RealmCallback("Realm");
    } else if (realmSize == 1) {
        callbacks[0] = new RealmCallback("Realm", (String) realms.get(0));
    } else {
        callbacks[0] = new RealmChoiceCallback("Realm", (String[]) realms.toArray(new String[realmSize]), //the default choice index
        0, //no multiple selections
        false);
    }
    callbacks[1] = new javax.security.auth.callback.PasswordCallback("Password", false);
    if (m_authorizationId == null || m_authorizationId.length() == 0)
        callbacks[2] = new NameCallback("Name");
    else
        callbacks[2] = new NameCallback("Name", m_authorizationId);
    try {
        m_cbh.handle(callbacks);
    } catch (UnsupportedCallbackException e) {
        throw new SaslException("Handler does not support" + " necessary callbacks", e);
    } catch (IOException e) {
        throw new SaslException("IO exception in CallbackHandler.", e);
    }
    if (realmSize > 1) {
        int[] selections = ((RealmChoiceCallback) callbacks[0]).getSelectedIndexes();
        if (selections.length > 0)
            m_realm = ((RealmChoiceCallback) callbacks[0]).getChoices()[selections[0]];
        else
            m_realm = ((RealmChoiceCallback) callbacks[0]).getChoices()[0];
    } else
        m_realm = ((RealmCallback) callbacks[0]).getText();
    m_clientNonce = getClientNonce();
    m_name = ((NameCallback) callbacks[2]).getName();
    if (m_name == null)
        m_name = ((NameCallback) callbacks[2]).getDefaultName();
    if (m_name == null)
        throw new SaslException("No user name was specified.");
    m_HA1 = DigestCalcHA1(m_dc.getAlgorithm(), m_name, m_realm, new String(((javax.security.auth.callback.PasswordCallback) callbacks[1]).getPassword()), m_dc.getNonce(), m_clientNonce);
    response = DigestCalcResponse(m_HA1, m_dc.getNonce(), "00000001", m_clientNonce, m_qopValue, "AUTHENTICATE", m_digestURI, true);
    digestResponse.append("username=\"");
    digestResponse.append(m_authorizationId);
    if (0 != m_realm.length()) {
        digestResponse.append("\",realm=\"");
        digestResponse.append(m_realm);
    }
    digestResponse.append("\",cnonce=\"");
    digestResponse.append(m_clientNonce);
    digestResponse.append("\",nc=");
    //nounce count
    digestResponse.append("00000001");
    digestResponse.append(",qop=");
    digestResponse.append(m_qopValue);
    digestResponse.append(",digest-uri=\"");
    digestResponse.append(m_digestURI);
    digestResponse.append("\",response=");
    digestResponse.append(response);
    digestResponse.append(",charset=utf-8,nonce=\"");
    digestResponse.append(m_dc.getNonce());
    digestResponse.append("\"");
    return digestResponse.toString();
}
Also used : ArrayList(java.util.ArrayList) IOException(java.io.IOException) SaslException(org.apache.harmony.javax.security.sasl.SaslException) NameCallback(org.apache.harmony.javax.security.auth.callback.NameCallback) RealmChoiceCallback(org.apache.harmony.javax.security.sasl.RealmChoiceCallback) RealmCallback(org.apache.harmony.javax.security.sasl.RealmCallback) Callback(javax.security.auth.callback.Callback) NameCallback(org.apache.harmony.javax.security.auth.callback.NameCallback) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) RealmChoiceCallback(org.apache.harmony.javax.security.sasl.RealmChoiceCallback) RealmCallback(org.apache.harmony.javax.security.sasl.RealmCallback)

Example 8 with SaslException

use of org.apache.harmony.javax.security.sasl.SaslException in project AsmackService by rtreffer.

the class DigestMD5SaslClient method DigestCalcHA1.

/**
     * Calculates the HA1 portion of the response
     *
     * @param  algorithm   Algorith to use.
     * @param  userName    User being authenticated
     * @param  realm       realm information
     * @param  password    password of teh user
     * @param  nonce       nonce value
     * @param  clientNonce Clients Nonce value
     *
     * @return  HA1 portion of the response in a character array
     *
     * @exception SaslException  If an error occurs
     */
char[] DigestCalcHA1(String algorithm, String userName, String realm, String password, String nonce, String clientNonce) throws SaslException {
    byte[] hash;
    try {
        MessageDigest md = MessageDigest.getInstance("MD5");
        md.update(userName.getBytes("UTF-8"));
        md.update(":".getBytes("UTF-8"));
        md.update(realm.getBytes("UTF-8"));
        md.update(":".getBytes("UTF-8"));
        md.update(password.getBytes("UTF-8"));
        hash = md.digest();
        if ("md5-sess".equals(algorithm)) {
            md.update(hash);
            md.update(":".getBytes("UTF-8"));
            md.update(nonce.getBytes("UTF-8"));
            md.update(":".getBytes("UTF-8"));
            md.update(clientNonce.getBytes("UTF-8"));
            hash = md.digest();
        }
    } catch (NoSuchAlgorithmException e) {
        throw new SaslException("No provider found for MD5 hash", e);
    } catch (UnsupportedEncodingException e) {
        throw new SaslException("UTF-8 encoding not supported by platform.", e);
    }
    return convertToHex(hash);
}
Also used : UnsupportedEncodingException(java.io.UnsupportedEncodingException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) MessageDigest(java.security.MessageDigest) SaslException(org.apache.harmony.javax.security.sasl.SaslException)

Example 9 with SaslException

use of org.apache.harmony.javax.security.sasl.SaslException in project AsmackService by rtreffer.

the class DigestChallenge method handleCipher.

/**
     * This function implements the semenatics of the cipher-opts directive
     * directive. The value of the qop directive is as defined below:
     *      qop-options =     "qop" "=" <"> qop-list <">
     *      qop-list    =     1#qop-value
     *      qop-value    =     "auth" | "auth-int"  | "auth-conf" | token
     *
     * @param      pd   ParsedDirective
     *
     * @exception  SaslException If an error occurs due to Too many cipher
     *                           directives 
     */
void handleCipher(ParsedDirective pd) throws SaslException {
    String token;
    TokenParser parser;
    if (0 != m_cipherOptions)
        throw new SaslException("Too many cipher directives.");
    parser = new TokenParser(pd.getValue());
    token = parser.parseToken();
    for (token = parser.parseToken(); token != null; token = parser.parseToken()) {
        if ("3des".equals(token))
            m_cipherOptions |= CIPHER_3DES;
        else if ("des".equals(token))
            m_cipherOptions |= CIPHER_DES;
        else if ("rc4-40".equals(token))
            m_cipherOptions |= CIPHER_RC4_40;
        else if ("rc4".equals(token))
            m_cipherOptions |= CIPHER_RC4;
        else if ("rc4-56".equals(token))
            m_cipherOptions |= CIPHER_RC4_56;
        else
            m_cipherOptions |= CIPHER_UNRECOGNIZED;
    }
    if (m_cipherOptions == 0)
        m_cipherOptions = CIPHER_UNRECOGNIZED;
}
Also used : SaslException(org.apache.harmony.javax.security.sasl.SaslException)

Example 10 with SaslException

use of org.apache.harmony.javax.security.sasl.SaslException in project AsmackService by rtreffer.

the class DigestChallenge method handleQop.

/**
     * This function implements the semenatics of the qop (quality of protection)
     * directive. The value of the qop directive is as defined below:
     *      qop-options =     "qop" "=" <"> qop-list <">
     *      qop-list    =     1#qop-value
     *      qop-value    =     "auth" | "auth-int"  | "auth-conf" | token
     *
     * @param      pd   ParsedDirective
     *
     * @exception  SaslException   If an error occurs due to too many qop
     *                             directives
     */
void handleQop(ParsedDirective pd) throws SaslException {
    String token;
    TokenParser parser;
    if (m_qop != 0)
        throw new SaslException("Too many qop directives.");
    parser = new TokenParser(pd.getValue());
    for (token = parser.parseToken(); token != null; token = parser.parseToken()) {
        if (token.equals("auth"))
            m_qop |= QOP_AUTH;
        else if (token.equals("auth-int"))
            m_qop |= QOP_AUTH_INT;
        else if (token.equals("auth-conf"))
            m_qop |= QOP_AUTH_CONF;
        else
            m_qop |= QOP_UNRECOGNIZED;
    }
}
Also used : SaslException(org.apache.harmony.javax.security.sasl.SaslException)

Aggregations

SaslException (org.apache.harmony.javax.security.sasl.SaslException)10 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)3 UnsupportedEncodingException (java.io.UnsupportedEncodingException)2 MessageDigest (java.security.MessageDigest)2 XmppSaslException (com.googlecode.asmack.XmppSaslException)1 DigestMD5SaslClient (com.novell.sasl.client.DigestMD5SaslClient)1 IOException (java.io.IOException)1 SecureRandom (java.security.SecureRandom)1 ArrayList (java.util.ArrayList)1 Iterator (java.util.Iterator)1 TreeMap (java.util.TreeMap)1 Callback (javax.security.auth.callback.Callback)1 UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)1 NameCallback (org.apache.harmony.javax.security.auth.callback.NameCallback)1 RealmCallback (org.apache.harmony.javax.security.sasl.RealmCallback)1 RealmChoiceCallback (org.apache.harmony.javax.security.sasl.RealmChoiceCallback)1 SaslClient (org.apache.harmony.javax.security.sasl.SaslClient)1 PlainSaslClient (org.apache.qpid.management.common.sasl.PlainSaslClient)1 Node (org.w3c.dom.Node)1