Examples with ClientFinalMessage org.apache.kafka.common.security.scram.ScramMessages.ClientFinalMessage used on opensource projects

Search in sources :

Example 6 with ClientFinalMessage

use of org.apache.kafka.common.security.scram.ScramMessages.ClientFinalMessage in project apache-kafka-on-k8s by banzaicloud.

the class ScramSaslClient method handleServerFirstMessage.

private ClientFinalMessage handleServerFirstMessage(char[] password) throws SaslException {
    try {
        byte[] passwordBytes = formatter.normalize(new String(password));
        this.saltedPassword = formatter.hi(passwordBytes, serverFirstMessage.salt(), serverFirstMessage.iterations());
        ClientFinalMessage clientFinalMessage = new ClientFinalMessage("n,,".getBytes(StandardCharsets.UTF_8), serverFirstMessage.nonce());
        byte[] clientProof = formatter.clientProof(saltedPassword, clientFirstMessage, serverFirstMessage, clientFinalMessage);
        clientFinalMessage.proof(clientProof);
        return clientFinalMessage;
    } catch (InvalidKeyException e) {
        throw new SaslException("Client final message could not be created", e);
    }
}
Also used : ClientFinalMessage(org.apache.kafka.common.security.scram.ScramMessages.ClientFinalMessage) InvalidKeyException(java.security.InvalidKeyException) SaslException(javax.security.sasl.SaslException)

Example 7 with ClientFinalMessage

use of org.apache.kafka.common.security.scram.ScramMessages.ClientFinalMessage in project apache-kafka-on-k8s by banzaicloud.

the class ScramFormatterTest method rfc7677Example.

/**
 * Tests that the formatter implementation produces the same values for the
 * example included in <a href="https://tools.ietf.org/html/rfc5802#section-5">RFC 7677</a>
 */
@Test
public void rfc7677Example() throws Exception {
    ScramFormatter formatter = new ScramFormatter(ScramMechanism.SCRAM_SHA_256);
    String password = "pencil";
    String c1 = "n,,n=user,r=rOprNGfwEbeRWgbNEkqO";
    String s1 = "r=rOprNGfwEbeRWgbNEkqO%hvYDpWUa2RaTCAfuxFIlj)hNlF$k0,s=W22ZaJ0SNY7soEsUEjb6gQ==,i=4096";
    String c2 = "c=biws,r=rOprNGfwEbeRWgbNEkqO%hvYDpWUa2RaTCAfuxFIlj)hNlF$k0,p=dHzbZapWIk4jUhN+Ute9ytag9zjfMHgsqmmiz7AndVQ=";
    String s2 = "v=6rriTRBi23WpRR/wtup+mMhUZUn/dB5nLTJRsjl95G4=";
    ClientFirstMessage clientFirst = new ClientFirstMessage(formatter.toBytes(c1));
    ServerFirstMessage serverFirst = new ServerFirstMessage(formatter.toBytes(s1));
    ClientFinalMessage clientFinal = new ClientFinalMessage(formatter.toBytes(c2));
    ServerFinalMessage serverFinal = new ServerFinalMessage(formatter.toBytes(s2));
    String username = clientFirst.saslName();
    assertEquals("user", username);
    String clientNonce = clientFirst.nonce();
    assertEquals("rOprNGfwEbeRWgbNEkqO", clientNonce);
    String serverNonce = serverFirst.nonce().substring(clientNonce.length());
    assertEquals("%hvYDpWUa2RaTCAfuxFIlj)hNlF$k0", serverNonce);
    byte[] salt = serverFirst.salt();
    assertArrayEquals(Base64.decoder().decode("W22ZaJ0SNY7soEsUEjb6gQ=="), salt);
    int iterations = serverFirst.iterations();
    assertEquals(4096, iterations);
    byte[] channelBinding = clientFinal.channelBinding();
    assertArrayEquals(Base64.decoder().decode("biws"), channelBinding);
    byte[] serverSignature = serverFinal.serverSignature();
    assertArrayEquals(Base64.decoder().decode("6rriTRBi23WpRR/wtup+mMhUZUn/dB5nLTJRsjl95G4="), serverSignature);
    byte[] saltedPassword = formatter.saltedPassword(password, salt, iterations);
    byte[] serverKey = formatter.serverKey(saltedPassword);
    byte[] computedProof = formatter.clientProof(saltedPassword, clientFirst, serverFirst, clientFinal);
    assertArrayEquals(clientFinal.proof(), computedProof);
    byte[] computedSignature = formatter.serverSignature(serverKey, clientFirst, serverFirst, clientFinal);
    assertArrayEquals(serverFinal.serverSignature(), computedSignature);
    // Minimum iterations defined in RFC-7677
    assertEquals(4096, ScramMechanism.SCRAM_SHA_256.minIterations());
}
Also used : ClientFinalMessage(org.apache.kafka.common.security.scram.ScramMessages.ClientFinalMessage) ClientFirstMessage(org.apache.kafka.common.security.scram.ScramMessages.ClientFirstMessage) ServerFinalMessage(org.apache.kafka.common.security.scram.ScramMessages.ServerFinalMessage) ServerFirstMessage(org.apache.kafka.common.security.scram.ScramMessages.ServerFirstMessage) Test(org.junit.Test)

Example 8 with ClientFinalMessage

use of org.apache.kafka.common.security.scram.ScramMessages.ClientFinalMessage in project apache-kafka-on-k8s by banzaicloud.

the class ScramMessagesTest method validClientFinalMessage.

@Test
public void validClientFinalMessage() throws SaslException {
    String nonce = formatter.secureRandomString();
    String channelBinding = randomBytesAsString();
    String proof = randomBytesAsString();
    ClientFinalMessage m = new ClientFinalMessage(toBytes(channelBinding), nonce);
    assertNull("Invalid proof", m.proof());
    m.proof(toBytes(proof));
    checkClientFinalMessage(m, channelBinding, nonce, proof);
    // Default format used by Kafka client: channel-binding, nonce and proof are specified
    String str = String.format("c=%s,r=%s,p=%s", channelBinding, nonce, proof);
    m = createScramMessage(ClientFinalMessage.class, str);
    checkClientFinalMessage(m, channelBinding, nonce, proof);
    m = new ClientFinalMessage(m.toBytes());
    checkClientFinalMessage(m, channelBinding, nonce, proof);
    // Optional extension specified
    for (String extension : VALID_EXTENSIONS) {
        str = String.format("c=%s,r=%s,%s,p=%s", channelBinding, nonce, extension, proof);
        checkClientFinalMessage(createScramMessage(ClientFinalMessage.class, str), channelBinding, nonce, proof);
    }
}
Also used : ClientFinalMessage(org.apache.kafka.common.security.scram.ScramMessages.ClientFinalMessage) Test(org.junit.Test)

Aggregations

ClientFinalMessage (org.apache.kafka.common.security.scram.ScramMessages.ClientFinalMessage)8 InvalidKeyException (java.security.InvalidKeyException)4 SaslException (javax.security.sasl.SaslException)4 ClientFirstMessage (org.apache.kafka.common.security.scram.ScramMessages.ClientFirstMessage)4 ServerFinalMessage (org.apache.kafka.common.security.scram.ScramMessages.ServerFinalMessage)4 ServerFirstMessage (org.apache.kafka.common.security.scram.ScramMessages.ServerFirstMessage)4 Test (org.junit.Test)4 IOException (java.io.IOException)2 NameCallback (javax.security.auth.callback.NameCallback)2 UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)2 IllegalSaslStateException (org.apache.kafka.common.errors.IllegalSaslStateException)2 SaslAuthenticationException (org.apache.kafka.common.errors.SaslAuthenticationException)1 DelegationTokenCredentialCallback (org.apache.kafka.common.security.token.delegation.DelegationTokenCredentialCallback)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial