use of org.apache.kafka.common.security.scram.internals.ScramMessages.ClientFinalMessage in project kafka by apache.
the class ScramSaslClient method handleServerFirstMessage.
private ClientFinalMessage handleServerFirstMessage(char[] password) throws SaslException {
try {
byte[] passwordBytes = ScramFormatter.normalize(new String(password));
this.saltedPassword = formatter.hi(passwordBytes, serverFirstMessage.salt(), serverFirstMessage.iterations());
ClientFinalMessage clientFinalMessage = new ClientFinalMessage("n,,".getBytes(StandardCharsets.UTF_8), serverFirstMessage.nonce());
byte[] clientProof = formatter.clientProof(saltedPassword, clientFirstMessage, serverFirstMessage, clientFinalMessage);
clientFinalMessage.proof(clientProof);
return clientFinalMessage;
} catch (InvalidKeyException e) {
throw new SaslException("Client final message could not be created", e);
}
}
use of org.apache.kafka.common.security.scram.internals.ScramMessages.ClientFinalMessage in project kafka by apache.
the class ScramSaslServer method evaluateResponse.
/**
* @throws SaslAuthenticationException if the requested authorization id is not the same as username.
* <p>
* <b>Note:</b> This method may throw {@link SaslAuthenticationException} to provide custom error messages
* to clients. But care should be taken to avoid including any information in the exception message that
* should not be leaked to unauthenticated clients. It may be safer to throw {@link SaslException} in
* most cases so that a standard error message is returned to clients.
* </p>
*/
@Override
public byte[] evaluateResponse(byte[] response) throws SaslException, SaslAuthenticationException {
try {
switch(state) {
case RECEIVE_CLIENT_FIRST_MESSAGE:
this.clientFirstMessage = new ClientFirstMessage(response);
this.scramExtensions = clientFirstMessage.extensions();
if (!SUPPORTED_EXTENSIONS.containsAll(scramExtensions.map().keySet())) {
log.debug("Unsupported extensions will be ignored, supported {}, provided {}", SUPPORTED_EXTENSIONS, scramExtensions.map().keySet());
}
String serverNonce = formatter.secureRandomString();
try {
String saslName = clientFirstMessage.saslName();
this.username = ScramFormatter.username(saslName);
NameCallback nameCallback = new NameCallback("username", username);
ScramCredentialCallback credentialCallback;
if (scramExtensions.tokenAuthenticated()) {
DelegationTokenCredentialCallback tokenCallback = new DelegationTokenCredentialCallback();
credentialCallback = tokenCallback;
callbackHandler.handle(new Callback[] { nameCallback, tokenCallback });
if (tokenCallback.tokenOwner() == null)
throw new SaslException("Token Authentication failed: Invalid tokenId : " + username);
this.authorizationId = tokenCallback.tokenOwner();
this.tokenExpiryTimestamp = tokenCallback.tokenExpiryTimestamp();
} else {
credentialCallback = new ScramCredentialCallback();
callbackHandler.handle(new Callback[] { nameCallback, credentialCallback });
this.authorizationId = username;
this.tokenExpiryTimestamp = null;
}
this.scramCredential = credentialCallback.scramCredential();
if (scramCredential == null)
throw new SaslException("Authentication failed: Invalid user credentials");
String authorizationIdFromClient = clientFirstMessage.authorizationId();
if (!authorizationIdFromClient.isEmpty() && !authorizationIdFromClient.equals(username))
throw new SaslAuthenticationException("Authentication failed: Client requested an authorization id that is different from username");
if (scramCredential.iterations() < mechanism.minIterations())
throw new SaslException("Iterations " + scramCredential.iterations() + " is less than the minimum " + mechanism.minIterations() + " for " + mechanism);
this.serverFirstMessage = new ServerFirstMessage(clientFirstMessage.nonce(), serverNonce, scramCredential.salt(), scramCredential.iterations());
setState(State.RECEIVE_CLIENT_FINAL_MESSAGE);
return serverFirstMessage.toBytes();
} catch (SaslException | AuthenticationException e) {
throw e;
} catch (Throwable e) {
throw new SaslException("Authentication failed: Credentials could not be obtained", e);
}
case RECEIVE_CLIENT_FINAL_MESSAGE:
try {
ClientFinalMessage clientFinalMessage = new ClientFinalMessage(response);
verifyClientProof(clientFinalMessage);
byte[] serverKey = scramCredential.serverKey();
byte[] serverSignature = formatter.serverSignature(serverKey, clientFirstMessage, serverFirstMessage, clientFinalMessage);
ServerFinalMessage serverFinalMessage = new ServerFinalMessage(null, serverSignature);
clearCredentials();
setState(State.COMPLETE);
return serverFinalMessage.toBytes();
} catch (InvalidKeyException e) {
throw new SaslException("Authentication failed: Invalid client final message", e);
}
default:
throw new IllegalSaslStateException("Unexpected challenge in Sasl server state " + state);
}
} catch (SaslException | AuthenticationException e) {
clearCredentials();
setState(State.FAILED);
throw e;
}
}
use of org.apache.kafka.common.security.scram.internals.ScramMessages.ClientFinalMessage in project kafka by apache.
the class ScramFormatterTest method rfc7677Example.
/**
* Tests that the formatter implementation produces the same values for the
* example included in <a href="https://tools.ietf.org/html/rfc5802#section-5">RFC 7677</a>
*/
@Test
public void rfc7677Example() throws Exception {
ScramFormatter formatter = new ScramFormatter(ScramMechanism.SCRAM_SHA_256);
String password = "pencil";
String c1 = "n,,n=user,r=rOprNGfwEbeRWgbNEkqO";
String s1 = "r=rOprNGfwEbeRWgbNEkqO%hvYDpWUa2RaTCAfuxFIlj)hNlF$k0,s=W22ZaJ0SNY7soEsUEjb6gQ==,i=4096";
String c2 = "c=biws,r=rOprNGfwEbeRWgbNEkqO%hvYDpWUa2RaTCAfuxFIlj)hNlF$k0,p=dHzbZapWIk4jUhN+Ute9ytag9zjfMHgsqmmiz7AndVQ=";
String s2 = "v=6rriTRBi23WpRR/wtup+mMhUZUn/dB5nLTJRsjl95G4=";
ClientFirstMessage clientFirst = new ClientFirstMessage(ScramFormatter.toBytes(c1));
ServerFirstMessage serverFirst = new ServerFirstMessage(ScramFormatter.toBytes(s1));
ClientFinalMessage clientFinal = new ClientFinalMessage(ScramFormatter.toBytes(c2));
ServerFinalMessage serverFinal = new ServerFinalMessage(ScramFormatter.toBytes(s2));
String username = clientFirst.saslName();
assertEquals("user", username);
String clientNonce = clientFirst.nonce();
assertEquals("rOprNGfwEbeRWgbNEkqO", clientNonce);
String serverNonce = serverFirst.nonce().substring(clientNonce.length());
assertEquals("%hvYDpWUa2RaTCAfuxFIlj)hNlF$k0", serverNonce);
byte[] salt = serverFirst.salt();
assertArrayEquals(Base64.getDecoder().decode("W22ZaJ0SNY7soEsUEjb6gQ=="), salt);
int iterations = serverFirst.iterations();
assertEquals(4096, iterations);
byte[] channelBinding = clientFinal.channelBinding();
assertArrayEquals(Base64.getDecoder().decode("biws"), channelBinding);
byte[] serverSignature = serverFinal.serverSignature();
assertArrayEquals(Base64.getDecoder().decode("6rriTRBi23WpRR/wtup+mMhUZUn/dB5nLTJRsjl95G4="), serverSignature);
byte[] saltedPassword = formatter.saltedPassword(password, salt, iterations);
byte[] serverKey = formatter.serverKey(saltedPassword);
byte[] computedProof = formatter.clientProof(saltedPassword, clientFirst, serverFirst, clientFinal);
assertArrayEquals(clientFinal.proof(), computedProof);
byte[] computedSignature = formatter.serverSignature(serverKey, clientFirst, serverFirst, clientFinal);
assertArrayEquals(serverFinal.serverSignature(), computedSignature);
// Minimum iterations defined in RFC-7677
assertEquals(4096, ScramMechanism.SCRAM_SHA_256.minIterations());
}
use of org.apache.kafka.common.security.scram.internals.ScramMessages.ClientFinalMessage in project kafka by apache.
the class ScramMessagesTest method validClientFinalMessage.
@Test
public void validClientFinalMessage() throws SaslException {
String nonce = formatter.secureRandomString();
String channelBinding = randomBytesAsString();
String proof = randomBytesAsString();
ClientFinalMessage m = new ClientFinalMessage(toBytes(channelBinding), nonce);
assertNull(m.proof(), "Invalid proof");
m.proof(toBytes(proof));
checkClientFinalMessage(m, channelBinding, nonce, proof);
// Default format used by Kafka client: channel-binding, nonce and proof are specified
String str = String.format("c=%s,r=%s,p=%s", channelBinding, nonce, proof);
m = createScramMessage(ClientFinalMessage.class, str);
checkClientFinalMessage(m, channelBinding, nonce, proof);
m = new ClientFinalMessage(m.toBytes());
checkClientFinalMessage(m, channelBinding, nonce, proof);
// Optional extension specified
for (String extension : VALID_EXTENSIONS) {
str = String.format("c=%s,r=%s,%s,p=%s", channelBinding, nonce, extension, proof);
checkClientFinalMessage(createScramMessage(ClientFinalMessage.class, str), channelBinding, nonce, proof);
}
}
Aggregations