public final class DigestMD5Server extends Object implements SaslServer
The DIGEST-MD5 SASL mechanism specifies two modes of authentication.
Modifier and Type | Field and Description |
---|---|
protected byte |
allQop |
protected String |
authzid |
protected CallbackHandler |
cbh |
protected static byte[] |
CIPHER_MASKS |
protected static String[] |
CIPHER_TOKENS |
protected boolean |
completed |
protected static int |
DEFAULT_MAXBUF |
protected static int |
DES |
protected static byte |
DES_3_STRENGTH |
protected static byte |
DES_STRENGTH |
protected static int |
DES3 |
protected String |
digestUri |
protected static byte[] |
EMPTY_BYTE_ARRAY |
protected String |
encoding |
protected byte[] |
H_A1 |
protected static byte |
HIGH_STRENGTH |
protected boolean |
integrity |
protected static byte |
INTEGRITY_ONLY_PROTECTION |
protected static byte |
LOW_STRENGTH |
protected static int |
MAX_CHALLENGE_LENGTH |
protected static int |
MAX_RESPONSE_LENGTH |
protected static String |
MAX_SEND_BUF |
protected static byte |
MEDIUM_STRENGTH |
protected String |
myClassName |
protected String |
negotiatedCipher |
protected String |
negotiatedQop |
protected String |
negotiatedRealm |
protected String |
negotiatedStrength |
protected static byte |
NO_PROTECTION |
protected byte[] |
nonce |
protected static String |
PRE_DIGESTED_PROPERTY |
protected boolean |
privacy |
protected static byte |
PRIVACY_PROTECTION |
protected byte[] |
qop |
protected int |
rawSendSize |
protected static int |
RC4 |
protected static int |
RC4_40 |
protected static byte |
RC4_40_STRENGTH |
protected static int |
RC4_56 |
protected static byte |
RC4_56_STRENGTH |
protected static byte |
RC4_STRENGTH |
protected int |
recvMaxBufSize |
protected org.jboss.sasl.digest.SecurityCtx |
secCtx |
protected int |
sendMaxBufSize |
protected int |
step |
protected byte[] |
strength |
protected static byte |
UNSET |
protected boolean |
useUTF8 |
Modifier and Type | Method and Description |
---|---|
protected byte[] |
binaryToHex(byte[] digest)
Convert a byte array to hexadecimal string.
|
protected static byte |
combineMasks(byte[] in) |
void |
dispose() |
byte[] |
evaluateResponse(byte[] response) |
protected static byte |
findPreferredMask(byte pref,
byte[] in) |
protected static byte[] |
generateNonce() |
protected byte[] |
generateResponseValue(String authMethod,
String digestUriValue,
String qopValue,
byte[] urpHash,
byte[] nonceValue,
byte[] cNonceValue,
int nonceCount,
byte[] authzidValue)
Assembles response-value for digest-response.
|
protected byte[] |
generateResponseValue(String authMethod,
String digestUriValue,
String qopValue,
String usernameValue,
String realmValue,
char[] passwdValue,
byte[] nonceValue,
byte[] cNonceValue,
int nonceCount,
byte[] authzidValue)
Assembles response-value for digest-response.
|
String |
getAuthorizationID() |
String |
getMechanismName()
Retrieves the SASL mechanism IANA name.
|
Object |
getNegotiatedProperty(String propName)
Retrieves the negotiated property.
|
protected static byte[] |
getPlatformCiphers() |
protected static void |
intToNetworkByteOrder(int num,
byte[] buf,
int start,
int count)
Encodes an integer into 4 bytes in network byte order in the buffer
supplied.
|
boolean |
isComplete()
Determines whether this mechanism has completed.
|
protected static int |
networkByteOrderToInt(byte[] buf,
int start,
int count)
Returns the integer represented by 4 bytes in network byte order.
|
protected static String |
nonceCountToHex(int count)
Takes 'nonceCount' value and returns HEX value of the value.
|
protected static byte[][] |
parseDirectives(byte[] buf,
String[] keyTable,
List<byte[]> realmChoices,
int realmIndex)
Parses digest-challenge string, extracting each token
and value(s)
|
protected static byte[] |
parseQop(String qop,
String[] saveTokens,
boolean ignore) |
protected static String |
quotedStringValue(String str) |
byte[] |
unwrap(byte[] incoming,
int start,
int len)
Unwrap the incoming message using the wrap method of the secCtx object
instance.
|
byte[] |
wrap(byte[] outgoing,
int start,
int len)
Wrap outgoing bytes using the wrap method of the secCtx object
instance.
|
protected static void |
writeQuotedStringValue(ByteArrayOutputStream out,
byte[] buf)
Checks if a byte[] contains characters that must be quoted
and write the resulting, possibly escaped, characters to out.
|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
dispose, getMechanismName, getNegotiatedProperty, isComplete, unwrap, wrap
protected static final int MAX_CHALLENGE_LENGTH
protected static final int MAX_RESPONSE_LENGTH
protected static final int DEFAULT_MAXBUF
protected static final int DES3
protected static final int RC4
protected static final int DES
protected static final int RC4_56
protected static final int RC4_40
protected static final String[] CIPHER_TOKENS
protected static final byte DES_3_STRENGTH
protected static final byte RC4_STRENGTH
protected static final byte DES_STRENGTH
protected static final byte RC4_56_STRENGTH
protected static final byte RC4_40_STRENGTH
protected static final byte UNSET
protected static final byte[] CIPHER_MASKS
protected static final byte[] EMPTY_BYTE_ARRAY
protected static final String PRE_DIGESTED_PROPERTY
protected int step
protected CallbackHandler cbh
protected org.jboss.sasl.digest.SecurityCtx secCtx
protected byte[] H_A1
protected byte[] nonce
protected String negotiatedStrength
protected String negotiatedCipher
protected String negotiatedQop
protected String negotiatedRealm
protected boolean useUTF8
protected String encoding
protected String digestUri
protected String authzid
protected boolean completed
protected boolean privacy
protected boolean integrity
protected byte[] qop
protected byte allQop
protected byte[] strength
protected int sendMaxBufSize
protected int recvMaxBufSize
protected int rawSendSize
protected String myClassName
protected static final String MAX_SEND_BUF
protected static final byte NO_PROTECTION
protected static final byte INTEGRITY_ONLY_PROTECTION
protected static final byte PRIVACY_PROTECTION
protected static final byte LOW_STRENGTH
protected static final byte MEDIUM_STRENGTH
protected static final byte HIGH_STRENGTH
public byte[] evaluateResponse(byte[] response) throws SaslException
evaluateResponse
in interface SaslServer
SaslException
public String getAuthorizationID()
getAuthorizationID
in interface SaslServer
public String getMechanismName()
public byte[] unwrap(byte[] incoming, int start, int len) throws SaslException
incoming
- The byte array containing the incoming bytes.start
- The offset from which to read the byte array.len
- The number of bytes to read from the offset.SaslException
- if an error occurs when unwrapping the incoming
messagepublic byte[] wrap(byte[] outgoing, int start, int len) throws SaslException
outgoing
- The byte array containing the outgoing bytes.start
- The offset from which to read the byte array.len
- The number of bytes to read from the offset.SaslException
- if an error occurs when wrapping the outgoing
messagepublic void dispose() throws SaslException
SaslException
public Object getNegotiatedProperty(String propName)
protected static byte[] generateNonce()
protected static void writeQuotedStringValue(ByteArrayOutputStream out, byte[] buf)
protected byte[] binaryToHex(byte[] digest) throws UnsupportedEncodingException
digest
- a non-null byte arrayUnsupportedEncodingException
protected static byte[] getPlatformCiphers()
protected byte[] generateResponseValue(String authMethod, String digestUriValue, String qopValue, String usernameValue, String realmValue, char[] passwdValue, byte[] nonceValue, byte[] cNonceValue, int nonceCount, byte[] authzidValue) throws NoSuchAlgorithmException, IOException
authMethod
- "AUTHENTICATE" for client-generated response;
"" for server-generated responseNoSuchAlgorithmException
- if the platform does not have MD5
digest support.UnsupportedEncodingException
- if a an error occurs
encoding a string into either Latin-1 or UTF-8.IOException
- if an error occurs writing to the output
byte array buffer.protected byte[] generateResponseValue(String authMethod, String digestUriValue, String qopValue, byte[] urpHash, byte[] nonceValue, byte[] cNonceValue, int nonceCount, byte[] authzidValue) throws NoSuchAlgorithmException, IOException
authMethod
- "AUTHENTICATE" for client-generated response;
"" for server-generated responseNoSuchAlgorithmException
- if the platform does not have MD5
digest support.UnsupportedEncodingException
- if a an error occurs
encoding a string into either Latin-1 or UTF-8.IOException
- if an error occurs writing to the output
byte array buffer.protected static String nonceCountToHex(int count)
protected static byte[][] parseDirectives(byte[] buf, String[] keyTable, List<byte[]> realmChoices, int realmIndex) throws SaslException
buf
- A non-null digest-challenge string.SaslException
- if the buf cannot be parsed according to RFC 2831public boolean isComplete()
protected static final byte combineMasks(byte[] in)
protected static final byte findPreferredMask(byte pref, byte[] in)
protected static final byte[] parseQop(String qop, String[] saveTokens, boolean ignore) throws SaslException
SaslException
protected static final int networkByteOrderToInt(byte[] buf, int start, int count)
protected static final void intToNetworkByteOrder(int num, byte[] buf, int start, int count)
Copyright © 2012 JBoss by Red Hat. All Rights Reserved.