1:
37:
38:
39: package ;
40:
41: import ;
42: import ;
43: import ;
44: import ;
45:
46: import ;
47: import ;
48: import ;
49: import ;
50: import ;
51: import ;
52:
53: import ;
54: import ;
55: import ;
56:
57:
60: public class CramMD5Server
61: extends ServerMechanism
62: implements SaslServer
63: {
64: private byte[] msgID;
65:
66: public CramMD5Server()
67: {
68: super(Registry.SASL_CRAM_MD5_MECHANISM);
69: }
70:
71: protected void initMechanism() throws SaslException
72: {
73: }
74:
75: protected void resetMechanism() throws SaslException
76: {
77: }
78:
79: public byte[] evaluateResponse(final byte[] response) throws SaslException
80: {
81: if (state == 0)
82: {
83: msgID = CramMD5Util.createMsgID();
84: state++;
85: return msgID;
86: }
87: final String responseStr = new String(response);
88: final int index = responseStr.lastIndexOf(" ");
89: final String username = responseStr.substring(0, index);
90: final byte[] responseDigest;
91: try
92: {
93: responseDigest = responseStr.substring(index + 1).getBytes("UTF-8");
94: }
95: catch (UnsupportedEncodingException x)
96: {
97: throw new AuthenticationException("evaluateResponse()", x);
98: }
99:
100: final char[] password = lookupPassword(username);
101:
102: byte[] digest;
103: try
104: {
105: digest = CramMD5Util.createHMac(password, msgID);
106: }
107: catch (InvalidKeyException x)
108: {
109: throw new AuthenticationException("evaluateResponse()", x);
110: }
111: try
112: {
113: digest = Util.toString(digest).toLowerCase().getBytes("UTF-8");
114: }
115: catch (UnsupportedEncodingException x)
116: {
117: throw new AuthenticationException("evaluateResponse()", x);
118: }
119:
120: if (! Arrays.equals(digest, responseDigest))
121: throw new AuthenticationException("Digest mismatch");
122: state++;
123: return null;
124: }
125:
126: public boolean isComplete()
127: {
128: return (state == 2);
129: }
130:
131: protected String getNegotiatedQOP()
132: {
133: return Registry.QOP_AUTH;
134: }
135:
136: private char[] lookupPassword(final String userName) throws SaslException
137: {
138: try
139: {
140: if (! authenticator.contains(userName))
141: throw new NoSuchUserException(userName);
142: final Map userID = new HashMap();
143: userID.put(Registry.SASL_USERNAME, userName);
144: final Map credentials = authenticator.lookup(userID);
145: final String password = (String) credentials.get(Registry.SASL_PASSWORD);
146: if (password == null)
147: throw new AuthenticationException("lookupPassword()",
148: new InternalError());
149: return password.toCharArray();
150: }
151: catch (IOException x)
152: {
153: if (x instanceof SaslException)
154: throw (SaslException) x;
155: throw new AuthenticationException("lookupPassword()", x);
156: }
157: }
158: }