Package org.wildfly.security.sasl.digest

Class DigestSaslServer

java.lang.Object

org.wildfly.security.sasl.util.AbstractSaslParticipant

org.wildfly.security.sasl.digest.AbstractDigestMechanism

org.wildfly.security.sasl.digest.DigestSaslServer

All Implemented Interfaces:

SaslServer, SaslWrapper

final class DigestSaslServer
extends AbstractDigestMechanism
implements SaslServer

A server implementation of RFC 2831 DIGEST SASL mechanism.

Author:

Peter Skopek

Nested Class Summary

Nested classes/interfaces inherited from class org.wildfly.security.sasl.digest.AbstractDigestMechanism

AbstractDigestMechanism.DigestWrapper, AbstractDigestMechanism.FORMAT

Field Summary

Fields

Modifier and Type	Field	Description
private String	boundServerName
private boolean	defaultRealm
private Predicate<String>	digestUriProtocolAccepted
private int	nonceCount
private String[]	qops
private String[]	realms
private String	receivedClientUri
private int	receivingMaxBuffSize
private static byte	STEP_ONE
private static byte	STEP_THREE
private String	supportedCiphers

Fields inherited from class org.wildfly.security.sasl.digest.AbstractDigestMechanism

authorizationId, charset, cipher, CIPHER_OPTS, cnonce, DEFAULT_MAXBUF, DELIMITER, digest, digestURI, hA1, hmacMD5, messageDigest, nonce, qop, realm, secureRandomGenerator, unwrapCipher, unwrapHmacKeyIntegrity, unwrapSeqNum, username, wrapCipher, wrapHmacKeyIntegrity, wrapSeqNum

Fields inherited from class org.wildfly.security.sasl.util.AbstractSaslParticipant

COMPLETE_STATE, FAILED_STATE, NO_BYTES

Fields inherited from interface org.wildfly.security.sasl.util.SaslWrapper

IDENTITY

Constructor Summary

Constructors

Constructor	Description
DigestSaslServer(String[] realms, boolean defaultRealm, String mechanismName, String protocol, String serverName, CallbackHandler callbackHandler, Charset charset, String[] qops, String[] ciphers, Predicate<String> digestUriProtocolAccepted, Supplier<Provider[]> providers)

Method Summary

Modifier and Type	Method	Description
private byte[]	createResponseAuth()
protected byte[]	evaluateMessage(int state, byte[] message)
byte[]	evaluateResponse(byte[] response)
private byte[]	generateChallenge()	Generates a digest challenge digest-challenge = 1#( realm | nonce | qop-options | stale | maxbuf | charset algorithm | cipher-opts | auth-param ) realm = "realm" "=" <"> realm-value <"> realm-value = qdstr-val nonce = "nonce" "=" <"> nonce-value <"> nonce-value = qdstr-val qop-options = "qop" "=" <"> qop-list <"> qop-list = 1#qop-value qop-value = "auth" | "auth-int" | "auth-conf" | token stale = "stale" "=" "true" maxbuf = "maxbuf" "=" maxbuf-value maxbuf-value = 1*DIGIT charset = "charset" "=" "utf-8" algorithm = "algorithm" "=" "md5-sess" cipher-opts = "cipher" "=" <"> 1#cipher-value <"> cipher-value = "3des" | "des" | "rc4-40" | "rc4" | "rc4-56" | token auth-param = token "=" ( token | quoted-string )
String	getAuthorizationID()
Object	getNegotiatedProperty(String propName)	Get a property negotiated between this participant and the other.
void	init()
private void	noteDigestResponseData(HashMap<String,byte[]> parsedDigestResponse)
private byte[]	validateDigestResponse(HashMap<String,byte[]> parsedDigestResponse)

Methods inherited from class org.wildfly.security.sasl.digest.AbstractDigestMechanism

arrayContains, createCipher, createCiphersAndKeys, createIntegrityKey, generateNonce, getCharset, getSupportedCiphers, handleUserRealmPasswordCallbacks

Methods inherited from class org.wildfly.security.sasl.util.AbstractSaslParticipant

assertComplete, dispose, evaluateMessage, getCallbackHandler, getIntProperty, getMechanismName, getProtocol, getServerName, getStringProperty, getWrapper, handleCallbacks, isComplete, negotiationComplete, setNegotiationState, setWrapper, tryHandleCallbacks, unwrap, wrap

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface javax.security.sasl.SaslServer

dispose, getMechanismName, isComplete, unwrap, wrap

Field Detail

digestUriProtocolAccepted

private final Predicate<String> digestUriProtocolAccepted

defaultRealm

private final boolean defaultRealm

STEP_ONE

private static final byte STEP_ONE

See Also:

Constant Field Values

STEP_THREE

private static final byte STEP_THREE

See Also:

Constant Field Values

realms

private String[] realms

supportedCiphers

private String supportedCiphers

receivingMaxBuffSize

private int receivingMaxBuffSize

qops

private String[] qops

nonceCount

private int nonceCount

receivedClientUri

private String receivedClientUri

boundServerName

private String boundServerName

Constructor Detail

DigestSaslServer

DigestSaslServer(String[] realms,
                 boolean defaultRealm,
                 String mechanismName,
                 String protocol,
                 String serverName,
                 CallbackHandler callbackHandler,
                 Charset charset,
                 String[] qops,
                 String[] ciphers,
                 Predicate<String> digestUriProtocolAccepted,
                 Supplier<Provider[]> providers)
          throws SaslException

Throws:

SaslException

Method Detail

generateChallenge

private byte[] generateChallenge()

Generates a digest challenge digest-challenge = 1#( realm | nonce | qop-options | stale | maxbuf | charset algorithm | cipher-opts | auth-param ) realm = "realm" "=" <"> realm-value <"> realm-value = qdstr-val nonce = "nonce" "=" <"> nonce-value <"> nonce-value = qdstr-val qop-options = "qop" "=" <"> qop-list <"> qop-list = 1#qop-value qop-value = "auth" | "auth-int" | "auth-conf" | token stale = "stale" "=" "true" maxbuf = "maxbuf" "=" maxbuf-value maxbuf-value = 1*DIGIT charset = "charset" "=" "utf-8" algorithm = "algorithm" "=" "md5-sess" cipher-opts = "cipher" "=" <"> 1#cipher-value <"> cipher-value = "3des" | "des" | "rc4-40" | "rc4" | "rc4-56" | token auth-param = token "=" ( token | quoted-string )

Returns:

noteDigestResponseData

private void noteDigestResponseData(HashMap<String,byte[]> parsedDigestResponse)

validateDigestResponse

private byte[] validateDigestResponse(HashMap<String,byte[]> parsedDigestResponse)
                               throws SaslException

Throws:

SaslException

createResponseAuth

private byte[] createResponseAuth()

getAuthorizationID

public String getAuthorizationID()

Specified by:

getAuthorizationID in interface SaslServer

getNegotiatedProperty

public Object getNegotiatedProperty(String propName)

Description copied from class: AbstractSaslParticipant

Get a property negotiated between this participant and the other.

Specified by:

getNegotiatedProperty in interface SaslServer

Overrides:

getNegotiatedProperty in class AbstractSaslParticipant

Parameters:

propName - the property name

Returns:

the property value or null if not defined

init

public void init()

Overrides:

init in class AbstractSaslParticipant

evaluateResponse

public byte[] evaluateResponse(byte[] response)
                        throws SaslException

Specified by:

evaluateResponse in interface SaslServer

Throws:

SaslException

evaluateMessage

protected byte[] evaluateMessage(int state,
                                 byte[] message)
                          throws SaslException

Specified by:

evaluateMessage in class AbstractSaslParticipant

Throws:

SaslException