public Message updateState(AuthenticationMessage msg)
throws AuthenticationException, GeneralSecurityException {
switch (state) {
case CL_CHALLANGE_SENT:
{
ChallangeResponseMessage crm = null;
byte[] resp;
if (msg instanceof ChallangeResponseMessage) {
crm = (ChallangeResponseMessage) msg;
resp = crm.getResponse();
} else {
throw new AuthenticationException("State Error");
}
if (!Arrays.equals(randNumber, resp)) {
throw new AuthenticationException("Authentication Failed");
}
state = SR_AUTH_SERVER;
// wait for challenge
ChallangeCheckStatusMessage check = new ChallangeCheckStatusMessage();
check.setOk(true);
return check;
}
case SR_AUTH_SERVER:
{
ChallangeMessage cm = null;
if (msg instanceof ChallangeMessage) {
cm = (ChallangeMessage) msg;
} else {
throw new AuthenticationException("State Error");
}
// send reponse
ChallangeResponseMessage crm = new ChallangeResponseMessage();
byte[] passhash = UserManager.v().getPassHash(username);
if (passhash == null) {
throw new AuthenticationException("User has no password");
}
crm.produceResponse(cm.getChallange(), passhash);
authenticated = true;
logger.info("User " + username + " logged in");
state = DONE_STATE;
// complete the challenege-response
return crm;
}
default:
{
if (msg instanceof ChallangeCheckStatusMessage) {
return null;
}
}
}
throw new AuthenticationException("State Incomplete");
}
