Exemple #1
0
  public Message updateState(AuthenticationMessage msg)
      throws AuthenticationException, GeneralSecurityException {
    switch (state) {
      case CL_CHALLANGE_SENT:
        {
          ChallangeResponseMessage crm = null;
          byte[] resp;
          if (msg instanceof ChallangeResponseMessage) {
            crm = (ChallangeResponseMessage) msg;
            resp = crm.getResponse();
          } else {
            throw new AuthenticationException("State Error");
          }

          if (!Arrays.equals(randNumber, resp)) {
            throw new AuthenticationException("Authentication Failed");
          }
          state = SR_AUTH_SERVER;
          // wait for challenge
          ChallangeCheckStatusMessage check = new ChallangeCheckStatusMessage();
          check.setOk(true);
          return check;
        }

      case SR_AUTH_SERVER:
        {
          ChallangeMessage cm = null;
          if (msg instanceof ChallangeMessage) {
            cm = (ChallangeMessage) msg;
          } else {
            throw new AuthenticationException("State Error");
          }

          // send reponse
          ChallangeResponseMessage crm = new ChallangeResponseMessage();
          byte[] passhash = UserManager.v().getPassHash(username);
          if (passhash == null) {
            throw new AuthenticationException("User has no password");
          }
          crm.produceResponse(cm.getChallange(), passhash);

          authenticated = true;
          logger.info("User " + username + " logged in");
          state = DONE_STATE;
          // complete the challenege-response
          return crm;
        }

      default:
        {
          if (msg instanceof ChallangeCheckStatusMessage) {
            return null;
          }
        }
    }

    throw new AuthenticationException("State Incomplete");
  }
Exemple #2
0
 public void run() {
   try {
     InputStream in;
     OutputStream out;
     try {
       in = sk.getInputStream();
       out = sk.getOutputStream();
     } catch (IOException e) {
       throw (new RuntimeException(e));
     }
     while (true) {
       try {
         int len = Utils.int32d(read(in, 4), 0);
         if (!auth && (len > 256)) return;
         Message msg = new MessageBuf(read(in, len));
         String cmd = msg.string();
         Object[] args = msg.list();
         Object[] reply;
         if (auth) {
           Command cc = commands.get(cmd);
           if (cc != null) reply = cc.run(this, args);
           else reply = new Object[] {"nocmd"};
         } else {
           if (cmd.equals("nonce")) {
             reply = new Object[] {nonce};
           } else if (cmd.equals("auth")) {
             if (Arrays.equals((byte[]) args[0], ckey)) {
               reply = new Object[] {"ok"};
               auth = true;
             } else {
               reply = new Object[] {"no"};
             }
           } else {
             return;
           }
         }
         MessageBuf rb = new MessageBuf();
         rb.addlist(reply);
         byte[] rbuf = new byte[4 + rb.size()];
         Utils.uint32e(rb.size(), rbuf, 0);
         rb.fin(rbuf, 4);
         out.write(rbuf);
       } catch (IOException e) {
         return;
       }
     }
   } catch (InterruptedException e) {
   } finally {
     try {
       sk.close();
     } catch (IOException e) {
       throw (new RuntimeException(e));
     }
   }
 }
  private void checkHashSet(
      SimulatedArchivalUnit sau, boolean namesOnly, boolean filter, byte[] expected)
      throws Exception {
    enableFilter(sau, filter);
    CachedUrlSet set = sau.getAuCachedUrlSet();
    byte[] hash = getHash(set, namesOnly);
    assertEquals(expected, hash);

    String parent = sau.getUrlRoot() + "/branch1";
    CachedUrlSetSpec spec = new RangeCachedUrlSetSpec(parent);
    set = sau.makeCachedUrlSet(spec);
    byte[] hash2 = getHash(set, namesOnly);
    assertFalse(Arrays.equals(hash, hash2));
  }
  private int compare(Revision a, Revision b) {
    if (Arrays.equals(a._id, b._id)) return 0;

    Version va = getVersion(a);
    Version vb = getVersion(b);
    int n = va.compareTo(vb);
    if (n != 0) return n;

    if (a.created != b.created) return a.created > b.created ? 1 : -1;

    for (int i = 0; i < a._id.length; i++)
      if (a._id[i] != b._id[i]) return a._id[i] > b._id[i] ? 1 : -1;

    return 0;
  }
Exemple #5
0
  /**
   * Does the actual work for decrypting - if version does not match current cipher then tries the
   * previous cipher
   */
  private Message decryptMessage(Cipher cipher, Message msg) throws Exception {
    EncryptHeader hdr = (EncryptHeader) msg.getHeader(this.id);
    if (!Arrays.equals(hdr.getVersion(), getSymVersion())) {
      log.warn(
          "attempting to use stored cipher as message does not use current encryption version ");
      cipher = keyMap.get(new AsciiString(hdr.getVersion()));
      if (cipher == null) {
        log.warn("unable to find a matching cipher in previous key map");
        return null;
      }
      log.trace("decrypting using previous cipher version");
      synchronized (cipher) {
        return _decrypt(cipher, msg, hdr.encryptEntireMessage());
      }
    }

    return _decrypt(cipher, msg, hdr.encryptEntireMessage());
  }
  public boolean validate(XMLValidateContext validateContext) throws XMLSignatureException {
    if (validateContext == null) {
      throw new NullPointerException("validateContext cannot be null");
    }
    if (validated) {
      return validationStatus;
    }
    Data data = dereference(validateContext);
    calcDigestValue = transform(data, validateContext);

    if (log.isLoggable(Level.FINE)) {
      log.log(Level.FINE, "Expected digest: " + Base64.encode(digestValue));
      log.log(Level.FINE, "Actual digest: " + Base64.encode(calcDigestValue));
    }

    validationStatus = Arrays.equals(digestValue, calcDigestValue);
    validated = true;
    return validationStatus;
  }
  public boolean equals(Object o) {
    if (this == o) {
      return true;
    }

    if (!(o instanceof Reference)) {
      return false;
    }
    Reference oref = (Reference) o;

    boolean idsEqual = (id == null ? oref.getId() == null : id.equals(oref.getId()));
    boolean urisEqual = (uri == null ? oref.getURI() == null : uri.equals(oref.getURI()));
    boolean typesEqual = (type == null ? oref.getType() == null : type.equals(oref.getType()));
    boolean digestValuesEqual = Arrays.equals(digestValue, oref.getDigestValue());

    return (digestMethod.equals(oref.getDigestMethod())
        && idsEqual
        && urisEqual
        && typesEqual
        && transforms.equals(oref.getTransforms()));
  }
  public String verify(JarFile jar, String... algorithms) throws IOException {
    if (algorithms == null || algorithms.length == 0) algorithms = new String[] {"MD5", "SHA"};
    else if (algorithms.length == 1 && algorithms[0].equals("-")) return null;

    try {
      Manifest m = jar.getManifest();
      if (m.getEntries().isEmpty()) return "No name sections";

      for (Enumeration<JarEntry> e = jar.entries(); e.hasMoreElements(); ) {
        JarEntry je = e.nextElement();
        if (MANIFEST_ENTRY.matcher(je.getName()).matches()) continue;

        Attributes nameSection = m.getAttributes(je.getName());
        if (nameSection == null) return "No name section for " + je.getName();

        for (String algorithm : algorithms) {
          try {
            MessageDigest md = MessageDigest.getInstance(algorithm);
            String expected = nameSection.getValue(algorithm + "-Digest");
            if (expected != null) {
              byte digest[] = Base64.decodeBase64(expected);
              copy(jar.getInputStream(je), md);
              if (!Arrays.equals(digest, md.digest()))
                return "Invalid digest for "
                    + je.getName()
                    + ", "
                    + expected
                    + " != "
                    + Base64.encodeBase64(md.digest());
            } else reporter.error("could not find digest for " + algorithm + "-Digest");
          } catch (NoSuchAlgorithmException nsae) {
            return "Missing digest algorithm " + algorithm;
          }
        }
      }
    } catch (Exception e) {
      return "Failed to verify due to exception: " + e.getMessage();
    }
    return null;
  }