예제 #1
0
  public Message startAuthentication(AuthenticationMessage msg)
      throws AuthenticationException, GeneralSecurityException {
    if (msg instanceof RequestLoginMessage) {
      RequestLoginMessage rlm = (RequestLoginMessage) msg;
      username = rlm.getLogin();

      if (!allowRoot && username.equals("root")) {
        throw new AuthenticationException("Must authenticate as a regular user first.");
      }

      // generate challange
      byte[] passhash = UserManager.v().getPassHash(username);
      if (passhash == null) {
        throw new AuthenticationException("User has no password");
      }

      ChallangeMessage cm = new ChallangeMessage();
      SecureRandom rand = new SecureRandom();
      rand.nextBytes(randNumber);
      cm.setChallange(randNumber, passhash);
      state = CL_CHALLANGE_SENT;

      // send the challange
      return cm;
    } else if (msg instanceof ChallangeCheckStatusMessage) {
      // After authentication is complete the client sends this message
      //  It can be safely ignored. We don't care that the client has
      //  actually authenticated us.
      return null;
    }

    throw new AuthenticationException("State Error");
  }
예제 #2
0
  public Message updateState(AuthenticationMessage msg)
      throws AuthenticationException, GeneralSecurityException {
    switch (state) {
      case CL_CHALLANGE_SENT:
        {
          ChallangeResponseMessage crm = null;
          byte[] resp;
          if (msg instanceof ChallangeResponseMessage) {
            crm = (ChallangeResponseMessage) msg;
            resp = crm.getResponse();
          } else {
            throw new AuthenticationException("State Error");
          }

          if (!Arrays.equals(randNumber, resp)) {
            throw new AuthenticationException("Authentication Failed");
          }
          state = SR_AUTH_SERVER;
          // wait for challenge
          ChallangeCheckStatusMessage check = new ChallangeCheckStatusMessage();
          check.setOk(true);
          return check;
        }

      case SR_AUTH_SERVER:
        {
          ChallangeMessage cm = null;
          if (msg instanceof ChallangeMessage) {
            cm = (ChallangeMessage) msg;
          } else {
            throw new AuthenticationException("State Error");
          }

          // send reponse
          ChallangeResponseMessage crm = new ChallangeResponseMessage();
          byte[] passhash = UserManager.v().getPassHash(username);
          if (passhash == null) {
            throw new AuthenticationException("User has no password");
          }
          crm.produceResponse(cm.getChallange(), passhash);

          authenticated = true;
          logger.info("User " + username + " logged in");
          state = DONE_STATE;
          // complete the challenege-response
          return crm;
        }

      default:
        {
          if (msg instanceof ChallangeCheckStatusMessage) {
            return null;
          }
        }
    }

    throw new AuthenticationException("State Incomplete");
  }