public Message updateState(AuthenticationMessage msg) throws AuthenticationException, GeneralSecurityException { switch (state) { case CL_CHALLANGE_SENT: { ChallangeResponseMessage crm = null; byte[] resp; if (msg instanceof ChallangeResponseMessage) { crm = (ChallangeResponseMessage) msg; resp = crm.getResponse(); } else { throw new AuthenticationException("State Error"); } if (!Arrays.equals(randNumber, resp)) { throw new AuthenticationException("Authentication Failed"); } state = SR_AUTH_SERVER; // wait for challenge ChallangeCheckStatusMessage check = new ChallangeCheckStatusMessage(); check.setOk(true); return check; } case SR_AUTH_SERVER: { ChallangeMessage cm = null; if (msg instanceof ChallangeMessage) { cm = (ChallangeMessage) msg; } else { throw new AuthenticationException("State Error"); } // send reponse ChallangeResponseMessage crm = new ChallangeResponseMessage(); byte[] passhash = UserManager.v().getPassHash(username); if (passhash == null) { throw new AuthenticationException("User has no password"); } crm.produceResponse(cm.getChallange(), passhash); authenticated = true; logger.info("User " + username + " logged in"); state = DONE_STATE; // complete the challenege-response return crm; } default: { if (msg instanceof ChallangeCheckStatusMessage) { return null; } } } throw new AuthenticationException("State Incomplete"); }