/** * Create a SCRAM client for this mechanism. * * @param authorizationId the authorization ID ({@code null} if none is given) * @param callbackHandler the callback handler (may not be {@code null}) * @param secureRandom an optional secure random implementation to use (may be {@code null}) * @param bindingCallback the optional channel binding callback result (may be {@code null}) * @param minimumIterationCount the minimum iteration count to allow * @param maximumIterationCount the maximum iteration count to allow * @return the SCRAM client, or {@code null} if the client cannot be created from this mechanism variant * @throws AuthenticationMechanismException if the mechanism fails for some reason * @see WildFlySasl#SCRAM_MIN_ITERATION_COUNT * @see WildFlySasl#SCRAM_MAX_ITERATION_COUNT */ public ScramClient createClient(final String authorizationId, final CallbackHandler callbackHandler, final SecureRandom secureRandom, final ChannelBindingCallback bindingCallback, final int minimumIterationCount, final int maximumIterationCount, final Supplier<Provider[]> providers) throws AuthenticationMechanismException { final byte[] bindingData; final String bindingType; if (bindingCallback != null) { bindingData = bindingCallback.getBindingData(); bindingType = bindingCallback.getBindingType(); } else { if (plus) return null; bindingData = null; bindingType = null; } return new ScramClient(this, authorizationId, callbackHandler, secureRandom, bindingData, bindingType, minimumIterationCount, maximumIterationCount, providers); }
ScramInitialClientMessage(final ScramClient scramClient, final String authenticationName, final boolean binding, final byte[] nonce, final int initialPartIndex, final byte[] messageBytes) { this.binding = binding; this.initialPartIndex = initialPartIndex; bindingType = scramClient.getBindingType(); bindingData = scramClient.getRawBindingData(); mechanism = scramClient.getMechanism(); authorizationId = scramClient.getAuthorizationId(); this.authenticationName = authenticationName; this.nonce = nonce; this.messageBytes = messageBytes; }
this.initialResponse = scramClient.getInitialResponse(); setNegotiationState(ST_R1_SENT); ok = true; final ScramInitialServerMessage initialChallenge = scramClient.parseInitialServerMessage(initialResponse, challenge); this.finalResponse = scramClient.handleInitialChallenge(initialResponse, initialChallenge); setNegotiationState(ST_R2_SENT); ok = true; final ScramFinalServerMessage finalChallenge = scramClient.parseFinalServerMessage(challenge); scramClient.verifyFinalChallenge(finalResponse, finalChallenge); setNegotiationState(COMPLETE_STATE); ok = true;
if (getAuthorizationId() != null) { b2.append("a="); StringPrep.encode(getAuthorizationId(), b2, StringPrep.PROFILE_SASL_STORED | StringPrep.MAP_SCRAM_LOGIN_CHARS); b2.append('n'); b2.append(','); if (getAuthorizationId() != null) { b2.append("a="); StringPrep.encode(getAuthorizationId(), b2, StringPrep.PROFILE_SASL_STORED | StringPrep.MAP_SCRAM_LOGIN_CHARS); final Mac mac = Mac.getInstance(getMechanism().getHmacName()); final MessageDigest messageDigest = MessageDigest.getInstance(getMechanism().getMessageDigestName());
final Mac mac = Mac.getInstance(getMechanism().getHmacName());
StringPrep.encode(name, encoded, StringPrep.PROFILE_SASL_STORED | StringPrep.MAP_SCRAM_LOGIN_CHARS); encoded.append(',').append('r').append('='); final byte[] nonce = ScramUtil.generateNonce(48, getRandom()); encoded.append(nonce);
if (getAuthorizationId() != null) { b2.append("a="); StringPrep.encode(getAuthorizationId(), b2, StringPrep.PROFILE_SASL_STORED | StringPrep.MAP_SCRAM_LOGIN_CHARS); b2.append('n'); b2.append(','); if (getAuthorizationId() != null) { b2.append("a="); StringPrep.encode(getAuthorizationId(), b2, StringPrep.PROFILE_SASL_STORED | StringPrep.MAP_SCRAM_LOGIN_CHARS); final Mac mac = Mac.getInstance(getMechanism().getHmacName()); final MessageDigest messageDigest = MessageDigest.getInstance(getMechanism().getMessageDigestName());
final Mac mac = Mac.getInstance(getMechanism().getHmacName());
StringPrep.encode(name, encoded, StringPrep.PROFILE_SASL_STORED | StringPrep.MAP_SCRAM_LOGIN_CHARS); encoded.append(',').append('r').append('='); final byte[] nonce = ScramUtil.generateNonce(48, getRandom()); encoded.append(nonce);
this.initialResponse = scramClient.getInitialResponse(); setNegotiationState(ST_R1_SENT); ok = true; final ScramInitialServerMessage initialChallenge = scramClient.parseInitialServerMessage(initialResponse, challenge); this.finalResponse = scramClient.handleInitialChallenge(initialResponse, initialChallenge); setNegotiationState(ST_R2_SENT); ok = true; final ScramFinalServerMessage finalChallenge = scramClient.parseFinalServerMessage(challenge); scramClient.verifyFinalChallenge(finalResponse, finalChallenge); setNegotiationState(COMPLETE_STATE); ok = true;
ScramInitialClientMessage(final ScramClient scramClient, final String authenticationName, final boolean binding, final byte[] nonce, final int initialPartIndex, final byte[] messageBytes) { this.binding = binding; this.initialPartIndex = initialPartIndex; bindingType = scramClient.getBindingType(); bindingData = scramClient.getRawBindingData(); mechanism = scramClient.getMechanism(); authorizationId = scramClient.getAuthorizationId(); this.authenticationName = authenticationName; this.nonce = nonce; this.messageBytes = messageBytes; }
if (getAuthorizationId() != null) { b2.append("a="); StringPrep.encode(getAuthorizationId(), b2, StringPrep.PROFILE_SASL_STORED | StringPrep.MAP_SCRAM_LOGIN_CHARS); b2.append('n'); b2.append(','); if (getAuthorizationId() != null) { b2.append("a="); StringPrep.encode(getAuthorizationId(), b2, StringPrep.PROFILE_SASL_STORED | StringPrep.MAP_SCRAM_LOGIN_CHARS); final Mac mac = Mac.getInstance(getMechanism().getHmacName()); final MessageDigest messageDigest = MessageDigest.getInstance(getMechanism().getMessageDigestName());
final Mac mac = Mac.getInstance(getMechanism().getHmacName());
/** * Create a SCRAM client for this mechanism. * * @param authorizationId the authorization ID ({@code null} if none is given) * @param callbackHandler the callback handler (may not be {@code null}) * @param secureRandom an optional secure random implementation to use (may be {@code null}) * @param bindingCallback the optional channel binding callback result (may be {@code null}) * @param minimumIterationCount the minimum iteration count to allow * @param maximumIterationCount the maximum iteration count to allow * @return the SCRAM client, or {@code null} if the client cannot be created from this mechanism variant * @throws AuthenticationMechanismException if the mechanism fails for some reason * @see WildFlySasl#SCRAM_MIN_ITERATION_COUNT * @see WildFlySasl#SCRAM_MAX_ITERATION_COUNT */ public ScramClient createClient(final String authorizationId, final CallbackHandler callbackHandler, final SecureRandom secureRandom, final ChannelBindingCallback bindingCallback, final int minimumIterationCount, final int maximumIterationCount, final Supplier<Provider[]> providers) throws AuthenticationMechanismException { final byte[] bindingData; final String bindingType; if (bindingCallback != null) { bindingData = bindingCallback.getBindingData(); bindingType = bindingCallback.getBindingType(); } else { if (plus) return null; bindingData = null; bindingType = null; } return new ScramClient(this, authorizationId, callbackHandler, secureRandom, bindingData, bindingType, minimumIterationCount, maximumIterationCount, providers); }
StringPrep.encode(name, encoded, StringPrep.PROFILE_SASL_STORED | StringPrep.MAP_SCRAM_LOGIN_CHARS); encoded.append(',').append('r').append('='); final byte[] nonce = ScramUtil.generateNonce(48, getRandom()); encoded.append(nonce);
this.initialResponse = scramClient.getInitialResponse(); setNegotiationState(ST_R1_SENT); ok = true; final ScramInitialServerMessage initialChallenge = scramClient.parseInitialServerMessage(initialResponse, challenge); this.finalResponse = scramClient.handleInitialChallenge(initialResponse, initialChallenge); setNegotiationState(ST_R2_SENT); ok = true; final ScramFinalServerMessage finalChallenge = scramClient.parseFinalServerMessage(challenge); scramClient.verifyFinalChallenge(finalResponse, finalChallenge); setNegotiationState(COMPLETE_STATE); ok = true;
ScramInitialClientMessage(final ScramClient scramClient, final String authenticationName, final boolean binding, final byte[] nonce, final int initialPartIndex, final byte[] messageBytes) { this.binding = binding; this.initialPartIndex = initialPartIndex; bindingType = scramClient.getBindingType(); bindingData = scramClient.getRawBindingData(); mechanism = scramClient.getMechanism(); authorizationId = scramClient.getAuthorizationId(); this.authenticationName = authenticationName; this.nonce = nonce; this.messageBytes = messageBytes; }
if (getAuthorizationId() != null) { b2.append("a="); StringPrep.encode(getAuthorizationId(), b2, StringPrep.PROFILE_SASL_STORED | StringPrep.MAP_SCRAM_LOGIN_CHARS); b2.append('n'); b2.append(','); if (getAuthorizationId() != null) { b2.append("a="); StringPrep.encode(getAuthorizationId(), b2, StringPrep.PROFILE_SASL_STORED | StringPrep.MAP_SCRAM_LOGIN_CHARS); final Mac mac = Mac.getInstance(getMechanism().getHmacName()); final MessageDigest messageDigest = MessageDigest.getInstance(getMechanism().getMessageDigestName());
final Mac mac = Mac.getInstance(getMechanism().getHmacName());
/** * Create a SCRAM client for this mechanism. * * @param authorizationId the authorization ID ({@code null} if none is given) * @param callbackHandler the callback handler (may not be {@code null}) * @param secureRandom an optional secure random implementation to use (may be {@code null}) * @param bindingCallback the optional channel binding callback result (may be {@code null}) * @param minimumIterationCount the minimum iteration count to allow * @param maximumIterationCount the maximum iteration count to allow * @return the SCRAM client, or {@code null} if the client cannot be created from this mechanism variant * @throws AuthenticationMechanismException if the mechanism fails for some reason * @see WildFlySasl#SCRAM_MIN_ITERATION_COUNT * @see WildFlySasl#SCRAM_MAX_ITERATION_COUNT */ public ScramClient createClient(final String authorizationId, final CallbackHandler callbackHandler, final SecureRandom secureRandom, final ChannelBindingCallback bindingCallback, final int minimumIterationCount, final int maximumIterationCount, final Supplier<Provider[]> providers) throws AuthenticationMechanismException { final byte[] bindingData; final String bindingType; if (bindingCallback != null) { bindingData = bindingCallback.getBindingData(); bindingType = bindingCallback.getBindingType(); } else { if (plus) return null; bindingData = null; bindingType = null; } return new ScramClient(this, authorizationId, callbackHandler, secureRandom, bindingData, bindingType, minimumIterationCount, maximumIterationCount, providers); }