[jboss-cvs] JBossAS SVN: r70007 - trunk/security/src/main/org/jboss/security/auth/spi.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Thu Feb 21 12:07:57 EST 2008
Author: mmoyses
Date: 2008-02-21 12:07:57 -0500 (Thu, 21 Feb 2008)
New Revision: 70007
Modified:
trunk/security/src/main/org/jboss/security/auth/spi/RFC2617Digest.java
Log:
Fixing possible NPE
Modified: trunk/security/src/main/org/jboss/security/auth/spi/RFC2617Digest.java
===================================================================
--- trunk/security/src/main/org/jboss/security/auth/spi/RFC2617Digest.java 2008-02-21 16:07:46 UTC (rev 70006)
+++ trunk/security/src/main/org/jboss/security/auth/spi/RFC2617Digest.java 2008-02-21 17:07:57 UTC (rev 70007)
@@ -24,6 +24,7 @@
import java.util.Map;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
+
import javax.security.auth.callback.Callback;
import org.jboss.crypto.digest.DigestCallback;
@@ -126,15 +127,18 @@
case they might have different ones for different servers.
*/
public static final String REALM = "realm";
+
/**
The user's name in the specified realm.
*/
public static final String USERNAME = "username";
+
/**
The URI from Request-URI of the Request-Line; duplicated here because proxies
are allowed to change the Request-Line in transit.
*/
public static final String DIGEST_URI = "digest-uri";
+
/**
A server-specified data string which MUST be different each time a
digest-challenge is sent as part of initial authentication. It is
@@ -150,6 +154,7 @@
authentication exchange.
*/
public static final String NONCE = "nonce";
+
/**
This MUST be specified if a qop directive is sent (see above), and MUST NOT
be specified if the server did not send a qop directive in the
@@ -160,6 +165,7 @@
calculation of the response- digest and request-digest values.
*/
public static final String CNONCE = "cnonce";
+
/**
This MUST be specified if a qop directive is sent (see above), and MUST NOT
be specified if the server did not send a qop directive in the
@@ -173,6 +179,7 @@
of the request-digest value.
*/
public static final String NONCE_COUNT = "nc";
+
/**
Indicates what "quality of protection" the client has applied to the message.
If present, its value MUST be one of the alternatives the server indicated it
@@ -184,6 +191,7 @@
providing a qop directive in the WWW-Authenticate header field.
*/
public static final String QOP = "qop";
+
/**
A string indicating a pair of algorithms used to produce the digest
and a checksum. If this is not present it is assumed to be "MD5".
@@ -198,28 +206,36 @@
surrounding quotes.
*/
public static final String ALGORITHM = "algorithm";
+
/**
This directive allows for future extensions. Any unrecognized directive MUST
be ignored.
*/
public static final String AUTH_PARAM = "auth-param";
+
/**
The http method type
*/
public static final String METHOD = "method";
+
/**
An explicit A2 digest
*/
public static final String A2HASH = "a2hash";
+
/**
The ASCII printable characters the MD5 digest maps to
*/
private static char[] MD5_HEX = "0123456789abcdef".toCharArray();
private MapCallback info;
+
private String username;
+
private String password;
+
private boolean passwordIsA1Hash;
+
String rfc2617;
public void init(Map options)
@@ -227,7 +243,7 @@
username = (String) options.get("javax.security.auth.login.name");
password = (String) options.get("javax.security.auth.login.password");
String flag = (String) options.get("passwordIsA1Hash");
- if( flag != null )
+ if (flag != null)
passwordIsA1Hash = Boolean.valueOf(flag).booleanValue();
// Ask for MapCallback to obtain the digest parameters
@@ -239,6 +255,7 @@
public void preDigest(MessageDigest digest)
{
}
+
public void postDigest(MessageDigest digest)
{
String qop = (String) info.getInfo(QOP);
@@ -250,7 +267,7 @@
String nc = (String) info.getInfo(NONCE_COUNT);
String digestURI = (String) info.getInfo(DIGEST_URI);
- if( algorithm == null )
+ if (algorithm == null)
algorithm = digest.getAlgorithm();
// This replaces the existing hash, it does not add to it
digest.reset();
@@ -259,7 +276,7 @@
// 3.2.2.2 A1
if (algorithm == null || algorithm.equals("MD5"))
{
- if( passwordIsA1Hash )
+ if (passwordIsA1Hash)
hA1 = password;
else
{
@@ -269,7 +286,7 @@
}
else if (algorithm.equals("MD5-sess"))
{
- if( passwordIsA1Hash )
+ if (passwordIsA1Hash)
{
hA1 = password + ":" + nonce + ":" + cnonce;
}
@@ -281,7 +298,7 @@
}
else
{
- throw new IllegalArgumentException("Unsupported algorigthm: "+algorithm);
+ throw new IllegalArgumentException("Unsupported algorigthm: " + algorithm);
}
// 3.2.2.3 A2. First check to see if the A2 hash has been precomputed
@@ -290,13 +307,13 @@
{
// No, compute it based on qop
String A2 = null;
- if (qop == null | qop.equals("auth"))
+ if (qop == null || qop.equals("auth"))
{
A2 = method + ":" + digestURI;
}
else
{
- throw new IllegalArgumentException("Unsupported qop="+qop);
+ throw new IllegalArgumentException("Unsupported qop=" + qop);
}
hA2 = H(A2, digest);
}
@@ -320,7 +337,7 @@
public String getInfoDigest(MessageDigest digest)
{
- if( rfc2617 == null )
+ if (rfc2617 == null)
{
byte[] data = digest.digest();
rfc2617 = cvtHex(data);
@@ -334,6 +351,7 @@
byte[] x = digest.digest(data.getBytes());
return cvtHex(x);
}
+
static private void KD(String secret, String data, MessageDigest digest)
{
String x = secret + ":" + data;
@@ -378,7 +396,7 @@
*/
public static void main(String[] args) throws NoSuchAlgorithmException
{
- if( args.length != 3 )
+ if (args.length != 3)
{
System.err.println("Usage: RFC2617Digest username realm password");
System.err.println(" - username : the username");
@@ -392,6 +410,6 @@
String A1 = username + ":" + realm + ":" + password;
MessageDigest digest = MessageDigest.getInstance("MD5");
String hA1 = H(A1, digest);
- System.out.println("RFC2617 A1 hash: "+hA1);
+ System.out.println("RFC2617 A1 hash: " + hA1);
}
}
More information about the jboss-cvs-commits
mailing list