| | |
|---|
| | | import javax.sip.message.Response; |
|---|
| | | |
|---|
| | | import gov.nist.core.InternalErrorHandler; |
|---|
| | | import org.slf4j.Logger; |
|---|
| | | import org.slf4j.LoggerFactory; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * Implements the HTTP digest authentication method server side functionality. |
|---|
| | |
|---|
| | | */ |
|---|
| | | |
|---|
| | | public class DigestServerAuthenticationHelper { |
|---|
| | | |
|---|
| | | private Logger logger = LoggerFactory.getLogger(DigestServerAuthenticationHelper.class); |
|---|
| | | |
|---|
| | | private MessageDigest messageDigest; |
|---|
| | | |
|---|
| | |
|---|
| | | long time = date.getTime(); |
|---|
| | | Random rand = new Random(); |
|---|
| | | long pad = rand.nextLong(); |
|---|
| | | String nonceString = (new Long(time)).toString() |
|---|
| | | + (new Long(pad)).toString(); |
|---|
| | | // String nonceString = (new Long(time)).toString() |
|---|
| | | // + (new Long(pad)).toString(); |
|---|
| | | String nonceString = Long.valueOf(time).toString() |
|---|
| | | + Long.valueOf(pad).toString(); |
|---|
| | | byte mdbytes[] = messageDigest.digest(nonceString.getBytes()); |
|---|
| | | // Convert the mdbytes array into a hex string. |
|---|
| | | return toHexString(mdbytes); |
|---|
| | |
|---|
| | | |
|---|
| | | // 客户端随机数,这是一个不透明的字符串值,由客户端提供,并且客户端和服务器都会使用,以避免用明文文本。 |
|---|
| | | // 这使得双方都可以查验对方的身份,并对消息的完整性提供一些保护 |
|---|
| | | String cNonce = authHeader.getCNonce(); |
|---|
| | | //String cNonce = authHeader.getCNonce(); |
|---|
| | | |
|---|
| | | // nonce计数器,是一个16进制的数值,表示同一nonce下客户端发送出请求的数量 |
|---|
| | | int nc = authHeader.getNonceCount(); |
|---|
| | |
|---|
| | | String A2 = request.getMethod().toUpperCase() + ":" + uri.toString(); |
|---|
| | | byte mdbytes[] = messageDigest.digest(A1.getBytes()); |
|---|
| | | String HA1 = toHexString(mdbytes); |
|---|
| | | System.out.println("A1: " + A1); |
|---|
| | | System.out.println("A2: " + A2); |
|---|
| | | logger.debug("A1: " + A1); |
|---|
| | | logger.debug("A2: " + A2); |
|---|
| | | |
|---|
| | | mdbytes = messageDigest.digest(A2.getBytes()); |
|---|
| | | String HA2 = toHexString(mdbytes); |
|---|
| | | System.out.println("HA1: " + HA1); |
|---|
| | | System.out.println("HA2: " + HA2); |
|---|
| | | logger.debug("HA1: " + HA1); |
|---|
| | | logger.debug("HA2: " + HA2); |
|---|
| | | String cnonce = authHeader.getCNonce(); |
|---|
| | | System.out.println("nonce: " + nonce); |
|---|
| | | System.out.println("nc: " + ncStr); |
|---|
| | | System.out.println("cnonce: " + cnonce); |
|---|
| | | System.out.println("qop: " + qop); |
|---|
| | | logger.debug("nonce: " + nonce); |
|---|
| | | logger.debug("nc: " + ncStr); |
|---|
| | | logger.debug("cnonce: " + cnonce); |
|---|
| | | logger.debug("qop: " + qop); |
|---|
| | | String KD = HA1 + ":" + nonce; |
|---|
| | | |
|---|
| | | if (qop != null && qop.equals("auth") ) { |
|---|
| | |
|---|
| | | KD += ":" + qop; |
|---|
| | | } |
|---|
| | | KD += ":" + HA2; |
|---|
| | | System.out.println("KD: " + KD); |
|---|
| | | logger.debug("KD: " + KD); |
|---|
| | | mdbytes = messageDigest.digest(KD.getBytes()); |
|---|
| | | String mdString = toHexString(mdbytes); |
|---|
| | | System.out.println("mdString: " + mdString); |
|---|
| | | logger.debug("mdString: " + mdString); |
|---|
| | | String response = authHeader.getResponse(); |
|---|
| | | System.out.println("response: " + response); |
|---|
| | | logger.debug("response: " + response); |
|---|
| | | return mdString.equals(response); |
|---|
| | | |
|---|
| | | } |
|---|
