From 7e48d847402d2ea4da85af582529de676f30dc38 Mon Sep 17 00:00:00 2001
From: 648540858 <648540858@qq.com>
Date: 星期一, 08 五月 2023 17:56:56 +0800
Subject: [PATCH] Merge pull request #844 from xiaoQQya/wvp-28181-2.0
---
src/main/java/com/genersoft/iot/vmp/gb28181/auth/DigestServerAuthenticationHelper.java | 84 ++++++------------------------------------
1 files changed, 12 insertions(+), 72 deletions(-)
diff --git a/src/main/java/com/genersoft/iot/vmp/gb28181/auth/DigestServerAuthenticationHelper.java b/src/main/java/com/genersoft/iot/vmp/gb28181/auth/DigestServerAuthenticationHelper.java
index f6284f5..05ecb07 100644
--- a/src/main/java/com/genersoft/iot/vmp/gb28181/auth/DigestServerAuthenticationHelper.java
+++ b/src/main/java/com/genersoft/iot/vmp/gb28181/auth/DigestServerAuthenticationHelper.java
@@ -25,11 +25,9 @@
*/
package com.genersoft.iot.vmp.gb28181.auth;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.text.DecimalFormat;
-import java.util.Date;
-import java.util.Random;
+import gov.nist.core.InternalErrorHandler;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import javax.sip.address.URI;
import javax.sip.header.AuthorizationHeader;
@@ -37,10 +35,10 @@
import javax.sip.header.WWWAuthenticateHeader;
import javax.sip.message.Request;
import javax.sip.message.Response;
-
-import gov.nist.core.InternalErrorHandler;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.time.Instant;
+import java.util.Random;
/**
* Implements the HTTP digest authentication method server side functionality.
@@ -90,17 +88,12 @@
* @return a generated nonce.
*/
private String generateNonce() {
- // Get the time of day and run MD5 over it.
- Date date = new Date();
- long time = date.getTime();
+ long time = Instant.now().toEpochMilli();
Random rand = new Random();
long pad = rand.nextLong();
- // String nonceString = (new Long(time)).toString()
- // + (new Long(pad)).toString();
String nonceString = Long.valueOf(time).toString()
+ Long.valueOf(pad).toString();
byte mdbytes[] = messageDigest.digest(nonceString.getBytes());
- // Convert the mdbytes array into a hex string.
return toHexString(mdbytes);
}
@@ -178,7 +171,7 @@
*/
public boolean doAuthenticatePlainTextPassword(Request request, String pass) {
AuthorizationHeader authHeader = (AuthorizationHeader) request.getHeader(AuthorizationHeader.NAME);
- if ( authHeader == null ) {
+ if ( authHeader == null || authHeader.getRealm() == null) {
return false;
}
String realm = authHeader.getRealm().trim();
@@ -207,12 +200,13 @@
// String ncStr = new DecimalFormat("00000000").format(Integer.parseInt(nc + "", 16));
String A1 = username + ":" + realm + ":" + pass;
+
String A2 = request.getMethod().toUpperCase() + ":" + uri.toString();
+
byte mdbytes[] = messageDigest.digest(A1.getBytes());
String HA1 = toHexString(mdbytes);
logger.debug("A1: " + A1);
logger.debug("A2: " + A2);
-
mdbytes = messageDigest.digest(A2.getBytes());
String HA2 = toHexString(mdbytes);
logger.debug("HA1: " + HA1);
@@ -224,7 +218,7 @@
logger.debug("qop: " + qop);
String KD = HA1 + ":" + nonce;
- if (qop != null && qop.equals("auth") ) {
+ if (qop != null && qop.equalsIgnoreCase("auth") ) {
if (nc != -1) {
KD += ":" + ncStr;
}
@@ -244,58 +238,4 @@
}
-// public static void main(String[] args) throws NoSuchAlgorithmException {
-// String realm = "3402000000";
-// String username = "44010000001180008012";
-
-
-// String nonce = "07cab60999fbf643264ace27d3b7de8b";
-// String uri = "sip:34020000002000000001@3402000000";
-// // qop 淇濇姢璐ㄩ噺 鍖呭惈auth锛堥粯璁ょ殑锛夊拰auth-int锛堝鍔犱簡鎶ユ枃瀹屾暣鎬ф娴嬶級涓ょ绛栫暐
-// String qop = "auth";
-
-// // 瀹㈡埛绔殢鏈烘暟锛岃繖鏄竴涓笉閫忔槑鐨勫瓧绗︿覆鍊硷紝鐢卞鎴风鎻愪緵锛屽苟涓斿鎴风鍜屾湇鍔″櫒閮戒細浣跨敤锛屼互閬垮厤鐢ㄦ槑鏂囨枃鏈��
-// // 杩欎娇寰楀弻鏂归兘鍙互鏌ラ獙瀵规柟鐨勮韩浠斤紝骞跺娑堟伅鐨勫畬鏁存�ф彁渚涗竴浜涗繚鎶�
-// //String cNonce = authHeader.getCNonce();
-
-// // nonce璁℃暟鍣紝鏄竴涓�16杩涘埗鐨勬暟鍊硷紝琛ㄧず鍚屼竴nonce涓嬪鎴风鍙戦�佸嚭璇锋眰鐨勬暟閲�
-// int nc = 1;
-// String ncStr = new DecimalFormat("00000000").format(nc);
-// // String ncStr = new DecimalFormat("00000000").format(Integer.parseInt(nc + "", 16));
-// MessageDigest messageDigest = MessageDigest.getInstance(DEFAULT_ALGORITHM);
-// String A1 = username + ":" + realm + ":" + "12345678";
-// String A2 = "REGISTER" + ":" + uri;
-// byte mdbytes[] = messageDigest.digest(A1.getBytes());
-// String HA1 = toHexString(mdbytes);
-// System.out.println("A1: " + A1);
-// System.out.println("A2: " + A2);
-
-// mdbytes = messageDigest.digest(A2.getBytes());
-// String HA2 = toHexString(mdbytes);
-// System.out.println("HA1: " + HA1);
-// System.out.println("HA2: " + HA2);
-// String cnonce = "0a4f113b";
-// System.out.println("nonce: " + nonce);
-// System.out.println("nc: " + ncStr);
-// System.out.println("cnonce: " + cnonce);
-// System.out.println("qop: " + qop);
-// String KD = HA1 + ":" + nonce;
-
-// if (qop != null && qop.equals("auth") ) {
-// if (nc != -1) {
-// KD += ":" + ncStr;
-// }
-// if (cnonce != null) {
-// KD += ":" + cnonce;
-// }
-// KD += ":" + qop;
-// }
-// KD += ":" + HA2;
-// System.out.println("KD: " + KD);
-// mdbytes = messageDigest.digest(KD.getBytes());
-// String mdString = toHexString(mdbytes);
-// System.out.println("mdString: " + mdString);
-// String response = "4f0507d4b87cdecff04bdaf4c96348f0";
-// System.out.println("response: " + response);
-// }
}
--
Gitblit v1.8.0