From b5c9de775db8078e37f276640854d5850b3b1335 Mon Sep 17 00:00:00 2001
From: 648540858 <648540858@qq.com>
Date: 星期一, 21 十二月 2020 16:01:47 +0800
Subject: [PATCH] 补充漏掉的文件
---
src/main/java/com/genersoft/iot/vmp/gb28181/auth/DigestServerAuthenticationHelper.java | 104 +++++++++++++++++++++++++++++++++++++++++++++------
1 files changed, 91 insertions(+), 13 deletions(-)
diff --git a/src/main/java/com/genersoft/iot/vmp/gb28181/auth/DigestServerAuthenticationHelper.java b/src/main/java/com/genersoft/iot/vmp/gb28181/auth/DigestServerAuthenticationHelper.java
index 637ee9a..54e0334 100644
--- a/src/main/java/com/genersoft/iot/vmp/gb28181/auth/DigestServerAuthenticationHelper.java
+++ b/src/main/java/com/genersoft/iot/vmp/gb28181/auth/DigestServerAuthenticationHelper.java
@@ -27,6 +27,7 @@
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
+import java.text.DecimalFormat;
import java.util.Date;
import java.util.Random;
@@ -103,9 +104,12 @@
.createWWWAuthenticateHeader(DEFAULT_SCHEME);
proxyAuthenticate.setParameter("realm", realm);
proxyAuthenticate.setParameter("nonce", generateNonce());
- proxyAuthenticate.setParameter("opaque", "");
- proxyAuthenticate.setParameter("stale", "FALSE");
- proxyAuthenticate.setParameter("algorithm", DEFAULT_ALGORITHM);
+
+// proxyAuthenticate.setParameter("opaque", "");
+// proxyAuthenticate.setParameter("stale", "FALSE");
+// proxyAuthenticate.setParameter("algorithm", DEFAULT_ALGORITHM);
+
+ proxyAuthenticate.setParameter("qop", "auth");
response.setHeader(proxyAuthenticate);
} catch (Exception ex) {
InternalErrorHandler.handleException(ex);
@@ -170,42 +174,116 @@
public boolean doAuthenticatePlainTextPassword(Request request, String pass) {
AuthorizationHeader authHeader = (AuthorizationHeader) request.getHeader(AuthorizationHeader.NAME);
if ( authHeader == null ) return false;
- String realm = authHeader.getRealm();
- String username = authHeader.getUsername();
-
-
+ String realm = authHeader.getRealm().trim();
+ String username = authHeader.getUsername().trim();
+
if ( username == null || realm == null ) {
return false;
}
-
String nonce = authHeader.getNonce();
URI uri = authHeader.getURI();
if (uri == null) {
return false;
}
-
+ // qop 淇濇姢璐ㄩ噺 鍖呭惈auth锛堥粯璁ょ殑锛夊拰auth-int锛堝鍔犱簡鎶ユ枃瀹屾暣鎬ф娴嬶級涓ょ绛栫暐
+ String qop = authHeader.getQop().trim();
+
+ // 瀹㈡埛绔殢鏈烘暟锛岃繖鏄竴涓笉閫忔槑鐨勫瓧绗︿覆鍊硷紝鐢卞鎴风鎻愪緵锛屽苟涓斿鎴风鍜屾湇鍔″櫒閮戒細浣跨敤锛屼互閬垮厤鐢ㄦ槑鏂囨枃鏈��
+ // 杩欎娇寰楀弻鏂归兘鍙互鏌ラ獙瀵规柟鐨勮韩浠斤紝骞跺娑堟伅鐨勫畬鏁存�ф彁渚涗竴浜涗繚鎶�
+ String cNonce = authHeader.getCNonce().trim();
+
+ // nonce璁℃暟鍣紝鏄竴涓�16杩涘埗鐨勬暟鍊硷紝琛ㄧず鍚屼竴nonce涓嬪鎴风鍙戦�佸嚭璇锋眰鐨勬暟閲�
+ int nc = authHeader.getNonceCount();
+ String ncStr = new DecimalFormat("00000000").format(nc);
+// String ncStr = new DecimalFormat("00000000").format(Integer.parseInt(nc + "", 16));
String A1 = username + ":" + realm + ":" + pass;
String A2 = request.getMethod().toUpperCase() + ":" + uri.toString();
byte mdbytes[] = messageDigest.digest(A1.getBytes());
String HA1 = toHexString(mdbytes);
+ System.out.println("A1: " + A1);
+ System.out.println("A2: " + A2);
-
mdbytes = messageDigest.digest(A2.getBytes());
String HA2 = toHexString(mdbytes);
-
+ System.out.println("HA1: " + HA1);
+ System.out.println("HA2: " + HA2);
String cnonce = authHeader.getCNonce();
+ System.out.println("nonce: " + nonce);
+ System.out.println("nc: " + ncStr);
+ System.out.println("cnonce: " + cnonce);
+ System.out.println("qop: " + qop);
String KD = HA1 + ":" + nonce;
- if (cnonce != null) {
- KD += ":" + cnonce;
+
+ if (qop != null && qop.equals("auth") ) {
+ if (nc != -1) {
+ KD += ":" + ncStr;
+ }
+ if (cnonce != null) {
+ KD += ":" + cnonce;
+ }
+ KD += ":" + qop;
}
KD += ":" + HA2;
+ System.out.println("KD: " + KD);
mdbytes = messageDigest.digest(KD.getBytes());
String mdString = toHexString(mdbytes);
+ System.out.println("mdString: " + mdString);
String response = authHeader.getResponse();
+ System.out.println("response: " + response);
return mdString.equals(response);
}
+
+ public static void main(String[] args) throws NoSuchAlgorithmException {
+ MessageDigest messageDigest2 = MessageDigest.getInstance(DEFAULT_ALGORITHM);
+ String realm = "DS-2CD2520F";
+ String username = "admin";
+ String passwd = "12345";
+
+ String nonce = "4d6a553452444d30525441364e6d4d304e6a68684e47553d";
+
+ String uri = "/ISAPI/Streaming/channels/101/picture";
+ // qop 淇濇姢璐ㄩ噺 鍖呭惈auth锛堥粯璁ょ殑锛夊拰auth-int锛堝鍔犱簡鎶ユ枃瀹屾暣鎬ф娴嬶級涓ょ绛栫暐
+ String qop = "auth";
+
+ // 瀹㈡埛绔殢鏈烘暟锛岃繖鏄竴涓笉閫忔槑鐨勫瓧绗︿覆鍊硷紝鐢卞鎴风鎻愪緵锛屽苟涓斿鎴风鍜屾湇鍔″櫒閮戒細浣跨敤锛屼互閬垮厤鐢ㄦ槑鏂囨枃鏈��
+ // 杩欎娇寰楀弻鏂归兘鍙互鏌ラ獙瀵规柟鐨勮韩浠斤紝骞跺娑堟伅鐨勫畬鏁存�ф彁渚涗竴浜涗繚鎶�
+ String cNonce = "C1A5298F939E87E8F962A5EDFC206918";
+
+ // nonce璁℃暟鍣紝鏄竴涓�16杩涘埗鐨勬暟鍊硷紝琛ㄧず鍚屼竴nonce涓嬪鎴风鍙戦�佸嚭璇锋眰鐨勬暟閲�
+ int nc = 1;
+
+ String A1 = username + ":" + realm + ":" + passwd;
+ System.out.println("A1: " + A1);
+ String A2 = "GET" + ":" + uri.toString();
+ System.out.println("A2: " + A2);
+ byte mdbytes[] = messageDigest2.digest(A1.getBytes());
+ String HA1 = toHexString(mdbytes);
+ System.out.println("HA1: " + HA1);
+
+ mdbytes = messageDigest2.digest(A2.getBytes());
+ String HA2 = toHexString(mdbytes);
+ System.out.println("HA2: " + HA2);
+ String cnonce = "93d4d37df32e1a85";
+ String KD = HA1 + ":" + nonce;
+
+ if (nc != -1) {
+ KD += ":" + "00000001";
+ }
+ if (cnonce != null) {
+ KD += ":" + cnonce;
+ }
+ if (qop != null) {
+ KD += ":" + qop;
+ }
+ KD += ":" + HA2;
+ System.out.println("KD: " + KD);
+ mdbytes = messageDigest2.digest(KD.getBytes());
+ String mdString = toHexString(mdbytes);
+ String response = "3993a815e5cdaf4470e9b4f9bd41cf4a";
+ System.out.println(mdString);
+ }
}
--
Gitblit v1.8.0