in dbus-java/src/main/java/org/freedesktop/dbus/connections/SASL.java [295:355]
public SaslResult doResponse(int _auth, String _uid, String _kernelUid, SASL.Command _c) {
MessageDigest md = null;
try {
md = MessageDigest.getInstance("SHA");
} catch (NoSuchAlgorithmException nsae) {
logger.error("", nsae);
return SaslResult.ERROR;
}
switch (_auth) {
case AUTH_NONE:
switch (_c.getMechs()) {
case AUTH_ANON:
return SaslResult.OK;
case AUTH_EXTERNAL:
if (0 == col.compare(_uid, _c.getData()) && (null == _kernelUid || 0 == col.compare(_uid, _kernelUid))) {
return SaslResult.OK;
} else {
return SaslResult.REJECT;
}
case AUTH_SHA:
String context = COOKIE_CONTEXT;
long id = System.currentTimeMillis();
byte[] buf = new byte[8];
Message.marshallintBig(id, buf, 0, 8);
challenge = stupidlyEncode(md.digest(buf));
Random r = new Random();
r.nextBytes(buf);
cookie = stupidlyEncode(md.digest(buf));
try {
addCookie(context, "" + id, id / 1000, cookie);
} catch (IOException ioe) {
logger.debug("", ioe);
}
logger.debug("Sending challenge: {} {} {}", context, id, challenge);
_c.setResponse(stupidlyEncode(context + ' ' + id + ' ' + challenge));
return SaslResult.CONTINUE;
default:
return SaslResult.ERROR;
}
case AUTH_SHA:
String[] response = stupidlyDecode(_c.getData()).split(" ");
if (response.length < 2) {
return SaslResult.ERROR;
}
String cchal = response[0];
String hash = response[1];
String prehash = challenge + ":" + cchal + ":" + cookie;
byte[] buf = md.digest(prehash.getBytes());
String posthash = stupidlyEncode(buf);
logger.debug("Authenticating Hash; data={} remote-hash={} local-hash={}",prehash, hash, posthash);
if (0 == col.compare(posthash, hash)) {
return SaslResult.OK;
} else {
return SaslResult.ERROR;
}
default:
return SaslResult.ERROR;
}
}