private byte[] ha1(StringBuilder sb, MessageDigest md) { // if algorithm is "MD5" or is unspecified => A1 = username ":" realm-value ":" // passwd // if algorithm is "MD5-sess" => A1 = MD5( username-value ":" realm-value ":" // passwd ) ":" nonce-value ":" cnonce-value sb.append(principal).append(':').append(realmName).append(':').append(password); byte[] core = md5FromRecycledStringBuilder(sb, md); if (algorithm == null || algorithm.equals("MD5")) { // A1 = username ":" realm-value ":" passwd return core; } else if ("MD5-sess".equals(algorithm)) { // A1 = MD5(username ":" realm-value ":" passwd ) ":" nonce ":" cnonce appendBase16(sb, core); sb.append(':').append(nonce).append(':').append(cnonce); return md5FromRecycledStringBuilder(sb, md); } throw new UnsupportedOperationException("Digest algorithm not supported: " + algorithm); }
private void newResponse(MessageDigest md) { // when using preemptive auth, the request uri is missing if (uri != null) { // BEWARE: compute first as it uses the cached StringBuilder String digestUri = AuthenticatorUtils.computeRealmURI(uri, useAbsoluteURI, omitQuery); StringBuilder sb = StringBuilderPool.DEFAULT.stringBuilder(); // WARNING: DON'T MOVE, BUFFER IS RECYCLED!!!! byte[] ha1 = ha1(sb, md); byte[] ha2 = ha2(sb, digestUri, md); appendBase16(sb, ha1); appendMiddlePart(sb); appendBase16(sb, ha2); byte[] responseDigest = md5FromRecycledStringBuilder(sb, md); response = toHexString(responseDigest); } }