Apache
/
httpcomponents-client
mirror of https://github.com/apache/httpcomponents-client.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Regression: incorrect hash calculation (missing realm component)

This commit is contained in:
Oleg Kalnichevski 2023-12-24 10:49:36 +01:00
parent 7769a7edc6
commit 4e43daf744
2 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/DigestScheme.java
View File

@ -373,13 +373,13 @@ public class DigestScheme implements AuthScheme, Serializable {
// ":" unq(cnonce-value)
// calculated one per session
buffer.append(username).append(":").append(credentials.getUserPassword());
buffer.append(username).append(":").append(realm).append(":").append(credentials.getUserPassword());
final String checksum = formatHex(digester.digest(this.buffer.toByteArray()));
buffer.reset();
buffer.append(checksum).append(":").append(nonce).append(":").append(cnonce);
} else {
// unq(username-value) ":" unq(realm-value) ":" passwd
buffer.append(username).append(":").append(credentials.getUserPassword());
buffer.append(username).append(":").append(realm).append(":").append(credentials.getUserPassword());
}
a1 = buffer.toByteArray();

10
httpclient5/src/test/java/org/apache/hc/client5/http/impl/auth/TestDigestScheme.java
View File

@ -114,7 +114,7 @@ public class TestDigestScheme {
Assertions.assertEquals("realm1", table.get("realm"));
Assertions.assertEquals("/", table.get("uri"));
Assertions.assertEquals("f2a3f18799759d4f1a1c068b92b573cb", table.get("nonce"));
Assertions.assertEquals("da46708e64b8380f1c5afa63e8ccd586", table.get("response"));
Assertions.assertEquals("e95a7ddf37c2eab009568b1ed134f89a", table.get("response"));
}
@Test
@ -138,7 +138,7 @@ public class TestDigestScheme {
Assertions.assertEquals("realm1", table.get("realm"));
Assertions.assertEquals("/", table.get("uri"));
Assertions.assertEquals("f2a3f18799759d4f1a1c068b92b573cb", table.get("nonce"));
Assertions.assertEquals("da46708e64b8380f1c5afa63e8ccd586", table.get("response"));
Assertions.assertEquals("e95a7ddf37c2eab009568b1ed134f89a", table.get("response"));
}
@Test
@ -184,7 +184,7 @@ public class TestDigestScheme {
Assertions.assertEquals("realm1", table.get("realm"));
Assertions.assertEquals("/", table.get("uri"));
Assertions.assertEquals("f2a3f18799759d4f1a1c068b92b573cb", table.get("nonce"));
Assertions.assertEquals("aa400f3841ebbf39469d9be939a37b86258bd289", table.get("response"));
Assertions.assertEquals("8769e82e4e28ecc040b969562b9050580c6d186d", table.get("response"));
}
@Test
@ -208,7 +208,7 @@ public class TestDigestScheme {
Assertions.assertEquals("realm1", table.get("realm"));
Assertions.assertEquals("/?param=value", table.get("uri"));
Assertions.assertEquals("f2a3f18799759d4f1a1c068b92b573cb", table.get("nonce"));
Assertions.assertEquals("c15c577938f7f1228cdb6e8ca51b9140", table.get("response"));
Assertions.assertEquals("a847f58f5fef0bc087bcb9c3eb30e042", table.get("response"));
}
@Test
@ -775,7 +775,7 @@ public class TestDigestScheme {
Assertions.assertEquals("realm1", table.get("realm"));
Assertions.assertEquals("/", table.get("uri"));
Assertions.assertEquals("f2a3f18799759d4f1a1c068b92b573cb", table.get("nonce"));
Assertions.assertEquals("75f7ede943dc401264d236546e49c1df", table.get("response"));
Assertions.assertEquals("3b6561ceb73e5ffe9314a695179f23f9", table.get("response"));
}
private static String bytesToHex(final byte[] bytes) {