From 46359028ff4e6fb1c1ddc97c9acc87d294a7e04c Mon Sep 17 00:00:00 2001
From: shikong <919411476@qq.com>
Date: Sun, 7 Jan 2024 00:45:28 +0800
Subject: [PATCH] =?UTF-8?q?=E6=94=AF=E6=8C=81=E4=BB=A5=20=E5=9F=9F=20?=
 =?UTF-8?q?=E7=9A=84=E6=96=B9=E5=BC=8F=20=E5=8F=91=E9=80=81=E8=AE=A4?=
 =?UTF-8?q?=E8=AF=81=E8=AF=B7=E6=B1=82?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../sip/utils/DigestAuthenticationHelper.java | 32 +++++++++++++++----
 .../gb28181/sip/utils/AuthenticationTest.java | 21 ++++++++++--
 2 files changed, 44 insertions(+), 9 deletions(-)

diff --git a/gb28181-sip/src/main/java/cn/skcks/docking/gb28181/sip/utils/DigestAuthenticationHelper.java b/gb28181-sip/src/main/java/cn/skcks/docking/gb28181/sip/utils/DigestAuthenticationHelper.java
index f52e7d7..2657a0e 100644
--- a/gb28181-sip/src/main/java/cn/skcks/docking/gb28181/sip/utils/DigestAuthenticationHelper.java
+++ b/gb28181-sip/src/main/java/cn/skcks/docking/gb28181/sip/utils/DigestAuthenticationHelper.java
@@ -6,6 +6,7 @@ import cn.skcks.docking.gb28181.sip.generic.SipBuilder;
 import lombok.*;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.ObjectUtils;
+import org.apache.commons.lang3.StringUtils;
 
 import javax.sip.SipFactory;
 import javax.sip.address.SipURI;
@@ -154,7 +155,7 @@ public class DigestAuthenticationHelper {
     }
 
     public static boolean doAuthenticatePlainTextPassword(String method,AuthorizationHeader authorizationHeader, String password) {
-        if ( authorizationHeader == null || authorizationHeader.getRealm() == null) {
+        if(ObjectUtils.anyNull(authorizationHeader)){
             return false;
         }
 
@@ -183,7 +184,6 @@ public class DigestAuthenticationHelper {
         String ncStr = String.format("%08x", nc).toUpperCase();
         String A1 = String.join(":",username , realm , password);
         String A2 = String.join(":", method.toUpperCase() , uri.toString());
-
         byte[] mdbytes = messageDigest.digest(A1.getBytes());
         String HA1 = toHexString(mdbytes);
         log.debug("A1: " + A1);
@@ -213,15 +213,22 @@ public class DigestAuthenticationHelper {
         mdbytes = messageDigest.digest(KD.getBytes());
         String mdString = toHexString(mdbytes);
         log.debug("mdString: " + mdString);
+
+        String mdString2 = toHexString(messageDigest.digest(StringUtils.joinWith(":", HA1, nonce, nc, cnonce, qop, HA2).getBytes()));
+        log.debug("mdString2: " + mdString2);
+
+        String mdString3 = toHexString(messageDigest.digest(StringUtils.joinWith(":", HA1, nonce, nc, HA2).getBytes()));
+        log.debug("mdString3: " + mdString);
+
         String response = authorizationHeader.getResponse();
         log.debug("response: " + response);
-        return mdString.equals(response);
+
+
+        return mdString.equals(response) || mdString2.equals(response) || mdString3.equals(response);
     }
 
     @SneakyThrows
-    public static AuthorizationHeader createAuthorization(String method,String serverIp, int serverPort, String serverId, String deviceId,String password, int nonceCount, WWWAuthenticateHeader www){
-        String hostAddress = SipBuilder.createHostAddress(serverIp, serverPort);
-        SipURI sipURI = SipBuilder.createSipURI(serverId, hostAddress);
+    public static AuthorizationHeader createAuthorization(String method,SipURI sipURI, String deviceId,String password, int nonceCount, WWWAuthenticateHeader www){
         if (www == null) {
             AuthorizationHeader authorizationHeader = SipBuilder.getHeaderFactory().createAuthorizationHeader("Digest");
             authorizationHeader.setUsername(deviceId);
@@ -280,4 +287,17 @@ public class DigestAuthenticationHelper {
         }
         return authorizationHeader;
     }
+
+    @SneakyThrows
+    public static AuthorizationHeader createAuthorization(String method,String domain, String serverId, String deviceId,String password, int nonceCount, WWWAuthenticateHeader www){
+        SipURI sipURI = SipBuilder.createSipURI(serverId, domain);
+        return createAuthorization(method, sipURI, deviceId, password, nonceCount, www);
+    }
+
+    @SneakyThrows
+    public static AuthorizationHeader createAuthorization(String method,String serverIp, int serverPort, String serverId, String deviceId,String password, int nonceCount, WWWAuthenticateHeader www){
+        String hostAddress = SipBuilder.createHostAddress(serverIp, serverPort);
+        SipURI sipURI = SipBuilder.createSipURI(serverId, hostAddress);
+        return createAuthorization(method, sipURI, deviceId, password, nonceCount, www);
+    }
 }
diff --git a/gb28181-sip/src/test/java/cn/skcks/docking/gb28181/sip/utils/AuthenticationTest.java b/gb28181-sip/src/test/java/cn/skcks/docking/gb28181/sip/utils/AuthenticationTest.java
index be25bd9..02e428a 100644
--- a/gb28181-sip/src/test/java/cn/skcks/docking/gb28181/sip/utils/AuthenticationTest.java
+++ b/gb28181-sip/src/test/java/cn/skcks/docking/gb28181/sip/utils/AuthenticationTest.java
@@ -1,5 +1,6 @@
 package cn.skcks.docking.gb28181.sip.utils;
 
+import lombok.SneakyThrows;
 import lombok.extern.slf4j.Slf4j;
 import org.junit.jupiter.api.Test;
 
@@ -9,25 +10,39 @@ import javax.sip.message.Request;
 
 @Slf4j
 public class AuthenticationTest {
-    public static final String serverId = "44050100002000000001";
-    public static final String serverIp = "10.10.10.200";
+    public static final String serverId = "44050100002000000003";
+    public static final String serverIp = "10.10.10.20";
     public static final int serverPort = 5060;
     public static final String domain = "4405010000";
-    public static final String deviceId = "44050100001110000010";
+    public static final String deviceId = "44050100001110000035";
 
+    @SneakyThrows
     @Test
     void test() {
         AuthorizationHeader authorization = DigestAuthenticationHelper.createAuthorization(Request.REGISTER, serverIp, serverPort, serverId, deviceId, "123456", 1,null);
         log.info("\n{}", authorization);
 
         WWWAuthenticateHeader wwwAuthenticateHeader = DigestAuthenticationHelper.generateChallenge(domain);
+
+
+        wwwAuthenticateHeader.setAlgorithm("MD5");
+        wwwAuthenticateHeader.setQop("auth");
+        wwwAuthenticateHeader.setNonce("08a895ede05c7ac592ced4070c1ef4aa");
+        wwwAuthenticateHeader.setRealm(domain);
         log.info("\n{}", wwwAuthenticateHeader);
 
+
         authorization = DigestAuthenticationHelper.createAuthorization(Request.REGISTER, serverIp, serverPort, serverId, deviceId, "123456", 1, wwwAuthenticateHeader);
         log.info("\n{}", authorization);
 
         boolean passed = DigestAuthenticationHelper.doAuthenticatePlainTextPassword(Request.REGISTER, authorization, "123456");
         log.info("authorization passed {}", passed);
 
+        authorization = DigestAuthenticationHelper.createAuthorization(Request.REGISTER, domain, serverId, deviceId, "123456", 1, wwwAuthenticateHeader);
+        log.info("\n{}", authorization);
+
+        passed = DigestAuthenticationHelper.doAuthenticatePlainTextPassword(Request.REGISTER, authorization, "123456");
+        log.info("authorization passed {}", passed);
+
     }
 }