- Save the aes key generated during secure authentication in Client and ClientLocal (for the

server).  It can then be used to encrypt further data during the session.


git-svn-id: svn+ssh://src.earth.threerings.net/narya/trunk@6492 542714f4-19e9-0310-aa3c-eee0fc999fb1
This commit is contained in:
Mark Johnson
2011-02-15 01:20:34 +00:00
parent acc6cff7e5
commit 4a5fe35c2c
7 changed files with 55 additions and 3 deletions
@@ -51,6 +51,7 @@ import com.threerings.io.UnreliableObjectOutputStream;
import com.threerings.presents.net.AESAuthRequest;
import com.threerings.presents.net.AuthResponse;
import com.threerings.presents.net.AuthResponseData;
import com.threerings.presents.net.AuthRequest;
import com.threerings.presents.net.DownstreamMessage;
import com.threerings.presents.net.LogoffRequest;
import com.threerings.presents.net.PingRequest;
@@ -630,10 +631,12 @@ public class BlockingCommunicator extends Communicator
response = (AuthResponse)receiveMessage();
// If we've received a secure response, proceed with authentication
if (response instanceof SecureResponse) {
sendMessage(AESAuthRequest.createAuthRequest(
AuthRequest areq = AESAuthRequest.createAuthRequest(
_client.getCredentials(), _client.getVersion(),
_client.getBootGroups(), _client.requireSecureAuth(),
pkcreds, (SecureResponse)response));
pkcreds, (SecureResponse)response);
sendMessage(areq);
_client.setSecret(areq.getSecret());
// now wait for the auth response
log.debug("Waiting for auth response.");
@@ -254,6 +254,22 @@ public class Client
return _requireSecureAuth;
}
/**
* Sets the secret key to use with a session.
*/
public void setSecret (byte[] secret)
{
_secret = secret;
}
/**
* Gets the secret key to use with a session.
*/
public byte[] getSecret ()
{
return _secret;
}
/**
* Returns the version string configured for this client.
*/
@@ -1045,6 +1061,9 @@ public class Client
/** Our public key. */
protected PublicKey _publicKey;
/** Our session secret key. */
protected byte[] _secret;
/** If we require a secure connection to send our credentials. */
protected boolean _requireSecureAuth = false;