- Have the PublicKeyCredentials provide the secure version being used on the client, so when we
eventually change how the handshake works, we can maintain backwards compatability with the old clients git-svn-id: svn+ssh://src.earth.threerings.net/narya/trunk@6479 542714f4-19e9-0310-aa3c-eee0fc999fb1
This commit is contained in:
@@ -48,6 +48,15 @@ public class PublicKeyCredentials extends Credentials
|
||||
_secret = SecureUtil.createRandomKey(16);
|
||||
_salt = SecureUtil.createRandomKey(4);
|
||||
_encodedSecret = SecureUtil.encryptBytes(key, _secret, _salt);
|
||||
_secureVersion = SecureUtil.VERSION;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the secure version the client is using.
|
||||
*/
|
||||
public int getSecureVersion ()
|
||||
{
|
||||
return _secureVersion;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -81,6 +90,9 @@ public class PublicKeyCredentials extends Credentials
|
||||
/** Our verification salt. */
|
||||
protected byte[] _salt;
|
||||
|
||||
/** Our secure version. */
|
||||
protected int _secureVersion;
|
||||
|
||||
/** Our secret key. */
|
||||
protected transient byte[] _secret;
|
||||
}
|
||||
|
||||
@@ -63,8 +63,10 @@ public class AuthingConnection extends PresentsConnection
|
||||
} else {
|
||||
// generate a server key and encode it using the client key
|
||||
SecureResponse resp = new SecureResponse();
|
||||
_serverSecret = resp.createSecret(
|
||||
(PublicKeyCredentials)secreq.getCredentials(), key, 16);
|
||||
PublicKeyCredentials pkcreds =
|
||||
(PublicKeyCredentials)secreq.getCredentials();
|
||||
_clientSecureVersion = pkcreds.getSecureVersion();
|
||||
_serverSecret = resp.createSecret(pkcreds, key, 16);
|
||||
safePostMessage(resp);
|
||||
}
|
||||
return;
|
||||
@@ -176,5 +178,10 @@ public class AuthingConnection extends PresentsConnection
|
||||
protected AuthRequest _authreq;
|
||||
protected AuthResponse _authrsp;
|
||||
protected Name _authname;
|
||||
|
||||
/** The random secret generating for this connection. */
|
||||
protected byte[] _serverSecret;
|
||||
|
||||
/** The secure version for our connecting client. */
|
||||
protected int _clientSecureVersion;
|
||||
}
|
||||
|
||||
@@ -45,6 +45,9 @@ import static com.threerings.presents.Log.log;
|
||||
*/
|
||||
public class SecureUtil
|
||||
{
|
||||
/** The version of our security protocol (for backwards compatability with older clients). */
|
||||
public static final int VERSION = 1;
|
||||
|
||||
/**
|
||||
* Creates our AES cipher.
|
||||
*/
|
||||
|
||||
Reference in New Issue
Block a user