Mark Johnson ae6c134546 An optional secure channel can be created for authentication to ensure credentials are encrypted
when sent to the server.

To implement a secure authentication channel:

- Create a key pair using the com.threerings.presents.tool.KeyPairGen tool.  You will need to
distribute the public key with your client, and the private key with the server.

- On your server during initialization, use PresentsConnectionManager.setPrivateKey to set the
private key.  It can take the key string gerenated by KeyPairGen.  This will return true if the
key was sucessfully set and the server supports the encryption necessary.

- On your client before authenticating, use Client.setPublicKey to set the public key.  As with
setPrivateKey, it will return true if the client supports the encryption necessary.

That's it!  You should now be authenticating over a secure encrypted channel.  The server can 
still accept unsecured authentication attempts (for the purpose of telling the client it needs a
new version to get the server's public key).  A failure to decrypt the client credientials on the
server will return a new "m.failed_to_secure" authentication code.

Handshake process:
- The client generates a random 128-bit key, and encodes it with the public key using a 32-bit
salt (PublicKeyCredentials).  This is sent to the server as a SecureRequest.
- The server decrypts the i128-bit key using its private key and verifies it against the salt.  If
verification fails, a failed secure response is returned and the client will authenticate over a
clear channel.  If verification succeeds, the server generates a random 128-bit AES key and
encodes it with the 128-bit key sent from the client.  This is sent back to the client as a
SecureResponse.
- The client will decode the AES key sent from the server (using the random key it generated at
the start of the handshake).  Using the AES key, the client will encrypt their credentials using
an AESAuthRequest and send it to the server.
- The server can now decrypt the credentials from the client and pass the AESAuthRequest to the
configured authenticators to complete authentication.  If the server fails to decrypt the
credentials a "m.failed_to_secure" authentication code is returned to the client.



git-svn-id: svn+ssh://src.earth.threerings.net/narya/trunk@6477 542714f4-19e9-0310-aa3c-eee0fc999fb1
2011-02-04 19:38:53 +00:00
2010-02-10 20:32:44 +00:00
2011-01-01 05:02:21 +00:00
2004-08-27 02:12:55 +00:00
2011-01-14 19:43:57 +00:00
2010-10-15 20:16:11 +00:00

The Narya library
-----------------

The Narya library provides various facilities for making networked
multiplayer games. Its various packages include:

  * geom, util, io - basic tools for doing networked I/O, data structure
    manipulation and some geometry math
  * resource - tools for bundling, deploying and managing media (images,
    sounds, etc.) with a game
  * media - a framework for doing "active" rendering in Java
  * media.image - tools for loading, caching, manipulating and displaying images
  * media.sound - tools for loading, caching, and playing audio
  * media.animation, media.sprite - works in concert with the active
    rendering system and provides tools for defining and manipulating
    sprites (graphical entities that follow paths) and animations
    (graphical entities that affect the display in other ways)
  * miso - a framework for defining and displaying isometrically rendered scenes
  * presents - a framework for distributing information among a server and
    networked clients
  * crowd - builds on the presents framework to create the notion of
    bodies and rooms and provides chat infrastructure
  * whirled - builds on the crowd framework and defines a scene graph with
    portals to move between scenes and provides hooks for distributing and
    updating scene data (for example isometric rendering information) over
    the network
  * cast - a framework for defining and using recolorable, composited
    characters with different poses and actions
  * parlor - builds upon the crowd framework to create the notion of a
    game with players and provides tools for making turn based games
  * puzzle - builds on the parlor and media frameworks to provide tools
    for implementing puzzle games in a networked environment
  * micasa - builds on the parlor framework to provide lobbies and
    matchmaking for multiplayer games 

Documentation is somewhat sparse at the moment, but inspection of the code
in the tests/ directory shows examples of use of many features of the
library.

Building
--------

Building the library is very simple. First ensure that the necessary third
party jar files are available either in the lib/ directory or in the
system wide jar file location specified in build.xml. See lib/README for a
list of the necessary third party jar files and how to get them.

The library is built using ant, a modern build tool available from The
Jakarta Project. If you aren't already using ant for other projects, it
can be found here:

  http://jakarta.apache.org/ant/

Invoke ant with any of the following targets:

  all: builds the distribution files and javadoc documentation
  compile: builds only the class files (dist/classes)
  javadoc: builds only the javadoc documentation (dist/docs)
  dist: builds the distribution jar files (dist/*.jar)

Distribution
------------

The Narya library is released under the LGPL. The most recent version of
the library is available here:

  http://code.google.com/p/narya/

Contributions and Contact Information
-------------------------------------

Narya is actively developed by the scurvy dogs at Three Rings Design, Inc.
Contributions are welcome.

Questions, comments, contributions, and other worldly endeavors can be
handled in the Google Group for Three Rings libraries:

  http://groups.google.com/group/ooo-libs

$Id$
S
Description
Distributed application framework, good for MMOGs
Readme 24 MiB
Languages
Java 69.1%
ActionScript 26.6%
C++ 3.1%
Go Template 0.8%
HTML 0.2%
Other 0.1%