ae6c13454676217100e3729cbe194444637435db
when sent to the server. To implement a secure authentication channel: - Create a key pair using the com.threerings.presents.tool.KeyPairGen tool. You will need to distribute the public key with your client, and the private key with the server. - On your server during initialization, use PresentsConnectionManager.setPrivateKey to set the private key. It can take the key string gerenated by KeyPairGen. This will return true if the key was sucessfully set and the server supports the encryption necessary. - On your client before authenticating, use Client.setPublicKey to set the public key. As with setPrivateKey, it will return true if the client supports the encryption necessary. That's it! You should now be authenticating over a secure encrypted channel. The server can still accept unsecured authentication attempts (for the purpose of telling the client it needs a new version to get the server's public key). A failure to decrypt the client credientials on the server will return a new "m.failed_to_secure" authentication code. Handshake process: - The client generates a random 128-bit key, and encodes it with the public key using a 32-bit salt (PublicKeyCredentials). This is sent to the server as a SecureRequest. - The server decrypts the i128-bit key using its private key and verifies it against the salt. If verification fails, a failed secure response is returned and the client will authenticate over a clear channel. If verification succeeds, the server generates a random 128-bit AES key and encodes it with the 128-bit key sent from the client. This is sent back to the client as a SecureResponse. - The client will decode the AES key sent from the server (using the random key it generated at the start of the handshake). Using the AES key, the client will encrypt their credentials using an AESAuthRequest and send it to the server. - The server can now decrypt the credentials from the client and pass the AESAuthRequest to the configured authenticators to complete authentication. If the server fails to decrypt the credentials a "m.failed_to_secure" authentication code is returned to the client. git-svn-id: svn+ssh://src.earth.threerings.net/narya/trunk@6477 542714f4-19e9-0310-aa3c-eee0fc999fb1
The Narya library
-----------------
The Narya library provides various facilities for making networked
multiplayer games. Its various packages include:
* geom, util, io - basic tools for doing networked I/O, data structure
manipulation and some geometry math
* resource - tools for bundling, deploying and managing media (images,
sounds, etc.) with a game
* media - a framework for doing "active" rendering in Java
* media.image - tools for loading, caching, manipulating and displaying images
* media.sound - tools for loading, caching, and playing audio
* media.animation, media.sprite - works in concert with the active
rendering system and provides tools for defining and manipulating
sprites (graphical entities that follow paths) and animations
(graphical entities that affect the display in other ways)
* miso - a framework for defining and displaying isometrically rendered scenes
* presents - a framework for distributing information among a server and
networked clients
* crowd - builds on the presents framework to create the notion of
bodies and rooms and provides chat infrastructure
* whirled - builds on the crowd framework and defines a scene graph with
portals to move between scenes and provides hooks for distributing and
updating scene data (for example isometric rendering information) over
the network
* cast - a framework for defining and using recolorable, composited
characters with different poses and actions
* parlor - builds upon the crowd framework to create the notion of a
game with players and provides tools for making turn based games
* puzzle - builds on the parlor and media frameworks to provide tools
for implementing puzzle games in a networked environment
* micasa - builds on the parlor framework to provide lobbies and
matchmaking for multiplayer games
Documentation is somewhat sparse at the moment, but inspection of the code
in the tests/ directory shows examples of use of many features of the
library.
Building
--------
Building the library is very simple. First ensure that the necessary third
party jar files are available either in the lib/ directory or in the
system wide jar file location specified in build.xml. See lib/README for a
list of the necessary third party jar files and how to get them.
The library is built using ant, a modern build tool available from The
Jakarta Project. If you aren't already using ant for other projects, it
can be found here:
http://jakarta.apache.org/ant/
Invoke ant with any of the following targets:
all: builds the distribution files and javadoc documentation
compile: builds only the class files (dist/classes)
javadoc: builds only the javadoc documentation (dist/docs)
dist: builds the distribution jar files (dist/*.jar)
Distribution
------------
The Narya library is released under the LGPL. The most recent version of
the library is available here:
http://code.google.com/p/narya/
Contributions and Contact Information
-------------------------------------
Narya is actively developed by the scurvy dogs at Three Rings Design, Inc.
Contributions are welcome.
Questions, comments, contributions, and other worldly endeavors can be
handled in the Google Group for Three Rings libraries:
http://groups.google.com/group/ooo-libs
$Id$
Description
Languages
Java
69.1%
ActionScript
26.6%
C++
3.1%
Go Template
0.8%
HTML
0.2%
Other
0.1%