Examples with U2FException com.google.u2f.U2FException used on opensource projects

Search in sources :

Example 21 with U2FException

use of com.google.u2f.U2FException in project OpenUnison by TremoloSecurity.

the class U2FServerReferenceImpl method verifyBrowserData.

private void verifyBrowserData(JsonElement browserDataAsElement, String messageType, EnrollSessionData sessionData) throws U2FException {
    if (!browserDataAsElement.isJsonObject()) {
        throw new U2FException("browserdata has wrong format");
    }
    JsonObject browserData = browserDataAsElement.getAsJsonObject();
    // check that the right "typ" parameter is present in the browserdata JSON
    if (!browserData.has(TYPE_PARAM)) {
        throw new U2FException("bad browserdata: missing 'typ' param");
    }
    String type = browserData.get(TYPE_PARAM).getAsString();
    if (!messageType.equals(type)) {
        throw new U2FException("bad browserdata: bad type " + type);
    }
    // check that the right challenge is in the browserdata
    if (!browserData.has(CHALLENGE_PARAM)) {
        throw new U2FException("bad browserdata: missing 'challenge' param");
    }
    if (browserData.has(ORIGIN_PARAM)) {
        verifyOrigin(browserData.get(ORIGIN_PARAM).getAsString());
    }
    byte[] challengeFromBrowserData = Base64.decodeBase64(browserData.get(CHALLENGE_PARAM).getAsString());
    if (!Arrays.equals(challengeFromBrowserData, sessionData.getChallenge())) {
        throw new U2FException("wrong challenge signed in browserdata");
    }
// TODO: Deal with ChannelID
}
Also used : JsonObject(com.google.gson.JsonObject) U2FException(com.google.u2f.U2FException)

Aggregations

U2FException (com.google.u2f.U2FException)21 SecurityKeyData (com.google.u2f.server.data.SecurityKeyData)6 IOException (java.io.IOException)6 DataInputStream (java.io.DataInputStream)5 JsonParser (com.google.gson.JsonParser)4 RegisterResponse (com.google.u2f.key.messages.RegisterResponse)4 ByteArrayInputStream (java.io.ByteArrayInputStream)4 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)4 X509Certificate (java.security.cert.X509Certificate)4 AuthenticateResponse (com.google.u2f.key.messages.AuthenticateResponse)3 U2FServer (com.google.u2f.server.U2FServer)3 AuthController (com.tremolosecurity.proxy.auth.AuthController)3 AuthInfo (com.tremolosecurity.proxy.auth.AuthInfo)3 Attribute (com.tremolosecurity.saml.Attribute)3 InvalidKeyException (java.security.InvalidKeyException)3 SignatureException (java.security.SignatureException)3 CertificateEncodingException (java.security.cert.CertificateEncodingException)3 HashMap (java.util.HashMap)3 JsonObject (com.google.gson.JsonObject)2 EnrollSessionData (com.google.u2f.server.data.EnrollSessionData)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial