Examples with WireCrypt org.firebirdsql.gds.ng.WireCrypt used on opensource projects

Example 1 with WireCrypt

use of org.firebirdsql.gds.ng.WireCrypt in project jaybird by FirebirdSQL.

the class V13WireOperations method authReceiveResponse.

@Override
public void authReceiveResponse(FbWireAttachment.AcceptPacket acceptPacket, FbWireOperations.ProcessAttachCallback processAttachCallback) throws SQLException, IOException {
    assert acceptPacket == null || acceptPacket.operation == op_cond_accept : "Unexpected operation in AcceptPacket";
    final XdrInputStream xdrIn = getXdrIn();
    final XdrOutputStream xdrOut = getXdrOut();
    final ClientAuthBlock clientAuthBlock = getClientAuthBlock();
    final Encoding encoding = getEncoding();
    while (true) {
        String pluginName;
        byte[] data;
        if (acceptPacket != null) {
            data = acceptPacket.p_acpt_data;
            pluginName = acceptPacket.p_acpt_plugin;
            addServerKeys(acceptPacket.p_acpt_keys);
            log.debug(String.format("authReceiveResponse: cond_accept data=%d pluginName=%d '%s'", data.length, pluginName != null ? pluginName.length() : null, pluginName));
            // TODO handle compression
            acceptPacket = null;
        } else {
            int operation = readNextOperation();
            switch(operation) {
                case op_trusted_auth:
                    // p_trau_data
                    xdrIn.readBuffer();
                    throw new FbExceptionBuilder().nonTransientConnectionException(JaybirdErrorCodes.jb_receiveTrustedAuth_NotSupported).toFlatSQLException();
                case op_cont_auth:
                    // p_data
                    data = xdrIn.readBuffer();
                    // p_name
                    pluginName = xdrIn.readString(encoding);
                    // p_list (ignore?)
                    xdrIn.readBuffer();
                    // p_keys
                    addServerKeys(xdrIn.readBuffer());
                    log.debug(String.format("authReceiveResponse: cont_auth data=%d pluginName=%d '%s'", data.length, pluginName.length(), pluginName));
                    break;
                case op_cond_accept:
                    // Note this is the equivalent of handling the acceptPacket != null above
                    // p_acpt_version
                    xdrIn.readInt();
                    // p_acpt_architecture
                    xdrIn.readInt();
                    // p_acpt_type
                    xdrIn.readInt();
                    // p_acpt_data
                    data = xdrIn.readBuffer();
                    // p_acpt_plugin
                    pluginName = xdrIn.readString(encoding);
                    // p_acpt_authenticated
                    xdrIn.readInt();
                    // p_acpt_keys
                    addServerKeys(xdrIn.readBuffer());
                    log.debug(String.format("authReceiveResponse: cond_accept data=%d pluginName=%d '%s'", data.length, pluginName.length(), pluginName));
                    // TODO handle compression
                    break;
                case op_response:
                    GenericResponse response = (GenericResponse) readOperationResponse(operation, null);
                    boolean wasAuthComplete = clientAuthBlock.isAuthComplete();
                    clientAuthBlock.setAuthComplete(true);
                    processAttachCallback.processAttachResponse(response);
                    addServerKeys(response.getData());
                    WireCrypt wireCrypt = getAttachProperties().getWireCrypt();
                    if (!wasAuthComplete && wireCrypt != WireCrypt.DISABLED) {
                        tryKnownServerKeys();
                    }
                    return;
                default:
                    throw new SQLException(String.format("Unsupported operation code: %d", operation));
            }
        }
        if (pluginName != null && pluginName.length() > 0 && Objects.equals(pluginName, clientAuthBlock.getCurrentPluginName())) {
            pluginName = null;
        }
        if (pluginName != null && pluginName.length() > 0) {
            if (!clientAuthBlock.switchPlugin(pluginName)) {
                break;
            }
        }
        if (!clientAuthBlock.hasPlugin()) {
            break;
        }
        clientAuthBlock.setServerData(data);
        log.debug(String.format("receiveResponse: authenticate(%s)", clientAuthBlock.getCurrentPluginName()));
        clientAuthBlock.authenticate();
        xdrOut.writeInt(op_cont_auth);
        // TODO Move to ClientAuthBlock?
        // p_data
        xdrOut.writeBuffer(clientAuthBlock.getClientData());
        // p_name
        xdrOut.writeString(clientAuthBlock.getCurrentPluginName(), encoding);
        if (clientAuthBlock.isFirstTime()) {
            // p_list
            xdrOut.writeString(clientAuthBlock.getPluginNames(), encoding);
            clientAuthBlock.setFirstTime(false);
        } else {
            // p_list
            xdrOut.writeBuffer(null);
        }
        // p_keys
        xdrOut.writeBuffer(null);
        xdrOut.flush();
    }
    // If we have exited from the cycle, this mean auth failed
    throw new FbExceptionBuilder().exception(ISCConstants.isc_login).toFlatSQLException();
}