Search in sources :

Example 1 with BadEncryptedDataException

use of org.terasology.identity.BadEncryptedDataException in project Terasology by MovingBlocks.

the class ServerHandshakeHandler method processNewIdentityRequest.

private void processNewIdentityRequest(NetData.NewIdentityRequest newIdentityRequest, ChannelHandlerContext ctx) {
    logger.info("Received new identity request");
    try {
        byte[] preMasterSecret = config.getSecurity().getServerPrivateCertificate().decrypt(newIdentityRequest.getPreMasterSecret().toByteArray());
        byte[] masterSecret = HandshakeCommon.generateMasterSecret(preMasterSecret, newIdentityRequest.getRandom().toByteArray(), serverRandom);
        // Generate a certificate pair for the client
        CertificatePair clientCertificates = new CertificateGenerator().generate(config.getSecurity().getServerPrivateCertificate());
        NetData.CertificateSet certificateData = NetData.CertificateSet.newBuilder().setPublicCertificate(NetMessageUtil.convert(clientCertificates.getPublicCert())).setPrivateExponent(ByteString.copyFrom(clientCertificates.getPrivateCert().getExponent().toByteArray())).build();
        byte[] encryptedCert = null;
        try {
            SecretKeySpec key = HandshakeCommon.generateSymmetricKey(masterSecret, newIdentityRequest.getRandom().toByteArray(), serverRandom);
            Cipher cipher = Cipher.getInstance(IdentityConstants.SYMMETRIC_ENCRYPTION_ALGORITHM);
            cipher.init(Cipher.ENCRYPT_MODE, key);
            encryptedCert = cipher.doFinal(certificateData.toByteArray());
        } catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException | BadPaddingException | IllegalBlockSizeException e) {
            logger.error("Unexpected error encrypting certificate for sending, ending connection attempt", e);
            ctx.getChannel().close();
            return;
        }
        ctx.getChannel().write(NetData.NetMessage.newBuilder().setProvisionIdentity(NetData.ProvisionIdentity.newBuilder().setEncryptedCertificates(ByteString.copyFrom(encryptedCert))).build());
        // Identity has been established, inform the server handler and withdraw from the pipeline
        ctx.getPipeline().remove(this);
        serverConnectionHandler.channelAuthenticated(clientCertificates.getPublicCert());
    } catch (BadEncryptedDataException e) {
        logger.error("Received invalid encrypted pre-master secret, ending connection attempt");
        ctx.getChannel().close();
    }
}
Also used : CertificateGenerator(org.terasology.identity.CertificateGenerator) NetData(org.terasology.protobuf.NetData) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) BadPaddingException(javax.crypto.BadPaddingException) InvalidKeyException(java.security.InvalidKeyException) BadEncryptedDataException(org.terasology.identity.BadEncryptedDataException) CertificatePair(org.terasology.identity.CertificatePair) SecretKeySpec(javax.crypto.spec.SecretKeySpec) Cipher(javax.crypto.Cipher)

Aggregations

InvalidKeyException (java.security.InvalidKeyException)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 BadPaddingException (javax.crypto.BadPaddingException)1 Cipher (javax.crypto.Cipher)1 IllegalBlockSizeException (javax.crypto.IllegalBlockSizeException)1 NoSuchPaddingException (javax.crypto.NoSuchPaddingException)1 SecretKeySpec (javax.crypto.spec.SecretKeySpec)1 BadEncryptedDataException (org.terasology.identity.BadEncryptedDataException)1 CertificateGenerator (org.terasology.identity.CertificateGenerator)1 CertificatePair (org.terasology.identity.CertificatePair)1 NetData (org.terasology.protobuf.NetData)1