Search in sources :

Example 1 with CertificatePair

use of org.terasology.identity.CertificatePair in project Terasology by MovingBlocks.

the class ServerHandshakeHandler method processNewIdentityRequest.

private void processNewIdentityRequest(NetData.NewIdentityRequest newIdentityRequest, ChannelHandlerContext ctx) {
    logger.info("Received new identity request");
    try {
        byte[] preMasterSecret = config.getSecurity().getServerPrivateCertificate().decrypt(newIdentityRequest.getPreMasterSecret().toByteArray());
        byte[] masterSecret = HandshakeCommon.generateMasterSecret(preMasterSecret, newIdentityRequest.getRandom().toByteArray(), serverRandom);
        // Generate a certificate pair for the client
        CertificatePair clientCertificates = new CertificateGenerator().generate(config.getSecurity().getServerPrivateCertificate());
        NetData.CertificateSet certificateData = NetData.CertificateSet.newBuilder().setPublicCertificate(NetMessageUtil.convert(clientCertificates.getPublicCert())).setPrivateExponent(ByteString.copyFrom(clientCertificates.getPrivateCert().getExponent().toByteArray())).build();
        byte[] encryptedCert = null;
        try {
            SecretKeySpec key = HandshakeCommon.generateSymmetricKey(masterSecret, newIdentityRequest.getRandom().toByteArray(), serverRandom);
            Cipher cipher = Cipher.getInstance(IdentityConstants.SYMMETRIC_ENCRYPTION_ALGORITHM);
            cipher.init(Cipher.ENCRYPT_MODE, key);
            encryptedCert = cipher.doFinal(certificateData.toByteArray());
        } catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException | BadPaddingException | IllegalBlockSizeException e) {
            logger.error("Unexpected error encrypting certificate for sending, ending connection attempt", e);
            ctx.getChannel().close();
            return;
        }
        ctx.getChannel().write(NetData.NetMessage.newBuilder().setProvisionIdentity(NetData.ProvisionIdentity.newBuilder().setEncryptedCertificates(ByteString.copyFrom(encryptedCert))).build());
        // Identity has been established, inform the server handler and withdraw from the pipeline
        ctx.getPipeline().remove(this);
        serverConnectionHandler.channelAuthenticated(clientCertificates.getPublicCert());
    } catch (BadEncryptedDataException e) {
        logger.error("Received invalid encrypted pre-master secret, ending connection attempt");
        ctx.getChannel().close();
    }
}
Also used : CertificateGenerator(org.terasology.identity.CertificateGenerator) NetData(org.terasology.protobuf.NetData) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) BadPaddingException(javax.crypto.BadPaddingException) InvalidKeyException(java.security.InvalidKeyException) BadEncryptedDataException(org.terasology.identity.BadEncryptedDataException) CertificatePair(org.terasology.identity.CertificatePair) SecretKeySpec(javax.crypto.spec.SecretKeySpec) Cipher(javax.crypto.Cipher)

Example 2 with CertificatePair

use of org.terasology.identity.CertificatePair in project Terasology by MovingBlocks.

the class ConfigurationSubsystem method checkServerIdentity.

private void checkServerIdentity() {
    if (!validateServerIdentity()) {
        CertificateGenerator generator = new CertificateGenerator();
        CertificatePair serverIdentity = generator.generateSelfSigned();
        config.getSecurity().setServerCredentials(serverIdentity.getPublicCert(), serverIdentity.getPrivateCert());
        config.save();
    }
}
Also used : CertificateGenerator(org.terasology.identity.CertificateGenerator) CertificatePair(org.terasology.identity.CertificatePair)

Example 3 with CertificatePair

use of org.terasology.identity.CertificatePair in project Terasology by MovingBlocks.

the class TestNetwork method setup.

@Before
public void setup() throws Exception {
    super.setup();
    CertificateGenerator generator = new CertificateGenerator();
    CertificatePair serverIdentiy = generator.generateSelfSigned();
    context.get(Config.class).getSecurity().setServerCredentials(serverIdentiy.getPublicCert(), serverIdentiy.getPrivateCert());
}
Also used : CertificateGenerator(org.terasology.identity.CertificateGenerator) CertificatePair(org.terasology.identity.CertificatePair) Before(org.junit.Before)

Aggregations

CertificateGenerator (org.terasology.identity.CertificateGenerator)3 CertificatePair (org.terasology.identity.CertificatePair)3 InvalidKeyException (java.security.InvalidKeyException)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 BadPaddingException (javax.crypto.BadPaddingException)1 Cipher (javax.crypto.Cipher)1 IllegalBlockSizeException (javax.crypto.IllegalBlockSizeException)1 NoSuchPaddingException (javax.crypto.NoSuchPaddingException)1 SecretKeySpec (javax.crypto.spec.SecretKeySpec)1 Before (org.junit.Before)1 BadEncryptedDataException (org.terasology.identity.BadEncryptedDataException)1 NetData (org.terasology.protobuf.NetData)1