Examples with PublicIdentityCertificate org.terasology.identity.PublicIdentityCertificate used on opensource projects

Search in sources :

Example 6 with PublicIdentityCertificate

use of org.terasology.identity.PublicIdentityCertificate in project Terasology by MovingBlocks.

the class ClientHandshakeHandler method processNewIdentity.

private void processNewIdentity(NetData.ProvisionIdentity provisionIdentity, ChannelHandlerContext ctx) {
    logger.info("Received identity from server");
    if (!requestedCertificate) {
        logger.error("Received identity without requesting it: cancelling authentication");
        joinStatus.setErrorMessage(AUTHENTICATION_FAILURE);
        ctx.getChannel().close();
        return;
    }
    try {
        byte[] decryptedCert = null;
        try {
            SecretKeySpec key = HandshakeCommon.generateSymmetricKey(masterSecret, clientRandom, serverRandom);
            Cipher cipher = Cipher.getInstance(IdentityConstants.SYMMETRIC_ENCRYPTION_ALGORITHM);
            cipher.init(Cipher.DECRYPT_MODE, key);
            decryptedCert = cipher.doFinal(provisionIdentity.getEncryptedCertificates().toByteArray());
        } catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException | BadPaddingException | IllegalBlockSizeException e) {
            logger.error("Unexpected error decrypting received certificate, ending connection attempt", e);
            joinStatus.setErrorMessage(AUTHENTICATION_FAILURE);
            ctx.getChannel().close();
            return;
        }
        NetData.CertificateSet certificateSet = NetData.CertificateSet.parseFrom(decryptedCert);
        NetData.Certificate publicCertData = certificateSet.getPublicCertificate();
        PublicIdentityCertificate publicCert = NetMessageUtil.convert(publicCertData);
        if (!publicCert.verifySignedBy(serverCertificate)) {
            logger.error("Received invalid certificate, not signed by server: cancelling authentication");
            joinStatus.setErrorMessage(AUTHENTICATION_FAILURE);
            ctx.getChannel().close();
            return;
        }
        BigInteger exponent = new BigInteger(certificateSet.getPrivateExponent().toByteArray());
        PrivateIdentityCertificate privateCert = new PrivateIdentityCertificate(publicCert.getModulus(), exponent);
        // Store identity for later use
        identity = new ClientIdentity(publicCert, privateCert);
        config.getSecurity().addIdentity(serverCertificate, identity);
        config.save();
        // Try to upload the new identity to the identity storage service (if user is logged in)
        StorageServiceWorker storageServiceWorker = CoreRegistry.get(StorageServiceWorker.class);
        if (storageServiceWorker != null && storageServiceWorker.getStatus() == StorageServiceWorkerStatus.LOGGED_IN) {
            storageServiceWorker.putIdentity(serverCertificate, identity);
        }
        // And we're authenticated.
        ctx.getPipeline().remove(this);
        channelAuthenticated(ctx);
    } catch (InvalidProtocolBufferException e) {
        logger.error("Received invalid certificate data: cancelling authentication", e);
        joinStatus.setErrorMessage(AUTHENTICATION_FAILURE);
        ctx.getChannel().close();
    }
}
Also used : NetData(org.terasology.protobuf.NetData) InvalidProtocolBufferException(com.google.protobuf.InvalidProtocolBufferException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) BadPaddingException(javax.crypto.BadPaddingException) InvalidKeyException(java.security.InvalidKeyException) ClientIdentity(org.terasology.identity.ClientIdentity) SecretKeySpec(javax.crypto.spec.SecretKeySpec) BigInteger(java.math.BigInteger) Cipher(javax.crypto.Cipher) StorageServiceWorker(org.terasology.identity.storageServiceClient.StorageServiceWorker) PrivateIdentityCertificate(org.terasology.identity.PrivateIdentityCertificate) PublicIdentityCertificate(org.terasology.identity.PublicIdentityCertificate)

Example 7 with PublicIdentityCertificate

use of org.terasology.identity.PublicIdentityCertificate in project Terasology by MovingBlocks.

the class ClientHandshakeHandler method sendCertificate.

private void sendCertificate(NetData.HandshakeHello helloMessage, ChannelHandlerContext ctx) {
    logger.info("Sending client certificate");
    PublicIdentityCertificate pubClientCert = identity.getPlayerPublicCertificate();
    clientHello = NetData.HandshakeHello.newBuilder().setRandom(ByteString.copyFrom(clientRandom)).setCertificate(NetMessageUtil.convert(pubClientCert)).setTimestamp(System.currentTimeMillis()).build();
    byte[] dataToSign = Bytes.concat(helloMessage.toByteArray(), clientHello.toByteArray());
    byte[] signature = identity.getPlayerPrivateCertificate().sign(dataToSign);
    ctx.getChannel().write(NetData.NetMessage.newBuilder().setHandshakeHello(clientHello).setHandshakeVerification(NetData.HandshakeVerification.newBuilder().setSignature(ByteString.copyFrom(signature))).build());
}
Also used : PublicIdentityCertificate(org.terasology.identity.PublicIdentityCertificate)

Example 8 with PublicIdentityCertificate

use of org.terasology.identity.PublicIdentityCertificate in project Terasology by MovingBlocks.

the class ServerHandshakeHandler method channelConnected.

@Override
public void channelConnected(ChannelHandlerContext ctx, ChannelStateEvent e) throws Exception {
    logger.info("Sending Server Hello");
    PublicIdentityCertificate serverPublicCert = config.getSecurity().getServerPublicCertificate();
    new SecureRandom().nextBytes(serverRandom);
    serverHello = NetData.HandshakeHello.newBuilder().setRandom(ByteString.copyFrom(serverRandom)).setCertificate(NetMessageUtil.convert(serverPublicCert)).setTimestamp(System.currentTimeMillis()).build();
    e.getChannel().write(NetData.NetMessage.newBuilder().setHandshakeHello(serverHello).build());
}
Also used : SecureRandom(java.security.SecureRandom) PublicIdentityCertificate(org.terasology.identity.PublicIdentityCertificate)

Aggregations

PublicIdentityCertificate (org.terasology.identity.PublicIdentityCertificate)8 ClientIdentity (org.terasology.identity.ClientIdentity)4 PrivateIdentityCertificate (org.terasology.identity.PrivateIdentityCertificate)2 JsonIOException (com.google.gson.JsonIOException)1 JsonSyntaxException (com.google.gson.JsonSyntaxException)1 InvalidProtocolBufferException (com.google.protobuf.InvalidProtocolBufferException)1 BufferedReader (java.io.BufferedReader)1 IOException (java.io.IOException)1 BigInteger (java.math.BigInteger)1 InvalidKeyException (java.security.InvalidKeyException)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 SecureRandom (java.security.SecureRandom)1 Map (java.util.Map)1 BadPaddingException (javax.crypto.BadPaddingException)1 Cipher (javax.crypto.Cipher)1 IllegalBlockSizeException (javax.crypto.IllegalBlockSizeException)1 NoSuchPaddingException (javax.crypto.NoSuchPaddingException)1 SecretKeySpec (javax.crypto.spec.SecretKeySpec)1 StorageServiceWorker (org.terasology.identity.storageServiceClient.StorageServiceWorker)1 NetData (org.terasology.protobuf.NetData)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial