public static ServerResponse decodeMessage(ByteBuffer buffer) { ByteBuf buf = Unpooled.wrappedBuffer(buffer); if (buf.readByte() != TAG_BYTE) { throw new IllegalArgumentException("Expected ServerResponse, received something else."); } return new ServerResponse( Encoders.ByteArrays.decode(buf), Encoders.ByteArrays.decode(buf), Encoders.ByteArrays.decode(buf), Encoders.ByteArrays.decode(buf)); }
engine = new AuthEngine(challenge.appId, secret, conf); ServerResponse response = engine.respond(challenge); ByteBuf responseData = Unpooled.buffer(response.encodedLength()); response.encode(responseData); callback.onSuccess(responseData.nioBuffer()); engine.sessionCipher().addToChannel(channel);
@Test public void testServerResponse() { ServerResponse msg = new ServerResponse(byteArray(), byteArray(), byteArray(), byteArray()); ServerResponse decoded = ServerResponse.decodeMessage(encode(msg)); assertTrue(Arrays.equals(msg.response, decoded.response)); assertTrue(Arrays.equals(msg.nonce, decoded.nonce)); assertTrue(Arrays.equals(msg.inputIv, decoded.inputIv)); assertTrue(Arrays.equals(msg.outputIv, decoded.outputIv)); }
private void doSparkAuth(TransportClient client, Channel channel) throws GeneralSecurityException, IOException { String secretKey = secretKeyHolder.getSecretKey(appId); try (AuthEngine engine = new AuthEngine(appId, secretKey, conf)) { ClientChallenge challenge = engine.challenge(); ByteBuf challengeData = Unpooled.buffer(challenge.encodedLength()); challenge.encode(challengeData); ByteBuffer responseData = client.sendRpcSync(challengeData.nioBuffer(), conf.authRTTimeoutMs()); ServerResponse response = ServerResponse.decodeMessage(responseData); engine.validate(response); engine.sessionCipher().addToChannel(channel); } }
@Test public void testServerResponse() { ServerResponse msg = new ServerResponse(byteArray(), byteArray(), byteArray(), byteArray()); ServerResponse decoded = ServerResponse.decodeMessage(encode(msg)); assertTrue(Arrays.equals(msg.response, decoded.response)); assertTrue(Arrays.equals(msg.nonce, decoded.nonce)); assertTrue(Arrays.equals(msg.inputIv, decoded.inputIv)); assertTrue(Arrays.equals(msg.outputIv, decoded.outputIv)); }
private void doSparkAuth(TransportClient client, Channel channel) throws GeneralSecurityException, IOException { String secretKey = secretKeyHolder.getSecretKey(appId); try (AuthEngine engine = new AuthEngine(appId, secretKey, conf)) { ClientChallenge challenge = engine.challenge(); ByteBuf challengeData = Unpooled.buffer(challenge.encodedLength()); challenge.encode(challengeData); ByteBuffer responseData = client.sendRpcSync(challengeData.nioBuffer(), conf.authRTTimeoutMs()); ServerResponse response = ServerResponse.decodeMessage(responseData); engine.validate(response); engine.sessionCipher().addToChannel(channel); } }
public static ServerResponse decodeMessage(ByteBuffer buffer) { ByteBuf buf = Unpooled.wrappedBuffer(buffer); if (buf.readByte() != TAG_BYTE) { throw new IllegalArgumentException("Expected ServerResponse, received something else."); } return new ServerResponse( Encoders.ByteArrays.decode(buf), Encoders.ByteArrays.decode(buf), Encoders.ByteArrays.decode(buf), Encoders.ByteArrays.decode(buf)); }
engine = new AuthEngine(challenge.appId, secret, conf); ServerResponse response = engine.respond(challenge); ByteBuf responseData = Unpooled.buffer(response.encodedLength()); response.encode(responseData); callback.onSuccess(responseData.nioBuffer()); engine.sessionCipher().addToChannel(channel);
private void doSparkAuth(TransportClient client, Channel channel) throws GeneralSecurityException, IOException { String secretKey = secretKeyHolder.getSecretKey(appId); try (AuthEngine engine = new AuthEngine(appId, secretKey, conf)) { ClientChallenge challenge = engine.challenge(); ByteBuf challengeData = Unpooled.buffer(challenge.encodedLength()); challenge.encode(challengeData); ByteBuffer responseData = client.sendRpcSync(challengeData.nioBuffer(), conf.authRTTimeoutMs()); ServerResponse response = ServerResponse.decodeMessage(responseData); engine.validate(response); engine.sessionCipher().addToChannel(channel); } }
public static ServerResponse decodeMessage(ByteBuffer buffer) { ByteBuf buf = Unpooled.wrappedBuffer(buffer); if (buf.readByte() != TAG_BYTE) { throw new IllegalArgumentException("Expected ServerResponse, received something else."); } return new ServerResponse( Encoders.ByteArrays.decode(buf), Encoders.ByteArrays.decode(buf), Encoders.ByteArrays.decode(buf), Encoders.ByteArrays.decode(buf)); }
engine = new AuthEngine(challenge.appId, secret, conf); ServerResponse response = engine.respond(challenge); ByteBuf responseData = Unpooled.buffer(response.encodedLength()); response.encode(responseData); callback.onSuccess(responseData.nioBuffer()); engine.sessionCipher().addToChannel(channel);
/** * Validates the client challenge, and create the encryption backend for the channel from the * parameters sent by the client. * * @param clientChallenge The challenge from the client. * @return A response to be sent to the client. */ ServerResponse respond(ClientChallenge clientChallenge) throws GeneralSecurityException { SecretKeySpec authKey = generateKey(clientChallenge.kdf, clientChallenge.iterations, clientChallenge.nonce, clientChallenge.keyLength); initializeForAuth(clientChallenge.cipher, clientChallenge.nonce, authKey); byte[] challenge = validateChallenge(clientChallenge.nonce, clientChallenge.challenge); byte[] response = challenge(appId, clientChallenge.nonce, rawResponse(challenge)); byte[] sessionNonce = randomBytes(conf.encryptionKeyLength() / Byte.SIZE); byte[] inputIv = randomBytes(conf.ivLength()); byte[] outputIv = randomBytes(conf.ivLength()); SecretKeySpec sessionKey = generateKey(clientChallenge.kdf, clientChallenge.iterations, sessionNonce, clientChallenge.keyLength); this.sessionCipher = new TransportCipher(cryptoConf, clientChallenge.cipher, sessionKey, inputIv, outputIv); // Note the IVs are swapped in the response. return new ServerResponse(response, encrypt(sessionNonce), encrypt(outputIv), encrypt(inputIv)); }
/** * Validates the client challenge, and create the encryption backend for the channel from the * parameters sent by the client. * * @param clientChallenge The challenge from the client. * @return A response to be sent to the client. */ ServerResponse respond(ClientChallenge clientChallenge) throws GeneralSecurityException, IOException { SecretKeySpec authKey = generateKey(clientChallenge.kdf, clientChallenge.iterations, clientChallenge.nonce, clientChallenge.keyLength); initializeForAuth(clientChallenge.cipher, clientChallenge.nonce, authKey); byte[] challenge = validateChallenge(clientChallenge.nonce, clientChallenge.challenge); byte[] response = challenge(appId, clientChallenge.nonce, rawResponse(challenge)); byte[] sessionNonce = randomBytes(conf.encryptionKeyLength() / Byte.SIZE); byte[] inputIv = randomBytes(conf.ivLength()); byte[] outputIv = randomBytes(conf.ivLength()); SecretKeySpec sessionKey = generateKey(clientChallenge.kdf, clientChallenge.iterations, sessionNonce, clientChallenge.keyLength); this.sessionCipher = new TransportCipher(cryptoConf, clientChallenge.cipher, sessionKey, inputIv, outputIv); // Note the IVs are swapped in the response. return new ServerResponse(response, encrypt(sessionNonce), encrypt(outputIv), encrypt(inputIv)); }
/** * Validates the client challenge, and create the encryption backend for the channel from the * parameters sent by the client. * * @param clientChallenge The challenge from the client. * @return A response to be sent to the client. */ ServerResponse respond(ClientChallenge clientChallenge) throws GeneralSecurityException { SecretKeySpec authKey = generateKey(clientChallenge.kdf, clientChallenge.iterations, clientChallenge.nonce, clientChallenge.keyLength); initializeForAuth(clientChallenge.cipher, clientChallenge.nonce, authKey); byte[] challenge = validateChallenge(clientChallenge.nonce, clientChallenge.challenge); byte[] response = challenge(appId, clientChallenge.nonce, rawResponse(challenge)); byte[] sessionNonce = randomBytes(conf.encryptionKeyLength() / Byte.SIZE); byte[] inputIv = randomBytes(conf.ivLength()); byte[] outputIv = randomBytes(conf.ivLength()); SecretKeySpec sessionKey = generateKey(clientChallenge.kdf, clientChallenge.iterations, sessionNonce, clientChallenge.keyLength); this.sessionCipher = new TransportCipher(cryptoConf, clientChallenge.cipher, sessionKey, inputIv, outputIv); // Note the IVs are swapped in the response. return new ServerResponse(response, encrypt(sessionNonce), encrypt(outputIv), encrypt(inputIv)); }