/** * Validate provided server key. * * @param serverKey server key to be validated. * @throws HandshakeException when the server key is invalid. */ public void validateServerKey(String serverKey) throws HandshakeException { final SecKey key = generateServerKey(this); if (!key.getSecKey().equals(serverKey)) { throw new HandshakeException(LocalizationMessages.SEC_KEY_INVALID_SERVER()); } } }
/** * Generate server-side security key, which gets passed to the client during * the handshake phase as part of message payload. * * @param clientKey client's Sec-WebSocket-Key * @return server key. */ public static SecKey generateServerKey(SecKey clientKey) throws HandshakeException { String key = clientKey.getSecKey() + UpgradeRequest.SERVER_KEY_HASH; final MessageDigest instance; try { instance = MessageDigest.getInstance("SHA-1"); instance.update(key.getBytes("UTF-8")); final byte[] digest = instance.digest(); if (digest.length != 20) { throw new HandshakeException(LocalizationMessages.SEC_KEY_INVALID_LENGTH(digest.length)); } return new SecKey(Base64.getEncoder().encodeToString(digest)); } catch (NoSuchAlgorithmException | UnsupportedEncodingException e) { throw new HandshakeException(e.getMessage()); } }
/** * Validate provided server key. * * @param serverKey server key to be validated. * @throws HandshakeException when the server key is invalid. */ public void validateServerKey(String serverKey) throws HandshakeException { final SecKey key = generateServerKey(this); if (!key.getSecKey().equals(serverKey)) { throw new HandshakeException(LocalizationMessages.SEC_KEY_INVALID_SERVER()); } } }
/** * Generate server-side security key, which gets passed to the client during * the handshake phase as part of message payload. * * @param clientKey client's Sec-WebSocket-Key * @return server key. */ public static SecKey generateServerKey(SecKey clientKey) throws HandshakeException { String key = clientKey.getSecKey() + UpgradeRequest.SERVER_KEY_HASH; final MessageDigest instance; try { instance = MessageDigest.getInstance("SHA-1"); instance.update(key.getBytes("UTF-8")); final byte[] digest = instance.digest(); if (digest.length != 20) { throw new HandshakeException(LocalizationMessages.SEC_KEY_INVALID_LENGTH(digest.length)); } return new SecKey(Base64.getEncoder().encodeToString(digest)); } catch (NoSuchAlgorithmException | UnsupportedEncodingException e) { throw new HandshakeException(e.getMessage()); } }
response.getHeaders().put(UpgradeRequest.CONNECTION, Arrays.asList(UpgradeRequest.UPGRADE)); response.setReasonPhrase(UpgradeRequest.RESPONSE_CODE_MESSAGE); response.getHeaders().put(HandshakeResponse.SEC_WEBSOCKET_ACCEPT, Arrays.asList(secKey.getSecKey()));
response.getHeaders().put(UpgradeRequest.CONNECTION, Arrays.asList(UpgradeRequest.UPGRADE)); response.setReasonPhrase(UpgradeRequest.RESPONSE_CODE_MESSAGE); response.getHeaders().put(HandshakeResponse.SEC_WEBSOCKET_ACCEPT, Arrays.asList(secKey.getSecKey()));