diff options
author | Nils Schwabe | 2014-04-25 14:28:56 +0200 |
---|---|---|
committer | Nils Schwabe | 2014-04-25 14:28:56 +0200 |
commit | 40d528627efc309681496b47d66558e15eb3fe5e (patch) | |
tree | 4cb7ba77b4b55ecb0b29a734c782b68d6926d441 /src/main/java/org/openslx/imagemaster/serversession/ServerAuthenticator.java | |
parent | Add FTPS to MasterFtpServer (diff) | |
download | masterserver-40d528627efc309681496b47d66558e15eb3fe5e.tar.gz masterserver-40d528627efc309681496b47d66558e15eb3fe5e.tar.xz masterserver-40d528627efc309681496b47d66558e15eb3fe5e.zip |
Finally: Add _real_ server authentication. (this challengeresponse thing)
Diffstat (limited to 'src/main/java/org/openslx/imagemaster/serversession/ServerAuthenticator.java')
-rw-r--r-- | src/main/java/org/openslx/imagemaster/serversession/ServerAuthenticator.java | 42 |
1 files changed, 34 insertions, 8 deletions
diff --git a/src/main/java/org/openslx/imagemaster/serversession/ServerAuthenticator.java b/src/main/java/org/openslx/imagemaster/serversession/ServerAuthenticator.java index 726b062..24e2928 100644 --- a/src/main/java/org/openslx/imagemaster/serversession/ServerAuthenticator.java +++ b/src/main/java/org/openslx/imagemaster/serversession/ServerAuthenticator.java @@ -1,10 +1,14 @@ package org.openslx.imagemaster.serversession; +import java.nio.ByteBuffer; import java.util.HashMap; import org.apache.log4j.Logger; import org.apache.thrift.TException; +import org.openslx.imagemaster.Globals; +import org.openslx.imagemaster.Globals.PropString; import org.openslx.imagemaster.thrift.iface.AuthenticationException; +import org.openslx.imagemaster.util.AsymMessageSign; import org.openslx.imagemaster.util.RandomString; public class ServerAuthenticator @@ -12,6 +16,22 @@ public class ServerAuthenticator private static Logger log = Logger.getLogger( ServerAuthenticator.class ); // map of currently authenticating servers private static HashMap<String, String> authenticatingServers = new HashMap<String, String>(); + private static AsymMessageSign messageSign = null; + + /** + * Initialize the message signer/verifier + */ + static { + try { + messageSign = new AsymMessageSign( Globals.getPropertyString( PropString.KEYSTOREALIAS ), + Globals.getPropertyString( PropString.KEYSTOREPASSWORD ), + Globals.getPropertyString( PropString.KEYSTOREFILE ) ); + log.info( "Loaded keystore" ); + } catch ( Exception e ) { + log.error( "Error loading the keystore", e ); + System.exit(1); + } + } /** * Start the server authentification. @@ -43,20 +63,26 @@ public class ServerAuthenticator * @throws TException */ public static ServerUser serverAuthenticate( String organization, - String address, String challengeResponse ) + String address, ByteBuffer challengeResponse ) throws AuthenticationException, TException { - /* - * TODO: Decrypt the given challengeResponse and check whether it was - * right or not. Authenticate server if so. - */ - if ( !challengeResponse.equals( authenticatingServers.get( organization ) ) ) { + byte[] bytes = challengeResponse.array(); + log.info( "Response was: " + challengeResponse + " with length: " + bytes.length); + + boolean result = false; + + try { + result = messageSign.verifyMessage( bytes, authenticatingServers.get( organization ).getBytes() ); + } catch (Exception e) { + log.error( "Error while verifying message", e ); + } + + if ( !result ) { throw new AuthenticationException(); } log.info( "Server of organinzation '" + organization - + " authenticated. With response: '" + challengeResponse - + "'" ); + + " authenticated."); authenticatingServers.remove( organization ); |