public class AuthenticationClientHandler extends Object
Constructor and Description |
---|
AuthenticationClientHandler() |
Modifier and Type | Method and Description |
---|---|
static List<Object> |
handleKeyDistributionCenterResponse(String id,
byte[] key,
boolean isUser,
rst.domotic.authentication.TicketSessionKeyWrapperType.TicketSessionKeyWrapper wrapper)
Handles a KeyDistributionCenter (KDC) response
Decrypts the TicketGrantingServer (TGS) session key with client's hashed password
Creates an Authenticator containing the clientID and current timestamp encrypted with the TGS session key
|
static List<Object> |
handleKeyDistributionCenterResponse(String id,
byte[] userKey,
byte[] clientKey,
rst.domotic.authentication.TicketSessionKeyWrapperType.TicketSessionKeyWrapper wrapper)
Handles a KeyDistributionCenter (KDC) response
Decrypts the TicketGrantingServer (TGS) session key with client's hashed password
Creates an Authenticator containing the clientID and current timestamp encrypted with the TGS session key
|
static rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper |
handleServiceServerResponse(byte[] serviceServerSessionKey,
rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper lastWrapper,
rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper currentWrapper)
Handles a ServiceServer response
Decrypts Authenticator of both last- and currentWrapper with ServiceServerSessionKey
Compares timestamps of both Authenticators with each other
|
static List<Object> |
handleTicketGrantingServiceResponse(String clientID,
byte[] ticketGrantingServiceSessionKey,
rst.domotic.authentication.TicketSessionKeyWrapperType.TicketSessionKeyWrapper wrapper)
Handles a TicketGrantingService response
Decrypts the ServiceServer (SS) session key with TGS session key
Creates an Authenticator containing the clientID and empty timestamp encrypted with the SS session key
|
static rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper |
initServiceServerRequest(byte[] serviceServerSessionKey,
rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper wrapper)
Initializes a ServiceServer request by setting the current timestamp in the authenticator.
|
static void |
validateTimestamp(rst.timing.TimestampType.Timestamp now,
rst.timing.TimestampType.Timestamp then)
Validate if the timestamps are equal.
|
public static List<Object> handleKeyDistributionCenterResponse(String id, byte[] userKey, byte[] clientKey, rst.domotic.authentication.TicketSessionKeyWrapperType.TicketSessionKeyWrapper wrapper) throws IOException, BadPaddingException
id
- Identifier of the client or useruserKey
- hashed password or private key of userclientKey
- private key of the clientwrapper
- TicketSessionKeyWrapper containing the TicketGrantingTicket and TGS session keyBadPaddingException
- If the decryption of the session key fails, probably because the entered key was wrong.IOException
- If de- or encryption fail because of a general I/O error.public static List<Object> handleKeyDistributionCenterResponse(String id, byte[] key, boolean isUser, rst.domotic.authentication.TicketSessionKeyWrapperType.TicketSessionKeyWrapper wrapper) throws IOException, BadPaddingException
id
- Identifier of the client or userkey
- hashed password or private key of user respectivelyisUser
- true if ticket was requested for a user. This is important for the decryption method to be chosen.wrapper
- TicketSessionKeyWrapper containing the TicketGrantingTicket and TGS session keyBadPaddingException
- If the decryption of the session key fails, probably because the entered key was wrong.IOException
- If de- or encryption fail because of a general I/O error.public static List<Object> handleTicketGrantingServiceResponse(String clientID, byte[] ticketGrantingServiceSessionKey, rst.domotic.authentication.TicketSessionKeyWrapperType.TicketSessionKeyWrapper wrapper) throws IOException, BadPaddingException
clientID
- Identifier of the client - must be present in client databaseticketGrantingServiceSessionKey
- TGS session key provided by handleKDCResponse()wrapper
- TicketSessionKeyWrapper containing the ClientServerTicket and SS session keyIOException
- If de- or encryption fail because of a general I/O error.BadPaddingException
- If the decryption of the service server session key fails because of an incorrect key.public static rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper initServiceServerRequest(byte[] serviceServerSessionKey, rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper wrapper) throws IOException, BadPaddingException
serviceServerSessionKey
- SS session key provided by handleTGSResponse()wrapper
- TicketAuthenticatorWrapper wrapper that contains both encrypted Authenticator and CSTBadPaddingException
- If the decryption of the Authenticator fails.IOException
- If de- or encryption fail because of a general I/O error.public static rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper handleServiceServerResponse(byte[] serviceServerSessionKey, rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper lastWrapper, rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper currentWrapper) throws org.openbase.jul.exception.RejectedException, IOException, BadPaddingException
serviceServerSessionKey
- SS session key provided by handleTGSResponse()lastWrapper
- Last TicketAuthenticatorWrapper provided by either handleTGSResponse() or handleSSResponse()currentWrapper
- Current TicketAuthenticatorWrapper provided by (Remote?)org.openbase.jul.exception.RejectedException
- If the timestamps do not match.IOException
- If the decryption of the Authenticators using the SSSessionKey fails.BadPaddingException
- if an incorrect key is usedpublic static void validateTimestamp(rst.timing.TimestampType.Timestamp now, rst.timing.TimestampType.Timestamp then) throws org.openbase.jul.exception.RejectedException
now
- the first timestampthen
- the second timestamporg.openbase.jul.exception.RejectedException
- thrown if the timestamps have a different timeCopyright © 2017–2018 openbase.org. All rights reserved.