public class AuthenticationServerHandler extends Object
Constructor and Description |
---|
AuthenticationServerHandler() |
Modifier and Type | Method and Description |
---|---|
static rst.timing.IntervalType.Interval |
getValidityInterval(long validityTime)
Generate an interval which begins now and has an end times 15 minutes from now.
|
static rst.domotic.authentication.TicketSessionKeyWrapperType.TicketSessionKeyWrapper |
handleKDCRequest(String id,
byte[] userKey,
byte[] clientKey,
String clientNetworkAddress,
byte[] ticketGrantingServiceSecretKey,
long validityTime)
Handles a Key Distribution Center (KDC) login request
Creates a Ticket Granting Server (TGS) session key that is encrypted by the client's password
Creates a Ticket Granting Ticket (TGT) that is encrypted by TGS private key
|
static rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper |
handleSSRequest(byte[] serviceServerSecretKey,
rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper wrapper,
long validityTime)
Handles a service method (Remote) request to Service Server (SS) (Manager).
|
static rst.domotic.authentication.TicketSessionKeyWrapperType.TicketSessionKeyWrapper |
handleTGSRequest(byte[] ticketGrantingServiceSecretKey,
byte[] serviceServerSecretKey,
rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper wrapper,
long validityTime)
Handles a Ticket Granting Service (TGS) request
Creates a Service Server (SS) session key that is encrypted with the TGS session key
Creates a Client Server Ticket (CST) that is encrypted by SS private key
|
static boolean |
isTimestampInInterval(rst.timing.TimestampType.Timestamp timestamp,
rst.timing.IntervalType.Interval interval)
Test if the timestamp lies in the interval
|
static void |
validateTicket(rst.domotic.authentication.TicketType.Ticket ticket,
rst.domotic.authentication.AuthenticatorType.Authenticator authenticator) |
public static rst.domotic.authentication.TicketSessionKeyWrapperType.TicketSessionKeyWrapper handleKDCRequest(String id, byte[] userKey, byte[] clientKey, String clientNetworkAddress, byte[] ticketGrantingServiceSecretKey, long validityTime) throws org.openbase.jul.exception.NotAvailableException, InterruptedException, org.openbase.jul.exception.CouldNotPerformException, IOException
id
- identifier of the client or useruserKey
- hashed password or public key of the userclientKey
- public key of the client respectivelyclientNetworkAddress
- Network address of clientticketGrantingServiceSecretKey
- TGS secret key generated by controller or saved somewhere in the systemvalidityTime
- the time in milliseconds from now how long the TGT is validorg.openbase.jul.exception.NotAvailableException
- Throws, if clientID was not found in databaseorg.openbase.jul.exception.CouldNotPerformException
- If the data for the remotes has not been synchronized yet.InterruptedException
- If the Registry thread is interrupted externally.IOException
- If an encryption operation fails because of a general I/O error.public static rst.domotic.authentication.TicketSessionKeyWrapperType.TicketSessionKeyWrapper handleTGSRequest(byte[] ticketGrantingServiceSecretKey, byte[] serviceServerSecretKey, rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper wrapper, long validityTime) throws org.openbase.jul.exception.RejectedException, IOException, BadPaddingException
ticketGrantingServiceSecretKey
- TGS secret key generated by controller or saved somewhere in the systemserviceServerSecretKey
- TGS secret key generated by controller or saved somewhere in the systemwrapper
- TicketAuthenticatorWrapperWrapper that contains both encrypted Authenticator and TGTvalidityTime
- time in milli seconds how long the new ticket is valid from now onorg.openbase.jul.exception.RejectedException
- If timestamp in Authenticator does not fit to time period in TGT
or, if clientID in Authenticator does not match clientID in TGTIOException
- If de- or encryption fail because of a general I/O error.BadPaddingException
- If the decryption of the Authenticator or TGT fails, probably because the wrong keys were used.public static rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper handleSSRequest(byte[] serviceServerSecretKey, rst.domotic.authentication.TicketAuthenticatorWrapperType.TicketAuthenticatorWrapper wrapper, long validityTime) throws org.openbase.jul.exception.RejectedException, IOException, BadPaddingException
serviceServerSecretKey
- SS secret key only known to SSwrapper
- TicketAuthenticatorWrapper wrapper that contains both encrypted Authenticator and TGTvalidityTime
- time in milli seconds how long the new ticket is valid from now onorg.openbase.jul.exception.RejectedException
- If timestamp in Authenticator does not fit to time period in TGT
or, if clientID in Authenticator does not match clientID in TGTIOException
- If de- or encryption fail because of a general I/O error.BadPaddingException
- If the decryption of the Authenticator or CST fails, probably because the wrong keys were used.public static void validateTicket(rst.domotic.authentication.TicketType.Ticket ticket, rst.domotic.authentication.AuthenticatorType.Authenticator authenticator) throws org.openbase.jul.exception.RejectedException
org.openbase.jul.exception.RejectedException
public static boolean isTimestampInInterval(rst.timing.TimestampType.Timestamp timestamp, rst.timing.IntervalType.Interval interval)
timestamp
- the timestamp checkedinterval
- the interval checkedpublic static rst.timing.IntervalType.Interval getValidityInterval(long validityTime)
validityTime
- the time in milli seconds how long the interval should go from nowCopyright © 2017–2018 openbase.org. All rights reserved.