Updated dependencies for bouncycastle
This commit is contained in:
nathan
parent
4b1c491c21
commit
094bc76a6e
@ -31,7 +31,7 @@ import dorkbox.network.util.store.NullSettingsStore;
|
|||||||
import dorkbox.network.util.store.SettingsStore;
|
import dorkbox.network.util.store.SettingsStore;
|
||||||
import dorkbox.util.collections.IntMap;
|
import dorkbox.util.collections.IntMap;
|
||||||
import dorkbox.util.collections.IntMap.Entries;
|
import dorkbox.util.collections.IntMap.Entries;
|
||||||
import dorkbox.util.crypto.Crypto;
|
import dorkbox.util.crypto.CryptoECC;
|
||||||
import dorkbox.util.entropy.Entropy;
|
import dorkbox.util.entropy.Entropy;
|
||||||
import dorkbox.util.exceptions.InitializationException;
|
import dorkbox.util.exceptions.InitializationException;
|
||||||
import dorkbox.util.exceptions.SecurityException;
|
import dorkbox.util.exceptions.SecurityException;
|
||||||
@ -230,8 +230,8 @@ class EndPoint<C extends Connection> {
|
|||||||
SecureRandom secureRandom = new SecureRandom(seedBytes);
|
SecureRandom secureRandom = new SecureRandom(seedBytes);
|
||||||
secureRandom.nextBytes(seedBytes);
|
secureRandom.nextBytes(seedBytes);
|
||||||
|
|
||||||
this.logger.debug("Now generating ECC (" + Crypto.ECC.p521_curve + ") keys. Please wait!");
|
this.logger.debug("Now generating ECC (" + CryptoECC.p521_curve + ") keys. Please wait!");
|
||||||
AsymmetricCipherKeyPair generateKeyPair = Crypto.ECC.generateKeyPair(Crypto.ECC.p521_curve, secureRandom);
|
AsymmetricCipherKeyPair generateKeyPair = CryptoECC.generateKeyPair(CryptoECC.p521_curve, secureRandom);
|
||||||
|
|
||||||
privateKey = (ECPrivateKeyParameters) generateKeyPair.getPrivate();
|
privateKey = (ECPrivateKeyParameters) generateKeyPair.getPrivate();
|
||||||
publicKey = (ECPublicKeyParameters) generateKeyPair.getPublic();
|
publicKey = (ECPublicKeyParameters) generateKeyPair.getPublic();
|
||||||
@ -759,7 +759,7 @@ class EndPoint<C extends Connection> {
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else if (!Crypto.ECC.compare(this.privateKey, other.privateKey)) {
|
else if (!CryptoECC.compare(this.privateKey, other.privateKey)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
if (this.publicKey == null) {
|
if (this.publicKey == null) {
|
||||||
@ -767,7 +767,7 @@ class EndPoint<C extends Connection> {
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else if (!Crypto.ECC.compare(this.publicKey, other.publicKey)) {
|
else if (!CryptoECC.compare(this.publicKey, other.publicKey)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
return true;
|
return true;
|
||||||
|
|||||||
@ -15,7 +15,11 @@
|
|||||||
*/
|
*/
|
||||||
package dorkbox.network.connection;
|
package dorkbox.network.connection;
|
||||||
|
|
||||||
import com.esotericsoftware.kryo.*;
|
import com.esotericsoftware.kryo.ClassResolver;
|
||||||
|
import com.esotericsoftware.kryo.Kryo;
|
||||||
|
import com.esotericsoftware.kryo.KryoException;
|
||||||
|
import com.esotericsoftware.kryo.Registration;
|
||||||
|
import com.esotericsoftware.kryo.Serializer;
|
||||||
import com.esotericsoftware.kryo.factories.ReflectionSerializerFactory;
|
import com.esotericsoftware.kryo.factories.ReflectionSerializerFactory;
|
||||||
import com.esotericsoftware.kryo.factories.SerializerFactory;
|
import com.esotericsoftware.kryo.factories.SerializerFactory;
|
||||||
import com.esotericsoftware.kryo.io.Input;
|
import com.esotericsoftware.kryo.io.Input;
|
||||||
@ -24,13 +28,26 @@ import com.esotericsoftware.kryo.serializers.CollectionSerializer;
|
|||||||
import com.esotericsoftware.kryo.serializers.FieldSerializer;
|
import com.esotericsoftware.kryo.serializers.FieldSerializer;
|
||||||
import com.esotericsoftware.kryo.util.MapReferenceResolver;
|
import com.esotericsoftware.kryo.util.MapReferenceResolver;
|
||||||
import dorkbox.network.connection.ping.PingMessage;
|
import dorkbox.network.connection.ping.PingMessage;
|
||||||
import dorkbox.network.rmi.*;
|
import dorkbox.network.rmi.CachedMethod;
|
||||||
|
import dorkbox.network.rmi.InvokeMethod;
|
||||||
|
import dorkbox.network.rmi.InvokeMethodResult;
|
||||||
|
import dorkbox.network.rmi.InvokeMethodSerializer;
|
||||||
|
import dorkbox.network.rmi.RemoteInvocationHandler;
|
||||||
|
import dorkbox.network.rmi.RemoteObjectSerializer;
|
||||||
|
import dorkbox.network.rmi.RmiRegistration;
|
||||||
import dorkbox.network.util.CryptoSerializationManager;
|
import dorkbox.network.util.CryptoSerializationManager;
|
||||||
import dorkbox.util.crypto.Crypto;
|
import dorkbox.util.crypto.CryptoAES;
|
||||||
import dorkbox.util.objectPool.ObjectPool;
|
import dorkbox.util.objectPool.ObjectPool;
|
||||||
import dorkbox.util.objectPool.ObjectPoolFactory;
|
import dorkbox.util.objectPool.ObjectPoolFactory;
|
||||||
import dorkbox.util.objectPool.PoolableObject;
|
import dorkbox.util.objectPool.PoolableObject;
|
||||||
import dorkbox.util.serialization.*;
|
import dorkbox.util.serialization.ArraysAsListSerializer;
|
||||||
|
import dorkbox.util.serialization.EccPrivateKeySerializer;
|
||||||
|
import dorkbox.util.serialization.EccPublicKeySerializer;
|
||||||
|
import dorkbox.util.serialization.FieldAnnotationAwareSerializer;
|
||||||
|
import dorkbox.util.serialization.IesParametersSerializer;
|
||||||
|
import dorkbox.util.serialization.IesWithCipherParametersSerializer;
|
||||||
|
import dorkbox.util.serialization.IgnoreSerialization;
|
||||||
|
import dorkbox.util.serialization.UnmodifiableCollectionsSerializer;
|
||||||
import io.netty.buffer.ByteBuf;
|
import io.netty.buffer.ByteBuf;
|
||||||
import io.netty.buffer.ByteBufUtil;
|
import io.netty.buffer.ByteBufUtil;
|
||||||
import io.netty.handler.codec.compression.CompressionException;
|
import io.netty.handler.codec.compression.CompressionException;
|
||||||
@ -887,7 +904,7 @@ class KryoCryptoSerializationManager implements CryptoSerializationManager {
|
|||||||
logger2.trace("Encrypting data with - AES {}", connection);
|
logger2.trace("Encrypting data with - AES {}", connection);
|
||||||
}
|
}
|
||||||
|
|
||||||
Crypto.AES.encrypt(kryo.aesEngine, connection.getCryptoParameters(), bufferWithData, bufferTempData, length, logger);
|
CryptoAES.encrypt(kryo.aesEngine, connection.getCryptoParameters(), bufferWithData, bufferTempData, length, logger);
|
||||||
|
|
||||||
// swap buffers
|
// swap buffers
|
||||||
ByteBuf tmp = bufferWithData;
|
ByteBuf tmp = bufferWithData;
|
||||||
@ -962,7 +979,7 @@ class KryoCryptoSerializationManager implements CryptoSerializationManager {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// length-1 to adjust for the magic byte
|
// length-1 to adjust for the magic byte
|
||||||
Crypto.AES.decrypt(kryo.aesEngine, connection.getCryptoParameters(), bufferWithData, bufferTempData, length - 1, logger);
|
CryptoAES.decrypt(kryo.aesEngine, connection.getCryptoParameters(), bufferWithData, bufferTempData, length - 1, logger);
|
||||||
|
|
||||||
// correct which buffers are used
|
// correct which buffers are used
|
||||||
bufferWithData = bufferTempData;
|
bufferWithData = bufferTempData;
|
||||||
|
|||||||
@ -19,7 +19,7 @@ import dorkbox.network.connection.registration.MetaChannel;
|
|||||||
import dorkbox.network.pipeline.KryoEncoder;
|
import dorkbox.network.pipeline.KryoEncoder;
|
||||||
import dorkbox.network.pipeline.KryoEncoderCrypto;
|
import dorkbox.network.pipeline.KryoEncoderCrypto;
|
||||||
import dorkbox.util.collections.IntMap;
|
import dorkbox.util.collections.IntMap;
|
||||||
import dorkbox.util.crypto.Crypto;
|
import dorkbox.util.crypto.CryptoECC;
|
||||||
import dorkbox.util.exceptions.SecurityException;
|
import dorkbox.util.exceptions.SecurityException;
|
||||||
import org.bouncycastle.crypto.CipherParameters;
|
import org.bouncycastle.crypto.CipherParameters;
|
||||||
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
|
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
|
||||||
@ -188,7 +188,7 @@ class RegistrationWrapper<C extends Connection> implements UdpServer {
|
|||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
// COMPARE!
|
// COMPARE!
|
||||||
if (!Crypto.ECC.compare(publicKey, savedPublicKey)) {
|
if (!CryptoECC.compare(publicKey, savedPublicKey)) {
|
||||||
String byAddress;
|
String byAddress;
|
||||||
try {
|
try {
|
||||||
byAddress = InetAddress.getByAddress(hostAddress)
|
byAddress = InetAddress.getByAddress(hostAddress)
|
||||||
|
|||||||
@ -24,7 +24,8 @@ import dorkbox.network.connection.registration.Registration;
|
|||||||
import dorkbox.network.util.CryptoSerializationManager;
|
import dorkbox.network.util.CryptoSerializationManager;
|
||||||
import dorkbox.util.bytes.OptimizeUtilsByteArray;
|
import dorkbox.util.bytes.OptimizeUtilsByteArray;
|
||||||
import dorkbox.util.collections.IntMap;
|
import dorkbox.util.collections.IntMap;
|
||||||
import dorkbox.util.crypto.Crypto;
|
import dorkbox.util.crypto.CryptoAES;
|
||||||
|
import dorkbox.util.crypto.CryptoECC;
|
||||||
import dorkbox.util.exceptions.SecurityException;
|
import dorkbox.util.exceptions.SecurityException;
|
||||||
import dorkbox.util.serialization.EccPublicKeySerializer;
|
import dorkbox.util.serialization.EccPublicKeySerializer;
|
||||||
import io.netty.channel.Channel;
|
import io.netty.channel.Channel;
|
||||||
@ -49,7 +50,7 @@ public
|
|||||||
class RegistrationRemoteHandlerClientTCP<C extends Connection> extends RegistrationRemoteHandlerClient<C> {
|
class RegistrationRemoteHandlerClientTCP<C extends Connection> extends RegistrationRemoteHandlerClient<C> {
|
||||||
|
|
||||||
private static final String DELETE_IP = "eleteIP"; // purposefully missing the "D", since that is a system parameter, which starts with "-D"
|
private static final String DELETE_IP = "eleteIP"; // purposefully missing the "D", since that is a system parameter, which starts with "-D"
|
||||||
private static final ECParameterSpec eccSpec = ECNamedCurveTable.getParameterSpec(Crypto.ECC.p521_curve);
|
private static final ECParameterSpec eccSpec = ECNamedCurveTable.getParameterSpec(CryptoECC.p521_curve);
|
||||||
private final ThreadLocal<IESEngine> eccEngineLocal = new ThreadLocal<IESEngine>();
|
private final ThreadLocal<IESEngine> eccEngineLocal = new ThreadLocal<IESEngine>();
|
||||||
|
|
||||||
public
|
public
|
||||||
@ -98,7 +99,7 @@ class RegistrationRemoteHandlerClientTCP<C extends Connection> extends Registrat
|
|||||||
IESEngine getEccEngine() {
|
IESEngine getEccEngine() {
|
||||||
IESEngine iesEngine = this.eccEngineLocal.get();
|
IESEngine iesEngine = this.eccEngineLocal.get();
|
||||||
if (iesEngine == null) {
|
if (iesEngine == null) {
|
||||||
iesEngine = Crypto.ECC.createEngine();
|
iesEngine = CryptoECC.createEngine();
|
||||||
this.eccEngineLocal.set(iesEngine);
|
this.eccEngineLocal.set(iesEngine);
|
||||||
}
|
}
|
||||||
return iesEngine;
|
return iesEngine;
|
||||||
@ -207,7 +208,7 @@ class RegistrationRemoteHandlerClientTCP<C extends Connection> extends Registrat
|
|||||||
// setup crypto state
|
// setup crypto state
|
||||||
IESEngine decrypt = getEccEngine();
|
IESEngine decrypt = getEccEngine();
|
||||||
|
|
||||||
byte[] aesKeyBytes = Crypto.ECC.decrypt(decrypt,
|
byte[] aesKeyBytes = CryptoECC.decrypt(decrypt,
|
||||||
registrationWrapper2.getPrivateKey(),
|
registrationWrapper2.getPrivateKey(),
|
||||||
registration.publicKey,
|
registration.publicKey,
|
||||||
registration.eccParameters,
|
registration.eccParameters,
|
||||||
@ -223,7 +224,7 @@ class RegistrationRemoteHandlerClientTCP<C extends Connection> extends Registrat
|
|||||||
}
|
}
|
||||||
|
|
||||||
// now decrypt payload using AES
|
// now decrypt payload using AES
|
||||||
byte[] payload = Crypto.AES.decrypt(getAesEngine(), aesKeyBytes, registration.aesIV, registration.payload, logger);
|
byte[] payload = CryptoAES.decrypt(getAesEngine(), aesKeyBytes, registration.aesIV, registration.payload, logger);
|
||||||
|
|
||||||
if (payload.length == 0) {
|
if (payload.length == 0) {
|
||||||
logger2.error("Invalid decryption of payload. Aborting.");
|
logger2.error("Invalid decryption of payload. Aborting.");
|
||||||
@ -262,7 +263,7 @@ class RegistrationRemoteHandlerClientTCP<C extends Connection> extends Registrat
|
|||||||
|
|
||||||
// It is OK that we generate a new ECC keypair for ECDHE everytime that we connect. The server rotates keys every XXXX
|
// It is OK that we generate a new ECC keypair for ECDHE everytime that we connect. The server rotates keys every XXXX
|
||||||
// seconds, since this step is expensive.
|
// seconds, since this step is expensive.
|
||||||
metaChannel.ecdhKey = Crypto.ECC.generateKeyPair(eccSpec, new SecureRandom());
|
metaChannel.ecdhKey = CryptoECC.generateKeyPair(eccSpec, new SecureRandom());
|
||||||
|
|
||||||
// register the channel!
|
// register the channel!
|
||||||
try {
|
try {
|
||||||
@ -307,7 +308,7 @@ class RegistrationRemoteHandlerClientTCP<C extends Connection> extends Registrat
|
|||||||
Output output = new Output(1024);
|
Output output = new Output(1024);
|
||||||
EccPublicKeySerializer.write(output, (ECPublicKeyParameters) metaChannel.ecdhKey.getPublic());
|
EccPublicKeySerializer.write(output, (ECPublicKeyParameters) metaChannel.ecdhKey.getPublic());
|
||||||
byte[] pubKeyAsBytes = output.toBytes();
|
byte[] pubKeyAsBytes = output.toBytes();
|
||||||
register.payload = Crypto.AES.encrypt(getAesEngine(), aesKeyBytes, registration.aesIV, pubKeyAsBytes, logger);
|
register.payload = CryptoAES.encrypt(getAesEngine(), aesKeyBytes, registration.aesIV, pubKeyAsBytes, logger);
|
||||||
|
|
||||||
channel.writeAndFlush(register);
|
channel.writeAndFlush(register);
|
||||||
|
|
||||||
|
|||||||
@ -25,7 +25,7 @@ import dorkbox.network.util.CryptoSerializationManager;
|
|||||||
import dorkbox.util.bytes.OptimizeUtilsByteArray;
|
import dorkbox.util.bytes.OptimizeUtilsByteArray;
|
||||||
import dorkbox.util.collections.IntMap;
|
import dorkbox.util.collections.IntMap;
|
||||||
import dorkbox.util.collections.IntMap.Entries;
|
import dorkbox.util.collections.IntMap.Entries;
|
||||||
import dorkbox.util.crypto.Crypto;
|
import dorkbox.util.crypto.CryptoAES;
|
||||||
import io.netty.channel.Channel;
|
import io.netty.channel.Channel;
|
||||||
import io.netty.channel.ChannelHandlerContext;
|
import io.netty.channel.ChannelHandlerContext;
|
||||||
import io.netty.channel.ChannelPipeline;
|
import io.netty.channel.ChannelPipeline;
|
||||||
@ -149,7 +149,7 @@ class RegistrationRemoteHandlerClientUDP<C extends Connection> extends Registrat
|
|||||||
Registration registration = (Registration) message;
|
Registration registration = (Registration) message;
|
||||||
|
|
||||||
// now decrypt channelID using AES
|
// now decrypt channelID using AES
|
||||||
byte[] payload = Crypto.AES.decrypt(getAesEngine(), metaChannel.aesKey, metaChannel.aesIV, registration.payload, logger);
|
byte[] payload = CryptoAES.decrypt(getAesEngine(), metaChannel.aesKey, metaChannel.aesIV, registration.payload, logger);
|
||||||
|
|
||||||
OptimizeUtilsByteArray optimizeUtils = OptimizeUtilsByteArray.get();
|
OptimizeUtilsByteArray optimizeUtils = OptimizeUtilsByteArray.get();
|
||||||
if (!optimizeUtils.canReadInt(payload)) {
|
if (!optimizeUtils.canReadInt(payload)) {
|
||||||
|
|||||||
@ -23,7 +23,7 @@ import dorkbox.network.util.CryptoSerializationManager;
|
|||||||
import dorkbox.util.bytes.OptimizeUtilsByteArray;
|
import dorkbox.util.bytes.OptimizeUtilsByteArray;
|
||||||
import dorkbox.util.collections.IntMap;
|
import dorkbox.util.collections.IntMap;
|
||||||
import dorkbox.util.collections.IntMap.Entries;
|
import dorkbox.util.collections.IntMap.Entries;
|
||||||
import dorkbox.util.crypto.Crypto;
|
import dorkbox.util.crypto.CryptoAES;
|
||||||
import io.netty.channel.Channel;
|
import io.netty.channel.Channel;
|
||||||
import io.netty.channel.ChannelHandlerContext;
|
import io.netty.channel.ChannelHandlerContext;
|
||||||
import io.netty.util.ReferenceCountUtil;
|
import io.netty.util.ReferenceCountUtil;
|
||||||
@ -142,7 +142,7 @@ class RegistrationRemoteHandlerClientUDT<C extends Connection> extends Registrat
|
|||||||
Registration registration = (Registration) message;
|
Registration registration = (Registration) message;
|
||||||
|
|
||||||
// now decrypt channelID using AES
|
// now decrypt channelID using AES
|
||||||
byte[] payload = Crypto.AES.decrypt(getAesEngine(), metaChannel.aesKey, metaChannel.aesIV, registration.payload, logger);
|
byte[] payload = CryptoAES.decrypt(getAesEngine(), metaChannel.aesKey, metaChannel.aesIV, registration.payload, logger);
|
||||||
|
|
||||||
OptimizeUtilsByteArray optimizeUtils = OptimizeUtilsByteArray.get();
|
OptimizeUtilsByteArray optimizeUtils = OptimizeUtilsByteArray.get();
|
||||||
if (!optimizeUtils.canReadInt(payload)) {
|
if (!optimizeUtils.canReadInt(payload)) {
|
||||||
|
|||||||
@ -25,7 +25,8 @@ import dorkbox.network.util.CryptoSerializationManager;
|
|||||||
import dorkbox.util.MathUtil;
|
import dorkbox.util.MathUtil;
|
||||||
import dorkbox.util.bytes.OptimizeUtilsByteArray;
|
import dorkbox.util.bytes.OptimizeUtilsByteArray;
|
||||||
import dorkbox.util.collections.IntMap;
|
import dorkbox.util.collections.IntMap;
|
||||||
import dorkbox.util.crypto.Crypto;
|
import dorkbox.util.crypto.CryptoAES;
|
||||||
|
import dorkbox.util.crypto.CryptoECC;
|
||||||
import dorkbox.util.serialization.EccPublicKeySerializer;
|
import dorkbox.util.serialization.EccPublicKeySerializer;
|
||||||
import io.netty.channel.Channel;
|
import io.netty.channel.Channel;
|
||||||
import io.netty.channel.ChannelHandlerContext;
|
import io.netty.channel.ChannelHandlerContext;
|
||||||
@ -51,10 +52,10 @@ class RegistrationRemoteHandlerServerTCP<C extends Connection> extends Registrat
|
|||||||
|
|
||||||
private static final long ECDH_TIMEOUT = 10L * 60L * 60L * 1000L * 1000L * 1000L; // 10 minutes in nanoseconds
|
private static final long ECDH_TIMEOUT = 10L * 60L * 60L * 1000L * 1000L * 1000L; // 10 minutes in nanoseconds
|
||||||
|
|
||||||
private static final ECParameterSpec eccSpec = ECNamedCurveTable.getParameterSpec(Crypto.ECC.p521_curve);
|
private static final ECParameterSpec eccSpec = ECNamedCurveTable.getParameterSpec(CryptoECC.p521_curve);
|
||||||
private final Object ecdhKeyLock = new Object();
|
private final Object ecdhKeyLock = new Object();
|
||||||
private final ThreadLocal<IESEngine> eccEngineLocal = new ThreadLocal<IESEngine>();
|
private final ThreadLocal<IESEngine> eccEngineLocal = new ThreadLocal<IESEngine>();
|
||||||
private AsymmetricCipherKeyPair ecdhKeyPair = Crypto.ECC.generateKeyPair(eccSpec, new SecureRandom());
|
private AsymmetricCipherKeyPair ecdhKeyPair = CryptoECC.generateKeyPair(eccSpec, new SecureRandom());
|
||||||
private volatile long ecdhTimeout = System.nanoTime();
|
private volatile long ecdhTimeout = System.nanoTime();
|
||||||
|
|
||||||
|
|
||||||
@ -69,7 +70,7 @@ class RegistrationRemoteHandlerServerTCP<C extends Connection> extends Registrat
|
|||||||
IESEngine getEccEngine() {
|
IESEngine getEccEngine() {
|
||||||
IESEngine iesEngine = this.eccEngineLocal.get();
|
IESEngine iesEngine = this.eccEngineLocal.get();
|
||||||
if (iesEngine == null) {
|
if (iesEngine == null) {
|
||||||
iesEngine = Crypto.ECC.createEngine();
|
iesEngine = CryptoECC.createEngine();
|
||||||
this.eccEngineLocal.set(iesEngine);
|
this.eccEngineLocal.set(iesEngine);
|
||||||
}
|
}
|
||||||
return iesEngine;
|
return iesEngine;
|
||||||
@ -83,7 +84,7 @@ class RegistrationRemoteHandlerServerTCP<C extends Connection> extends Registrat
|
|||||||
if (System.nanoTime() - this.ecdhTimeout > ECDH_TIMEOUT) {
|
if (System.nanoTime() - this.ecdhTimeout > ECDH_TIMEOUT) {
|
||||||
synchronized (this.ecdhKeyLock) {
|
synchronized (this.ecdhKeyLock) {
|
||||||
this.ecdhTimeout = System.nanoTime();
|
this.ecdhTimeout = System.nanoTime();
|
||||||
this.ecdhKeyPair = Crypto.ECC.generateKeyPair(eccSpec, secureRandom);
|
this.ecdhKeyPair = CryptoECC.generateKeyPair(eccSpec, secureRandom);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -239,12 +240,12 @@ class RegistrationRemoteHandlerServerTCP<C extends Connection> extends Registrat
|
|||||||
IESEngine encrypt = getEccEngine();
|
IESEngine encrypt = getEccEngine();
|
||||||
|
|
||||||
register.publicKey = registrationWrapper2.getPublicKey();
|
register.publicKey = registrationWrapper2.getPublicKey();
|
||||||
register.eccParameters = Crypto.ECC.generateSharedParameters(secureRandom);
|
register.eccParameters = CryptoECC.generateSharedParameters(secureRandom);
|
||||||
|
|
||||||
// now we have to ENCRYPT the AES key!
|
// now we have to ENCRYPT the AES key!
|
||||||
register.eccParameters = Crypto.ECC.generateSharedParameters(secureRandom);
|
register.eccParameters = CryptoECC.generateSharedParameters(secureRandom);
|
||||||
register.aesIV = metaChannel.aesIV;
|
register.aesIV = metaChannel.aesIV;
|
||||||
register.aesKey = Crypto.ECC.encrypt(encrypt,
|
register.aesKey = CryptoECC.encrypt(encrypt,
|
||||||
registrationWrapper2.getPrivateKey(),
|
registrationWrapper2.getPrivateKey(),
|
||||||
metaChannel.publicKey,
|
metaChannel.publicKey,
|
||||||
register.eccParameters,
|
register.eccParameters,
|
||||||
@ -253,7 +254,7 @@ class RegistrationRemoteHandlerServerTCP<C extends Connection> extends Registrat
|
|||||||
|
|
||||||
|
|
||||||
// now encrypt payload via AES
|
// now encrypt payload via AES
|
||||||
register.payload = Crypto.AES.encrypt(getAesEngine(), metaChannel.aesKey, register.aesIV, combinedBytes, logger);
|
register.payload = CryptoAES.encrypt(getAesEngine(), metaChannel.aesKey, register.aesIV, combinedBytes, logger);
|
||||||
|
|
||||||
channel.writeAndFlush(register);
|
channel.writeAndFlush(register);
|
||||||
|
|
||||||
@ -276,7 +277,7 @@ class RegistrationRemoteHandlerServerTCP<C extends Connection> extends Registrat
|
|||||||
if (metaChannel.ecdhKey != null) {
|
if (metaChannel.ecdhKey != null) {
|
||||||
// now we have to decrypt the ECDH key using our TEMP AES keys
|
// now we have to decrypt the ECDH key using our TEMP AES keys
|
||||||
|
|
||||||
byte[] payload = Crypto.AES.decrypt(getAesEngine(),
|
byte[] payload = CryptoAES.decrypt(getAesEngine(),
|
||||||
metaChannel.aesKey,
|
metaChannel.aesKey,
|
||||||
metaChannel.aesIV,
|
metaChannel.aesIV,
|
||||||
registration.payload,
|
registration.payload,
|
||||||
|
|||||||
@ -27,7 +27,7 @@ import dorkbox.network.util.CryptoSerializationManager;
|
|||||||
import dorkbox.util.bytes.OptimizeUtilsByteArray;
|
import dorkbox.util.bytes.OptimizeUtilsByteArray;
|
||||||
import dorkbox.util.collections.IntMap;
|
import dorkbox.util.collections.IntMap;
|
||||||
import dorkbox.util.collections.IntMap.Entries;
|
import dorkbox.util.collections.IntMap.Entries;
|
||||||
import dorkbox.util.crypto.Crypto;
|
import dorkbox.util.crypto.CryptoAES;
|
||||||
import io.netty.buffer.ByteBuf;
|
import io.netty.buffer.ByteBuf;
|
||||||
import io.netty.buffer.Unpooled;
|
import io.netty.buffer.Unpooled;
|
||||||
import io.netty.channel.Channel;
|
import io.netty.channel.Channel;
|
||||||
@ -257,7 +257,7 @@ class RegistrationRemoteHandlerServerUDP<C extends Connection> extends MessageTo
|
|||||||
optimizeUtils.writeInt(idAsBytes, metaChannel.connectionID, true);
|
optimizeUtils.writeInt(idAsBytes, metaChannel.connectionID, true);
|
||||||
|
|
||||||
// now encrypt payload via AES
|
// now encrypt payload via AES
|
||||||
register.payload = Crypto.AES.encrypt(RegistrationRemoteHandler.getAesEngine(),
|
register.payload = CryptoAES.encrypt(RegistrationRemoteHandler.getAesEngine(),
|
||||||
metaChannel.aesKey,
|
metaChannel.aesKey,
|
||||||
metaChannel.aesIV,
|
metaChannel.aesIV,
|
||||||
idAsBytes,
|
idAsBytes,
|
||||||
|
|||||||
@ -23,7 +23,7 @@ import dorkbox.network.util.CryptoSerializationManager;
|
|||||||
import dorkbox.util.bytes.OptimizeUtilsByteArray;
|
import dorkbox.util.bytes.OptimizeUtilsByteArray;
|
||||||
import dorkbox.util.collections.IntMap;
|
import dorkbox.util.collections.IntMap;
|
||||||
import dorkbox.util.collections.IntMap.Entries;
|
import dorkbox.util.collections.IntMap.Entries;
|
||||||
import dorkbox.util.crypto.Crypto;
|
import dorkbox.util.crypto.CryptoAES;
|
||||||
import io.netty.channel.Channel;
|
import io.netty.channel.Channel;
|
||||||
import io.netty.channel.ChannelHandlerContext;
|
import io.netty.channel.ChannelHandlerContext;
|
||||||
import io.netty.util.ReferenceCountUtil;
|
import io.netty.util.ReferenceCountUtil;
|
||||||
@ -127,7 +127,7 @@ class RegistrationRemoteHandlerServerUDT<C extends Connection> extends Registrat
|
|||||||
optimizeUtils.writeInt(idAsBytes, metaChannel.connectionID, true);
|
optimizeUtils.writeInt(idAsBytes, metaChannel.connectionID, true);
|
||||||
|
|
||||||
// now encrypt payload via AES
|
// now encrypt payload via AES
|
||||||
register.payload = Crypto.AES.encrypt(RegistrationRemoteHandler.getAesEngine(),
|
register.payload = CryptoAES.encrypt(RegistrationRemoteHandler.getAesEngine(),
|
||||||
metaChannel.aesKey,
|
metaChannel.aesKey,
|
||||||
metaChannel.aesIV,
|
metaChannel.aesIV,
|
||||||
idAsBytes,
|
idAsBytes,
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user