HandshakeCommon.java example

Explorer
sandbox-master
- Terasology-master
/*
 * Copyright 2013 MovingBlocks
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.terasology.network.internal;

import com.google.common.primitives.Bytes;
import org.terasology.identity.IdentityConstants;
import org.terasology.identity.SecretGenerator;
import org.terasology.protobuf.NetData;

import javax.crypto.spec.SecretKeySpec;

/**
 * Common methods for both server and client ends of the authentication handshake
 */
public final class HandshakeCommon {

    private HandshakeCommon() {
    }

    /**
     * Generates the master secret, a common secret between the server and client used to generate a symmetric encryption key
     *
     * @param preMasterSecret
     * @param clientRandom
     * @param serverRandom
     * @return
     */
    public static byte[] generateMasterSecret(byte[] preMasterSecret, byte[] clientRandom, byte[] serverRandom) {
        return SecretGenerator.generate(preMasterSecret, SecretGenerator.MASTER_SECRET_LABEL, Bytes.concat(clientRandom, serverRandom), SecretGenerator.MASTER_SECRET_LENGTH);
    }

    /**
     * Generates a symmetric encryption key from the master secret
     *
     * @param masterSecret
     * @param clientRandom
     * @param serverRandom
     * @return
     */
    public static SecretKeySpec generateSymmetricKey(byte[] masterSecret, byte[] clientRandom, byte[] serverRandom) {
        return new SecretKeySpec(SecretGenerator.generate(masterSecret, SecretGenerator.KEY_EXPANSION,
                Bytes.concat(clientRandom, serverRandom), IdentityConstants.SYMMETRIC_ENCRYPTION_KEY_LENGTH), IdentityConstants.SYMMETRIC_ENCRYPTION_ALGORITHM);
    }

    /**
     * Create a set of data to sign to bu
     *
     * @param serverHello
     * @param clientHello
     * @return
     */
    public static byte[] getSignatureData(NetData.HandshakeHello serverHello, NetData.HandshakeHello clientHello) {
        return Bytes.concat(serverHello.toByteArray(), clientHello.toByteArray());
    }
}