Changeset 33672e6


Ignore:
Timestamp:
Jun 26, 2015 8:24:15 PM (6 years ago)
Author:
zzz <zzz@…>
Branches:
master
Children:
b82c1ea
Parents:
876729c
Message:

Add authorization
New PasswordManager? methods for use by SAM

Files:
4 edited

Legend:

Unmodified
Added
Removed
  • apps/sam/java/src/net/i2p/sam/SAMBridge.java

    r876729c r33672e6  
    8686    public static final String PROP_TCP_HOST = "sam.tcp.host";
    8787    public static final String PROP_TCP_PORT = "sam.tcp.port";
     88    public static final String PROP_AUTH = "sam.auth";
     89    public static final String PROP_PW_PREFIX = "sam.auth.";
     90    public static final String PROP_PW_SUFFIX = ".shash";
    8891    protected static final String DEFAULT_TCP_HOST = "127.0.0.1";
    8992    protected static final String DEFAULT_TCP_PORT = "7656";
  • apps/sam/java/src/net/i2p/sam/SAMHandlerFactory.java

    r876729c r33672e6  
    1919import net.i2p.data.DataHelper;
    2020import net.i2p.util.Log;
     21import net.i2p.util.PasswordManager;
    2122import net.i2p.util.VersionComparator;
    2223
     
    9495            return null;
    9596        }
     97
     98        if (Boolean.valueOf(i2cpProps.getProperty(SAMBridge.PROP_AUTH))) {
     99            String user = props.getProperty("USER");
     100            String pw = props.getProperty("PASSWORD");
     101            if (user == null || pw == null)
     102                throw new SAMException("USER and PASSWORD required");
     103            String savedPW = i2cpProps.getProperty(SAMBridge.PROP_PW_PREFIX + user + SAMBridge.PROP_PW_SUFFIX);
     104            if (savedPW == null)
     105                throw new SAMException("Authorization failed");
     106            PasswordManager pm = new PasswordManager(I2PAppContext.getGlobalContext());
     107            if (!pm.checkHash(savedPW, pw))
     108                throw new SAMException("Authorization failed");
     109        }
     110
    96111        // Let's answer positively
    97112        if (!SAMHandler.writeString("HELLO REPLY RESULT=OK VERSION=" + ver + "\n", s))
  • core/java/src/net/i2p/util/PasswordManager.java

    r876729c r33672e6  
    100100        if (shash == null)
    101101            return false;
     102        return checkHash(shash, pw);
     103    }
     104   
     105    /**
     106     *  Check pw against b64 salt+hash, as generated by createHash()
     107     *
     108     *  @param shash b64 string
     109     *  @param pw plain text non-null, already trimmed
     110     *  @return if pw verified
     111     *  @since 0.9.22
     112     */
     113    public boolean checkHash(String shash, String pw) {
    102114        byte[] shashBytes = Base64.decode(shash);
    103115        if (shashBytes == null || shashBytes.length != SHASH_LENGTH)
     
    111123    }
    112124   
     125    /**
     126     *  Create a salt+hash, to be saved and verified later by verifyHash().
     127     *
     128     *  @param pw plain text non-null, already trimmed
     129     *  @return salted+hash b64 string
     130     *  @since 0.9.22
     131     */
     132    public String createHash(String pw) {
     133        byte[] salt = new byte[SALT_LENGTH];
     134        _context.random().nextBytes(salt);
     135        byte[] pwHash = _context.keyGenerator().generateSessionKey(salt, DataHelper.getUTF8(pw)).getData();
     136        byte[] shashBytes = new byte[SHASH_LENGTH];
     137        System.arraycopy(salt, 0, shashBytes, 0, SALT_LENGTH);
     138        System.arraycopy(pwHash, 0, shashBytes, SALT_LENGTH, SessionKey.KEYSIZE_BYTES);
     139        return Base64.encode(shashBytes);
     140    }
     141
    113142    /**
    114143     *  Either plain or b64
  • router/java/src/net/i2p/router/util/RouterPasswordManager.java

    r876729c r33672e6  
    159159        if (user != null && user.length() > 0)
    160160            pfx += '.' + user;
    161         byte[] salt = new byte[SALT_LENGTH];
    162         _context.random().nextBytes(salt);
    163         byte[] pwHash = _context.keyGenerator().generateSessionKey(salt, DataHelper.getUTF8(pw)).getData();
    164         byte[] shashBytes = new byte[SHASH_LENGTH];
    165         System.arraycopy(salt, 0, shashBytes, 0, SALT_LENGTH);
    166         System.arraycopy(pwHash, 0, shashBytes, SALT_LENGTH, SessionKey.KEYSIZE_BYTES);
    167         String shash = Base64.encode(shashBytes);
     161        String shash = createHash(pw);
    168162        Map<String, String> toAdd = Collections.singletonMap(pfx + PROP_SHASH, shash);
    169163        List<String> toDel = new ArrayList<String>(4);
Note: See TracChangeset for help on using the changeset viewer.