server side checks
This commit is contained in:
parent
8d227b26d3
commit
661e783f24
8 changed files with 255 additions and 89 deletions
|
|
@ -5,6 +5,12 @@ import java.io.FileInputStream;
|
|||
import java.io.FileOutputStream;
|
||||
import java.io.IOException;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.time.Instant;
|
||||
import java.time.LocalDate;
|
||||
import java.time.LocalTime;
|
||||
import java.time.ZoneId;
|
||||
import java.time.ZoneOffset;
|
||||
import java.time.ZonedDateTime;
|
||||
import java.util.Base64;
|
||||
import java.util.Properties;
|
||||
|
||||
|
|
@ -34,7 +40,7 @@ public class LicenseRest {
|
|||
String[] split = payload.split("\\.");
|
||||
File directory = new File(licenseDirectory);
|
||||
|
||||
// TODO: extract ID, encrypted message and signature
|
||||
// extract ID, encrypted message and signature
|
||||
final var id = new String(Base64.getUrlDecoder().decode(split[0]), StandardCharsets.UTF_8);
|
||||
final var encrypted = split[1];
|
||||
final var signature = split[2];
|
||||
|
|
@ -58,33 +64,55 @@ public class LicenseRest {
|
|||
KeyUtils.stringToPublicKey(props.getProperty("sender-public-key"))));
|
||||
System.out.println("Decrypted: " + decrypted);
|
||||
|
||||
// TODO: verify signature
|
||||
// verify signature
|
||||
boolean isVerified = KeyUtils.verifySignature(decrypted, signature,
|
||||
KeyUtils.stringToPublicKey(props.getProperty("sender-public-key")));
|
||||
System.out.println("Is verified? " + isVerified);
|
||||
|
||||
// TODO: parse data
|
||||
if (!isVerified) {
|
||||
throw new RuntimeException("Invalid signature!");
|
||||
}
|
||||
// parse data
|
||||
final var decryptedSplit = decrypted.split("\\:");
|
||||
final var currentSenderIndex = decryptedSplit[0];
|
||||
final var timestamp = Long.valueOf(decryptedSplit[1]);
|
||||
final var currentLocalIndex = props.getProperty("index");
|
||||
// TODO: check current local index if it matches with current sender index
|
||||
|
||||
// check current local index if it matches with current sender index
|
||||
final var nextLocalIndex = DeterministicHexSequenceWithTimestamp
|
||||
.nextValueString(props.getProperty("index"), timestamp);
|
||||
System.out.println("Current sender index: " + currentSenderIndex + " timestamp = " + timestamp
|
||||
+ " current local index = " + currentLocalIndex + " next index = " + nextLocalIndex);
|
||||
|
||||
// TODO: veryfy current index match, increment index using timestamp then send
|
||||
// new index in response.
|
||||
setExpiration(Instant.ofEpochMilli(timestamp));
|
||||
|
||||
// veryfy current index match, increment index using timestamp then send new
|
||||
// index in response.
|
||||
if (!currentSenderIndex.equals(currentLocalIndex)) {
|
||||
throw new RuntimeException("Invalid current index!");
|
||||
}
|
||||
System.out.println("Props: " + props);
|
||||
System.out.println(props.getProperty("index"));
|
||||
if (!StringUtils.hasText(props.getProperty("index"))) {
|
||||
props.setProperty("index", "1A3F");
|
||||
saveProperties(filePath, props);
|
||||
} else {
|
||||
props.setProperty("index", DeterministicHexSequenceWithTimestamp
|
||||
.nextValueString(props.getProperty("index"), 0));
|
||||
props.setProperty("index", nextLocalIndex);
|
||||
saveProperties(filePath, props);
|
||||
|
||||
final var messageResponse = nextLocalIndex + ":"
|
||||
+ setExpiration(Instant.ofEpochMilli(timestamp)).toEpochMilli();
|
||||
final var encryptedDataResponse = KeyUtils.encryptDataWithAESGCM(messageResponse,
|
||||
KeyUtils.generateSharedSecret(
|
||||
KeyUtils.stringToPrivateKey(props.getProperty("receiver-private-key")),
|
||||
KeyUtils.stringToPublicKey(props.getProperty("sender-public-key"))));
|
||||
|
||||
final var encryptedResponse = Base64.getUrlEncoder()
|
||||
.encodeToString(encryptedDataResponse);
|
||||
final var signatureResponse = KeyUtils.signMessage(messageResponse,
|
||||
KeyUtils.stringToPrivateKey(props.getProperty("receiver-private-key")));
|
||||
return encryptedResponse + "." + signatureResponse;
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -108,4 +136,21 @@ public class LicenseRest {
|
|||
}
|
||||
}
|
||||
|
||||
public Instant setExpiration(Instant now) {
|
||||
|
||||
// Convert Instant to LocalDate in a specific time zone
|
||||
ZoneId zoneId = ZoneId.systemDefault(); // Change if needed
|
||||
LocalDate localDate = now.atZone(zoneId).toLocalDate();
|
||||
|
||||
// Set the time to 23:59:59.999999999
|
||||
LocalTime endOfDay = LocalTime.MAX; // Equivalent to 23:59:59.999999999
|
||||
ZonedDateTime endOfDayZoned = ZonedDateTime.of(localDate, endOfDay, ZoneOffset.UTC);
|
||||
|
||||
System.out.println("Now: " + now);
|
||||
System.out.println("End of Day: " + endOfDayZoned);
|
||||
|
||||
// Convert back to Instant
|
||||
return endOfDayZoned.toInstant();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,5 +4,6 @@ server.ssl.key-store=classpath:server.jks
|
|||
server.ssl.key-store-password=test
|
||||
server.ssl.key-store-type=JKS
|
||||
server.ssl.key-alias=torsim-license-server
|
||||
#server.ssl.key-alias=torsim-license-server-dummy
|
||||
|
||||
license-folder=${user.home}/test/license/server
|
||||
Binary file not shown.
Loading…
Add table
Add a link
Reference in a new issue