OpenTTD Source 20241224-master-gf74b0cf984
|
Handler for servers using a X25519 key exchange to perform authentication via a set of authorized (public) keys of clients. More...
#include <network_crypto_internal.h>
Public Member Functions | |
X25519AuthorizedKeyServerHandler (const X25519SecretKey &secret_key, const NetworkAuthenticationAuthorizedKeyHandler *authorized_key_handler) | |
Create the handler that uses the given authorized keys to check against. | |
virtual void | SendRequest (struct Packet &p) override |
Create the request to send to the client. | |
virtual ResponseResult | ReceiveResponse (struct Packet &p) override |
Read the response from the client. | |
virtual std::string_view | GetName () const override |
Get the name of the handler for debug messages. | |
virtual NetworkAuthenticationMethod | GetAuthenticationMethod () const override |
Get the method this handler is providing functionality for. | |
virtual bool | CanBeUsed () const override |
Checks whether this handler can be used with the current configuration. | |
virtual std::string | GetPeerPublicKey () const override |
Get the public key the peer provided during the authentication. | |
virtual void | SendEnableEncryption (struct Packet &p) override |
Create the request to enable encryption to the client. | |
virtual std::unique_ptr< NetworkEncryptionHandler > | CreateClientToServerEncryptionHandler () const override |
Create a NetworkEncryptionHandler to encrypt or decrypt messages from the client to the server. | |
virtual std::unique_ptr< NetworkEncryptionHandler > | CreateServerToClientEncryptionHandler () const override |
Create a NetworkEncryptionHandler to encrypt or decrypt messages from the server to the client. | |
Private Attributes | |
const NetworkAuthenticationAuthorizedKeyHandler * | authorized_key_handler |
The handler of the authorized keys. | |
Additional Inherited Members | |
Public Types inherited from NetworkAuthenticationServerHandler | |
enum | ResponseResult { AUTHENTICATED , NOT_AUTHENTICATED , RETRY_NEXT_METHOD } |
The processing result of receiving a response. More... | |
Static Public Member Functions inherited from NetworkAuthenticationServerHandler | |
static std::unique_ptr< NetworkAuthenticationServerHandler > | Create (const NetworkAuthenticationPasswordProvider *password_provider, const NetworkAuthenticationAuthorizedKeyHandler *authorized_key_handler, NetworkAuthenticationMethodMask client_supported_method_mask=~static_cast< NetworkAuthenticationMethodMask >(0)) |
Create a NetworkAuthenticationServerHandler. | |
Protected Types inherited from NetworkAuthenticationServerHandler | |
enum | ResponseResult { AUTHENTICATED , NOT_AUTHENTICATED , RETRY_NEXT_METHOD } |
The processing result of receiving a response. More... | |
Protected Member Functions inherited from X25519AuthenticationHandler | |
X25519AuthenticationHandler (const X25519SecretKey &secret_key) | |
Create the handler, and generate the public keys accordingly. | |
void | SendRequest (struct Packet &p) |
bool | ReceiveRequest (struct Packet &p) |
Read the key exchange data from a Packet that came from the server,. | |
bool | SendResponse (struct Packet &p, std::string_view derived_key_extra_payload) |
Perform the key exchange, and when that is correct fill the Packet with the appropriate data. | |
NetworkAuthenticationServerHandler::ResponseResult | ReceiveResponse (struct Packet &p, std::string_view derived_key_extra_payload) |
Read the key exchange data from a Packet that came from the client, and check whether the client passes the key exchange successfully. | |
std::string | GetPeerPublicKey () const |
Get the public key the peer provided for the key exchange. | |
void | SendEnableEncryption (struct Packet &p) const |
Send the initial nonce for the encrypted connection. | |
bool | ReceiveEnableEncryption (struct Packet &p) |
Receive the initial nonce for the encrypted connection. | |
std::unique_ptr< NetworkEncryptionHandler > | CreateClientToServerEncryptionHandler () const |
std::unique_ptr< NetworkEncryptionHandler > | CreateServerToClientEncryptionHandler () const |
Static Protected Member Functions inherited from NetworkAuthenticationServerHandler | |
static std::unique_ptr< NetworkAuthenticationServerHandler > | Create (const NetworkAuthenticationPasswordProvider *password_provider, const NetworkAuthenticationAuthorizedKeyHandler *authorized_key_handler, NetworkAuthenticationMethodMask client_supported_method_mask=~static_cast< NetworkAuthenticationMethodMask >(0)) |
Create a NetworkAuthenticationServerHandler. | |
Handler for servers using a X25519 key exchange to perform authentication via a set of authorized (public) keys of clients.
This follows the method described in X25519AuthenticationHandler
. Once all these checks have succeeded, it will check whether the public key of the client is in the list of authorized keys to login.
Definition at line 271 of file network_crypto_internal.h.
|
inline |
Create the handler that uses the given authorized keys to check against.
secret_key | The secret key to initialize this handler with. |
authorized_key_handler | The handler of the authorized keys. |
Definition at line 280 of file network_crypto_internal.h.
|
inlineoverridevirtual |
Checks whether this handler can be used with the current configuration.
For example when there is no password, the handler cannot be used.
Implements NetworkAuthenticationServerHandler.
Definition at line 287 of file network_crypto_internal.h.
References NetworkAuthenticationAuthorizedKeyHandler::CanBeUsed().
|
inlineoverridevirtual |
Create a NetworkEncryptionHandler to encrypt or decrypt messages from the client to the server.
Implements NetworkAuthenticationHandler.
Definition at line 291 of file network_crypto_internal.h.
|
inlineoverridevirtual |
Create a NetworkEncryptionHandler to encrypt or decrypt messages from the server to the client.
Implements NetworkAuthenticationHandler.
Definition at line 292 of file network_crypto_internal.h.
|
inlineoverridevirtual |
Get the method this handler is providing functionality for.
NetworkAuthenticationMethod
. Implements NetworkAuthenticationHandler.
Definition at line 286 of file network_crypto_internal.h.
References NETWORK_AUTH_METHOD_X25519_AUTHORIZED_KEY.
|
inlineoverridevirtual |
Get the name of the handler for debug messages.
Implements NetworkAuthenticationHandler.
Definition at line 285 of file network_crypto_internal.h.
|
inlineoverridevirtual |
Get the public key the peer provided during the authentication.
Implements NetworkAuthenticationServerHandler.
Definition at line 289 of file network_crypto_internal.h.
References X25519AuthenticationHandler::GetPeerPublicKey().
Referenced by ReceiveResponse().
|
overridevirtual |
Read the response from the client.
p | The packet to read the response from. |
ResponseResult
describing the result. Implements NetworkAuthenticationServerHandler.
Definition at line 351 of file network_crypto.cpp.
References NetworkAuthenticationServerHandler::AUTHENTICATED, authorized_key_handler, GetPeerPublicKey(), NetworkAuthenticationAuthorizedKeyHandler::IsAllowed(), NetworkAuthenticationServerHandler::NOT_AUTHENTICATED, X25519AuthenticationHandler::peer_public_key, and X25519AuthenticationHandler::ReceiveResponse().
|
inlineoverridevirtual |
Create the request to enable encryption to the client.
p | The packet to write the enable encryption request to. |
Implements NetworkAuthenticationServerHandler.
Definition at line 290 of file network_crypto_internal.h.
References X25519AuthenticationHandler::SendEnableEncryption().
|
inlineoverridevirtual |
Create the request to send to the client.
p | The packet to write the request to. |
Implements NetworkAuthenticationServerHandler.
Definition at line 282 of file network_crypto_internal.h.
|
private |
The handler of the authorized keys.
Definition at line 273 of file network_crypto_internal.h.
Referenced by ReceiveResponse().