OpenTTD Source 20241224-master-gf74b0cf984
X25519AuthorizedKeyServerHandler Class Reference

Handler for servers using a X25519 key exchange to perform authentication via a set of authorized (public) keys of clients. More...

#include <network_crypto_internal.h>

Inheritance diagram for X25519AuthorizedKeyServerHandler:
X25519AuthenticationHandler NetworkAuthenticationServerHandler NetworkAuthenticationHandler

Public Member Functions

 X25519AuthorizedKeyServerHandler (const X25519SecretKey &secret_key, const NetworkAuthenticationAuthorizedKeyHandler *authorized_key_handler)
 Create the handler that uses the given authorized keys to check against.
 
virtual void SendRequest (struct Packet &p) override
 Create the request to send to the client.
 
virtual ResponseResult ReceiveResponse (struct Packet &p) override
 Read the response from the client.
 
virtual std::string_view GetName () const override
 Get the name of the handler for debug messages.
 
virtual NetworkAuthenticationMethod GetAuthenticationMethod () const override
 Get the method this handler is providing functionality for.
 
virtual bool CanBeUsed () const override
 Checks whether this handler can be used with the current configuration.
 
virtual std::string GetPeerPublicKey () const override
 Get the public key the peer provided during the authentication.
 
virtual void SendEnableEncryption (struct Packet &p) override
 Create the request to enable encryption to the client.
 
virtual std::unique_ptr< NetworkEncryptionHandlerCreateClientToServerEncryptionHandler () const override
 Create a NetworkEncryptionHandler to encrypt or decrypt messages from the client to the server.
 
virtual std::unique_ptr< NetworkEncryptionHandlerCreateServerToClientEncryptionHandler () const override
 Create a NetworkEncryptionHandler to encrypt or decrypt messages from the server to the client.
 

Private Attributes

const NetworkAuthenticationAuthorizedKeyHandlerauthorized_key_handler
 The handler of the authorized keys.
 

Additional Inherited Members

- Public Types inherited from NetworkAuthenticationServerHandler
enum  ResponseResult { AUTHENTICATED , NOT_AUTHENTICATED , RETRY_NEXT_METHOD }
 The processing result of receiving a response. More...
 
- Static Public Member Functions inherited from NetworkAuthenticationServerHandler
static std::unique_ptr< NetworkAuthenticationServerHandlerCreate (const NetworkAuthenticationPasswordProvider *password_provider, const NetworkAuthenticationAuthorizedKeyHandler *authorized_key_handler, NetworkAuthenticationMethodMask client_supported_method_mask=~static_cast< NetworkAuthenticationMethodMask >(0))
 Create a NetworkAuthenticationServerHandler.
 
- Protected Types inherited from NetworkAuthenticationServerHandler
enum  ResponseResult { AUTHENTICATED , NOT_AUTHENTICATED , RETRY_NEXT_METHOD }
 The processing result of receiving a response. More...
 
- Protected Member Functions inherited from X25519AuthenticationHandler
 X25519AuthenticationHandler (const X25519SecretKey &secret_key)
 Create the handler, and generate the public keys accordingly.
 
void SendRequest (struct Packet &p)
 
bool ReceiveRequest (struct Packet &p)
 Read the key exchange data from a Packet that came from the server,.
 
bool SendResponse (struct Packet &p, std::string_view derived_key_extra_payload)
 Perform the key exchange, and when that is correct fill the Packet with the appropriate data.
 
NetworkAuthenticationServerHandler::ResponseResult ReceiveResponse (struct Packet &p, std::string_view derived_key_extra_payload)
 Read the key exchange data from a Packet that came from the client, and check whether the client passes the key exchange successfully.
 
std::string GetPeerPublicKey () const
 Get the public key the peer provided for the key exchange.
 
void SendEnableEncryption (struct Packet &p) const
 Send the initial nonce for the encrypted connection.
 
bool ReceiveEnableEncryption (struct Packet &p)
 Receive the initial nonce for the encrypted connection.
 
std::unique_ptr< NetworkEncryptionHandlerCreateClientToServerEncryptionHandler () const
 
std::unique_ptr< NetworkEncryptionHandlerCreateServerToClientEncryptionHandler () const
 
- Static Protected Member Functions inherited from NetworkAuthenticationServerHandler
static std::unique_ptr< NetworkAuthenticationServerHandlerCreate (const NetworkAuthenticationPasswordProvider *password_provider, const NetworkAuthenticationAuthorizedKeyHandler *authorized_key_handler, NetworkAuthenticationMethodMask client_supported_method_mask=~static_cast< NetworkAuthenticationMethodMask >(0))
 Create a NetworkAuthenticationServerHandler.
 

Detailed Description

Handler for servers using a X25519 key exchange to perform authentication via a set of authorized (public) keys of clients.

This follows the method described in X25519AuthenticationHandler. Once all these checks have succeeded, it will check whether the public key of the client is in the list of authorized keys to login.

Definition at line 271 of file network_crypto_internal.h.

Constructor & Destructor Documentation

◆ X25519AuthorizedKeyServerHandler()

X25519AuthorizedKeyServerHandler::X25519AuthorizedKeyServerHandler ( const X25519SecretKey secret_key,
const NetworkAuthenticationAuthorizedKeyHandler authorized_key_handler 
)
inline

Create the handler that uses the given authorized keys to check against.

Parameters
secret_keyThe secret key to initialize this handler with.
authorized_key_handlerThe handler of the authorized keys.

Definition at line 280 of file network_crypto_internal.h.

Member Function Documentation

◆ CanBeUsed()

virtual bool X25519AuthorizedKeyServerHandler::CanBeUsed ( ) const
inlineoverridevirtual

Checks whether this handler can be used with the current configuration.

For example when there is no password, the handler cannot be used.

Returns
True when this handler can be used.

Implements NetworkAuthenticationServerHandler.

Definition at line 287 of file network_crypto_internal.h.

References NetworkAuthenticationAuthorizedKeyHandler::CanBeUsed().

◆ CreateClientToServerEncryptionHandler()

virtual std::unique_ptr< NetworkEncryptionHandler > X25519AuthorizedKeyServerHandler::CreateClientToServerEncryptionHandler ( ) const
inlineoverridevirtual

Create a NetworkEncryptionHandler to encrypt or decrypt messages from the client to the server.

Returns
The handler for the client to server encryption.

Implements NetworkAuthenticationHandler.

Definition at line 291 of file network_crypto_internal.h.

◆ CreateServerToClientEncryptionHandler()

virtual std::unique_ptr< NetworkEncryptionHandler > X25519AuthorizedKeyServerHandler::CreateServerToClientEncryptionHandler ( ) const
inlineoverridevirtual

Create a NetworkEncryptionHandler to encrypt or decrypt messages from the server to the client.

Returns
The handler for the server to client encryption.

Implements NetworkAuthenticationHandler.

Definition at line 292 of file network_crypto_internal.h.

◆ GetAuthenticationMethod()

virtual NetworkAuthenticationMethod X25519AuthorizedKeyServerHandler::GetAuthenticationMethod ( ) const
inlineoverridevirtual

Get the method this handler is providing functionality for.

Returns
The NetworkAuthenticationMethod.

Implements NetworkAuthenticationHandler.

Definition at line 286 of file network_crypto_internal.h.

References NETWORK_AUTH_METHOD_X25519_AUTHORIZED_KEY.

◆ GetName()

virtual std::string_view X25519AuthorizedKeyServerHandler::GetName ( ) const
inlineoverridevirtual

Get the name of the handler for debug messages.

Returns
The name of the handler.

Implements NetworkAuthenticationHandler.

Definition at line 285 of file network_crypto_internal.h.

◆ GetPeerPublicKey()

virtual std::string X25519AuthorizedKeyServerHandler::GetPeerPublicKey ( ) const
inlineoverridevirtual

Get the public key the peer provided during the authentication.

Returns
The hexadecimal string representation of the peer's public key.

Implements NetworkAuthenticationServerHandler.

Definition at line 289 of file network_crypto_internal.h.

References X25519AuthenticationHandler::GetPeerPublicKey().

Referenced by ReceiveResponse().

◆ ReceiveResponse()

NetworkAuthenticationServerHandler::ResponseResult X25519AuthorizedKeyServerHandler::ReceiveResponse ( struct Packet p)
overridevirtual

◆ SendEnableEncryption()

virtual void X25519AuthorizedKeyServerHandler::SendEnableEncryption ( struct Packet p)
inlineoverridevirtual

Create the request to enable encryption to the client.

Parameters
pThe packet to write the enable encryption request to.

Implements NetworkAuthenticationServerHandler.

Definition at line 290 of file network_crypto_internal.h.

References X25519AuthenticationHandler::SendEnableEncryption().

◆ SendRequest()

virtual void X25519AuthorizedKeyServerHandler::SendRequest ( struct Packet p)
inlineoverridevirtual

Create the request to send to the client.

Parameters
pThe packet to write the request to.

Implements NetworkAuthenticationServerHandler.

Definition at line 282 of file network_crypto_internal.h.

Field Documentation

◆ authorized_key_handler

const NetworkAuthenticationAuthorizedKeyHandler* X25519AuthorizedKeyServerHandler::authorized_key_handler
private

The handler of the authorized keys.

Definition at line 273 of file network_crypto_internal.h.

Referenced by ReceiveResponse().


The documentation for this class was generated from the following files: