0
|
1 // Copyright (C) 2010, 2011, 2012, 2013 GlavSoft LLC.
|
|
2 // All rights reserved.
|
|
3 //
|
|
4 //-------------------------------------------------------------------------
|
|
5 // This file is part of the TightVNC software. Please visit our Web site:
|
|
6 //
|
|
7 // http://www.tightvnc.com/
|
|
8 //
|
|
9 // This program is free software; you can redistribute it and/or modify
|
|
10 // it under the terms of the GNU General Public License as published by
|
|
11 // the Free Software Foundation; either version 2 of the License, or
|
|
12 // (at your option) any later version.
|
|
13 //
|
|
14 // This program is distributed in the hope that it will be useful,
|
|
15 // but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
16 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
17 // GNU General Public License for more details.
|
|
18 //
|
|
19 // You should have received a copy of the GNU General Public License along
|
|
20 // with this program; if not, write to the Free Software Foundation, Inc.,
|
|
21 // 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
22 //-------------------------------------------------------------------------
|
|
23 //
|
|
24
|
|
25 package com.glavsoft.rfb.protocol.auth;
|
|
26
|
|
27 import com.glavsoft.exceptions.CryptoException;
|
|
28 import com.glavsoft.exceptions.FatalException;
|
|
29 import com.glavsoft.exceptions.TransportException;
|
|
30 import com.glavsoft.rfb.CapabilityContainer;
|
|
31 import com.glavsoft.rfb.IPasswordRetriever;
|
|
32 import com.glavsoft.transport.Reader;
|
|
33 import com.glavsoft.transport.Writer;
|
|
34
|
|
35 import javax.crypto.*;
|
|
36 import javax.crypto.spec.DESKeySpec;
|
|
37 import java.security.InvalidKeyException;
|
|
38 import java.security.NoSuchAlgorithmException;
|
|
39 import java.security.spec.InvalidKeySpecException;
|
|
40
|
|
41 public class VncAuthentication extends AuthHandler {
|
|
42 @Override
|
|
43 public SecurityType getType() {
|
|
44 return SecurityType.VNC_AUTHENTICATION;
|
|
45 }
|
|
46
|
|
47 @Override
|
|
48 public boolean authenticate(Reader reader,
|
|
49 Writer writer, CapabilityContainer authCaps, IPasswordRetriever passwordRetriever)
|
|
50 throws TransportException, FatalException {
|
|
51 byte [] challenge = reader.readBytes(16);
|
|
52 String password = passwordRetriever.getPassword();
|
|
53 if (null == password) return false;
|
|
54 byte [] key = new byte[8];
|
|
55 System.arraycopy(password.getBytes(), 0, key, 0, Math.min(key.length, password.getBytes().length));
|
|
56 writer.write(encrypt(challenge, key));
|
|
57 return false;
|
|
58 }
|
|
59
|
|
60 /**
|
|
61 * Encript challenge by key using DES
|
|
62 * @return encripted bytes
|
|
63 * @throws CryptoException on problem with DES algorithm support or smth about
|
|
64 */
|
|
65 public byte[] encrypt(byte[] challenge, byte[] key) throws CryptoException {
|
|
66 try {
|
|
67 DESKeySpec desKeySpec = new DESKeySpec(mirrorBits(key));
|
|
68 SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");
|
|
69 SecretKey secretKey = keyFactory.generateSecret(desKeySpec);
|
|
70 Cipher desCipher = Cipher.getInstance("DES/ECB/NoPadding");
|
|
71 desCipher.init(Cipher.ENCRYPT_MODE, secretKey);
|
|
72 return desCipher.doFinal(challenge);
|
|
73 } catch (NoSuchAlgorithmException e) {
|
|
74 throw new CryptoException("Cannot encrypt challenge", e);
|
|
75 } catch (NoSuchPaddingException e) {
|
|
76 throw new CryptoException("Cannot encrypt challenge", e);
|
|
77 } catch (IllegalBlockSizeException e) {
|
|
78 throw new CryptoException("Cannot encrypt challenge", e);
|
|
79 } catch (BadPaddingException e) {
|
|
80 throw new CryptoException("Cannot encrypt challenge", e);
|
|
81 } catch (InvalidKeyException e) {
|
|
82 throw new CryptoException("Cannot encrypt challenge", e);
|
|
83 } catch (InvalidKeySpecException e) {
|
|
84 throw new CryptoException("Cannot encrypt challenge", e);
|
|
85 }
|
|
86 }
|
|
87
|
|
88 private byte[] mirrorBits(byte[] k) {
|
|
89 byte[] key = new byte[8];
|
|
90 for (int i = 0; i < 8; i++) {
|
|
91 byte s = k[i];
|
|
92 s = (byte) (((s >> 1) & 0x55) | ((s << 1) & 0xaa));
|
|
93 s = (byte) (((s >> 2) & 0x33) | ((s << 2) & 0xcc));
|
|
94 s = (byte) (((s >> 4) & 0x0f) | ((s << 4) & 0xf0));
|
|
95 key[i] = s;
|
|
96 }
|
|
97 return key;
|
|
98 }
|
|
99
|
|
100 }
|