View Javadoc

1   /*
2    * Copyright (c) 2014 Contextream, Inc. and others.  All rights reserved.
3    *
4    * This program and the accompanying materials are made available under the
5    * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6    * and is available at http://www.eclipse.org/legal/epl-v10.html
7    */
8   package org.opendaylight.lispflowmapping.implementation.authentication;
9   
10  import java.nio.ByteBuffer;
11  import java.security.InvalidKeyException;
12  import java.security.NoSuchAlgorithmException;
13  import java.util.Arrays;
14  
15  import javax.crypto.Mac;
16  import javax.crypto.spec.SecretKeySpec;
17  
18  import org.opendaylight.lispflowmapping.interfaces.lisp.ILispAuthentication;
19  import org.opendaylight.lispflowmapping.lisp.serializer.MapNotifySerializer;
20  import org.opendaylight.lispflowmapping.lisp.serializer.MapRegisterSerializer;
21  import org.opendaylight.yang.gen.v1.urn.opendaylight.lfm.lisp.proto.rev151105.MapNotify;
22  import org.opendaylight.yang.gen.v1.urn.opendaylight.lfm.lisp.proto.rev151105.MapRegister;
23  import org.slf4j.Logger;
24  import org.slf4j.LoggerFactory;
25  
26  public class LispMACAuthentication implements ILispAuthentication {
27  
28      protected static final Logger LOG = LoggerFactory.getLogger(LispMACAuthentication.class);
29  
30      protected String algorithm;
31      private byte[] tempAuthenticationData;
32      private int authenticationLength;
33  
34      public LispMACAuthentication(String algorithm) {
35          this.algorithm = algorithm;
36          try {
37              authenticationLength = Mac.getInstance(algorithm).getMacLength();
38              tempAuthenticationData = new byte[authenticationLength];
39          } catch (NoSuchAlgorithmException e) {
40              LOG.warn("No such MAC algorithm {}", algorithm, e);
41          }
42      }
43  
44      public boolean validate(MapRegister mapRegister, String key) {
45          if (key == null) {
46              LOG.warn("Authentication failed: mapping authentication password is null!");
47              return false;
48          }
49          ByteBuffer mapRegisterBuffer = MapRegisterSerializer.getInstance().serialize(mapRegister);
50          if (mapRegisterBuffer == null) {
51              return true;
52          }
53  
54          mapRegisterBuffer.position(MAP_REGISTER_AND_NOTIFY_AUTHENTICATION_POSITION);
55          mapRegisterBuffer.put(tempAuthenticationData);
56          mapRegisterBuffer.position(0);
57          return Arrays.equals(getAuthenticationData(mapRegisterBuffer.array(), key), mapRegister.getAuthenticationData());
58      }
59  
60      protected byte[] getAuthenticationData(byte[] data, String key) {
61          try {
62              byte[] keyBytes = key.getBytes();
63              SecretKeySpec signingKey = new SecretKeySpec(keyBytes, algorithm);
64              Mac mac = Mac.getInstance(algorithm);
65              mac.init(signingKey);
66  
67              return mac.doFinal(data);
68          } catch (InvalidKeyException e) {
69              LOG.warn("Invalid password {}", key, e);
70          } catch (NoSuchAlgorithmException e) {
71              LOG.warn("No such MAC algorithm {}", algorithm, e);
72          }
73          return null;
74      }
75  
76      public int getAuthenticationLength() {
77          return authenticationLength;
78      }
79  
80      public String getAlgorithm() {
81          return algorithm;
82      }
83  
84      public void setAlgorithm(String algorithm) {
85          this.algorithm = algorithm;
86      }
87  
88      public byte[] getAuthenticationData(MapNotify mapNotify, String key) {
89          return getAuthenticationData(MapNotifySerializer.getInstance().serialize(mapNotify).array(), key);
90      }
91  
92  }