stability fixes for Session.java

src/com/coder/client/Session.java

@@ -1,21 +1,28 @@
 package com.coder.client;
 
+import java.io.BufferedInputStream;
+import java.io.BufferedOutputStream;
 import java.io.IOException;
 import java.lang.reflect.Field;
 import java.net.Socket;
 import java.net.UnknownHostException;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.spec.InvalidKeySpecException;
 import java.util.HashSet;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
+import javax.crypto.NoSuchPaddingException;
+
+import zutil.Encrypter;
+import zutil.Hasher;
 import zutil.log.LogUtil;
 import zutil.parser.json.JSONObjectInputStream;
 import zutil.parser.json.JSONObjectOutputStream;
 
-import com.coder.server.message.AuthenticationChallengeMsg;
 import com.coder.server.message.AuthenticationReqMsg;
 import com.coder.server.message.AuthenticationRspMsg;
-import com.coder.server.message.AuthenticationSuccessMsg;
 import com.coder.server.message.CoderMessage;
 
 public class Session extends Thread {
@@ -72,7 +79,7 @@ public class Session extends Thread {
 		while(true){
 			CoderMessage msg;
 			try {
-				msg = readMsg();
+				msg = in.readGenericObject();
 			} catch (IOException e) {
 				close();
 				return;
@@ -110,7 +117,6 @@ public class Session extends Thread {
 	}
 	
 	public boolean authenticate(String username, String clearTextPassword) {
-		
 		logger.info("Authenticating session");
 		
 		if(socket == null){
@@ -118,26 +124,19 @@ public class Session extends Thread {
 			return false;
 		}
 		
+		if(authenticated){
+			logger.info("this session is already athenticated and cannot be reauthenticated.");
+			return true;
+		}
+		
+		try{
+			
 			///////////// CLEARTEXT CONNECTION //////////////////////
 	        
 			// We dont create any buffers here as these streams might be replaced by encrypted ones
-		try {
 			in = new JSONObjectInputStream(socket.getInputStream());
-		} catch (IOException e) {
-			logger.log(Level.SEVERE, null, e);
-			close();
-			return false;
-		}
 	        in.registerRootClass(CoderMessage.class);
-        in.registerClass("AuthenticationChallenge", AuthenticationChallengeMsg.class);
-        in.registerClass("AuthenticationSuccess", AuthenticationSuccessMsg.class);
-		try {
 			out = new JSONObjectOutputStream(socket.getOutputStream());
-		} catch (IOException e) {
-			logger.log(Level.SEVERE, null, e);
-			close();
-			return false;
-		}
 	        out.enableMetaData(false);
 			
 			//Send AuthenticationReq
@@ -145,24 +144,12 @@ public class Session extends Thread {
 			authReq.AuthenticationReq = new AuthenticationReqMsg();
 			authReq.AuthenticationReq.username = username;
 			logger.info("Sending AuthenticationReq");
-		try {
 			send(authReq);
-		} catch (IOException e) {
-			logger.log(Level.SEVERE, null, e);
-			close();
-			return false;
-		}
 	
 			//Receive AuthenticationChallenge
 			logger.info("Waiting for AuthenticationChallenge");
 			CoderMessage msg;
-		try {
-			msg = readMsg();
-		} catch (IOException e) {
-			logger.log(Level.SEVERE, null, e);
-			close();
-			return false;
-		}
+			msg = in.readGenericObject();
 			if(msg == null || msg.AuthenticationChallenge == null){
 				logger.severe("Expected message AuthenticationChallenge");
 				close();
@@ -172,15 +159,20 @@ public class Session extends Thread {
 			
 			// Setting up encryption
 			logger.info("Setting up encryption");
-		/*
-		String hashedPassword = Hasher.PBKDF2(clearTextPassword, "BYTESUT", AUTH_HASH_ITERATIONS);
+			String hashedPassword = Hasher.PBKDF2(clearTextPassword, username, AUTH_HASH_ITERATIONS);
 			String key = Hasher.PBKDF2(hashedPassword, msg.AuthenticationChallenge.salt, AUTH_HASH_ITERATIONS);
-        Encrypter crypto = new Encrypter(key, Encrypter.AES_ALGO);
+	        Encrypter crypto;
+			try {
+				crypto = new Encrypter(key, Encrypter.Algorithm.AES);
+			} catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeySpecException e) {
+				logger.log(Level.SEVERE, null, e);
+				close();
+				return false;
+			}
 			in = new JSONObjectInputStream(new BufferedInputStream(crypto.decrypt(socket.getInputStream())));
 			in.registerRootClass(CoderMessage.class);
 			out = new JSONObjectOutputStream(new BufferedOutputStream(crypto.encrypt(socket.getOutputStream())));
 	        out.enableMetaData(false);
-		*/
 	        
 	        ///////////// ENCRYPTED CONNECTION //////////////////////
 	        
@@ -189,22 +181,10 @@ public class Session extends Thread {
 	        authRsp.AuthenticationRsp = new AuthenticationRspMsg();
 	        authRsp.AuthenticationRsp.timestamp = System.currentTimeMillis();
 	        logger.info("Sending AuthenticationRsp");
-        try {
 			send(authRsp);
-		} catch (IOException e) {
-			logger.log(Level.SEVERE, null, e);
-			close();
-			return false;
-		}
 	
 			logger.info("Waiting for AuthenticationSuccess");
-        try {
-			msg = readMsg();
-		} catch (IOException e) {
-			logger.log(Level.SEVERE, null, e);
-			close();
-			return false;
-		}
+			msg = in.readGenericObject();
 	        if(msg == null || msg.AuthenticationSuccess == null){
 	        	logger.severe("Authentication failure");
 	        	close();
@@ -216,10 +196,11 @@ public class Session extends Thread {
 	        
 	        this.authenticated = true;
 	        return true;
+		}catch(IOException e){
+			logger.log(Level.SEVERE, null, e);
+			close();
+			return false;
 		}
-	
-	private CoderMessage readMsg() throws IOException {
-        return (CoderMessage) in.readObject();
     }
 	
 	private void handleMessage(CoderMessage msg){