diff --git a/src/com/coder/client/CoderClient.java b/src/com/coder/client/CoderClient.java old mode 100644 new mode 100755 diff --git a/src/com/coder/client/Session.java b/src/com/coder/client/Session.java old mode 100644 new mode 100755 index 4548ca6..93d2e25 --- a/src/com/coder/client/Session.java +++ b/src/com/coder/client/Session.java @@ -7,6 +7,7 @@ import java.util.HashSet; import java.util.logging.Level; import java.util.logging.Logger; +import zutil.Hasher; import zutil.log.LogUtil; import zutil.parser.json.JSONObjectInputStream; import zutil.parser.json.JSONObjectOutputStream; @@ -17,8 +18,9 @@ import com.coder.server.message.CoderMessage; public class Session extends Thread { public static final Logger logger = LogUtil.getLogger(); - - private HashSet messageReceivedlisteners = new HashSet(); + private static final int AUTH_HASH_ITERATIONS = 500; + + private HashSet messageReceivedlisteners = new HashSet(); private boolean authenticated = false; private Socket socket; @@ -157,11 +159,10 @@ public class Session extends Thread { logger.fine("Received AuthenticationChallenge"); // Setting up encryption - /* - logger.fine("Setting up encryption"); + //logger.fine("Setting up encryption"); String hashedPassword = Hasher.PBKDF2(new String(clearTextPassword), username, AUTH_HASH_ITERATIONS); String key = Hasher.PBKDF2(hashedPassword, msg.AuthenticationChallenge.salt, AUTH_HASH_ITERATIONS); - Encrypter crypto; + /*Encrypter crypto; try { crypto = new Encrypter(key, Encrypter.Algorithm.AES); } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeySpecException e) { @@ -181,6 +182,8 @@ public class Session extends Thread { CoderMessage authRsp = new CoderMessage(); authRsp.AuthenticationRsp = new AuthenticationRspMsg(); authRsp.AuthenticationRsp.timestamp = System.currentTimeMillis(); + authRsp.AuthenticationRsp.hash = Hasher.PBKDF2( + hashedPassword, msg.AuthenticationChallenge.salt, AUTH_HASH_ITERATIONS); logger.fine("Sending AuthenticationRsp"); send(authRsp);