From 4d9b066060bd78243616cb6f1fbdf0d06b09cbe7 Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Mon, 5 Dec 2016 11:47:09 +0300
Subject: juick-xmpp: dialback refactoring

---
 .../java/com/juick/components/s2s/Connection.java    | 20 +++-----------------
 .../java/com/juick/components/s2s/ConnectionIn.java  |  4 ++--
 .../java/com/juick/components/s2s/ConnectionOut.java |  5 ++++-
 .../com/juick/components/s2s/util/DialbackUtils.java | 14 ++++++++++++++
 4 files changed, 23 insertions(+), 20 deletions(-)
 create mode 100644 juick-xmpp/src/main/java/com/juick/components/s2s/util/DialbackUtils.java

diff --git a/juick-xmpp/src/main/java/com/juick/components/s2s/Connection.java b/juick-xmpp/src/main/java/com/juick/components/s2s/Connection.java
index 4a39ffb5..67953b76 100644
--- a/juick-xmpp/src/main/java/com/juick/components/s2s/Connection.java
+++ b/juick-xmpp/src/main/java/com/juick/components/s2s/Connection.java
@@ -1,14 +1,15 @@
 package com.juick.components.s2s;
 
 import com.juick.components.XMPPServer;
+import org.apache.commons.codec.digest.DigestUtils;
+import org.apache.commons.codec.digest.HmacUtils;
+import org.apache.commons.lang3.RandomStringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.xmlpull.mxp1.MXParser;
 import org.xmlpull.v1.XmlPullParser;
 import org.xmlpull.v1.XmlPullParserException;
 
-import javax.crypto.Mac;
-import javax.crypto.spec.SecretKeySpec;
 import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.TrustManager;
@@ -117,21 +118,6 @@ public class Connection {
         }
     }
 
-    static String generateDialbackKey(String to, String from, String id) throws Exception {
-        Mac hmacSha256 = Mac.getInstance("hmacSHA256");
-
-        SecretKeySpec secret_key = new SecretKeySpec("$UppPerSeCCret4".getBytes(), "SHA-256");
-        hmacSha256.init(secret_key);
-        byte key[] = hmacSha256.doFinal((to + " " + from + " " + id).getBytes());
-
-        StringBuilder hexkey = new StringBuilder();
-        for (int i = 0; i < key.length; i++) {
-            hexkey.append(Integer.toHexString(0xFF & key[i]));
-        }
-
-        return hexkey.toString();
-    }
-
     public boolean isSecured() {
         return secured;
     }
diff --git a/juick-xmpp/src/main/java/com/juick/components/s2s/ConnectionIn.java b/juick-xmpp/src/main/java/com/juick/components/s2s/ConnectionIn.java
index 2f007008..344cc7c1 100644
--- a/juick-xmpp/src/main/java/com/juick/components/s2s/ConnectionIn.java
+++ b/juick-xmpp/src/main/java/com/juick/components/s2s/ConnectionIn.java
@@ -100,8 +100,8 @@ public class ConnectionIn extends Connection implements Runnable {
                     updateTsRemoteData();
                     boolean valid = false;
                     if (vfrom != null && vto != null && vid != null && vkey != null) {
-                        String vkey2 = generateDialbackKey(vfrom, vto, vid);
-                        valid = vkey.equals(vkey2);
+                        String dialbackKey = xmpp.getConnectionOut(vfrom, false).dbKey;
+                        valid = vkey.equals(dialbackKey);
                     }
                     if (valid) {
                         sendStanza("<db:verify from='" + vto + "' to='" + vfrom + "' id='" + vid + "' type='valid'/>");
diff --git a/juick-xmpp/src/main/java/com/juick/components/s2s/ConnectionOut.java b/juick-xmpp/src/main/java/com/juick/components/s2s/ConnectionOut.java
index 5b1da316..7a6ae122 100644
--- a/juick-xmpp/src/main/java/com/juick/components/s2s/ConnectionOut.java
+++ b/juick-xmpp/src/main/java/com/juick/components/s2s/ConnectionOut.java
@@ -1,8 +1,10 @@
 package com.juick.components.s2s;
 
 import com.juick.components.XMPPServer;
+import com.juick.components.s2s.util.DialbackUtils;
 import com.juick.xmpp.extensions.StreamFeatures;
 import com.juick.xmpp.utils.XmlUtils;
+import org.apache.commons.lang3.RandomStringUtils;
 import org.xmlpull.v1.XmlPullParser;
 import org.xmlpull.v1.XmlPullParserException;
 
@@ -32,6 +34,7 @@ public class ConnectionOut extends Connection implements Runnable {
     public ConnectionOut(XMPPServer xmpp, String hostname) throws CertificateException, UnrecoverableKeyException, NoSuchAlgorithmException, XmlPullParserException, KeyManagementException, KeyStoreException, IOException {
         super(xmpp);
         to = hostname;
+        dbKey = DialbackUtils.generateDialbackKey(RandomStringUtils.randomAscii(15), to, xmpp.HOSTNAME, streamID);
     }
 
     public ConnectionOut(XMPPServer xmpp, String hostname, String checkSID, String dbKey) throws Exception {
@@ -53,7 +56,7 @@ public class ConnectionOut extends Connection implements Runnable {
             sendDialbackVerify(checkSID, dbKey);
         }
         sendStanza("<db:result from='" + xmpp.HOSTNAME + "' to='" + to + "'>" +
-                generateDialbackKey(to, xmpp.HOSTNAME, streamID) + "</db:result>");
+                 dbKey + "</db:result>");
     }
 
     @Override
diff --git a/juick-xmpp/src/main/java/com/juick/components/s2s/util/DialbackUtils.java b/juick-xmpp/src/main/java/com/juick/components/s2s/util/DialbackUtils.java
new file mode 100644
index 00000000..3bb786e5
--- /dev/null
+++ b/juick-xmpp/src/main/java/com/juick/components/s2s/util/DialbackUtils.java
@@ -0,0 +1,14 @@
+package com.juick.components.s2s.util;
+
+import org.apache.commons.codec.digest.DigestUtils;
+import org.apache.commons.codec.digest.HmacUtils;
+
+/**
+ * Created by vitalyster on 05.12.2016.
+ */
+public class DialbackUtils {
+    public static String generateDialbackKey(String secret, String to, String from, String id) {
+        return HmacUtils.hmacSha256Hex(DigestUtils.sha256(secret),
+                (to + " " + from + " " + id).getBytes());
+    }
+}
-- 
cgit v1.2.3