[FIX] VerifySecureLevelKey

LaunchServer/src/main/java/pro/gravit/launchserver/auth/protect/interfaces/SecureProtectHandler.java

@@ -6,6 +6,7 @@
 import pro.gravit.launchserver.socket.response.secure.SecurityReportResponse;
 import pro.gravit.utils.helper.SecurityHelper;
 
+import java.security.Signature;
 import java.security.SignatureException;
 import java.security.interfaces.ECPublicKey;
 import java.security.spec.InvalidKeySpecException;
@@ -15,10 +16,12 @@ default byte[] generateSecureLevelKey()
     {
         return SecurityHelper.randomBytes(128);
     }
-    default void verifySecureLevelKey(byte[] publicKey, byte[] signature) throws InvalidKeySpecException, SignatureException {
+    default void verifySecureLevelKey(byte[] publicKey, byte[] data, byte[] signature) throws InvalidKeySpecException, SignatureException {
         if(publicKey == null || signature == null) throw new InvalidKeySpecException();
         ECPublicKey pubKey = SecurityHelper.toPublicECKey(publicKey);
-        SecurityHelper.newECVerifySignature(pubKey).update(signature);
+        Signature sign = SecurityHelper.newECVerifySignature(pubKey);
+        sign.update(data);
+        sign.verify(signature);
     }
     GetSecureLevelInfoRequestEvent onGetSecureLevelInfo(GetSecureLevelInfoRequestEvent event);
     boolean allowGetSecureLevelInfo(Client client);

LaunchServer/src/main/java/pro/gravit/launchserver/socket/Client.java

@@ -50,5 +50,7 @@ public enum Type {
     public static class TrustLevel
     {
         public byte[] verifySecureKey;
+        public boolean keyChecked;
+        public byte[] publicKey;
     }
 }

LaunchServer/src/main/java/pro/gravit/launchserver/socket/response/secure/GetSecureLevelInfoResponse.java

@@ -23,7 +23,7 @@ public void execute(ChannelHandlerContext ctx, Client client) throws Exception {
         SecureProtectHandler secureProtectHandler = (SecureProtectHandler) server.config.protectHandler;
         if(!secureProtectHandler.allowGetSecureLevelInfo(client))
         {
-            sendError("Permissions denied");
+            sendError("Access denied");
             return;
         }
         if(client.trustLevel == null) client.trustLevel = new Client.TrustLevel();

LaunchServer/src/main/java/pro/gravit/launchserver/socket/response/secure/VerifySecureLevelKeyResponse.java

@@ -19,14 +19,14 @@ public String getType() {
 
     @Override
     public void execute(ChannelHandlerContext ctx, Client client) throws Exception {
-        if(!(server.config.protectHandler instanceof SecureProtectHandler))
+        if(!(server.config.protectHandler instanceof SecureProtectHandler) || client.trustLevel == null || client.trustLevel.verifySecureKey == null)
         {
             sendError("This method not allowed");
             return;
         }
         SecureProtectHandler secureProtectHandler = (SecureProtectHandler) server.config.protectHandler;
         try {
-            secureProtectHandler.verifySecureLevelKey(publicKey, signature);
+            secureProtectHandler.verifySecureLevelKey(publicKey, client.trustLevel.verifySecureKey, signature);
         } catch (InvalidKeySpecException e)
         {
             sendError("Invalid public key");
@@ -35,7 +35,13 @@ public void execute(ChannelHandlerContext ctx, Client client) throws Exception {
         {
             sendError("Invalid signature");
             return;
+        } catch (SecurityException e)
+        {
+            sendError(e.getMessage());
+            return;
         }
+        client.trustLevel.keyChecked = true;
+        client.trustLevel.publicKey = publicKey;
         sendResult(new VerifySecureLevelKeyRequestEvent());
     }
 }