/** * Create a STPR STPR = T|Comm(L_1, r^1_W)|...|Comm(L_n, r^n_W) * * @param aStampContext * @param location location L_1 * @param time Preq time T * @return STPR */ private static byte[] createSTPR(WitnessContext aStampContext, byte location[], byte time[]) { BigInteger rw = aStampContext.getEPRandomW(); String locString = new String(location); Location loc = new Location(locString); short levelCount = (short) loc.getLevelCount(); LinkedList<BigInteger> rws = new LinkedList<BigInteger>(); try { rws = CryptoUtil.getHashChain(rw, levelCount); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } ArrayList<byte[]> locComms = new ArrayList<byte[]>(); for (int i = 0; i < levelCount; i++) { byte[] locComm = {}; try { locComm = CryptoUtil.getCommitment(loc.getLevel(i).getBytes(), rws.get(i)).toByteArray(); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } locComms.add(locComm); } return MessageUtil.createMessageFromArray(locComms); }
private void testEncryptDecrypt(final CryptoUtil cryptoUtil, final String textToEncrypt) throws Exception { String encryptedText = cryptoUtil.encrypt(textToEncrypt); assertNotSame( "Encrypted text should not be the same as the plain text", textToEncrypt, encryptedText); String decryptedText = cryptoUtil.decrypt(encryptedText); assertEquals( "Decrypted text should be the same as the original text", textToEncrypt, decryptedText); }
/** * Endorse the proof * * @param aStampContext current context * @param aProof proof * @return endorsed proof * @throws NoSuchAlgorithmException * @throws BadPaddingException * @throws IllegalBlockSizeException * @throws NoSuchPaddingException * @throws InvalidKeyException */ private static byte[] endorseP(WitnessContext aStampContext, byte aProof[]) { // Sign on the proof first byte[] sig = {}; try { sig = CryptoUtil.signDSA(aStampContext.getPriDSASelf(), aProof); } catch (InvalidKeyException e) { e.printStackTrace(); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (SignatureException e) { e.printStackTrace(); } // Include own ID in EP byte[] wID = aStampContext.getPubDSASelf().getEncoded(); ArrayList<byte[]> array = new ArrayList<byte[]>(); array.add(wID); array.add(aProof); array.add(sig); byte[] epContent = MessageUtil.compileMessages(array); // Encrypt epContent with an AES key first SecretKey aesKey = null; byte[] epEncrypted = {}; byte[] keyEncrypted = {}; try { aesKey = CryptoUtil.generateAESKey(128); epEncrypted = CryptoUtil.encryptAES(aesKey, epContent); keyEncrypted = CryptoUtil.encryptRSA(aStampContext.getPubRSACA(), aesKey.getEncoded()); } catch (NoSuchAlgorithmException e1) { e1.printStackTrace(); } catch (InvalidKeyException e) { e.printStackTrace(); } catch (NoSuchPaddingException e) { e.printStackTrace(); } catch (IllegalBlockSizeException e) { e.printStackTrace(); } catch (BadPaddingException e) { e.printStackTrace(); } ArrayList<byte[]> arrayOut = new ArrayList<byte[]>(); arrayOut.add(epEncrypted); arrayOut.add(keyEncrypted); return MessageUtil.compileMessages(arrayOut); }
private void decryptPassword(Properties properties) { String pwd = properties.getProperty(PROP_PASSWORD); if (pwd != null) { String newPwd = CryptoUtil.decrypt(pwd); properties.setProperty(PROP_PASSWORD, newPwd); } }
/** * Process DB Success message * * @param aStampContext current context * @param payload DB Success message */ public static void processCeCk(WitnessContext aStampContext, byte[] payload) { // parse Ce and Ck ArrayList<byte[]> ceck = MessageUtil.parseMessage(payload, 2); ArrayList<byte[]> ces = MessageUtil.parseMessages(ceck.get(0)); ArrayList<byte[]> cks = MessageUtil.parseMessages(ceck.get(1)); // obtain z BigInteger z = CryptoUtil.getZ(ces, cks, aStampContext.getPubDSASelf().getParams().getP()); aStampContext.setRemoteZ(z); }
/** * Create DB ready message body * * @return DB ready message */ public static byte[] createCeCk(ProverContext aStampContext) { BigInteger e = aStampContext.getE(); BigInteger k = aStampContext.getK(); BigInteger p = aStampContext.getPubDSASelf().getParams().getP(); BigInteger g = aStampContext.getPubDSASelf().getParams().getG(); BigInteger h = aStampContext.getH(); BigInteger v = aStampContext.getV(); ArrayList<byte[]> ces = CryptoUtil.getBitCommitments(g, p, h, v, e); ArrayList<byte[]> cks = CryptoUtil.getBitCommitments(g, p, h, v, k); byte[] cesBytes = MessageUtil.createMessageFromArray(ces); byte[] cksBytes = MessageUtil.createMessageFromArray(cks); ArrayList<byte[]> array = new ArrayList<byte[]>(); array.add(cesBytes); array.add(cksBytes); return MessageUtil.compileMessages(array); }
/** * Create user identity token based on username and password * * @param ep * @param username * @param password * @return user identity token * @throws ServiceResultException if endpoint or the stack doesn't support UserName token policy */ public static UserIdentityToken createUserNameIdentityToken( EndpointDescription ep, byte[] senderNonce, String username, String password) throws ServiceResultException { UserTokenPolicy policy = ep.findUserTokenPolicy(UserTokenType.UserName); if (policy == null) throw new ServiceResultException( StatusCodes.Bad_IdentityTokenRejected, "UserName not supported"); String securityPolicyUri = policy.getSecurityPolicyUri(); if (securityPolicyUri == null) securityPolicyUri = ep.getSecurityPolicyUri(); SecurityPolicy securityPolicy = SecurityPolicy.getSecurityPolicy(securityPolicyUri); if (securityPolicy == null) securityPolicy = SecurityPolicy.NONE; UserNameIdentityToken token = new UserNameIdentityToken(); token.setUserName(username); token.setPolicyId(policy.getPolicyId()); // Encrypt the password, unless no security is defined SecurityAlgorithm algorithm = securityPolicy.getAsymmetricEncryptionAlgorithm(); byte[] pw = password.getBytes(BinaryEncoder.UTF8); if (algorithm == null) token.setPassword(pw); else try { Cert serverCert = new Cert(ep.getServerCertificate()); if (senderNonce != null) pw = ByteBufferUtils.concatenate(toArray(pw.length + senderNonce.length), pw, senderNonce); else pw = ByteBufferUtils.concatenate(toArray(pw.length), pw); pw = CryptoUtil.asymmEncrypt(pw, serverCert.getCertificate().getPublicKey(), algorithm); token.setPassword(pw); } catch (InvalidKeyException e) { // Server certificate does not have encrypt usage throw new ServiceResultException( StatusCodes.Bad_CertificateInvalid, "Server certificate in endpoint is invalid: " + e.getMessage()); } catch (IllegalBlockSizeException e) { throw new ServiceResultException( StatusCodes.Bad_SecurityPolicyRejected, e.getClass().getName() + ":" + e.getMessage()); } catch (BadPaddingException e) { throw new ServiceResultException( StatusCodes.Bad_CertificateInvalid, "Server certificate in endpoint is invalid: " + e.getMessage()); } catch (NoSuchAlgorithmException e) { throw new ServiceResultException(StatusCodes.Bad_InternalError, e); } catch (NoSuchPaddingException e) { throw new ServiceResultException(StatusCodes.Bad_InternalError, e); } token.setEncryptionAlgorithm(algorithm.getUri()); return token; }
public void setCipherAlgorithmNameModePadding(String cipherAlgorithmNameModePadding) { String cipherAlgorithmExpected, cipherAlgorithmReceived; cipherAlgorithmExpected = this.getCipherAlgorithm(); cipherAlgorithmReceived = CryptoUtil.getCipherNameAsString(cipherAlgorithmNameModePadding); if (!cipherAlgorithmExpected.equals(cipherAlgorithmReceived)) { throw new IllegalArgumentException("algorithm must be " + cipherAlgorithmExpected); } this.cipherAlgorithmNameModePadding = cipherAlgorithmNameModePadding; try { this.cipher = Cipher.getInstance(this.cipherAlgorithmNameModePadding, Crypto.getCryptoProvider()); } catch (GeneralSecurityException e) { logException(getClass(), e); throw new IllegalArgumentException(e); } }
public String getCipherName() { return CryptoUtil.getCipherNameAsString(this.cipherAlgorithmNameModePadding); }