Beispiel #1
0
  @Test
  public void test() throws SymmetricKeyDecryptionException, SymmetricKeyEncryptionException {
    // Precondition:
    // Owner has pw-protected MasterKeystore containig MKey_sig and MKey_enc
    // Owner hat lesser protected DeviceKeystore containing at least one
    // DeviceKey DevKey_1_enc

    // Create Empty SharePartList
    assertNotNull(volume);

    // ShareMetaData shareMetaData = volume.createShareMetaData(alias,
    // mKey_sig_pub, mKey_sig, deviceAlias, devKey1_enc);
    ShareMetaData shareMetaData = null;
    try {
      shareMetaData =
          new ShareMetaData(
              new JDBCHelperNonRevokeable("jdbc:sqlite:" + dbName + File.separator), mKey_sig_pub);
    } catch (Exception e) {
      e.printStackTrace();
      fail(e.getMessage());
    }
    try {
      Field smdField = Volume.class.getDeclaredField("shareMetaData");
      smdField.setAccessible(true);
      smdField.set(volume, shareMetaData);
    } catch (Exception e) {
      fail(e.getMessage());
    }
    assertNotNull(shareMetaData);

    SharePartList spl = shareMetaData.initSharePartList();
    assertEquals("SharePartList is not empty, although it should be", 0, spl.size());
    // Sign SharePartList
    try {
      spl.sign(mKey_sig);
      assertTrue(CryptCore.verifySignature(spl, spl.getSignature(), mKey_sig_pub));
    } catch (SignatureException e2) {
      fail(e2.getMessage());
    }

    spl.add(mKey_sig_pub, alias);
    assertEquals("SharePartList is not empty, although it should be", 1, spl.size());
    try {
      spl.sign(mKey_sig);
      assertTrue(CryptCore.verifySignature(spl, spl.getSignature(), mKey_sig_pub));
    } catch (SignatureException e2) {
      fail(e2.getMessage());
    }

    // get DevKeys for the Devices that the owner wants to enable for this
    // Volume
    // Put keys in dkList
    dkList.put(deviceAlias, devKey1_enc);
    assertEquals("DeviceKeyList should have 1 element", 1, dkList.size());

    // Create and sign devicelist
    DeviceList dl = shareMetaData.createDeviceList(mKey_sig_pub, dkList);
    assertEquals(
        "ShareMetaData should have 1 DeviceList",
        1,
        shareMetaData.getDeviceLists().values().size());

    // Create symmetric ShareKey
    SecretKey sk = CryptCore.generateSymmetricKey();
    assertNotNull(sk);

    // Encrypt sk for all deviceLists
    Collection<DeviceList> deviceLists = shareMetaData.getDeviceLists().values();
    Collection<PublicKey> pubKeys = new LinkedList<PublicKey>();
    for (DeviceList devList : deviceLists) {
      pubKeys.addAll(devList.getPublicKeys());
    }
    assertEquals(1, pubKeys.size());
    // fetch ShareKeyDB
    ShareKeyDB db = shareMetaData.getShareKeys();
    assertNotNull(db);
    // add Encrypted Keys to db
    try {
      db.add(sk, pubKeys);
    } catch (SymmetricKeyEncryptionException e1) {
      fail(e1.getMessage());
    }
    assertEquals(1, db.size());
    try {
      db.sign(mKey_sig, alias);
    } catch (SignatureException e1) {
      fail(e1.getMessage());
    }

    // Encrypt skOb for all deviceLists
    shareMetaData.addObfuscationKey(devKey1_enc, null, null);

    System.out.println("Making ShareMetaData persistent...");

    try {
      dl.sign(mKey_sig, shareMetaData.shareKeys, shareMetaData.obfuscationKeys);
      assertTrue(
          SignatureHelper.verify(
              dl.getSignature(),
              mKey_sig_pub,
              dl,
              shareMetaData.shareKeys.get(dl.getPublicKeys()),
              shareMetaData.obfuscationKeys.get(dl.getPublicKeys())));

    } catch (SignatureException
        | InvalidKeyException
        | NoSuchAlgorithmException
        | SerializationException e2) {
      fail(e2.getMessage());
    }

    // make sharemetadata persistent
    try {
      shareMetaData.persist();
      shareMetaData.persist(dl);
    } catch (Exception e) {
      fail(e.getMessage());
    }

    System.out.println("Loading Volume...");

    // load volume with sharemetadata
    try {
      Volume loadedVol = new Volume(dbName);
      ShareMetaData loadedSMD = loadedVol.loadShareMetaData(mKey_sig_pub);

      assertArrayEquals(shareMetaData.getSignature(), loadedSMD.getSignature());

      System.out.println("DONE");
    } catch (Exception e) {
      e.printStackTrace(System.err);
      fail(e.getMessage());
    }
  }
Beispiel #2
0
  @Override
  public ShareMetaData createShareMetaData(
      String ownerAlias,
      PublicKey ownerPubSigKey,
      PrivateKey ownerPrivSigKey,
      PublicKey ownerPubEncKey,
      PrivateKey ownerPrivEncKey,
      String deviceAlias,
      PublicKey devicePubKey)
      throws IllegalArgumentException, ShareMetaDataException {

    if (IVolume.MASTER_KEY.equals(deviceAlias)) {
      throw new IllegalArgumentException("Illegal alias for device. Choose another alias");
    }

    if (db.exists()) {
      throw new IllegalArgumentException(
          "Can't initialize new share metadata, because database already exists.");
    }

    // verify matching public/private keys
    if (!Utils.keysMatch(ownerPubSigKey, ownerPrivSigKey)) {
      throw new IllegalArgumentException("Owners master private and public key do not match!");
    }

    shareMetaData = new ShareMetaData(db, ownerPubSigKey);

    try {
      this.shareMetaData.load();
    } catch (InitializaionException e) {
      throw new ShareMetaDataException("Could not initialize ShareMetaData", e);
    } catch (SignatureException e) {
      throw new ShareMetaDataException("Could not verify signature", e);
    } catch (DeviceListException e) {
      throw new ShareMetaDataException("Could not verify signature", e);
    }

    // Init Participants list
    SharePartList spl = shareMetaData.initSharePartList();
    spl.add(ownerPubSigKey, ownerAlias);

    // Init DeviceList
    HashMap<String, PublicKey> dkList = new HashMap<String, PublicKey>();
    dkList.put(IVolume.MASTER_KEY, ownerPubEncKey);
    dkList.put(deviceAlias, devicePubKey);
    DeviceList devices = shareMetaData.createDeviceList(ownerPubSigKey, dkList);

    // Create ObfuscationKey
    try {
      shareMetaData.addObfuscationKey(ownerPubEncKey, null, null);
      shareMetaData.addObfuscationKey(ownerPubEncKey, ownerPrivEncKey, devicePubKey);
    } catch (SymmetricKeyEncryptionException | SymmetricKeyDecryptionException e) {
      throw new ShareMetaDataException("Could not initialize obfuscation key", e);
    }

    // Create initial ShareKey
    ShareKeyDB shareKeys = shareMetaData.getShareKeys();
    SecretKey shareKey = CryptCore.generateSymmetricKey();
    try {
      shareKeys.add(shareKey, dkList.values());
    } catch (SymmetricKeyEncryptionException e1) {
      throw new ShareMetaDataException("Could not encrypt sharekey for device", e1);
    }
    try {
      spl.sign(ownerPrivSigKey);
    } catch (SignatureException e2) {
      throw new ShareMetaDataException("Could not sign SharePartList", e2);
    }

    try {
      devices.sign(ownerPrivSigKey, shareKeys, shareMetaData.obfuscationKeys);
    } catch (SignatureException e2) {
      throw new ShareMetaDataException("Could not sign DeviceList", e2);
    }

    shareMetaData.persist();
    shareMetaData.persist(devices);
    return shareMetaData;
  }