public byte[] getRemotePublicKey() throws CryptoManagerException {
if (remotePubKey == null) {
throw (new CryptoManagerException("key not yet available"));
}
return (CryptoECCUtils.keyToRawdata(remotePubKey));
}
/** @param myIdent keypair representing our current identity */
CryptoSTSEngineImpl(PublicKey _myPub, PrivateKey _myPriv) throws CryptoManagerException {
myPublicKey = _myPub;
myPrivateKey = _myPriv;
ephemeralKeyPair = CryptoECCUtils.createKeys();
try {
ecDH = new InternalDH();
// ecDH = KeyAgreement.getInstance("ECDH", BouncyCastleProvider.PROVIDER_NAME);
ecDH.init(ephemeralKeyPair.getPrivate());
} catch (Exception e) {
throw new CryptoManagerException("Couldn't initialize crypto handshake", e);
}
}
public void putMessage(ByteBuffer message, boolean keys) throws CryptoManagerException {
// System.out.println( "put( " + keys + ") " + this );
try {
int version = getInt(message, 255);
if (version != VERSION) {
throw (new CryptoManagerException("invalid version (" + version + ")"));
}
if (keys) {
if (sharedSecret != null) {
throw (new CryptoManagerException("phase error: keys already received"));
}
final byte[] rawRemoteOtherPubkey = getBytes(message, 65535);
final byte[] rawRemoteEphemeralPubkey = getBytes(message, 65535);
final byte[] remoteSig = getBytes(message, 65535);
final byte[] pad = getBytes(message, 65535);
remotePubKey = CryptoECCUtils.rawdataToPubkey(rawRemoteOtherPubkey);
Signature check = CryptoECCUtils.getSignature(remotePubKey);
check.update(rawRemoteOtherPubkey);
check.update(rawRemoteEphemeralPubkey);
if (check.verify(remoteSig)) {
ecDH.doPhase(CryptoECCUtils.rawdataToPubkey(rawRemoteEphemeralPubkey), true);
sharedSecret = ecDH.generateSecret();
} else {
throw (new CryptoManagerException("Signature check failed"));
}
} else {
if (sharedSecret == null) {
throw (new CryptoManagerException("phase error: keys not received"));
}
final byte[] IV = getBytes(message, 65535);
final byte[] remoteSig = getBytes(message, 65535);
Signature check = CryptoECCUtils.getSignature(remotePubKey);
check.update(IV);
check.update(sharedSecret);
if (!check.verify(remoteSig)) {
throw (new CryptoManagerException("Signature check failed"));
}
}
} catch (CryptoManagerException e) {
throw (e);
} catch (Throwable e) {
throw (new CryptoManagerException("Failed to generate message"));
}
}
public void getMessage(ByteBuffer buffer, boolean keys) throws CryptoManagerException {
// System.out.println( "get( " + keys + ") " + this );
try {
putInt(buffer, VERSION, 255);
SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
Signature sig = CryptoECCUtils.getSignature(myPrivateKey);
if (keys) {
final byte[] rawMyPubkey = CryptoECCUtils.keyToRawdata(myPublicKey);
final byte[] rawEphemeralPubkey = CryptoECCUtils.keyToRawdata(ephemeralKeyPair.getPublic());
sig.update(rawMyPubkey);
sig.update(rawEphemeralPubkey);
final byte[] rawSign = sig.sign();
final byte[] pad = new byte[random.nextInt(32)];
random.nextBytes(pad);
putBytes(buffer, rawMyPubkey, 65535);
putBytes(buffer, rawEphemeralPubkey, 65535);
putBytes(buffer, rawSign, 65535);
putBytes(buffer, pad, 65535);
} else {
if (sharedSecret == null) {
throw (new CryptoManagerException("phase error: keys not received"));
}
final byte[] IV = new byte[20 + random.nextInt(32)];
random.nextBytes(IV);
sig.update(IV);
sig.update(sharedSecret);
final byte[] rawSig = sig.sign();
putBytes(buffer, IV, 65535);
putBytes(buffer, rawSig, 65535);
}
} catch (CryptoManagerException e) {
throw (e);
} catch (Throwable e) {
throw (new CryptoManagerException("Failed to generate message"));
}
}
