@Override
public HashMap<PublicKey, String> getDeviceMap(PublicKey pubSigKey) {
DeviceList list = this.shareMetaData.deviceLists.get(pubSigKey);
HashMap<PublicKey, String> result = new HashMap<>(list.size());
Iterator<String> it = list.getAliasIterator();
while (it.hasNext()) {
String alias = (String) it.next();
if (!IVolume.MASTER_KEY.equals(alias)) {
result.put(list.getPublicKey(alias), alias);
}
}
return result;
}
@Override
public void addDevice(
String alias,
PublicKey masterPubSigKey,
PrivateKey masterPrivSigKey,
String newDeviceAlias,
PublicKey newDevicePubKey,
PublicKey masterPubEncKey,
PrivateKey masterPrivEncKey)
throws ShareMetaDataException {
if (IVolume.MASTER_KEY.equals(newDeviceAlias)) {
throw new IllegalArgumentException("Illegal alias for device. Choose another alias");
}
// verify matching public/private keys
if (!Utils.keysMatch(masterPubSigKey, masterPrivSigKey)) {
throw new IllegalArgumentException(
"User's master private and public signature keys do not match!");
}
if (!Utils.keysMatch(masterPubEncKey, masterPrivEncKey)) {
throw new IllegalArgumentException(
"User's master private and public encryption keys do not match!");
}
// verify integrity of ShareParticipantList
SharePartList sharePartList = shareMetaData.getSharePartList();
try {
SignatureHelper.verify(
sharePartList, sharePartList.getSignature(), shareMetaData.ownerPubSigKey);
} catch (InvalidKeyException
| NoSuchAlgorithmException
| SignatureException
| SerializationException e) {
throw new ShareMetaDataException("Could not verify ShareParticipantsList signature", e);
}
// check if masterPubSigKey is in ShareParticipants
if (!sharePartList.getPublicKey(alias).equals(masterPubSigKey)) {
throw new ShareMetaDataException(
"Given user singature publickey is not " + "in sharepartiticapnts list");
}
// Get DeviceList for user
DeviceList deviceList = shareMetaData.getDeviceLists().get(masterPubSigKey);
if (deviceList == null) {
throw new ShareMetaDataException(
"DeviceList for user " + alias + " was empty, which should never be the case.");
}
// add device
deviceList.addDevice(newDeviceAlias, newDevicePubKey);
// add encrypted Obfuscation key for new device
try {
shareMetaData.addObfuscationKey(masterPubEncKey, masterPrivEncKey, newDevicePubKey);
} catch (SymmetricKeyEncryptionException | SymmetricKeyDecryptionException e) {
throw new ShareMetaDataException("Could not add encrypted obfuscation key for new device", e);
}
// add encrypted sharekey for device
try {
this.shareMetaData.shareKeys.addDevice(masterPubEncKey, masterPrivEncKey, newDevicePubKey);
} catch (Exception e) {
throw new ShareMetaDataException("Could not add encrypted share keys for new device", e);
}
// Sign everything
try {
deviceList.sign(masterPrivSigKey, shareMetaData.shareKeys, shareMetaData.obfuscationKeys);
} catch (SignatureException e) {
throw new ShareMetaDataException("Could not sign devicelist", e);
}
this.shareMetaData.persist(deviceList);
}
@Override
public ShareMetaData createShareMetaData(
String ownerAlias,
PublicKey ownerPubSigKey,
PrivateKey ownerPrivSigKey,
PublicKey ownerPubEncKey,
PrivateKey ownerPrivEncKey,
String deviceAlias,
PublicKey devicePubKey)
throws IllegalArgumentException, ShareMetaDataException {
if (IVolume.MASTER_KEY.equals(deviceAlias)) {
throw new IllegalArgumentException("Illegal alias for device. Choose another alias");
}
if (db.exists()) {
throw new IllegalArgumentException(
"Can't initialize new share metadata, because database already exists.");
}
// verify matching public/private keys
if (!Utils.keysMatch(ownerPubSigKey, ownerPrivSigKey)) {
throw new IllegalArgumentException("Owners master private and public key do not match!");
}
shareMetaData = new ShareMetaData(db, ownerPubSigKey);
try {
this.shareMetaData.load();
} catch (InitializaionException e) {
throw new ShareMetaDataException("Could not initialize ShareMetaData", e);
} catch (SignatureException e) {
throw new ShareMetaDataException("Could not verify signature", e);
} catch (DeviceListException e) {
throw new ShareMetaDataException("Could not verify signature", e);
}
// Init Participants list
SharePartList spl = shareMetaData.initSharePartList();
spl.add(ownerPubSigKey, ownerAlias);
// Init DeviceList
HashMap<String, PublicKey> dkList = new HashMap<String, PublicKey>();
dkList.put(IVolume.MASTER_KEY, ownerPubEncKey);
dkList.put(deviceAlias, devicePubKey);
DeviceList devices = shareMetaData.createDeviceList(ownerPubSigKey, dkList);
// Create ObfuscationKey
try {
shareMetaData.addObfuscationKey(ownerPubEncKey, null, null);
shareMetaData.addObfuscationKey(ownerPubEncKey, ownerPrivEncKey, devicePubKey);
} catch (SymmetricKeyEncryptionException | SymmetricKeyDecryptionException e) {
throw new ShareMetaDataException("Could not initialize obfuscation key", e);
}
// Create initial ShareKey
ShareKeyDB shareKeys = shareMetaData.getShareKeys();
SecretKey shareKey = CryptCore.generateSymmetricKey();
try {
shareKeys.add(shareKey, dkList.values());
} catch (SymmetricKeyEncryptionException e1) {
throw new ShareMetaDataException("Could not encrypt sharekey for device", e1);
}
try {
spl.sign(ownerPrivSigKey);
} catch (SignatureException e2) {
throw new ShareMetaDataException("Could not sign SharePartList", e2);
}
try {
devices.sign(ownerPrivSigKey, shareKeys, shareMetaData.obfuscationKeys);
} catch (SignatureException e2) {
throw new ShareMetaDataException("Could not sign DeviceList", e2);
}
shareMetaData.persist();
shareMetaData.persist(devices);
return shareMetaData;
}