From 3159df80ee02f6f65fe8e8ae1bae8fecb8fad070 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Magdalena=20Grodzi=C5=84ska?= Date: Tue, 14 Jan 2020 15:10:44 +0100 Subject: Debug install validation --- .../cloudatlas/agent/NewApiImplementation.java | 18 +++++------ .../mimuw/cloudatlas/querysigner/QuerySigner.java | 2 +- .../querysigner/QuerySignerApiImplementation.java | 36 +++++++++------------- .../cloudatlas/querysignerapi/QuerySignerApi.java | 4 --- 4 files changed, 23 insertions(+), 37 deletions(-) (limited to 'src/main/java/pl') diff --git a/src/main/java/pl/edu/mimuw/cloudatlas/agent/NewApiImplementation.java b/src/main/java/pl/edu/mimuw/cloudatlas/agent/NewApiImplementation.java index 0bf4338..a2ac358 100644 --- a/src/main/java/pl/edu/mimuw/cloudatlas/agent/NewApiImplementation.java +++ b/src/main/java/pl/edu/mimuw/cloudatlas/agent/NewApiImplementation.java @@ -1,9 +1,8 @@ package pl.edu.mimuw.cloudatlas.agent; -import java.io.PrintStream; - import java.rmi.RemoteException; +import java.security.PublicKey; import java.util.concurrent.CompletableFuture; import java.util.List; import java.util.AbstractMap.SimpleImmutableEntry; @@ -12,24 +11,20 @@ import java.util.HashSet; import java.util.Map; import java.util.Map.Entry; import java.util.Set; -import java.util.regex.Pattern; -import java.util.regex.Matcher; import pl.edu.mimuw.cloudatlas.agent.messages.*; -import pl.edu.mimuw.cloudatlas.interpreter.Interpreter; -import pl.edu.mimuw.cloudatlas.interpreter.InterpreterException; -import pl.edu.mimuw.cloudatlas.interpreter.Main; -import pl.edu.mimuw.cloudatlas.interpreter.QueryResult; import pl.edu.mimuw.cloudatlas.model.*; import pl.edu.mimuw.cloudatlas.api.Api; -import pl.edu.mimuw.cloudatlas.querysigner.QueryData; -import pl.edu.mimuw.cloudatlas.querysigner.QueryUtils; +import pl.edu.mimuw.cloudatlas.querysigner.*; public class NewApiImplementation implements Api { private EventBus eventBus; + private PublicKey publicKey; public NewApiImplementation(EventBus eventBus) { this.eventBus = eventBus; + String publicKeyFile = System.getProperty("public_key_file"); + publicKey = KeyUtils.getPublicKey(publicKeyFile); } public Set getZoneSet() throws RemoteException { @@ -82,8 +77,9 @@ public class NewApiImplementation implements Api { } public void installQuery(String name, QueryData query) throws RemoteException { - QueryUtils.validateQueryName(name); try { + QueryUtils.validateQueryName(name); + QuerySignerApiImplementation.validateInstallQuery(name, query, this.publicKey); Attribute attributeName = new Attribute(name); ValueTime timestamp = new ValueTime(System.currentTimeMillis()); Map> queries = new HashMap(); diff --git a/src/main/java/pl/edu/mimuw/cloudatlas/querysigner/QuerySigner.java b/src/main/java/pl/edu/mimuw/cloudatlas/querysigner/QuerySigner.java index 735601d..b2f426e 100644 --- a/src/main/java/pl/edu/mimuw/cloudatlas/querysigner/QuerySigner.java +++ b/src/main/java/pl/edu/mimuw/cloudatlas/querysigner/QuerySigner.java @@ -16,7 +16,7 @@ public class QuerySigner { } } - private static QuerySignerApiImplementation initApi() throws IOException { + public static QuerySignerApiImplementation initApi() throws IOException { String publicKeyFile = System.getProperty("public_key_file"); String privateKeyFile = System.getProperty("private_key_file"); PublicKey publicKey = KeyUtils.getPublicKey(publicKeyFile); diff --git a/src/main/java/pl/edu/mimuw/cloudatlas/querysigner/QuerySignerApiImplementation.java b/src/main/java/pl/edu/mimuw/cloudatlas/querysigner/QuerySignerApiImplementation.java index 37264bf..3acaacf 100644 --- a/src/main/java/pl/edu/mimuw/cloudatlas/querysigner/QuerySignerApiImplementation.java +++ b/src/main/java/pl/edu/mimuw/cloudatlas/querysigner/QuerySignerApiImplementation.java @@ -22,17 +22,15 @@ public class QuerySignerApiImplementation implements QuerySignerApi { private PrivateKey privateKey; private Map queries; private Set attribsSetByQueries; - private ByteSerializer byteSerializer; - QuerySignerApiImplementation(PublicKey publicKey, PrivateKey privateKey) { - this.byteSerializer = new ByteSerializer(); + public QuerySignerApiImplementation(PublicKey publicKey, PrivateKey privateKey) { this.publicKey = publicKey; this.privateKey = privateKey; this.queries = new HashMap<>(); this.attribsSetByQueries = new HashSet<>(); } - private String byteArrayToString(byte[] arr, int offset, int len) { + private static String byteArrayToString(byte[] arr, int offset, int len) { StringBuffer sb = new StringBuffer(); for (int i = offset, n = Math.min(arr.length, offset + len); i < n; ++i) { String hex = Integer.toHexString(0xFF & arr[i]); @@ -55,7 +53,7 @@ public class QuerySignerApiImplementation implements QuerySignerApi { return encryptedBytes; } - private byte[] decryptQuery(byte[] encryptedQuery) throws NoSuchPaddingException, NoSuchAlgorithmException, BadPaddingException, IllegalBlockSizeException, InvalidKeyException { + private static byte[] decryptQuery(byte[] encryptedQuery, PublicKey publicKey) throws NoSuchPaddingException, NoSuchAlgorithmException, BadPaddingException, IllegalBlockSizeException, InvalidKeyException { Cipher verifyCipher = Cipher.getInstance(ENCRYPTION_ALGORITHM); verifyCipher.init(Cipher.DECRYPT_MODE, publicKey); byte[] decryptedBytes = verifyCipher.doFinal(encryptedQuery); @@ -66,7 +64,7 @@ public class QuerySignerApiImplementation implements QuerySignerApi { return decryptedBytes; } - private byte[] cryptographicHash(byte[] serializedQuery) throws NoSuchAlgorithmException { + private static byte[] cryptographicHash(byte[] serializedQuery) throws NoSuchAlgorithmException { MessageDigest digestGenerator = MessageDigest.getInstance(DIGEST_ALGORITHM); byte[] digest = digestGenerator.digest(serializedQuery); @@ -77,7 +75,8 @@ public class QuerySignerApiImplementation implements QuerySignerApi { return digest; } - private byte[] serializeQuery(String queryName, String queryCode) { + private static byte[] serializeQuery(String queryName, String queryCode) { + ByteSerializer byteSerializer = new ByteSerializer(); return byteSerializer.serialize(queryName + queryCode); } @@ -95,19 +94,15 @@ public class QuerySignerApiImplementation implements QuerySignerApi { } } - @Override - public void validateInstallQuery(String queryName, QueryData query) throws RemoteException { + public static void validateInstallQuery(String queryName, QueryData query, PublicKey publicKey) throws RemoteException,IllegalBlockSizeException, InvalidKeyException, BadPaddingException, NoSuchAlgorithmException, NoSuchPaddingException, QuerySigner.InvalidQueryException { QueryUtils.validateQueryName(queryName); - try { - byte[] decryptedQuery = decryptQuery(query.getSignature()); - byte[] serializedQuery = serializeQuery(queryName, query.getCode()); - byte[] hashedSerializedQuery = cryptographicHash(serializedQuery); - if (hashedSerializedQuery != decryptedQuery) { - throw new QuerySigner.InvalidQueryException(); - } - } catch (NoSuchPaddingException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | InvalidKeyException | QuerySigner.InvalidQueryException e) { - e.printStackTrace(); - throw new RemoteException(e.getLocalizedMessage()); + byte[] decryptedQuery = decryptQuery(query.getSignature(), publicKey); + byte[] serializedQuery = serializeQuery(queryName, query.getCode()); + byte[] hashedSerializedQuery = cryptographicHash(serializedQuery); + String decryptedQueryString = byteArrayToString(decryptedQuery, 0, decryptedQuery.length); + String hashedSerializedQueryString = byteArrayToString(hashedSerializedQuery, 0, hashedSerializedQuery.length); + if (!decryptedQueryString.equals(hashedSerializedQueryString)) { + throw new QuerySigner.InvalidQueryException(); } } @@ -118,8 +113,7 @@ public class QuerySignerApiImplementation implements QuerySignerApi { } // TODO - @Override - public void validateUninstallQuery(String queryName, QueryData query) throws RemoteException { + public static void validateUninstallQuery(String queryName, QueryData query, PublicKey publicKey) throws RemoteException { } } diff --git a/src/main/java/pl/edu/mimuw/cloudatlas/querysignerapi/QuerySignerApi.java b/src/main/java/pl/edu/mimuw/cloudatlas/querysignerapi/QuerySignerApi.java index 6b42d32..55f4d04 100644 --- a/src/main/java/pl/edu/mimuw/cloudatlas/querysignerapi/QuerySignerApi.java +++ b/src/main/java/pl/edu/mimuw/cloudatlas/querysignerapi/QuerySignerApi.java @@ -9,8 +9,4 @@ public interface QuerySignerApi extends Remote { public QueryData signInstallQuery(String queryName, String queryCode) throws RemoteException; public QueryData signUninstallQuery(String queryName) throws RemoteException; - - public void validateInstallQuery(String queryName, QueryData query) throws RemoteException; - - public void validateUninstallQuery(String queryName, QueryData query) throws RemoteException; } -- cgit v1.2.3