1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
|
package pl.edu.mimuw.cloudatlas.querysigner;
import pl.edu.mimuw.cloudatlas.ByteSerializer;
import pl.edu.mimuw.cloudatlas.model.ValueQuery;
import pl.edu.mimuw.cloudatlas.querysignerapi.QuerySignerApi;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import java.rmi.RemoteException;
import java.security.*;
import java.security.interfaces.RSAPrivateCrtKey;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
public class QuerySignerApiImplementation implements QuerySignerApi {
private final static String ENCRYPTION_ALGORITHM = "RSA";
private final static String DIGEST_ALGORITHM = "SHA-256";
private PublicKey publicKey;
private PrivateKey privateKey;
private Map<String, ValueQuery> queries;
private Set<String> attribsSetByQueries;
private ByteSerializer byteSerializer;
QuerySignerApiImplementation(byte[] serializedPublicKey, byte[] serializedPrivateKey) {
this.byteSerializer = new ByteSerializer();
this.publicKey = (PublicKey) byteSerializer.deserialize(serializedPublicKey, PublicKey.class);
this.privateKey = (PrivateKey) byteSerializer.deserialize(serializedPrivateKey, PrivateKey.class);
this.queries = new HashMap<>();
this.attribsSetByQueries = new HashSet<>();
}
private String byteArrayToString(byte[] arr, int offset, int len) {
StringBuffer sb = new StringBuffer();
for (int i = offset, n = Math.min(arr.length, offset + len); i < n; ++i) {
String hex = Integer.toHexString(0xFF & arr[i]);
if (hex.length() < 2) {
sb.append('0');
}
sb.append(hex);
}
return sb.toString();
}
private byte[] encryptQuery(byte[] query) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
Cipher signCipher = Cipher.getInstance(ENCRYPTION_ALGORITHM);
signCipher.init(Cipher.ENCRYPT_MODE, privateKey);
byte[] encryptedBytes = signCipher.doFinal(query);
System.out.println(
"Bytes encrypted with " + ENCRYPTION_ALGORITHM +
": " + byteArrayToString(
encryptedBytes, 0, encryptedBytes.length));
return encryptedBytes;
}
private byte[] decryptQuery(byte[] encryptedQuery) throws NoSuchPaddingException, NoSuchAlgorithmException, BadPaddingException, IllegalBlockSizeException, InvalidKeyException {
Cipher verifyCipher = Cipher.getInstance(ENCRYPTION_ALGORITHM);
verifyCipher.init(Cipher.DECRYPT_MODE, publicKey);
byte[] decryptedBytes = verifyCipher.doFinal(encryptedQuery);
System.out.println(
"Bytes decrypted with " + ENCRYPTION_ALGORITHM +
": " + byteArrayToString(
decryptedBytes, 0, decryptedBytes.length));
return decryptedBytes;
}
private byte[] cryptographicHash(byte[] serializedQuery) throws NoSuchAlgorithmException {
MessageDigest digestGenerator =
MessageDigest.getInstance(DIGEST_ALGORITHM);
byte[] digest = digestGenerator.digest(serializedQuery);
System.out.println(
DIGEST_ALGORITHM + " digest: " +
byteArrayToString(
digest, 0, digest.length));
return digest;
}
// TODO
private byte[] serializeQuery(String queryName, String queryCode) {
return byteSerializer.serialize(queryName + queryCode);
}
@Override
public ValueQuery signInstallQuery(String queryName, String queryCode) throws RemoteException {
QueryUtils.validateQueryName(queryName);
try {
byte[] serializedQuery = serializeQuery(queryName, queryCode);
byte[] hashedQuery = cryptographicHash(serializedQuery);
byte[] querySignature = encryptQuery(hashedQuery);
return new ValueQuery(queryCode, querySignature);
} catch (Exception e) {
e.printStackTrace();
throw new RemoteException(e.getLocalizedMessage());
}
}
@Override
public void validateInstallQuery(String queryName, ValueQuery query) throws RemoteException {
QueryUtils.validateQueryName(queryName);
try {
byte[] decryptedQuery = decryptQuery(query.getSignature());
byte[] serializedQuery = serializeQuery(queryName, query.getCode());
byte[] hashedSerializedQuery = cryptographicHash(serializedQuery);
if (hashedSerializedQuery != decryptedQuery) {
throw new QuerySigner.InvalidQueryException();
}
} catch (NoSuchPaddingException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | InvalidKeyException | QuerySigner.InvalidQueryException e) {
e.printStackTrace();
throw new RemoteException(e.getLocalizedMessage());
}
}
// TODO
@Override
public ValueQuery signUninstallQuery(String queryName) throws RemoteException {
return null;
}
// TODO
@Override
public void validateUninstallQuery(String queryName, ValueQuery query) throws RemoteException {
}
@Override
public PublicKey getPublicKey() throws RemoteException {
return publicKey;
}
@Override
public void setPublicKey(PublicKey publicKey) throws RemoteException {
this.publicKey = publicKey;
}
@Override
public byte[] getQuerySignature(String queryName) throws RemoteException {
return queries.get(queryName).getSignature();
}
}
|