before making more PDU methods static

thsc42 · thsc42 · commit 6cdb9be138d9 · 2020-09-07T12:00:11.000+02:00
diff --git a/src/net/sharksystem/SharkException.java b/src/net/sharksystem/SharkException.java
diff --git a/src/net/sharksystem/asap/protocol/ASAPReadonlyKeyStorage.java b/src/net/sharksystem/asap/protocol/ASAPReadonlyKeyStorage.java
@@ -5,7 +5,7 @@
 import java.security.PrivateKey;
 import java.security.PublicKey;
 
-public interface ASAPSignAndEncryptionKeyStorage {
+public interface ASAPReadonlyKeyStorage {
     /**
      *
      * @return private key of local device - for signing
@@ -20,4 +20,14 @@ public interface ASAPSignAndEncryptionKeyStorage {
      * @throws ASAPSecurityException if key cannot be found
      */
     PublicKey getPublicKey(CharSequence subjectID) throws ASAPSecurityException;
+
+    /**
+     * @return public key of local device - for signing
+     * @throws ASAPSecurityException
+     */
+    PublicKey getPublicKey() throws ASAPSecurityException;
+
+    String getRSAEncryptionAlgorithm();
+
+    String getRSASigningAlgorithm();
 }
diff --git a/src/net/sharksystem/asap/protocol/ASAP_Modem_Impl.java b/src/net/sharksystem/asap/protocol/ASAP_Modem_Impl.java
@@ -10,13 +10,13 @@
 import java.util.List;
 
 public class ASAP_Modem_Impl implements ASAP_1_0 {
-    private final ASAPSignAndEncryptionKeyStorage signAndEncryptionKeyStorage;
+    private final ASAPReadonlyKeyStorage signAndEncryptionKeyStorage;
 
     public ASAP_Modem_Impl() {
         this.signAndEncryptionKeyStorage = null; // no key storage
     }
 
-    public ASAP_Modem_Impl(ASAPSignAndEncryptionKeyStorage signAndEncryptionKeyStorage) {
+    public ASAP_Modem_Impl(ASAPReadonlyKeyStorage signAndEncryptionKeyStorage) {
         this.signAndEncryptionKeyStorage = signAndEncryptionKeyStorage;
     }
 
@@ -75,9 +75,10 @@ public void interest(CharSequence sender, CharSequence recipient, CharSequence f
 
         // prepare encryption and signing if required
         CryptoSession cryptoSession = new CryptoSession(ASAP_1_0.INTEREST_CMD,
-                os, signed, encrypted, recipient, this.signAndEncryptionKeyStorage);
+                os, signed, encrypted, recipient,
+                this.signAndEncryptionKeyStorage);
 
-        cryptoSession.sendHeader();
+        cryptoSession.sendCmd();
 
         InterestPDU_Impl.sendPDUWithoutCmd(sender, recipient, format, channel, eraFrom, eraTo,
                 cryptoSession.getOutputStream());
@@ -115,6 +116,9 @@ public ASAP_PDU_1_0 readPDU(InputStream is) throws IOException, ASAPException {
         // remove encrypted flag
         cmd = (byte)(cmd & CMD_MASK);
 
+        if(encrypted) {
+        }
+
         int flagsInt = PDU_Impl.readByte(is);
 
         ASAP_PDU_1_0 pdu = null;
diff --git a/src/net/sharksystem/asap/protocol/CryptoSession.java b/src/net/sharksystem/asap/protocol/CryptoSession.java
@@ -1,28 +1,59 @@
 package net.sharksystem.asap.protocol;
 
+import jdk.internal.util.xml.impl.Input;
 import net.sharksystem.asap.ASAPSecurityException;
 
 import javax.crypto.BadPaddingException;
 import javax.crypto.Cipher;
 import javax.crypto.IllegalBlockSizeException;
 import javax.crypto.NoSuchPaddingException;
-import java.io.IOException;
-import java.io.OutputStream;
+import java.io.*;
 import java.security.InvalidKeyException;
 import java.security.NoSuchAlgorithmException;
 import java.security.PublicKey;
 
 class CryptoSession {
+    private ASAPReadonlyKeyStorage keyStorage;
+    private Cipher cipher = null;
+    private PublicKey publicKey;
     private byte cmd;
-    private final OutputStream os;
+
+    private OutputStream effectivOS;
+    private OutputStream realOS;
+    private ByteArrayOutputStream asapMessageOS;
+    private byte[] asapMessageAsBytes;
+
+    CryptoSession(ASAPReadonlyKeyStorage keyStorage) {
+        this.keyStorage = keyStorage;
+    }
+
+    InputStream decrypt(InputStream is) throws ASAPSecurityException {
+        try {
+            this.cipher = Cipher.getInstance(keyStorage.getRSAEncryptionAlgorithm());
+            this.cipher.init(Cipher.DECRYPT_MODE, this.keyStorage.getPrivateKey());
+
+            // read len
+            int len = 42; // TODO
+
+            byte[] messageBytes = new byte[len];
+            is.read(messageBytes);
+            byte[] decryptedBytes = this.cipher.doFinal(messageBytes);
+            return new ByteArrayInputStream(decryptedBytes);
+        } catch (BadPaddingException | IllegalBlockSizeException |
+                NoSuchAlgorithmException | NoSuchPaddingException |
+                InvalidKeyException | IOException e) {
+            throw new ASAPSecurityException(this.getLogStart(), e);
+        }
+    }
 
     CryptoSession(byte cmd, OutputStream os, boolean sign, boolean encrypted,
                   CharSequence recipient,
-                  ASAPSignAndEncryptionKeyStorage keyStorage)
+                  ASAPReadonlyKeyStorage keyStorage)
             throws ASAPSecurityException {
 
         this.cmd = cmd;
-        this.os = os;
+        this.realOS = os;
+        this.effectivOS = os; // still this one
 
         if(encrypted) {
             // add to command
@@ -34,32 +65,25 @@ class CryptoSession {
                         "but there is not key store at all - fatal, give up");
             }
 
-            PublicKey publicKey = keyStorage.getPublicKey(recipient);
+            this.publicKey = keyStorage.getPublicKey(recipient);
             // there should be an exception - but better safe than sorry
-            if(publicKey == null) {
+            if(this.publicKey == null) {
                 throw new ASAPSecurityException(
                         "message must be encrypted but recipients' public key cannot be found");
             }
 
-            // we have at least the chance
-            // encryption?
+            // let's see if we can setup cipher
             try {
-                Cipher cipher = Cipher.getInstance("TODO_Cipher_Algorithm");
-                cipher.init(Cipher.ENCRYPT_MODE, keyStorage.getPublicKey(recipient));
-
-                byte[] message = new byte[0];
-                cipher.doFinal(message);
-            } catch (NoSuchAlgorithmException e) {
-                e.printStackTrace();
-            } catch (InvalidKeyException e) {
-                e.printStackTrace();
-            } catch (BadPaddingException e) {
-                e.printStackTrace();
-            } catch (IllegalBlockSizeException e) {
-                e.printStackTrace();
-            } catch (NoSuchPaddingException e) {
-                e.printStackTrace();
+                this.cipher = Cipher.getInstance(keyStorage.getRSAEncryptionAlgorithm());
+                this.cipher.init(Cipher.ENCRYPT_MODE, this.publicKey);
+            } catch (NoSuchAlgorithmException | InvalidKeyException | NoSuchPaddingException e) {
+                throw new ASAPSecurityException(this.getLogStart(), e);
             }
+
+            // cipher is ready - we can encrypt
+            this.asapMessageOS = new ByteArrayOutputStream();
+            // pud will make a detour
+            this.effectivOS = this.asapMessageOS;
         }
 
 
@@ -105,20 +129,33 @@ class CryptoSession {
 
     }
 
-    public void sendHeader() throws IOException {
-        PDU_Impl.sendCmd(this.cmd, this.os);
+    public void sendCmd() throws IOException {
+        // send cmd in clear
+        PDU_Impl.sendCmd(this.cmd, this.realOS);
     }
 
     byte getCMD() {
         return this.cmd;
     }
 
     OutputStream getOutputStream() {
-        return this.os;
+        return this.effectivOS;
     }
 
-    public void finish() {
-
+    public void finish() throws ASAPSecurityException {
+        if(cipher != null) {
+            // we are to encrypt
+            this.asapMessageAsBytes = this.asapMessageOS.toByteArray();
+            try {
+                byte[] encryptedBytes = this.cipher.doFinal(this.asapMessageAsBytes);
+                // write data len
+                PDU_Impl.sendNonNegativeIntegerParameter(encryptedBytes.length, this.realOS);
+                // write data
+                this.realOS.write(encryptedBytes);
+            } catch (IllegalBlockSizeException | BadPaddingException | IOException e) {
+                throw new ASAPSecurityException(this.getLogStart(), e);
+            }
+        }
     }
 
     private String getLogStart() {
diff --git a/test/net/sharksystem/asap/protocol/PDUTests.java b/test/net/sharksystem/asap/protocol/PDUTests.java
@@ -11,9 +11,12 @@
 import static net.sharksystem.asap.protocol.ASAP_1_0.ERA_NOT_DEFINED;
 
 public class PDUTests {
+    public static final String ALICE_ID = "Alice";
+    public static final String BOB_ID = "Bob";
 
     @Test
     public void sendAndReceiveOffer() throws IOException, ASAPException {
+
         ASAP_1_0 protocolEngine = new ASAP_Modem_Impl();
 
         String peer = "Alice";
@@ -110,10 +113,14 @@ public void sendAndReceiveInterest2() throws IOException, ASAPException {
 
     @Test
     public void sendAndReceiveInterestCanBeEncrypted() throws IOException, ASAPException {
-        ASAP_1_0 protocolEngine = new ASAP_Modem_Impl();
+        TestASAPKeyStorage keyStorage = new TestASAPKeyStorage();
+        // add Bob
+        keyStorage.createTestPeer(BOB_ID);
 
-        String sender = "Alice";
-        String recipient = "Bob";
+        ASAP_1_0 protocolEngine = new ASAP_Modem_Impl(keyStorage);
+
+        String sender = ALICE_ID;
+        String recipient = BOB_ID;
         String channel = "AliceURI";
         String format = "format";
 
diff --git a/test/net/sharksystem/asap/protocol/TestASAPKeyStorage.java b/test/net/sharksystem/asap/protocol/TestASAPKeyStorage.java
@@ -0,0 +1,93 @@
+package net.sharksystem.asap.protocol;
+
+import net.sharksystem.asap.ASAPSecurityException;
+import net.sharksystem.asap.util.Log;
+
+import java.security.*;
+import java.util.HashMap;
+
+public class TestASAPKeyStorage implements ASAPReadonlyKeyStorage {
+    private PrivateKey privateKey;
+    private PublicKey publicKey;
+    private long timeInMillis = 0;
+
+    public static final String DEFAULT_RSA_ENCRYPTION_ALGORITHM = "RSA/ECB/PKCS1Padding";
+    public static final String DEFAULT_SIGNATURE_METHOD = "SHA256withRSA";
+
+    private HashMap<String, KeyPair> peerKeyPairs = new HashMap<>();
+
+    TestASAPKeyStorage() throws ASAPSecurityException {
+        // generate owners key pair;
+        KeyPair keyPair = this.generateKeyPair();
+
+        this.privateKey = keyPair.getPrivate();
+        this.publicKey = keyPair.getPublic();
+        this.timeInMillis = System.currentTimeMillis();
+    }
+
+    private KeyPair generateKeyPair() throws ASAPSecurityException {
+        Log.writeLog(this, "create key pair");
+        KeyPairGenerator keyGen = null;
+        try {
+            keyGen = KeyPairGenerator.getInstance("RSA");
+        } catch (NoSuchAlgorithmException e) {
+            throw new ASAPSecurityException(e.getLocalizedMessage());
+        }
+
+        SecureRandom secRandom = new SecureRandom();
+        try {
+            keyGen.initialize(2048, secRandom);
+            return keyGen.generateKeyPair();
+        }
+        catch(RuntimeException re) {
+            throw new ASAPSecurityException(re.getLocalizedMessage());
+        }
+    }
+
+    public void createTestPeer(String id) throws ASAPSecurityException {
+        this.peerKeyPairs.put(id, this.generateKeyPair());
+    }
+
+    @Override
+    public PrivateKey getPrivateKey() throws ASAPSecurityException {
+        if(this.privateKey == null) throw new ASAPSecurityException("private key does not exist");
+        return this.privateKey;
+    }
+
+    @Override
+    public PublicKey getPublicKey(CharSequence subjectID) throws ASAPSecurityException {
+        KeyPair keyPair = this.peerKeyPairs.get(subjectID);
+        if(keyPair == null) throw new ASAPSecurityException("no key pair for " + subjectID);
+
+        return keyPair.getPublic();
+    }
+
+    /**
+     * In reality there cannot be such a method - but we are in a test.
+     * @param subjectID
+     * @return
+     * @throws ASAPSecurityException
+     */
+    public PrivateKey getPrivateKey(CharSequence subjectID) throws ASAPSecurityException {
+        KeyPair keyPair = this.peerKeyPairs.get(subjectID);
+        if(keyPair == null) throw new ASAPSecurityException("no key pair for " + subjectID);
+
+        return keyPair.getPrivate();
+    }
+
+    @Override
+    public PublicKey getPublicKey() throws ASAPSecurityException {
+        if(this.publicKey == null) throw new ASAPSecurityException("public key does not exist");
+        return this.publicKey;
+    }
+
+    @Override
+    public String getRSAEncryptionAlgorithm() {
+        return DEFAULT_RSA_ENCRYPTION_ALGORITHM;
+    }
+
+    @Override
+    public String getRSASigningAlgorithm() {
+        return DEFAULT_SIGNATURE_METHOD;
+    }
+}
