about adding cryptography

Author: thsc42

src/net/sharksystem/asap/ASAPException.java

@@ -13,5 +13,9 @@ public ASAPException() {
     public ASAPException(String message) {
         super(message);
     }
+
+    public ASAPException(String message, Throwable cause) {
+        super(message, cause);
+    }
 
 }

src/net/sharksystem/asap/ASAPSecurityException.java

@@ -7,4 +7,7 @@ public ASAPSecurityException() {
     public ASAPSecurityException(String message) {
         super(message);
     }
+    public ASAPSecurityException(String message, Throwable cause) {
+        super(message, cause);
+    }
 }

src/net/sharksystem/asap/protocol/ASAPSignAndEncryptionKeyStorage.java

@@ -17,6 +17,7 @@ public interface ASAPSignAndEncryptionKeyStorage {
      *
      * @param subjectID
      * @return public key of recipient - to encrypt
+     * @throws ASAPSecurityException if key cannot be found
      */
     PublicKey getPublicKey(CharSequence subjectID) throws ASAPSecurityException;
 }

src/net/sharksystem/asap/protocol/ASAP_1_0.java

@@ -97,14 +97,12 @@ void interest(CharSequence sender, CharSequence recipient, CharSequence format,
      * @param os stream that PDU is to be sent
      * @param sign sign message when sending
      * @param encrypted encrypt method - of possible
-     * @param mustBeEncrypted encrypt can be set true. There could not bot a public key of receipient. If hit flag ist
-     *           set true - an exception is thrown. Otherwise. message is sent unencrypted.
      * @throws IOException
      * @throws ASAPException
      */
     void interest(CharSequence sender, CharSequence recipient, CharSequence format,
                   CharSequence channel, int eraFrom, int eraTo,
-                  OutputStream os, boolean sign, boolean encrypted, boolean mustBeEncrypted)
+                  OutputStream os, boolean sign, boolean encrypted)
             throws IOException, ASAPException, ASAPSecurityException;
 
     /**
@@ -117,8 +115,8 @@ void interest(CharSequence sender, CharSequence recipient, CharSequence format,
      * @throws ASAPException protocol exception: mandatory parameter missing, invalid combination of parameters, ..
      */
     void interest(CharSequence sender, CharSequence format, CharSequence sourcePeer,
-                  CharSequence channel, OutputStream os, boolean signed, boolean encrypted,
-                  boolean mustBeEncrypted) throws IOException, ASAPException;
+                  CharSequence channel, OutputStream os, boolean signed, boolean encrypted)
+            throws IOException, ASAPException;
 
     /*
     ASSIMILATE: Peer (optional) issues data (mandatory) to a channel (mandatory) in a format (mandatory) of a

src/net/sharksystem/asap/protocol/ASAP_Modem_Impl.java

@@ -45,17 +45,17 @@ public void offer(CharSequence recipient, CharSequence format, CharSequence chan
     @Override
     public void interest(CharSequence sender, CharSequence recipient, CharSequence format,
                          CharSequence channel, OutputStream os, boolean signed,
-                         boolean encryted, boolean mustBeEncrypted) throws IOException, ASAPException {
+                         boolean encryted) throws IOException, ASAPException {
 
         this.interest(sender, recipient, format, channel, ERA_NOT_DEFINED, ERA_NOT_DEFINED, os,
-                signed, encryted, mustBeEncrypted);
+                signed, encryted);
     }
 
     @Override
     public void interest(CharSequence sender, CharSequence recipient, CharSequence format,
                          CharSequence channel, OutputStream os) throws IOException, ASAPException {
 
-        this.interest(sender, recipient, format, channel, os, false, false, false);
+        this.interest(sender, recipient, format, channel, os, false, false);
     }
 
     @Override
@@ -64,17 +64,26 @@ public void interest(CharSequence sender, CharSequence recipient, CharSequence f
             throws IOException, ASAPException {
 
         this.interest(sender, recipient, format, channel, eraFrom, eraTo, os,
-                signed, false, false);
+                signed, false);
     }
 
     @Override
     public void interest(CharSequence sender, CharSequence recipient, CharSequence format,
             CharSequence channel, int eraFrom, int eraTo, OutputStream os, boolean signed,
-                         boolean encryted, boolean mustBeEncrypted)
+                         boolean encrypted)
             throws IOException, ASAPException, ASAPSecurityException {
 
-        InterestPDU_Impl.sendPDU(sender, recipient, format, channel, eraFrom, eraTo, os,
-                signed, encryted, mustBeEncrypted, this.signAndEncryptionKeyStorage);
+        // prepare encryption and signing if required
+        CryptoSession cryptoSession = new CryptoSession(ASAP_1_0.INTEREST_CMD,
+                os, signed, encrypted, recipient, this.signAndEncryptionKeyStorage);
+
+        cryptoSession.sendHeader();
+
+        InterestPDU_Impl.sendPDUWithoutCmd(sender, recipient, format, channel, eraFrom, eraTo,
+                cryptoSession.getOutputStream());
+
+        // finish crypto session - if any
+        cryptoSession.finish();
     }
 
     @Override
@@ -103,17 +112,17 @@ public ASAP_PDU_1_0 readPDU(InputStream is) throws IOException, ASAPException {
 
         // encrypted?
         boolean encrypted = (cmd & ENCRYPTED_MASK) != 0;
-        // remove encrypted flag anyway
+        // remove encrypted flag
         cmd = (byte)(cmd & CMD_MASK);
 
         int flagsInt = PDU_Impl.readByte(is);
 
         ASAP_PDU_1_0 pdu = null;
 
         switch(cmd) {
-            case ASAP_1_0.OFFER_CMD: pdu = new OfferPDU_Impl(flagsInt, is); break;
-            case ASAP_1_0.INTEREST_CMD: pdu = new InterestPDU_Impl(flagsInt, is); break;
-            case ASAP_1_0.ASSIMILATE_CMD: pdu = new AssimilationPDU_Impl(flagsInt, is); break;
+            case ASAP_1_0.OFFER_CMD: pdu = new OfferPDU_Impl(flagsInt, encrypted, is); break;
+            case ASAP_1_0.INTEREST_CMD: pdu = new InterestPDU_Impl(flagsInt, encrypted, is); break;
+            case ASAP_1_0.ASSIMILATE_CMD: pdu = new AssimilationPDU_Impl(flagsInt, encrypted, is); break;
             default: throw new ASAPException("unknown command: " + cmd);
         }
 

src/net/sharksystem/asap/protocol/ASAP_PDU_1_0.java

@@ -42,6 +42,21 @@ public interface ASAP_PDU_1_0 {
      */
     boolean senderSet();
 
+    /**
+     * @return true if received message was encrypted and could obviously be encrypted
+     */
+    boolean encrypted();
+
+    /**
+     * @return true if received message was signed
+     */
+    boolean signed();
+
+    /**
+     * @return true if received message was signed and signature could be verified
+     */
+    boolean verified();
+
     /**
      * @return a flag that indicates whether the optional recipient parameter was transmitted
      */

src/net/sharksystem/asap/protocol/AssimilationPDU_Impl.java

@@ -19,8 +19,8 @@ class AssimilationPDU_Impl extends PDU_Impl implements ASAP_AssimilationPDU_1_0
 
     // PDU: CMD | FLAGS | PEER | RECIPIENT | FORMAT | CHANNEL | ERA | OFFSETS | LENGTH | DATA
 
-    public AssimilationPDU_Impl(int flagsInt, InputStream is) throws IOException, ASAPException {
-        super(ASAP_1_0.ASSIMILATE_CMD);
+    public AssimilationPDU_Impl(int flagsInt, boolean encrypted, InputStream is) throws IOException, ASAPException {
+        super(ASAP_1_0.ASSIMILATE_CMD, encrypted);
 
         evaluateFlags(flagsInt);
 
@@ -51,7 +51,7 @@ static void sendPDU(CharSequence peer, CharSequence recipientPeer, CharSequence
         // first: check protocol errors
         PDU_Impl.checkValidEra(era);
         PDU_Impl.checkValidFormat(format);
-        PDU_Impl.checkValidSign(peer, signed);
+//        PDU_Impl.checkValidSign(peer, signed);
         PDU_Impl.checkValidStream(os);
 
         // create parameter bytes

src/net/sharksystem/asap/protocol/CryptoSession.java

@@ -0,0 +1,127 @@
+package net.sharksystem.asap.protocol;
+
+import net.sharksystem.asap.ASAPSecurityException;
+
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
+import java.io.IOException;
+import java.io.OutputStream;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.PublicKey;
+
+class CryptoSession {
+    private byte cmd;
+    private final OutputStream os;
+
+    CryptoSession(byte cmd, OutputStream os, boolean sign, boolean encrypted,
+                  CharSequence recipient,
+                  ASAPSignAndEncryptionKeyStorage keyStorage)
+            throws ASAPSecurityException {
+
+        this.cmd = cmd;
+        this.os = os;
+
+        if(encrypted) {
+            // add to command
+            this.cmd += ASAP_1_0.ENCRYPTED_CMD;
+
+            // there must be a keyStorage
+            if(keyStorage == null) {
+                throw new ASAPSecurityException("asap message is to be encrypted if possible " +
+                        "but there is not key store at all - fatal, give up");
+            }
+
+            PublicKey publicKey = keyStorage.getPublicKey(recipient);
+            // there should be an exception - but better safe than sorry
+            if(publicKey == null) {
+                throw new ASAPSecurityException(
+                        "message must be encrypted but recipients' public key cannot be found");
+            }
+
+            // we have at least the chance
+            // encryption?
+            try {
+                Cipher cipher = Cipher.getInstance("TODO_Cipher_Algorithm");
+                cipher.init(Cipher.ENCRYPT_MODE, keyStorage.getPublicKey(recipient));
+
+                byte[] message = new byte[0];
+                cipher.doFinal(message);
+            } catch (NoSuchAlgorithmException e) {
+                e.printStackTrace();
+            } catch (InvalidKeyException e) {
+                e.printStackTrace();
+            } catch (BadPaddingException e) {
+                e.printStackTrace();
+            } catch (IllegalBlockSizeException e) {
+                e.printStackTrace();
+            } catch (NoSuchPaddingException e) {
+                e.printStackTrace();
+            }
+        }
+
+
+        /*
+        if(sign) {
+            // there must be a keyStorage
+            if(keyStorage == null) {
+                throw new ASAPSecurityException("asap message is to be signed but there is not key store - fatal, give up");
+            }
+
+            // signing needs a private key - check of available
+            if(keyStorage.getPrivateKey() == null) {
+                // assume, an exception already documented lack of a private key. if not
+                throw new ASAPSecurityException("asap message is to be signed but no private key - fatal, give up");
+            }
+
+            // ok, we can sign
+        if(sign) {
+            // anything was written into a bytearray
+
+            // produce signature
+            Signature signature = null;
+            try {
+                signature = Signature.getInstance("TODO_signing_algorithm");
+                signature.initSign(keyStorage.getPrivateKey()); // desperate try
+                byte[] bytes2Sign = bufferOS.toByteArray();
+                signature.update(bytes2Sign);
+                byte[] signatureBytes = signature.sign();
+
+                // send out anything, including signature
+
+                // TODO need number of bytes payload to find signature later.
+                os.write(bytes2Sign);
+                os.write(signatureBytes);
+            } catch (NoSuchAlgorithmException | InvalidKeyException | SignatureException e) {
+                throw new ASAPSecurityException(e.getLocalizedMessage());
+            }
+        }
+        }
+
+         */
+
+
+    }
+
+    public void sendHeader() throws IOException {
+        PDU_Impl.sendCmd(this.cmd, this.os);
+    }
+
+    byte getCMD() {
+        return this.cmd;
+    }
+
+    OutputStream getOutputStream() {
+        return this.os;
+    }
+
+    public void finish() {
+
+    }
+
+    private String getLogStart() {
+        return this.getClass().getSimpleName() + ": ";
+    }
+}

src/net/sharksystem/asap/protocol/InterestPDU_Impl.java

@@ -1,20 +1,17 @@
 package net.sharksystem.asap.protocol;
 
 import net.sharksystem.asap.ASAPException;
-import net.sharksystem.asap.ASAPSecurityException;
 
-import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
-import java.security.*;
 
 class InterestPDU_Impl extends PDU_Impl implements ASAP_Interest_PDU_1_0 {
     private int eraFrom;
     private int eraTo;
 
-    InterestPDU_Impl(int flagsInt, InputStream is) throws IOException, ASAPException {
-        super(ASAP_1_0.INTEREST_CMD);
+    InterestPDU_Impl(int flagsInt, boolean encrypted, InputStream is) throws IOException, ASAPException {
+        super(ASAP_1_0.INTEREST_CMD, encrypted);
 
         evaluateFlags(flagsInt);
 
@@ -34,10 +31,8 @@ private void readFromEra(InputStream is) throws IOException, ASAPException {
         this.eraFrom = this.readIntegerParameter(is);
     }
 
-    static void sendPDU(CharSequence sender, CharSequence recipient, CharSequence format,
-                        CharSequence channel, int eraFrom, int eraTo, OutputStream os,
-                        boolean sign, boolean encrypted, boolean mustBeEncrypted,
-                        ASAPSignAndEncryptionKeyStorage keyStorage)
+    static void sendPDUWithoutCmd(CharSequence sender, CharSequence recipient, CharSequence format,
+                                  CharSequence channel, int eraFrom, int eraTo, OutputStream os)
             throws IOException, ASAPException {
 
         if(format == null || format.length() < 1) format = ASAP_1_0.ANY_FORMAT;
@@ -46,12 +41,8 @@ static void sendPDU(CharSequence sender, CharSequence recipient, CharSequence fo
         PDU_Impl.checkValidEra(eraFrom);
         PDU_Impl.checkValidEra(eraTo);
         PDU_Impl.checkValidFormat(format);
-        PDU_Impl.checkValidSign(sender, sign);
         PDU_Impl.checkValidStream(os);
 
-        // Basis test
-        os = PDU_Impl.prepareCrypto(os, sign, encrypted, mustBeEncrypted, recipient, keyStorage);
-
         // create parameter bytes
         int flags = 0;
         flags = PDU_Impl.setFlag(sender, flags, SENDER_BIT_POSITION);
@@ -60,7 +51,7 @@ static void sendPDU(CharSequence sender, CharSequence recipient, CharSequence fo
         flags = PDU_Impl.setFlag(eraFrom, flags, ERA_FROM_BIT_POSITION);
         flags = PDU_Impl.setFlag(eraTo, flags, ERA_TO_BIT_POSITION);
 
-        PDU_Impl.sendHeader(ASAP_1_0.INTEREST_CMD, flags, os);
+        PDU_Impl.sendFlags(flags, os);
 
         PDU_Impl.sendCharSequenceParameter(sender, os); // opt
         PDU_Impl.sendCharSequenceParameter(recipient, os); // opt

src/net/sharksystem/asap/protocol/OfferPDU_Impl.java

@@ -8,8 +8,8 @@
 
 class OfferPDU_Impl extends PDU_Impl implements ASAP_OfferPDU_1_0 {
 
-    public OfferPDU_Impl(int flagsInt, InputStream is) throws IOException, ASAPException {
-        super(ASAP_1_0.OFFER_CMD);
+    public OfferPDU_Impl(int flagsInt, boolean encrypted, InputStream is) throws IOException, ASAPException {
+        super(ASAP_1_0.OFFER_CMD, encrypted);
         evaluateFlags(flagsInt);
 
         if(this.senderSet()) { this.readSender(is); }
@@ -24,7 +24,7 @@ static void sendPDU(CharSequence peer, CharSequence format, CharSequence channel
         // first: check protocol errors
         PDU_Impl.checkValidEra(era);
         PDU_Impl.checkValidFormat(format);
-        PDU_Impl.checkValidSign(peer, signed);
+//        PDU_Impl.checkValidSign(peer, signed);
         PDU_Impl.checkValidStream(os);
 
         // create parameter bytes