Fix encodings UvfMetadataPayload. WiP root directory name encryption.

Author: chenkins

hub/src/main/java/ch/iterate/hub/crypto/uvf/UvfMetadataPayload.java

@@ -8,15 +8,14 @@
 import ch.cyberduck.core.AlphanumericRandomStringService;
 import ch.cyberduck.core.cryptomator.random.FastSecureRandomProvider;
 
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.encoders.Base32;
+import org.cryptomator.cryptolib.api.Cryptor;
+import org.cryptomator.cryptolib.api.CryptorProvider;
+import org.cryptomator.cryptolib.api.UVFMasterkey;
 import org.cryptomator.cryptolib.common.P384KeyPair;
 import org.openapitools.jackson.nullable.JsonNullableModule;
 
 import java.net.URI;
+import java.nio.charset.StandardCharsets;
 import java.security.NoSuchAlgorithmException;
 import java.security.spec.InvalidKeySpecException;
 import java.text.ParseException;
@@ -27,7 +26,6 @@
 import java.util.Objects;
 import java.util.UUID;
 
-import at.favre.lib.hkdf.HKDF;
 import ch.iterate.hub.crypto.exceptions.NotECKeyException;
 import ch.iterate.hub.model.JWEPayload;
 import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
@@ -101,10 +99,13 @@ public String toJSON() throws JsonProcessingException {
 
     public static UvfMetadataPayload create() {
         final String kid = Base64URL.encode(new AlphanumericRandomStringService(4).random()).toString();
-        final byte[] rawSeed = new byte[32];
-        FastSecureRandomProvider.get().provide().nextBytes(rawSeed);
-        final byte[] kdfSalt = new byte[32];
-        FastSecureRandomProvider.get().provide().nextBytes(kdfSalt);
+        // TODO hashDirectoryId String/byte[]? byte[] -> UTF-8 -> byte[] not 1:1! See UvfMetadataPayloadTest -> we should use byte array directly going into hashDirectoryId -> do we need to write own CryptoDirectory?
+//        final byte[] rawSeed = new byte[32];
+//        FastSecureRandomProvider.get().provide().nextBytes(rawSeed);
+//        final byte[] kdfSalt = new byte[32];
+//        FastSecureRandomProvider.get().provide().nextBytes(kdfSalt);
+        final byte[] rawSeed = new AlphanumericRandomStringService(4).random().getBytes(StandardCharsets.UTF_8);
+        final byte[] kdfSalt = new AlphanumericRandomStringService(4).random().getBytes(StandardCharsets.UTF_8);
         return new UvfMetadataPayload()
                 .withFileFormat("AES-256-GCM-32k")
                 .withNameFormat("AES-SIV-512-B64URL")
@@ -117,20 +118,13 @@ public static UvfMetadataPayload create() {
                 .withKdfSalt(Base64.getEncoder().encodeToString(kdfSalt));
     }
 
-    public byte[] computeRootDirId() {
-        return HKDF.fromHmacSha512().extractAndExpand(Base64URL.from(kdfSalt()).decode(), Base64URL.from(seeds().get(initialSeed())).decode(), "rootDirId".getBytes(), 256 / 8);
-    }
-
-    public String computeRootDirIdHash(final byte[] rootDirId) {
-        final byte[] hmacKey = HKDF.fromHmacSha512()
-                .extractAndExpand(Base64URL.from(kdfSalt()).decode(), Base64URL.from(seeds().get(initialSeed())).decode(), "hmac".getBytes(), 512 / 8);
-        final Digest digest = new SHA256Digest();
-        final HMac hMac = new HMac(digest);
-        hMac.init(new KeyParameter(hmacKey));
-        hMac.update(rootDirId, 0, rootDirId.length);
-        final byte[] hmacOut = new byte[hMac.getMacSize()];
-        hMac.doFinal(hmacOut, 0);
-        return Base32.toBase32String(Arrays.copyOfRange(hmacOut, 0, 20));
+    public String computeRootDirIdHash() throws JsonProcessingException {
+        final UVFMasterkey masterKey = UVFMasterkey.fromDecryptedPayload(this.toJSON());
+        final CryptorProvider provider = CryptorProvider.forScheme(CryptorProvider.Scheme.UVF_DRAFT);
+        final Cryptor cryptor = provider.provide(masterKey, FastSecureRandomProvider.get().provide());
+        final byte[] rootDirId = masterKey.rootDirId();
+        final String hashedRootDirId = cryptor.fileNameCryptor(masterKey.firstRevision()).hashDirectoryId(rootDirId);
+        return hashedRootDirId;
     }
 
 

hub/src/main/java/ch/iterate/hub/protocols/hub/HubCryptoVault.java

@@ -8,7 +8,10 @@
 import ch.cyberduck.core.AbstractPath;
 import ch.cyberduck.core.DisabledListProgressListener;
 import ch.cyberduck.core.ListService;
+import ch.cyberduck.core.LoginOptions;
+import ch.cyberduck.core.PasswordCallback;
 import ch.cyberduck.core.Path;
+import ch.cyberduck.core.PathAttributes;
 import ch.cyberduck.core.Session;
 import ch.cyberduck.core.cryptomator.ContentWriter;
 import ch.cyberduck.core.cryptomator.UVFVault;
@@ -20,30 +23,46 @@
 
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
+import org.cryptomator.cryptolib.api.Masterkey;
+import org.cryptomator.cryptolib.api.UVFMasterkey;
 
 import java.nio.charset.StandardCharsets;
+import java.util.Base64;
 import java.util.EnumSet;
 
 /**
  * Cryptomator vault implementation for Cipherduck (without masterkey file).
  */
 public class HubCryptoVault extends UVFVault {
     private static final Logger log = LogManager.getLogger(HubCryptoVault.class);
+    private final String decryptedPayload;
 
 
     public HubCryptoVault(final Path home) {
-        super(home, null, null, null); // TODO cleanup
+        this(home, null, null, null); // TODO cleanup
     }
 
-    public HubCryptoVault(final Path home, final String masterkey, final String config, final byte[] pepper) {
-        super(home, masterkey, config, pepper);
+    public HubCryptoVault(final Path home, final String decryptedPayload, final String config, final byte[] pepper) {
+        super(home, decryptedPayload, config, pepper);
+        this.decryptedPayload=decryptedPayload;
     }
 
+    @Override
+    public Path getHome() {
+        // TODO WiP trying to guide AbstractVault.encrypt() -> CryptoDirectoryV7Provider.toEncrypted(final Session<?> session, final String directoryId, final Path directory) -> do we need to write own CryptoDirectory?
+        final Path home = super.getHome();
+        final UVFMasterkey masterKey = UVFMasterkey.fromDecryptedPayload(this.decryptedPayload);
+        PathAttributes pathAttributes = new PathAttributes();
+        pathAttributes.setDirectoryId(new String(masterKey.rootDirId()));
+        return home.withAttributes(pathAttributes);
+    }
+
+
     /**
      * Upload vault template into existing bucket (permanent credentials)
      */
     // TODO https://github.com/shift7-ch/cipherduck-hub/issues/19 review @dko check method signature?
-    public synchronized Path create(final Session<?> session, final String region, final VaultCredentials credentials, final int version, final String metadata, final String rootDirHash) throws BackgroundException {
+    public synchronized Path create(final Session<?> session, final String region, final VaultCredentials credentials, final int version, final String metadata, final String hashedRootDirId) throws BackgroundException {
         final Path home = new Path(session.getHost().getDefaultPath(), EnumSet.of(AbstractPath.Type.directory));
         log.debug("Uploading vault template {} in {} ", home, session.getHost());
 
@@ -60,7 +79,7 @@ public synchronized Path create(final Session<?> session, final String region, f
 
         // TODO https://github.com/shift7-ch/cipherduck-hub/issues/19 implement CryptoDirectory for uvf
         //        Path secondLevel = this.directoryProvider.toEncrypted(session, this.home.attributes().getDirectoryId(), this.home);
-        final Path secondLevel = new Path(String.format("/%s/d/%s/%s/", session.getHost().getDefaultPath(), rootDirHash.substring(0, 2), rootDirHash.substring(2)), EnumSet.of(AbstractPath.Type.directory));
+        final Path secondLevel = new Path(String.format("/%s/d/%s/%s/", session.getHost().getDefaultPath(), hashedRootDirId.substring(0, 2), hashedRootDirId.substring(2)), EnumSet.of(AbstractPath.Type.directory));
         final Path firstLevel = secondLevel.getParent();
         final Path dataDir = firstLevel.getParent();
         log.debug("Create vault root directory at {}", secondLevel);

hub/src/main/java/ch/iterate/hub/protocols/s3/S3AutoLoadVaultSession.java

@@ -13,6 +13,7 @@
 import ch.cyberduck.core.HostPasswordStore;
 import ch.cyberduck.core.LocaleFactory;
 import ch.cyberduck.core.LoginCallback;
+import ch.cyberduck.core.LoginOptions;
 import ch.cyberduck.core.PasswordStoreFactory;
 import ch.cyberduck.core.Path;
 import ch.cyberduck.core.exception.BackgroundException;
@@ -26,11 +27,13 @@
 import ch.cyberduck.core.ssl.X509KeyManager;
 import ch.cyberduck.core.ssl.X509TrustManager;
 import ch.cyberduck.core.threading.CancelCallback;
+import ch.cyberduck.core.vault.VaultCredentials;
 import ch.cyberduck.core.vault.VaultFactory;
 
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 
+import java.util.Base64;
 import java.util.UUID;
 
 import ch.iterate.hub.client.ApiException;
@@ -81,8 +84,14 @@ public void login(final LoginCallback prompt, final CancelCallback cancel) throw
             log.debug("Attempting to locate vault in {}", home);
             final UvfMetadataPayload vaultMetadata = new VaultServiceImpl(backend).getVaultMetadataJWE(
                     UUID.fromString(host.getUuid()), new UserKeysServiceImpl(backend).getUserKeys(backend.getHost(), FirstLoginDeviceSetupCallbackFactory.get()));
-            final Vault vault = VaultFactory.get(home, vaultMetadata.toJSON(), "", new byte[0]);
-            vault.load(this, new DisabledPasswordCallback());
+            final String decryptedPayload = vaultMetadata.toJSON();
+            final Vault vault = VaultFactory.get(home, decryptedPayload, "", new byte[0]);
+            registry.add(vault.load(this, new DisabledPasswordCallback() {
+                @Override
+                public Credentials prompt(final Host bookmark, final String title, final String reason, final LoginOptions options) {
+                    return new VaultCredentials(decryptedPayload);
+                }
+            }));
             backend.close();
         }
         catch(ApiException | SecurityFailure | AccessException | JsonProcessingException e) {

hub/src/main/java/ch/iterate/hub/workflows/CreateVaultService.java

@@ -12,13 +12,19 @@
 import ch.cyberduck.core.HostUrlProvider;
 import ch.cyberduck.core.Path;
 import ch.cyberduck.core.TemporaryAccessTokens;
+import ch.cyberduck.core.cryptomator.CryptorCache;
+import ch.cyberduck.core.cryptomator.random.FastSecureRandomProvider;
 import ch.cyberduck.core.exception.BackgroundException;
 import ch.cyberduck.core.proxy.DisabledProxyFinder;
 import ch.cyberduck.core.s3.S3Session;
 
 import org.apache.commons.io.IOUtils;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
+import org.cryptomator.cryptolib.api.Cryptor;
+import org.cryptomator.cryptolib.api.CryptorProvider;
+import org.cryptomator.cryptolib.api.UVFMasterkey;
+import org.cryptomator.cryptolib.common.HKDFHelper;
 import org.joda.time.DateTime;
 
 import java.io.IOException;
@@ -74,7 +80,7 @@ public void createVault(final StorageProfileDtoWrapper storageProfileWrapper, fi
                     hubSession.getHost(), FirstLoginDeviceSetupCallbackFactory.get());
 
             final UvfMetadataPayload.UniversalVaultFormatJWKS jwks = UvfMetadataPayload.createKeys();
-            final UvfMetadataPayload metadataJWE = UvfMetadataPayload.create()
+            final UvfMetadataPayload metadataPayload = UvfMetadataPayload.create()
                     .withStorage(new VaultMetadataJWEBackendDto()
                             .provider(storageProfileWrapper.getId().toString())
                             .defaultPath(storageProfileWrapper.getStsEndpoint() != null ? storageProfileWrapper.getBucketPrefix() + vaultModel.vaultId() : vaultModel.bucketName())
@@ -85,39 +91,40 @@ public void createVault(final StorageProfileDtoWrapper storageProfileWrapper, fi
                             .enabled(vaultModel.automaticAccessGrant())
                             .maxWotDepth(vaultModel.maxWotLevel())
                     );
-            log.debug("Created metadata JWE {}", metadataJWE);
-            final String uvfMetadataFile = metadataJWE.encrypt(
+            log.debug("Created metadata JWE {}", metadataPayload);
+            final String uvfMetadataFile = metadataPayload.encrypt(
                     String.format("%s/api", new HostUrlProvider(false, true).get(hubSession.getHost())),
                     vaultModel.vaultId(),
                     jwks.toJWKSet()
             );
             final VaultDto vaultDto = new VaultDto()
                     .id(vaultModel.vaultId())
-                    .name(metadataJWE.storage().getNickname())
+                    .name(metadataPayload.storage().getNickname())
                     .description(vaultModel.vaultDescription())
                     .archived(false)
                     .creationTime(DateTime.now())
                     .uvfMetadataFile(uvfMetadataFile)
                     .uvfKeySet(jwks.serializePublicRecoverykey());
+
+            final String hashedRootDirId = metadataPayload.computeRootDirIdHash();
             final CreateS3STSBucketDto storageDto = new CreateS3STSBucketDto()
                     .vaultId(vaultModel.vaultId().toString())
                     .storageConfigId(storageProfileWrapper.getId())
-                    // TODO https://github.com/shift7-ch/cipherduck-hub/issues/19 do we need to store here as well? Only in VaultDto?
                     .vaultUvf(uvfMetadataFile)
-                    // TODO https://github.com/shift7-ch/cipherduck-hub/issues/19 do we need to store here?
-                    .rootDirHash(metadataJWE.computeRootDirIdHash(metadataJWE.computeRootDirId()))
-                    .region(metadataJWE.storage().getRegion());
+                    .rootDirHash(hashedRootDirId)
+                    .region(metadataPayload.storage().getRegion());
             log.debug("Created storage dto {}", storageDto);
-            final Host bookmark = HubStorageVaultSyncSchedulerService.toBookmark(hubSession.getHost(), vaultDto.getId(), metadataJWE.storage());
+            final Host bookmark = HubStorageVaultSyncSchedulerService.toBookmark(hubSession.getHost(), vaultDto.getId(), metadataPayload.storage());
             if(storageProfileWrapper.getStsEndpoint() == null) {
-                // permanent: template upload into existing bucket
+                // permanent: template upload into existing bucket from client (not backend)
                 // TODO https://github.com/shift7-ch/cipherduck-hub/issues/19 review @dko
                 final S3Session session = new S3Session(bookmark);
                 session.open(new DisabledProxyFinder(), new DisabledHostKeyCallback(), new DisabledLoginCallback(), new DisabledCancelCallback());
                 session.login(new DisabledLoginCallback(), new DisabledCancelCallback());
+
                 // upload vault template
-                new HubCryptoVault(new Path(metadataJWE.storage().getDefaultPath(), EnumSet.of(AbstractPath.Type.directory, AbstractPath.Type.vault)))
-                        .create(session, metadataJWE.storage().getRegion(), null, 42, storageDto.getVaultUvf(), storageDto.getRootDirHash());
+                new HubCryptoVault(new Path(metadataPayload.storage().getDefaultPath(), EnumSet.of(AbstractPath.Type.directory, AbstractPath.Type.vault)))
+                        .create(session, metadataPayload.storage().getRegion(), null, 42, storageDto.getVaultUvf(), hashedRootDirId);
                 session.close();
             }
             else {
@@ -153,6 +160,7 @@ public void createVault(final StorageProfileDtoWrapper storageProfileWrapper, fi
         }
     }
 
+
     private static TemporaryAccessTokens getSTSTokensFromAccessTokenWithCreateBucketInlinePoliy(final String token, final String roleArn, final String roleSessionName, final String stsEndpoint, final String bucketName, final Boolean bucketAcceleration) throws IOException {
         log.debug("Get STS tokens from {} to pass to backend {} with role {} and session name {}", token, stsEndpoint, roleArn, roleSessionName);
 

hub/src/test/java/ch/iterate/hub/core/AbstractHubSynchronizeTest.java

@@ -4,20 +4,7 @@
 
 package ch.iterate.hub.core;
 
-import ch.cyberduck.core.AbstractPath;
-import ch.cyberduck.core.AttributedList;
-import ch.cyberduck.core.DisabledCancelCallback;
-import ch.cyberduck.core.DisabledHostKeyCallback;
-import ch.cyberduck.core.DisabledListProgressListener;
-import ch.cyberduck.core.DisabledLoginCallback;
-import ch.cyberduck.core.DisabledPasswordCallback;
-import ch.cyberduck.core.Host;
-import ch.cyberduck.core.ListService;
-import ch.cyberduck.core.Path;
-import ch.cyberduck.core.Protocol;
-import ch.cyberduck.core.ProtocolFactory;
-import ch.cyberduck.core.Session;
-import ch.cyberduck.core.SimplePathPredicate;
+import ch.cyberduck.core.*;
 import ch.cyberduck.core.features.Home;
 import ch.cyberduck.core.features.Vault;
 import ch.cyberduck.core.preferences.PreferencesFactory;
@@ -26,6 +13,16 @@
 import ch.cyberduck.core.ssl.DisabledX509TrustManager;
 import ch.cyberduck.core.vault.DefaultVaultRegistry;
 
+import ch.iterate.hub.client.api.DeviceResourceApi;
+import ch.iterate.hub.client.api.UsersResourceApi;
+import ch.iterate.hub.client.api.VaultResourceApi;
+
+import ch.iterate.hub.crypto.UserKeys;
+import ch.iterate.hub.crypto.uvf.UvfMetadataPayload;
+import ch.iterate.hub.workflows.UserKeysService;
+import ch.iterate.hub.workflows.UserKeysServiceImpl;
+import ch.iterate.hub.workflows.VaultServiceImpl;
+
 import org.apache.commons.lang3.StringUtils;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
@@ -239,17 +236,21 @@ public void test03AddVault(final HubTestConfig config) throws Exception {
             session.open(new DisabledProxyFinder(), new DisabledHostKeyCallback(), new DisabledLoginCallback(), new DisabledCancelCallback());
             session.login(new DisabledLoginCallback(), new DisabledCancelCallback());
 
+            // listing decrypted file names
             assertFalse(vaultRegistry.isEmpty());
             assertEquals(1, vaultRegistry.size());
-            final Path bucket = new Path(vaultBookmark.getDefaultPath(), EnumSet.of(Path.Type.directory, Path.Type.volume));
-            assertNotSame(Vault.DISABLED, vaultRegistry.find(session, bucket));
 
+            // TODO WiP trying to guide AbstractVault.encrypt() -> CryptoDirectoryV7Provider.toEncrypted(final Session<?> session, final String directoryId, final Path directory) -> do we need to write own CryptoDirectory?
+            final Path bucket = new Path(vaultBookmark.getDefaultPath(), EnumSet.of(Path.Type.directory, Path.Type.volume, Path.Type.vault));
+            assertNotSame(Vault.DISABLED, vaultRegistry.find(session, bucket));
 //            {
 //                final AttributedList<Path> list = session.getFeature(ListService.class).list(bucket, new DisabledListProgressListener());
 //                assertTrue(list.isEmpty());
 //            }
 
+            // raw listing encrypted file names
             vaultRegistry.close(bucket);
+            assertSame(Vault.DISABLED, vaultRegistry.find(session, bucket));
             assertTrue(vaultRegistry.isEmpty());
             {
                 final AttributedList<Path> list = session.getFeature(ListService.class).list(bucket, new DisabledListProgressListener());