4 import java.util.Arrays;
6 import javax.crypto.spec.*;
7 import java.security.SecureRandom;
10 * This class provides a communication API to the webserver. It also
11 * validates the HMACs on the slots and handles encryption.
12 * @author Brian Demsky <bdemsky@uci.edu>
24 static final int SALT_SIZE = 8;
28 * Empty Constructor needed for child class.
35 * Constructor for actual use. Takes in the url and password.
38 CloudComm(String _baseurl, String _password) {
39 this.baseurl=_baseurl;
40 this.password = _password;
41 this.random = new SecureRandom();
45 * Generates Key from password.
48 private SecretKeySpec initKey() {
50 PBEKeySpec keyspec = new PBEKeySpec(password.toCharArray(), salt, 65536, 128);
51 SecretKey tmpkey = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256").generateSecret(keyspec);
52 return new SecretKeySpec(tmpkey.getEncoded(), "AES");
53 } catch (Exception e) {
55 throw new Error("Failed generating key.");
60 * Inits the HMAC generator.
63 private void initCrypt() {
65 SecretKeySpec key=initKey();
66 password = null; // drop password
67 mac = Mac.getInstance("HmacSHA256");
69 encryptCipher =Cipher.getInstance("AES/ECB/PKCS5Padding");
70 encryptCipher.init(Cipher.ENCRYPT_MODE, key);
71 decryptCipher =Cipher.getInstance("AES/ECB/PKCS5Padding");
72 decryptCipher.init(Cipher.DECRYPT_MODE, key);
73 } catch (Exception e) {
75 throw new Error("Failed To Initialize Ciphers");
80 * Builds the URL for the given request.
83 private URL buildRequest(boolean isput, long sequencenumber, long maxentries) throws IOException {
84 String reqstring=isput?"req=putslot":"req=getslot";
85 String urlstr=baseurl+"?"+reqstring+"&seq="+sequencenumber;
87 urlstr += "&max="+maxentries;
88 return new URL(urlstr);
91 public void setSalt() {
93 salt = new byte[SALT_SIZE];
94 random.nextBytes(salt);
95 URL url=new URL(baseurl+"?req=setsalt");
96 URLConnection con=url.openConnection();
97 HttpURLConnection http = (HttpURLConnection) con;
98 http.setRequestMethod("POST");
99 http.setFixedLengthStreamingMode(salt.length);
100 http.setDoOutput(true);
102 OutputStream os=http.getOutputStream();
104 int responsecode=http.getResponseCode();
105 if (responsecode != HttpURLConnection.HTTP_OK)
106 throw new Error("Invalid response");
107 } catch (Exception e) {
109 throw new Error("Failed setting salt");
114 private void getSalt() throws Exception {
115 URL url=new URL(baseurl+"?req=getsalt");
116 URLConnection con=url.openConnection();
117 HttpURLConnection http = (HttpURLConnection) con;
118 http.setRequestMethod("POST");
121 InputStream is=http.getInputStream();
122 DataInputStream dis=new DataInputStream(is);
123 int salt_length=dis.readInt();
124 byte [] tmp=new byte[salt_length];
130 * API for putting a slot into the queue. Returns null on success.
131 * On failure, the server will send slots with newer sequence
135 Slot[] putSlot(Slot slot, int max) {
142 long sequencenumber=slot.getSequenceNumber();
143 byte[] bytes=slot.encode(mac);
144 bytes = encryptCipher.doFinal(bytes);
146 URL url=buildRequest(true, sequencenumber, max);
147 URLConnection con=url.openConnection();
148 HttpURLConnection http = (HttpURLConnection) con;
150 http.setRequestMethod("POST");
151 http.setFixedLengthStreamingMode(bytes.length);
152 http.setDoOutput(true);
155 OutputStream os=http.getOutputStream();
158 InputStream is=http.getInputStream();
159 DataInputStream dis=new DataInputStream(is);
160 byte[] resptype=new byte[7];
161 dis.readFully(resptype);
162 if (Arrays.equals(resptype, "getslot".getBytes()))
163 return processSlots(dis);
164 else if (Arrays.equals(resptype, "putslot".getBytes()))
167 throw new Error("Bad response to putslot");
168 } catch (Exception e) {
170 throw new Error("putSlot failed");
175 * Request the server to send all slots with the given
176 * sequencenumber or newer.
179 Slot[] getSlots(long sequencenumber) {
186 URL url=buildRequest(false, sequencenumber, 0);
187 URLConnection con=url.openConnection();
188 HttpURLConnection http = (HttpURLConnection) con;
189 http.setRequestMethod("POST");
191 InputStream is=http.getInputStream();
193 DataInputStream dis=new DataInputStream(is);
195 byte[] resptype=new byte[7];
196 dis.readFully(resptype);
197 if (!Arrays.equals(resptype, "getslot".getBytes()))
198 throw new Error("Bad Response: "+new String(resptype));
200 return processSlots(dis);
201 } catch (Exception e) {
203 throw new Error("getSlots failed");
208 * Method that actually handles building Slot objects from the
209 * server response. Shared by both putSlot and getSlots.
212 private Slot[] processSlots(DataInputStream dis) throws Exception {
213 int numberofslots=dis.readInt();
214 int[] sizesofslots=new int[numberofslots];
215 Slot[] slots=new Slot[numberofslots];
216 for(int i=0; i<numberofslots; i++)
217 sizesofslots[i]=dis.readInt();
219 for(int i=0; i<numberofslots; i++) {
220 byte[] data=new byte[sizesofslots[i]];
223 data = decryptCipher.doFinal(data);
225 slots[i]=Slot.decode(data, mac);