version2/src/java/iotcloud/CloudComm.java

   1 package iotcloud;
   2 import java.io.*;
   3 import java.net.*;
   4 import java.util.Arrays;
   5 import javax.crypto.*;
   6 import javax.crypto.spec.*;
   7 import java.security.SecureRandom;
   8
   9 /**
  10  * This class provides a communication API to the webserver.  It also
  11  * validates the HMACs on the slots and handles encryption.
  12  * @author Brian Demsky <bdemsky@uci.edu>
  13  * @version 1.0
  14  */
  15
  16
  17 class CloudComm {
  18         String baseurl;
  19         Cipher encryptCipher;
  20         Cipher decryptCipher;
  21         Mac mac;
  22         String password;
  23         SecureRandom random;
  24         static final int SALT_SIZE = 8;
  25         byte salt[];
  26         Table table;
  27
  28         /**
  29          * Empty Constructor needed for child class.
  30          */
  31
  32         CloudComm() {
  33         }
  34
  35         /**
  36          * Constructor for actual use. Takes in the url and password.
  37          */
  38
  39         CloudComm(Table _table, String _baseurl, String _password) {
  40                 this.table = _table;
  41                 this.baseurl = _baseurl;
  42                 this.password = _password;
  43                 this.random = new SecureRandom();
  44         }
  45
  46         /**
  47          * Generates Key from password.
  48          */
  49
  50         private SecretKeySpec initKey() {
  51                 try {
  52                         PBEKeySpec keyspec = new PBEKeySpec(password.toCharArray(), salt, 65536, 128);
  53                         SecretKey tmpkey = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256").generateSecret(keyspec);
  54                         return new SecretKeySpec(tmpkey.getEncoded(), "AES");
  55                 } catch (Exception e) {
  56                         e.printStackTrace();
  57                         throw new Error("Failed generating key.");
  58                 }
  59         }
  60
  61         /**
  62          * Inits the HMAC generator.
  63          */
  64
  65         private void initCrypt() {
  66                 try {
  67                         SecretKeySpec key = initKey();
  68                         password = null; // drop password
  69                         mac = Mac.getInstance("HmacSHA256");
  70                         mac.init(key);
  71                         encryptCipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
  72                         encryptCipher.init(Cipher.ENCRYPT_MODE, key);
  73                         decryptCipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
  74                         decryptCipher.init(Cipher.DECRYPT_MODE, key);
  75                 } catch (Exception e) {
  76                         e.printStackTrace();
  77                         throw new Error("Failed To Initialize Ciphers");
  78                 }
  79         }
  80
  81         /*
  82          * Builds the URL for the given request.
  83          */
  84
  85         private URL buildRequest(boolean isput, long sequencenumber, long maxentries) throws IOException {
  86                 String reqstring = isput ? "req=putslot" : "req=getslot";
  87                 String urlstr = baseurl + "?" + reqstring + "&seq=" + sequencenumber;
  88                 if (maxentries != 0)
  89                         urlstr += "&max=" + maxentries;
  90                 return new URL(urlstr);
  91         }
  92
  93         public void setSalt() {
  94                 try {
  95                         salt = new byte[SALT_SIZE];
  96                         random.nextBytes(salt);
  97                         URL url = new URL(baseurl + "?req=setsalt");
  98                         URLConnection con = url.openConnection();
  99                         HttpURLConnection http = (HttpURLConnection) con;
 100                         http.setRequestMethod("POST");
 101                         http.setFixedLengthStreamingMode(salt.length);
 102                         http.setDoOutput(true);
 103                         http.connect();
 104                         OutputStream os = http.getOutputStream();
 105                         os.write(salt);
 106                         int responsecode = http.getResponseCode();
 107                         if (responsecode != HttpURLConnection.HTTP_OK) {
 108                                 // TODO: Remove this print
 109                                 System.out.println(responsecode);
 110                                 throw new Error("Invalid response");
 111                         }
 112                 } catch (Exception e) {
 113                         e.printStackTrace();
 114                         throw new Error("Failed setting salt");
 115                 }
 116                 initCrypt();
 117         }
 118
 119         private void getSalt() throws Exception {
 120                 URL url = new URL(baseurl + "?req=getsalt");
 121                 URLConnection con = url.openConnection();
 122                 HttpURLConnection http = (HttpURLConnection) con;
 123                 http.setRequestMethod("POST");
 124                 http.connect();
 125
 126                 InputStream is = http.getInputStream();
 127                 DataInputStream dis = new DataInputStream(is);
 128                 int salt_length = dis.readInt();
 129                 byte [] tmp = new byte[salt_length];
 130                 dis.readFully(tmp);
 131                 salt = tmp;
 132         }
 133
 134         /*
 135          * API for putting a slot into the queue.  Returns null on success.
 136          * On failure, the server will send slots with newer sequence
 137          * numbers.
 138          */
 139
 140         Slot[] putSlot(Slot slot, int max) {
 141                 try {
 142                         if (salt == null) {
 143                                 getSalt();
 144                                 initCrypt();
 145                         }
 146
 147                         long sequencenumber = slot.getSequenceNumber();
 148                         byte[] bytes = slot.encode(mac);
 149                         bytes = encryptCipher.doFinal(bytes);
 150
 151                         URL url = buildRequest(true, sequencenumber, max);
 152                         URLConnection con = url.openConnection();
 153                         HttpURLConnection http = (HttpURLConnection) con;
 154
 155                         http.setRequestMethod("POST");
 156                         http.setFixedLengthStreamingMode(bytes.length);
 157                         http.setDoOutput(true);
 158                         http.connect();
 159
 160                         OutputStream os = http.getOutputStream();
 161                         os.write(bytes);
 162
 163                         InputStream is = http.getInputStream();
 164                         DataInputStream dis = new DataInputStream(is);
 165                         byte[] resptype = new byte[7];
 166                         dis.readFully(resptype);
 167                         if (Arrays.equals(resptype, "getslot".getBytes()))
 168                                 return processSlots(dis);
 169                         else if (Arrays.equals(resptype, "putslot".getBytes()))
 170                                 return null;
 171                         else
 172                                 throw new Error("Bad response to putslot");
 173                 } catch (Exception e) {
 174                         e.printStackTrace();
 175                         throw new Error("putSlot failed");
 176                 }
 177         }
 178
 179         /**
 180          * Request the server to send all slots with the given
 181          * sequencenumber or newer.
 182          */
 183
 184         Slot[] getSlots(long sequencenumber) {
 185                 try {
 186                         if (salt == null) {
 187                                 getSalt();
 188                                 initCrypt();
 189                         }
 190
 191                         URL url = buildRequest(false, sequencenumber, 0);
 192                         URLConnection con = url.openConnection();
 193                         HttpURLConnection http = (HttpURLConnection) con;
 194                         http.setRequestMethod("POST");
 195                         http.connect();
 196                         InputStream is = http.getInputStream();
 197
 198                         DataInputStream dis = new DataInputStream(is);
 199
 200                         byte[] resptype = new byte[7];
 201                         dis.readFully(resptype);
 202                         if (!Arrays.equals(resptype, "getslot".getBytes()))
 203                                 throw new Error("Bad Response: " + new String(resptype));
 204                         else
 205                                 return processSlots(dis);
 206                 } catch (Exception e) {
 207                         e.printStackTrace();
 208                         throw new Error("getSlots failed");
 209                 }
 210         }
 211
 212         /**
 213          * Method that actually handles building Slot objects from the
 214          * server response.  Shared by both putSlot and getSlots.
 215          */
 216
 217         private Slot[] processSlots(DataInputStream dis) throws Exception {
 218                 int numberofslots = dis.readInt();
 219                 int[] sizesofslots = new int[numberofslots];
 220                 Slot[] slots = new Slot[numberofslots];
 221                 for (int i = 0; i < numberofslots; i++)
 222                         sizesofslots[i] = dis.readInt();
 223
 224                 for (int i = 0; i < numberofslots; i++) {
 225                         byte[] data = new byte[sizesofslots[i]];
 226                         dis.readFully(data);
 227
 228                         data = decryptCipher.doFinal(data);
 229
 230                         slots[i] = Slot.decode(table, data, mac);
 231                 }
 232                 dis.close();
 233                 return slots;
 234         }
 235 }