import org.spongycastle.crypto.params.KeyParameter;
import org.spongycastle.crypto.PBEParametersGenerator;
import android.content.*;
+import java.nio.ByteBuffer;
+
/**
* This class provides a communication API to the webserver. It also
class CloudComm {
private static final int SALT_SIZE = 8;
private static final int TIMEOUT_MILLIS = 2000; // 100
+ public static final int IV_SIZE = 16;
/** Sets the size for the HMAC. */
static final int HMAC_SIZE = 32;
private String baseurl;
- private Cipher encryptCipher;
- private Cipher decryptCipher;
+ private SecretKeySpec key;
private Mac mac;
private String password;
private SecureRandom random;
initCrypt();
}
+ /**
+ * Inits the HMAC generator.
+ */
/**
* Inits the HMAC generator.
*/
}
try {
- SecretKeySpec key = initKey();
+ key = initKey();
password = null; // drop password
mac = Mac.getInstance("HmacSHA256");
mac.init(key);
- encryptCipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
- encryptCipher.init(Cipher.ENCRYPT_MODE, key);
- decryptCipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
- decryptCipher.init(Cipher.DECRYPT_MODE, key);
} catch (Exception e) {
e.printStackTrace();
throw new Error("Failed To Initialize Ciphers");
}
}
+
/*
* Builds the URL for the given request.
*/
}
}
+
+ private byte[] createIV(long machineId, long localSequenceNumber) {
+ ByteBuffer buffer = ByteBuffer.allocate(IV_SIZE);
+ buffer.putLong(machineId);
+ long localSequenceNumberShifted = localSequenceNumber << 16;
+ buffer.putLong(localSequenceNumberShifted);
+ return buffer.array();
+
+ }
+
+ private byte[] encryptSlotAndPrependIV(byte[] rawData, byte[] ivBytes) {
+ try {
+ IvParameterSpec ivSpec = new IvParameterSpec(ivBytes);
+ Cipher cipher = Cipher.getInstance("AES/CTR/PKCS5Padding");
+ cipher.init(Cipher.ENCRYPT_MODE, key, ivSpec);
+
+ byte[] encryptedBytes = cipher.doFinal(rawData);
+
+ byte[] bytes = new byte[encryptedBytes.length + IV_SIZE];
+ System.arraycopy(ivBytes, 0, bytes, 0, ivBytes.length);
+ System.arraycopy(encryptedBytes, 0, bytes, IV_SIZE, encryptedBytes.length);
+
+ return bytes;
+
+ } catch (Exception e) {
+ e.printStackTrace();
+ throw new Error("Failed To Encrypt");
+ }
+ }
+
+
+ private byte[] stripIVAndDecryptSlot(byte[] rawData) {
+ try {
+ byte[] ivBytes = new byte[IV_SIZE];
+ byte[] encryptedBytes = new byte[rawData.length - IV_SIZE];
+ System.arraycopy(rawData, 0, ivBytes, 0, IV_SIZE);
+ System.arraycopy(rawData, IV_SIZE, encryptedBytes, 0 , encryptedBytes.length);
+
+ IvParameterSpec ivSpec = new IvParameterSpec(ivBytes);
+
+ Cipher cipher = Cipher.getInstance("AES/CTR/PKCS5Padding");
+ cipher.init(Cipher.DECRYPT_MODE, key, ivSpec);
+
+ return cipher.doFinal(encryptedBytes);
+
+ } catch (Exception e) {
+ e.printStackTrace();
+ throw new Error("Failed To Decrypt");
+ }
+ }
+
/*
* API for putting a slot into the queue. Returns null on success.
* On failure, the server will send slots with newer sequence
}
initCrypt();
}
-
long sequencenumber = slot.getSequenceNumber();
- byte[] bytes = slot.encode(mac);
- bytes = encryptCipher.doFinal(bytes);
+ byte[] slotBytes = slot.encode(mac);
+ // slotBytes = encryptCipher.doFinal(slotBytes);
+
+ // byte[] iVBytes = slot.getSlotCryptIV();
+ // byte[] bytes = new byte[slotBytes.length + IV_SIZE];
+ // System.arraycopy(iVBytes, 0, bytes, 0, iVBytes.length);
+ // System.arraycopy(slotBytes, 0, bytes, IV_SIZE, slotBytes.length);
+
+
+ byte[] bytes = encryptSlotAndPrependIV(slotBytes, slot.getSlotCryptIV());
for (int i = 0; i < numberofslots; i++) {
- byte[] data = new byte[sizesofslots[i]];
- dis.readFully(data);
+ byte[] rawData = new byte[sizesofslots[i]];
+ dis.readFully(rawData);
+
- data = decryptCipher.doFinal(data);
+ // byte[] data = new byte[rawData.length - IV_SIZE];
+ // System.arraycopy(rawData, IV_SIZE, data, 0, data.length);
+
+
+ byte[] data = stripIVAndDecryptSlot(rawData);
slots[i] = Slot.decode(table, data, mac);
return slots;
}
- public byte[] sendLocalData(byte[] sendData, String host, int port) {
+ public byte[] sendLocalData(byte[] sendData, long localSequenceNumber, String host, int port) {
if (salt == null) {
return null;
// Encrypt the data for sending
// byte[] encryptedData = encryptCipher.doFinal(totalData);
- byte[] encryptedData = encryptCipher.doFinal(totalData);
+// byte[] encryptedData = encryptCipher.doFinal(totalData);
+
+ byte[] iv = createIV(table.getMachineId(), table.getLocalSequenceNumber());
+ byte[] encryptedData = encryptSlotAndPrependIV(totalData, iv);
+
+
// Open a TCP socket connection to a local device
Socket socket = new Socket(host, port);
timer.endTime();
- returnData = decryptCipher.doFinal(returnData);
+// returnData = decryptCipher.doFinal(returnData);
+ returnData = stripIVAndDecryptSlot(returnData);
// We are done with this socket
socket.close();
System.arraycopy(returnData, 0, returnData2, 0, returnData2.length);
return returnData2;
- } catch (SocketTimeoutException e) {
-
- } catch (BadPaddingException e) {
-
- } catch (IllegalBlockSizeException e) {
-
- } catch (UnknownHostException e) {
-
- } catch (IOException e) {
+ } catch (Exception e) {
+ e.printStackTrace();
+ // throw new Error("Local comms failure...");
}
timer.endTime();
// Decrypt the data
- readData = decryptCipher.doFinal(readData);
+// readData = decryptCipher.doFinal(readData);
+ readData = stripIVAndDecryptSlot(readData);
+
mac.update(readData, 0, readData.length - HMAC_SIZE);
byte[] genmac = mac.doFinal();
System.arraycopy(realmac, 0, totalData, sendData.length, realmac.length);
// Encrypt the data for sending
- byte[] encryptedData = encryptCipher.doFinal(totalData);
+// byte[] encryptedData = encryptCipher.doFinal(totalData);
+ byte[] iv = createIV(table.getMachineId(), table.getLocalSequenceNumber());
+ byte[] encryptedData = encryptSlotAndPrependIV(totalData, iv);
timer.startTime();
// close the socket
socket.close();
- } catch (SocketTimeoutException e) {
-
- } catch (BadPaddingException e) {
-
- } catch (IllegalBlockSizeException e) {
-
- } catch (UnknownHostException e) {
-
- } catch (IOException e) {
+ } catch (Exception e) {
+ e.printStackTrace();
+ // throw new Error("Local comms failure...");
}
}
projects / iotcloud.git / blobdiff