add crypt to slots
authorbdemsky <bdemsky@uci.edu>
Tue, 26 Jul 2016 23:26:33 +0000 (16:26 -0700)
committerbdemsky <bdemsky@uci.edu>
Tue, 26 Jul 2016 23:26:33 +0000 (16:26 -0700)
src/java/iotcloud/CloudComm.java

index b5aca62..49217ec 100644 (file)
@@ -16,12 +16,13 @@ import java.security.SecureRandom;
 
 class CloudComm {
        String baseurl;
-       Cipher encryptcipher;
-       Cipher decryptcipher;
+       Cipher encryptCipher;
+       Cipher decryptCipher;
        Mac mac;
-       byte[] salt;
-       SecretKeySpec key;
+       String password;
+       SecureRandom random;
        static final int SALT_SIZE = 8;
+       static final int IV_SIZE = 16;
 
        /**
         * Empty Constructor needed for child class.
@@ -34,21 +35,21 @@ class CloudComm {
         * Constructor for actual use. Takes in the url and password.
         */
 
-       CloudComm(String _baseurl, String password) {
+       CloudComm(String _baseurl, String _password) {
                this.baseurl=_baseurl;
-               initCloud(password);
+               this.password = _password;
+               this.random = new SecureRandom();
        }
 
        /**
         * Generates Key from password.
         */
 
-       private void initKey(String password) {
+       private SecretKeySpec initKey(byte[] salt) {
                try {
-                       salt=new byte[SALT_SIZE];
                        PBEKeySpec keyspec = new PBEKeySpec(password.toCharArray(), salt, 65536, 128);
                        SecretKey tmpkey = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256").generateSecret(keyspec);
-                       this.key = new SecretKeySpec(tmpkey.getEncoded(), "AES");
+                       return new SecretKeySpec(tmpkey.getEncoded(), "AES");
                } catch (Exception e) {
                        e.printStackTrace();
                        throw new Error("Failed generating key.");
@@ -59,11 +60,27 @@ class CloudComm {
         * Inits the HMAC generator.
         */
 
-       private void initCloud(String password) {
+       private byte[] initCrypt(byte[] salt) {
                try {
-                       initKey(password);
+                       SecretKeySpec key=initKey(salt);
                        mac = Mac.getInstance("HmacSHA256");
                        mac.init(key);
+                       encryptCipher =Cipher.getInstance("AES/CBC/PKCS5Padding");
+                       encryptCipher.init(Cipher.ENCRYPT_MODE, key);
+                       return encryptCipher.getIV();
+               } catch (Exception e) {
+                       e.printStackTrace();
+                       throw new Error("Failed To Initialize Ciphers");
+               }
+       }
+
+       private void initDeCrypt(byte[] salt, byte[] iv) {
+               try {
+                       SecretKeySpec key=initKey(salt);
+                       mac = Mac.getInstance("HmacSHA256");
+                       mac.init(key);
+                       Cipher decryptCipher =Cipher.getInstance("AES/CBC/PKCS5Padding");
+                       decryptCipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(iv));
                } catch (Exception e) {
                        e.printStackTrace();
                        throw new Error("Failed To Initialize Ciphers");
@@ -91,8 +108,11 @@ class CloudComm {
        public Slot[] putSlot(Slot slot, int max) {
                try {
                        long sequencenumber=slot.getSequenceNumber();
+                       byte[] salt=new byte[SALT_SIZE];
+                       random.nextBytes(salt);
+                       byte[] iv=initCrypt(salt);
+                       
                        byte[] bytes=slot.encode(mac);
-
                        URL url=buildRequest(true, sequencenumber, max);
                        URLConnection con=url.openConnection();
                        HttpURLConnection http = (HttpURLConnection) con;
@@ -100,7 +120,11 @@ class CloudComm {
                        http.setFixedLengthStreamingMode(bytes.length);
                        http.setDoOutput(true);
                        http.connect();
+
                        OutputStream os=http.getOutputStream();
+                       os.write(salt);
+                       os.write(iv);
+                       bytes = encryptCipher.doFinal(bytes);
                        os.write(bytes);
 
                        InputStream is=http.getInputStream();
@@ -118,15 +142,6 @@ class CloudComm {
                }
        }
 
-       /*
-                       Cipher encryptCipher =
-                       Cipher.getInstance("AES/CBC/PKCS5Padding");
-                       encryptCipher.init(Cipher.ENCRYPT_MODE, secret);
-                       Cipher decryptCipher =
-                       Cipher.getInstance("AES/CBC/PKCS5Padding");
-                       decryptCipher.init(Cipher.DECRYPT_MODE, secret);
-        */
-
        /**
         * Request the server to send all slots with the given
         * sequencenumber or newer.
@@ -142,6 +157,7 @@ class CloudComm {
                        InputStream is=http.getInputStream();
 
                        DataInputStream dis=new DataInputStream(is);
+                       
                        byte[] resptype=new byte[7];
                        dis.readFully(resptype);
                        if (!Arrays.equals(resptype, "getslot".getBytes()))
@@ -158,7 +174,7 @@ class CloudComm {
         * server response.  Shared by both putSlot and getSlots.
         */
 
-       private Slot[] processSlots(DataInputStream dis) throws IOException {
+       private Slot[] processSlots(DataInputStream dis) throws Exception {
                int numberofslots=dis.readInt();
                int[] sizesofslots=new int[numberofslots];
                Slot[] slots=new Slot[numberofslots];
@@ -166,8 +182,17 @@ class CloudComm {
                        sizesofslots[i]=dis.readInt();
 
                for(int i=0; i<numberofslots; i++) {
+                       byte[] salt=new byte[SALT_SIZE];
+                       byte[] iv=new byte[IV_SIZE];
+                       dis.readFully(salt);
+                       dis.readFully(iv);
+                       initDeCrypt(salt, iv);
+
                        byte[] data=new byte[sizesofslots[i]];
                        dis.readFully(data);
+
+                       data = decryptCipher.doFinal(data);
+
                        slots[i]=Slot.decode(data, mac);
                }
                dis.close();