harald/opretj
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

xxx

Browse source
This commit is contained in:
Harald Hoyer 2016-09-06 08:49:26 +02:00
parent 70b349099a
commit 325b6d4961
2 changed files with 25 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
opretj/src/main/java/org/tcpid/key/MasterSigningKey.java
View file

@ -1,7 +1,5 @@
package org.tcpid.key; package org.tcpid.key;
import static org.libsodium.jni.NaCl.sodium;
import java.util.ArrayList; import java.util.ArrayList;
import org.libsodium.jni.crypto.Hash; import org.libsodium.jni.crypto.Hash;

42
opretj/src/main/java/org/tcpid/opretj/OPRETECParser.java
View file

@ -54,48 +54,54 @@ public class OPRETECParser extends OPRETBaseHandler {
} }
} }
private static byte[] doubleDec(final PublicKey MK, final PublicKey VK, final byte[] cipher, final byte[] nonce) { private static byte[] doubleDec(final PublicKey MK, final PublicKey VK, final byte[] cipher) {
final KeyPair Epair = new KeyPair(HMACSHA512256.of(MK.toBytes(), Bytes.concat(nonce, VK.toBytes()))); final KeyPair Epair = new KeyPair(HMACSHA512256.of(VK.toBytes(), MK.toBytes()));
final Box boxVK = new Box(VK, Epair.getPrivateKey()); final Box boxVK = new Box(VK, Epair.getPrivateKey());
final byte[] nonceVK = Arrays.copyOfRange( final byte[] nonceVK = Arrays.copyOfRange(HMACSHA512256.of(Epair.getPublicKey().toBytes(),
HMACSHA512256.of(VK.toBytes(), Bytes.concat(nonce, Epair.getPrivateKey().toBytes())), 0, NONCE_BYTES); Bytes.concat(Epair.getPrivateKey().toBytes(), VK.toBytes())), 0, NONCE_BYTES);
final byte[] cipherMK = boxVK.decrypt(nonceVK, cipher); final byte[] cipherMK = boxVK.decrypt(nonceVK, cipher);
final Box boxMK = new Box(MK, Epair.getPrivateKey()); final Box boxMK = new Box(MK, Epair.getPrivateKey());
final byte[] nonceMK = Arrays.copyOfRange( final byte[] nonceMK = Arrays.copyOfRange(HMACSHA512256.of(Epair.getPublicKey().toBytes(),
HMACSHA512256.of(MK.toBytes(), Bytes.concat(nonce, Epair.getPrivateKey().toBytes())), 0, NONCE_BYTES); Bytes.concat(Epair.getPrivateKey().toBytes(), MK.toBytes())), 0, NONCE_BYTES);
final byte[] clear = boxMK.decrypt(nonceMK, cipherMK); final byte[] clear = boxMK.decrypt(nonceMK, cipherMK);
System.err.println("cipher = " + Utils.HEX.encode(cipher));
System.err.println("reverse = " + Utils.HEX.encode(boxVK.encrypt(nonceVK, boxMK.encrypt(nonceMK, clear))));
return clear; return clear;
} }
private static byte[] doubleEnc(final KeyPair MKpair, final KeyPair VKpair, final byte[] clear, private static byte[] doubleEnc(final KeyPair MKpair, final KeyPair VKpair, final byte[] clear) {
final byte[] nonce) {
final KeyPair Epair = new KeyPair(HMACSHA512256.of(MKpair.getPublicKey().toBytes(), final KeyPair Epair = new KeyPair(
Bytes.concat(nonce, VKpair.getPublicKey().toBytes()))); HMACSHA512256.of(VKpair.getPublicKey().toBytes(), MKpair.getPublicKey().toBytes()));
final Box boxMK = new Box(Epair.getPublicKey(), MKpair.getPrivateKey()); final Box boxMK = new Box(Epair.getPublicKey(), MKpair.getPrivateKey());
final byte[] nonceMK = Arrays.copyOfRange( final byte[] nonceMK = Arrays.copyOfRange(
HMACSHA512256.of(MKpair.getPublicKey().toBytes(), Bytes.concat(nonce, Epair.getPrivateKey().toBytes())), HMACSHA512256.of(Epair.getPublicKey().toBytes(),
Bytes.concat(Epair.getPrivateKey().toBytes(), MKpair.getPublicKey().toBytes())),
0, NONCE_BYTES); 0, NONCE_BYTES);
final byte[] cipherMK = boxMK.encrypt(nonceMK, clear); final byte[] cipherMK = boxMK.encrypt(nonceMK, clear);
System.err.println("cipherMK len = " + cipherMK.length);
final Box boxVK = new Box(Epair.getPublicKey(), VKpair.getPrivateKey()); final Box boxVK = new Box(Epair.getPublicKey(), VKpair.getPrivateKey());
final byte[] nonceVK = Arrays.copyOfRange( final byte[] nonceVK = Arrays.copyOfRange(
HMACSHA512256.of(VKpair.getPublicKey().toBytes(), Bytes.concat(nonce, Epair.getPrivateKey().toBytes())), HMACSHA512256.of(Epair.getPublicKey().toBytes(),
Bytes.concat(Epair.getPrivateKey().toBytes(), VKpair.getPublicKey().toBytes())),
0, NONCE_BYTES); 0, NONCE_BYTES);
final byte[] cipherVK = boxVK.encrypt(nonceVK, cipherMK); final byte[] cipherVK = boxVK.encrypt(nonceVK, cipherMK);
System.err.println("cipherVK len = " + cipherVK.length);
return cipherVK; return cipherVK;
} }
@ -174,7 +180,7 @@ public class OPRETECParser extends OPRETBaseHandler {
HMACSHA512256.HMACSHA512256_BYTES); HMACSHA512256.HMACSHA512256_BYTES);
return false; return false;
} }
// TODO: test assert(HMACSHA512_KEYBYTES == SECRETKEY_BYTES)
if (SECRETKEY_BYTES != HMACSHA512256.HMACSHA512256_BYTES) { if (SECRETKEY_BYTES != HMACSHA512256.HMACSHA512256_BYTES) {
logger.error("SECRETKEY_BYTES != HMACSHA512256.HMACSHA512256_BYTES: {} > {}", SECRETKEY_BYTES, logger.error("SECRETKEY_BYTES != HMACSHA512256.HMACSHA512256_BYTES: {} > {}", SECRETKEY_BYTES,
HMACSHA512256.HMACSHA512256_BYTES); HMACSHA512256.HMACSHA512256_BYTES);
@ -199,11 +205,13 @@ public class OPRETECParser extends OPRETBaseHandler {
final KeyPair mkpair = msk.getKeyPair(); final KeyPair mkpair = msk.getKeyPair();
final KeyPair vkpair = subkey.getKeyPair(); final KeyPair vkpair = subkey.getKeyPair();
final byte[] nonce = Arrays.copyOfRange(HASH.sha256("TEST".getBytes()), 0, 8); final VerifyKey nvk = msk.getNextValidSubKey(1L).getVerifyKey();
final byte[] cipher = doubleEnc(mkpair, vkpair, "TEST".getBytes(), nonce); final byte[] cipher = doubleEnc(mkpair, vkpair, nvk.toBytes());
try { try {
final byte[] chk = doubleDec(msk.getVerifyKey().getPublicKey(), vk.getPublicKey(), cipher, nonce); final byte[] chk = doubleDec(msk.getVerifyKey().getPublicKey(), vk.getPublicKey(), cipher);
return Arrays.equals(chk, "TEST".getBytes()); System.err.println("cipher len = " + cipher.length);
System.err.println("cipher len = " + Utils.HEX.encode(cipher));
return Arrays.equals(chk, nvk.toBytes());
} catch (final Exception e) { } catch (final Exception e) {
logger.error("doubleEnc -> doubleDec failed!"); logger.error("doubleEnc -> doubleDec failed!");
return false; return false;