Examples with UserKeyPair com.dracoon.sdk.crypto.model.UserKeyPair used on opensource projects

Example 1 with UserKeyPair

use of com.dracoon.sdk.crypto.model.UserKeyPair in project cyberduck by iterate-ch.

the class SDSMissingFileKeysSchedulerFeature method operate.

@Override
public List<UserFileKeySetRequest> operate(final Session<?> client, final PasswordCallback callback, final Path file) throws BackgroundException {
    final SDSSession session = (SDSSession) client;
    final SDSNodeIdProvider nodeid = (SDSNodeIdProvider) session._getFeature(VersionIdProvider.class);
    try {
        final UserAccountWrapper account = session.userAccount();
        if (!account.isEncryptionEnabled()) {
            log.warn(String.format("No key pair found in user account %s", account));
            return Collections.emptyList();
        }
        final List<UserFileKeySetRequest> processed = new ArrayList<>();
        final UserKeyPairContainer userKeyPairContainer = session.keyPair();
        final UserKeyPair keyPair = TripleCryptConverter.toCryptoUserKeyPair(userKeyPairContainer);
        final TripleCryptKeyPair triplecrypt = new TripleCryptKeyPair();
        final Credentials passphrase = triplecrypt.unlock(callback, session.getHost(), keyPair);
        final UserKeyPairContainer userKeyPairContainerDeprecated = session.keyPairDeprecated();
        Credentials passphraseDeprecated = passphrase;
        if (userKeyPairContainerDeprecated != null) {
            passphraseDeprecated = triplecrypt.unlock(callback, session.getHost(), TripleCryptConverter.toCryptoUserKeyPair(userKeyPairContainerDeprecated));
        }
        // Null when operating from scheduler. File reference is set for post upload.
        final Long fileId = file != null ? Long.parseLong(nodeid.getVersionId(file, new DisabledListProgressListener())) : null;
        UserFileKeySetBatchRequest request;
        do {
            if (log.isDebugEnabled()) {
                log.debug(String.format("Request a list of missing file keys for file %s", file));
            }
            request = new UserFileKeySetBatchRequest();
            final MissingKeysResponse missingKeys = new NodesApi(session.getClient()).requestMissingFileKeys(null, null, null, fileId, null, null, null);
            final Map<Long, List<UserUserPublicKey>> userPublicKeys = missingKeys.getUsers().stream().collect(groupingBy(UserUserPublicKey::getId));
            final Map<Long, List<FileFileKeys>> files = missingKeys.getFiles().stream().collect(groupingBy(FileFileKeys::getId));
            for (UserIdFileIdItem item : missingKeys.getItems()) {
                for (FileFileKeys fileKey : files.get(item.getFileId())) {
                    final EncryptedFileKey encryptedFileKey = TripleCryptConverter.toCryptoEncryptedFileKey(fileKey.getFileKeyContainer());
                    final UserKeyPairContainer keyPairForDecryption = session.getKeyPairForFileKey(encryptedFileKey.getVersion());
                    for (UserUserPublicKey userPublicKey : userPublicKeys.get(item.getUserId())) {
                        final EncryptedFileKey fk = this.encryptFileKey(TripleCryptConverter.toCryptoUserPrivateKey(keyPairForDecryption.getPrivateKeyContainer()), encryptedFileKey.getVersion() == EncryptedFileKey.Version.RSA2048_AES256GCM ? passphraseDeprecated : passphrase, userPublicKey, fileKey);
                        final UserFileKeySetRequest keySetRequest = new UserFileKeySetRequest().fileId(item.getFileId()).userId(item.getUserId()).fileKey(TripleCryptConverter.toSwaggerFileKey(fk));
                        if (log.isDebugEnabled()) {
                            log.debug(String.format("Missing file key processed for file %d and user %d", item.getFileId(), item.getUserId()));
                        }
                        request.addItemsItem(keySetRequest);
                    }
                }
            }
            if (!request.getItems().isEmpty()) {
                if (log.isDebugEnabled()) {
                    log.debug(String.format("Set file keys with %s", request));
                }
                new NodesApi(session.getClient()).setUserFileKeys(request, StringUtils.EMPTY);
                processed.addAll(request.getItems());
            }
        } while (!request.getItems().isEmpty());
        this.deleteDeprecatedKeyPair(session);
        return processed;
    } catch (ApiException e) {
        throw new SDSExceptionMappingService(nodeid).map(e);
    } catch (CryptoException e) {
        throw new TripleCryptExceptionMappingService().map(e);
    }
}

Example 2 with UserKeyPair

use of com.dracoon.sdk.crypto.model.UserKeyPair in project cyberduck by iterate-ch.

the class SDSSharesUrlProvider method toDownloadUrl.

@Override
public DescriptiveUrl toDownloadUrl(final Path file, CreateDownloadShareRequest options, final PasswordCallback callback) throws BackgroundException {
    try {
        if (log.isDebugEnabled()) {
            log.debug(String.format("Create download share for %s", file));
        }
        if (null == options) {
            options = new CreateDownloadShareRequest();
            log.warn(String.format("Use default share options %s", options));
        }
        final Long fileid = Long.parseLong(nodeid.getVersionId(file, new DisabledListProgressListener()));
        final Host bookmark = session.getHost();
        if (SDSNodeIdProvider.isEncrypted(file)) {
            // get existing file key associated with the sharing user
            final FileKey key = new NodesApi(session.getClient()).requestUserFileKey(fileid, null, null);
            final EncryptedFileKey encFileKey = TripleCryptConverter.toCryptoEncryptedFileKey(key);
            final UserKeyPairContainer keyPairContainer = session.getKeyPairForFileKey(encFileKey.getVersion());
            final UserKeyPair userKeyPair = TripleCryptConverter.toCryptoUserKeyPair(keyPairContainer);
            final Credentials passphrase = new TripleCryptKeyPair().unlock(callback, bookmark, userKeyPair);
            final PlainFileKey plainFileKey = Crypto.decryptFileKey(encFileKey, userKeyPair.getUserPrivateKey(), passphrase.getPassword());
            // encrypt file key with a new key pair
            final UserKeyPair pair;
            if (null == options.getPassword()) {
                pair = Crypto.generateUserKeyPair(session.requiredKeyPairVersion(), callback.prompt(bookmark, LocaleFactory.localizedString("Passphrase", "Cryptomator"), LocaleFactory.localizedString("Provide additional login credentials", "Credentials"), new LoginOptions().icon(session.getHost().getProtocol().disk())).getPassword());
            } else {
                pair = Crypto.generateUserKeyPair(session.requiredKeyPairVersion(), options.getPassword());
            }
            final EncryptedFileKey encryptedFileKey = Crypto.encryptFileKey(plainFileKey, pair.getUserPublicKey());
            options.setPassword(null);
            options.setKeyPair(TripleCryptConverter.toSwaggerUserKeyPairContainer(pair));
            options.setFileKey(TripleCryptConverter.toSwaggerFileKey(encryptedFileKey));
        }
        final DownloadShare share = new SharesApi(session.getClient()).createDownloadShare(options.nodeId(fileid), StringUtils.EMPTY, null);
        final String help;
        if (null == share.getExpireAt()) {
            help = MessageFormat.format(LocaleFactory.localizedString("{0} URL"), LocaleFactory.localizedString("Pre-Signed", "S3"));
        } else {
            final long expiry = share.getExpireAt().getMillis();
            help = MessageFormat.format(LocaleFactory.localizedString("{0} URL"), LocaleFactory.localizedString("Pre-Signed", "S3")) + " (" + MessageFormat.format(LocaleFactory.localizedString("Expires {0}", "S3") + ")", UserDateFormatterFactory.get().getShortFormat(expiry * 1000));
        }
        return new DescriptiveUrl(URI.create(String.format("%s://%s/#/public/shares-downloads/%s", bookmark.getProtocol().getScheme(), bookmark.getHostname(), share.getAccessKey())), DescriptiveUrl.Type.signed, help);
    } catch (ApiException e) {
        throw new SDSExceptionMappingService(nodeid).map(e);
    } catch (CryptoException e) {
        throw new TripleCryptExceptionMappingService().map(e);
    }
}

Example 3 with UserKeyPair

use of com.dracoon.sdk.crypto.model.UserKeyPair in project cyberduck by iterate-ch.

the class TripleCryptReadFeature method read.

@Override
public InputStream read(final Path file, final TransferStatus status, final ConnectionCallback callback) throws BackgroundException {
    try {
        final FileKey key = new NodesApi(session.getClient()).requestUserFileKey(Long.parseLong(nodeid.getVersionId(file, new DisabledListProgressListener())), null, null);
        final EncryptedFileKey encFileKey = TripleCryptConverter.toCryptoEncryptedFileKey(key);
        try {
            final UserKeyPair userKeyPair = this.getUserKeyPair(encFileKey);
            final PlainFileKey plainFileKey = Crypto.decryptFileKey(encFileKey, userKeyPair.getUserPrivateKey(), this.unlock(callback, userKeyPair).getPassword());
            return new TripleCryptDecryptingInputStream(proxy.read(file, status, callback), Crypto.createFileDecryptionCipher(plainFileKey), CryptoUtils.stringToByteArray(plainFileKey.getTag()));
        } catch (InvalidFileKeyException e) {
            log.warn(String.format("Failure %s  decrypting file key for %s. Invalidate cache", e, file));
            session.resetUserKeyPairs();
            final UserKeyPair userKeyPair = this.getUserKeyPair(encFileKey);
            final PlainFileKey plainFileKey = Crypto.decryptFileKey(encFileKey, userKeyPair.getUserPrivateKey(), this.unlock(callback, userKeyPair).getPassword());
            return new TripleCryptDecryptingInputStream(proxy.read(file, status, callback), Crypto.createFileDecryptionCipher(plainFileKey), CryptoUtils.stringToByteArray(plainFileKey.getTag()));
        }
    } catch (ApiException e) {
        throw new SDSExceptionMappingService(nodeid).map("Download {0} failed", e, file);
    } catch (CryptoException e) {
        throw new TripleCryptExceptionMappingService().map("Download {0} failed", e, file);
    }
}

Example 4 with UserKeyPair

use of com.dracoon.sdk.crypto.model.UserKeyPair in project cyberduck by iterate-ch.

the class TripleCryptConverter method toCryptoUserKeyPair.

public static UserKeyPair toCryptoUserKeyPair(final UserKeyPairContainer c) throws UnknownVersionException {
    final UserPrivateKey privateKey = new UserPrivateKey(UserKeyPair.Version.getByValue(c.getPrivateKeyContainer().getVersion()), c.getPrivateKeyContainer().getPrivateKey());
    final UserPublicKey publicKey = new UserPublicKey(UserKeyPair.Version.getByValue(c.getPublicKeyContainer().getVersion()), c.getPublicKeyContainer().getPublicKey());
    return new UserKeyPair(privateKey, publicKey);
}

Example 5 with UserKeyPair

use of com.dracoon.sdk.crypto.model.UserKeyPair in project cyberduck by iterate-ch.

the class CryptoDecryptPrivateKeyTest method testDecryptPrivateKey.

@Test
public void testDecryptPrivateKey() throws Exception {
    final String pk = "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" + "MIIFnDCBxQYJKoZIhvcNAQUNMIG3MIGVBgkqhkiG9w0BBQwwgYcEgYAzxG7mDxu4\n" + "TYtue+YQykOFgXlbFSJ9wbvVhVlbJP/16jewb4DhMZ/EWGzufLougL1WCwMc0BGM\n" + "wiozMk3Xl7kYCILBe78dsfS8bDZG9bMyS3PBuUn5Zuo4hhNMMtrJ4qYIOXYKsjml\n" + "rq5aipZXy3d/nfaHpGYTLGJTvSyZKDaGaQICJxAwHQYJYIZIAWUDBAEqBBDBxJJq\n" + "F0v+NbVvALtyDqOyBIIE0Kx8ce2gVTbC4FAowW/cV2texJWMZDe/i/NcTYvXide7\n" + "d8abj23zxWMT6+h89d27mXOD5BQMyXZSXMNAzHoMq2T0/uJwHNbm9VSXIZWrJ1wT\n" + "AHaipyUY5oQ3L0eu5CWqXISspRL7xlLAuIptpHunJIcvMvrK1o9xpJoEiZWUmq67\n" + "1tkDBH3hokcWU9u2YSwQsuZGHY1S0Z9QTiCry1nL8iz1ceRSee6J+ysjnbpxPsO1\n" + "UnNoKLIYYSm8Fep6O635Tc/XkytMF5GpJvLJNYZXuxTIRGUGcnk82hEwmTPp9ANc\n" + "4vycg7c4M7VMqPZsGjQtoYZLE0EQ243BZQdKG7pob9HIt+zTLmBtbMPrTsxCMEeS\n" + "eX5BrK7RDmHz4bM+Jv9KsO7xjWX4lZRXgRAkiMt1tV+IRVfsjDKEJzzyfvzIhWXe\n" + "rnK4A8o+jubXLxrUMFWdRvb5iGDCGxmb2JrjiFDXNIudMpB3vFWEulfvMw7cdGDo\n" + "C7FurwwycJhtRAvJFAZ7C//pyH8Gl8XjDjY/F44ORxQP9qfACier4vy5go2JMljM\n" + "3YQB5m3xeXXz5pzkTX0ept1JKAAovedAP27+7WS0ziuUS1g1Er2cRrFKHCi9Sb0W\n" + "QqZqeWBloG/t4axCd8De/YTXTX4dgYD+BiTzBTRA33JTYrkl9b8MrbEaZgwHWsr1\n" + "6+YgQjYTRPQmiV8NBTm3/zbFV+Y/KBgd+P12ISKfONLZzhzE5+7CE0gAEotb1fCY\n" + "o6ds0WJim2rT0Sfb5WA/xTtlerM7mYK0troOhO30NIUUmg4wtS6SsRqrS1KzuVx0\n" + "AS7cyI9Zb0Rz+oc/MhnLf51hx+c3wBBnBdgrxtXRrBbtRIlRUSzhtJBcpELwQGFu\n" + "4wB3Tjil3HwF4JjTRUBy4TUf41W8aQtkoi8JOCnS6gy87fbiEBay7Pi/0DOF7HSI\n" + "iyZhKfOMJunTlTdmIbg/d024tVJqMnVZrTKeLwlJX2M9qncIQKJB7SYzfSdbvV92\n" + "A4AXKKwQoXg/jiC3u4XSiqQ10lVBKsantH1Gargm2uYNMJTJhu3qaec19wbvREuA\n" + "X2bHNQ3NZJThUEcgfCQdcoIWWVfuWWVBd+v8Ta9/vPHG6za9IG5wWMkB+fV5wE6H\n" + "GbFlV9shwWZLLN0VYAAir31r5DAwAJiQ3lhregBgUYkNMRdBhsn3jLGzPxByGw/3\n" + "QXRJUq0+ZnKlI1y83XsfDTrsyY3jgua1P4MOrk5Khkpz6pcz3nGIsAXpsymPfFYm\n" + "rTXEaVVe9F+5UM8LzIQH7TyGL7c4mGTnUTBY3LE27whIusvZDq21maRU+8A84bFn\n" + "xCvFHXQs53NV3Tb4ZHl5SrdJllC/MYrj4xau3g1cRS0xJSUaW7FLa2AgC9/Ps8uL\n" + "7nVnJ6nKLBMejBfrK0+uFqGuGDP4jOl8H26V+dycY/5ecBYhF9Bts5aKEFhkqibG\n" + "2Qt3tuP/WvAzJAAFw+YYTKUyW8YvDh1hf74cD8RxiNYZ0UuVoqADxbycNZ3+26rC\n" + "lnXEetmYD961oHZclzis4CUcDbLRbgcmv/fvpoj9OIgBOumB/1ku0ZmicXvlJ6wD\n" + "S+2l6QSAHZF3rmD0D7lSGMu0rdF648h8HkLsoABONdoHJrCE5ehnBvSLd34Hdwt7\n" + "-----END ENCRYPTED PRIVATE KEY-----\n";
    final UserPrivateKey privateKey = new UserPrivateKey(UserKeyPair.Version.RSA2048, pk);
    final UserPublicKey publicKey = new UserPublicKey(UserKeyPair.Version.RSA2048, "pubkey");
    final UserKeyPair pair = new UserKeyPair(privateKey, publicKey);
    Assert.assertTrue(Crypto.checkUserKeyPair(pair, "abcdabc1"));
}