Search in sources :

Example 1 with Curve25519KeyPair

use of im.actor.runtime.crypto.Curve25519KeyPair in project actor-platform by actorapp.

the class AuthKeyActor method gotoDHState.

private void gotoDHState(final long keyId, final byte[] key, final byte[] serverNonce) {
    final byte[] clientNonce = new byte[32];
    Crypto.nextBytes(clientNonce);
    byte[] keyMaterial = new byte[32];
    Crypto.nextBytes(keyMaterial);
    final Curve25519KeyPair clientKeyPair = Curve25519.keyGen(keyMaterial);
    goToState(new ActorState() {

        @Override
        public ProtoStruct sendStartMessage() throws IOException {
            Log.d(TAG, "Sending RequestDH");
            return new RequestDH(randomId, keyId, clientNonce, clientKeyPair.getPublicKey());
        }

        @Override
        public void onMessage(ProtoStruct struct) throws IOException {
            if (struct instanceof ResponseDoDH) {
                Log.d(TAG, "Received ResponseDoDH");
                ResponseDoDH r = (ResponseDoDH) struct;
                if (r.getRandomId() != randomId) {
                    throw new IOException("Incorrect RandomId");
                }
                PRF combinedPrf = Cryptos.PRF_SHA_STREEBOG_256();
                byte[] nonce = ByteStrings.merge(clientNonce, serverNonce);
                byte[] pre_master_secret = Curve25519.calculateAgreement(clientKeyPair.getPrivateKey(), key);
                byte[] master_secret = combinedPrf.calculate(pre_master_secret, "master secret", nonce, 256);
                byte[] verify = combinedPrf.calculate(master_secret, "client finished", nonce, 256);
                if (!Curve25519.verifySignature(key, verify, r.getVerifySign())) {
                    throw new IOException("Incorrect Signature");
                }
                Digest sha256 = Crypto.createSHA256();
                sha256.update(master_secret, 0, master_secret.length);
                byte[] authIdHash = new byte[32];
                sha256.doFinal(authIdHash, 0);
                long authId = ByteStrings.bytesToLong(authIdHash);
                Log.d(TAG, "Key successfully created #" + authId);
                gotoSuccess(master_secret, authId);
            } else {
                throw new IOException("Expected: ResponseGetServerKey, got: " + struct.getClass().getName());
            }
        }
    });
}
Also used : ProtoStruct(im.actor.core.network.mtp.entity.ProtoStruct) PRF(im.actor.runtime.crypto.primitives.prf.PRF) Digest(im.actor.runtime.crypto.Digest) Curve25519KeyPair(im.actor.runtime.crypto.Curve25519KeyPair) IOException(java.io.IOException) ResponseDoDH(im.actor.core.network.mtp.entity.ResponseDoDH) RequestDH(im.actor.core.network.mtp.entity.RequestDH)

Example 2 with Curve25519KeyPair

use of im.actor.runtime.crypto.Curve25519KeyPair in project actor-platform by actorapp.

the class KeyManagerActor method preStart.

@Override
public void preStart() {
    Log.d(TAG, "Starting KeyManager...");
    //
    // Initialization key storage
    //
    encryptionKeysStorage = Storage.createKeyValue("encryption_keys");
    //
    // Initialization own private keys
    //
    ownKeys = null;
    byte[] ownKeysStorage = encryptionKeysStorage.loadItem(0);
    if (ownKeysStorage != null) {
        try {
            ownKeys = new PrivateKeyStorage(ownKeysStorage);
            // If we need re-save key storage
            if (ownKeys.isWasRegenerated()) {
                encryptionKeysStorage.addOrUpdateItem(0, ownKeys.toByteArray());
            }
        } catch (IOException e) {
            e.printStackTrace();
        }
    }
    if (ownKeys == null) {
        Curve25519KeyPair identityPrivate = Curve25519.keyGen(Crypto.randomBytes(64));
        Curve25519KeyPair key0 = Curve25519.keyGen(Crypto.randomBytes(64));
        ownKeys = new PrivateKeyStorage(0, new PrivateKey(RandomUtils.nextRid(), "curve25519", identityPrivate.getPrivateKey(), identityPrivate.getPublicKey()), new PrivateKey[] { new PrivateKey(RandomUtils.nextRid(), "curve25519", key0.getPrivateKey(), key0.getPublicKey()) }, new PrivateKey[0]);
        encryptionKeysStorage.addOrUpdateItem(0, ownKeys.toByteArray());
    }
    if (ownKeys.getKeyGroupId() == 0) {
        ApiEncryptionKey identityKey = ownKeys.getIdentityKey().toApiKey();
        ArrayList<ApiEncryptionKey> keys = ManagedList.of(ownKeys.getKeys()).map(PrivateKey.TO_API);
        ArrayList<ApiEncryptionKeySignature> signatures = ManagedList.of(ownKeys.getKeys()).map(PrivateKey.SIGN(ownKeys.getIdentityKey()));
        Log.d(TAG, "Creation of new key group");
        api(new RequestCreateNewKeyGroup(identityKey, Configuration.SUPPORTED, keys, signatures)).then(new Consumer<ResponseCreateNewKeyGroup>() {

            @Override
            public void apply(ResponseCreateNewKeyGroup response) {
                ownKeys = ownKeys.setGroupId(response.getKeyGroupId());
                encryptionKeysStorage.addOrUpdateItem(0, ownKeys.toByteArray());
                onMainKeysReady();
            }
        }).failure(new Consumer<Exception>() {

            @Override
            public void apply(Exception e) {
                Log.w(TAG, "Keys upload error");
                Log.e(TAG, e);
            // Just ignore
            }
        });
    } else {
        onMainKeysReady();
    }
}
Also used : RequestCreateNewKeyGroup(im.actor.core.api.rpc.RequestCreateNewKeyGroup) PrivateKeyStorage(im.actor.core.modules.encryption.entity.PrivateKeyStorage) PrivateKey(im.actor.core.modules.encryption.entity.PrivateKey) ResponseCreateNewKeyGroup(im.actor.core.api.rpc.ResponseCreateNewKeyGroup) IOException(java.io.IOException) IOException(java.io.IOException) Consumer(im.actor.runtime.function.Consumer) ApiEncryptionKeySignature(im.actor.core.api.ApiEncryptionKeySignature) Curve25519KeyPair(im.actor.runtime.crypto.Curve25519KeyPair) ApiEncryptionKey(im.actor.core.api.ApiEncryptionKey)

Aggregations

Curve25519KeyPair (im.actor.runtime.crypto.Curve25519KeyPair)2 IOException (java.io.IOException)2 ApiEncryptionKey (im.actor.core.api.ApiEncryptionKey)1 ApiEncryptionKeySignature (im.actor.core.api.ApiEncryptionKeySignature)1 RequestCreateNewKeyGroup (im.actor.core.api.rpc.RequestCreateNewKeyGroup)1 ResponseCreateNewKeyGroup (im.actor.core.api.rpc.ResponseCreateNewKeyGroup)1 PrivateKey (im.actor.core.modules.encryption.entity.PrivateKey)1 PrivateKeyStorage (im.actor.core.modules.encryption.entity.PrivateKeyStorage)1 ProtoStruct (im.actor.core.network.mtp.entity.ProtoStruct)1 RequestDH (im.actor.core.network.mtp.entity.RequestDH)1 ResponseDoDH (im.actor.core.network.mtp.entity.ResponseDoDH)1 Digest (im.actor.runtime.crypto.Digest)1 PRF (im.actor.runtime.crypto.primitives.prf.PRF)1 Consumer (im.actor.runtime.function.Consumer)1