use of im.actor.runtime.crypto.Curve25519KeyPair in project actor-platform by actorapp.
the class AuthKeyActor method gotoDHState.
private void gotoDHState(final long keyId, final byte[] key, final byte[] serverNonce) {
final byte[] clientNonce = new byte[32];
Crypto.nextBytes(clientNonce);
byte[] keyMaterial = new byte[32];
Crypto.nextBytes(keyMaterial);
final Curve25519KeyPair clientKeyPair = Curve25519.keyGen(keyMaterial);
goToState(new ActorState() {
@Override
public ProtoStruct sendStartMessage() throws IOException {
Log.d(TAG, "Sending RequestDH");
return new RequestDH(randomId, keyId, clientNonce, clientKeyPair.getPublicKey());
}
@Override
public void onMessage(ProtoStruct struct) throws IOException {
if (struct instanceof ResponseDoDH) {
Log.d(TAG, "Received ResponseDoDH");
ResponseDoDH r = (ResponseDoDH) struct;
if (r.getRandomId() != randomId) {
throw new IOException("Incorrect RandomId");
}
PRF combinedPrf = Cryptos.PRF_SHA_STREEBOG_256();
byte[] nonce = ByteStrings.merge(clientNonce, serverNonce);
byte[] pre_master_secret = Curve25519.calculateAgreement(clientKeyPair.getPrivateKey(), key);
byte[] master_secret = combinedPrf.calculate(pre_master_secret, "master secret", nonce, 256);
byte[] verify = combinedPrf.calculate(master_secret, "client finished", nonce, 256);
if (!Curve25519.verifySignature(key, verify, r.getVerifySign())) {
throw new IOException("Incorrect Signature");
}
Digest sha256 = Crypto.createSHA256();
sha256.update(master_secret, 0, master_secret.length);
byte[] authIdHash = new byte[32];
sha256.doFinal(authIdHash, 0);
long authId = ByteStrings.bytesToLong(authIdHash);
Log.d(TAG, "Key successfully created #" + authId);
gotoSuccess(master_secret, authId);
} else {
throw new IOException("Expected: ResponseGetServerKey, got: " + struct.getClass().getName());
}
}
});
}
use of im.actor.runtime.crypto.Curve25519KeyPair in project actor-platform by actorapp.
the class KeyManagerActor method preStart.
@Override
public void preStart() {
Log.d(TAG, "Starting KeyManager...");
//
// Initialization key storage
//
encryptionKeysStorage = Storage.createKeyValue("encryption_keys");
//
// Initialization own private keys
//
ownKeys = null;
byte[] ownKeysStorage = encryptionKeysStorage.loadItem(0);
if (ownKeysStorage != null) {
try {
ownKeys = new PrivateKeyStorage(ownKeysStorage);
// If we need re-save key storage
if (ownKeys.isWasRegenerated()) {
encryptionKeysStorage.addOrUpdateItem(0, ownKeys.toByteArray());
}
} catch (IOException e) {
e.printStackTrace();
}
}
if (ownKeys == null) {
Curve25519KeyPair identityPrivate = Curve25519.keyGen(Crypto.randomBytes(64));
Curve25519KeyPair key0 = Curve25519.keyGen(Crypto.randomBytes(64));
ownKeys = new PrivateKeyStorage(0, new PrivateKey(RandomUtils.nextRid(), "curve25519", identityPrivate.getPrivateKey(), identityPrivate.getPublicKey()), new PrivateKey[] { new PrivateKey(RandomUtils.nextRid(), "curve25519", key0.getPrivateKey(), key0.getPublicKey()) }, new PrivateKey[0]);
encryptionKeysStorage.addOrUpdateItem(0, ownKeys.toByteArray());
}
if (ownKeys.getKeyGroupId() == 0) {
ApiEncryptionKey identityKey = ownKeys.getIdentityKey().toApiKey();
ArrayList<ApiEncryptionKey> keys = ManagedList.of(ownKeys.getKeys()).map(PrivateKey.TO_API);
ArrayList<ApiEncryptionKeySignature> signatures = ManagedList.of(ownKeys.getKeys()).map(PrivateKey.SIGN(ownKeys.getIdentityKey()));
Log.d(TAG, "Creation of new key group");
api(new RequestCreateNewKeyGroup(identityKey, Configuration.SUPPORTED, keys, signatures)).then(new Consumer<ResponseCreateNewKeyGroup>() {
@Override
public void apply(ResponseCreateNewKeyGroup response) {
ownKeys = ownKeys.setGroupId(response.getKeyGroupId());
encryptionKeysStorage.addOrUpdateItem(0, ownKeys.toByteArray());
onMainKeysReady();
}
}).failure(new Consumer<Exception>() {
@Override
public void apply(Exception e) {
Log.w(TAG, "Keys upload error");
Log.e(TAG, e);
// Just ignore
}
});
} else {
onMainKeysReady();
}
}
Aggregations