Examples with ActorBoxKey im.actor.runtime.crypto.box.ActorBoxKey used on opensource projects

Example 1 with ActorBoxKey

use of im.actor.runtime.crypto.box.ActorBoxKey in project actor-platform by actorapp.

the class EncryptedPeerActor method doDecrypt.

private Promise<DecryptBoxResponse> doDecrypt(final EncryptedBox data) {
    if (!isReady) {
        stash();
        return null;
    }
    final int senderKeyGroup = ByteStrings.bytesToInt(ByteStrings.substring(data.getEncryptedPackage(), 0, 4));
    final byte[] encPackage = ByteStrings.substring(data.getEncryptedPackage(), 4, data.getEncryptedPackage().length - 4);
    if (ignoredKeyGroups.contains(senderKeyGroup)) {
        throw new RuntimeException("This key group is ignored");
    }
    return PromisesArray.of(data.getKeys()).filter(EncryptedBoxKey.FILTER(myUid(), ownKeyGroupId)).first().flatMap(new Function<EncryptedBoxKey, Promise<Tuple2<SessionActor, EncryptedBoxKey>>>() {

        @Override
        public Promise<Tuple2<SessionActor, EncryptedBoxKey>> apply(final EncryptedBoxKey boxKey) {
            final long senderPreKeyId = ByteStrings.bytesToLong(boxKey.getEncryptedKey(), 4);
            final long receiverPreKeyId = ByteStrings.bytesToLong(boxKey.getEncryptedKey(), 12);
            if (activeSessions.containsKey(boxKey.getKeyGroupId())) {
                for (SessionActor s : activeSessions.get(senderKeyGroup).getSessions()) {
                    if (s.getSession().getOwnPreKeyId() == receiverPreKeyId && s.getSession().getTheirPreKeyId() == senderPreKeyId) {
                        return success(new Tuple2<>(s, boxKey));
                    }
                }
            }
            return context().getEncryption().getSessionManagerInt().pickSession(uid, senderKeyGroup, receiverPreKeyId, senderPreKeyId).map(new Function<PeerSession, Tuple2<SessionActor, EncryptedBoxKey>>() {

                @Override
                public Tuple2<SessionActor, EncryptedBoxKey> apply(PeerSession src) {
                    return new Tuple2<>(spawnSession(src), boxKey);
                }
            });
        }
    }).flatMap(new Function<Tuple2<SessionActor, EncryptedBoxKey>, Promise<EncryptedSessionActor.DecryptedPackage>>() {

        @Override
        public Promise<EncryptedSessionActor.DecryptedPackage> apply(Tuple2<SessionActor, EncryptedBoxKey> src) {
            Log.d(TAG, "Key size:" + src.getT2().getEncryptedKey().length);
            // TODO: Implement
            return null;
        }
    }).map(new Function<EncryptedSessionActor.DecryptedPackage, DecryptBoxResponse>() {

        @Override
        public DecryptBoxResponse apply(EncryptedSessionActor.DecryptedPackage decryptedPackage) {
            byte[] encData;
            try {
                byte[] encKeyExtended = decryptedPackage.getData().length >= 128 ? decryptedPackage.getData() : keyPrf.calculate(decryptedPackage.getData(), "ActorPackage", 128);
                encData = ActorBox.openBox(ByteStrings.intToBytes(senderKeyGroup), encPackage, new ActorBoxKey(encKeyExtended));
                Log.d(TAG, "Box size: " + encData.length);
            } catch (IOException e) {
                e.printStackTrace();
                throw new RuntimeException(e);
            }
            return new DecryptBoxResponse(encData);
        }
    });
}

Example 2 with ActorBoxKey

use of im.actor.runtime.crypto.box.ActorBoxKey in project actor-platform by actorapp.

the class EncryptedSessionChain method decrypt.

public byte[] decrypt(byte[] data) throws IntegrityException {
    if (data.length < 88) {
        throw new IntegrityException("Data length is too small");
    }
    // 
    // Parsing message header
    // 
    final int senderKeyGroupId = ByteStrings.bytesToInt(data, 0);
    final long senderEphermalKey0Id = ByteStrings.bytesToLong(data, 4);
    final long receiverEphermalKey0Id = ByteStrings.bytesToLong(data, 12);
    final byte[] senderEphemeralKey = ByteStrings.substring(data, 20, 32);
    final byte[] receiverEphemeralKey = ByteStrings.substring(data, 52, 32);
    final int messageIndex = ByteStrings.bytesToInt(data, 84);
    // 
    // Validating header
    // 
    // if (senderKeyGroupId != session.getPeerKeyGroupId()) {
    // throw new IntegrityException("Incorrect sender key group id");
    // }
    // if (senderEphermalKey0Id != session.getTheirPreKey().getKeyId()) {
    // throw new IntegrityException("Incorrect sender pre key id");
    // }
    // if (receiverEphermalKey0Id != session.getOwnPreKey().getKeyId()) {
    // throw new IntegrityException("Incorrect receiver pre key id");
    // }
    // if (ByteStrings.isEquals(senderEphemeralKey, theirPublicKey)) {
    // throw new IntegrityException("Incorrect sender ephemeral key");
    // }
    // if (ByteStrings.isEquals(receiverEphemeralKey, ownPrivateKey)) {
    // throw new IntegrityException("Incorrect receiver ephemeral key");
    // }
    // 
    // Decryption
    // 
    ActorBoxKey ratchetMessageKey = RatchetMessageKey.buildKey(rootChainKey, messageIndex);
    byte[] header = ByteStrings.substring(data, 0, 88);
    byte[] message = ByteStrings.substring(data, 88, data.length - 88);
    return ActorBox.openBox(header, message, ratchetMessageKey);
}

Example 3 with ActorBoxKey

use of im.actor.runtime.crypto.box.ActorBoxKey in project actor-platform by actorapp.

the class EncryptedSessionChain method encrypt.

public byte[] encrypt(byte[] data) throws IntegrityException {
    int messageIndex = sentCounter++;
    ActorBoxKey ratchetMessageKey = RatchetMessageKey.buildKey(rootChainKey, messageIndex);
    byte[] header = ByteStrings.merge(ByteStrings.intToBytes(session.getOwnKeyGroupId()), ByteStrings.longToBytes(session.getOwnPreKeyId()), /*Alice Initial Ephermal*/
    ByteStrings.longToBytes(session.getTheirPreKeyId()), /*Bob Initial Ephermal*/
    Curve25519.keyGenPublic(ownPrivateKey), theirPublicKey, ByteStrings.intToBytes(messageIndex));
    return ByteStrings.merge(header, ActorBox.closeBox(header, data, Crypto.randomBytes(32), ratchetMessageKey));
}

Example 4 with ActorBoxKey

use of im.actor.runtime.crypto.box.ActorBoxKey in project actor-platform by actorapp.

the class RatchetMessageKey method buildKey.

public static ActorBoxKey buildKey(byte[] rootChainKey, int index) {
    HMAC hmac = new HMAC(rootChainKey, Crypto.createSHA256());
    byte[] indx = ByteStrings.intToBytes(index);
    hmac.update(indx, 0, indx.length);
    byte[] messageKey = new byte[32];
    hmac.doFinal(messageKey, 0);
    byte[] messageKeyExt = new HKDF(Crypto.createSHA256()).deriveSecrets(messageKey, 128);
    byte[] aesCipherKey = ByteStrings.substring(messageKeyExt, 0, 32);
    byte[] aesMacKey = ByteStrings.substring(messageKeyExt, 32, 32);
    byte[] kuzCipherKey = ByteStrings.substring(messageKeyExt, 64, 32);
    byte[] kuzMacKey = ByteStrings.substring(messageKeyExt, 96, 32);
    return new ActorBoxKey(aesCipherKey, aesMacKey, kuzCipherKey, kuzMacKey);
}

Example 5 with ActorBoxKey

use of im.actor.runtime.crypto.box.ActorBoxKey in project actor-platform by actorapp.

the class EncryptedPeerActor method doEncrypt.

private Promise<EncryptBoxResponse> doEncrypt(final byte[] data) {
    if (!isReady) {
        stash();
        return null;
    }
    // 
    // Stage 1: Loading User Key Groups
    // Stage 2: Pick sessions for encryption
    // Stage 3: Encrypt box_key int session
    // Stage 4: Encrypt box
    // 
    final byte[] encKey = Crypto.randomBytes(32);
    final byte[] encKeyExtended = keyPrf.calculate(encKey, "ActorPackage", 128);
    Log.d(TAG, "doEncrypt");
    final long start = Runtime.getActorTime();
    return PromisesArray.of(theirKeys.getUserKeysGroups()).filter(new Predicate<UserKeysGroup>() {

        @Override
        public boolean apply(UserKeysGroup keysGroup) {
            return !ignoredKeyGroups.contains(keysGroup.getKeyGroupId());
        }
    }).mapOptional(new Function<UserKeysGroup, Promise<SessionActor>>() {

        @Override
        public Promise<SessionActor> apply(final UserKeysGroup keysGroup) {
            if (activeSessions.containsKey(keysGroup.getKeyGroupId())) {
                return success(activeSessions.get(keysGroup.getKeyGroupId()).getSessions().get(0));
            }
            return context().getEncryption().getSessionManagerInt().pickSession(uid, keysGroup.getKeyGroupId()).failure(new Consumer<Exception>() {

                @Override
                public void apply(Exception e) {
                    ignoredKeyGroups.add(keysGroup.getKeyGroupId());
                }
            }).map(new Function<PeerSession, SessionActor>() {

                @Override
                public SessionActor apply(PeerSession src) {
                    return spawnSession(src);
                }
            });
        }
    }).mapOptional(encrypt(encKeyExtended)).zip().map(new Function<List<EncryptedSessionActor.EncryptedPackageRes>, EncryptBoxResponse>() {

        @Override
        public EncryptBoxResponse apply(List<EncryptedSessionActor.EncryptedPackageRes> src) {
            if (src.size() == 0) {
                throw new RuntimeException("No sessions available");
            }
            Log.d(TAG, "Keys Encrypted in " + (Runtime.getActorTime() - start) + " ms");
            ArrayList<EncryptedBoxKey> encryptedKeys = new ArrayList<>();
            for (EncryptedSessionActor.EncryptedPackageRes r : src) {
                Log.d(TAG, "Keys: " + r.getKeyGroupId());
                encryptedKeys.add(new EncryptedBoxKey(uid, r.getKeyGroupId(), "curve25519", r.getData()));
            }
            byte[] encData;
            try {
                encData = ActorBox.closeBox(ByteStrings.intToBytes(ownKeyGroupId), data, Crypto.randomBytes(32), new ActorBoxKey(encKeyExtended));
            } catch (IntegrityException e) {
                e.printStackTrace();
                throw new RuntimeException(e);
            }
            Log.d(TAG, "All Encrypted in " + (Runtime.getActorTime() - start) + " ms");
            return new EncryptBoxResponse(new EncryptedBox(encryptedKeys.toArray(new EncryptedBoxKey[encryptedKeys.size()]), ByteStrings.merge(ByteStrings.intToBytes(ownKeyGroupId), encData)));
        }
    });
}