Search in sources :

Example 11 with OtrCryptoEngineImpl

use of net.java.otr4j.crypto.OtrCryptoEngineImpl in project Zom-Android by zom.

the class SessionKeysImpl method h1.

private byte[] h1(byte b) throws OtrException {
    try {
        byte[] secbytes = SerializationUtils.writeMpi(getS());
        int len = secbytes.length + 1;
        ByteBuffer buff = ByteBuffer.allocate(len);
        buff.put(b);
        buff.put(secbytes);
        byte[] result = new OtrCryptoEngineImpl().sha1Hash(buff.array());
        return result;
    } catch (Exception e) {
        throw new OtrException(e);
    }
}
Also used : OtrCryptoEngineImpl(net.java.otr4j.crypto.OtrCryptoEngineImpl) OtrException(net.java.otr4j.OtrException) ByteBuffer(java.nio.ByteBuffer) OtrException(net.java.otr4j.OtrException)

Example 12 with OtrCryptoEngineImpl

use of net.java.otr4j.crypto.OtrCryptoEngineImpl in project Zom-Android by zom.

the class IOTest method testIODHPublicKey.

public void testIODHPublicKey() throws Exception {
    KeyPair pair = new OtrCryptoEngineImpl().generateDHKeyPair();
    DHPublicKey source = (DHPublicKey) pair.getPublic();
    ByteArrayOutputStream out = new ByteArrayOutputStream();
    OtrOutputStream oos = new OtrOutputStream(out);
    oos.writeDHPublicKey(source);
    oos.close();
    byte[] converted = out.toByteArray();
    ByteArrayInputStream bin = new ByteArrayInputStream(converted);
    OtrInputStream ois = new OtrInputStream(bin);
    DHPublicKey result = ois.readDHPublicKey();
    ois.close();
    assertTrue(source.getY().compareTo(result.getY()) == 0);
}
Also used : KeyPair(java.security.KeyPair) DHPublicKey(javax.crypto.interfaces.DHPublicKey) ByteArrayInputStream(java.io.ByteArrayInputStream) OtrInputStream(net.java.otr4j.io.OtrInputStream) OtrCryptoEngineImpl(net.java.otr4j.crypto.OtrCryptoEngineImpl) OtrOutputStream(net.java.otr4j.io.OtrOutputStream) ByteArrayOutputStream(java.io.ByteArrayOutputStream)

Example 13 with OtrCryptoEngineImpl

use of net.java.otr4j.crypto.OtrCryptoEngineImpl in project Zom-Android by zom.

the class IOTest method testIODHKeyMessage.

public void testIODHKeyMessage() throws Exception {
    KeyPair pair = new OtrCryptoEngineImpl().generateDHKeyPair();
    DHKeyMessage source = new DHKeyMessage(0, (DHPublicKey) pair.getPublic());
    String base64 = SerializationUtils.toString(source);
    DHKeyMessage result = (DHKeyMessage) SerializationUtils.toMessage(base64);
    assertTrue(source.equals(result));
}
Also used : KeyPair(java.security.KeyPair) OtrCryptoEngineImpl(net.java.otr4j.crypto.OtrCryptoEngineImpl) DHKeyMessage(net.java.otr4j.io.messages.DHKeyMessage)

Example 14 with OtrCryptoEngineImpl

use of net.java.otr4j.crypto.OtrCryptoEngineImpl in project Zom-Android by zom.

the class IOTest method testIOBigInt.

public void testIOBigInt() throws Exception {
    KeyPair pair = new OtrCryptoEngineImpl().generateDHKeyPair();
    BigInteger source = ((DHPublicKey) pair.getPublic()).getY();
    ByteArrayOutputStream out = new ByteArrayOutputStream();
    OtrOutputStream oos = new OtrOutputStream(out);
    oos.writeBigInt(source);
    oos.close();
    byte[] converted = out.toByteArray();
    ByteArrayInputStream bin = new ByteArrayInputStream(converted);
    OtrInputStream ois = new OtrInputStream(bin);
    BigInteger result = ois.readBigInt();
    ois.close();
    assertTrue(source.compareTo(result) == 0);
}
Also used : KeyPair(java.security.KeyPair) DHPublicKey(javax.crypto.interfaces.DHPublicKey) ByteArrayInputStream(java.io.ByteArrayInputStream) OtrInputStream(net.java.otr4j.io.OtrInputStream) OtrCryptoEngineImpl(net.java.otr4j.crypto.OtrCryptoEngineImpl) BigInteger(java.math.BigInteger) OtrOutputStream(net.java.otr4j.io.OtrOutputStream) ByteArrayOutputStream(java.io.ByteArrayOutputStream)

Example 15 with OtrCryptoEngineImpl

use of net.java.otr4j.crypto.OtrCryptoEngineImpl in project Zom-Android by zom.

the class AuthContextImpl method handleRevealSignatureMessage.

private void handleRevealSignatureMessage(RevealSignatureMessage m) throws OtrException {
    Session session = getSession();
    SessionID sessionID = session.getSessionID();
    logger.finest(sessionID.getLocalUserId() + " received a reveal signature message from " + sessionID.getRemoteUserId() + " throught " + sessionID.getProtocolName() + ".");
    if (!session.getSessionPolicy().getAllowV2()) {
        logger.finest("Policy does not allow OTRv2, ignoring message.");
        return;
    }
    switch(this.getAuthenticationState()) {
        case AWAITING_REVEALSIG:
            // Use the received value of r to decrypt the value of gx
            // received
            // in the D-H Commit Message, and verify the hash therein.
            // Decrypt
            // the encrypted signature, and verify the signature and the
            // MACs.
            // If everything checks out:
            // * Reply with a Signature Message.
            // * Transition authstate to AUTHSTATE_NONE.
            // * Transition msgstate to MSGSTATE_ENCRYPTED.
            // * TODO If there is a recent stored message, encrypt it and
            // send
            // it as a Data Message.
            OtrCryptoEngine otrCryptoEngine = new OtrCryptoEngineImpl();
            // Uses r to decrypt the value of gx sent earlier
            byte[] remoteDHPublicKeyDecrypted = otrCryptoEngine.aesDecrypt(m.revealedKey, null, this.getRemoteDHPublicKeyEncrypted());
            // Verifies that HASH(gx) matches the value sent earlier
            byte[] remoteDHPublicKeyHash = otrCryptoEngine.sha256Hash(remoteDHPublicKeyDecrypted);
            if (!Arrays.equals(remoteDHPublicKeyHash, this.getRemoteDHPublicKeyHash())) {
                logger.finest("Hashes don't match, ignoring message.");
                return;
            }
            // Verifies that Bob's gx is a legal value (2 <= gx <=
            // modulus-2)
            BigInteger remoteDHPublicKeyMpi;
            try {
                remoteDHPublicKeyMpi = SerializationUtils.readMpi(remoteDHPublicKeyDecrypted);
            } catch (IOException e) {
                throw new OtrException(e);
            }
            this.setRemoteDHPublicKey(otrCryptoEngine.getDHPublicKey(remoteDHPublicKeyMpi));
            // Verify received Data.
            if (!m.verify(this.getM2())) {
                logger.finest("Signature MACs are not equal, ignoring message.");
                return;
            }
            // Decrypt X.
            byte[] remoteXDecrypted = m.decrypt(this.getC());
            SignatureX remoteX;
            try {
                remoteX = SerializationUtils.toMysteriousX(remoteXDecrypted);
            } catch (IOException e) {
                throw new OtrException(e);
            }
            // Compute signature.
            PublicKey remoteLongTermPublicKey = remoteX.longTermPublicKey;
            SignatureM remoteM = new SignatureM(this.getRemoteDHPublicKey(), (DHPublicKey) this.getLocalDHKeyPair().getPublic(), remoteLongTermPublicKey, remoteX.dhKeyID);
            // Verify signature.
            byte[] signature;
            try {
                signature = otrCryptoEngine.sha256Hmac(SerializationUtils.toByteArray(remoteM), this.getM1());
            } catch (IOException e) {
                throw new OtrException(e);
            }
            if (!otrCryptoEngine.verify(signature, remoteLongTermPublicKey, remoteX.signature)) {
                session.showWarning("Bad revealed signature");
                logger.finest("Signature verification failed.");
                return;
            }
            logger.finest("Signature verification succeeded.");
            this.setAuthenticationState(AuthContext.NONE);
            this.setIsSecure(true);
            this.setRemoteLongTermPublicKey(remoteLongTermPublicKey);
            getSession().injectMessage(messageFactory.getSignatureMessage());
            break;
        default:
            logger.finest("Ignoring message.");
            break;
    }
}
Also used : SignatureM(net.java.otr4j.io.messages.SignatureM) OtrCryptoEngine(net.java.otr4j.crypto.OtrCryptoEngine) PublicKey(java.security.PublicKey) DHPublicKey(javax.crypto.interfaces.DHPublicKey) OtrCryptoEngineImpl(net.java.otr4j.crypto.OtrCryptoEngineImpl) SignatureX(net.java.otr4j.io.messages.SignatureX) BigInteger(java.math.BigInteger) IOException(java.io.IOException) OtrException(net.java.otr4j.OtrException)

Aggregations

OtrCryptoEngineImpl (net.java.otr4j.crypto.OtrCryptoEngineImpl)19 PublicKey (java.security.PublicKey)8 OtrException (net.java.otr4j.OtrException)8 KeyPair (java.security.KeyPair)7 OtrCryptoException (net.java.otr4j.crypto.OtrCryptoException)7 IOException (java.io.IOException)6 DHPublicKey (javax.crypto.interfaces.DHPublicKey)5 OtrCryptoEngine (net.java.otr4j.crypto.OtrCryptoEngine)5 ByteArrayInputStream (java.io.ByteArrayInputStream)3 ByteArrayOutputStream (java.io.ByteArrayOutputStream)3 OtrInputStream (net.java.otr4j.io.OtrInputStream)3 OtrOutputStream (net.java.otr4j.io.OtrOutputStream)3 BigInteger (java.math.BigInteger)2 ByteBuffer (java.nio.ByteBuffer)2 DSAPublicKey (java.security.interfaces.DSAPublicKey)2 SignatureM (net.java.otr4j.io.messages.SignatureM)2 SignatureX (net.java.otr4j.io.messages.SignatureX)2 AbstractChat (com.xabber.android.data.message.AbstractChat)1 RegularChat (com.xabber.android.data.message.RegularChat)1 UnsupportedEncodingException (java.io.UnsupportedEncodingException)1