use of net.java.otr4j.crypto.OtrCryptoEngineImpl in project Zom-Android by zom.
the class SessionKeysImpl method h1.
private byte[] h1(byte b) throws OtrException {
try {
byte[] secbytes = SerializationUtils.writeMpi(getS());
int len = secbytes.length + 1;
ByteBuffer buff = ByteBuffer.allocate(len);
buff.put(b);
buff.put(secbytes);
byte[] result = new OtrCryptoEngineImpl().sha1Hash(buff.array());
return result;
} catch (Exception e) {
throw new OtrException(e);
}
}
use of net.java.otr4j.crypto.OtrCryptoEngineImpl in project Zom-Android by zom.
the class IOTest method testIODHPublicKey.
public void testIODHPublicKey() throws Exception {
KeyPair pair = new OtrCryptoEngineImpl().generateDHKeyPair();
DHPublicKey source = (DHPublicKey) pair.getPublic();
ByteArrayOutputStream out = new ByteArrayOutputStream();
OtrOutputStream oos = new OtrOutputStream(out);
oos.writeDHPublicKey(source);
oos.close();
byte[] converted = out.toByteArray();
ByteArrayInputStream bin = new ByteArrayInputStream(converted);
OtrInputStream ois = new OtrInputStream(bin);
DHPublicKey result = ois.readDHPublicKey();
ois.close();
assertTrue(source.getY().compareTo(result.getY()) == 0);
}
use of net.java.otr4j.crypto.OtrCryptoEngineImpl in project Zom-Android by zom.
the class IOTest method testIODHKeyMessage.
public void testIODHKeyMessage() throws Exception {
KeyPair pair = new OtrCryptoEngineImpl().generateDHKeyPair();
DHKeyMessage source = new DHKeyMessage(0, (DHPublicKey) pair.getPublic());
String base64 = SerializationUtils.toString(source);
DHKeyMessage result = (DHKeyMessage) SerializationUtils.toMessage(base64);
assertTrue(source.equals(result));
}
use of net.java.otr4j.crypto.OtrCryptoEngineImpl in project Zom-Android by zom.
the class IOTest method testIOBigInt.
public void testIOBigInt() throws Exception {
KeyPair pair = new OtrCryptoEngineImpl().generateDHKeyPair();
BigInteger source = ((DHPublicKey) pair.getPublic()).getY();
ByteArrayOutputStream out = new ByteArrayOutputStream();
OtrOutputStream oos = new OtrOutputStream(out);
oos.writeBigInt(source);
oos.close();
byte[] converted = out.toByteArray();
ByteArrayInputStream bin = new ByteArrayInputStream(converted);
OtrInputStream ois = new OtrInputStream(bin);
BigInteger result = ois.readBigInt();
ois.close();
assertTrue(source.compareTo(result) == 0);
}
use of net.java.otr4j.crypto.OtrCryptoEngineImpl in project Zom-Android by zom.
the class AuthContextImpl method handleRevealSignatureMessage.
private void handleRevealSignatureMessage(RevealSignatureMessage m) throws OtrException {
Session session = getSession();
SessionID sessionID = session.getSessionID();
logger.finest(sessionID.getLocalUserId() + " received a reveal signature message from " + sessionID.getRemoteUserId() + " throught " + sessionID.getProtocolName() + ".");
if (!session.getSessionPolicy().getAllowV2()) {
logger.finest("Policy does not allow OTRv2, ignoring message.");
return;
}
switch(this.getAuthenticationState()) {
case AWAITING_REVEALSIG:
// Use the received value of r to decrypt the value of gx
// received
// in the D-H Commit Message, and verify the hash therein.
// Decrypt
// the encrypted signature, and verify the signature and the
// MACs.
// If everything checks out:
// * Reply with a Signature Message.
// * Transition authstate to AUTHSTATE_NONE.
// * Transition msgstate to MSGSTATE_ENCRYPTED.
// * TODO If there is a recent stored message, encrypt it and
// send
// it as a Data Message.
OtrCryptoEngine otrCryptoEngine = new OtrCryptoEngineImpl();
// Uses r to decrypt the value of gx sent earlier
byte[] remoteDHPublicKeyDecrypted = otrCryptoEngine.aesDecrypt(m.revealedKey, null, this.getRemoteDHPublicKeyEncrypted());
// Verifies that HASH(gx) matches the value sent earlier
byte[] remoteDHPublicKeyHash = otrCryptoEngine.sha256Hash(remoteDHPublicKeyDecrypted);
if (!Arrays.equals(remoteDHPublicKeyHash, this.getRemoteDHPublicKeyHash())) {
logger.finest("Hashes don't match, ignoring message.");
return;
}
// Verifies that Bob's gx is a legal value (2 <= gx <=
// modulus-2)
BigInteger remoteDHPublicKeyMpi;
try {
remoteDHPublicKeyMpi = SerializationUtils.readMpi(remoteDHPublicKeyDecrypted);
} catch (IOException e) {
throw new OtrException(e);
}
this.setRemoteDHPublicKey(otrCryptoEngine.getDHPublicKey(remoteDHPublicKeyMpi));
// Verify received Data.
if (!m.verify(this.getM2())) {
logger.finest("Signature MACs are not equal, ignoring message.");
return;
}
// Decrypt X.
byte[] remoteXDecrypted = m.decrypt(this.getC());
SignatureX remoteX;
try {
remoteX = SerializationUtils.toMysteriousX(remoteXDecrypted);
} catch (IOException e) {
throw new OtrException(e);
}
// Compute signature.
PublicKey remoteLongTermPublicKey = remoteX.longTermPublicKey;
SignatureM remoteM = new SignatureM(this.getRemoteDHPublicKey(), (DHPublicKey) this.getLocalDHKeyPair().getPublic(), remoteLongTermPublicKey, remoteX.dhKeyID);
// Verify signature.
byte[] signature;
try {
signature = otrCryptoEngine.sha256Hmac(SerializationUtils.toByteArray(remoteM), this.getM1());
} catch (IOException e) {
throw new OtrException(e);
}
if (!otrCryptoEngine.verify(signature, remoteLongTermPublicKey, remoteX.signature)) {
session.showWarning("Bad revealed signature");
logger.finest("Signature verification failed.");
return;
}
logger.finest("Signature verification succeeded.");
this.setAuthenticationState(AuthContext.NONE);
this.setIsSecure(true);
this.setRemoteLongTermPublicKey(remoteLongTermPublicKey);
getSession().injectMessage(messageFactory.getSignatureMessage());
break;
default:
logger.finest("Ignoring message.");
break;
}
}
Aggregations