4 import java.util.Arrays;
6 import javax.crypto.spec.*;
7 import java.security.SecureRandom;
10 * This class provides a communication API to the webserver. It also
11 * validates the HMACs on the slots and handles encryption.
12 * @author Brian Demsky <bdemsky@uci.edu>
24 static final int SALT_SIZE = 8;
29 * Empty Constructor needed for child class.
36 * Constructor for actual use. Takes in the url and password.
39 CloudComm(Table _table, String _baseurl, String _password) {
41 this.baseurl=_baseurl;
42 this.password = _password;
43 this.random = new SecureRandom();
47 * Generates Key from password.
50 private SecretKeySpec initKey() {
52 PBEKeySpec keyspec = new PBEKeySpec(password.toCharArray(), salt, 65536, 128);
53 SecretKey tmpkey = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256").generateSecret(keyspec);
54 return new SecretKeySpec(tmpkey.getEncoded(), "AES");
55 } catch (Exception e) {
57 throw new Error("Failed generating key.");
62 * Inits the HMAC generator.
65 private void initCrypt() {
67 SecretKeySpec key=initKey();
68 password = null; // drop password
69 mac = Mac.getInstance("HmacSHA256");
71 encryptCipher =Cipher.getInstance("AES/ECB/PKCS5Padding");
72 encryptCipher.init(Cipher.ENCRYPT_MODE, key);
73 decryptCipher =Cipher.getInstance("AES/ECB/PKCS5Padding");
74 decryptCipher.init(Cipher.DECRYPT_MODE, key);
75 } catch (Exception e) {
77 throw new Error("Failed To Initialize Ciphers");
82 * Builds the URL for the given request.
85 private URL buildRequest(boolean isput, long sequencenumber, long maxentries) throws IOException {
86 String reqstring=isput?"req=putslot":"req=getslot";
87 String urlstr=baseurl+"?"+reqstring+"&seq="+sequencenumber;
89 urlstr += "&max="+maxentries;
90 return new URL(urlstr);
93 public void setSalt() {
95 salt = new byte[SALT_SIZE];
96 random.nextBytes(salt);
97 URL url=new URL(baseurl+"?req=setsalt");
98 URLConnection con=url.openConnection();
99 HttpURLConnection http = (HttpURLConnection) con;
100 http.setRequestMethod("POST");
101 http.setFixedLengthStreamingMode(salt.length);
102 http.setDoOutput(true);
104 OutputStream os=http.getOutputStream();
106 int responsecode=http.getResponseCode();
107 if (responsecode != HttpURLConnection.HTTP_OK)
108 throw new Error("Invalid response");
109 } catch (Exception e) {
111 throw new Error("Failed setting salt");
116 private void getSalt() throws Exception {
117 URL url=new URL(baseurl+"?req=getsalt");
118 URLConnection con=url.openConnection();
119 HttpURLConnection http = (HttpURLConnection) con;
120 http.setRequestMethod("POST");
123 InputStream is=http.getInputStream();
124 DataInputStream dis=new DataInputStream(is);
125 int salt_length=dis.readInt();
126 byte [] tmp=new byte[salt_length];
132 * API for putting a slot into the queue. Returns null on success.
133 * On failure, the server will send slots with newer sequence
137 Slot[] putSlot(Slot slot, int max) {
144 long sequencenumber=slot.getSequenceNumber();
145 byte[] bytes=slot.encode(mac);
146 bytes = encryptCipher.doFinal(bytes);
148 URL url=buildRequest(true, sequencenumber, max);
149 URLConnection con=url.openConnection();
150 HttpURLConnection http = (HttpURLConnection) con;
152 http.setRequestMethod("POST");
153 http.setFixedLengthStreamingMode(bytes.length);
154 http.setDoOutput(true);
157 OutputStream os=http.getOutputStream();
160 InputStream is=http.getInputStream();
161 DataInputStream dis=new DataInputStream(is);
162 byte[] resptype=new byte[7];
163 dis.readFully(resptype);
164 if (Arrays.equals(resptype, "getslot".getBytes()))
165 return processSlots(dis);
166 else if (Arrays.equals(resptype, "putslot".getBytes()))
169 throw new Error("Bad response to putslot");
170 } catch (Exception e) {
172 throw new Error("putSlot failed");
177 * Request the server to send all slots with the given
178 * sequencenumber or newer.
181 Slot[] getSlots(long sequencenumber) {
188 URL url=buildRequest(false, sequencenumber, 0);
189 URLConnection con=url.openConnection();
190 HttpURLConnection http = (HttpURLConnection) con;
191 http.setRequestMethod("POST");
193 InputStream is=http.getInputStream();
195 DataInputStream dis=new DataInputStream(is);
197 byte[] resptype=new byte[7];
198 dis.readFully(resptype);
199 if (!Arrays.equals(resptype, "getslot".getBytes()))
200 throw new Error("Bad Response: "+new String(resptype));
202 return processSlots(dis);
203 } catch (Exception e) {
205 throw new Error("getSlots failed");
210 * Method that actually handles building Slot objects from the
211 * server response. Shared by both putSlot and getSlots.
214 private Slot[] processSlots(DataInputStream dis) throws Exception {
215 int numberofslots=dis.readInt();
216 int[] sizesofslots=new int[numberofslots];
217 Slot[] slots=new Slot[numberofslots];
218 for(int i=0; i<numberofslots; i++)
219 sizesofslots[i]=dis.readInt();
221 for(int i=0; i<numberofslots; i++) {
222 byte[] data=new byte[sizesofslots[i]];
225 data = decryptCipher.doFinal(data);
227 slots[i]=Slot.decode(table, data, mac);