String password;
SecureRandom random;
static final int SALT_SIZE = 8;
- static final int IV_SIZE = 16;
-
+ byte salt[];
+ Table table;
+
/**
* Empty Constructor needed for child class.
*/
* Constructor for actual use. Takes in the url and password.
*/
- CloudComm(String _baseurl, String _password) {
+ CloudComm(Table _table, String _baseurl, String _password) {
+ this.table=_table;
this.baseurl=_baseurl;
this.password = _password;
this.random = new SecureRandom();
* Generates Key from password.
*/
- private SecretKeySpec initKey(byte[] salt) {
+ private SecretKeySpec initKey() {
try {
PBEKeySpec keyspec = new PBEKeySpec(password.toCharArray(), salt, 65536, 128);
SecretKey tmpkey = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256").generateSecret(keyspec);
* Inits the HMAC generator.
*/
- private byte[] initCrypt(byte[] salt) {
+ private void initCrypt() {
try {
- SecretKeySpec key=initKey(salt);
+ SecretKeySpec key=initKey();
+ password = null; // drop password
mac = Mac.getInstance("HmacSHA256");
mac.init(key);
- encryptCipher =Cipher.getInstance("AES/CBC/PKCS5Padding");
+ encryptCipher =Cipher.getInstance("AES/ECB/PKCS5Padding");
encryptCipher.init(Cipher.ENCRYPT_MODE, key);
- return encryptCipher.getIV();
- } catch (Exception e) {
- e.printStackTrace();
- throw new Error("Failed To Initialize Ciphers");
- }
- }
-
- private void initDeCrypt(byte[] salt, byte[] iv) {
- try {
- SecretKeySpec key=initKey(salt);
- mac = Mac.getInstance("HmacSHA256");
- mac.init(key);
- Cipher decryptCipher =Cipher.getInstance("AES/CBC/PKCS5Padding");
- decryptCipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(iv));
+ decryptCipher =Cipher.getInstance("AES/ECB/PKCS5Padding");
+ decryptCipher.init(Cipher.DECRYPT_MODE, key);
} catch (Exception e) {
e.printStackTrace();
throw new Error("Failed To Initialize Ciphers");
urlstr += "&max="+maxentries;
return new URL(urlstr);
}
+
+ public void setSalt() {
+ try {
+ salt = new byte[SALT_SIZE];
+ random.nextBytes(salt);
+ URL url=new URL(baseurl+"?req=setsalt");
+ URLConnection con=url.openConnection();
+ HttpURLConnection http = (HttpURLConnection) con;
+ http.setRequestMethod("POST");
+ http.setFixedLengthStreamingMode(salt.length);
+ http.setDoOutput(true);
+ http.connect();
+ OutputStream os=http.getOutputStream();
+ os.write(salt);
+ int responsecode=http.getResponseCode();
+ if (responsecode != HttpURLConnection.HTTP_OK)
+ throw new Error("Invalid response");
+ } catch (Exception e) {
+ e.printStackTrace();
+ throw new Error("Failed setting salt");
+ }
+ initCrypt();
+ }
+ private void getSalt() throws Exception {
+ URL url=new URL(baseurl+"?req=getsalt");
+ URLConnection con=url.openConnection();
+ HttpURLConnection http = (HttpURLConnection) con;
+ http.setRequestMethod("POST");
+ http.connect();
+
+ InputStream is=http.getInputStream();
+ DataInputStream dis=new DataInputStream(is);
+ int salt_length=dis.readInt();
+ byte [] tmp=new byte[salt_length];
+ dis.readFully(tmp);
+ salt=tmp;
+ }
+
/*
* API for putting a slot into the queue. Returns null on success.
* On failure, the server will send slots with newer sequence
* numbers.
*/
- public Slot[] putSlot(Slot slot, int max) {
+ Slot[] putSlot(Slot slot, int max) {
try {
- long sequencenumber=slot.getSequenceNumber();
- byte[] salt=new byte[SALT_SIZE];
- random.nextBytes(salt);
- byte[] iv=initCrypt(salt);
+ if (salt == null) {
+ getSalt();
+ initCrypt();
+ }
+ long sequencenumber=slot.getSequenceNumber();
byte[] bytes=slot.encode(mac);
+ bytes = encryptCipher.doFinal(bytes);
+
URL url=buildRequest(true, sequencenumber, max);
URLConnection con=url.openConnection();
HttpURLConnection http = (HttpURLConnection) con;
+
http.setRequestMethod("POST");
http.setFixedLengthStreamingMode(bytes.length);
http.setDoOutput(true);
http.connect();
OutputStream os=http.getOutputStream();
- os.write(salt);
- os.write(iv);
- bytes = encryptCipher.doFinal(bytes);
os.write(bytes);
InputStream is=http.getInputStream();
else
throw new Error("Bad response to putslot");
} catch (Exception e) {
+ e.printStackTrace();
throw new Error("putSlot failed");
}
}
* sequencenumber or newer.
*/
- public Slot[] getSlots(long sequencenumber) {
+ Slot[] getSlots(long sequencenumber) {
try {
+ if (salt == null) {
+ getSalt();
+ initCrypt();
+ }
+
URL url=buildRequest(false, sequencenumber, 0);
URLConnection con=url.openConnection();
HttpURLConnection http = (HttpURLConnection) con;
else
return processSlots(dis);
} catch (Exception e) {
+ e.printStackTrace();
throw new Error("getSlots failed");
}
}
sizesofslots[i]=dis.readInt();
for(int i=0; i<numberofslots; i++) {
- byte[] salt=new byte[SALT_SIZE];
- byte[] iv=new byte[IV_SIZE];
- dis.readFully(salt);
- dis.readFully(iv);
- initDeCrypt(salt, iv);
-
byte[] data=new byte[sizesofslots[i]];
dis.readFully(data);
data = decryptCipher.doFinal(data);
- slots[i]=Slot.decode(data, mac);
+ slots[i]=Slot.decode(table, data, mac);
}
dis.close();
return slots;