Merge branch 'release/2.0.2'

core/src/main/java/ch/dissem/bitmessage/ports/AbstractCryptography.java

@@ -33,6 +33,7 @@ import java.io.IOException;
 import java.math.BigInteger;
 import java.security.GeneralSecurityException;
 import java.security.MessageDigest;
+import java.security.Provider;
 import java.security.SecureRandom;
 
 import static ch.dissem.bitmessage.InternalContext.NETWORK_EXTRA_BYTES;
@@ -49,10 +50,10 @@ public abstract class AbstractCryptography implements Cryptography, InternalCont
     private static final BigInteger TWO_POW_64 = TWO.pow(64);
     private static final BigInteger TWO_POW_16 = TWO.pow(16);
 
-    private final String provider;
+    protected final Provider provider;
     private InternalContext context;
 
-    protected AbstractCryptography(String provider) {
+    protected AbstractCryptography(Provider provider) {
         this.provider = provider;
     }
 
@@ -137,7 +138,6 @@ public abstract class AbstractCryptography implements Cryptography, InternalCont
         if (extraBytes == 0) extraBytes = NETWORK_EXTRA_BYTES;
 
         BigInteger TTL = BigInteger.valueOf(object.getExpiresTime() - UnixTime.now());
-        BigInteger numerator = TWO_POW_64;
         BigInteger powLength = BigInteger.valueOf(object.getPayloadBytesWithoutNonce().length + extraBytes);
         BigInteger denominator = BigInteger.valueOf(nonceTrialsPerByte)
                 .multiply(
@@ -145,7 +145,7 @@ public abstract class AbstractCryptography implements Cryptography, InternalCont
                                 powLength.multiply(TTL).divide(TWO_POW_16)
                         )
                 );
-        return Bytes.expand(numerator.divide(denominator).toByteArray(), 8);
+        return Bytes.expand(TWO_POW_64.divide(denominator).toByteArray(), 8);
     }
 
     private byte[] hash(String algorithm, byte[]... data) {

cryptography-bc/src/main/java/ch/dissem/bitmessage/cryptography/bc/BouncyCryptography.java

@@ -52,21 +52,16 @@ import java.util.Arrays;
 public class BouncyCryptography extends AbstractCryptography {
     private static final X9ECParameters EC_CURVE_PARAMETERS = CustomNamedCurves.getByName("secp256k1");
     private static final String ALGORITHM_ECDSA = "ECDSA";
-    private static final String PROVIDER = "BC";
-
-    static {
-        java.security.Security.addProvider(new BouncyCastleProvider());
-    }
 
     public BouncyCryptography() {
-        super(PROVIDER);
+        super(new BouncyCastleProvider());
     }
 
     @Override
     public byte[] crypt(boolean encrypt, byte[] data, byte[] key_e, byte[] initializationVector) {
         BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(
-                new CBCBlockCipher(new AESEngine()),
+            new CBCBlockCipher(new AESEngine()),
-                new PKCS7Padding()
+            new PKCS7Padding()
         );
         CipherParameters params = new ParametersWithIV(new KeyParameter(key_e), initializationVector);
 
@@ -100,18 +95,18 @@ public class BouncyCryptography extends AbstractCryptography {
     public boolean isSignatureValid(byte[] data, byte[] signature, Pubkey pubkey) {
         try {
             ECParameterSpec spec = new ECParameterSpec(
-                    EC_CURVE_PARAMETERS.getCurve(),
+                EC_CURVE_PARAMETERS.getCurve(),
-                    EC_CURVE_PARAMETERS.getG(),
+                EC_CURVE_PARAMETERS.getG(),
-                    EC_CURVE_PARAMETERS.getN(),
+                EC_CURVE_PARAMETERS.getN(),
-                    EC_CURVE_PARAMETERS.getH(),
+                EC_CURVE_PARAMETERS.getH(),
-                    EC_CURVE_PARAMETERS.getSeed()
+                EC_CURVE_PARAMETERS.getSeed()
             );
 
             ECPoint Q = keyToPoint(pubkey.getSigningKey());
             KeySpec keySpec = new ECPublicKeySpec(Q, spec);
-            PublicKey publicKey = KeyFactory.getInstance(ALGORITHM_ECDSA, PROVIDER).generatePublic(keySpec);
+            PublicKey publicKey = KeyFactory.getInstance(ALGORITHM_ECDSA, provider).generatePublic(keySpec);
 
-            Signature sig = Signature.getInstance(ALGORITHM_ECDSA, PROVIDER);
+            Signature sig = Signature.getInstance(ALGORITHM_ECDSA, provider);
             sig.initVerify(publicKey);
             sig.update(data);
             return sig.verify(signature);
@@ -124,19 +119,19 @@ public class BouncyCryptography extends AbstractCryptography {
     public byte[] getSignature(byte[] data, PrivateKey privateKey) {
         try {
             ECParameterSpec spec = new ECParameterSpec(
-                    EC_CURVE_PARAMETERS.getCurve(),
+                EC_CURVE_PARAMETERS.getCurve(),
-                    EC_CURVE_PARAMETERS.getG(),
+                EC_CURVE_PARAMETERS.getG(),
-                    EC_CURVE_PARAMETERS.getN(),
+                EC_CURVE_PARAMETERS.getN(),
-                    EC_CURVE_PARAMETERS.getH(),
+                EC_CURVE_PARAMETERS.getH(),
-                    EC_CURVE_PARAMETERS.getSeed()
+                EC_CURVE_PARAMETERS.getSeed()
             );
 
             BigInteger d = keyToBigInt(privateKey.getPrivateSigningKey());
             KeySpec keySpec = new ECPrivateKeySpec(d, spec);
-            java.security.PrivateKey privKey = KeyFactory.getInstance(ALGORITHM_ECDSA, PROVIDER)
+            java.security.PrivateKey privKey = KeyFactory.getInstance(ALGORITHM_ECDSA, provider)
-                    .generatePrivate(keySpec);
+                .generatePrivate(keySpec);
 
-            Signature sig = Signature.getInstance(ALGORITHM_ECDSA, PROVIDER);
+            Signature sig = Signature.getInstance(ALGORITHM_ECDSA, provider);
             sig.initSign(privKey);
             sig.update(data);
             return sig.sign();
@@ -153,8 +148,8 @@ public class BouncyCryptography extends AbstractCryptography {
     @Override
     public byte[] createPoint(byte[] x, byte[] y) {
         return EC_CURVE_PARAMETERS.getCurve().createPoint(
-                new BigInteger(1, x),
+            new BigInteger(1, x),
-                new BigInteger(1, y)
+            new BigInteger(1, y)
         ).getEncoded(false);
     }
 }

cryptography-sc/build.gradle

@@ -14,4 +14,5 @@ dependencies {
     compile project(':core')
     compile 'com.madgag.spongycastle:prov:1.52.0.0'
     testCompile 'junit:junit:4.12'
+    testCompile 'org.mockito:mockito-core:1.10.19'
 }

cryptography-sc/src/main/java/ch/dissem/bitmessage/cryptography/sc/SpongyCryptography.java

@@ -52,21 +52,16 @@ import java.util.Arrays;
 public class SpongyCryptography extends AbstractCryptography {
     private static final X9ECParameters EC_CURVE_PARAMETERS = CustomNamedCurves.getByName("secp256k1");
     private static final String ALGORITHM_ECDSA = "ECDSA";
-    private static final String PROVIDER = "SC";
-
-    static {
-        java.security.Security.addProvider(new BouncyCastleProvider());
-    }
 
     public SpongyCryptography() {
-        super(PROVIDER);
+        super(new BouncyCastleProvider());
     }
 
     @Override
     public byte[] crypt(boolean encrypt, byte[] data, byte[] key_e, byte[] initializationVector) {
         BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(
-                new CBCBlockCipher(new AESEngine()),
+            new CBCBlockCipher(new AESEngine()),
-                new PKCS7Padding()
+            new PKCS7Padding()
         );
         CipherParameters params = new ParametersWithIV(new KeyParameter(key_e), initializationVector);
 
@@ -100,18 +95,18 @@ public class SpongyCryptography extends AbstractCryptography {
     public boolean isSignatureValid(byte[] data, byte[] signature, Pubkey pubkey) {
         try {
             ECParameterSpec spec = new ECParameterSpec(
-                    EC_CURVE_PARAMETERS.getCurve(),
+                EC_CURVE_PARAMETERS.getCurve(),
-                    EC_CURVE_PARAMETERS.getG(),
+                EC_CURVE_PARAMETERS.getG(),
-                    EC_CURVE_PARAMETERS.getN(),
+                EC_CURVE_PARAMETERS.getN(),
-                    EC_CURVE_PARAMETERS.getH(),
+                EC_CURVE_PARAMETERS.getH(),
-                    EC_CURVE_PARAMETERS.getSeed()
+                EC_CURVE_PARAMETERS.getSeed()
             );
 
             ECPoint Q = keyToPoint(pubkey.getSigningKey());
             KeySpec keySpec = new ECPublicKeySpec(Q, spec);
-            PublicKey publicKey = KeyFactory.getInstance(ALGORITHM_ECDSA, PROVIDER).generatePublic(keySpec);
+            PublicKey publicKey = KeyFactory.getInstance(ALGORITHM_ECDSA, provider).generatePublic(keySpec);
 
-            Signature sig = Signature.getInstance(ALGORITHM_ECDSA, PROVIDER);
+            Signature sig = Signature.getInstance(ALGORITHM_ECDSA, provider);
             sig.initVerify(publicKey);
             sig.update(data);
             return sig.verify(signature);
@@ -124,19 +119,19 @@ public class SpongyCryptography extends AbstractCryptography {
     public byte[] getSignature(byte[] data, PrivateKey privateKey) {
         try {
             ECParameterSpec spec = new ECParameterSpec(
-                    EC_CURVE_PARAMETERS.getCurve(),
+                EC_CURVE_PARAMETERS.getCurve(),
-                    EC_CURVE_PARAMETERS.getG(),
+                EC_CURVE_PARAMETERS.getG(),
-                    EC_CURVE_PARAMETERS.getN(),
+                EC_CURVE_PARAMETERS.getN(),
-                    EC_CURVE_PARAMETERS.getH(),
+                EC_CURVE_PARAMETERS.getH(),
-                    EC_CURVE_PARAMETERS.getSeed()
+                EC_CURVE_PARAMETERS.getSeed()
             );
 
             BigInteger d = keyToBigInt(privateKey.getPrivateSigningKey());
             KeySpec keySpec = new ECPrivateKeySpec(d, spec);
-            java.security.PrivateKey privKey = KeyFactory.getInstance(ALGORITHM_ECDSA, PROVIDER)
+            java.security.PrivateKey privKey = KeyFactory.getInstance(ALGORITHM_ECDSA, provider)
-                    .generatePrivate(keySpec);
+                .generatePrivate(keySpec);
 
-            Signature sig = Signature.getInstance(ALGORITHM_ECDSA, PROVIDER);
+            Signature sig = Signature.getInstance(ALGORITHM_ECDSA, provider);
             sig.initSign(privKey);
             sig.update(data);
             return sig.sign();
@@ -153,8 +148,8 @@ public class SpongyCryptography extends AbstractCryptography {
     @Override
     public byte[] createPoint(byte[] x, byte[] y) {
         return EC_CURVE_PARAMETERS.getCurve().createPoint(
-                new BigInteger(1, x),
+            new BigInteger(1, x),
-                new BigInteger(1, y)
+            new BigInteger(1, y)
         ).getEncoded(false);
     }
 }

cryptography-sc/src/test/java/ch/dissem/bitmessage/security/CryptographyTest.java

@@ -0,0 +1,157 @@
+package ch.dissem.bitmessage.security;
+
+import ch.dissem.bitmessage.InternalContext;
+import ch.dissem.bitmessage.cryptography.sc.SpongyCryptography;
+import ch.dissem.bitmessage.entity.ObjectMessage;
+import ch.dissem.bitmessage.entity.payload.GenericPayload;
+import ch.dissem.bitmessage.entity.valueobject.PrivateKey;
+import ch.dissem.bitmessage.exception.InsufficientProofOfWorkException;
+import ch.dissem.bitmessage.ports.MultiThreadedPOWEngine;
+import ch.dissem.bitmessage.ports.ProofOfWorkEngine;
+import ch.dissem.bitmessage.utils.CallbackWaiter;
+import ch.dissem.bitmessage.utils.Singleton;
+import ch.dissem.bitmessage.utils.UnixTime;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+import javax.xml.bind.DatatypeConverter;
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+
+import static ch.dissem.bitmessage.utils.UnixTime.DAY;
+import static ch.dissem.bitmessage.utils.UnixTime.MINUTE;
+import static org.hamcrest.CoreMatchers.is;
+import static org.junit.Assert.*;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+/**
+ * @author Christian Basler
+ */
+public class CryptographyTest {
+    public static final byte[] TEST_VALUE = "teststring".getBytes();
+    public static final byte[] TEST_SHA1 = DatatypeConverter.parseHexBinary(""
+            + "b8473b86d4c2072ca9b08bd28e373e8253e865c4");
+    public static final byte[] TEST_SHA512 = DatatypeConverter.parseHexBinary(""
+            + "6253b39071e5df8b5098f59202d414c37a17d6a38a875ef5f8c7d89b0212b028"
+            + "692d3d2090ce03ae1de66c862fa8a561e57ed9eb7935ce627344f742c0931d72");
+    public static final byte[] TEST_RIPEMD160 = DatatypeConverter.parseHexBinary(""
+            + "cd566972b5e50104011a92b59fa8e0b1234851ae");
+
+    private static SpongyCryptography crypto;
+
+    @BeforeClass
+    public static void setUp() {
+        crypto = new SpongyCryptography();
+        Singleton.initialize(crypto);
+        InternalContext ctx = mock(InternalContext.class);
+        when(ctx.getProofOfWorkEngine()).thenReturn(new MultiThreadedPOWEngine());
+        crypto.setContext(ctx);
+    }
+
+    @Test
+    public void testRipemd160() {
+        assertArrayEquals(TEST_RIPEMD160, crypto.ripemd160(TEST_VALUE));
+    }
+
+    @Test
+    public void testSha1() {
+        assertArrayEquals(TEST_SHA1, crypto.sha1(TEST_VALUE));
+    }
+
+    @Test
+    public void testSha512() {
+        assertArrayEquals(TEST_SHA512, crypto.sha512(TEST_VALUE));
+    }
+
+    @Test
+    public void testChaining() {
+        assertArrayEquals(TEST_SHA512, crypto.sha512("test".getBytes(), "string".getBytes()));
+    }
+
+    @Test
+    public void ensureDoubleHashYieldsSameResultAsHashOfHash() {
+        assertArrayEquals(crypto.sha512(TEST_SHA512), crypto.doubleSha512(TEST_VALUE));
+    }
+
+    @Test(expected = IOException.class)
+    public void ensureExceptionForInsufficientProofOfWork() throws IOException {
+        ObjectMessage objectMessage = new ObjectMessage.Builder()
+                .nonce(new byte[8])
+                .expiresTime(UnixTime.now(+28 * DAY))
+                .objectType(0)
+                .payload(GenericPayload.read(0, 1, new ByteArrayInputStream(new byte[0]), 0))
+                .build();
+        crypto.checkProofOfWork(objectMessage, 1000, 1000);
+    }
+
+    @Test
+    public void testDoProofOfWork() throws Exception {
+        ObjectMessage objectMessage = new ObjectMessage.Builder()
+                .nonce(new byte[8])
+                .expiresTime(UnixTime.now(+2 * MINUTE))
+                .objectType(0)
+                .payload(GenericPayload.read(0, 1, new ByteArrayInputStream(new byte[0]), 0))
+                .build();
+        final CallbackWaiter<byte[]> waiter = new CallbackWaiter<>();
+        crypto.doProofOfWork(objectMessage, 1000, 1000,
+                new ProofOfWorkEngine.Callback() {
+                    @Override
+                    public void onNonceCalculated(byte[] initialHash, byte[] nonce) {
+                        waiter.setValue(nonce);
+                    }
+                });
+        objectMessage.setNonce(waiter.waitForValue());
+        try {
+            crypto.checkProofOfWork(objectMessage, 1000, 1000);
+        } catch (InsufficientProofOfWorkException e) {
+            fail(e.getMessage());
+        }
+    }
+
+    @Test
+    public void ensureEncryptionAndDecryptionWorks() {
+        byte[] data = crypto.randomBytes(100);
+        byte[] key_e = crypto.randomBytes(32);
+        byte[] iv = crypto.randomBytes(16);
+        byte[] encrypted = crypto.crypt(true, data, key_e, iv);
+        byte[] decrypted = crypto.crypt(false, encrypted, key_e, iv);
+        assertArrayEquals(data, decrypted);
+    }
+
+    @Test(expected = IllegalArgumentException.class)
+    public void ensureDecryptionFailsWithInvalidCypherText() {
+        byte[] data = crypto.randomBytes(128);
+        byte[] key_e = crypto.randomBytes(32);
+        byte[] iv = crypto.randomBytes(16);
+        crypto.crypt(false, data, key_e, iv);
+    }
+
+    @Test
+    public void testMultiplication() {
+        byte[] a = crypto.randomBytes(PrivateKey.PRIVATE_KEY_SIZE);
+        byte[] A = crypto.createPublicKey(a);
+
+        byte[] b = crypto.randomBytes(PrivateKey.PRIVATE_KEY_SIZE);
+        byte[] B = crypto.createPublicKey(b);
+
+        assertArrayEquals(crypto.multiply(A, b), crypto.multiply(B, a));
+    }
+
+    @Test
+    public void ensureSignatureIsValid() {
+        byte[] data = crypto.randomBytes(100);
+        PrivateKey privateKey = new PrivateKey(false, 1, 1000, 1000);
+        byte[] signature = crypto.getSignature(data, privateKey);
+        assertThat(crypto.isSignatureValid(data, signature, privateKey.getPubkey()), is(true));
+    }
+
+    @Test
+    public void ensureSignatureIsInvalidForTemperedData() {
+        byte[] data = crypto.randomBytes(100);
+        PrivateKey privateKey = new PrivateKey(false, 1, 1000, 1000);
+        byte[] signature = crypto.getSignature(data, privateKey);
+        data[0]++;
+        assertThat(crypto.isSignatureValid(data, signature, privateKey.getPubkey()), is(false));
+    }
+}