Fixed SecurityException for some Android versions.

At the same time removed necessity to register a cryptography provider which means SpongyCryptography can be used on the Oracle JVM as well - but this is something vor Jabit 3.0.
This commit is contained in:
Christian Basler 2016-10-15 18:01:08 +02:00
parent 5043e9ed03
commit ad97cd0633
5 changed files with 202 additions and 54 deletions

View File

@ -33,6 +33,7 @@ import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.Provider;
import java.security.SecureRandom;
import static ch.dissem.bitmessage.InternalContext.NETWORK_EXTRA_BYTES;
@ -49,10 +50,10 @@ public abstract class AbstractCryptography implements Cryptography, InternalCont
private static final BigInteger TWO_POW_64 = TWO.pow(64);
private static final BigInteger TWO_POW_16 = TWO.pow(16);
private final String provider;
protected final Provider provider;
private InternalContext context;
protected AbstractCryptography(String provider) {
protected AbstractCryptography(Provider provider) {
this.provider = provider;
}
@ -137,7 +138,6 @@ public abstract class AbstractCryptography implements Cryptography, InternalCont
if (extraBytes == 0) extraBytes = NETWORK_EXTRA_BYTES;
BigInteger TTL = BigInteger.valueOf(object.getExpiresTime() - UnixTime.now());
BigInteger numerator = TWO_POW_64;
BigInteger powLength = BigInteger.valueOf(object.getPayloadBytesWithoutNonce().length + extraBytes);
BigInteger denominator = BigInteger.valueOf(nonceTrialsPerByte)
.multiply(
@ -145,7 +145,7 @@ public abstract class AbstractCryptography implements Cryptography, InternalCont
powLength.multiply(TTL).divide(TWO_POW_16)
)
);
return Bytes.expand(numerator.divide(denominator).toByteArray(), 8);
return Bytes.expand(TWO_POW_64.divide(denominator).toByteArray(), 8);
}
private byte[] hash(String algorithm, byte[]... data) {

View File

@ -52,14 +52,9 @@ import java.util.Arrays;
public class BouncyCryptography extends AbstractCryptography {
private static final X9ECParameters EC_CURVE_PARAMETERS = CustomNamedCurves.getByName("secp256k1");
private static final String ALGORITHM_ECDSA = "ECDSA";
private static final String PROVIDER = "BC";
static {
java.security.Security.addProvider(new BouncyCastleProvider());
}
public BouncyCryptography() {
super(PROVIDER);
super(new BouncyCastleProvider());
}
@Override
@ -109,9 +104,9 @@ public class BouncyCryptography extends AbstractCryptography {
ECPoint Q = keyToPoint(pubkey.getSigningKey());
KeySpec keySpec = new ECPublicKeySpec(Q, spec);
PublicKey publicKey = KeyFactory.getInstance(ALGORITHM_ECDSA, PROVIDER).generatePublic(keySpec);
PublicKey publicKey = KeyFactory.getInstance(ALGORITHM_ECDSA, provider).generatePublic(keySpec);
Signature sig = Signature.getInstance(ALGORITHM_ECDSA, PROVIDER);
Signature sig = Signature.getInstance(ALGORITHM_ECDSA, provider);
sig.initVerify(publicKey);
sig.update(data);
return sig.verify(signature);
@ -133,10 +128,10 @@ public class BouncyCryptography extends AbstractCryptography {
BigInteger d = keyToBigInt(privateKey.getPrivateSigningKey());
KeySpec keySpec = new ECPrivateKeySpec(d, spec);
java.security.PrivateKey privKey = KeyFactory.getInstance(ALGORITHM_ECDSA, PROVIDER)
java.security.PrivateKey privKey = KeyFactory.getInstance(ALGORITHM_ECDSA, provider)
.generatePrivate(keySpec);
Signature sig = Signature.getInstance(ALGORITHM_ECDSA, PROVIDER);
Signature sig = Signature.getInstance(ALGORITHM_ECDSA, provider);
sig.initSign(privKey);
sig.update(data);
return sig.sign();

View File

@ -14,4 +14,5 @@ dependencies {
compile project(':core')
compile 'com.madgag.spongycastle:prov:1.52.0.0'
testCompile 'junit:junit:4.12'
testCompile 'org.mockito:mockito-core:1.10.19'
}

View File

@ -52,14 +52,9 @@ import java.util.Arrays;
public class SpongyCryptography extends AbstractCryptography {
private static final X9ECParameters EC_CURVE_PARAMETERS = CustomNamedCurves.getByName("secp256k1");
private static final String ALGORITHM_ECDSA = "ECDSA";
private static final String PROVIDER = "SC";
static {
java.security.Security.addProvider(new BouncyCastleProvider());
}
public SpongyCryptography() {
super(PROVIDER);
super(new BouncyCastleProvider());
}
@Override
@ -109,9 +104,9 @@ public class SpongyCryptography extends AbstractCryptography {
ECPoint Q = keyToPoint(pubkey.getSigningKey());
KeySpec keySpec = new ECPublicKeySpec(Q, spec);
PublicKey publicKey = KeyFactory.getInstance(ALGORITHM_ECDSA, PROVIDER).generatePublic(keySpec);
PublicKey publicKey = KeyFactory.getInstance(ALGORITHM_ECDSA, provider).generatePublic(keySpec);
Signature sig = Signature.getInstance(ALGORITHM_ECDSA, PROVIDER);
Signature sig = Signature.getInstance(ALGORITHM_ECDSA, provider);
sig.initVerify(publicKey);
sig.update(data);
return sig.verify(signature);
@ -133,10 +128,10 @@ public class SpongyCryptography extends AbstractCryptography {
BigInteger d = keyToBigInt(privateKey.getPrivateSigningKey());
KeySpec keySpec = new ECPrivateKeySpec(d, spec);
java.security.PrivateKey privKey = KeyFactory.getInstance(ALGORITHM_ECDSA, PROVIDER)
java.security.PrivateKey privKey = KeyFactory.getInstance(ALGORITHM_ECDSA, provider)
.generatePrivate(keySpec);
Signature sig = Signature.getInstance(ALGORITHM_ECDSA, PROVIDER);
Signature sig = Signature.getInstance(ALGORITHM_ECDSA, provider);
sig.initSign(privKey);
sig.update(data);
return sig.sign();

View File

@ -0,0 +1,157 @@
package ch.dissem.bitmessage.security;
import ch.dissem.bitmessage.InternalContext;
import ch.dissem.bitmessage.cryptography.sc.SpongyCryptography;
import ch.dissem.bitmessage.entity.ObjectMessage;
import ch.dissem.bitmessage.entity.payload.GenericPayload;
import ch.dissem.bitmessage.entity.valueobject.PrivateKey;
import ch.dissem.bitmessage.exception.InsufficientProofOfWorkException;
import ch.dissem.bitmessage.ports.MultiThreadedPOWEngine;
import ch.dissem.bitmessage.ports.ProofOfWorkEngine;
import ch.dissem.bitmessage.utils.CallbackWaiter;
import ch.dissem.bitmessage.utils.Singleton;
import ch.dissem.bitmessage.utils.UnixTime;
import org.junit.BeforeClass;
import org.junit.Test;
import javax.xml.bind.DatatypeConverter;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import static ch.dissem.bitmessage.utils.UnixTime.DAY;
import static ch.dissem.bitmessage.utils.UnixTime.MINUTE;
import static org.hamcrest.CoreMatchers.is;
import static org.junit.Assert.*;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
/**
* @author Christian Basler
*/
public class CryptographyTest {
public static final byte[] TEST_VALUE = "teststring".getBytes();
public static final byte[] TEST_SHA1 = DatatypeConverter.parseHexBinary(""
+ "b8473b86d4c2072ca9b08bd28e373e8253e865c4");
public static final byte[] TEST_SHA512 = DatatypeConverter.parseHexBinary(""
+ "6253b39071e5df8b5098f59202d414c37a17d6a38a875ef5f8c7d89b0212b028"
+ "692d3d2090ce03ae1de66c862fa8a561e57ed9eb7935ce627344f742c0931d72");
public static final byte[] TEST_RIPEMD160 = DatatypeConverter.parseHexBinary(""
+ "cd566972b5e50104011a92b59fa8e0b1234851ae");
private static SpongyCryptography crypto;
@BeforeClass
public static void setUp() {
crypto = new SpongyCryptography();
Singleton.initialize(crypto);
InternalContext ctx = mock(InternalContext.class);
when(ctx.getProofOfWorkEngine()).thenReturn(new MultiThreadedPOWEngine());
crypto.setContext(ctx);
}
@Test
public void testRipemd160() {
assertArrayEquals(TEST_RIPEMD160, crypto.ripemd160(TEST_VALUE));
}
@Test
public void testSha1() {
assertArrayEquals(TEST_SHA1, crypto.sha1(TEST_VALUE));
}
@Test
public void testSha512() {
assertArrayEquals(TEST_SHA512, crypto.sha512(TEST_VALUE));
}
@Test
public void testChaining() {
assertArrayEquals(TEST_SHA512, crypto.sha512("test".getBytes(), "string".getBytes()));
}
@Test
public void ensureDoubleHashYieldsSameResultAsHashOfHash() {
assertArrayEquals(crypto.sha512(TEST_SHA512), crypto.doubleSha512(TEST_VALUE));
}
@Test(expected = IOException.class)
public void ensureExceptionForInsufficientProofOfWork() throws IOException {
ObjectMessage objectMessage = new ObjectMessage.Builder()
.nonce(new byte[8])
.expiresTime(UnixTime.now(+28 * DAY))
.objectType(0)
.payload(GenericPayload.read(0, 1, new ByteArrayInputStream(new byte[0]), 0))
.build();
crypto.checkProofOfWork(objectMessage, 1000, 1000);
}
@Test
public void testDoProofOfWork() throws Exception {
ObjectMessage objectMessage = new ObjectMessage.Builder()
.nonce(new byte[8])
.expiresTime(UnixTime.now(+2 * MINUTE))
.objectType(0)
.payload(GenericPayload.read(0, 1, new ByteArrayInputStream(new byte[0]), 0))
.build();
final CallbackWaiter<byte[]> waiter = new CallbackWaiter<>();
crypto.doProofOfWork(objectMessage, 1000, 1000,
new ProofOfWorkEngine.Callback() {
@Override
public void onNonceCalculated(byte[] initialHash, byte[] nonce) {
waiter.setValue(nonce);
}
});
objectMessage.setNonce(waiter.waitForValue());
try {
crypto.checkProofOfWork(objectMessage, 1000, 1000);
} catch (InsufficientProofOfWorkException e) {
fail(e.getMessage());
}
}
@Test
public void ensureEncryptionAndDecryptionWorks() {
byte[] data = crypto.randomBytes(100);
byte[] key_e = crypto.randomBytes(32);
byte[] iv = crypto.randomBytes(16);
byte[] encrypted = crypto.crypt(true, data, key_e, iv);
byte[] decrypted = crypto.crypt(false, encrypted, key_e, iv);
assertArrayEquals(data, decrypted);
}
@Test(expected = IllegalArgumentException.class)
public void ensureDecryptionFailsWithInvalidCypherText() {
byte[] data = crypto.randomBytes(128);
byte[] key_e = crypto.randomBytes(32);
byte[] iv = crypto.randomBytes(16);
crypto.crypt(false, data, key_e, iv);
}
@Test
public void testMultiplication() {
byte[] a = crypto.randomBytes(PrivateKey.PRIVATE_KEY_SIZE);
byte[] A = crypto.createPublicKey(a);
byte[] b = crypto.randomBytes(PrivateKey.PRIVATE_KEY_SIZE);
byte[] B = crypto.createPublicKey(b);
assertArrayEquals(crypto.multiply(A, b), crypto.multiply(B, a));
}
@Test
public void ensureSignatureIsValid() {
byte[] data = crypto.randomBytes(100);
PrivateKey privateKey = new PrivateKey(false, 1, 1000, 1000);
byte[] signature = crypto.getSignature(data, privateKey);
assertThat(crypto.isSignatureValid(data, signature, privateKey.getPubkey()), is(true));
}
@Test
public void ensureSignatureIsInvalidForTemperedData() {
byte[] data = crypto.randomBytes(100);
PrivateKey privateKey = new PrivateKey(false, 1, 1000, 1000);
byte[] signature = crypto.getSignature(data, privateKey);
data[0]++;
assertThat(crypto.isSignatureValid(data, signature, privateKey.getPubkey()), is(false));
}
}