diff --git a/domain/src/main/java/ch/dissem/bitmessage/entity/Encrypted.java b/domain/src/main/java/ch/dissem/bitmessage/entity/Encrypted.java new file mode 100644 index 0000000..b0afcb6 --- /dev/null +++ b/domain/src/main/java/ch/dissem/bitmessage/entity/Encrypted.java @@ -0,0 +1,28 @@ +/* + * Copyright 2015 Christian Basler + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package ch.dissem.bitmessage.entity; + +import java.io.IOException; + +/** + * Created by chris on 12.05.15. + */ +public interface Encrypted { + void encrypt(byte[] publicKey) throws IOException; + + void decrypt(byte[] privateKey) throws IOException; +} diff --git a/domain/src/main/java/ch/dissem/bitmessage/entity/payload/V4Pubkey.java b/domain/src/main/java/ch/dissem/bitmessage/entity/payload/V4Pubkey.java index f4712d2..2a173d0 100644 --- a/domain/src/main/java/ch/dissem/bitmessage/entity/payload/V4Pubkey.java +++ b/domain/src/main/java/ch/dissem/bitmessage/entity/payload/V4Pubkey.java @@ -17,8 +17,8 @@ package ch.dissem.bitmessage.entity.payload; import ch.dissem.bitmessage.entity.BitmessageAddress; +import ch.dissem.bitmessage.entity.Encrypted; import ch.dissem.bitmessage.utils.Decode; -import ch.dissem.bitmessage.utils.Security; import java.io.IOException; import java.io.InputStream; @@ -30,7 +30,7 @@ import java.io.OutputStream; * use that pubkey. This prevents people from gathering pubkeys sent around the network and using the data from them * to create messages to be used in spam or in flooding attacks. */ -public class V4Pubkey extends Pubkey { +public class V4Pubkey extends Pubkey implements Encrypted { private long stream; private byte[] tag; private CryptoBox encrypted; @@ -54,11 +54,13 @@ public class V4Pubkey extends Pubkey { CryptoBox.read(in, length - 32)); } - public void encrypt(byte[] privateKey) throws IOException { + @Override + public void encrypt(byte[] publicKey) throws IOException { if (getSignature() == null) throw new IllegalStateException("Pubkey must be signed before encryption."); - this.encrypted = new CryptoBox(decrypted, Security.createPublicKey(privateKey)); + this.encrypted = new CryptoBox(decrypted, publicKey); } + @Override public void decrypt(byte[] privateKey) throws IOException { decrypted = V3Pubkey.read(encrypted.decrypt(privateKey), stream); } diff --git a/domain/src/main/java/ch/dissem/bitmessage/utils/Security.java b/domain/src/main/java/ch/dissem/bitmessage/utils/Security.java index 4d3defa..376b99e 100644 --- a/domain/src/main/java/ch/dissem/bitmessage/utils/Security.java +++ b/domain/src/main/java/ch/dissem/bitmessage/utils/Security.java @@ -22,8 +22,6 @@ import ch.dissem.bitmessage.factory.Factory; import ch.dissem.bitmessage.ports.ProofOfWorkEngine; import org.bouncycastle.asn1.x9.X9ECParameters; import org.bouncycastle.crypto.ec.CustomNamedCurves; -import org.bouncycastle.crypto.params.ECDomainParameters; -import org.bouncycastle.jce.ECNamedCurveTable; import org.bouncycastle.jce.provider.BouncyCastleProvider; import org.bouncycastle.math.ec.ECPoint; import org.slf4j.Logger; @@ -33,7 +31,9 @@ import javax.crypto.Mac; import javax.crypto.spec.SecretKeySpec; import java.io.IOException; import java.math.BigInteger; -import java.security.*; +import java.security.GeneralSecurityException; +import java.security.MessageDigest; +import java.security.SecureRandom; import java.util.Arrays; /** @@ -43,14 +43,7 @@ public class Security { public static final Logger LOG = LoggerFactory.getLogger(Security.class); private static final SecureRandom RANDOM = new SecureRandom(); private static final BigInteger TWO = BigInteger.valueOf(2); - private static final String EC_CURVE_NAME = "secp256k1"; - private static final X9ECParameters EC_CURVE_PARAMETERS = CustomNamedCurves.getByName(EC_CURVE_NAME); - private static final ECDomainParameters EC_DOMAIN_PARAMETERS = new ECDomainParameters( - EC_CURVE_PARAMETERS.getCurve(), - EC_CURVE_PARAMETERS.getG(), - EC_CURVE_PARAMETERS.getN(), - EC_CURVE_PARAMETERS.getH() - ); + private static final X9ECParameters EC_CURVE_PARAMETERS = CustomNamedCurves.getByName("secp256k1"); static { java.security.Security.addProvider(new BouncyCastleProvider()); @@ -166,7 +159,7 @@ public class Security { } public static ECPoint createPublicKey(byte[] privateKey) { - return EC_DOMAIN_PARAMETERS.getG().multiply(keyToBigInt(privateKey)).normalize(); + return EC_CURVE_PARAMETERS.getG().multiply(keyToBigInt(privateKey)).normalize(); } public static BigInteger keyToBigInt(byte[] privateKey) { @@ -176,11 +169,11 @@ public class Security { public static ECPoint keyToPoint(byte[] publicKey) { BigInteger x = new BigInteger(1, Arrays.copyOfRange(publicKey, 1, 33)); BigInteger y = new BigInteger(1, Arrays.copyOfRange(publicKey, 33, 65)); - return EC_DOMAIN_PARAMETERS.getCurve().createPoint(x, y); + return EC_CURVE_PARAMETERS.getCurve().createPoint(x, y); } public static ECPoint createPoint(byte[] x, byte[] y) { - return EC_DOMAIN_PARAMETERS.getCurve().createPoint( + return EC_CURVE_PARAMETERS.getCurve().createPoint( new BigInteger(1, x), new BigInteger(1, y) );