bitmessage/Jabit
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Compare commits

base: bitmessage:2.0.1
Branches Tags
bitmessage:master bitmessage:feature/refactoring bitmessage:develop bitmessage:gh-pages
bitmessage:2.0.4 bitmessage:2.0.3 bitmessage:2.0.2 bitmessage:2.0.1 bitmessage:2.0.0 bitmessage:1.0.1 bitmessage:1.0.0 bitmessage:0.2.0
...
compare: bitmessage:2.0.3
Branches Tags
bitmessage:master bitmessage:feature/refactoring bitmessage:develop bitmessage:gh-pages
bitmessage:2.0.4 bitmessage:2.0.3 bitmessage:2.0.2 bitmessage:2.0.1 bitmessage:2.0.0 bitmessage:1.0.1 bitmessage:1.0.0 bitmessage:0.2.0

7 Commits
2.0.1 ... 2.0.3

Author SHA1 Message Date
Christian Basler
f0a5a40edd Merge branch 'release/2.0.3' 2016-10-24 08:12:48 +02:00
Christian Basler
1bc82cdd7d Merge branch 'master' into release/2.0.3 2016-10-22 09:37:56 +02:00
Christian Basler
a880a8c10b Fixed NPE 2016-10-22 07:24:49 +02:00
Christian Basler
6a5fe01860 Merge tag '2.0.2' into develop 
Version 2.0.2
 2016-10-15 18:02:18 +02:00
Christian Basler
5cf6d308f2 Merge branch 'release/2.0.2' 2016-10-15 18:02:06 +02:00
Christian Basler
ad97cd0633 Fixed SecurityException for some Android versions. 
At the same time removed necessity to register a cryptography provider which means SpongyCryptography can be used on the Oracle JVM as well - but this is something vor Jabit 3.0.
 2016-10-15 18:01:08 +02:00
Christian Basler
5043e9ed03 Merge tag '2.0.1' into develop 
Version 2.0.1
 2016-10-07 22:10:16 +02:00
6 changed files with 244 additions and 93 deletions
Expand all files Collapse all files

81
core/src/main/java/ch/dissem/bitmessage/entity/Plaintext.java
View File

@ -69,9 +69,9 @@ public class Plaintext implements Streamable {
ackData = builder.ackData;
if (builder.ackMessage != null && builder.ackMessage.length > 0) {
ackMessage = Factory.getObjectMessage(
3,
new ByteArrayInputStream(builder.ackMessage),
builder.ackMessage.length);
3,
new ByteArrayInputStream(builder.ackMessage),
builder.ackMessage.length);
}
signature = builder.signature;
status = builder.status;
@ -85,25 +85,25 @@ public class Plaintext implements Streamable {
public static Plaintext read(Type type, InputStream in) throws IOException {
return readWithoutSignature(type, in)
.signature(Decode.varBytes(in))
.received(UnixTime.now())
.build();
.signature(Decode.varBytes(in))
.received(UnixTime.now())
.build();
}
public static Plaintext.Builder readWithoutSignature(Type type, InputStream in) throws IOException {
long version = Decode.varInt(in);
return new Builder(type)
.addressVersion(version)
.stream(Decode.varInt(in))
.behaviorBitfield(Decode.int32(in))
.publicSigningKey(Decode.bytes(in, 64))
.publicEncryptionKey(Decode.bytes(in, 64))
.nonceTrialsPerByte(version >= 3 ? Decode.varInt(in) : 0)
.extraBytes(version >= 3 ? Decode.varInt(in) : 0)
.destinationRipe(type == Type.MSG ? Decode.bytes(in, 20) : null)
.encoding(Decode.varInt(in))
.message(Decode.varBytes(in))
.ackMessage(type == Type.MSG ? Decode.varBytes(in) : null);
.addressVersion(version)
.stream(Decode.varInt(in))
.behaviorBitfield(Decode.int32(in))
.publicSigningKey(Decode.bytes(in, 64))
.publicEncryptionKey(Decode.bytes(in, 64))
.nonceTrialsPerByte(version >= 3 ? Decode.varInt(in) : 0)
.extraBytes(version >= 3 ? Decode.varInt(in) : 0)
.destinationRipe(type == Type.MSG ? Decode.bytes(in, 20) : null)
.encoding(Decode.varInt(in))
.message(Decode.varBytes(in))
.ackMessage(type == Type.MSG ? Decode.varBytes(in) : null);
}
public InventoryVector getInventoryVector() {
@ -198,6 +198,7 @@ public class Plaintext implements Streamable {
}
}
}
public void write(ByteBuffer buffer, boolean includeSignature) {
Encode.varInt(from.getVersion(), buffer);
Encode.varInt(from.getStream(), buffer);
@ -279,14 +280,16 @@ public class Plaintext implements Streamable {
}
public void updateNextTry() {
if (nextTry == null) {
if (sent != null && to.has(Feature.DOES_ACK)) {
nextTry = UnixTime.now(+ttl);
if (to != null) {
if (nextTry == null) {
if (sent != null && to.has(Feature.DOES_ACK)) {
nextTry = UnixTime.now(+ttl);
retries++;
}
} else {
nextTry = nextTry + (1 << retries) * ttl;
retries++;
}
} else {
nextTry = nextTry + (1 << retries) * ttl;
retries++;
}
}
@ -320,15 +323,15 @@ public class Plaintext implements Streamable {
if (o == null || getClass() != o.getClass()) return false;
Plaintext plaintext = (Plaintext) o;
return Objects.equals(encoding, plaintext.encoding) &&
Objects.equals(from, plaintext.from) &&
Arrays.equals(message, plaintext.message) &&
Objects.equals(getAckMessage(), plaintext.getAckMessage()) &&
Arrays.equals(to.getRipe(), plaintext.to.getRipe()) &&
Arrays.equals(signature, plaintext.signature) &&
Objects.equals(status, plaintext.status) &&
Objects.equals(sent, plaintext.sent) &&
Objects.equals(received, plaintext.received) &&
Objects.equals(labels, plaintext.labels);
Objects.equals(from, plaintext.from) &&
Arrays.equals(message, plaintext.message) &&
Objects.equals(getAckMessage(), plaintext.getAckMessage()) &&
Arrays.equals(to == null ? null : to.getRipe(), plaintext.to == null ? null : plaintext.to.getRipe()) &&
Arrays.equals(signature, plaintext.signature) &&
Objects.equals(status, plaintext.status) &&
Objects.equals(sent, plaintext.sent) &&
Objects.equals(received, plaintext.received) &&
Objects.equals(labels, plaintext.labels);
}
@Override
@ -582,13 +585,13 @@ public class Plaintext implements Streamable {
public Plaintext build() {
if (from == null) {
from = new BitmessageAddress(Factory.createPubkey(
addressVersion,
stream,
publicSigningKey,
publicEncryptionKey,
nonceTrialsPerByte,
extraBytes,
behaviorBitfield
addressVersion,
stream,
publicSigningKey,
publicEncryptionKey,
nonceTrialsPerByte,
extraBytes,
behaviorBitfield
));
}
if (to == null && type != Type.BROADCAST && destinationRipe != null) {

8
core/src/main/java/ch/dissem/bitmessage/ports/AbstractCryptography.java
View File

@ -33,6 +33,7 @@ import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.Provider;
import java.security.SecureRandom;
import static ch.dissem.bitmessage.InternalContext.NETWORK_EXTRA_BYTES;
@ -49,10 +50,10 @@ public abstract class AbstractCryptography implements Cryptography, InternalCont
private static final BigInteger TWO_POW_64 = TWO.pow(64);
private static final BigInteger TWO_POW_16 = TWO.pow(16);
private final String provider;
protected final Provider provider;
private InternalContext context;
protected AbstractCryptography(String provider) {
protected AbstractCryptography(Provider provider) {
this.provider = provider;
}
@ -137,7 +138,6 @@ public abstract class AbstractCryptography implements Cryptography, InternalCont
if (extraBytes == 0) extraBytes = NETWORK_EXTRA_BYTES;
BigInteger TTL = BigInteger.valueOf(object.getExpiresTime() - UnixTime.now());
BigInteger numerator = TWO_POW_64;
BigInteger powLength = BigInteger.valueOf(object.getPayloadBytesWithoutNonce().length + extraBytes);
BigInteger denominator = BigInteger.valueOf(nonceTrialsPerByte)
.multiply(
@ -145,7 +145,7 @@ public abstract class AbstractCryptography implements Cryptography, InternalCont
powLength.multiply(TTL).divide(TWO_POW_16)
)
);
return Bytes.expand(numerator.divide(denominator).toByteArray(), 8);
return Bytes.expand(TWO_POW_64.divide(denominator).toByteArray(), 8);
}
private byte[] hash(String algorithm, byte[]... data) {

45
cryptography-bc/src/main/java/ch/dissem/bitmessage/cryptography/bc/BouncyCryptography.java
View File

@ -52,21 +52,16 @@ import java.util.Arrays;
public class BouncyCryptography extends AbstractCryptography {
private static final X9ECParameters EC_CURVE_PARAMETERS = CustomNamedCurves.getByName("secp256k1");
private static final String ALGORITHM_ECDSA = "ECDSA";
private static final String PROVIDER = "BC";
static {
java.security.Security.addProvider(new BouncyCastleProvider());
}
public BouncyCryptography() {
super(PROVIDER);
super(new BouncyCastleProvider());
}
@Override
public byte[] crypt(boolean encrypt, byte[] data, byte[] key_e, byte[] initializationVector) {
BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(
new CBCBlockCipher(new AESEngine()),
new PKCS7Padding()
new CBCBlockCipher(new AESEngine()),
new PKCS7Padding()
);
CipherParameters params = new ParametersWithIV(new KeyParameter(key_e), initializationVector);
@ -100,18 +95,18 @@ public class BouncyCryptography extends AbstractCryptography {
public boolean isSignatureValid(byte[] data, byte[] signature, Pubkey pubkey) {
try {
ECParameterSpec spec = new ECParameterSpec(
EC_CURVE_PARAMETERS.getCurve(),
EC_CURVE_PARAMETERS.getG(),
EC_CURVE_PARAMETERS.getN(),
EC_CURVE_PARAMETERS.getH(),
EC_CURVE_PARAMETERS.getSeed()
EC_CURVE_PARAMETERS.getCurve(),
EC_CURVE_PARAMETERS.getG(),
EC_CURVE_PARAMETERS.getN(),
EC_CURVE_PARAMETERS.getH(),
EC_CURVE_PARAMETERS.getSeed()
);
ECPoint Q = keyToPoint(pubkey.getSigningKey());
KeySpec keySpec = new ECPublicKeySpec(Q, spec);
PublicKey publicKey = KeyFactory.getInstance(ALGORITHM_ECDSA, PROVIDER).generatePublic(keySpec);
PublicKey publicKey = KeyFactory.getInstance(ALGORITHM_ECDSA, provider).generatePublic(keySpec);
Signature sig = Signature.getInstance(ALGORITHM_ECDSA, PROVIDER);
Signature sig = Signature.getInstance(ALGORITHM_ECDSA, provider);
sig.initVerify(publicKey);
sig.update(data);
return sig.verify(signature);
@ -124,19 +119,19 @@ public class BouncyCryptography extends AbstractCryptography {
public byte[] getSignature(byte[] data, PrivateKey privateKey) {
try {
ECParameterSpec spec = new ECParameterSpec(
EC_CURVE_PARAMETERS.getCurve(),
EC_CURVE_PARAMETERS.getG(),
EC_CURVE_PARAMETERS.getN(),
EC_CURVE_PARAMETERS.getH(),
EC_CURVE_PARAMETERS.getSeed()
EC_CURVE_PARAMETERS.getCurve(),
EC_CURVE_PARAMETERS.getG(),
EC_CURVE_PARAMETERS.getN(),
EC_CURVE_PARAMETERS.getH(),
EC_CURVE_PARAMETERS.getSeed()
);
BigInteger d = keyToBigInt(privateKey.getPrivateSigningKey());
KeySpec keySpec = new ECPrivateKeySpec(d, spec);
java.security.PrivateKey privKey = KeyFactory.getInstance(ALGORITHM_ECDSA, PROVIDER)
.generatePrivate(keySpec);
java.security.PrivateKey privKey = KeyFactory.getInstance(ALGORITHM_ECDSA, provider)
.generatePrivate(keySpec);
Signature sig = Signature.getInstance(ALGORITHM_ECDSA, PROVIDER);
Signature sig = Signature.getInstance(ALGORITHM_ECDSA, provider);
sig.initSign(privKey);
sig.update(data);
return sig.sign();
@ -153,8 +148,8 @@ public class BouncyCryptography extends AbstractCryptography {
@Override
public byte[] createPoint(byte[] x, byte[] y) {
return EC_CURVE_PARAMETERS.getCurve().createPoint(
new BigInteger(1, x),
new BigInteger(1, y)
new BigInteger(1, x),
new BigInteger(1, y)
).getEncoded(false);
}
}

1
cryptography-sc/build.gradle
View File

@ -14,4 +14,5 @@ dependencies {
compile project(':core')
compile 'com.madgag.spongycastle:prov:1.52.0.0'
testCompile 'junit:junit:4.12'
testCompile 'org.mockito:mockito-core:1.10.19'
}

45
cryptography-sc/src/main/java/ch/dissem/bitmessage/cryptography/sc/SpongyCryptography.java
View File

@ -52,21 +52,16 @@ import java.util.Arrays;
public class SpongyCryptography extends AbstractCryptography {
private static final X9ECParameters EC_CURVE_PARAMETERS = CustomNamedCurves.getByName("secp256k1");
private static final String ALGORITHM_ECDSA = "ECDSA";
private static final String PROVIDER = "SC";
static {
java.security.Security.addProvider(new BouncyCastleProvider());
}
public SpongyCryptography() {
super(PROVIDER);
super(new BouncyCastleProvider());
}
@Override
public byte[] crypt(boolean encrypt, byte[] data, byte[] key_e, byte[] initializationVector) {
BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(
new CBCBlockCipher(new AESEngine()),
new PKCS7Padding()
new CBCBlockCipher(new AESEngine()),
new PKCS7Padding()
);
CipherParameters params = new ParametersWithIV(new KeyParameter(key_e), initializationVector);
@ -100,18 +95,18 @@ public class SpongyCryptography extends AbstractCryptography {
public boolean isSignatureValid(byte[] data, byte[] signature, Pubkey pubkey) {
try {
ECParameterSpec spec = new ECParameterSpec(
EC_CURVE_PARAMETERS.getCurve(),
EC_CURVE_PARAMETERS.getG(),
EC_CURVE_PARAMETERS.getN(),
EC_CURVE_PARAMETERS.getH(),
EC_CURVE_PARAMETERS.getSeed()
EC_CURVE_PARAMETERS.getCurve(),
EC_CURVE_PARAMETERS.getG(),
EC_CURVE_PARAMETERS.getN(),
EC_CURVE_PARAMETERS.getH(),
EC_CURVE_PARAMETERS.getSeed()
);
ECPoint Q = keyToPoint(pubkey.getSigningKey());
KeySpec keySpec = new ECPublicKeySpec(Q, spec);
PublicKey publicKey = KeyFactory.getInstance(ALGORITHM_ECDSA, PROVIDER).generatePublic(keySpec);
PublicKey publicKey = KeyFactory.getInstance(ALGORITHM_ECDSA, provider).generatePublic(keySpec);
Signature sig = Signature.getInstance(ALGORITHM_ECDSA, PROVIDER);
Signature sig = Signature.getInstance(ALGORITHM_ECDSA, provider);
sig.initVerify(publicKey);
sig.update(data);
return sig.verify(signature);
@ -124,19 +119,19 @@ public class SpongyCryptography extends AbstractCryptography {
public byte[] getSignature(byte[] data, PrivateKey privateKey) {
try {
ECParameterSpec spec = new ECParameterSpec(
EC_CURVE_PARAMETERS.getCurve(),
EC_CURVE_PARAMETERS.getG(),
EC_CURVE_PARAMETERS.getN(),
EC_CURVE_PARAMETERS.getH(),
EC_CURVE_PARAMETERS.getSeed()
EC_CURVE_PARAMETERS.getCurve(),
EC_CURVE_PARAMETERS.getG(),
EC_CURVE_PARAMETERS.getN(),
EC_CURVE_PARAMETERS.getH(),
EC_CURVE_PARAMETERS.getSeed()
);
BigInteger d = keyToBigInt(privateKey.getPrivateSigningKey());
KeySpec keySpec = new ECPrivateKeySpec(d, spec);
java.security.PrivateKey privKey = KeyFactory.getInstance(ALGORITHM_ECDSA, PROVIDER)
.generatePrivate(keySpec);
java.security.PrivateKey privKey = KeyFactory.getInstance(ALGORITHM_ECDSA, provider)
.generatePrivate(keySpec);
Signature sig = Signature.getInstance(ALGORITHM_ECDSA, PROVIDER);
Signature sig = Signature.getInstance(ALGORITHM_ECDSA, provider);
sig.initSign(privKey);
sig.update(data);
return sig.sign();
@ -153,8 +148,8 @@ public class SpongyCryptography extends AbstractCryptography {
@Override
public byte[] createPoint(byte[] x, byte[] y) {
return EC_CURVE_PARAMETERS.getCurve().createPoint(
new BigInteger(1, x),
new BigInteger(1, y)
new BigInteger(1, x),
new BigInteger(1, y)
).getEncoded(false);
}
}

157
cryptography-sc/src/test/java/ch/dissem/bitmessage/security/CryptographyTest.java Normal file
View File

@ -0,0 +1,157 @@
package ch.dissem.bitmessage.security;
import ch.dissem.bitmessage.InternalContext;
import ch.dissem.bitmessage.cryptography.sc.SpongyCryptography;
import ch.dissem.bitmessage.entity.ObjectMessage;
import ch.dissem.bitmessage.entity.payload.GenericPayload;
import ch.dissem.bitmessage.entity.valueobject.PrivateKey;
import ch.dissem.bitmessage.exception.InsufficientProofOfWorkException;
import ch.dissem.bitmessage.ports.MultiThreadedPOWEngine;
import ch.dissem.bitmessage.ports.ProofOfWorkEngine;
import ch.dissem.bitmessage.utils.CallbackWaiter;
import ch.dissem.bitmessage.utils.Singleton;
import ch.dissem.bitmessage.utils.UnixTime;
import org.junit.BeforeClass;
import org.junit.Test;
import javax.xml.bind.DatatypeConverter;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import static ch.dissem.bitmessage.utils.UnixTime.DAY;
import static ch.dissem.bitmessage.utils.UnixTime.MINUTE;
import static org.hamcrest.CoreMatchers.is;
import static org.junit.Assert.*;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
/**
* @author Christian Basler
*/
public class CryptographyTest {
public static final byte[] TEST_VALUE = "teststring".getBytes();
public static final byte[] TEST_SHA1 = DatatypeConverter.parseHexBinary(""
+ "b8473b86d4c2072ca9b08bd28e373e8253e865c4");
public static final byte[] TEST_SHA512 = DatatypeConverter.parseHexBinary(""
+ "6253b39071e5df8b5098f59202d414c37a17d6a38a875ef5f8c7d89b0212b028"
+ "692d3d2090ce03ae1de66c862fa8a561e57ed9eb7935ce627344f742c0931d72");
public static final byte[] TEST_RIPEMD160 = DatatypeConverter.parseHexBinary(""
+ "cd566972b5e50104011a92b59fa8e0b1234851ae");
private static SpongyCryptography crypto;
@BeforeClass
public static void setUp() {
crypto = new SpongyCryptography();
Singleton.initialize(crypto);
InternalContext ctx = mock(InternalContext.class);
when(ctx.getProofOfWorkEngine()).thenReturn(new MultiThreadedPOWEngine());
crypto.setContext(ctx);
}
@Test
public void testRipemd160() {
assertArrayEquals(TEST_RIPEMD160, crypto.ripemd160(TEST_VALUE));
}
@Test
public void testSha1() {
assertArrayEquals(TEST_SHA1, crypto.sha1(TEST_VALUE));
}
@Test
public void testSha512() {
assertArrayEquals(TEST_SHA512, crypto.sha512(TEST_VALUE));
}
@Test
public void testChaining() {
assertArrayEquals(TEST_SHA512, crypto.sha512("test".getBytes(), "string".getBytes()));
}
@Test
public void ensureDoubleHashYieldsSameResultAsHashOfHash() {
assertArrayEquals(crypto.sha512(TEST_SHA512), crypto.doubleSha512(TEST_VALUE));
}
@Test(expected = IOException.class)
public void ensureExceptionForInsufficientProofOfWork() throws IOException {
ObjectMessage objectMessage = new ObjectMessage.Builder()
.nonce(new byte[8])
.expiresTime(UnixTime.now(+28 * DAY))
.objectType(0)
.payload(GenericPayload.read(0, 1, new ByteArrayInputStream(new byte[0]), 0))
.build();
crypto.checkProofOfWork(objectMessage, 1000, 1000);
}
@Test
public void testDoProofOfWork() throws Exception {
ObjectMessage objectMessage = new ObjectMessage.Builder()
.nonce(new byte[8])
.expiresTime(UnixTime.now(+2 * MINUTE))
.objectType(0)
.payload(GenericPayload.read(0, 1, new ByteArrayInputStream(new byte[0]), 0))
.build();
final CallbackWaiter<byte[]> waiter = new CallbackWaiter<>();
crypto.doProofOfWork(objectMessage, 1000, 1000,
new ProofOfWorkEngine.Callback() {
@Override
public void onNonceCalculated(byte[] initialHash, byte[] nonce) {
waiter.setValue(nonce);
}
});
objectMessage.setNonce(waiter.waitForValue());
try {
crypto.checkProofOfWork(objectMessage, 1000, 1000);
} catch (InsufficientProofOfWorkException e) {
fail(e.getMessage());
}
}
@Test
public void ensureEncryptionAndDecryptionWorks() {
byte[] data = crypto.randomBytes(100);
byte[] key_e = crypto.randomBytes(32);
byte[] iv = crypto.randomBytes(16);
byte[] encrypted = crypto.crypt(true, data, key_e, iv);
byte[] decrypted = crypto.crypt(false, encrypted, key_e, iv);
assertArrayEquals(data, decrypted);
}
@Test(expected = IllegalArgumentException.class)
public void ensureDecryptionFailsWithInvalidCypherText() {
byte[] data = crypto.randomBytes(128);
byte[] key_e = crypto.randomBytes(32);
byte[] iv = crypto.randomBytes(16);
crypto.crypt(false, data, key_e, iv);
}
@Test
public void testMultiplication() {
byte[] a = crypto.randomBytes(PrivateKey.PRIVATE_KEY_SIZE);
byte[] A = crypto.createPublicKey(a);
byte[] b = crypto.randomBytes(PrivateKey.PRIVATE_KEY_SIZE);
byte[] B = crypto.createPublicKey(b);
assertArrayEquals(crypto.multiply(A, b), crypto.multiply(B, a));
}
@Test
public void ensureSignatureIsValid() {
byte[] data = crypto.randomBytes(100);
PrivateKey privateKey = new PrivateKey(false, 1, 1000, 1000);
byte[] signature = crypto.getSignature(data, privateKey);
assertThat(crypto.isSignatureValid(data, signature, privateKey.getPubkey()), is(true));
}
@Test
public void ensureSignatureIsInvalidForTemperedData() {
byte[] data = crypto.randomBytes(100);
PrivateKey privateKey = new PrivateKey(false, 1, 1000, 1000);
byte[] signature = crypto.getSignature(data, privateKey);
data[0]++;
assertThat(crypto.isSignatureValid(data, signature, privateKey.getPubkey()), is(false));
}
}