[1363] | 1 | package org.expeditee.encryption;
|
---|
[1259] | 2 |
|
---|
[1260] | 3 | import java.security.InvalidKeyException;
|
---|
| 4 | import java.security.NoSuchAlgorithmException;
|
---|
[1259] | 5 | import java.security.SecureRandom;
|
---|
[1260] | 6 | import java.util.Arrays;
|
---|
[1259] | 7 | import java.util.Base64;
|
---|
[1260] | 8 | import java.util.Collection;
|
---|
[1259] | 9 | import java.util.HashMap;
|
---|
| 10 | import java.util.List;
|
---|
| 11 | import java.util.Map;
|
---|
| 12 | import java.util.Random;
|
---|
| 13 |
|
---|
[1260] | 14 | import javax.crypto.BadPaddingException;
|
---|
| 15 | import javax.crypto.Cipher;
|
---|
| 16 | import javax.crypto.IllegalBlockSizeException;
|
---|
| 17 | import javax.crypto.NoSuchPaddingException;
|
---|
| 18 | import javax.crypto.SecretKey;
|
---|
| 19 | import javax.crypto.spec.SecretKeySpec;
|
---|
| 20 |
|
---|
[1363] | 21 | import org.expeditee.auth.AuthenticatorBrowser;
|
---|
[1456] | 22 | import org.expeditee.core.Colour;
|
---|
[1259] | 23 | import org.expeditee.gui.DisplayController;
|
---|
[1260] | 24 | import org.expeditee.gui.Frame;
|
---|
| 25 | import org.expeditee.gui.FrameIO;
|
---|
[1456] | 26 | import org.expeditee.gui.FreeItems;
|
---|
[1430] | 27 | import org.expeditee.gui.MessageBay;
|
---|
[1408] | 28 | import org.expeditee.items.Item;
|
---|
[1259] | 29 | import org.expeditee.items.Text;
|
---|
[1363] | 30 | import org.expeditee.settings.UserSettings;
|
---|
[1259] | 31 |
|
---|
| 32 | import com.codahale.shamir.Scheme;
|
---|
| 33 |
|
---|
[1260] | 34 | public class Actions implements CryptographyConstants {
|
---|
[1259] | 35 |
|
---|
[1430] | 36 | public static void SetSurrogateFor(Text surrogate, Text action) {
|
---|
| 37 | Frame frame = DisplayController.getCurrentFrame();
|
---|
| 38 | String[] split = action.getText().split(" ");
|
---|
| 39 |
|
---|
| 40 | if (split.length >= 2) {
|
---|
| 41 | int primaryID = Integer.parseInt(split[1]);
|
---|
| 42 | Item itemWithID = frame.getItemWithID(primaryID);
|
---|
| 43 | if (itemWithID == null) {
|
---|
| 44 | MessageBay.displayMessage("No item with ID " + primaryID + " exists on this frame.");
|
---|
| 45 | return;
|
---|
| 46 | } else {
|
---|
| 47 | itemWithID.addToSurrogates(surrogate);
|
---|
| 48 | }
|
---|
| 49 | } else {
|
---|
| 50 | MessageBay.displayMessage("Usage: SetSurrogateFor Int, inject desired surrogate.");
|
---|
| 51 | }
|
---|
[1408] | 52 | }
|
---|
| 53 |
|
---|
[1456] | 54 | public static Text GenerateSecret() {
|
---|
| 55 | return AuthGenerateSecretUsage();
|
---|
| 56 | }
|
---|
| 57 |
|
---|
[1259] | 58 | public static Text GenerateSecret(String label) {
|
---|
[1456] | 59 | String nl = System.getProperty("line.separator");
|
---|
| 60 | String secretsFrame = UserSettings.UserName.get() + 11;
|
---|
| 61 | StringBuilder instructions = new StringBuilder("You have generated a encryption label with name " + label + "." + nl);
|
---|
| 62 | instructions.append("Place this generated label on your secrets frame (" + secretsFrame + ") before using it.");
|
---|
| 63 | MessageBay.displayMessage(instructions.toString()).setLink(secretsFrame);
|
---|
[1259] | 64 | return AuthGenerateSecret(label);
|
---|
| 65 | }
|
---|
| 66 |
|
---|
| 67 | public static Text SplitSecret(Text key) {
|
---|
| 68 | return AuthSplitSecret(key);
|
---|
| 69 | }
|
---|
[1260] | 70 |
|
---|
| 71 | public static Text JoinSecret(Text key) {
|
---|
| 72 | return AuthJoinSecret(key);
|
---|
| 73 | }
|
---|
[1261] | 74 |
|
---|
| 75 | public static void Encrypt(Text labelWithKey) {
|
---|
| 76 | AuthEncrypt(labelWithKey);
|
---|
| 77 | }
|
---|
| 78 |
|
---|
| 79 | public static void Decrypt(Text labelWithKey) {
|
---|
| 80 | AuthDecrypt(labelWithKey);
|
---|
| 81 | }
|
---|
| 82 |
|
---|
[1456] | 83 | public static Text AuthGenerateSecret() {
|
---|
| 84 | return AuthGenerateSecretUsage();
|
---|
| 85 | }
|
---|
| 86 |
|
---|
[1259] | 87 | public static Text AuthGenerateSecret(String label) {
|
---|
| 88 | // Generate AES Key
|
---|
| 89 | Random rand = new SecureRandom();
|
---|
| 90 | byte[] keyBytes = new byte[16];
|
---|
| 91 | rand.nextBytes(keyBytes);
|
---|
| 92 | String key = Base64.getEncoder().encodeToString(keyBytes);
|
---|
| 93 |
|
---|
| 94 | Text text = new Text(label);
|
---|
| 95 | text.setData(key);
|
---|
| 96 | text.setPosition(DisplayController.getMousePosition());
|
---|
| 97 | return text;
|
---|
| 98 | }
|
---|
[1456] | 99 |
|
---|
[1259] | 100 | public static Text AuthSplitSecret(Text key) {
|
---|
[1456] | 101 | if (!FreeItems.hasItemsAttachedToCursor()) {
|
---|
| 102 | return AuthSplitSecretUsage();
|
---|
| 103 | }
|
---|
| 104 |
|
---|
[1259] | 105 | // Retrieve secret
|
---|
| 106 | String secret = key.getData().get(0);
|
---|
| 107 | byte[] secretBytes = Base64.getDecoder().decode(secret);
|
---|
| 108 |
|
---|
| 109 | // Obtain parameters for shamir
|
---|
| 110 | String[] arguments = key.getText().split(" ");
|
---|
[1310] | 111 | int requiredShares = Integer.parseInt(arguments[1]);
|
---|
| 112 | int totalShares = arguments.length - 2;
|
---|
[1259] | 113 |
|
---|
| 114 | // Create shares
|
---|
| 115 | Scheme scheme = new Scheme(new SecureRandom(), totalShares, requiredShares);
|
---|
| 116 | Map<Integer, byte[]> split = scheme.split(secretBytes);
|
---|
| 117 |
|
---|
| 118 | // Add shares to key
|
---|
| 119 | List<String> data = key.getData();
|
---|
| 120 | for (Integer i: split.keySet()) {
|
---|
| 121 | data.add("{" + i + "}" + Base64.getEncoder().encodeToString(split.get(i)));
|
---|
| 122 | }
|
---|
| 123 | key.setData(data);
|
---|
[1456] | 124 | key.setText(arguments[0]);
|
---|
[1259] | 125 |
|
---|
| 126 | return key;
|
---|
| 127 | }
|
---|
[1456] | 128 |
|
---|
[1259] | 129 | public static Text AuthJoinSecret(Text key) {
|
---|
| 130 | Map<Integer, byte[]> contributingParts = new HashMap<Integer, byte[]>();
|
---|
| 131 |
|
---|
| 132 | // Retrieve splits
|
---|
| 133 | List<String> data = key.getData();
|
---|
| 134 | for (String d: data) {
|
---|
| 135 | if (d.startsWith("{")) {
|
---|
| 136 | String[] split = d.split("}");
|
---|
| 137 | Integer k = Integer.parseInt(split[0].replace("{", ""));
|
---|
| 138 | byte[] v = Base64.getDecoder().decode(split[1]);
|
---|
| 139 | contributingParts.put(k, v);
|
---|
| 140 | }
|
---|
| 141 | }
|
---|
| 142 |
|
---|
| 143 | // Obtain parameters for shamir
|
---|
| 144 | String[] arguments = key.getText().split(" ");
|
---|
[1310] | 145 | int totalShares = Integer.parseInt(arguments[2]);
|
---|
| 146 | int requiredShares = Integer.parseInt(arguments[1]);
|
---|
[1259] | 147 |
|
---|
| 148 | // Perform join
|
---|
| 149 | Scheme scheme = new Scheme(new SecureRandom(), totalShares, requiredShares);
|
---|
| 150 | byte[] join = scheme.join(contributingParts);
|
---|
| 151 |
|
---|
| 152 | data.clear();
|
---|
| 153 | data.add(Base64.getEncoder().encodeToString(join));
|
---|
| 154 |
|
---|
| 155 | return key;
|
---|
| 156 | }
|
---|
[1260] | 157 |
|
---|
| 158 | public static void AuthEncrypt(Text labelWithKey) {
|
---|
| 159 | // Obtain encryption key
|
---|
| 160 | String keyEncoded = labelWithKey.getData().get(0);
|
---|
| 161 | byte[] keyDecoded = Base64.getDecoder().decode(keyEncoded);
|
---|
| 162 | SecretKey key = new SecretKeySpec(keyDecoded, SymmetricAlgorithm);
|
---|
| 163 |
|
---|
| 164 | // Perform encryption
|
---|
| 165 | Frame toEncrypt = FrameIO.LoadFrame(labelWithKey.getLink());
|
---|
| 166 | Collection<Text> textItems = toEncrypt.getTextItems();
|
---|
| 167 | for (Text t: textItems) {
|
---|
| 168 | byte[] encrypted = EncryptSymmetric(t.getText().getBytes(), key);
|
---|
| 169 | t.setText(Base64.getEncoder().encodeToString(encrypted));
|
---|
| 170 | }
|
---|
| 171 |
|
---|
| 172 | // Save changes
|
---|
| 173 | FrameIO.SaveFrame(toEncrypt);
|
---|
| 174 | }
|
---|
| 175 |
|
---|
| 176 | public static void AuthDecrypt(Text labelWithKey) {
|
---|
| 177 | // Obtain encryption key
|
---|
| 178 | String keyEncoded = labelWithKey.getData().get(0);
|
---|
| 179 | byte[] keyDecoded = Base64.getDecoder().decode(keyEncoded);
|
---|
| 180 | SecretKey key = new SecretKeySpec(keyDecoded, SymmetricAlgorithm);
|
---|
| 181 |
|
---|
| 182 | // Perform decryption
|
---|
[1261] | 183 | Frame toDecrypt = FrameIO.LoadFrame(labelWithKey.getLink());
|
---|
| 184 | Collection<Text> textItems = toDecrypt.getTextItems();
|
---|
[1260] | 185 | for (Text t: textItems) {
|
---|
| 186 | byte[] decrypted = DecryptSymmetric(Base64.getDecoder().decode(t.getText().getBytes()), key);
|
---|
| 187 | t.setText(new String(decrypted));
|
---|
| 188 | }
|
---|
[1261] | 189 |
|
---|
| 190 | // Save changes
|
---|
| 191 | FrameIO.SaveFrame(toDecrypt);
|
---|
[1260] | 192 | }
|
---|
| 193 |
|
---|
[1361] | 194 | public static byte[] EncryptSymmetric(final byte[] toEncrypt, final SecretKey key) {
|
---|
[1260] | 195 | // toEncrypt = Base64.getDecoder().decode(toEncrypt);
|
---|
| 196 | try {
|
---|
| 197 | final Cipher cipher = Cipher.getInstance(SymmetricAlgorithm + SymmetricAlgorithmParameters);
|
---|
| 198 | cipher.init(Cipher.ENCRYPT_MODE, key);
|
---|
| 199 | //could use modulus
|
---|
| 200 | final int length = (int) ((Math.ceil(toEncrypt.length / 16f)) * 16);
|
---|
| 201 | final byte[] toEncryptSizeAdjusted = Arrays.copyOf(toEncrypt, length);
|
---|
| 202 | //System.err.println("(" + toEncryptSizeAdjusted.length + ")" + "Before Encryption Data: "
|
---|
| 203 | // + Arrays.toString(toEncryptSizeAdjusted));
|
---|
| 204 | final byte[] result = cipher.doFinal(toEncryptSizeAdjusted);
|
---|
| 205 | //System.err.println("(" + result.length + ")" + "Encrypted Data: " + Arrays.toString(result));
|
---|
| 206 | return result;
|
---|
| 207 | } catch (final NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException
|
---|
| 208 | | IllegalBlockSizeException | BadPaddingException e) {
|
---|
| 209 | e.printStackTrace();
|
---|
| 210 | return null;
|
---|
| 211 | }
|
---|
| 212 | }
|
---|
| 213 |
|
---|
[1361] | 214 | public static byte[] DecryptSymmetric(final byte[] toDecrypt, final SecretKey key) {
|
---|
[1260] | 215 | try {
|
---|
| 216 | final Cipher cipher = Cipher.getInstance(SymmetricAlgorithm + SymmetricAlgorithmParameters);
|
---|
| 217 | cipher.init(Cipher.DECRYPT_MODE, key);
|
---|
| 218 | final byte[] decryptedBytes = cipher.doFinal(toDecrypt);
|
---|
| 219 | int indexOfZero = decryptedBytes.length - 1;
|
---|
| 220 | for (int i = decryptedBytes.length - 1; i >= 0; i--) {
|
---|
| 221 | if (decryptedBytes[i] != (byte) 0) {
|
---|
| 222 | indexOfZero = i + 1;
|
---|
| 223 | break;
|
---|
| 224 | }
|
---|
| 225 | }
|
---|
| 226 | return Arrays.copyOf(decryptedBytes, indexOfZero);
|
---|
| 227 | } catch (final NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException
|
---|
| 228 | | IllegalBlockSizeException | BadPaddingException e) {
|
---|
| 229 | e.printStackTrace();
|
---|
| 230 | return null;
|
---|
| 231 | }
|
---|
| 232 | }
|
---|
[1363] | 233 |
|
---|
| 234 | public static void AuthAddSecretKey(String name, String data) {
|
---|
[1475] | 235 | String frameName = UserSettings.UserName.get() + AuthenticatorBrowser.SECRETS_FRAME;
|
---|
| 236 | Frame secretsFrame = FrameIO.LoadFrame(frameName);
|
---|
[1363] | 237 | secretsFrame.addText(500, 500, name, null).addToData(data);
|
---|
[1485] | 238 | FrameIO.ForceSaveFrame(secretsFrame);
|
---|
[1475] | 239 | MessageBay.displayMessage("Your half of " + name + "'s personal key has been added to " + frameName);
|
---|
[1363] | 240 | }
|
---|
[1456] | 241 |
|
---|
| 242 | private static Text AuthSplitSecretUsage() {
|
---|
| 243 | String nl = System.getProperty("line.separator");
|
---|
| 244 | String tab = " ";
|
---|
| 245 | StringBuilder message = new StringBuilder("Usage: " + nl);
|
---|
| 246 | message.append(tab + "With Text Item attached to cursor: " + nl);
|
---|
| 247 | message.append(tab + tab + "Content matches pattern \"<SecretName> <Amount of Coperation Required> <Individual Name 1> <Individual Name 2> ... <Individual Name N>\"" + nl);
|
---|
| 248 | message.append(tab + tab + "Context Example: \"SecretName 3 Sandra John Billy Sally Sam Tim\"" + nl);
|
---|
| 249 | message.append(tab + tab + "Data contains key data" + nl);
|
---|
| 250 | message.append(tab + "Middle click on this action." + nl);
|
---|
| 251 | message.append(tab + "Resulting Text Item will contain shares in data.");
|
---|
| 252 | return generateUsageText(message);
|
---|
| 253 | }
|
---|
| 254 |
|
---|
| 255 | private static Text AuthGenerateSecretUsage() {
|
---|
| 256 | String nl = System.getProperty("line.separator");
|
---|
| 257 | String tab = " ";
|
---|
| 258 | StringBuilder message = new StringBuilder("Usage: " + nl);
|
---|
| 259 | message.append(tab + "With Text Item attached to cursor: " + nl);
|
---|
| 260 | message.append(tab + tab + "Content should be one word with no spaces." + nl);
|
---|
| 261 | message.append(tab + tab + "Content represents the desired label name for the generated secret." + nl);
|
---|
| 262 | message.append(tab + tab + "This action will overwrite any existing data." + nl);
|
---|
| 263 | message.append(tab + "Middle click on this action." + nl);
|
---|
| 264 | message.append(tab + "Text Item will now contain a full key in its data." + nl);
|
---|
| 265 | message.append(tab + "Resulting Text Item is now a Secret and can be placed on secrets frame.");
|
---|
| 266 | return generateUsageText(message);
|
---|
| 267 | }
|
---|
| 268 |
|
---|
| 269 | private static Text generateUsageText(StringBuilder message) {
|
---|
| 270 | Text ret = new Text(message.toString());
|
---|
| 271 | ret.setPosition(DisplayController.getMousePosition());
|
---|
| 272 | ret.setSize(14);
|
---|
| 273 | ret.setBackgroundColor(Colour.LIGHT_GRAY);
|
---|
| 274 | ret.setBorderColor(Colour.DARK_GRAY);
|
---|
| 275 | return ret;
|
---|
| 276 | }
|
---|
[1259] | 277 | }
|
---|