Changeset 1504 for trunk/src/org/expeditee/auth/account/Password.java

Timestamp:

01/29/20 13:20:24 (4 years ago)

Author:

bnemhaus

Message:

Revised implementation of authenticated Expeditee mail. Motivated by bugs relating to messages not being marked as read and incorrect counting of new messages for users, the Expeditee mail system has been rewritten. The new code not only does not exhibit the previous bugs but is also better engineered. Whilst the MailBay is static (which is in line with the MessageBay), the Mail class is no longer static and must be initialised for each user as they log in.

File:

• trunk/src/org/expeditee/auth/account/Password.java (modified) (8 diffs)

trunk/src/org/expeditee/auth/account/Password.java

@@ -13 +13 @@
 import java.util.Base64;
 import java.util.Collection;
+import java.util.Date;
 import java.util.HashMap;
 import java.util.Iterator;
@@ -33 +34 @@
 import org.expeditee.auth.mail.Mail;
 import org.expeditee.auth.mail.Mail.MailEntry;
+import org.expeditee.auth.mail.gui.MailBay;
 import org.expeditee.auth.tags.AuthenticationTag;
 import org.expeditee.encryption.CryptographyConstants;
@@ -44 +46 @@
 import org.expeditee.settings.identity.passwordrecovery.Colleagues;
 import org.expeditee.settings.identity.secrets.KeyList;
-import org.expeditee.stats.Formatter;
 
 import com.codahale.shamir.Scheme;
@@ -113 +114 @@
                 
                 // Get colleagues to distribute messages too.
-                String[] colleagues = getPasswordColleaguesFromUsername(username);
+                String[] trustedUsers = getPasswordColleaguesFromUsername(username);
                 //      Send secure message to colleague one
-                String colleagueOne = colleagues[0];
-                String time = Formatter.getDateTime();
+                String trustedUserOne = trustedUsers[0];
+                String time = Mail.FORMAT.format(new Date());
                 String topic = "Password Recovery for " + username;
                 String message = "Your colleague " + username + " would like you to help them recover access to their account.";
                 Map<String, String> options = new HashMap<String, String>();
                 options.put("Provide assistance", "AuthEmailPasswordShare " + username); 
-                MailEntry mail = new MailEntry(time, username, colleagueOne, topic, message, options);
-                Mail.sendOneOffMail(mail, colleagueOne, Base64.getDecoder().decode(intergalacticNumber));
+                Mail outbox = MailBay.getMailClient(username);
+                MailEntry mail = outbox.new MailEntry(time, username, trustedUserOne, topic, message, options);
+                SecretKeySpec key = new SecretKeySpec(Base64.getDecoder().decode(intergalacticNumber), SymmetricAlgorithm);
+                outbox.sendOneOffMail(mail, trustedUserOne, key);
                 
                 //      Send secure message to colleague two
-                String colleagueTwo = colleagues[1];
-                Mail.sendOneOffMail(mail, colleagueTwo, Base64.getDecoder().decode(intergalacticNumber));
+                String trustedUserTwo = trustedUsers[1];
+                outbox.sendOneOffMail(mail, trustedUserTwo, key);
                 
                 String nl = System.getProperty("line.separator");
@@ -136 +139 @@
                 try {
                         //      Send email with key to colleague one
-                        String colleagueOneEmail = colleagues[2];
+                        String colleagueOneEmail = trustedUsers[2];
                         sendEmail(colleagueOneEmail, sb);
                         //      Send email with key to colleague two
-                        String colleagueTwoEmail = colleagues[3];
+                        String colleagueTwoEmail = trustedUsers[3];
                         sendEmail(colleagueTwoEmail, sb);
                         
@@ -250 +253 @@
         }
 
-        public static void setPWColleagues(String colleagueOne, String colleagueTwo) {
+        public static void setPWColleagues(String trustedUserOne, String trustedUserTwo) {
                 // Get needed text items.
                 Frame pwRecoveryFrame = FrameIO.LoadFrame(UserSettings.UserName.get() + AuthenticatorBrowser.PASSWORD_RECOVERY_FRAME);
@@ -261 +264 @@
                         Text text = it.next();
                         if (text.getText().toLowerCase().startsWith("user_one:")) {
-                                text.setText("User_one: " + colleagueOne);
-                                Colleagues.User_One.set(colleagueOne);
+                                text.setText("User_one: " + trustedUserOne);
+                                Colleagues.User_One.set(trustedUserOne);
                         } else if (text.getText().toLowerCase().startsWith("user_two:")) {
-                                text.setText("User_two: " + colleagueTwo);
-                                Colleagues.User_Two.set(colleagueTwo);
+                                text.setText("User_two: " + trustedUserTwo);
+                                Colleagues.User_Two.set(trustedUserTwo);
                         }
                 }
@@ -281 +284 @@
                 // Create shares
                 Map<Integer, byte[]> shares = scheme.split(keyBytes);
-                String colleagueOneShare = Base64.getEncoder().encodeToString(shares.get(1));
-                String colleagueTwoShare = Base64.getEncoder().encodeToString(shares.get(2));
+                String trustedUserOneShare = Base64.getEncoder().encodeToString(shares.get(1));
+                String trustedUserTwoShare = Base64.getEncoder().encodeToString(shares.get(2));
                 
                 // Distribute share zero to colleague one
-                String time = org.expeditee.stats.Formatter.getDateTime();
+                String time = Mail.FORMAT.format(new Date());
                 String sender = UserSettings.UserName.get();
                 String topic = "Please help me secure my Expeditee account.";
                 String message = "Run the below action to store a secret key that will help me recover access to my account should I ever loose it.";
                 Map<String, String> options = new HashMap<String, String>();
-                options.put("Store Secret Key for " + sender, "AuthAddSecretKey " + sender + "PersonalKeyShare " + colleagueOneShare);
-                MailEntry mail = new MailEntry(time, sender, colleagueOne, topic, message, options);
-                Mail.sendMail(mail, colleagueOne);
+                options.put("Store Secret Key for " + sender, "AuthAddSecretKey " + sender + "PersonalKeyShare " + trustedUserOneShare);
+                Mail outbox = MailBay.getMailClient();
+                MailEntry mail = outbox.new MailEntry(time, sender, trustedUserOne, topic, message, options);
+                outbox.sendMail(mail, trustedUserOne);
                 
                 // Distribute share one to colleague two
                 options = new HashMap<String, String>();
-                options.put("Store Secret Key for " + sender, "AuthAddSecretKey " + sender + "PersonalKeyShare " + colleagueTwoShare);
-                mail = new MailEntry(time, sender, colleagueTwo, topic, message, options);
-                Mail.sendMail(mail, colleagueTwo);
-                
-                MessageBay.displayMessage("You PW Colleagues have been set to " + colleagueOne + " and " + colleagueTwo + ".  "
+                options.put("Store Secret Key for " + sender, "AuthAddSecretKey " + sender + "PersonalKeyShare " + trustedUserTwoShare);
+                mail = outbox.new MailEntry(time, sender, trustedUserTwo, topic, message, options);
+                outbox.sendMail(mail, trustedUserTwo);
+                
+                MessageBay.displayMessage("You Trusted Users have been set to " + trustedUserOne + " and " + trustedUserTwo + ".  "
                                 + "They have been sent a Expeditee mail that they can use to store a share of your secret key.");
         }