Context Navigation

← Previous Change
Next Change →

auth

Timestamp:

01/30/19 12:49:25 (5 years ago)

Author:

bln4

Message:

Initial commit of functionality concerning multiuser login, further to come.

Actions.java -> Actions that allow users to authenticate and secure their accounts.
AuthenticationTag.java -> Enum like structure for text fields associated with authentication.
Authenticator.java -> Startup functionality for when Expeditee is run in authentication mode.
EncryptedExpReader.java -> Reads exp files previously encrypted with EncryptedExpWriter (not currently used) and EncryptedProfileExpWriter
Mail.java -> Functions for transforming database stored messages into datastructures used to display those messages to the MailBay.

Location:

trunk/src/org/expeditee/auth

Files:

: 3 added
: 1 deleted
: 1 edited
: 2 copied

Actions.java (added)
AuthenticationTag.java (added)
Authenticator.java (modified) (2 diffs)
EncryptedExpReader.java (copied) (copied from trunk/src/org/expeditee/auth/io/EncryptedExpReader.java ) (5 diffs)
EncryptedProfileExpWriter.java (copied) (copied from trunk/src/org/expeditee/auth/io/EncryptedExpWriter.java ) (6 diffs)
Mail.java (added)
io (deleted)

Legend:

: Unmodified
: Added
: Removed

trunk/src/org/expeditee/auth/Authenticator.java

-              r1201
+              r1202
 import java.io.FileNotFoundException;
 import java.io.FileOutputStream;
+import java.io.FileWriter;
 import java.io.IOException;
 import java.io.InputStream;
+import java.io.Writer;
+import java.security.KeyFactory;
 import java.security.KeyStore;
 import java.security.KeyStore.SecretKeyEntry;
 import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
+import java.security.PublicKey;
+import java.security.SecureRandom;
 import java.security.UnrecoverableEntryException;
 import java.security.cert.CertificateException;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.X509EncodedKeySpec;
+import java.sql.Connection;
+import java.sql.DriverManager;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.sql.Statement;
+import java.util.Arrays;
+import java.util.Base64;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.stream.Stream;
 import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+import org.expeditee.actions.Actions;
+import org.expeditee.core.Dimension;
+import org.expeditee.core.Point;
+import org.expeditee.gio.EcosystemManager;
+import org.expeditee.gio.GraphicsManager;
+import org.expeditee.gio.InputManager;
+import org.expeditee.gio.InputManager.WindowEventListener;
+import org.expeditee.gio.InputManager.WindowEventType;
+import org.expeditee.gio.gesture.StandardGestureActions;
+import org.expeditee.gui.Browser;
+import org.expeditee.gui.DisplayController;
+import org.expeditee.gui.Frame;
 import org.expeditee.gui.FrameIO;
+import org.expeditee.gui.FrameUtils;
+import org.expeditee.gui.MessageBay;
+import org.expeditee.items.ItemUtils;
+import org.expeditee.items.Text;
+import org.expeditee.settings.Settings;
+import org.expeditee.settings.UserSettings;
+import org.expeditee.settings.auth.secrets.KeyList;
 import org.ngikm.cryptography.CryptographyConstants;
 public final class Authenticator implements CryptographyConstants {
+        final KeyStore keyStore = KeyStore.getInstance(KeystoreType);
+        private static final String keystoreFileName = FrameIO.PARENT_FOLDER + "keystore.ks" + File.separator;
+        public Authenticator() throws KeyStoreException, FileNotFoundException, IOException, NoSuchAlgorithmException, CertificateException {
+                final File keyStoreFile = new File(keystoreFileName);
+        // The frame number of the frame containing the current authenticated users public key.
+        public static final int PUBLIC_KEY_FRAME = 4;
+        private final KeyStore keyStore = KeyStore.getInstance(KeystoreType);
+        private static final byte[] TRUE = "yes".getBytes();
+        private static final byte[] FALSE = "no".getBytes();
+        private static final String KEYSTOREFILENAME = "keystore.ks" + File.separator;
+        private static Authenticator instance;
+        public static Authenticator getInstance() throws KeyStoreException, FileNotFoundException, NoSuchAlgorithmException, CertificateException, IOException, ClassNotFoundException, SQLException {
+                if (instance == null) { instance = new Authenticator(); }
+                return instance;
+        }
+        private Authenticator() throws KeyStoreException, FileNotFoundException, IOException, NoSuchAlgorithmException, CertificateException, ClassNotFoundException, SQLException {
+                UserSettings.setupDefaultFolders();
+                // initialise keystore and actions
+                loadKeystore();
+                Actions.LoadMethods(org.expeditee.auth.Actions.class);
+                // draw the window
+                final GraphicsManager g = EcosystemManager.getGraphicsManager();
+                g.setWindowLocation(new Point(50, 50));
+                DisplayController.Init();
+                g.setWindowSize(new Dimension(UserSettings.InitialWidth.get(), UserSettings.InitialHeight.get()));
+                setInputManagerWindowRoutines();
+                // Load documentation and start pages
+                FrameUtils.extractResources(false);
+                // Load fonts before loading any frames so the items on the frames will be able to access their fonts
+                Text.InitFonts();
+                // initialing settings does not require a user profile established
+                Settings.Init();
+                // navigate to authentication frame
+                final Frame authFrame = FrameIO.LoadFrame("authentication1");
+                DisplayController.setCurrentFrame(authFrame, true);
+                // set initial values
+                final Stream<Text> usernameItemsStream = authFrame.getTextItems().stream().filter(t -> t.getData() != null && t.getData().contains("txtUsername"));
+                final Stream<Text> passwordItemsStream = authFrame.getTextItems().stream().filter(t -> t.getData() != null && t.getData().contains("txtPassword"));
+                usernameItemsStream.forEach(txtUsername -> txtUsername.setText(System.getProperty("user.name", "")));
+                passwordItemsStream.forEach(txtPassword -> txtPassword.setText(System.getProperty("user.password", "")));
+                MessageBay.warningMessages(org.expeditee.actions.Actions.Init());
+                // ensure database
+                Class.forName("org.sqlite.JDBC");
+                if (!mailDatabaseExists()) {
+                        createMailDatabase();
+                }
+        }
+        private void createMailDatabase() throws ClassNotFoundException, SQLException {
+                Connection c = DriverManager.getConnection("jdbc:sqlite:" + FrameIO.PARENT_FOLDER + "/expmail.db");
+                Statement createTable = c.createStatement();
+                String sql = "CREATE TABLE EXPMAIL (" +
+                                "SND            TEXT                                    NOT NULL, " +
+                                "REC            TEXT                                    NOT NULL, " +
+                                "MSG            TEXT                                    NOT NULL, " +
+                                "MSG2           TEXT                                    NOT NULL, " +
+                                "OPTS           ARRAY                                   NOT NULL, " +
+                                "OPTSVAL        ARRAY                                   NOT NULL)";
+                createTable.executeUpdate(sql);
+                createTable.close();
+                c.close();
+        }
+        final void loadMailDatabase() throws SQLException {
+                Connection c = DriverManager.getConnection("jdbc:sqlite:" + FrameIO.PARENT_FOLDER + "/expmail.db");
+                Statement query = c.createStatement();
+                ResultSet results = query.executeQuery("SELECT * FROM EXPMAIL");
+                Mail.clear();
+                while (results.next()) {
+                        String from = results.getString("snd");
+                        String to = results.getString("rec");
+                        String msg = results.getString("msg");
+                        String msg2 = results.getString("msg2");
+                        String[] opts = results.getString("opts").split(",");
+                        opts[0] = opts[0].replace("[", "");
+                        opts[opts.length - 1] = opts[opts.length - 1].replace("]", "");
+                        String[] optsVal = results.getString("optsval").split(",");
+                        optsVal[0] = optsVal[0].replace("[", "");
+                        optsVal[optsVal.length - 1] = optsVal[optsVal.length - 1].replace("]", "");
+                        Map<String, String> options = new HashMap<String, String>();
+                        for (int i = 0, o = 0; i < opts.length && o < optsVal.length; i++, o++) {
+                                String key = opts[i].trim();
+                                String val = optsVal[o].trim();
+                                options.put(key, val);
+                        }
+                        Mail.addEntry(new Mail.MailEntry(from, to, msg, msg2, options));
+                }
+                results.close();
+                query.close();
+                c.close();
+        }
+        private boolean mailDatabaseExists() {
+                final File file = new File(FrameIO.PARENT_FOLDER + "/expmail.db");
+                return file.exists();
+        }
+        private void loadKeystore()
+                        throws IOException, NoSuchAlgorithmException, CertificateException, FileNotFoundException {
+                final File keyStoreFile = new File(FrameIO.PARENT_FOLDER + KEYSTOREFILENAME);
                 if (!keyStoreFile.exists()) {
                         keyStore.load(null, "ExpediteeAuthPassword".toCharArray());
                 } else {
                         try (final InputStream in = new FileInputStream(keystoreFileName)) {
+                        try (final InputStream in = new FileInputStream(FrameIO.PARENT_FOLDER + KEYSTOREFILENAME)) {
                                 keyStore.load(in, "ExpediteeAuthPassword".toCharArray());
+                        }
 …
+        }
         public final SecretKey getSecretKey(final String label, final String password) throws NoSuchAlgorithmException, UnrecoverableEntryException, KeyStoreException {
+        final SecretKey getSecretKey(final String label, final String password) throws NoSuchAlgorithmException, KeyStoreException {
                 final KeyStore.ProtectionParameter entryPassword = new KeyStore.PasswordProtection(password.toCharArray());
+                final KeyStore.SecretKeyEntry entry = (SecretKeyEntry) keyStore.getEntry(label, entryPassword);
+                KeyStore.SecretKeyEntry entry = null;
+                try {
+                        entry = (SecretKeyEntry) keyStore.getEntry(label, entryPassword);
+                } catch (final UnrecoverableEntryException e) {
+                        entry = null;
+                }
                 if (entry == null) { return null; }
                 else { return entry.getSecretKey(); }
+        }
         public final void putKey(final String label, final String password, final SecretKey key) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException {
+        final void putKey(final String label, final String password, final SecretKey key) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException {
                 final KeyStore.SecretKeyEntry entry = new KeyStore.SecretKeyEntry(key);
                 final KeyStore.ProtectionParameter entryPassword = new KeyStore.PasswordProtection(password.toCharArray());
                 keyStore.setEntry(label, entry, entryPassword);
+                keyStore.store(new FileOutputStream(keystoreFileName), "ExpediteeAuthPassword".toCharArray());
+                keyStore.store(new FileOutputStream(FrameIO.PARENT_FOLDER + KEYSTOREFILENAME), "ExpediteeAuthPassword".toCharArray());
+        }
+        final void putEmail(String username, String email) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException {
+                // Establish location of email file
+                String emailFilePath = FrameIO.PROFILE_PATH + username + File.separator + username + ".email";
+                File emailFile = new File(emailFilePath);
+                // Delete old version if it exists.
+                if (emailFile.exists()) {
+                        emailFile.delete();
+                }
+                // Write email to file
+                emailFile.createNewFile();
+                Writer w = new FileWriter(emailFile);
+                w.write(email);
+                w.flush();
+                w.close();
+                // TODO: set rights on file to be read only by 'owner' once installed on drive.
+        }
+        final boolean hasRegisteredEmail(String username) throws KeyStoreException {
+                String emailFilePath = FrameIO.PROFILE_PATH + username + File.separator + username + ".email";
+                File emailFile = new File(emailFilePath);
+                return emailFile.exists();
+        }
+        final boolean confirmIntergalaticNumber(final String username, final String email, final String intergalacticNumber) throws NoSuchAlgorithmException, KeyStoreException, CertificateException, FileNotFoundException, IOException {
+                try {
+                        final KeyStore.ProtectionParameter entryPassword = new KeyStore.PasswordProtection(intergalacticNumber.toCharArray());
+                        final KeyStore.SecretKeyEntry entry = (SecretKeyEntry) keyStore.getEntry(email + username, entryPassword);
+                        if (entry == null) {
+                                return false;
+                        } else if (entry.getSecretKey().getEncoded() == TRUE) {
+                                keyStore.deleteEntry(email + username);
+                                keyStore.store(new FileOutputStream(FrameIO.PARENT_FOLDER + KEYSTOREFILENAME), "ExpediteeAuthPassword".toCharArray());
+                                return true;
+                        } else { return false; }
+                } catch (final UnrecoverableEntryException e) {
+                        return false;
+                }
+        }
+        final String newIntergalacticNumber(final String username, final String email) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException {
+                // generate intergalactic number
+                final SecureRandom rand = new SecureRandom();
+                final byte[] intergalacticNumberBytes = new byte[20];
+                rand.nextBytes(intergalacticNumberBytes);
+                final String intergalacticNumber = Base64.getEncoder().encodeToString(intergalacticNumberBytes);
+                // store intergalactic number
+                final KeyStore.SecretKeyEntry entry = new KeyStore.SecretKeyEntry(new SecretKeySpec(TRUE, SymmetricAlgorithm));
+                final KeyStore.ProtectionParameter entryPassword = new KeyStore.PasswordProtection(intergalacticNumber.toCharArray());
+                keyStore.setEntry(email + username, entry, entryPassword);
+                keyStore.store(new FileOutputStream(FrameIO.PARENT_FOLDER + KEYSTOREFILENAME), "ExpediteeAuthPassword".toCharArray());
+                return intergalacticNumber;
+        }
+        final PublicKey getPublicKey(String username) throws InvalidKeySpecException, NoSuchAlgorithmException {
+                Frame withTargetPublic = FrameIO.LoadFrame(username + Authenticator.PUBLIC_KEY_FRAME);
+                Collection<Text> textItems = withTargetPublic.getTextItems();
+                textItems.removeIf(t -> !t.getText().startsWith("PublicKey"));
+                if (textItems.isEmpty()) {
+                        return null;
+                } else {
+                        String keyEncoded = textItems.stream().findFirst().get().getData().get(0);
+                        byte[] keyBytes = Base64.getDecoder().decode(keyEncoded);
+                        PublicKey key = KeyFactory.getInstance(AsymmetricAlgorithm).generatePublic(new X509EncodedKeySpec(keyBytes));
+                        return key;
+                }
+        }
+        final void markRequestedColleagues(String username) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException {
+                KeyStore.SecretKeyEntry entry = new KeyStore.SecretKeyEntry(new SecretKeySpec(TRUE, SymmetricAlgorithm));
+                KeyStore.ProtectionParameter entryPassword = new KeyStore.PasswordProtection(KeyList.PersonalKey.get().getText().toCharArray());
+                keyStore.setEntry(username + "colleaguesRequested", entry, entryPassword);
+                keyStore.store(new FileOutputStream(FrameIO.PARENT_FOLDER + KEYSTOREFILENAME), "ExpediteeAuthPassword".toCharArray());
+        }
+        final void clearRequestedColleagues(String username) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException {
+                KeyStore.SecretKeyEntry entry = new KeyStore.SecretKeyEntry(new SecretKeySpec(FALSE, SymmetricAlgorithm));
+                KeyStore.ProtectionParameter entryPassword = new KeyStore.PasswordProtection(KeyList.PersonalKey.get().getText().toCharArray());
+                keyStore.setEntry(username + "colleaguesRequested", entry, entryPassword);
+                keyStore.store(new FileOutputStream(FrameIO.PARENT_FOLDER + KEYSTOREFILENAME), "ExpediteeAuthPassword".toCharArray());
+        }
+        final boolean hasRequestedColleagues(String username) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableEntryException {
+                String alias = username + "colleaguesRequested";
+                if (!keyStore.containsAlias(alias)) {
+                        return false;
+                } else {
+                        KeyStore.ProtectionParameter entryPassword = new KeyStore.PasswordProtection(KeyList.PersonalKey.get().getText().toCharArray());
+                        KeyStore.SecretKeyEntry entry = (SecretKeyEntry) keyStore.getEntry(alias, entryPassword);
+                        return Arrays.equals(entry.getSecretKey().getEncoded(), TRUE);
+                }
+        }
+        final void putColleagues(String username, String[] colleagues) throws KeyStoreException {
+                String alias = username + "colleagues";
+                final SecretKeySpec secretKeySpec = new SecretKeySpec((colleagues[0] + System.getProperty("line.separator") + colleagues[1]).getBytes(), SymmetricAlgorithm);
+                KeyStore.SecretKeyEntry entry = new KeyStore.SecretKeyEntry(secretKeySpec);
+                KeyStore.ProtectionParameter entryPassword = new KeyStore.PasswordProtection(KeyList.PersonalKey.get().getText().toCharArray());
+                keyStore.setEntry(alias, entry, entryPassword);
+        }
+        final String[] getColleagues(String username) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableEntryException {
+                String alias = username + "colleagues";
+                if (!keyStore.containsAlias(alias)) {
+                        return null;
+                } else {
+                        KeyStore.ProtectionParameter entryPassword = new KeyStore.PasswordProtection(KeyList.PersonalKey.get().getText().toCharArray());
+                        KeyStore.SecretKeyEntry entry = (SecretKeyEntry) keyStore.getEntry(alias, entryPassword);
+                        byte[] colleaguesEncoded = entry.getSecretKey().getEncoded();
+                        String colleagues = new String(colleaguesEncoded);
+                        return colleagues.split(System.getProperty("line.separator"));
+                }
+        }
+        private static void setInputManagerWindowRoutines()     {
+                InputManager manager = EcosystemManager.getInputManager();
+            // Refresh the layout when the window resizes
+                manager.addWindowEventListener(new WindowEventListener() {
+                        @Override
+                        public void onWindowEvent(WindowEventType type)
+                        {
+                                if (type != WindowEventType.WINDOW_RESIZED) {
+                                        return;
+                                }
+                                DisplayController.refreshWindowSize();
+                                FrameIO.RefreshCacheImages();
+                                for (Frame frame : DisplayController.getFrames()) {
+                                        if (frame != null) {
+                                                ItemUtils.Justify(frame);
+                                                frame.refreshSize();
+                                        }
+                                }
+                                DisplayController.requestRefresh(false);
+                        }
+                });
+                manager.addWindowEventListener(new WindowEventListener() {
+                        @Override
+                        public void onWindowEvent(WindowEventType type)
+                        {
+                                if (type != WindowEventType.MOUSE_EXITED_WINDOW) {
+                                        return;
+                                }
+                                StandardGestureActions.mouseExitedWindow();
+                        }
+                });
+                manager.addWindowEventListener(new WindowEventListener() {
+                        @Override
+                        public void onWindowEvent(WindowEventType type)
+                        {
+                                if (type != WindowEventType.MOUSE_ENTERED_WINDOW) {
+                                        return;
+                                }
+                                StandardGestureActions.mouseEnteredWindow();
+                        }
+                });
+                manager.addWindowEventListener(new WindowEventListener() {
+                        @Override
+                        public void onWindowEvent(WindowEventType type)
+                        {
+                                if (type != WindowEventType.WINDOW_CLOSED) {
+                                        return;
+                                }
+                                if (Browser._theBrowser != null) {
+                                        Browser._theBrowser.exit();
+                                }
+                        }
+                });
+        }
+}

trunk/src/org/expeditee/auth/EncryptedExpReader.java

-              r1201
+              r1202
 package org.expeditee.auth.io;
+package org.expeditee.auth;
 import java.io.BufferedReader;
 import java.io.FileInputStream;
+import java.io.FileReader;
 import java.io.IOException;
 import java.io.InputStreamReader;
 …
 import javax.crypto.NoSuchPaddingException;
 import javax.crypto.SecretKey;
+import org.expeditee.auth.Authenticator;
+import javax.crypto.spec.SecretKeySpec;
 import org.expeditee.gui.Frame;
 import org.expeditee.io.ExpReader;
+import org.expeditee.items.Text;
+import org.expeditee.settings.auth.secrets.KeyList;
 import org.ngikm.Util.ThrowingFunction;
 import org.ngikm.cryptography.CryptographyConstants;
 …
 public class EncryptedExpReader extends ExpReader implements CryptographyConstants {
         static final String ENCRYPTED_EXP_FLAG = "EncryptedExp";
+        private List<SecretKey> keys;
+        public EncryptedExpReader(final String frameName) throws UnsupportedEncodingException {
+        private SecretKey personalKey;
+        private List<SecretKey> multiKey;
+        private boolean accessDenied = false;
+        private boolean usePersonalKey;
+        public EncryptedExpReader(final String frameName, final boolean usePersonalKey) throws UnsupportedEncodingException {
                 super(frameName);
+                this.usePersonalKey = usePersonalKey;
+        }
 …
+        }
+        public int getVersionEnc(String fullpath) {
+                try {
+                        BufferedReader reader;
+                        if (usePersonalKey) {
+                                reader = new EncryptedProfileLineReader(new BufferedReader(new FileReader(fullpath)));
+                        } else {
+                                reader = new EncryptedLineReader(new BufferedReader(new FileReader(fullpath)));
+                        }
+                        String next = "";
+                        // First read the header lines until we get the version number
+                        while (reader.ready() && !(next = reader.readLine()).equals("Z")) {
+                                if (isValidLine(next)) {
+                                        Character tag = getTag(next);
+                                        String value = getValue(next);
+                                        if (tag.equals('V')) {
+                                                reader.close();
+                                                return Integer.parseInt(value);
+                                        }
+                                }
+                        }
+                        reader.close();
+                } catch (Exception e) {
+                }
+                return -1;
+        }
         @Override
         public Frame readFrame(final String fullPath) throws IOException {
                 final Reader in = new InputStreamReader(new FileInputStream(fullPath), "UTF-8");
+                return readFrame(new EncryptedLineReader(new BufferedReader(in)));
+        }
+        public class EncryptedLineReader extends BufferedReader {
+                public EncryptedLineReader(final Reader in) {
+                        super(in);
+                }
+                @Override
+                public String readLine() throws IOException {
+                        final String line = super.readLine();
+                        if (line.isEmpty()) { return ""; }
+                        if (line.startsWith(ENCRYPTED_EXP_FLAG)) {
+                                try {
+                                        // resolve labels to secret keys
+                                        final List<String> labels = Arrays.asList(line.split(" ")).stream().skip(1).collect(Collectors.toList());
+                                        final Authenticator auth = new Authenticator();
+                                        final ThrowingFunction<String, SecretKey, Exception> worker = new ThrowingFunction<String, SecretKey, Exception>() {
+                                                @Override
+                                                public SecretKey applyThrows(final String label) throws Exception {
+                                                        return auth.getSecretKey(label, System.getProperty("password"));
+                                                }
+                                        };
+                                        keys = labels.stream().map(worker).collect(Collectors.toList());
+                                        return readLine();
+                                } catch (final Exception e) {
+                                        return "";
+                                }
+                        }
+                        if (keys == null) {
+                                // We do not have permission to view this frame.
+                                return "";
+                        }
+                        // use keys to decrypt
+                        byte[] toDecrypt = Base64.getDecoder().decode(line);
+                        for (final SecretKey key: keys) {
+                                toDecrypt = DecryptSymmetric(toDecrypt, key);
+                        }
+                        final String result = new String(toDecrypt);
+                        if (result.startsWith("Z")) { return result.trim(); }
+                        else { return result; }
+                }
+                if (usePersonalKey) {
+                        return readFrame(new EncryptedProfileLineReader(new BufferedReader(in)));
+                } else {
+                        return readFrame(new EncryptedLineReader(new BufferedReader(in)));
+                }
+        }
+        @Override
+        public Frame readFrame(final BufferedReader reader) throws IOException {
+                if (accessDenied) { return null; }
+                else return super.readFrame(reader);
+        }
 …
+                }
+        }
+        private class EncryptedProfileLineReader extends BufferedReader {
+                public EncryptedProfileLineReader(final Reader in) {
+                        super(in);
+                }
+                @Override
+                /**
+                 * Reads a line from an encrypted exp file that uses profile encryption (single key; personal key)
+                 * Returns that line to process, null if the currently logged in users personal key is not the appropriate one (access denied).
+                 */
+                public String readLine() throws IOException {
+                        // read encrypted line
+                        final String line = super.readLine();
+                        if (line.isEmpty()) { return ""; }
+                        if (line.startsWith(ENCRYPTED_EXP_FLAG)) {
+                                // record/overwrite previous personal key then ignore this line by recursing
+                                final Text text = KeyList.PersonalKey.get();
+                                final byte[] keyBytes = Base64.getDecoder().decode(text.getData().get(0));
+                                personalKey = new SecretKeySpec(keyBytes, SymmetricAlgorithm);
+                                return readLine();
+                        }
+                        // decrypt line and return result
+                        final byte[] toDecrypt = Base64.getDecoder().decode(line);
+                        final byte[] decrypted = DecryptSymmetric(toDecrypt, personalKey);
+                        if (decrypted == null) {
+                                accessDenied = true;
+                                return null; // access denied
+                        } else {
+                                final String decryptedLine = new String(decrypted);
+                                if (decryptedLine.startsWith("Z")) { return decryptedLine.trim(); }
+                                else { return decryptedLine; }
+                        }
+                }
+        }
+        private class EncryptedLineReader extends BufferedReader {
+                public EncryptedLineReader(final Reader in) {
+                        super(in);
+                }
+                @Override
+                /**
+                 * Reads a line from an encrypted exp file that uses (potentially multiple) labeled keys
+                 * Returns that line to process, null if the ...
+                 */
+                public String readLine() throws IOException {
+                        // read encrypted line
+                        final String line = super.readLine();
+                        if (line.isEmpty()) { return ""; }
+                        if (line.startsWith(ENCRYPTED_EXP_FLAG)) {
+                                // resolve labels to secret keys
+                                final List<String> labels = Arrays.asList(line.split(" ")).stream().skip(1).collect(Collectors.toList());
+                                final ThrowingFunction<String, SecretKey, Exception> worker = new ThrowingFunction<String, SecretKey, Exception>() {
+                                        @Override
+                                        public SecretKey applyThrows(final String label) throws Exception {
+                                                return Authenticator.getInstance().getSecretKey(label, System.getProperty("password"));
+                                        }
+                                };
+                                multiKey = labels.stream().map(l -> {
+                                        try {
+                                                return worker.apply(l);
+                                        } catch (final Exception e) {
+                                                return null;
+                                        }
+                                }).collect(Collectors.toList());
+                                // confirm you have all the keys necessary for decryption
+                                if (multiKey.contains(null)) {
+                                        return null;
+                                }
+                                // move onto the next line
+                                return readLine();
+                        }
+                        // decrypt line and return result
+                        final byte[] toDecrypt = Base64.getDecoder().decode(line);
+                        byte[] decryptedBytes = null;
+                        for (final SecretKey key: multiKey) {
+                                decryptedBytes = DecryptSymmetric(toDecrypt, key);
+                                if (decryptedBytes == null) { return null; }
+                        }
+                        final String decrypted = new String(decryptedBytes);
+                        if (decrypted.startsWith("Z")) { return decrypted.trim(); }
+                        else { return decrypted; }
+                }
+        }
+}

trunk/src/org/expeditee/auth/EncryptedProfileExpWriter.java

-              r1201
+              r1202
 package org.expeditee.auth.io;
+package org.expeditee.auth;
 import java.io.IOException;
 import java.security.InvalidKeyException;
-import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
-import java.security.UnrecoverableEntryException;
-import java.security.cert.CertificateException;
 import java.util.Arrays;
 import java.util.Base64;
 …
 import javax.crypto.spec.SecretKeySpec;
-import org.expeditee.auth.Authenticator;
 import org.expeditee.io.ExpWriter;
+import org.expeditee.settings.UserSettings;
+import org.expeditee.items.Text;
+import org.expeditee.settings.auth.secrets.KeyList;
 import org.ngikm.cryptography.CryptographyConstants;
 public class EncryptedExpWriter extends ExpWriter implements CryptographyConstants {
         private SecretKey key;
+public class EncryptedProfileExpWriter extends ExpWriter implements CryptographyConstants {
+        private SecretKey personalKey;
         private static final String nl = "\n";
+        public EncryptedExpWriter() throws IOException {
+                try {
+                        final Authenticator auth = new Authenticator();
+                        SecretKey key = auth.getSecretKey(UserSettings.UserName.get(), System.getProperty("password"));
+                        if (key == null) {
+                                final byte[] keyBytes = pad(UserSettings.UserName.get().getBytes("UTF-8"));
+                                key = new SecretKeySpec(keyBytes, SymmetricAlgorithm);
+                                auth.putKey(UserSettings.UserName.get(), System.getProperty("password"), key);
+                        }
+                        this.key = key;
+                } catch (final KeyStoreException | NoSuchAlgorithmException | CertificateException | IOException | UnrecoverableEntryException e) {
+                        e.printStackTrace();
+                }
+        public EncryptedProfileExpWriter() throws IOException {
+                // obtain personal key
+                final Text text = KeyList.PersonalKey.get();
+                final byte[] keyBytes = Base64.getDecoder().decode(text.getData().get(0));
+                personalKey = new SecretKeySpec(keyBytes, SymmetricAlgorithm);
+        }
 …
         protected void preOutputFrame() {
                 try {
                         final String line = EncryptedExpReader.ENCRYPTED_EXP_FLAG + " " + UserSettings.UserName.get() + nl;
+                        final String line = EncryptedExpReader.ENCRYPTED_EXP_FLAG + nl;
                         _writer.write(line);
                         _stringWriter.append(line);
 …
                 // prepare line to write out
                 final byte[] encrypted = EncryptSymmetric(line.getBytes(), key);
+                final byte[] encrypted = EncryptSymmetric(line.getBytes(), personalKey);
                 final String toWrite = Base64.getEncoder().encodeToString(encrypted) + nl;
 …
+        }
-        private byte[] pad(final byte[] bytes) {
-                int c = 16;
-                while (c - bytes.length < 0) { c *= 2; }
-                return Arrays.copyOf(bytes, c);
+        }
         private static byte[] EncryptSymmetric(final byte[] toEncrypt, final SecretKey key) {
-                // toEncrypt = Base64.getDecoder().decode(toEncrypt);
                 try {
                         final Cipher cipher = Cipher.getInstance(SymmetricAlgorithm + SymmetricAlgorithmParameters);
 …
                         final int length = (int) ((Math.ceil(toEncrypt.length / 16f)) * 16);
                         final byte[] toEncryptSizeAdjusted = Arrays.copyOf(toEncrypt, length);
-                        //System.err.println("(" + toEncryptSizeAdjusted.length + ")" + "Before Encryption Data: "
-                        //              + Arrays.toString(toEncryptSizeAdjusted));
                         final byte[] result = cipher.doFinal(toEncryptSizeAdjusted);
-                        //System.err.println("(" + result.length + ")" + "Encrypted Data: " + Arrays.toString(result));
                         return result;
                 } catch (final NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException

Note: See TracChangeset for help on using the changeset viewer.