From fb370cf5bb0e2acd6b9c357363a0b8deccbe9b7f Mon Sep 17 00:00:00 2001 From: thsc42 Date: Wed, 13 Jul 2022 11:44:45 +0200 Subject: [PATCH] credential message can carry some arbitrary bytes --- .../asap/persons/ASAPCertificateStore.java | 3 +++ .../persons/ASAPCertificateStoreImpl.java | 9 +++++++ .../asap/pki/CredentialMessageInMemo.java | 25 +++++++++++++++++-- .../sharksystem/pki/CredentialMessage.java | 6 +++++ .../sharksystem/pki/SharkPKIComponent.java | 9 +++++++ .../pki/SharkPKIComponentImpl.java | 9 ++++++- .../pki/SharkComponentUsageTests.java | 3 ++- 7 files changed, 60 insertions(+), 4 deletions(-) diff --git a/src/net/sharksystem/asap/persons/ASAPCertificateStore.java b/src/net/sharksystem/asap/persons/ASAPCertificateStore.java index 7b41778..84b5b2d 100644 --- a/src/net/sharksystem/asap/persons/ASAPCertificateStore.java +++ b/src/net/sharksystem/asap/persons/ASAPCertificateStore.java @@ -211,4 +211,7 @@ ASAPCertificate getCertificateByIssuerAndSubject(CharSequence issuerID, CharSequ * @throws IOException */ void load(InputStream os) throws IOException; + + CredentialMessage createCredentialMessage(byte[] extraData) throws ASAPSecurityException; + } \ No newline at end of file diff --git a/src/net/sharksystem/asap/persons/ASAPCertificateStoreImpl.java b/src/net/sharksystem/asap/persons/ASAPCertificateStoreImpl.java index 1ea3140..985a5fc 100644 --- a/src/net/sharksystem/asap/persons/ASAPCertificateStoreImpl.java +++ b/src/net/sharksystem/asap/persons/ASAPCertificateStoreImpl.java @@ -335,6 +335,15 @@ public CredentialMessage createCredentialMessage() return credentialMessage; } + + @Override + public CredentialMessage createCredentialMessage(byte[] extraData) throws ASAPSecurityException { + CredentialMessageInMemo credentialMessage = new CredentialMessageInMemo( + this.getOwnerID(), this.getOwnerName(), this.getKeysCreationTime(), this.getPublicKey(), extraData); + + return credentialMessage; + } + //////////////////////////////////////////////////////////////////////////////////////////////////////////////// // persistence // //////////////////////////////////////////////////////////////////////////////////////////////////////////////// diff --git a/src/net/sharksystem/asap/pki/CredentialMessageInMemo.java b/src/net/sharksystem/asap/pki/CredentialMessageInMemo.java index 49d464a..25bb480 100644 --- a/src/net/sharksystem/asap/pki/CredentialMessageInMemo.java +++ b/src/net/sharksystem/asap/pki/CredentialMessageInMemo.java @@ -1,6 +1,8 @@ package net.sharksystem.asap.pki; +import net.sharksystem.asap.ASAPException; import net.sharksystem.asap.ASAPSecurityException; +import net.sharksystem.asap.utils.ASAPSerialization; import net.sharksystem.asap.utils.DateTimeHelper; import net.sharksystem.pki.CredentialMessage; @@ -19,19 +21,27 @@ public class CredentialMessageInMemo implements CredentialMessage { private CharSequence subjectID; private CharSequence subjectName; private int randomInt; + private byte[] extraData; private PublicKey publicKey; public CharSequence getSubjectID() { return this.subjectID; } public CharSequence getSubjectName() { return this.subjectName; } public int getRandomInt() { return this.randomInt; } public long getValidSince() { return this.validSince; } + public byte[] getExtraData() { return this.extraData; } public PublicKey getPublicKey() { return this.publicKey; } public CredentialMessageInMemo(CharSequence subjectID, CharSequence subjectName, - long validSince, PublicKey publicKey) { + long validSince, PublicKey publicKey) { + this(subjectID, subjectName, validSince, publicKey, null); + } + + public CredentialMessageInMemo(CharSequence subjectID, CharSequence subjectName, + long validSince, PublicKey publicKey, byte[] extraData) { this.subjectID = subjectID; this.subjectName = subjectName; this.validSince = validSince; + this.extraData = extraData; this.publicKey = publicKey; int randomStart = ((new Random(System.currentTimeMillis())).nextInt()); @@ -52,7 +62,7 @@ public CredentialMessageInMemo(CharSequence subjectID, CharSequence subjectName, this.randomInt = sixDigitsInt; } - public CredentialMessageInMemo(byte[] serializedMessage) throws IOException, ASAPSecurityException { + public CredentialMessageInMemo(byte[] serializedMessage) throws IOException, ASAPException { ByteArrayInputStream bais = new ByteArrayInputStream(serializedMessage); DataInputStream dis = new DataInputStream(bais); @@ -60,6 +70,8 @@ public CredentialMessageInMemo(byte[] serializedMessage) throws IOException, ASA this.subjectName = dis.readUTF(); this.randomInt = dis.readInt(); this.validSince = dis.readLong(); + this.extraData = ASAPSerialization.readByteArray(bais); + if(this.extraData != null && this.extraData.length < 1) this.extraData = null; // public key String algorithm = dis.readUTF(); // read public key algorithm @@ -89,6 +101,7 @@ public byte[] getMessageAsBytes() throws IOException { dos.writeUTF(this.subjectName.toString()); dos.writeInt(this.randomInt); dos.writeLong(this.validSince); + ASAPSerialization.writeByteArray(this.extraData, baos); // public key dos.writeUTF(this.publicKey.getAlgorithm()); // write public key algorithm @@ -119,6 +132,14 @@ public String toString() { sb.append(this.randomInt); sb.append(" | "); + sb.append("#extra byte: "); + if(this.extraData == null || this.extraData.length < 1) { + sb.append("0"); + } else { + sb.append(this.extraData.length); + } + sb.append(" | "); + sb.append("publicKey: "); sb.append(this.publicKey); diff --git a/src/net/sharksystem/pki/CredentialMessage.java b/src/net/sharksystem/pki/CredentialMessage.java index f45793d..8fe6568 100644 --- a/src/net/sharksystem/pki/CredentialMessage.java +++ b/src/net/sharksystem/pki/CredentialMessage.java @@ -15,4 +15,10 @@ public interface CredentialMessage { byte[] getMessageAsBytes() throws IOException; int getRandomInt(); + + /** + * + * @return extra data set by application - can be null + */ + byte[] getExtraData(); } diff --git a/src/net/sharksystem/pki/SharkPKIComponent.java b/src/net/sharksystem/pki/SharkPKIComponent.java index 400c281..c2da69e 100644 --- a/src/net/sharksystem/pki/SharkPKIComponent.java +++ b/src/net/sharksystem/pki/SharkPKIComponent.java @@ -258,6 +258,15 @@ ASAPCertificate getCertificateByIssuerAndSubject(CharSequence issuerID, CharSequ */ CredentialMessage createCredentialMessage() throws ASAPSecurityException; + /** + * Create a credential message including extra data. Those data are opaque to this + * library and can be used by an application to add security features. + * @param extraData + * @return + * @throws ASAPSecurityException + */ + CredentialMessage createCredentialMessage(byte[] extraData) throws ASAPSecurityException; + /** * Send a credential message to all peers which are actually in the neighbourhood. This method * is not needed, though. You should consider setting the appropriate behaviour to allow this component diff --git a/src/net/sharksystem/pki/SharkPKIComponentImpl.java b/src/net/sharksystem/pki/SharkPKIComponentImpl.java index 6098e2e..55a1dc4 100644 --- a/src/net/sharksystem/pki/SharkPKIComponentImpl.java +++ b/src/net/sharksystem/pki/SharkPKIComponentImpl.java @@ -97,7 +97,7 @@ public void asapMessagesReceived(ASAPMessages asapMessages, try { CredentialMessageInMemo credentialMessage = new CredentialMessageInMemo(messages.next()); this.credentialReceivedListener.credentialReceived(credentialMessage); - } catch (ASAPSecurityException e) { + } catch (ASAPException e) { Log.writeLog(this, "could not create credential message from asap message " + "- seems to be a bug - check serialization of credential messaging"); } @@ -405,6 +405,13 @@ public CredentialMessage createCredentialMessage() throws ASAPSecurityException return this.asapPKIStorage.createCredentialMessage(); } + @Override + public CredentialMessage createCredentialMessage(byte[] extraData) throws ASAPSecurityException { + this.checkStatus(); + // TODO + return this.asapPKIStorage.createCredentialMessage(extraData); + } + @Override public void sendOnlineCredentialMessage(CredentialMessage credentialMessage) throws ASAPException, IOException { this.checkStatus(); diff --git a/test/net/sharksystem/pki/SharkComponentUsageTests.java b/test/net/sharksystem/pki/SharkComponentUsageTests.java index 5412030..282c18c 100644 --- a/test/net/sharksystem/pki/SharkComponentUsageTests.java +++ b/test/net/sharksystem/pki/SharkComponentUsageTests.java @@ -22,6 +22,7 @@ public class SharkComponentUsageTests { public static final String ALICE_FOLDER = SPECIFIC_ROOT_FOLDER + ALICE_NAME; public static final String BOB_FOLDER = SPECIFIC_ROOT_FOLDER + BOB_NAME; public static final String CLARA_FOLDER = SPECIFIC_ROOT_FOLDER + CLARA_NAME; + public static final byte[] ARBITRARY_BYTES = new byte[] {4, 8, 15, 16, 23, 42}; private static int portnumber = 7000; @@ -336,7 +337,7 @@ public void testIdentityAssurance() throws SharkException, ASAPException, // lets starts peer and its components before doing anythings else claraSharkPeer.start(); - CredentialMessage aliceCredentialMessage = alicePKI.createCredentialMessage(); + CredentialMessage aliceCredentialMessage = alicePKI.createCredentialMessage(ARBITRARY_BYTES); CredentialMessage bobCredentialMessage = bobPKI.createCredentialMessage(); // Alice and Bob exchange and accept credential messages and issue certificates