[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[libeufin] branch master updated: Backup/restore keys using base64.
|
From: |
gnunet |
|
Subject: |
[libeufin] branch master updated: Backup/restore keys using base64. |
|
Date: |
Wed, 29 Jan 2020 15:47:36 +0100 |
This is an automated email from the git hooks/post-receive script.
marcello pushed a commit to branch master
in repository libeufin.
The following commit(s) were added to refs/heads/master by this push:
new c207d93 Backup/restore keys using base64.
c207d93 is described below
commit c207d9340e3ab75f2706c5fdceb03640aec6f0b2
Author: Marcello Stanisci <address@hidden>
AuthorDate: Wed Jan 29 15:47:08 2020 +0100
Backup/restore keys using base64.
---
nexus/src/main/kotlin/tech/libeufin/nexus/JSON.kt | 6 ++--
nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt | 41 +++++------------------
util/src/main/kotlin/hex.kt | 7 ----
util/src/main/kotlin/strings.kt | 16 +++++++++
4 files changed, 28 insertions(+), 42 deletions(-)
diff --git a/nexus/src/main/kotlin/tech/libeufin/nexus/JSON.kt
b/nexus/src/main/kotlin/tech/libeufin/nexus/JSON.kt
index 6eb65ba..9cd9651 100644
--- a/nexus/src/main/kotlin/tech/libeufin/nexus/JSON.kt
+++ b/nexus/src/main/kotlin/tech/libeufin/nexus/JSON.kt
@@ -22,9 +22,9 @@ data class EbicsDateRange(
* the client must provide the passphrase.
*/
data class EbicsKeysBackup(
- val authBlob: ByteArray,
- val encBlob: ByteArray,
- val sigBlob: ByteArray,
+ val authBlob: String,
+ val encBlob: String,
+ val sigBlob: String,
val passphrase: String? = null
)
diff --git a/nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt
b/nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt
index 1439754..44bcc48 100644
--- a/nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt
+++ b/nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt
@@ -453,7 +453,6 @@ fun main() {
}
get("/ebics/subscribers") {
-
var ret = EbicsSubscribersResponse()
transaction {
EbicsSubscriberEntity.all().forEach {
@@ -534,7 +533,6 @@ fun main() {
call.respond(NexusError("Could not store the new account
into database"))
return@post
}
-
call.respondText(
"Subscriber registered, ID: ${row.id.value}",
ContentType.Text.Plain,
@@ -575,13 +573,13 @@ fun main() {
val (authKey, encKey, sigKey) = try {
Triple(
CryptoUtil.decryptKey(
- EncryptedPrivateKeyInfo(body.authBlob),
body.passphrase!!
+
EncryptedPrivateKeyInfo(base64ToBytes(body.authBlob)), body.passphrase!!
),
CryptoUtil.decryptKey(
- EncryptedPrivateKeyInfo(body.encBlob),
body.passphrase
+
EncryptedPrivateKeyInfo(base64ToBytes(body.encBlob)), body.passphrase
),
CryptoUtil.decryptKey(
- EncryptedPrivateKeyInfo(body.sigBlob),
body.passphrase
+
EncryptedPrivateKeyInfo(base64ToBytes(body.sigBlob)), body.passphrase
)
)
} catch (e: Exception) {
@@ -606,24 +604,23 @@ fun main() {
val id = expectId(call.parameters["id"])
val body = call.receive<EbicsBackupRequest>()
-
val content = transaction {
val subscriber = EbicsSubscriberEntity.findById(id) ?:
throw SubscriberNotFoundError(
HttpStatusCode.NotFound
)
EbicsKeysBackup(
- authBlob = CryptoUtil.encryptKey(
+ authBlob = bytesToBase64(CryptoUtil.encryptKey(
subscriber.authenticationPrivateKey.toByteArray(),
body.passphrase
- ),
- encBlob = CryptoUtil.encryptKey(
+ )),
+ encBlob = bytesToBase64(CryptoUtil.encryptKey(
subscriber.encryptionPrivateKey.toByteArray(),
body.passphrase
- ),
- sigBlob = CryptoUtil.encryptKey(
+ )),
+ sigBlob = bytesToBase64(CryptoUtil.encryptKey(
subscriber.signaturePrivateKey.toByteArray(),
body.passphrase
- )
+ ))
)
}
call.response.headers.append("Content-Disposition",
"attachment")
@@ -654,8 +651,6 @@ fun main() {
)
return@post
}
-
-
val usd_encrypted = CryptoUtil.encryptEbicsE002(
EbicsOrderUtil.encodeOrderDataXml(
@@ -668,7 +663,6 @@ fun main() {
),
subscriberData.bankEncPub!!
)
-
val response = client.postToBankSignedAndVerify<EbicsRequest,
EbicsResponse>(
subscriberData.ebicsUrl,
createUploadInitializationPhase(
@@ -679,43 +673,35 @@ fun main() {
subscriberData.bankAuthPub!!,
subscriberData.customerEncPriv
)
-
if (response.value.body.returnCode.value != "000000") {
throw EbicsError(response.value.body.returnCode.value)
}
-
logger.debug("INIT phase passed!")
-
/* now send actual payload */
val compressedInnerPayload = DeflaterInputStream(
payload.toByteArray().inputStream()
).use { it.readAllBytes() }
-
val encryptedPayload =
CryptoUtil.encryptEbicsE002withTransactionKey(
compressedInnerPayload,
subscriberData.bankEncPub!!,
usd_encrypted.plainTransactionKey!!
)
-
val tmp = EbicsRequest.createForUploadTransferPhase(
subscriberData.hostId,
response.value.header._static.transactionID!!,
BigInteger.ONE,
encryptedPayload.encryptedData
)
-
val responseTransaction =
client.postToBankSignedAndVerify<EbicsRequest, EbicsResponse>(
subscriberData.ebicsUrl,
tmp,
subscriberData.bankAuthPub!!,
subscriberData.customerAuthPriv
)
-
if (responseTransaction.value.body.returnCode.value !=
"000000") {
throw EbicsError(response.value.body.returnCode.value)
}
-
call.respondText(
"TST INITIALIZATION & TRANSACTION phases succeeded\n",
ContentType.Text.Plain,
@@ -744,24 +730,20 @@ fun main() {
),
bundle.customerAuthPriv
)
-
if (response.value.body.returnCode.value != "000000") {
throw EbicsError(response.value.body.returnCode.value)
}
-
val er = CryptoUtil.EncryptionResult(
response.value.body.dataTransfer!!.dataEncryptionInfo!!.transactionKey,
(response.value.body.dataTransfer!!.dataEncryptionInfo as
EbicsTypes.DataEncryptionInfo)
.encryptionPubKeyDigest.value,
response.value.body.dataTransfer!!.orderData.value
)
-
val dataCompr = CryptoUtil.decryptEbicsE002(
er,
bundle.customerEncPriv
)
val data =
EbicsOrderUtil.decodeOrderDataXml<HPBResponseOrderData>(dataCompr)
-
// put bank's keys into database.
transaction {
val subscriber = EbicsSubscriberEntity.findById(id)
@@ -773,7 +755,6 @@ fun main() {
data.authenticationPubKeyInfo.pubKeyValue.rsaKeyValue.exponent
).encoded
)
-
subscriber.bankEncryptionPublicKey = SerialBlob(
CryptoUtil.loadRsaPublicKeyFromComponents(
data.encryptionPubKeyInfo.pubKeyValue.rsaKeyValue.modulus,
@@ -798,7 +779,6 @@ fun main() {
)
)
}
-
val responseJaxb =
client.postToBankUnsigned<EbicsUnsecuredRequest, EbicsKeyManagementResponse>(
subscriberData.ebicsUrl,
EbicsUnsecuredRequest.createHia(
@@ -809,17 +789,14 @@ fun main() {
subscriberData.customerEncPriv
)
)
-
if (responseJaxb.value.body.returnCode.value != "000000") {
throw EbicsError(responseJaxb.value.body.returnCode.value)
}
-
call.respondText(
"Bank accepted authentication and encryption keys\n",
ContentType.Text.Plain,
HttpStatusCode.OK
)
-
return@post
}
}
diff --git a/util/src/main/kotlin/hex.kt b/util/src/main/kotlin/hex.kt
deleted file mode 100644
index b14d730..0000000
--- a/util/src/main/kotlin/hex.kt
+++ /dev/null
@@ -1,7 +0,0 @@
-package tech.libeufin.util
-
-fun ByteArray.toHexString() : String {
- return this.joinToString("") {
- java.lang.String.format("%02x", it)
- }
-}
diff --git a/util/src/main/kotlin/strings.kt b/util/src/main/kotlin/strings.kt
new file mode 100644
index 0000000..6fdcfd3
--- /dev/null
+++ b/util/src/main/kotlin/strings.kt
@@ -0,0 +1,16 @@
+package tech.libeufin.util
+import java.util.*
+
+fun ByteArray.toHexString() : String {
+ return this.joinToString("") {
+ java.lang.String.format("%02x", it)
+ }
+}
+
+fun bytesToBase64(bytes: ByteArray): String {
+ return Base64.getEncoder().encodeToString(bytes)
+}
+
+fun base64ToBytes(encoding: String): ByteArray {
+ return Base64.getDecoder().decode(encoding)
+}
--
To stop receiving notification emails like this one, please contact
address@hidden.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [libeufin] branch master updated: Backup/restore keys using base64.,
gnunet <=