Improve crypto

- Re-organize packages to be consistent - Add Key store tests
2019-03-01 15:16:19 +01:00
parent 93bd7354c2
commit dfedde0df6
32 changed files with 362 additions and 78 deletions
--- a/src/main/java/io/kamax/mxisd/crypto/ed25519/Ed25519SignatureManager.java
+++ b/src/main/java/io/kamax/mxisd/crypto/ed25519/Ed25519SignatureManager.java
@@ -0,0 +1,86 @@
+/*
+ * mxisd - Matrix Identity Server Daemon
+ * Copyright (C) 2019 Kamax Sàrl
+ *
+ * https://www.kamax.io/
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package io.kamax.mxisd.crypto.ed25519;
+
+import com.google.gson.JsonObject;
+import io.kamax.matrix.codec.MxBase64;
+import io.kamax.matrix.json.MatrixJson;
+import io.kamax.mxisd.crypto.KeyIdentifier;
+import io.kamax.mxisd.crypto.Signature;
+import io.kamax.mxisd.crypto.SignatureManager;
+import net.i2p.crypto.eddsa.EdDSAEngine;
+
+import java.security.InvalidKeyException;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.SignatureException;
+
+public class Ed25519SignatureManager implements SignatureManager {
+
+    private final Ed25519KeyManager keyMgr;
+
+    public Ed25519SignatureManager(Ed25519KeyManager keyMgr) {
+        this.keyMgr = keyMgr;
+    }
+
+    @Override
+    public JsonObject signMessageGson(String domain, String message) {
+        Signature sign = sign(message);
+
+        JsonObject keySignature = new JsonObject();
+        keySignature.addProperty(sign.getKey().getAlgorithm() + ":" + sign.getKey().getSerial(), sign.getSignature());
+        JsonObject signature = new JsonObject();
+        signature.add(domain, keySignature);
+
+        return signature;
+    }
+
+    @Override
+    public Signature sign(JsonObject obj) {
+        return sign(MatrixJson.encodeCanonical(obj));
+    }
+
+    @Override
+    public Signature sign(byte[] data) {
+        try {
+            KeyIdentifier signingKeyId = keyMgr.getServerSigningKey().getId();
+            EdDSAEngine signEngine = new EdDSAEngine(MessageDigest.getInstance(keyMgr.getKeySpecs().getHashAlgorithm()));
+            signEngine.initSign(keyMgr.getPrivateKey(signingKeyId));
+            byte[] signRaw = signEngine.signOneShot(data);
+            String sign = MxBase64.encode(signRaw);
+
+            return new Signature() {
+                @Override
+                public KeyIdentifier getKey() {
+                    return signingKeyId;
+                }
+
+                @Override
+                public String getSignature() {
+                    return sign;
+                }
+            };
+        } catch (NoSuchAlgorithmException | InvalidKeyException | SignatureException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+}