Commit 5b31cf31 authored by Cypres TAC's avatar Cypres TAC
Browse files

Merge branch 'master' into 'test-enhancements'

# Conflicts:
#   CLEA-lib/java/src/test/java/fr/inria/clea/lsp/LocationSpecificPartTest.java
parents cec026fe 468f1889
Pipeline #227575 failed with stage
in 1 minute and 19 seconds
......@@ -3,14 +3,14 @@
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>fr.inria.clea</groupId>
<artifactId>clea-lsp</artifactId>
<artifactId>clea-crypto</artifactId>
<version>0.0.1-SNAPSHOT</version>
<dependencies>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-jdk14</artifactId>
<version>1.7.25</version>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<version>1.2.3</version>
</dependency>
<dependency>
<groupId>com.github.devnied</groupId>
......@@ -20,7 +20,7 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk15on</artifactId>
<version>1.58</version>
<version>1.68</version>
</dependency>
<dependency>
<groupId>javax.validation</groupId>
......
......@@ -44,8 +44,6 @@ import org.bouncycastle.jce.spec.ECPublicKeySpec;
import org.bouncycastle.math.ec.ECPoint;
import org.bouncycastle.util.encoders.Hex;
import lombok.extern.slf4j.Slf4j;
/**
* Encryption/Decription respecting ECIES-KEM (Elliptic Curve Integrated
* Encryption Scheme with Key encapsulation mechanisms )
......@@ -58,7 +56,6 @@ import lombok.extern.slf4j.Slf4j;
* for Public-Key Encryption”, 2006</a>
*
*/
@Slf4j
public class CleaEciesEncoder {
/* Type of the elliptic curve */
......@@ -329,7 +326,6 @@ public class CleaEciesEncoder {
return locationTemporarySecretKey;
} catch (IOException | NoSuchAlgorithmException e) {
log.error("Error when computing location temporary secret key!", e);
throw new CleaEncryptionException(e);
}
}
......@@ -359,7 +355,6 @@ public class CleaEciesEncoder {
return locationTemporaryPublicID;
} catch (InvalidKeyException | NoSuchAlgorithmException | IllegalStateException | UnsupportedEncodingException e) {
log.error("Error when computing location temporary secret key!", e);
throw new CleaEncryptionException(e);
}
}
......
/*
* Copyright (C) Inria, 2021
*/
package fr.inria.clea.lsp;
import java.util.Arrays;
import java.util.UUID;
import javax.validation.constraints.Max;
import fr.devnied.bitlib.BitUtils;
import fr.inria.clea.lsp.LocationSpecificPart.LocationSpecificPartBuilder;
import lombok.Builder;
import lombok.EqualsAndHashCode;
import lombok.Getter;
import lombok.ToString;
/**
* LocationSpecificPart (LSP) contents data respecting the CLEA protocol
*
* @see <a href="https://hal.inria.fr/hal-03146022">CLEA protocol</a>
*/
@Builder
@Getter
@EqualsAndHashCode
@ToString
public class EncryptedLocationSpecificPart {
/* Clea protocol version number */
@Builder.Default
@Max(value = 8)
private int version = 0;
/*
* LSP type, in order to be able to use multiple formats in parallel in the
* future.
*/
@Builder.Default
@Max(value = 8)
private int type = 0;
/*
* Location Temporary public universally unique Identifier (UUID), specific to a
* given location at a given period.
*/
private UUID locationTemporaryPublicId;
/*
* Location Specific Part in binary format without the Header (non-encrypted data) and encrypted.
*/
private byte[] encryptedLocationMessage;
/**
* Unpack the data message (binary format) :
* | Staff | pad2 |CRIexp | vType |
* vCat1 | vCat2 | countryCode | | periodDuration | ct_periodStart | t_qrStart |
* LTKey | to extract parameters
*/
public LocationSpecificPart decodeMessage() {
byte[] messageBinary = Arrays.copyOfRange(encryptedLocationMessage, 0, CleaEciesEncoder.MSG_BYTES_SIZE);
BitUtils message = new BitUtils(messageBinary);
byte[] encryptedLocationContactMessage = Arrays.copyOfRange(encryptedLocationMessage,
CleaEciesEncoder.MSG_BYTES_SIZE, encryptedLocationMessage.length);
if (encryptedLocationContactMessage.length == 0) {
encryptedLocationContactMessage = null;
}
LocationSpecificPartBuilder locationSpecificPartbuilder = LocationSpecificPart.builder()
.version(version)
.type(type)
.locationTemporaryPublicId(locationTemporaryPublicId)
.staff(message.getNextInteger(1) == 1);
message.getNextInteger(1); // skip locationContactMessagePresent
locationSpecificPartbuilder
.countryCode(message.getNextInteger(12))
.qrCodeRenewalIntervalExponentCompact(message.getNextInteger(5))
.venueType(message.getNextInteger(5))
.venueCategory1(message.getNextInteger(4))
.venueCategory2(message.getNextInteger(4))
.periodDuration(message.getNextInteger(8))
.compressedPeriodStartTime(message.getNextInteger(24))
.qrCodeValidityStartTime(message.getNextInteger(32))
.locationTemporarySecretKey(message.getNextByte(256))
.encryptedLocationContactMessage(encryptedLocationContactMessage);
return locationSpecificPartbuilder.build();
}
}
......@@ -33,7 +33,6 @@ public class LocationContactMessageEncoder {
} catch (NoSuchAlgorithmException | InvalidKeySpecException | NoSuchProviderException
| InvalidAlgorithmParameterException | IllegalStateException | InvalidCipherTextException
| IOException e) {
log.error("Cannot encrypt Location Contact Message", e);
throw new CleaEncryptionException(e);
}
}
......@@ -111,7 +110,6 @@ public class LocationContactMessageEncoder {
return new LocationContact(locationPhone.toString(), locationPin.toString(), periodStartTime);
} catch (NoSuchAlgorithmException | InvalidKeySpecException | IllegalStateException | InvalidCipherTextException
| IOException e) {
log.error("Cannot encrypt Location Contact Message", e);
throw new CleaEncryptionException(e);
}
}
......
......@@ -12,11 +12,11 @@ import java.util.Base64;
import org.bouncycastle.crypto.InvalidCipherTextException;
import fr.devnied.bitlib.BitUtils;
import fr.inria.clea.lsp.LocationSpecificPart.LocationSpecificPartBuilder;
import fr.inria.clea.lsp.EncryptedLocationSpecificPart.EncryptedLocationSpecificPartBuilder;
import lombok.extern.slf4j.Slf4j;
/**
* locationSpecificPart (LSP) contents reader respecting the CLEA protocol
* LocationSpecificPart (LSP) contents reader respecting the CLEA protocol
*
* @see <a href="https://hal.inria.fr/hal-03146022">CLEA protocol</a>
*/
......@@ -33,48 +33,14 @@ public class LocationSpecificPartDecoder {
}
/**
* Unpack the data message (binary format) :
* | Staff | pad2 |CRIexp | vType |
* vCat1 | vCat2 | countryCode | | periodDuration | ct_periodStart | t_qrStart |
* LTKey | to extract parameters
* Unpack the data decrypted header (binary format):
* | version | LSPtype | pad | LTId | to extract parameters
*/
private LocationSpecificPart decodeMessage(byte[] binaryLocationSpecificPart) {
byte[] messageBinary = Arrays.copyOfRange(binaryLocationSpecificPart, CleaEciesEncoder.HEADER_BYTES_SIZE,
CleaEciesEncoder.HEADER_BYTES_SIZE + CleaEciesEncoder.MSG_BYTES_SIZE);
BitUtils message = new BitUtils(messageBinary);
byte[] encryptedLocationContactMessage = Arrays.copyOfRange(binaryLocationSpecificPart,
CleaEciesEncoder.HEADER_BYTES_SIZE + CleaEciesEncoder.MSG_BYTES_SIZE, binaryLocationSpecificPart.length);
if (encryptedLocationContactMessage.length == 0) {
encryptedLocationContactMessage = null;
}
LocationSpecificPartBuilder locationSpecificPartbuilder = LocationSpecificPart.builder()
.staff(message.getNextInteger(1) == 1);
message.getNextInteger(1); // skip locationContactMessagePresent
locationSpecificPartbuilder
.countryCode(message.getNextInteger(12))
.qrCodeRenewalIntervalExponentCompact(message.getNextInteger(5))
.venueType(message.getNextInteger(5))
.venueCategory1(message.getNextInteger(4))
.venueCategory2(message.getNextInteger(4))
.periodDuration(message.getNextInteger(8))
.compressedPeriodStartTime(message.getNextInteger(24))
.qrCodeValidityStartTime(message.getNextInteger(32))
.locationTemporarySecretKey(message.getNextByte(256))
.encryptedLocationContactMessage(encryptedLocationContactMessage);
this.setHeader(binaryLocationSpecificPart, locationSpecificPartbuilder);
return locationSpecificPartbuilder.build();
}
/**
* Unpack the data decrypted header (binary format): | version | LSPtype | pad |
* LTId | to extract parameters
*/
private void setHeader(byte[] binaryLocationSpecificPart, LocationSpecificPartBuilder locationSpecificPartbuilder) {
private EncryptedLocationSpecificPart decodeHeader(byte[] binaryLocationSpecificPart) {
byte[] headerBinary = Arrays.copyOfRange(binaryLocationSpecificPart, 0, CleaEciesEncoder.HEADER_BYTES_SIZE);
BitUtils header = new BitUtils(headerBinary);
locationSpecificPartbuilder
EncryptedLocationSpecificPartBuilder builder = EncryptedLocationSpecificPart.builder()
.version(header.getNextInteger(3))
.type(header.getNextInteger(3));
/* padding (2 bits) */
......@@ -83,7 +49,11 @@ public class LocationSpecificPartDecoder {
/* LTId (16 bytes) */
byte[] uuidBinary = new byte[16];
uuidBinary = header.getNextByte(128);
locationSpecificPartbuilder.locationTemporaryPublicId(this.cleaEciesEncoder.bytesToUuid(uuidBinary));
builder.locationTemporaryPublicId(this.cleaEciesEncoder.bytesToUuid(uuidBinary));
byte[] messageBinary = Arrays.copyOfRange(binaryLocationSpecificPart, CleaEciesEncoder.HEADER_BYTES_SIZE,
binaryLocationSpecificPart.length);
builder.encryptedLocationMessage(messageBinary);
return builder.build();
}
/**
......@@ -92,7 +62,7 @@ public class LocationSpecificPartDecoder {
* @param lspBase64 Location Specific Part in base64
* @throws CleaEncryptionException
*/
public LocationSpecificPart decrypt(String lspBase64) throws CleaEncryptionException {
public EncryptedLocationSpecificPart decrypt(String lspBase64) throws CleaEncryptionException {
byte[] encryptedLocationSpecificPart = Base64.getDecoder().decode(lspBase64);
log.debug("Base 64 decoded LSP: {}", encryptedLocationSpecificPart);
byte[] binaryLocationSpecificPart;
......@@ -100,9 +70,9 @@ public class LocationSpecificPartDecoder {
binaryLocationSpecificPart = this.cleaEciesEncoder.decrypt(encryptedLocationSpecificPart, this.serverAuthoritySecretKey, true);
} catch (NoSuchAlgorithmException | InvalidKeySpecException | IllegalStateException | InvalidCipherTextException
| IOException e) {
log.error("Cannot decrypt Location Specific Part", e);
throw new CleaEncryptionException(e);
}
return this.decodeMessage(binaryLocationSpecificPart);
return this.decodeHeader(binaryLocationSpecificPart);
//this.decodeMessage(binaryLocationSpecificPart);
}
}
......@@ -117,7 +117,6 @@ public class LocationSpecificPartEncoder {
log.debug("message length: {}, encrypted message length: {} ", message.length, encryptedMessage.length);
return encryptedMessage;
} catch (Exception e) {
log.error("Cannot encrypt Location Specific Part", e);
throw new CleaEncryptionException(e);
}
}
......
......@@ -32,7 +32,7 @@ public class LspEncoderDecoder {
String serverAuthoritySecretKey = args[2];
String manualContactTracingAuthoritySecretKey = args[3];
LocationSpecificPartDecoder lspDecoder = new LocationSpecificPartDecoder(serverAuthoritySecretKey);
LocationSpecificPart lsp = lspDecoder.decrypt(lspBase64);
LocationSpecificPart lsp = lspDecoder.decrypt(lspBase64).decodeMessage();
String valuesToreturn = (lsp.isStaff()? 1 : 0) + " " + lsp.getCountryCode() + " " + lsp.getQrCodeRenewalIntervalExponentCompact() + " " + lsp.getVenueType();
valuesToreturn += " " + lsp.getVenueCategory1() + " " + lsp.getVenueCategory2() + " " + lsp.getPeriodDuration() + " " + lsp.getLocationTemporaryPublicId();
......
......@@ -118,7 +118,8 @@ class LocationSpecificPartTest {
String encryptedLocationSpecificPart = location.getLocationSpecificPartEncryptedBase64();
assertThat(encryptedLocationSpecificPart).isNotNull();
/* Decode the encoded LSP */
LocationSpecificPart decodedLsp = new LocationSpecificPartDecoder(serverAuthorityKeyPair[0]).decrypt(encryptedLocationSpecificPart);
LocationSpecificPart decodedLsp = new LocationSpecificPartDecoder(serverAuthorityKeyPair[0])
.decrypt(encryptedLocationSpecificPart).decodeMessage();
assertThat(decodedLsp).isEqualTo(lsp);
assertThat(lsp.getEncryptedLocationContactMessage()).isNotNull();
......@@ -148,7 +149,8 @@ class LocationSpecificPartTest {
/* Encode a LSP with location */
String encryptedLocationSpecificPart = location.getLocationSpecificPartEncryptedBase64();
/* Decode the encoded LSP */
LocationSpecificPart decodedLsp = new LocationSpecificPartDecoder(serverAuthorityKeyPair[0]).decrypt(encryptedLocationSpecificPart);
LocationSpecificPart decodedLsp = new LocationSpecificPartDecoder(serverAuthorityKeyPair[0])
.decrypt(encryptedLocationSpecificPart).decodeMessage();
assertThat(decodedLsp).isEqualTo(lsp);
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment