Merge branch 'master' into 'test-enhancements'

# Conflicts: # CLEA-lib/java/src/test/java/fr/inria/clea/lsp/LocationSpecificPartTest.java

Merge branch 'master' into 'test-enhancements'
# Conflicts: # CLEA-lib/java/src/test/java/fr/inria/clea/lsp/LocationSpecificPartTest.java
5b31cf31 · Cypres TAC · cec026fe · 468f1889 · 5b31cf31 · 5b31cf31
Commit 5b31cf31 authored Mar 20, 2021 by Cypres TAC
--- a/CLEA-lib/java/pom.xml
+++ b/CLEA-lib/java/pom.xml
@@ -3,14 +3,14 @@
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <groupId>fr.inria.clea</groupId>
-    <artifactId>clea-lsp</artifactId>
+    <artifactId>clea-crypto</artifactId>
    <version>0.0.1-SNAPSHOT</version>

    <dependencies>
        <dependency>
-            <groupId>org.slf4j</groupId>
-            <artifactId>slf4j-jdk14</artifactId>
-            <version>1.7.25</version>
+            <groupId>ch.qos.logback</groupId>
+            <artifactId>logback-classic</artifactId>
+            <version>1.2.3</version>
        </dependency>
        <dependency>
            <groupId>com.github.devnied</groupId>
@@ -20,7 +20,7 @@
        <dependency>
            <groupId>org.bouncycastle</groupId>
            <artifactId>bcpkix-jdk15on</artifactId>
-            <version>1.58</version>
+            <version>1.68</version>
        </dependency>
        <dependency>
            <groupId>javax.validation</groupId>

--- a/CLEA-lib/java/src/main/java/fr/inria/clea/lsp/CleaEciesEncoder.java
+++ b/CLEA-lib/java/src/main/java/fr/inria/clea/lsp/CleaEciesEncoder.java
@@ -44,8 +44,6 @@ import org.bouncycastle.jce.spec.ECPublicKeySpec;
 import org.bouncycastle.math.ec.ECPoint;
 import org.bouncycastle.util.encoders.Hex;

-import lombok.extern.slf4j.Slf4j;
-
 /**
 * Encryption/Decription respecting ECIES-KEM (Elliptic Curve Integrated
 * Encryption Scheme with Key encapsulation mechanisms )
@@ -58,7 +56,6 @@ import lombok.extern.slf4j.Slf4j;
 *      for Public-Key Encryption”, 2006</a>
 * 
 */
-@Slf4j
 public class CleaEciesEncoder {

    /* Type of the elliptic curve */
@@ -329,7 +326,6 @@ public class CleaEciesEncoder {

            return locationTemporarySecretKey;
        } catch (IOException | NoSuchAlgorithmException e) {
-            log.error("Error when computing location temporary secret key!", e);
            throw new CleaEncryptionException(e);
        }
    }
@@ -359,7 +355,6 @@ public class CleaEciesEncoder {
    
            return locationTemporaryPublicID;
        } catch (InvalidKeyException | NoSuchAlgorithmException | IllegalStateException | UnsupportedEncodingException e) {
-            log.error("Error when computing location temporary secret key!", e);
            throw new CleaEncryptionException(e);
        }
    }

--- a/CLEA-lib/java/src/main/java/fr/inria/clea/lsp/EncryptedLocationSpecificPart.java
+++ b/CLEA-lib/java/src/main/java/fr/inria/clea/lsp/EncryptedLocationSpecificPart.java
+/* 
+ * Copyright (C) Inria, 2021
+ */
+package fr.inria.clea.lsp;
+
+import java.util.Arrays;
+import java.util.UUID;
+
+import javax.validation.constraints.Max;
+
+import fr.devnied.bitlib.BitUtils;
+import fr.inria.clea.lsp.LocationSpecificPart.LocationSpecificPartBuilder;
+import lombok.Builder;
+import lombok.EqualsAndHashCode;
+import lombok.Getter;
+import lombok.ToString;
+
+/**
+ * LocationSpecificPart (LSP) contents data respecting the CLEA protocol
+ * 
+ * @see <a href="https://hal.inria.fr/hal-03146022">CLEA protocol</a>
+ */
+@Builder
+@Getter
+@EqualsAndHashCode
+@ToString
+public class EncryptedLocationSpecificPart {
+    /* Clea protocol version number */
+    @Builder.Default
+    @Max(value = 8)
+    private int version = 0;
+    
+    /*
+     * LSP type, in order to be able to use multiple formats in parallel in the
+     * future.
+     */
+    @Builder.Default
+    @Max(value = 8)
+    private int type = 0;
+    
+    /*
+     * Location Temporary public universally unique Identifier (UUID), specific to a
+     * given location at a given period.
+     */
+    private UUID locationTemporaryPublicId;
+    
+    /*
+     * Location Specific Part in binary format without the Header (non-encrypted data) and encrypted.
+     */
+    private byte[] encryptedLocationMessage;
+    
+    /**
+     * Unpack the data message (binary format) :
+     * | Staff | pad2 |CRIexp | vType |
+     * vCat1 | vCat2 | countryCode | | periodDuration | ct_periodStart | t_qrStart |
+     * LTKey | to extract parameters
+     */
+    public LocationSpecificPart decodeMessage() {
+        byte[] messageBinary = Arrays.copyOfRange(encryptedLocationMessage, 0, CleaEciesEncoder.MSG_BYTES_SIZE);
+        BitUtils message = new BitUtils(messageBinary);
+        byte[] encryptedLocationContactMessage = Arrays.copyOfRange(encryptedLocationMessage, 
+                CleaEciesEncoder.MSG_BYTES_SIZE, encryptedLocationMessage.length);
+        if (encryptedLocationContactMessage.length == 0) {
+            encryptedLocationContactMessage = null;
+        }
+        
+        LocationSpecificPartBuilder locationSpecificPartbuilder = LocationSpecificPart.builder()
+            .version(version)
+            .type(type)
+            .locationTemporaryPublicId(locationTemporaryPublicId)
+            .staff(message.getNextInteger(1) == 1);
+        message.getNextInteger(1); // skip locationContactMessagePresent
+        locationSpecificPartbuilder
+            .countryCode(message.getNextInteger(12))
+            .qrCodeRenewalIntervalExponentCompact(message.getNextInteger(5))
+            .venueType(message.getNextInteger(5))
+            .venueCategory1(message.getNextInteger(4))
+            .venueCategory2(message.getNextInteger(4))
+            .periodDuration(message.getNextInteger(8))
+            .compressedPeriodStartTime(message.getNextInteger(24))
+            .qrCodeValidityStartTime(message.getNextInteger(32))
+            .locationTemporarySecretKey(message.getNextByte(256))
+            .encryptedLocationContactMessage(encryptedLocationContactMessage);
+        return locationSpecificPartbuilder.build();            
+    }
+}
--- a/CLEA-lib/java/src/main/java/fr/inria/clea/lsp/LocationContactMessageEncoder.java
+++ b/CLEA-lib/java/src/main/java/fr/inria/clea/lsp/LocationContactMessageEncoder.java
@@ -33,7 +33,6 @@ public class LocationContactMessageEncoder {
        } catch (NoSuchAlgorithmException | InvalidKeySpecException | NoSuchProviderException
                | InvalidAlgorithmParameterException | IllegalStateException | InvalidCipherTextException
                | IOException e) {
-            log.error("Cannot encrypt Location Contact Message", e);
            throw new CleaEncryptionException(e);
        }
    }
@@ -111,7 +110,6 @@ public class LocationContactMessageEncoder {
            return new LocationContact(locationPhone.toString(), locationPin.toString(), periodStartTime);
        } catch (NoSuchAlgorithmException | InvalidKeySpecException | IllegalStateException | InvalidCipherTextException
                | IOException e) {
-            log.error("Cannot encrypt Location Contact Message", e);
            throw new CleaEncryptionException(e);
        }
    }

--- a/CLEA-lib/java/src/main/java/fr/inria/clea/lsp/LocationSpecificPartDecoder.java
+++ b/CLEA-lib/java/src/main/java/fr/inria/clea/lsp/LocationSpecificPartDecoder.java
@@ -12,11 +12,11 @@ import java.util.Base64;
 import org.bouncycastle.crypto.InvalidCipherTextException;

 import fr.devnied.bitlib.BitUtils;
-import fr.inria.clea.lsp.LocationSpecificPart.LocationSpecificPartBuilder;
+import fr.inria.clea.lsp.EncryptedLocationSpecificPart.EncryptedLocationSpecificPartBuilder;
 import lombok.extern.slf4j.Slf4j;

 /**
- * locationSpecificPart (LSP) contents reader respecting the CLEA protocol
+ * LocationSpecificPart (LSP) contents reader respecting the CLEA protocol
 * 
 * @see <a href="https://hal.inria.fr/hal-03146022">CLEA protocol</a>
 */
@@ -33,48 +33,14 @@ public class LocationSpecificPartDecoder {
    }

    /**
-     * Unpack the data message (binary format) :
-     * | Staff | pad2 |CRIexp | vType |
-     * vCat1 | vCat2 | countryCode | | periodDuration | ct_periodStart | t_qrStart |
-     * LTKey | to extract parameters
+     * Unpack the data decrypted header (binary format): 
+     * | version | LSPtype | pad | LTId | to extract parameters
     */
-    private LocationSpecificPart decodeMessage(byte[] binaryLocationSpecificPart) {
-        byte[] messageBinary = Arrays.copyOfRange(binaryLocationSpecificPart, CleaEciesEncoder.HEADER_BYTES_SIZE,
-                CleaEciesEncoder.HEADER_BYTES_SIZE + CleaEciesEncoder.MSG_BYTES_SIZE);
-        BitUtils message = new BitUtils(messageBinary);
-        byte[] encryptedLocationContactMessage = Arrays.copyOfRange(binaryLocationSpecificPart, 
-                CleaEciesEncoder.HEADER_BYTES_SIZE + CleaEciesEncoder.MSG_BYTES_SIZE, binaryLocationSpecificPart.length);
-        if (encryptedLocationContactMessage.length == 0) {
-            encryptedLocationContactMessage = null;
-        }
-        
-        LocationSpecificPartBuilder locationSpecificPartbuilder = LocationSpecificPart.builder()
-            .staff(message.getNextInteger(1) == 1);
-        message.getNextInteger(1); // skip locationContactMessagePresent
-        locationSpecificPartbuilder
-            .countryCode(message.getNextInteger(12))
-            .qrCodeRenewalIntervalExponentCompact(message.getNextInteger(5))
-            .venueType(message.getNextInteger(5))
-            .venueCategory1(message.getNextInteger(4))
-            .venueCategory2(message.getNextInteger(4))
-            .periodDuration(message.getNextInteger(8))
-            .compressedPeriodStartTime(message.getNextInteger(24))
-            .qrCodeValidityStartTime(message.getNextInteger(32))
-            .locationTemporarySecretKey(message.getNextByte(256))
-            .encryptedLocationContactMessage(encryptedLocationContactMessage);
-        this.setHeader(binaryLocationSpecificPart, locationSpecificPartbuilder);
-        return locationSpecificPartbuilder.build();            
-    }
-    
-    /**
-     * Unpack the data decrypted header (binary format): | version | LSPtype | pad |
-     * LTId | to extract parameters
-     */
-    private void setHeader(byte[] binaryLocationSpecificPart, LocationSpecificPartBuilder locationSpecificPartbuilder) {
+    private EncryptedLocationSpecificPart decodeHeader(byte[] binaryLocationSpecificPart) {
        byte[] headerBinary = Arrays.copyOfRange(binaryLocationSpecificPart, 0, CleaEciesEncoder.HEADER_BYTES_SIZE);
        BitUtils header = new BitUtils(headerBinary);

-        locationSpecificPartbuilder
+        EncryptedLocationSpecificPartBuilder builder = EncryptedLocationSpecificPart.builder()
            .version(header.getNextInteger(3))
            .type(header.getNextInteger(3));
        /* padding (2 bits) */
@@ -83,7 +49,11 @@ public class LocationSpecificPartDecoder {
        /* LTId (16 bytes) */
        byte[] uuidBinary = new byte[16];
        uuidBinary = header.getNextByte(128);
-        locationSpecificPartbuilder.locationTemporaryPublicId(this.cleaEciesEncoder.bytesToUuid(uuidBinary));
+        builder.locationTemporaryPublicId(this.cleaEciesEncoder.bytesToUuid(uuidBinary));
+        byte[] messageBinary = Arrays.copyOfRange(binaryLocationSpecificPart, CleaEciesEncoder.HEADER_BYTES_SIZE,
+                binaryLocationSpecificPart.length);
+        builder.encryptedLocationMessage(messageBinary);
+        return builder.build();
    }
    
    /**
@@ -92,7 +62,7 @@ public class LocationSpecificPartDecoder {
     * @param lspBase64 Location Specific Part in base64
     * @throws CleaEncryptionException 
     */
-    public LocationSpecificPart decrypt(String lspBase64) throws CleaEncryptionException {
+    public EncryptedLocationSpecificPart decrypt(String lspBase64) throws CleaEncryptionException {
        byte[] encryptedLocationSpecificPart = Base64.getDecoder().decode(lspBase64);
        log.debug("Base 64 decoded LSP: {}", encryptedLocationSpecificPart);
        byte[] binaryLocationSpecificPart;
@@ -100,9 +70,9 @@ public class LocationSpecificPartDecoder {
            binaryLocationSpecificPart = this.cleaEciesEncoder.decrypt(encryptedLocationSpecificPart, this.serverAuthoritySecretKey, true);
        } catch (NoSuchAlgorithmException | InvalidKeySpecException | IllegalStateException | InvalidCipherTextException
                | IOException e) {
-            log.error("Cannot decrypt Location Specific Part", e);
            throw new CleaEncryptionException(e);
        }
-        return this.decodeMessage(binaryLocationSpecificPart);
+        return this.decodeHeader(binaryLocationSpecificPart);
+                //this.decodeMessage(binaryLocationSpecificPart);
    }
 }
--- a/CLEA-lib/java/src/main/java/fr/inria/clea/lsp/LocationSpecificPartEncoder.java
+++ b/CLEA-lib/java/src/main/java/fr/inria/clea/lsp/LocationSpecificPartEncoder.java
@@ -117,7 +117,6 @@ public class LocationSpecificPartEncoder {
            log.debug("message length: {}, encrypted message length: {} ", message.length, encryptedMessage.length);
            return encryptedMessage;            
        } catch (Exception e) {
-            log.error("Cannot encrypt Location Specific Part", e);
            throw new CleaEncryptionException(e);
        }
    }

--- a/CLEA-lib/java/src/main/java/fr/inria/clea/lsp/LspEncoderDecoder.java
+++ b/CLEA-lib/java/src/main/java/fr/inria/clea/lsp/LspEncoderDecoder.java
@@ -32,7 +32,7 @@ public class LspEncoderDecoder {
        String serverAuthoritySecretKey = args[2];
        String manualContactTracingAuthoritySecretKey = args[3];
        LocationSpecificPartDecoder lspDecoder = new LocationSpecificPartDecoder(serverAuthoritySecretKey);
-        LocationSpecificPart lsp = lspDecoder.decrypt(lspBase64);
+        LocationSpecificPart lsp = lspDecoder.decrypt(lspBase64).decodeMessage();
      
        String valuesToreturn =  (lsp.isStaff()? 1 : 0) + " " + lsp.getCountryCode() + " " + lsp.getQrCodeRenewalIntervalExponentCompact()  + " " + lsp.getVenueType(); 
        valuesToreturn += " " + lsp.getVenueCategory1() + " " + lsp.getVenueCategory2() + " " + lsp.getPeriodDuration() + " " + lsp.getLocationTemporaryPublicId();

--- a/CLEA-lib/java/src/test/java/fr/inria/clea/lsp/LocationSpecificPartTest.java
+++ b/CLEA-lib/java/src/test/java/fr/inria/clea/lsp/LocationSpecificPartTest.java
@@ -118,7 +118,8 @@ class LocationSpecificPartTest {
        String encryptedLocationSpecificPart = location.getLocationSpecificPartEncryptedBase64();
        assertThat(encryptedLocationSpecificPart).isNotNull();
        /* Decode the encoded LSP */
-        LocationSpecificPart decodedLsp = new LocationSpecificPartDecoder(serverAuthorityKeyPair[0]).decrypt(encryptedLocationSpecificPart);
+        LocationSpecificPart decodedLsp = new LocationSpecificPartDecoder(serverAuthorityKeyPair[0])
+                .decrypt(encryptedLocationSpecificPart).decodeMessage();
        
        assertThat(decodedLsp).isEqualTo(lsp);
        assertThat(lsp.getEncryptedLocationContactMessage()).isNotNull();
@@ -148,7 +149,8 @@ class LocationSpecificPartTest {
        /* Encode a LSP with location */
        String encryptedLocationSpecificPart = location.getLocationSpecificPartEncryptedBase64();
        /* Decode the encoded LSP */
-        LocationSpecificPart decodedLsp = new LocationSpecificPartDecoder(serverAuthorityKeyPair[0]).decrypt(encryptedLocationSpecificPart);
+        LocationSpecificPart decodedLsp = new LocationSpecificPartDecoder(serverAuthorityKeyPair[0])
+                .decrypt(encryptedLocationSpecificPart).decodeMessage();
        
        assertThat(decodedLsp).isEqualTo(lsp);
    }