diff --git a/pom.xml b/pom.xml
index 627bc17..5a52c5d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -92,6 +92,13 @@
+
+
+ com.sun.mail
+ javax.mail
+ 1.6.1
+
+
diff --git a/src/main/java/application/App.java b/src/main/java/application/App.java
index 74cba55..31b627a 100644
--- a/src/main/java/application/App.java
+++ b/src/main/java/application/App.java
@@ -5,7 +5,6 @@ import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.ApplicationContext;
import org.springframework.context.annotation.Bean;
-
import java.util.Arrays;
import java.util.Collections;
diff --git a/src/main/java/encryption/DataEncryption.java b/src/main/java/encryption/DataEncryption.java
new file mode 100644
index 0000000..ee0dba7
--- /dev/null
+++ b/src/main/java/encryption/DataEncryption.java
@@ -0,0 +1,89 @@
+package encryption;
+
+import com.sun.mail.util.BASE64DecoderStream;
+import com.sun.mail.util.BASE64EncoderStream;
+import javax.crypto.Cipher;
+import javax.crypto.KeyGenerator;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import java.io.File;
+import java.nio.charset.StandardCharsets;
+import java.security.Key;
+import static org.apache.commons.codec.binary.Hex.decodeHex;
+import static org.apache.commons.codec.binary.Hex.encodeHex;
+import static org.apache.commons.io.FileUtils.readFileToByteArray;
+import static org.apache.commons.io.FileUtils.writeStringToFile;
+
+public class DataEncryption {
+ private Cipher cipher;
+ private SecretKey key;
+
+ private void generateKey(){
+ try{
+ File f = new File("msp/key");
+ if(f.exists() && !f.isDirectory()) {
+ readKey(f);
+ } else {
+ KeyGenerator keyGen = KeyGenerator.getInstance("AES");
+ keyGen.init(256);
+ key = keyGen.generateKey();
+ writeKey(key);
+ }
+ }catch (Exception e){
+ e.printStackTrace();
+ }
+ }
+
+ private void readKey(File file){
+ try {
+ String d = new String(readFileToByteArray(file));
+ char[] hex = d.toCharArray();
+ byte[] encoded = decodeHex(hex);
+ key = new SecretKeySpec(encoded,"AES");
+ }catch (Exception e){
+ e.printStackTrace();
+ }
+ }
+
+ private void writeKey(Key key){
+ try {
+ File f = new File("msp/key");
+ byte[] encoded = key.getEncoded();
+ char[] hex = encodeHex(encoded);
+ String d = String.valueOf(hex);
+ writeStringToFile(f,d,"UTF-8");
+ }catch (Exception e){
+ e.printStackTrace();
+ }
+ }
+
+ public String encryptData(String data){
+ try{
+ cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+ generateKey();
+ cipher.init(Cipher.ENCRYPT_MODE,key,new IvParameterSpec(new byte[16]));
+ byte[] utf8 = data.getBytes(StandardCharsets.UTF_8);
+ byte[] enc = cipher.doFinal(utf8);
+ enc = BASE64EncoderStream.encode(enc);
+ return new String(enc);
+ }catch (Exception e){
+ e.printStackTrace();
+ return null;
+ }
+ }
+
+ public String decryptData(String data){
+ try{
+ cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+ generateKey();
+ cipher.init(Cipher.DECRYPT_MODE,key,new IvParameterSpec(new byte[16]));
+ byte[] dec = BASE64DecoderStream.decode(data.getBytes());
+ byte[] utf8 = cipher.doFinal(dec);
+ return new String(utf8, StandardCharsets.UTF_8);
+ }catch (Exception e){
+ e.printStackTrace();
+ return null;
+ }
+ }
+}
diff --git a/src/main/java/restImplementation/UserImplementation.java b/src/main/java/restImplementation/UserImplementation.java
index 7abf1f6..2dacad5 100644
--- a/src/main/java/restImplementation/UserImplementation.java
+++ b/src/main/java/restImplementation/UserImplementation.java
@@ -3,34 +3,37 @@ package restImplementation;
import blockchain.query.TransactionWrapper;
import database.user.User;
import database.user.UserDao;
+import encryption.DataEncryption;
import org.springframework.security.crypto.bcrypt.BCrypt;
import java.time.Instant;
import java.util.HashMap;
import java.util.Map;
public class UserImplementation {
+ private DataEncryption dataEncryption = new DataEncryption();
public Map registerUser(User user) throws Exception {
+
TransactionWrapper transactionWrapper = new TransactionWrapper();
UserDao userDao = new UserDao();
//CREATE USER HASH. TEMPORARY USER HASH IS : name+email+firstname+association
user.setUser_hash(hashPassword(user.getName()+user.getEmail()+user.getFirstname()+user.getAssociation()));
- System.out.println("user hash: "+user.getUser_hash());
//REGISTER IN BLOCKCHAIN
if(user.getPhone()==null){
user.setPhone("0000000000");
}
- String[] userInfos = new String[]{user.getUser_hash(),user.getName(),user.getFirstname(),""+user.getPhone(),user.getAssociation()};
+ String[] userInfos = new String[]{user.getUser_hash(),dataEncryption.encryptData(user.getName()),dataEncryption.encryptData(user.getFirstname()),dataEncryption.encryptData(""+user.getPhone()),user.getAssociation()};
transactionWrapper.sendTransaction("registerUser",userInfos);
//REGISTER IN REPLICA DB FOR BI
Map response = new HashMap<>();
- User dbUser = userDao.getUserWithEmail(user.getEmail()); // check if user exist
+ User dbUser = userDao.getUserWithEmail(dataEncryption.encryptData(user.getEmail())); // check if user exist
if(dbUser != null){
+ System.out.println("dbUser exist: "+dbUser.getUser_hash());
response.put("response","false");
return response;
}else {
@@ -41,6 +44,19 @@ public class UserImplementation {
user.setVerified(true);
user.setApproved(false);
+ String userName = user.getName();
+ user.setName(dataEncryption.encryptData(userName));
+
+ String userFirstName = user.getFirstname();
+ user.setFirstname(dataEncryption.encryptData(userFirstName));
+
+ String userPhone = user.getPhone();
+ user.setPhone(dataEncryption.encryptData(userPhone));
+
+ String userEmail = user.getEmail();
+ user.setEmail(dataEncryption.encryptData(userEmail));
+
+ System.out.println("addUser: "+user.getUser_hash());
userDao.addUser(user);
response.put("user_hash",user.getUser_hash());
response.put("response","true");
@@ -52,12 +68,12 @@ public class UserImplementation {
TransactionWrapper transactionWrapper = new TransactionWrapper();
UserDao userDao = new UserDao();
transactionWrapper.sendTransaction("setUserPermission",new String[]{user.getUser_hash()});
- userDao.approveUser(user.getEmail());
+ userDao.approveUser(dataEncryption.encryptData(user.getEmail()));
}
public Boolean getUserApproval(String user_email) throws Exception {
UserDao userDao = new UserDao();
- User u = userDao.getUserWithEmail(user_email);
+ User u = userDao.getUserWithEmail(dataEncryption.encryptData(user_email));
return u.isApproved();
}
@@ -65,38 +81,39 @@ public class UserImplementation {
TransactionWrapper transactionWrapper = new TransactionWrapper();
transactionWrapper.sendTransaction("deleteUser",new String[]{user.getUser_hash()});
UserDao userDao = new UserDao();
- userDao.deleteUser(user.getEmail());
+ userDao.deleteUser(dataEncryption.encryptData(user.getEmail()));
}
public Boolean getUser(String email) throws Exception{
UserDao userDao = new UserDao();
- return userDao.verifyUserExist(email);
+ return userDao.verifyUserExist(dataEncryption.encryptData(email));
}
public User getUserWithEmail(String email) throws Exception{
UserDao userDao = new UserDao();
- return userDao.getUserWithEmail(email);
+ return userDao.getUserWithEmail(dataEncryption.encryptData(email));
}
+
public User getUserWithPhone(String phone) throws Exception{
UserDao userDao = new UserDao();
- return userDao.getUserWithPhone(phone);
+ return userDao.getUserWithPhone(dataEncryption.encryptData(phone));
}
public User getUserWithMailAndPhone(String email, String phone) throws Exception{
UserDao userDao = new UserDao();
- return userDao.getUserWithMailAndPhone(email,phone);
+ return userDao.getUserWithMailAndPhone(dataEncryption.encryptData(email),dataEncryption.encryptData(phone));
}
public int getUserId(String user_hash, String user_email) throws Exception{
UserDao userDao = new UserDao();
- return userDao.getUserIdWithHashAndEmail(user_hash,user_email);
+ return userDao.getUserIdWithHashAndEmail(user_hash,dataEncryption.encryptData(user_email));
}
public Map userLogger(User user) throws Exception {
UserDao userDao = new UserDao();
Map response = new HashMap<>();
- User userResponse = userDao.getUserWithEmail(user.getEmail());
+ User userResponse = userDao.getUserWithEmail(dataEncryption.encryptData(user.getEmail()));
if(userResponse != null){
String hash = userResponse.getPassword();
@@ -116,4 +133,6 @@ public class UserImplementation {
private String hashPassword(String plainTextPassword){
return BCrypt.hashpw(plainTextPassword,BCrypt.gensalt());
}
+
+
}
diff --git a/src/test/java/blockchain/query/User/ReadUserTest.java b/src/test/java/blockchain/query/User/ReadUserTest.java
index f12c49c..9afa9a3 100644
--- a/src/test/java/blockchain/query/User/ReadUserTest.java
+++ b/src/test/java/blockchain/query/User/ReadUserTest.java
@@ -22,7 +22,7 @@ public class ReadUserTest {
try{
QueryWrapper queryWrapper = new QueryWrapper();
String functionName = "readUser";
- String[] args = new String[]{"$2a$10$r7jlPdeESPFd1dKjvrEmB.SoxOXh3jHtWiPTAFKB3lGSgvda.zMyC"};
+ String[] args = new String[]{"$2a$10$TIKsB3t5BoA6dOLptaYJYusQSvjMag8ODepI9lZsMlNNVBB0VCTEi"};
String response = queryWrapper.sendQuery(functionName,args);
if(response != null){
JsonReader reader = Json.createReader(new StringReader(response));
diff --git a/src/test/java/blockchain/query/Wallet/QueryWalletHistory.java b/src/test/java/blockchain/query/Wallet/QueryWalletHistory.java
index 5d1dabe..ba50baa 100644
--- a/src/test/java/blockchain/query/Wallet/QueryWalletHistory.java
+++ b/src/test/java/blockchain/query/Wallet/QueryWalletHistory.java
@@ -18,7 +18,7 @@ public class QueryWalletHistory {
try{
QueryWrapper queryWrapper = new QueryWrapper();
String functionName = "getHistoryForWallet";
- String[] args = new String[]{"$2a$10$X2xW3CH/q7nij8yJpQTao.vEnuV31lNSMPhTCjGNl4oFp6MXW/6w6"};
+ String[] args = new String[]{"$2a$10$vnXkX4CNsRqoJyaeMLyyB.mPdqFX20pc3Ky.rfUgQeLd4GSF3xWei"};
String response = queryWrapper.sendQuery(functionName,args);
logger.info("response : "+response);
}catch (Exception e){
diff --git a/src/test/java/blockchain/query/Wallet/ReadWalletTest.java b/src/test/java/blockchain/query/Wallet/ReadWalletTest.java
index 797d8d1..c2fd16f 100644
--- a/src/test/java/blockchain/query/Wallet/ReadWalletTest.java
+++ b/src/test/java/blockchain/query/Wallet/ReadWalletTest.java
@@ -24,7 +24,8 @@ public class ReadWalletTest {
try{
QueryWrapper queryWrapper = new QueryWrapper();
String functionName = "readWallet";
- String[] args = new String[]{"$2a$10$FxslW1US5ml6ALvvUIqeF.kGgZIMs/COuh7xz9vJTVPtXKM0ftxoq"};
+ //String[] args = new String[]{"$2a$10$vnXkX4CNsRqoJyaeMLyyB.mPdqFX20pc3Ky.rfUgQeLd4GSF3xWei"};
+ String[] args = new String[]{"$2a$10$tvvC9TWCVOnkpp5CyuJyoeQnJ9UQIX9kTsRPWOFSTvmn7QPU9jcJ2"};
String response = queryWrapper.sendQuery(functionName,args);
if(response!=null){
diff --git a/src/test/java/encryption/DataEncryptionTest.java b/src/test/java/encryption/DataEncryptionTest.java
new file mode 100644
index 0000000..0c5bad3
--- /dev/null
+++ b/src/test/java/encryption/DataEncryptionTest.java
@@ -0,0 +1,38 @@
+package encryption;
+
+import org.junit.Ignore;
+
+import org.apache.log4j.BasicConfigurator;
+import org.apache.log4j.Logger;
+import org.junit.Test;
+@Ignore
+public class DataEncryptionTest {
+ private static Logger logger = Logger.getLogger(DataEncryptionTest.class);
+
+ @Test
+ public void initEncryptionTest() {
+ BasicConfigurator.configure();
+
+ DataEncryption dataEncryption = new DataEncryption();
+
+
+ String uEmail = "toto@mail.com";
+ logger.info("test: "+uEmail);
+ try{
+ String encrypted = dataEncryption.encryptData(uEmail);
+ logger.info("encrypted: "+encrypted);
+
+ //String decrypted = dataEncryption.decryptData(encrypted);
+ //logger.info("decrypted: "+decrypted);
+
+ String encrypted1 = dataEncryption.encryptData(uEmail);
+ logger.info("encrypted: "+encrypted1);
+
+
+
+ } catch (Exception e){
+ logger.error(e);
+ }
+ }
+
+}