Merge branch 'features1.4/chiff' into develop-1.4

This commit is contained in:
GME 2019-06-07 12:34:04 +02:00
commit e5284e0957
8 changed files with 169 additions and 16 deletions

View file

@ -92,6 +92,13 @@
</dependency>
<!-- ***** -->
<!-- https://mvnrepository.com/artifact/com.sun.mail/javax.mail -->
<dependency>
<groupId>com.sun.mail</groupId>
<artifactId>javax.mail</artifactId>
<version>1.6.1</version>
</dependency>
</dependencies>

View file

@ -5,7 +5,6 @@ import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.ApplicationContext;
import org.springframework.context.annotation.Bean;
import java.util.Arrays;
import java.util.Collections;

View file

@ -0,0 +1,89 @@
package encryption;
import com.sun.mail.util.BASE64DecoderStream;
import com.sun.mail.util.BASE64EncoderStream;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.io.File;
import java.nio.charset.StandardCharsets;
import java.security.Key;
import static org.apache.commons.codec.binary.Hex.decodeHex;
import static org.apache.commons.codec.binary.Hex.encodeHex;
import static org.apache.commons.io.FileUtils.readFileToByteArray;
import static org.apache.commons.io.FileUtils.writeStringToFile;
public class DataEncryption {
private Cipher cipher;
private SecretKey key;
private void generateKey(){
try{
File f = new File("msp/key");
if(f.exists() && !f.isDirectory()) {
readKey(f);
} else {
KeyGenerator keyGen = KeyGenerator.getInstance("AES");
keyGen.init(256);
key = keyGen.generateKey();
writeKey(key);
}
}catch (Exception e){
e.printStackTrace();
}
}
private void readKey(File file){
try {
String d = new String(readFileToByteArray(file));
char[] hex = d.toCharArray();
byte[] encoded = decodeHex(hex);
key = new SecretKeySpec(encoded,"AES");
}catch (Exception e){
e.printStackTrace();
}
}
private void writeKey(Key key){
try {
File f = new File("msp/key");
byte[] encoded = key.getEncoded();
char[] hex = encodeHex(encoded);
String d = String.valueOf(hex);
writeStringToFile(f,d,"UTF-8");
}catch (Exception e){
e.printStackTrace();
}
}
public String encryptData(String data){
try{
cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
generateKey();
cipher.init(Cipher.ENCRYPT_MODE,key,new IvParameterSpec(new byte[16]));
byte[] utf8 = data.getBytes(StandardCharsets.UTF_8);
byte[] enc = cipher.doFinal(utf8);
enc = BASE64EncoderStream.encode(enc);
return new String(enc);
}catch (Exception e){
e.printStackTrace();
return null;
}
}
public String decryptData(String data){
try{
cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
generateKey();
cipher.init(Cipher.DECRYPT_MODE,key,new IvParameterSpec(new byte[16]));
byte[] dec = BASE64DecoderStream.decode(data.getBytes());
byte[] utf8 = cipher.doFinal(dec);
return new String(utf8, StandardCharsets.UTF_8);
}catch (Exception e){
e.printStackTrace();
return null;
}
}
}

View file

@ -3,34 +3,37 @@ package restImplementation;
import blockchain.query.TransactionWrapper;
import database.user.User;
import database.user.UserDao;
import encryption.DataEncryption;
import org.springframework.security.crypto.bcrypt.BCrypt;
import java.time.Instant;
import java.util.HashMap;
import java.util.Map;
public class UserImplementation {
private DataEncryption dataEncryption = new DataEncryption();
public Map<String,String> registerUser(User user) throws Exception {
TransactionWrapper transactionWrapper = new TransactionWrapper();
UserDao userDao = new UserDao();
//CREATE USER HASH. TEMPORARY USER HASH IS : name+email+firstname+association
user.setUser_hash(hashPassword(user.getName()+user.getEmail()+user.getFirstname()+user.getAssociation()));
System.out.println("user hash: "+user.getUser_hash());
//REGISTER IN BLOCKCHAIN
if(user.getPhone()==null){
user.setPhone("0000000000");
}
String[] userInfos = new String[]{user.getUser_hash(),user.getName(),user.getFirstname(),""+user.getPhone(),user.getAssociation()};
String[] userInfos = new String[]{user.getUser_hash(),dataEncryption.encryptData(user.getName()),dataEncryption.encryptData(user.getFirstname()),dataEncryption.encryptData(""+user.getPhone()),user.getAssociation()};
transactionWrapper.sendTransaction("registerUser",userInfos);
//REGISTER IN REPLICA DB FOR BI
Map<String,String> response = new HashMap<>();
User dbUser = userDao.getUserWithEmail(user.getEmail()); // check if user exist
User dbUser = userDao.getUserWithEmail(dataEncryption.encryptData(user.getEmail())); // check if user exist
if(dbUser != null){
System.out.println("dbUser exist: "+dbUser.getUser_hash());
response.put("response","false");
return response;
}else {
@ -41,6 +44,19 @@ public class UserImplementation {
user.setVerified(true);
user.setApproved(false);
String userName = user.getName();
user.setName(dataEncryption.encryptData(userName));
String userFirstName = user.getFirstname();
user.setFirstname(dataEncryption.encryptData(userFirstName));
String userPhone = user.getPhone();
user.setPhone(dataEncryption.encryptData(userPhone));
String userEmail = user.getEmail();
user.setEmail(dataEncryption.encryptData(userEmail));
System.out.println("addUser: "+user.getUser_hash());
userDao.addUser(user);
response.put("user_hash",user.getUser_hash());
response.put("response","true");
@ -52,12 +68,12 @@ public class UserImplementation {
TransactionWrapper transactionWrapper = new TransactionWrapper();
UserDao userDao = new UserDao();
transactionWrapper.sendTransaction("setUserPermission",new String[]{user.getUser_hash()});
userDao.approveUser(user.getEmail());
userDao.approveUser(dataEncryption.encryptData(user.getEmail()));
}
public Boolean getUserApproval(String user_email) throws Exception {
UserDao userDao = new UserDao();
User u = userDao.getUserWithEmail(user_email);
User u = userDao.getUserWithEmail(dataEncryption.encryptData(user_email));
return u.isApproved();
}
@ -65,38 +81,39 @@ public class UserImplementation {
TransactionWrapper transactionWrapper = new TransactionWrapper();
transactionWrapper.sendTransaction("deleteUser",new String[]{user.getUser_hash()});
UserDao userDao = new UserDao();
userDao.deleteUser(user.getEmail());
userDao.deleteUser(dataEncryption.encryptData(user.getEmail()));
}
public Boolean getUser(String email) throws Exception{
UserDao userDao = new UserDao();
return userDao.verifyUserExist(email);
return userDao.verifyUserExist(dataEncryption.encryptData(email));
}
public User getUserWithEmail(String email) throws Exception{
UserDao userDao = new UserDao();
return userDao.getUserWithEmail(email);
return userDao.getUserWithEmail(dataEncryption.encryptData(email));
}
public User getUserWithPhone(String phone) throws Exception{
UserDao userDao = new UserDao();
return userDao.getUserWithPhone(phone);
return userDao.getUserWithPhone(dataEncryption.encryptData(phone));
}
public User getUserWithMailAndPhone(String email, String phone) throws Exception{
UserDao userDao = new UserDao();
return userDao.getUserWithMailAndPhone(email,phone);
return userDao.getUserWithMailAndPhone(dataEncryption.encryptData(email),dataEncryption.encryptData(phone));
}
public int getUserId(String user_hash, String user_email) throws Exception{
UserDao userDao = new UserDao();
return userDao.getUserIdWithHashAndEmail(user_hash,user_email);
return userDao.getUserIdWithHashAndEmail(user_hash,dataEncryption.encryptData(user_email));
}
public Map<String,String> userLogger(User user) throws Exception {
UserDao userDao = new UserDao();
Map<String,String> response = new HashMap<>();
User userResponse = userDao.getUserWithEmail(user.getEmail());
User userResponse = userDao.getUserWithEmail(dataEncryption.encryptData(user.getEmail()));
if(userResponse != null){
String hash = userResponse.getPassword();
@ -116,4 +133,6 @@ public class UserImplementation {
private String hashPassword(String plainTextPassword){
return BCrypt.hashpw(plainTextPassword,BCrypt.gensalt());
}
}

View file

@ -22,7 +22,7 @@ public class ReadUserTest {
try{
QueryWrapper queryWrapper = new QueryWrapper();
String functionName = "readUser";
String[] args = new String[]{"$2a$10$r7jlPdeESPFd1dKjvrEmB.SoxOXh3jHtWiPTAFKB3lGSgvda.zMyC"};
String[] args = new String[]{"$2a$10$TIKsB3t5BoA6dOLptaYJYusQSvjMag8ODepI9lZsMlNNVBB0VCTEi"};
String response = queryWrapper.sendQuery(functionName,args);
if(response != null){
JsonReader reader = Json.createReader(new StringReader(response));

View file

@ -18,7 +18,7 @@ public class QueryWalletHistory {
try{
QueryWrapper queryWrapper = new QueryWrapper();
String functionName = "getHistoryForWallet";
String[] args = new String[]{"$2a$10$X2xW3CH/q7nij8yJpQTao.vEnuV31lNSMPhTCjGNl4oFp6MXW/6w6"};
String[] args = new String[]{"$2a$10$vnXkX4CNsRqoJyaeMLyyB.mPdqFX20pc3Ky.rfUgQeLd4GSF3xWei"};
String response = queryWrapper.sendQuery(functionName,args);
logger.info("response : "+response);
}catch (Exception e){

View file

@ -24,7 +24,8 @@ public class ReadWalletTest {
try{
QueryWrapper queryWrapper = new QueryWrapper();
String functionName = "readWallet";
String[] args = new String[]{"$2a$10$FxslW1US5ml6ALvvUIqeF.kGgZIMs/COuh7xz9vJTVPtXKM0ftxoq"};
//String[] args = new String[]{"$2a$10$vnXkX4CNsRqoJyaeMLyyB.mPdqFX20pc3Ky.rfUgQeLd4GSF3xWei"};
String[] args = new String[]{"$2a$10$tvvC9TWCVOnkpp5CyuJyoeQnJ9UQIX9kTsRPWOFSTvmn7QPU9jcJ2"};
String response = queryWrapper.sendQuery(functionName,args);
if(response!=null){

View file

@ -0,0 +1,38 @@
package encryption;
import org.junit.Ignore;
import org.apache.log4j.BasicConfigurator;
import org.apache.log4j.Logger;
import org.junit.Test;
@Ignore
public class DataEncryptionTest {
private static Logger logger = Logger.getLogger(DataEncryptionTest.class);
@Test
public void initEncryptionTest() {
BasicConfigurator.configure();
DataEncryption dataEncryption = new DataEncryption();
String uEmail = "toto@mail.com";
logger.info("test: "+uEmail);
try{
String encrypted = dataEncryption.encryptData(uEmail);
logger.info("encrypted: "+encrypted);
//String decrypted = dataEncryption.decryptData(encrypted);
//logger.info("decrypted: "+decrypted);
String encrypted1 = dataEncryption.encryptData(uEmail);
logger.info("encrypted: "+encrypted1);
} catch (Exception e){
logger.error(e);
}
}
}