Merge branch 'features1.4/chiff' into develop-1.4

2019-06-07 12:34:04 +02:00 · 2019-06-07 12:34:04 +02:00 · e5284e0957
parent a8164c9c0c 998ac4526c
commit e5284e0957
8 changed files with 169 additions and 16 deletions
--- a/pom.xml
+++ b/pom.xml
@ -92,6 +92,13 @@
        </dependency>
        <!-- ***** -->

+        <!-- https://mvnrepository.com/artifact/com.sun.mail/javax.mail -->
+        <dependency>
+            <groupId>com.sun.mail</groupId>
+            <artifactId>javax.mail</artifactId>
+            <version>1.6.1</version>
+        </dependency>
+
    </dependencies>


--- a/src/main/java/application/App.java
+++ b/src/main/java/application/App.java
@ -5,7 +5,6 @@ import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.context.ApplicationContext;
 import org.springframework.context.annotation.Bean;
-
 import java.util.Arrays;
 import java.util.Collections;

--- a/src/main/java/encryption/DataEncryption.java
+++ b/src/main/java/encryption/DataEncryption.java
@ -0,0 +1,89 @@
+package encryption;
+
+import com.sun.mail.util.BASE64DecoderStream;
+import com.sun.mail.util.BASE64EncoderStream;
+import javax.crypto.Cipher;
+import javax.crypto.KeyGenerator;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import java.io.File;
+import java.nio.charset.StandardCharsets;
+import java.security.Key;
+import static org.apache.commons.codec.binary.Hex.decodeHex;
+import static org.apache.commons.codec.binary.Hex.encodeHex;
+import static org.apache.commons.io.FileUtils.readFileToByteArray;
+import static org.apache.commons.io.FileUtils.writeStringToFile;
+
+public class DataEncryption {
+    private Cipher cipher;
+    private SecretKey key;
+
+    private void generateKey(){
+        try{
+            File f = new File("msp/key");
+            if(f.exists() && !f.isDirectory()) {
+                readKey(f);
+            } else {
+                KeyGenerator keyGen = KeyGenerator.getInstance("AES");
+                keyGen.init(256);
+                key = keyGen.generateKey();
+                writeKey(key);
+            }
+        }catch (Exception e){
+            e.printStackTrace();
+        }
+    }
+
+    private void readKey(File file){
+      try {
+          String d = new String(readFileToByteArray(file));
+          char[] hex = d.toCharArray();
+          byte[] encoded = decodeHex(hex);
+          key = new SecretKeySpec(encoded,"AES");
+      }catch (Exception e){
+          e.printStackTrace();
+      }
+    }
+
+    private void writeKey(Key key){
+        try {
+            File f = new File("msp/key");
+            byte[] encoded = key.getEncoded();
+            char[] hex = encodeHex(encoded);
+            String d = String.valueOf(hex);
+            writeStringToFile(f,d,"UTF-8");
+        }catch (Exception e){
+            e.printStackTrace();
+        }
+    }
+
+    public String encryptData(String data){
+        try{
+            cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+            generateKey();
+            cipher.init(Cipher.ENCRYPT_MODE,key,new IvParameterSpec(new byte[16]));
+            byte[] utf8 = data.getBytes(StandardCharsets.UTF_8);
+            byte[] enc = cipher.doFinal(utf8);
+            enc = BASE64EncoderStream.encode(enc);
+            return new String(enc);
+        }catch (Exception e){
+            e.printStackTrace();
+            return null;
+        }
+    }
+
+    public String decryptData(String data){
+        try{
+            cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+            generateKey();
+            cipher.init(Cipher.DECRYPT_MODE,key,new IvParameterSpec(new byte[16]));
+            byte[] dec = BASE64DecoderStream.decode(data.getBytes());
+            byte[] utf8 = cipher.doFinal(dec);
+            return new String(utf8, StandardCharsets.UTF_8);
+        }catch (Exception e){
+            e.printStackTrace();
+            return null;
+        }
+    }
+}
--- a/src/main/java/restImplementation/UserImplementation.java
+++ b/src/main/java/restImplementation/UserImplementation.java
@ -3,34 +3,37 @@ package restImplementation;
 import blockchain.query.TransactionWrapper;
 import database.user.User;
 import database.user.UserDao;
+import encryption.DataEncryption;
 import org.springframework.security.crypto.bcrypt.BCrypt;
 import java.time.Instant;
 import java.util.HashMap;
 import java.util.Map;

 public class UserImplementation {
+    private DataEncryption dataEncryption = new DataEncryption();

    public Map<String,String> registerUser(User user) throws Exception {
+
        TransactionWrapper transactionWrapper = new TransactionWrapper();
        UserDao userDao = new UserDao();

        //CREATE USER HASH. TEMPORARY USER HASH IS : name+email+firstname+association
        user.setUser_hash(hashPassword(user.getName()+user.getEmail()+user.getFirstname()+user.getAssociation()));
-        System.out.println("user hash: "+user.getUser_hash());

        //REGISTER IN BLOCKCHAIN
        if(user.getPhone()==null){
            user.setPhone("0000000000");
        }

-        String[] userInfos = new String[]{user.getUser_hash(),user.getName(),user.getFirstname(),""+user.getPhone(),user.getAssociation()};
+        String[] userInfos = new String[]{user.getUser_hash(),dataEncryption.encryptData(user.getName()),dataEncryption.encryptData(user.getFirstname()),dataEncryption.encryptData(""+user.getPhone()),user.getAssociation()};
        transactionWrapper.sendTransaction("registerUser",userInfos);

        //REGISTER IN REPLICA DB FOR BI
        Map<String,String> response = new HashMap<>();
-        User dbUser = userDao.getUserWithEmail(user.getEmail()); // check if user exist
+        User dbUser = userDao.getUserWithEmail(dataEncryption.encryptData(user.getEmail())); // check if user exist

        if(dbUser != null){
+            System.out.println("dbUser exist: "+dbUser.getUser_hash());
            response.put("response","false");
            return response;
        }else {
@ -41,6 +44,19 @@ public class UserImplementation {
            user.setVerified(true);
            user.setApproved(false);

+            String userName = user.getName();
+            user.setName(dataEncryption.encryptData(userName));
+
+            String userFirstName = user.getFirstname();
+            user.setFirstname(dataEncryption.encryptData(userFirstName));
+
+            String userPhone = user.getPhone();
+            user.setPhone(dataEncryption.encryptData(userPhone));
+
+            String userEmail = user.getEmail();
+            user.setEmail(dataEncryption.encryptData(userEmail));
+
+            System.out.println("addUser: "+user.getUser_hash());
            userDao.addUser(user);
            response.put("user_hash",user.getUser_hash());
            response.put("response","true");
@ -52,12 +68,12 @@ public class UserImplementation {
        TransactionWrapper transactionWrapper = new TransactionWrapper();
        UserDao userDao = new UserDao();
        transactionWrapper.sendTransaction("setUserPermission",new String[]{user.getUser_hash()});
-        userDao.approveUser(user.getEmail());
+        userDao.approveUser(dataEncryption.encryptData(user.getEmail()));
    }

    public Boolean getUserApproval(String user_email) throws  Exception {
        UserDao userDao = new UserDao();
-        User u = userDao.getUserWithEmail(user_email);
+        User u = userDao.getUserWithEmail(dataEncryption.encryptData(user_email));
        return u.isApproved();
    }

@ -65,38 +81,39 @@ public class UserImplementation {
        TransactionWrapper transactionWrapper = new TransactionWrapper();
        transactionWrapper.sendTransaction("deleteUser",new String[]{user.getUser_hash()});
        UserDao userDao = new UserDao();
-        userDao.deleteUser(user.getEmail());
+        userDao.deleteUser(dataEncryption.encryptData(user.getEmail()));
    }

    public Boolean getUser(String email) throws Exception{
        UserDao userDao = new UserDao();
-        return userDao.verifyUserExist(email);
+        return userDao.verifyUserExist(dataEncryption.encryptData(email));
    }

    public User getUserWithEmail(String email) throws Exception{
        UserDao userDao = new UserDao();
-        return userDao.getUserWithEmail(email);
+        return userDao.getUserWithEmail(dataEncryption.encryptData(email));

    }
+
    public User getUserWithPhone(String phone) throws Exception{
        UserDao userDao = new UserDao();
-        return userDao.getUserWithPhone(phone);
+        return userDao.getUserWithPhone(dataEncryption.encryptData(phone));
    }
    public User getUserWithMailAndPhone(String email, String phone) throws Exception{
        UserDao userDao = new UserDao();
-        return userDao.getUserWithMailAndPhone(email,phone);
+        return userDao.getUserWithMailAndPhone(dataEncryption.encryptData(email),dataEncryption.encryptData(phone));
    }

    public int getUserId(String user_hash, String user_email) throws Exception{
        UserDao userDao = new UserDao();
-        return userDao.getUserIdWithHashAndEmail(user_hash,user_email);
+        return userDao.getUserIdWithHashAndEmail(user_hash,dataEncryption.encryptData(user_email));
    }

    public Map<String,String> userLogger(User user) throws Exception {
        UserDao userDao = new UserDao();
        Map<String,String> response = new HashMap<>();

-        User userResponse = userDao.getUserWithEmail(user.getEmail());
+        User userResponse = userDao.getUserWithEmail(dataEncryption.encryptData(user.getEmail()));

        if(userResponse != null){
            String hash = userResponse.getPassword();
@ -116,4 +133,6 @@ public class UserImplementation {
    private String hashPassword(String plainTextPassword){
        return BCrypt.hashpw(plainTextPassword,BCrypt.gensalt());
    }
+
+
 }
--- a/src/test/java/blockchain/query/User/ReadUserTest.java
+++ b/src/test/java/blockchain/query/User/ReadUserTest.java
@ -22,7 +22,7 @@ public class ReadUserTest {
        try{
            QueryWrapper queryWrapper = new QueryWrapper();
            String functionName = "readUser";
-            String[] args = new String[]{"$2a$10$r7jlPdeESPFd1dKjvrEmB.SoxOXh3jHtWiPTAFKB3lGSgvda.zMyC"};
+            String[] args = new String[]{"$2a$10$TIKsB3t5BoA6dOLptaYJYusQSvjMag8ODepI9lZsMlNNVBB0VCTEi"};
            String response = queryWrapper.sendQuery(functionName,args);
            if(response != null){
                JsonReader reader = Json.createReader(new StringReader(response));
--- a/src/test/java/blockchain/query/Wallet/QueryWalletHistory.java
+++ b/src/test/java/blockchain/query/Wallet/QueryWalletHistory.java
@ -18,7 +18,7 @@ public class QueryWalletHistory {
        try{
            QueryWrapper queryWrapper = new QueryWrapper();
            String functionName = "getHistoryForWallet";
-            String[] args = new String[]{"$2a$10$X2xW3CH/q7nij8yJpQTao.vEnuV31lNSMPhTCjGNl4oFp6MXW/6w6"};
+            String[] args = new String[]{"$2a$10$vnXkX4CNsRqoJyaeMLyyB.mPdqFX20pc3Ky.rfUgQeLd4GSF3xWei"};
            String response = queryWrapper.sendQuery(functionName,args);
            logger.info("response : "+response);
        }catch (Exception e){
--- a/src/test/java/blockchain/query/Wallet/ReadWalletTest.java
+++ b/src/test/java/blockchain/query/Wallet/ReadWalletTest.java
@ -24,7 +24,8 @@ public class ReadWalletTest {
        try{
            QueryWrapper queryWrapper = new QueryWrapper();
            String functionName = "readWallet";
-            String[] args = new String[]{"$2a$10$FxslW1US5ml6ALvvUIqeF.kGgZIMs/COuh7xz9vJTVPtXKM0ftxoq"};
+            //String[] args = new String[]{"$2a$10$vnXkX4CNsRqoJyaeMLyyB.mPdqFX20pc3Ky.rfUgQeLd4GSF3xWei"};
+            String[] args = new String[]{"$2a$10$tvvC9TWCVOnkpp5CyuJyoeQnJ9UQIX9kTsRPWOFSTvmn7QPU9jcJ2"};
            String response = queryWrapper.sendQuery(functionName,args);

            if(response!=null){
--- a/src/test/java/encryption/DataEncryptionTest.java
+++ b/src/test/java/encryption/DataEncryptionTest.java
@ -0,0 +1,38 @@
+package encryption;
+
+import org.junit.Ignore;
+
+import org.apache.log4j.BasicConfigurator;
+import org.apache.log4j.Logger;
+import org.junit.Test;
+@Ignore
+public class DataEncryptionTest {
+    private static Logger logger = Logger.getLogger(DataEncryptionTest.class);
+
+    @Test
+    public void initEncryptionTest() {
+        BasicConfigurator.configure();
+
+        DataEncryption dataEncryption = new DataEncryption();
+
+
+        String uEmail = "toto@mail.com";
+        logger.info("test: "+uEmail);
+        try{
+            String encrypted = dataEncryption.encryptData(uEmail);
+            logger.info("encrypted: "+encrypted);
+
+            //String decrypted = dataEncryption.decryptData(encrypted);
+            //logger.info("decrypted: "+decrypted);
+
+            String encrypted1 = dataEncryption.encryptData(uEmail);
+            logger.info("encrypted: "+encrypted1);
+
+
+
+        } catch (Exception e){
+            logger.error(e);
+        }
+    }
+
+}