Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import java.io.IOException;
- import java.io.UnsupportedEncodingException;
- import java.security.Key;
- import java.security.NoSuchAlgorithmException;
- import java.security.NoSuchProviderException;
- import java.security.SecureRandom;
- import java.security.Security;
- import java.util.ArrayList;
- import java.util.Base64;
- import java.util.List;
- import java.util.Scanner;
- import javax.crypto.KeyGenerator;
- import org.apache.http.HttpEntity;
- import org.apache.http.NameValuePair;
- import org.apache.http.client.ClientProtocolException;
- import org.apache.http.client.entity.UrlEncodedFormEntity;
- import org.apache.http.client.methods.CloseableHttpResponse;
- import org.apache.http.client.methods.HttpGet;
- import org.apache.http.client.methods.HttpPost;
- import org.apache.http.impl.client.CloseableHttpClient;
- import org.apache.http.impl.client.HttpClients;
- import org.apache.http.message.BasicNameValuePair;
- import org.apache.http.util.EntityUtils;
- import org.bouncycastle.jce.provider.BouncyCastleProvider;
- import org.json.JSONObject;
- public class Main {
- public static void main(String[] args) throws Exception {
- int option = 0;
- String token;
- final int jwtStart = 8;
- //This just initializes a lot of the security stuff we will need to get the key4
- //right away we call generatAESKey to get a key
- Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
- SecureRandom random = new SecureRandom();
- Key AESKey = GenerateAESKey(random);
- while(option != 5) {
- System.out.println("Options");
- System.out.println("1. Login");
- System.out.println("2. Register");
- System.out.println("5. close");
- Scanner in = new Scanner(System.in);
- option = in.nextInt();
- in.nextLine();
- switch(option) {
- //LOGIN THEN SEND/GET/CLOSE
- case 1:
- System.out.println("Login: Input username");
- String username = in.nextLine();
- System.out.println("Login: Enter password");
- String password = in.nextLine();
- Login log = new Login(username, password);
- token = log.Execute();
- System.out.println(token);
- if(token.startsWith("{'status' : 'error'")) {
- break;
- }
- String modifiedToken = token.substring(jwtStart, token.length()-2);
- while(option != 5) {
- System.out.println("Options");
- System.out.println("3. Send message");
- System.out.println("4. Get Message");
- System.out.println("5. close");
- option = in.nextInt();
- in.nextLine();
- if(option == 3) {
- System.out.println("SendMessage: Input message receiver.");
- String toPerson = in.nextLine();
- System.out.println("SendMessage: Input message.");
- String message = in.nextLine();
- System.out.println("KEY: " + Base64.getEncoder().encodeToString(AESKey.getEncoded()));
- SendMessage sm = new SendMessage(toPerson, message, modifiedToken, AESKey);
- //sm.Execute();
- }
- else if(option == 4) {
- GetMessage gm = new GetMessage(modifiedToken);
- gm.Execute();
- }
- else if (option == 5) {
- System.out.println("Terminating client");
- System.exit(0);
- }
- }
- case 2: System.out.println("Register: Input username.");
- String registerUsername = in.nextLine();
- System.out.println("Register: Input email.");
- String registerEmail = in.nextLine();
- System.out.println("Register: Input password.");
- String registerPass = in.nextLine();
- Register reg = new Register(registerUsername, registerEmail, registerPass);
- reg.Execute();
- break;
- case 5:
- System.out.println("Terminating client");
- System.exit(0);
- break;
- default: System.out.println("Invalid Option, reinput choice");
- break;
- }
- }
- }
- //Generator makes the key, at this point I only use 128 cuz 256 crashes my code
- private static Key GenerateAESKey(SecureRandom random) throws Exception {
- KeyGenerator generator;
- generator = KeyGenerator.getInstance("AES", "BC");
- //idk why random, might work with just 128
- generator.init(128, random);
- Key AESKey = generator.generateKey();
- try {
- System.out.println("KEY: " + new String(AESKey.getEncoded(), "UTF-8"));
- } catch (UnsupportedEncodingException e) {
- System.out.println("Key Broke in generator");
- }
- return AESKey;
- }
- }
- =========================================================================================================================
- import java.io.IOException;
- import java.io.UnsupportedEncodingException;
- import java.security.InvalidAlgorithmParameterException;
- import java.security.InvalidKeyException;
- import java.security.Key;
- import java.security.NoSuchAlgorithmException;
- import java.security.NoSuchProviderException;
- import java.security.SecureRandom;
- import java.util.ArrayList;
- import java.util.Base64;
- import java.util.List;
- import javax.crypto.Cipher;
- import javax.crypto.NoSuchPaddingException;
- import javax.crypto.spec.IvParameterSpec;
- import org.apache.http.HttpEntity;
- import org.apache.http.NameValuePair;
- import org.apache.http.client.ClientProtocolException;
- import org.apache.http.client.entity.UrlEncodedFormEntity;
- import org.apache.http.client.methods.CloseableHttpResponse;
- import org.apache.http.client.methods.HttpGet;
- import org.apache.http.client.methods.HttpPost;
- import org.apache.http.impl.client.CloseableHttpClient;
- import org.apache.http.impl.client.HttpClients;
- import org.apache.http.message.BasicNameValuePair;
- import org.apache.http.util.EntityUtils;
- public class SendMessage {
- //Added a possible key and ciphertext value for encryption
- private CloseableHttpClient httpclient;
- private String receiver;
- private String message;
- private String token;
- private Key EncKey = null;
- private byte[] ciphertext = null;
- public SendMessage() {
- httpclient = HttpClients.createDefault();
- }
- //if a key is not passed (which it always will be now)
- //we do plaintext send + execute
- public SendMessage(String rec, String mes, String tok) {
- httpclient = HttpClients.createDefault();
- receiver = rec;
- message = mes;
- token = tok;
- Execute();
- }
- //If a key IS passed, we encrypt the message
- //and then send THAT
- public SendMessage(String rec, String mes, String tok, Key AESKey) {
- httpclient = HttpClients.createDefault();
- receiver = rec;
- message = mes;
- token = tok;
- EncKey = AESKey;
- if(EncKey != null) {
- try {
- EncryptMessage();
- } catch (Exception e) {
- // TODO Auto-generated catch block
- System.out.println("Encryption Broke");
- e.printStackTrace();
- }
- }
- }
- //plaintext
- public void Execute() {
- try {
- System.out.println("POST ---");
- HttpPost httpPost = new HttpPost("https://sstssecurity.com/SendMessage.php");
- List <NameValuePair> nvps = new ArrayList <NameValuePair>();
- nvps.add(new BasicNameValuePair("receiver", receiver));
- nvps.add(new BasicNameValuePair("message", message));
- httpPost.addHeader("token", token);
- httpPost.setEntity(new UrlEncodedFormEntity(nvps));
- CloseableHttpResponse response2 = httpclient.execute(httpPost);
- System.out.println(response2.getStatusLine());
- HttpEntity entity2 = response2.getEntity();
- // do something useful with the response body
- // and ensure it is fully consumed
- //EntityUtils.consume(entity2);
- System.out.println(EntityUtils.toString(entity2));
- response2.close();
- } catch(IOException e) {
- System.out.println("IOException");
- e.printStackTrace();
- }
- }
- //encrypts the message
- private void EncryptMessage() throws Exception {
- System.out.println("UNENCRYPTED : " + message);
- //iv is 16 bytes, cuz 128-bit AES key
- byte[] iv = new byte[16];
- SecureRandom random = new SecureRandom();
- //random iv even though it should be a counter
- //CBC was too hard, so I went with no padding instead
- random.nextBytes(iv);
- IvParameterSpec ivParamSpec = new IvParameterSpec(iv);
- System.out.println("iv[] : " + new String(iv, "UTF-8"));
- //AES encryption, Counter mode, no padding
- Cipher cipher = Cipher.getInstance("AES/CTR/NoPadding", "BC");
- //encrypts, then stores as byte[]
- cipher.init(Cipher.ENCRYPT_MODE, EncKey, ivParamSpec);
- byte[] cipherText = cipher.doFinal(message.getBytes());
- System.out.println("encrypted : " + new String(cipherText, "UTF-8"));
- //calls method to send encrypted byte[]
- SendEncryption(cipherText);
- //ONLY TEST DECRYPTION AFTERWARDS
- // cipher.init(Cipher.DECRYPT_MODE, EncKey, ivParamSpec);
- // byte[] plainText = cipher.doFinal(cipherText);
- // System.out.println("plain : " + new String(plainText, "UTF-8"));
- }
- //similar to regular post, but change byte[] into string
- public void SendEncryption(byte[] cipherText) {
- try {
- //convert here
- String encryptedMessage = new String(cipherText, "UTF-8");
- System.out.println("POST ---");
- HttpPost httpPost = new HttpPost("https://sstssecurity.com/SendMessage.php");
- List <NameValuePair> nvps = new ArrayList <NameValuePair>();
- nvps.add(new BasicNameValuePair("receiver", receiver));
- //send here
- nvps.add(new BasicNameValuePair("message", encryptedMessage));
- httpPost.addHeader("token", token);
- httpPost.setEntity(new UrlEncodedFormEntity(nvps));
- CloseableHttpResponse response2 = httpclient.execute(httpPost);
- System.out.println(response2.getStatusLine());
- HttpEntity entity2 = response2.getEntity();
- // do something useful with the response body
- // and ensure it is fully consumed
- //EntityUtils.consume(entity2);
- System.out.println(EntityUtils.toString(entity2));
- response2.close();
- } catch(IOException e) {
- System.out.println("IOException");
- e.printStackTrace();
- }
- }
- }
Add Comment
Please, Sign In to add comment