API tools faq
paste
Guest User

Untitled

a guest
Dec 11th, 2016
94
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 9.66 KB | None | 0 0
raw download clone embed print report
  1. import java.io.IOException;
  2. import java.io.UnsupportedEncodingException;
  3. import java.security.Key;
  4. import java.security.NoSuchAlgorithmException;
  5. import java.security.NoSuchProviderException;
  6. import java.security.SecureRandom;
  7. import java.security.Security;
  8. import java.util.ArrayList;
  9. import java.util.Base64;
  10. import java.util.List;
  11. import java.util.Scanner;
  12.  
  13. import javax.crypto.KeyGenerator;
  14.  
  15. import org.apache.http.HttpEntity;
  16. import org.apache.http.NameValuePair;
  17. import org.apache.http.client.ClientProtocolException;
  18. import org.apache.http.client.entity.UrlEncodedFormEntity;
  19. import org.apache.http.client.methods.CloseableHttpResponse;
  20. import org.apache.http.client.methods.HttpGet;
  21. import org.apache.http.client.methods.HttpPost;
  22. import org.apache.http.impl.client.CloseableHttpClient;
  23. import org.apache.http.impl.client.HttpClients;
  24. import org.apache.http.message.BasicNameValuePair;
  25. import org.apache.http.util.EntityUtils;
  26. import org.bouncycastle.jce.provider.BouncyCastleProvider;
  27. import org.json.JSONObject;
  28.  
  29. public class Main {
  30.  
  31. public static void main(String[] args) throws Exception {
  32. int option = 0;
  33. String token;
  34. final int jwtStart = 8;
  35.  
  36. //This just initializes a lot of the security stuff we will need to get the key4
  37. //right away we call generatAESKey to get a key
  38. Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
  39. SecureRandom random = new SecureRandom();
  40. Key AESKey = GenerateAESKey(random);
  41.  
  42.  
  43. while(option != 5) {
  44. System.out.println("Options");
  45. System.out.println("1. Login");
  46. System.out.println("2. Register");
  47. System.out.println("5. close");
  48. Scanner in = new Scanner(System.in);
  49. option = in.nextInt();
  50. in.nextLine();
  51. switch(option) {
  52. //LOGIN THEN SEND/GET/CLOSE
  53. case 1:
  54. System.out.println("Login: Input username");
  55. String username = in.nextLine();
  56.  
  57. System.out.println("Login: Enter password");
  58. String password = in.nextLine();
  59. Login log = new Login(username, password);
  60.  
  61. token = log.Execute();
  62. System.out.println(token);
  63. if(token.startsWith("{'status' : 'error'")) {
  64. break;
  65. }
  66. String modifiedToken = token.substring(jwtStart, token.length()-2);
  67.  
  68. while(option != 5) {
  69. System.out.println("Options");
  70. System.out.println("3. Send message");
  71. System.out.println("4. Get Message");
  72. System.out.println("5. close");
  73. option = in.nextInt();
  74. in.nextLine();
  75. if(option == 3) {
  76. System.out.println("SendMessage: Input message receiver.");
  77. String toPerson = in.nextLine();
  78.  
  79. System.out.println("SendMessage: Input message.");
  80. String message = in.nextLine();
  81.  
  82. System.out.println("KEY: " + Base64.getEncoder().encodeToString(AESKey.getEncoded()));
  83. SendMessage sm = new SendMessage(toPerson, message, modifiedToken, AESKey);
  84. //sm.Execute();
  85. }
  86.  
  87. else if(option == 4) {
  88.  
  89. GetMessage gm = new GetMessage(modifiedToken);
  90. gm.Execute();
  91.  
  92. }
  93.  
  94. else if (option == 5) {
  95. System.out.println("Terminating client");
  96. System.exit(0);
  97. }
  98.  
  99. }
  100.  
  101. case 2: System.out.println("Register: Input username.");
  102. String registerUsername = in.nextLine();
  103.  
  104. System.out.println("Register: Input email.");
  105. String registerEmail = in.nextLine();
  106.  
  107. System.out.println("Register: Input password.");
  108. String registerPass = in.nextLine();
  109.  
  110.  
  111. Register reg = new Register(registerUsername, registerEmail, registerPass);
  112. reg.Execute();
  113.  
  114. break;
  115. case 5:
  116. System.out.println("Terminating client");
  117. System.exit(0);
  118. break;
  119.  
  120. default: System.out.println("Invalid Option, reinput choice");
  121. break;
  122. }
  123. }
  124. }
  125.  
  126. //Generator makes the key, at this point I only use 128 cuz 256 crashes my code
  127. private static Key GenerateAESKey(SecureRandom random) throws Exception {
  128. KeyGenerator generator;
  129. generator = KeyGenerator.getInstance("AES", "BC");
  130. //idk why random, might work with just 128
  131. generator.init(128, random);
  132. Key AESKey = generator.generateKey();
  133. try {
  134. System.out.println("KEY: " + new String(AESKey.getEncoded(), "UTF-8"));
  135. } catch (UnsupportedEncodingException e) {
  136. System.out.println("Key Broke in generator");
  137. }
  138.  
  139. return AESKey;
  140. }
  141.  
  142. }
  143. =========================================================================================================================
  144. import java.io.IOException;
  145. import java.io.UnsupportedEncodingException;
  146. import java.security.InvalidAlgorithmParameterException;
  147. import java.security.InvalidKeyException;
  148. import java.security.Key;
  149. import java.security.NoSuchAlgorithmException;
  150. import java.security.NoSuchProviderException;
  151. import java.security.SecureRandom;
  152. import java.util.ArrayList;
  153. import java.util.Base64;
  154. import java.util.List;
  155.  
  156.  
  157.  
  158.  
  159.  
  160.  
  161.  
  162.  
  163.  
  164.  
  165. import javax.crypto.Cipher;
  166. import javax.crypto.NoSuchPaddingException;
  167. import javax.crypto.spec.IvParameterSpec;
  168.  
  169. import org.apache.http.HttpEntity;
  170. import org.apache.http.NameValuePair;
  171. import org.apache.http.client.ClientProtocolException;
  172. import org.apache.http.client.entity.UrlEncodedFormEntity;
  173. import org.apache.http.client.methods.CloseableHttpResponse;
  174. import org.apache.http.client.methods.HttpGet;
  175. import org.apache.http.client.methods.HttpPost;
  176. import org.apache.http.impl.client.CloseableHttpClient;
  177. import org.apache.http.impl.client.HttpClients;
  178. import org.apache.http.message.BasicNameValuePair;
  179. import org.apache.http.util.EntityUtils;
  180.  
  181. public class SendMessage {
  182. //Added a possible key and ciphertext value for encryption
  183. private CloseableHttpClient httpclient;
  184. private String receiver;
  185. private String message;
  186. private String token;
  187. private Key EncKey = null;
  188. private byte[] ciphertext = null;
  189.  
  190. public SendMessage() {
  191. httpclient = HttpClients.createDefault();
  192. }
  193.  
  194. //if a key is not passed (which it always will be now)
  195. //we do plaintext send + execute
  196. public SendMessage(String rec, String mes, String tok) {
  197. httpclient = HttpClients.createDefault();
  198. receiver = rec;
  199. message = mes;
  200. token = tok;
  201.  
  202. Execute();
  203. }
  204.  
  205. //If a key IS passed, we encrypt the message
  206. //and then send THAT
  207. public SendMessage(String rec, String mes, String tok, Key AESKey) {
  208. httpclient = HttpClients.createDefault();
  209. receiver = rec;
  210. message = mes;
  211. token = tok;
  212. EncKey = AESKey;
  213.  
  214. if(EncKey != null) {
  215. try {
  216. EncryptMessage();
  217. } catch (Exception e) {
  218. // TODO Auto-generated catch block
  219. System.out.println("Encryption Broke");
  220. e.printStackTrace();
  221. }
  222. }
  223. }
  224.  
  225. //plaintext
  226. public void Execute() {
  227. try {
  228. System.out.println("POST ---");
  229. HttpPost httpPost = new HttpPost("https://sstssecurity.com/SendMessage.php");
  230. List <NameValuePair> nvps = new ArrayList <NameValuePair>();
  231. nvps.add(new BasicNameValuePair("receiver", receiver));
  232. nvps.add(new BasicNameValuePair("message", message));
  233.  
  234. httpPost.addHeader("token", token);
  235. httpPost.setEntity(new UrlEncodedFormEntity(nvps));
  236. CloseableHttpResponse response2 = httpclient.execute(httpPost);
  237.  
  238. System.out.println(response2.getStatusLine());
  239. HttpEntity entity2 = response2.getEntity();
  240. // do something useful with the response body
  241. // and ensure it is fully consumed
  242. //EntityUtils.consume(entity2);
  243. System.out.println(EntityUtils.toString(entity2));
  244. response2.close();
  245. } catch(IOException e) {
  246. System.out.println("IOException");
  247. e.printStackTrace();
  248. }
  249. }
  250.  
  251. //encrypts the message
  252. private void EncryptMessage() throws Exception {
  253. System.out.println("UNENCRYPTED : " + message);
  254. //iv is 16 bytes, cuz 128-bit AES key
  255. byte[] iv = new byte[16];
  256. SecureRandom random = new SecureRandom();
  257. //random iv even though it should be a counter
  258. //CBC was too hard, so I went with no padding instead
  259. random.nextBytes(iv);
  260. IvParameterSpec ivParamSpec = new IvParameterSpec(iv);
  261. System.out.println("iv[] : " + new String(iv, "UTF-8"));
  262. //AES encryption, Counter mode, no padding
  263. Cipher cipher = Cipher.getInstance("AES/CTR/NoPadding", "BC");
  264.  
  265. //encrypts, then stores as byte[]
  266. cipher.init(Cipher.ENCRYPT_MODE, EncKey, ivParamSpec);
  267. byte[] cipherText = cipher.doFinal(message.getBytes());
  268. System.out.println("encrypted : " + new String(cipherText, "UTF-8"));
  269.  
  270. //calls method to send encrypted byte[]
  271. SendEncryption(cipherText);
  272.  
  273. //ONLY TEST DECRYPTION AFTERWARDS
  274. // cipher.init(Cipher.DECRYPT_MODE, EncKey, ivParamSpec);
  275. // byte[] plainText = cipher.doFinal(cipherText);
  276. // System.out.println("plain : " + new String(plainText, "UTF-8"));
  277. }
  278.  
  279. //similar to regular post, but change byte[] into string
  280. public void SendEncryption(byte[] cipherText) {
  281. try {
  282. //convert here
  283. String encryptedMessage = new String(cipherText, "UTF-8");
  284. System.out.println("POST ---");
  285. HttpPost httpPost = new HttpPost("https://sstssecurity.com/SendMessage.php");
  286. List <NameValuePair> nvps = new ArrayList <NameValuePair>();
  287. nvps.add(new BasicNameValuePair("receiver", receiver));
  288. //send here
  289. nvps.add(new BasicNameValuePair("message", encryptedMessage));
  290.  
  291. httpPost.addHeader("token", token);
  292. httpPost.setEntity(new UrlEncodedFormEntity(nvps));
  293. CloseableHttpResponse response2 = httpclient.execute(httpPost);
  294.  
  295. System.out.println(response2.getStatusLine());
  296. HttpEntity entity2 = response2.getEntity();
  297. // do something useful with the response body
  298. // and ensure it is fully consumed
  299. //EntityUtils.consume(entity2);
  300. System.out.println(EntityUtils.toString(entity2));
  301. response2.close();
  302. } catch(IOException e) {
  303. System.out.println("IOException");
  304. e.printStackTrace();
  305. }
  306. }
  307. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!