CryptoLib.java

// CryptoLib.java
// (C) 2009 by Florian Richter; f1ori@users.berlios.de
// first published 2.3.2009 on http://yacy.net
//
// This is a part of YaCy, a peer-to-peer based web search engine
//
// $LastChangedDate$
// $LastChangedRevision$
// $LastChangedBy$
//
// LICENSE
//
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
//
package net.yacy.utils;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileWriter;
import java.io.IOException;
import java.io.InputStream;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.EncodedKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;

import net.yacy.cora.order.Base64Order;
import net.yacy.kelondro.io.CharBuffer;


/**
 * Tool functions to sign and verify files and generate keys
 *
 * Start with "java -cp classes de.anomic.tools.CryptoLib --help"
 * from main folder
 *
 * @author flori
 *
 */
public class CryptoLib {

    private static final String HELP =
	"Tool to sign files and verify the signature.\n" +
	"Usage:\n" +
	" --help  Print this help\n" +
	" --sign privatekey file\n" +
	"         Sign file with key and save signature as file.sig\n" +
	" --verify publickey file file.sig\n" +
	"         Verify signatur\n" +
	" --gen-key privatekey publickey\n";

    public static final String algorithm = "DSA";
    public static final int bitkey       = 1024;
    public static final String signAlgorithm = "SHA1with"+algorithm;

    private final KeyFactory keyFact;
    private final Signature sign;

    public CryptoLib() throws NoSuchAlgorithmException {
	this.keyFact = KeyFactory.getInstance(algorithm);
	this.sign = Signature.getInstance(signAlgorithm);
    }

    public PrivateKey getPrivateKeyFromBytes(byte[] keyBuffer) throws InvalidKeySpecException {
	return this.keyFact.generatePrivate(new PKCS8EncodedKeySpec(keyBuffer));
    }

    public PublicKey getPublicKeyFromBytes(byte[] keyBuffer) throws InvalidKeySpecException {
	return this.keyFact.generatePublic(new X509EncodedKeySpec(keyBuffer));
    }

    public byte[] getBytesOfPrivateKey(PrivateKey privKey) throws InvalidKeySpecException {
	EncodedKeySpec keySpec =
	    this.keyFact.getKeySpec(privKey, PKCS8EncodedKeySpec.class);
	return keySpec.getEncoded();
    }

    public byte[] getBytesOfPublicKey(PublicKey pubKey) throws InvalidKeySpecException {
	EncodedKeySpec keySpec =
	    this.keyFact.getKeySpec(pubKey, X509EncodedKeySpec.class);
	return keySpec.getEncoded();
    }

    public byte[] getSignature(PrivateKey privKey, InputStream dataStream) throws InvalidKeyException, SignatureException, IOException {
	this.sign.initSign(privKey);
	byte[] buffer = new byte[1024];
	int count = 0;
	while((count = dataStream.read(buffer)) != -1) {
	    this.sign.update(buffer, 0, count);
	}
	dataStream.close();
	return this.sign.sign();
    }

    public boolean verifySignature(PublicKey pubKey, InputStream dataStream, byte[] signBuffer) throws InvalidKeyException, SignatureException, IOException {
	this.sign.initVerify(pubKey);

	byte[] buffer = new byte[1024];
	int count = 0;
	while((count = dataStream.read(buffer)) != -1) {
	    this.sign.update(buffer, 0, count);
	}
	dataStream.close();

	return this.sign.verify(signBuffer);
    }

    public KeyPair genKeyPair() throws NoSuchAlgorithmException {
	KeyPairGenerator kpg = KeyPairGenerator.getInstance(algorithm);
	kpg.initialize(bitkey);
	return kpg.generateKeyPair();
    }


    public static void main(String[] args) {
	try {
	    if(args.length < 1 || args[0].contains("help")) {
		System.out.println(HELP);

	    } else if(args[0].equals("--sign") && args.length==3) {
		CryptoLib cl = new CryptoLib();
		CharBuffer privKeyBuffer = new CharBuffer(new File(args[1]));
		byte[] privKeyByteBuffer = Base64Order.standardCoder.decode(privKeyBuffer.toString());
        privKeyBuffer.close();
		PrivateKey privKey = cl.getPrivateKeyFromBytes(privKeyByteBuffer);

		FileInputStream dataStream = new FileInputStream(args[2]);

		byte[] signBuffer = cl.getSignature(privKey, dataStream);
		FileWriter signFile = new FileWriter(args[2] + ".sig");
		signFile.write(Base64Order.standardCoder.encode(signBuffer));
		signFile.close();
	    } else if(args[0].equals("--verify") && args.length==3) {
		CryptoLib cl = new CryptoLib();
		CharBuffer pubKeyBuffer = new CharBuffer(new File(args[1]));
		byte[] pubKeyByteBuffer = Base64Order.standardCoder.decode(pubKeyBuffer.toString().trim());
		pubKeyBuffer.close();
		PublicKey pubKey = cl.getPublicKeyFromBytes(pubKeyByteBuffer);

		FileInputStream dataStream = new FileInputStream(args[2]);

		CharBuffer signBuffer = new CharBuffer(new File(args[2] + ".sig"));
		byte[] signByteBuffer = Base64Order.standardCoder.decode(signBuffer.toString().trim());
		signBuffer.close();
		if(cl.verifySignature(pubKey, dataStream, signByteBuffer)) {
		    System.out.println("Signature OK!");
		} else {
		    System.out.println("Signature FALSE!!!!!!!!!!!");
		    System.exit(1);
		}

	    } else if(args[0].equals("--gen-key") && args.length==3) {
		CryptoLib cl = new CryptoLib();

		KeyPair kp = cl.genKeyPair();

		FileWriter privFile = new FileWriter(args[1]);
		privFile.write(Base64Order.standardCoder.encode(
			cl.getBytesOfPrivateKey(kp.getPrivate())));
		privFile.close();

		FileWriter pubFile = new FileWriter(args[2]);
		pubFile.write(Base64Order.standardCoder.encode(
			cl.getBytesOfPublicKey(kp.getPublic())));
		pubFile.close();
	    }

	} catch (final FileNotFoundException e) {
	    System.out.println("File not found: " + e.getMessage());
	} catch (final IOException e) {
	    System.out.println("IO-Error: " + e.getMessage());
	} catch (final NoSuchAlgorithmException e) {
	    System.out.println("No such Algorithm: " + e.getMessage());
	} catch (final InvalidKeySpecException e) {
	    System.out.println("Key has invalid format: " + e.getMessage());
	} catch (final InvalidKeyException e) {
	    System.out.println("Invalid Key: " + e.getMessage());
	} catch (final SignatureException e) {
	    System.out.println("Error while signing: " + e.getMessage());
	}
    }
}