|
|
|
@ -250,57 +250,65 @@ public class AgentUtilOperations {
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public static String prepareSecurePayLoad(String message) throws AgentCoreOperationException {
|
|
|
|
public static String prepareSecurePayLoad(String message) throws AgentCoreOperationException {
|
|
|
|
PrivateKey devicePrivateKey = EnrollmentManager.getInstance().getPrivateKey();
|
|
|
|
if (EnrollmentManager.getInstance().isEnrolled()) {
|
|
|
|
String encodedMessage = Base64.encodeBase64String(message.getBytes());
|
|
|
|
PrivateKey devicePrivateKey = EnrollmentManager.getInstance().getPrivateKey();
|
|
|
|
String signedPayload;
|
|
|
|
String encodedMessage = Base64.encodeBase64String(message.getBytes());
|
|
|
|
try {
|
|
|
|
String signedPayload;
|
|
|
|
signedPayload = CommunicationUtils.signMessage(encodedMessage, devicePrivateKey);
|
|
|
|
try {
|
|
|
|
} catch (TransportHandlerException e) {
|
|
|
|
signedPayload = CommunicationUtils.signMessage(encodedMessage, devicePrivateKey);
|
|
|
|
String errorMsg = "Error occurred whilst trying to sign encrypted message of: [" + message + "]";
|
|
|
|
} catch (TransportHandlerException e) {
|
|
|
|
log.error(errorMsg);
|
|
|
|
String errorMsg = "Error occurred whilst trying to sign encrypted message of: [" + message + "]";
|
|
|
|
throw new AgentCoreOperationException(errorMsg, e);
|
|
|
|
log.error(errorMsg);
|
|
|
|
}
|
|
|
|
throw new AgentCoreOperationException(errorMsg, e);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
JSONObject jsonPayload = new JSONObject();
|
|
|
|
JSONObject jsonPayload = new JSONObject();
|
|
|
|
jsonPayload.put(JSON_MESSAGE_KEY, encodedMessage);
|
|
|
|
jsonPayload.put(JSON_MESSAGE_KEY, encodedMessage);
|
|
|
|
jsonPayload.put(JSON_SIGNATURE_KEY, signedPayload);
|
|
|
|
jsonPayload.put(JSON_SIGNATURE_KEY, signedPayload);
|
|
|
|
//below statements are temporary fix.
|
|
|
|
//below statements are temporary fix.
|
|
|
|
jsonPayload.put(JSON_SERIAL_KEY, EnrollmentManager.getInstance().getSCEPCertificate().getSerialNumber());
|
|
|
|
jsonPayload.put(JSON_SERIAL_KEY, EnrollmentManager.getInstance().getSCEPCertificate().getSerialNumber());
|
|
|
|
return jsonPayload.toString();
|
|
|
|
return jsonPayload.toString();
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
|
|
|
return message;
|
|
|
|
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public static String extractMessageFromPayload(String message) throws AgentCoreOperationException {
|
|
|
|
public static String extractMessageFromPayload(String message) throws AgentCoreOperationException {
|
|
|
|
String actualMessage;
|
|
|
|
if (EnrollmentManager.getInstance().isEnrolled()) {
|
|
|
|
|
|
|
|
String actualMessage;
|
|
|
|
|
|
|
|
|
|
|
|
PublicKey serverPublicKey = EnrollmentManager.getInstance().getServerPublicKey();
|
|
|
|
PublicKey serverPublicKey = EnrollmentManager.getInstance().getServerPublicKey();
|
|
|
|
JSONObject jsonPayload = new JSONObject(message);
|
|
|
|
JSONObject jsonPayload = new JSONObject(message);
|
|
|
|
Object encodedMessage = jsonPayload.get(JSON_MESSAGE_KEY);
|
|
|
|
Object encodedMessage = jsonPayload.get(JSON_MESSAGE_KEY);
|
|
|
|
Object signedPayload = jsonPayload.get(JSON_SIGNATURE_KEY);
|
|
|
|
Object signedPayload = jsonPayload.get(JSON_SIGNATURE_KEY);
|
|
|
|
boolean verification;
|
|
|
|
boolean verification;
|
|
|
|
|
|
|
|
|
|
|
|
if (encodedMessage != null && signedPayload != null) {
|
|
|
|
if (encodedMessage != null && signedPayload != null) {
|
|
|
|
try {
|
|
|
|
try {
|
|
|
|
verification = CommunicationUtils.verifySignature(
|
|
|
|
verification = CommunicationUtils.verifySignature(
|
|
|
|
encodedMessage.toString(), signedPayload.toString(), serverPublicKey);
|
|
|
|
encodedMessage.toString(), signedPayload.toString(), serverPublicKey);
|
|
|
|
} catch (TransportHandlerException e) {
|
|
|
|
} catch (TransportHandlerException e) {
|
|
|
|
String errorMsg =
|
|
|
|
String errorMsg =
|
|
|
|
"Error occurred whilst trying to verify signature on received message: [" + message + "]";
|
|
|
|
"Error occurred whilst trying to verify signature on received message: [" + message + "]";
|
|
|
|
|
|
|
|
log.error(errorMsg);
|
|
|
|
|
|
|
|
throw new AgentCoreOperationException(errorMsg, e);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
|
|
|
String errorMsg = "The received message is in an INVALID format. " +
|
|
|
|
|
|
|
|
"Need to be JSON - {\"Msg\":\"<ENCRYPTED_MSG>\", \"Sig\":\"<SIGNED_MSG>\"}.";
|
|
|
|
|
|
|
|
throw new AgentCoreOperationException(errorMsg);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
if (verification) {
|
|
|
|
|
|
|
|
actualMessage = new String(Base64.decodeBase64(encodedMessage.toString()), StandardCharsets.UTF_8);
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
|
|
|
String errorMsg = "Could not verify payload signature. The message was not signed by a valid client";
|
|
|
|
log.error(errorMsg);
|
|
|
|
log.error(errorMsg);
|
|
|
|
throw new AgentCoreOperationException(errorMsg, e);
|
|
|
|
throw new AgentCoreOperationException(errorMsg);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return actualMessage;
|
|
|
|
} else {
|
|
|
|
} else {
|
|
|
|
String errorMsg = "The received message is in an INVALID format. " +
|
|
|
|
return message;
|
|
|
|
"Need to be JSON - {\"Msg\":\"<ENCRYPTED_MSG>\", \"Sig\":\"<SIGNED_MSG>\"}.";
|
|
|
|
|
|
|
|
throw new AgentCoreOperationException(errorMsg);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
if (verification) {
|
|
|
|
|
|
|
|
actualMessage = new String(Base64.decodeBase64(encodedMessage.toString()), StandardCharsets.UTF_8);
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
|
|
|
String errorMsg = "Could not verify payload signature. The message was not signed by a valid client";
|
|
|
|
|
|
|
|
log.error(errorMsg);
|
|
|
|
|
|
|
|
throw new AgentCoreOperationException(errorMsg);
|
|
|
|
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return actualMessage;
|
|
|
|
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public static String getAuthenticationMethod() {
|
|
|
|
public static String getAuthenticationMethod() {
|
|
|
|
|
ayyoob
8 years ago