Improved security on the attempt system

6d0a98a7 · Pedro Cavaleiro · 9756f012 · 6d0a98a7
Commit 6d0a98a7 authored Dec 05, 2017 by Pedro Cavaleiro
Hide whitespace changes
Inline Side-by-side

Showing with 24 additions and 24 deletions

Helpers.java FallIntoOblivion/src/fallintooblivion/Helpers.java +24 -24

No files found.
--- a/FallIntoOblivion/src/fallintooblivion/Helpers.java
+++ b/FallIntoOblivion/src/fallintooblivion/Helpers.java
@@ -5,6 +5,7 @@ import java.io.File;
 import java.io.FileInputStream;
 import java.io.FileOutputStream;
 import java.security.SecureRandom;
+import java.util.ArrayList;
 import java.util.Arrays;
@@ -218,31 +219,31 @@ public class Helpers {
            File sFile = new File(sigFile);
            File pkFile = new File(pubKeyFile);
-            if ((sFile.exists() || pkFile.exists()) && !fAttempts.exists()) {
+            if (!fAttempts.exists()) {
-                // the system has been tampered with...
+                // This file must exist always!
                return -1;
            } else {
-                try {
+                if (!sFile.exists() || !pkFile.exists()) {
-                    if (fAttempts.exists()) {
+                    // These files must exist always!
-                        if (signature.verificarAssinatura(lockFile, sigFile, pubKeyFile)) {
+                    return -1;
-                            byte[] hash_1 = SHA256.calculateStringMAC(String.valueOf(1) + _file).getBytes("UTF-8");
+                } else {
-                            byte[] hash_2 = SHA256.calculateStringMAC(String.valueOf(2) + _file).getBytes("UTF-8");
+                    try {
-                            byte[] storedHash = Helpers.FileHelpers.readFile(lockFile);
+                        // Only one of these hashes are valid
+                        byte[] hash_0 = SHA256.calculateStringMAC(String.valueOf(0) + _file).getBytes("UTF-8");
-                            if (Arrays.equals(hash_1, storedHash))
+                        byte[] hash_1 = SHA256.calculateStringMAC(String.valueOf(1) + _file).getBytes("UTF-8");
-                                return 1;
+                        byte[] hash_2 = SHA256.calculateStringMAC(String.valueOf(2) + _file).getBytes("UTF-8");
-                            if (Arrays.equals(hash_2, storedHash))
+                        byte[] storedHash = Helpers.FileHelpers.readFile(lockFile);
-                                return 2;
+                        if (Arrays.equals(hash_0, storedHash))
-                            return 3;
+                            return 0;
-                        } else {
+                        if (Arrays.equals(hash_1, storedHash))
-                            return -1;
+                            return 1;
-                        }
+                        if (Arrays.equals(hash_2, storedHash))
-                    } else {
+                            return 2;
-                        return 0;
+                        return 3;
+                    } catch (Exception ex) {
+                        ex.printStackTrace();
                    }
-                } catch (Exception ex) {
-                    ex.printStackTrace();
                }
            }
            return -1;
@@ -282,7 +283,6 @@ public class Helpers {
                String outFile = "Fall_Into_Oblivion/Trashed/" + fileName + "/" + fileName;
                // So far we were only able to use 16 Byte key
                // 24 Byte or 32 Byte will say Invalid Key Size, even though it's a valid key size
                RandomString pinGenerator = new RandomString(4, new SecureRandom(), RandomString.Symbols.digits);
@@ -318,7 +318,7 @@ public class Helpers {
                        Helpers.FileHelpers.writeFile(outFile, ".hash", SHA256.calculateMACBytes(outFile));
                        break;
                }
+                writeAttempt(fileName, 0);
            } catch (Exception ex) {
                System.out.println(ex.getMessage());
            }