connection.java

一个木马程序源码

  void newFolder(String newName) throws IOException
  {
   /**
    *  Indicates to the server that a new  folder with name
    *  newName should be created
    */ 
    encryptAndWrite("NEWFOLDER\n"+newName.trim()+"\n");
    readAndDecrypt();
    if (!in.readLine().equals("OK")) throw new IOException();
  } 

    
  void renameFolder(String passedFolderName, String newName) throws IOException
  {
   /**
    *  Indicates to the server that the folder indicated by
    *  passedFolderName should be renamed newName
    */
    encryptAndWrite("RENAMEFOLDER\n"+passedFolderName.trim()+"\n"+newName.trim()+"\n");
    readAndDecrypt();
    if (!in.readLine().equals("OK")) throw new IOException();
    if (folderName.equals(passedFolderName)) folderName = newName;
  }


  void openFolder(String passedFolderName) throws IOException
  {
   /**
    *   Retrieves information on the messages in a folder from the server
    *       folderName is set to passedFolderName.
    *        Currently open folder is folderName.
    *        numberOfMessages is set to the number of messages in  
    *          the currently open folder.
    *        numberOfUnreadMessages is set to the number of unread 
    *          messages in the currently open folder.
    *        messageIDArray, subjectArray, fromArray, readArray are  
    *          set for the messages in the currently open folder.
    */
    
    encryptAndWrite("LISTMESSAGES\n"+passedFolderName.trim()+"\n");
    readAndDecrypt();
    if (!in.readLine().equals("OK")) throw new IOException();
    folderName = passedFolderName.trim();
    numberOfMessages = Integer.parseInt(in.readLine());
    messageIDArray = new int[numberOfMessages];
    subjectArray = new String[numberOfMessages];
    fromArray = new String[numberOfMessages];
    toArray = new String[numberOfMessages];
    readArray = new boolean[numberOfMessages];
    dateArray = new String[numberOfMessages];
    messageSizeArray = new int[numberOfMessages];   

    for (int x=0;x<numberOfMessages;x++)
    { 
      messageIDArray[x] = Integer.parseInt(in.readLine());
      readArray[x] = (Integer.parseInt(in.readLine())==1);
      subjectArray[x] = in.readLine();
      fromArray[x] = in.readLine();
      toArray[x] = in.readLine()+"";
      dateArray[x] = in.readLine();
      messageSizeArray[x] = Integer.parseInt(in.readLine());
    }
  }


  void deleteMessage(int passedMessageID) throws IOException
  {
   /**
    *  Indicates to the server to remove a message from
    *  the currently open folder
    */
    encryptAndWrite("DELETEMESSAGE\n"+folderName+"\n"+String.valueOf(passedMessageID)+"\n");
    readAndDecrypt();
    if (!in.readLine().equals("OK")) throw new IOException();
   }


  void moveMessage(int messageID, String passedFolderName) throws IOException
  {
   /**
    *      Indicates to the server to move a message from the  
    *      currently open folder to the folder indicated by
    *      passedFolderName 
    */
   
      encryptAndWrite("MOVEMESSAGE\n"+folderName +"\n"+String.valueOf(messageID)+
        "\n"+passedFolderName.trim()+"\n"); 
      readAndDecrypt();
      if (!in.readLine().equals("OK")) throw new IOException();
  }
  

  /**
   * Retrieves message from the server:
   *    messageID is set to passedMessageID.
   *        date, subject, from, replyTo, to, cc, body are set to 
   *          the corresponding fields from the message in the 
   *          currently open folder with messageID equal to
   *          passedMessageID. 
   *
   */
  void getMessage(int passedMessageID) throws IOException
  {
    /* Clear old message info
     */
   
    messageID = passedMessageID;
    date="";
    subject="";
    to=""; 
    from="";
    replyTo="";
    cc="";
    bcc="";

    /*  This field contains information on the message's encryption.  For example it may contain
     *  an encrypted key that is used to symmetrically encrypt the actual message, or it may
     *  indicated that the message body is symmetrically encrypted directly with the user's passphrase
     */ 
    String encryption="";
    String keyblock="";
    body="";
    actualbody="";
    wasRewritten = false;
  
    encryptAndWrite("GETMESSAGE\n"+folderName+"\n"+String.valueOf(passedMessageID)+"\n");
    readAndDecrypt();
    if (!in.readLine().equals("OK")) throw new IOException();

    int lengthOfMessage = Integer.parseInt(in.readLine());

    /* Message must be converted to bytes to get around
     * problems with string reading in Java 1.0
     */
    byte[] messageBytes = new byte[lengthOfMessage];
    in.read(messageBytes);
    DataInputStream messageParser = new DataInputStream(new ByteArrayInputStream(messageBytes)); 

    String line; 
      
    //  Determine whether message is encrypted
    boolean encrypted = false; 

    String eTo = "";
    String eCc = "";
    String eBcc = "";

    String lastField = new String();
    while ((line=messageParser.readLine())!=null)
      if (line.length()>4) 
      {
        header=line.trim()+"\n";
        break;
      }

    /* This loop parses out header fields
     * and compensates for header modifications necessary
     * in encrypted messages
     */ 
    while ((line=messageParser.readLine())!=null)
    {
      if (line.length()==0) break;
      else 
      {
       /* A string representing the complete header
        * accessed if user wants to see full header
        */
        header=header+line+"\n";

       /* Concatenate information from wrapped header fields
        */

        if (line.regionMatches(0," ",0,1))
        { 
          if (lastField.equals("to")) to=to+line.trim();
          else if (lastField.equals("cc")) cc=cc+line.trim();
          else if (lastField.equals("bcc")) bcc=bcc+line.trim();
          else if (lastField.equals("eTo")) eTo=eTo+line.trim();
          else if (lastField.equals("eCc")) eCc=eCc+line.trim();
          else if (lastField.equals("eBcc")) eBcc=eBcc+line.trim();
          else if (lastField.equals("date")) date=date+line.trim();
          else if (lastField.equals("subject")) subject=subject+line.trim();
          else if (lastField.equals("replyTo")) replyTo=replyTo+line.trim();
          else if (lastField.equals("encryption")) encryption=encryption+line.trim();
          else if (lastField.equals("keyblock")) keyblock=keyblock+line.trim();
        }
        else if (line.regionMatches(0,"From:",0,5)) 
        {
          from=line.substring(5).trim();
          lastField = "from";
        }
        else if (line.regionMatches(0,"Date:",0,5)) 
        {
          date=line.substring(5).trim();
          lastField = "date";
        }
        else if (line.regionMatches(0,"To:",0,3)) 
        {
          to=line.substring(3).trim();
          lastField = "to";
        }
        else if (line.regionMatches(0,"Cc:",0,3)) 
        {
          cc=line.substring(3).trim();
          lastField = "cc";
	} 
        else if (line.regionMatches(0,"Bcc:",0,4)) 
        {
          bcc=line.substring(4).trim();
          lastField = "bcc";
	}
        /* E-cc is used to store Cc information in encrypted messages
         * which can have no Cc field 
         */ 
        else if (line.regionMatches(0,"E-Bcc:",0,6)) 
        {
          eBcc=line.substring(6).trim();
          lastField = "eBcc";
        } 
        /* E-to overrides To in encrypted messages 
         */
        else if (line.regionMatches(0,"E-To:",0,5)) 
        {
          eTo=eTo+line.substring(5).trim();
          lastField = "eTo";
        }

        /* E-cc is used to store Cc information in encrypted messages
         * which can have no Cc field 
         */
        else if (line.regionMatches(0,"E-Cc:",0,5)) 
        {
          eCc=line.substring(5).trim();
          lastField = "eCc";
        } 
        else if (line.regionMatches(0,"Subject:",0,8)) 
        {
          subject=line.substring(8).trim();
          lastField = "subject";
        } 
        else if (line.regionMatches(0,"Reply-To:",0,9)) 
        {
          replyTo=line.substring(9).trim();
          lastField = "replyTo";
        }  
        else if (line.regionMatches(0,"Hush-encryption:",0,16)) 
        {
          encrypted = true;
          encryption=line.substring(17).trim();
          lastField = "encryption";
        } 
        else if (line.regionMatches(0,"Hush-keyblock:",0,14))
        {
          keyblock = line.substring(15).trim();
          lastField = "keyblock";
        } 
        else lastField = "";   
      }
    }  // end while (line) loop


    if (encrypted) to="";
    if (eTo.length()>0) to=eTo;
    if (eCc.length()>0) cc=eCc;
    if (eBcc.length()>0) bcc=eBcc;

    StringBuffer bodyBuffer = new StringBuffer();

    while ((line=messageParser.readLine())!=null)
    {
      bodyBuffer.ensureCapacity(bodyBuffer.length()+line.length());
      bodyBuffer = bodyBuffer.append(line + "\n");
    }
    body = bodyBuffer.toString();      

    to=wrap(to,true,false);
    cc=wrap(cc,true,false);
    bcc=wrap(bcc,true,false);
    replyTo=wrap(replyTo,true,false);
    subject=wrap(subject,true,false);
    actualbody = body;

    if (encrypted)
    {
      if (!folderName().equals("drafts")) 
        hushApplet.statusBar(spaces+"This message was sent securely"+spaces);
 
      /* The body of the message should be decrypted here
       * using the variable 'body' and the information stored in
       * the variable 'encryption'
       */ 
      byte[] bodyBytes = new byte[body.length()];
      body.getBytes(0,body.length(),bodyBytes,0);
      DataInputStream parseBody = new DataInputStream(new ByteArrayInputStream(bodyBytes));
      StringBuffer encBodyBuf = new StringBuffer();
      String bodyHash = "";
      boolean inCipher = false;
      String i;
      while ((i = parseBody.readLine())!=null)
      {
        i = i.trim();
        if (i.equals("----- HushMail v1.0 -----")) inCipher=true;
        else if (i.regionMatches(0,"-",0,1))
        {
          bodyHash = i.substring(1);
          break;
        }
        else if (inCipher) 
        {
          encBodyBuf.ensureCapacity(encBodyBuf.length()+i.length());
          encBodyBuf.append(i);
        }
      }
      byte[] encKeyblock = Conversions.hexStringToBytes(keyblock);
      byte[] plainKey = new byte[16];         
      byte[] keyHash = new byte[20];
      byte[] bodyKeyAndHash = new byte[36];

       /* Decrypt bodykey based on information included in "Encryption:" header
        */
      if (encryption.equals("Hush Private 1.0")) bodyKeyAndHash = passCipher.decrypt(encKeyblock);
      else if (encryption.equals("Hush Public 1.0")) 
      {
        /*  Make sure everything is wiped after private key is decrypted and used
         */
        byte[] privKey = passCipher.decrypt(encPrivKey);
        ElGamalCipher privKeyCipher = new ElGamalCipher();
        privKeyCipher.setPrivateKey(privKey);
        bodyKeyAndHash = privKeyCipher.hushDecrypt(encKeyblock,36);
        for (int x=0;x<privKey.length;x++) privKey[x]=0;
        privKeyCipher.setPrivateKey(privKey);
        privKey=null;
        privKeyCipher=null;
      }

      System.arraycopy(bodyKeyAndHash,0,plainKey,0,16);
      System.arraycopy(bodyKeyAndHash,16,keyHash,0,20);

      if (keyHash.length!=20) hushApplet.statusBar(spaces+"Wrong hash length.  Message may not be valid."+spaces);
      else
      {
        if (!Conversions.bytesToHexString(keyHash).equals(Conversions.bytesToHexString(new HushSHA1().SHA1Hash(plainKey)))) hushApplet.statusBar(spaces+"Hash failed.  Message may not be valid"+spaces);
      }

      BlowfishCipher bodyCipher = new BlowfishCipher();
      bodyCipher.setKey(plainKey);
      body = bodyCipher.stringDecrypt(Conversions.hexStringToBytes(encBodyBuf.toString()));
      if (bodyHash.length()!=40) 
        hushApplet.statusBar(spaces+"Wrong hash length.  Message may not be valid."+spaces);
      {
        if (!bodyHash.equals(Conversions.bytesToHexString(new HushSHA1().SHA1Hash(body)))) 
          hushApplet.statusBar(spaces+"Hash failed.  Message may not be valid"+spaces);
      }
      if (encryption.equals("Hush Public 1.0"))
      {
        
        String newKeyblock = "Hush-keyblock: "+Conversions.bytesToHexString(passCipher.encrypt(bodyKeyAndHash))+"\n";
        StringBuffer newMessageBuf = new StringBuffer();
        boolean inKeyblock = false;
        boolean foundHeader = false;
        boolean statusFieldFound = false;
        messageParser.reset();
        while ((line=messageParser.readLine())!=null)
        {
          newMessageBuf.ensureCapacity(newMessageBuf.length()+line.length());
          if (line.regionMatches(0,"From ",0,5)) foundHeader=true;
          if (line.trim().length()==0 && !statusFieldFound && foundHeader)
	  {
            statusFieldFound = true;
            newMessageBuf.append("Status: RO\n");
          }
          if (line.regionMatches(0,"Hush-encryption:",0,16)) newMessageBuf.append("Hush-encryption: Hush Private 1.0\n");
          else if (line.regionMatches(0,"Hush-keyblock:",0,14))
          {
            inKeyblock = true;
            newMessageBuf.append(wrap(newKeyblock,false,true));
          }
          else if (line.regionMatches(0,"Status:",0,7))
	  {
            inKeyblock = false;
            newMessageBuf.append("Status: RO\n");
          }
          else if (!line.regionMatches(0," ",0,1)&&inKeyblock)
          {
            inKeyblock = false;
            newMessageBuf.append(line + "\n");
          }
          else if (!inKeyblock) newMessageBuf.append(line + "\n"); 
        }
        deleteMessage(messageID);
        String newMessage = newMessageBuf.toString();
        encryptAndWrite("SAVEMESSAGE\n" + folderName + "\n" + String.valueOf(newMessage.length()) + "\n" + newMessage);
        readAndDecrypt();
        if (!in.readLine().equals("OK")) throw new IOException();
        wasRewritten = true;
      } 
    }
    else 
    {
      if (!folderName().equals("drafts")) 
        hushApplet.statusBar(spaces+"This message was NOT sent securely"+spaces);
      else hushApplet.statusBar(spaces+"This message was NOT saved securely"+spaces);
    }
    body = wrap(body,true,false);
  }


  void sendPlainMessage(String header, String body, boolean saveToSent)
    throws IOException
  {
    String message = new String(header+"\n"+body);
    if (saveToSent) 
    {
      String firstLine =  "From "+emailAddress()+"  "+new Date().toString()+"\n";
      encryptAndWrite("SAVEMESSAGE\nsent\n"+String.valueOf(firstLine.length()+message.length())+"\n"+firstLine+message);
      readAndDecrypt();
      if (!in.readLine().equals("OK")) throw new IOException();
    }
    encryptAndWrite("SENDMESSAGE\n"+String.valueOf(message.length())+"\n"+message);
    readAndDecrypt();
    if (!in.readLine().equals("OK")) throw new IOException();
  }


  /**
   *  Send a formatted message to the server.
   *   NOTE!!  Line wraps in header will be done on server side!!
   */
  boolean sendEncryptedMessage(String[] recipients, String[] headers, String body, boolean save, String saveFolder) throws IOException
  {
    /* Returns true if all recipients are vaild HushMail users.
     */

    /* Get the public keys
     */
      
    String[] pubKeys = new String[recipients.length];
   
    for (int x=0;x<recipients.length;x++)
    {
      if (!recipients[x].equals(username)&&!recipients[x].equals("/self/"))
      {
        hushApplet.statusBar(spaces+"Retrieving public key for "+recipients[x]+spaces);
        encryptAndWrite("GETPUBLICKEY\n"+recipients[x]+"\n");
        readAndDecrypt();
        if (!in.readLine().equals("OK")) throw new IOException();        

        if (in.readLine().equals("APPROVED")) pubKeys[x] = in.readLine().trim();
        else 
        {
          hushApplet.statusBar (spaces+"No such user: "+recipients[x]+spaces);
          return false;
        }