diff --git a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/response/ConfirmRecoveryCodeResponse.java b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/response/ConfirmRecoveryCodeResponse.java index 8fd2cd43d..4e6650cf4 100644 --- a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/response/ConfirmRecoveryCodeResponse.java +++ b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/response/ConfirmRecoveryCodeResponse.java @@ -33,7 +33,6 @@ public class ConfirmRecoveryCodeResponse { private String userId; private String encryptedData; private String mac; - private String ephemeralPublicKey; @ToString.Exclude private String nonce; private Long timestamp; diff --git a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/response/CreateActivationResponse.java b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/response/CreateActivationResponse.java index 3c29e4dc9..02ff360a9 100644 --- a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/response/CreateActivationResponse.java +++ b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/response/CreateActivationResponse.java @@ -35,7 +35,6 @@ public class CreateActivationResponse { private String applicationId; private String encryptedData; private String mac; - private String ephemeralPublicKey; @ToString.Exclude private String nonce; private Long timestamp; diff --git a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/response/CreateTokenResponse.java b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/response/CreateTokenResponse.java index 4a4460748..8966466cb 100644 --- a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/response/CreateTokenResponse.java +++ b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/response/CreateTokenResponse.java @@ -31,7 +31,6 @@ public class CreateTokenResponse { private String encryptedData; private String mac; - private String ephemeralPublicKey; @ToString.Exclude private String nonce; private Long timestamp; diff --git a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/response/PrepareActivationResponse.java b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/response/PrepareActivationResponse.java index 26aad370d..45af08aef 100644 --- a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/response/PrepareActivationResponse.java +++ b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/response/PrepareActivationResponse.java @@ -35,7 +35,6 @@ public class PrepareActivationResponse { private String applicationId; private String encryptedData; private String mac; - private String ephemeralPublicKey; @ToString.Exclude private String nonce; private Long timestamp; diff --git a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/response/RecoveryCodeActivationResponse.java b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/response/RecoveryCodeActivationResponse.java index 67db80d6d..d9ea0d590 100644 --- a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/response/RecoveryCodeActivationResponse.java +++ b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/response/RecoveryCodeActivationResponse.java @@ -35,7 +35,6 @@ public class RecoveryCodeActivationResponse { private String applicationId; private String encryptedData; private String mac; - private String ephemeralPublicKey; @ToString.Exclude private String nonce; private Long timestamp; diff --git a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/response/StartUpgradeResponse.java b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/response/StartUpgradeResponse.java index 97725d7ce..26d100f7a 100644 --- a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/response/StartUpgradeResponse.java +++ b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/response/StartUpgradeResponse.java @@ -31,7 +31,6 @@ public class StartUpgradeResponse { private String encryptedData; private String mac; - private String ephemeralPublicKey; @ToString.Exclude private String nonce; private Long timestamp; diff --git a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/response/VaultUnlockResponse.java b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/response/VaultUnlockResponse.java index 0f3ded004..0968a2f90 100644 --- a/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/response/VaultUnlockResponse.java +++ b/powerauth-client-model/src/main/java/com/wultra/security/powerauth/client/model/response/VaultUnlockResponse.java @@ -31,7 +31,6 @@ public class VaultUnlockResponse { private String encryptedData; private String mac; - private String ephemeralPublicKey; private boolean signatureValid; @ToString.Exclude private String nonce; diff --git a/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/tasks/ActivationServiceBehavior.java b/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/tasks/ActivationServiceBehavior.java index d73d7ee2d..a726252aa 100644 --- a/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/tasks/ActivationServiceBehavior.java +++ b/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/tasks/ActivationServiceBehavior.java @@ -983,7 +983,7 @@ public PrepareActivationResponse prepareActivation(String activationCode, String final byte[] responseData = objectMapper.writeValueAsBytes(layer2Response); // Encrypt response data - final byte[] nonceBytesResponse = ("3.2".equals(version) || "3.1".equals(version)) ? keyGenerator.generateRandomBytes(16) : null; + final byte[] nonceBytesResponse = "3.2".equals(version) ? keyGenerator.generateRandomBytes(16) : null; final Long timestampResponse = "3.2".equals(version) ? new Date().getTime() : null; final EciesParameters parametersResponse = EciesParameters.builder().nonce(nonceBytesResponse).associatedData(eciesPayload.getParameters().getAssociatedData()).timestamp(timestampResponse).build(); final EciesEncryptor encryptorResponse = eciesFactory.getEciesEncryptor(EciesScope.APPLICATION_SCOPE, @@ -992,7 +992,6 @@ public PrepareActivationResponse prepareActivation(String activationCode, String final EciesPayload responseEciesPayload = encryptorResponse.encrypt(responseData, parametersResponse); final String encryptedData = Base64.getEncoder().encodeToString(responseEciesPayload.getCryptogram().getEncryptedData()); final String mac = Base64.getEncoder().encodeToString(responseEciesPayload.getCryptogram().getMac()); - final String ephemeralPublicKey = Base64.getEncoder().encodeToString(responseEciesPayload.getCryptogram().getEphemeralPublicKey()); // Persist activation report and notify listeners activationHistoryServiceBehavior.saveActivationAndLogChange(activation); @@ -1005,7 +1004,6 @@ public PrepareActivationResponse prepareActivation(String activationCode, String encryptedResponse.setApplicationId(applicationId); encryptedResponse.setEncryptedData(encryptedData); encryptedResponse.setMac(mac); - encryptedResponse.setEphemeralPublicKey(ephemeralPublicKey); encryptedResponse.setNonce(nonceBytesResponse != null ? Base64.getEncoder().encodeToString(nonceBytesResponse) : null); encryptedResponse.setTimestamp(timestampResponse); encryptedResponse.setActivationStatus(activationStatusConverter.convert(activationStatus)); @@ -1195,7 +1193,7 @@ public CreateActivationResponse createActivation( final byte[] responseData = objectMapper.writeValueAsBytes(layer2Response); // Encrypt response data - final byte[] nonceBytesResponse = ("3.2".equals(version) || "3.1".equals(version)) ? keyGenerator.generateRandomBytes(16) : null; + final byte[] nonceBytesResponse = "3.2".equals(version) ? keyGenerator.generateRandomBytes(16) : null; final Long timestampResponse = "3.2".equals(version) ? new Date().getTime() : null; final byte[] associatedData = "3.2".equals(version) ? EciesUtils.deriveAssociatedData(EciesScope.APPLICATION_SCOPE, version, applicationKey, null) : null; final EciesParameters parametersResponse = EciesParameters.builder().nonce(nonceBytesResponse).associatedData(associatedData).timestamp(timestampResponse).build(); @@ -1205,7 +1203,6 @@ public CreateActivationResponse createActivation( final EciesPayload responseEciesPayload = encryptorResponse.encrypt(responseData, parametersResponse); final String encryptedData = Base64.getEncoder().encodeToString(responseEciesPayload.getCryptogram().getEncryptedData()); final String mac = Base64.getEncoder().encodeToString(responseEciesPayload.getCryptogram().getMac()); - final String ephemeralPublicKey = Base64.getEncoder().encodeToString(responseEciesPayload.getCryptogram().getEphemeralPublicKey()); // Generate encrypted response final CreateActivationResponse encryptedResponse = new CreateActivationResponse(); @@ -1214,7 +1211,6 @@ public CreateActivationResponse createActivation( encryptedResponse.setApplicationId(applicationId); encryptedResponse.setEncryptedData(encryptedData); encryptedResponse.setMac(mac); - encryptedResponse.setEphemeralPublicKey(ephemeralPublicKey); encryptedResponse.setNonce(nonceBytesResponse != null ? Base64.getEncoder().encodeToString(nonceBytesResponse) : null); encryptedResponse.setTimestamp(timestampResponse); encryptedResponse.setActivationStatus(activationStatusConverter.convert(activation.getActivationStatus())); @@ -1870,7 +1866,7 @@ public RecoveryCodeActivationResponse createActivationUsingRecoveryCode(Recovery final byte[] responseData = objectMapper.writeValueAsBytes(layer2Response); // Encrypt response data - final byte[] nonceBytesResponse = ("3.2".equals(version) || "3.1".equals(version)) ? keyGenerator.generateRandomBytes(16) : null; + final byte[] nonceBytesResponse = "3.2".equals(version) ? keyGenerator.generateRandomBytes(16) : null; final Long timestampResponse = "3.2".equals(version) ? new Date().getTime() : null; final EciesParameters parametersResponse = EciesParameters.builder().nonce(nonceBytesResponse).associatedData(eciesPayload.getParameters().getAssociatedData()).timestamp(timestampResponse).build(); final EciesEncryptor encryptorResponse = eciesFactory.getEciesEncryptor(EciesScope.APPLICATION_SCOPE, @@ -1879,7 +1875,6 @@ public RecoveryCodeActivationResponse createActivationUsingRecoveryCode(Recovery final EciesPayload responseEciesPayload = encryptorResponse.encrypt(responseData, parametersResponse); final String encryptedDataResponse = Base64.getEncoder().encodeToString(responseEciesPayload.getCryptogram().getEncryptedData()); final String macResponse = Base64.getEncoder().encodeToString(responseEciesPayload.getCryptogram().getMac()); - final String ephemeralPublicKeyResponse = Base64.getEncoder().encodeToString(responseEciesPayload.getCryptogram().getEphemeralPublicKey()); final RecoveryCodeActivationResponse encryptedResponse = new RecoveryCodeActivationResponse(); encryptedResponse.setActivationId(activation.getActivationId()); @@ -1887,7 +1882,6 @@ public RecoveryCodeActivationResponse createActivationUsingRecoveryCode(Recovery encryptedResponse.setApplicationId(applicationId); encryptedResponse.setEncryptedData(encryptedDataResponse); encryptedResponse.setMac(macResponse); - encryptedResponse.setEphemeralPublicKey(ephemeralPublicKeyResponse); encryptedResponse.setNonce(nonceBytesResponse != null ? Base64.getEncoder().encodeToString(nonceBytesResponse) : null); encryptedResponse.setTimestamp(timestampResponse); encryptedResponse.setActivationStatus(activationStatusConverter.convert(activation.getActivationStatus())); diff --git a/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/tasks/RecoveryServiceBehavior.java b/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/tasks/RecoveryServiceBehavior.java index 850805864..d151771e7 100644 --- a/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/tasks/RecoveryServiceBehavior.java +++ b/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/tasks/RecoveryServiceBehavior.java @@ -400,7 +400,7 @@ public ConfirmRecoveryCodeResponse confirmRecoveryCode(ConfirmRecoveryCodeReques final byte[] responseBytes = objectMapper.writeValueAsBytes(responsePayload); // Encrypt response using ECIES encryptor - final byte[] nonceBytesResponse = ("3.2".equals(version) || "3.1".equals(version)) ? keyGenerator.generateRandomBytes(16) : null; + final byte[] nonceBytesResponse = "3.2".equals(version) ? keyGenerator.generateRandomBytes(16) : null; final Long timestampResponse = "3.2".equals(version) ? new Date().getTime() : null; final EciesParameters parametersResponse = EciesParameters.builder().nonce(nonceBytesResponse).associatedData(associatedData).timestamp(timestampResponse).build(); @@ -417,7 +417,6 @@ public ConfirmRecoveryCodeResponse confirmRecoveryCode(ConfirmRecoveryCodeReques response.setUserId(recoveryCodeEntity.getUserId()); response.setEncryptedData(encryptedDataResponse); response.setMac(macResponse); - response.setEphemeralPublicKey(ephemeralPublicKey); response.setNonce(nonceBytesResponse != null ? Base64.getEncoder().encodeToString(nonceBytesResponse) : null); response.setTimestamp(timestampResponse); diff --git a/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/tasks/TokenBehavior.java b/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/tasks/TokenBehavior.java index a52d7643a..fafd65851 100644 --- a/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/tasks/TokenBehavior.java +++ b/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/tasks/TokenBehavior.java @@ -147,7 +147,6 @@ public CreateTokenResponse createToken(CreateTokenRequest request, KeyConvertor final CreateTokenResponse response = new CreateTokenResponse(); response.setMac(Base64.getEncoder().encodeToString(responseEciesPayload.getCryptogram().getMac())); response.setEncryptedData(Base64.getEncoder().encodeToString(responseEciesPayload.getCryptogram().getEncryptedData())); - response.setEphemeralPublicKey(Base64.getEncoder().encodeToString(responseEciesPayload.getCryptogram().getEphemeralPublicKey())); response.setNonce(responseEciesPayload.getParameters().getNonce() != null ? Base64.getEncoder().encodeToString(responseEciesPayload.getParameters().getNonce()) : null); response.setTimestamp(responseEciesPayload.getParameters().getTimestamp()); return response; @@ -248,7 +247,7 @@ private EciesPayload createToken(String activationId, String applicationKey, Eci final byte[] tokenBytes = objectMapper.writeValueAsBytes(tokenInfo); // Encrypt response using previously created ECIES decryptor - final byte[] nonceBytesResponse = ("3.1".equals(version) || "3.2".equals(version)) ? keyGenerator.generateRandomBytes(16) : null; + final byte[] nonceBytesResponse = "3.2".equals(version) ? keyGenerator.generateRandomBytes(16) : null; final Long timestampResponse = "3.2".equals(version) ? new Date().getTime() : null; final EciesParameters parametersResponse = EciesParameters.builder().nonce(nonceBytesResponse).associatedData(eciesPayload.getParameters().getAssociatedData()).timestamp(timestampResponse).build(); final EciesEncryptor encryptorResponse = eciesFactory.getEciesEncryptor(EciesScope.ACTIVATION_SCOPE, diff --git a/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/tasks/UpgradeServiceBehavior.java b/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/tasks/UpgradeServiceBehavior.java index a27b40d81..e998a1dc3 100644 --- a/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/tasks/UpgradeServiceBehavior.java +++ b/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/tasks/UpgradeServiceBehavior.java @@ -226,7 +226,7 @@ public StartUpgradeResponse startUpgrade(StartUpgradeRequest request) throws Gen // Encrypt response payload and return it final byte[] payloadBytes = objectMapper.writeValueAsBytes(payload); - final byte[] nonceBytesResponse = ("3.2".equals(version) || "3.1".equals(version)) ? keyGenerator.generateRandomBytes(16) : null; + final byte[] nonceBytesResponse = "3.2".equals(version) ? keyGenerator.generateRandomBytes(16) : null; final Long timestampResponse = "3.2".equals(version) ? new Date().getTime() : null; final EciesParameters parametersResponse = EciesParameters.builder().nonce(nonceBytesResponse).associatedData(eciesPayload.getParameters().getAssociatedData()).timestamp(timestampResponse).build(); final EciesEncryptor encryptorResponse = eciesFactory.getEciesEncryptor(EciesScope.ACTIVATION_SCOPE, @@ -236,7 +236,6 @@ public StartUpgradeResponse startUpgrade(StartUpgradeRequest request) throws Gen final StartUpgradeResponse response = new StartUpgradeResponse(); response.setEncryptedData(Base64.getEncoder().encodeToString(payloadResponse.getCryptogram().getEncryptedData())); response.setMac(Base64.getEncoder().encodeToString(payloadResponse.getCryptogram().getMac())); - response.setEphemeralPublicKey(Base64.getEncoder().encodeToString(payloadResponse.getCryptogram().getEphemeralPublicKey())); response.setNonce(nonceBytesResponse != null ? Base64.getEncoder().encodeToString(nonceBytesResponse) : null); response.setTimestamp(timestampResponse); diff --git a/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/tasks/VaultUnlockServiceBehavior.java b/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/tasks/VaultUnlockServiceBehavior.java index 49f9dead3..609deb7f9 100644 --- a/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/tasks/VaultUnlockServiceBehavior.java +++ b/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/behavior/tasks/VaultUnlockServiceBehavior.java @@ -225,7 +225,7 @@ public VaultUnlockResponse unlockVault(String activationId, String applicationKe final byte[] reponsePayloadBytes = objectMapper.writeValueAsBytes(responsePayload); // Encrypt response payload - final byte[] nonceBytesResponse = ("3.2".equals(signatureVersion) || "3.1".equals(signatureVersion)) ? keyGenerator.generateRandomBytes(16) : null; + final byte[] nonceBytesResponse = "3.2".equals(signatureVersion) ? keyGenerator.generateRandomBytes(16) : null; final Long timestampResponse = "3.2".equals(signatureVersion) ? new Date().getTime() : null; final EciesParameters parametersResponse = EciesParameters.builder().nonce(nonceBytesResponse).associatedData(eciesPayload.getParameters().getAssociatedData()).timestamp(timestampResponse).build(); final EciesEncryptor encryptorResponse = eciesFactory.getEciesEncryptor(EciesScope.ACTIVATION_SCOPE, @@ -234,13 +234,11 @@ public VaultUnlockResponse unlockVault(String activationId, String applicationKe final EciesPayload responseEciesPayload = encryptorResponse.encrypt(reponsePayloadBytes, parametersResponse); final String dataResponse = Base64.getEncoder().encodeToString(responseEciesPayload.getCryptogram().getEncryptedData()); final String macResponse = Base64.getEncoder().encodeToString(responseEciesPayload.getCryptogram().getMac()); - final String ephemeralPublicKeyResponse = Base64.getEncoder().encodeToString(responseEciesPayload.getCryptogram().getEphemeralPublicKey()); // Return vault unlock response, set signature validity final VaultUnlockResponse response = new VaultUnlockResponse(); response.setEncryptedData(dataResponse); response.setMac(macResponse); - response.setEphemeralPublicKey(ephemeralPublicKeyResponse); response.setNonce(nonceBytesResponse != null ? Base64.getEncoder().encodeToString(nonceBytesResponse) : null); response.setTimestamp(timestampResponse); response.setSignatureValid(signatureResponse.isSignatureValid());