Exemple #1
0
  private void encryptAndSend(Message msg) throws Exception {
    EncryptHeader hdr = new EncryptHeader(EncryptHeader.ENCRYPT, getSymVersion());
    if (this.encrypt_entire_message) hdr.type |= EncryptHeader.ENCRYPT_ENTIRE_MSG;

    if (encrypt_entire_message) {
      if (msg.getSrc() == null) msg.setSrc(local_addr);

      Buffer serialized_msg = Util.streamableToBuffer(msg);
      byte[] encrypted_msg =
          code(
              serialized_msg.getBuf(),
              serialized_msg.getOffset(),
              serialized_msg.getLength(),
              false);

      // exclude existing headers, they will be seen again when we decrypt and unmarshal the msg at
      // the receiver
      Message tmp = msg.copy(false, false).setBuffer(encrypted_msg).putHeader(this.id, hdr);
      down_prot.down(new Event(Event.MSG, tmp));
      return;
    }

    // copy neeeded because same message (object) may be retransmitted -> no double encryption
    Message msgEncrypted =
        msg.copy(false)
            .putHeader(this.id, hdr)
            .setBuffer(code(msg.getRawBuffer(), msg.getOffset(), msg.getLength(), false));
    down_prot.down(new Event(Event.MSG, msgEncrypted));
  }
Exemple #2
0
  private Object handleUpMessage(Event evt) throws Exception {
    Message msg = (Message) evt.getArg();
    EncryptHeader hdr;
    if (msg == null
        || (msg.getLength() == 0 && !encrypt_entire_message)
        || ((hdr = (EncryptHeader) msg.getHeader(this.id)) == null)) return up_prot.up(evt);

    if (log.isTraceEnabled()) log.trace("header received %s", hdr);

    switch (hdr.getType()) {
      case EncryptHeader.ENCRYPT:
        return handleEncryptedMessage(msg, evt, hdr);
      default:
        handleUpEvent(msg, hdr);
        return null;
    }
  }
Exemple #3
0
  /**
   * Does the actual work for decrypting - if version does not match current cipher then tries the
   * previous cipher
   */
  private Message decryptMessage(Cipher cipher, Message msg) throws Exception {
    EncryptHeader hdr = (EncryptHeader) msg.getHeader(this.id);
    if (!Arrays.equals(hdr.getVersion(), getSymVersion())) {
      log.warn(
          "attempting to use stored cipher as message does not use current encryption version ");
      cipher = keyMap.get(new AsciiString(hdr.getVersion()));
      if (cipher == null) {
        log.warn("unable to find a matching cipher in previous key map");
        return null;
      }
      log.trace("decrypting using previous cipher version");
      synchronized (cipher) {
        return _decrypt(cipher, msg, hdr.encryptEntireMessage());
      }
    }

    return _decrypt(cipher, msg, hdr.encryptEntireMessage());
  }
Exemple #4
0
    public Message visit(Message msg, MessageBatch batch) {
      EncryptHeader hdr;

      if (msg == null
          || (msg.getLength() == 0 && !encrypt_entire_message)
          || ((hdr = (EncryptHeader) msg.getHeader(id)) == null)) return null;

      if (hdr.getType() == EncryptHeader.ENCRYPT) {
        // if queueing then pass into queue to be dealt with later
        if (queue_up) {
          queueUpMessage(msg, batch);
          return null;
        }

        // make sure we pass up any queued messages first
        if (!suppliedKey) drainUpQueue();

        if (lock == null) {
          int index = getNextIndex();
          lock = decoding_locks[index];
          cipher = decoding_ciphers[index];
          lock.lock();
        }

        try {
          Message tmpMsg = decryptMessage(cipher, msg.copy()); // need to copy for possible xmits
          if (tmpMsg != null) batch.replace(msg, tmpMsg);
        } catch (Exception e) {
          log.error(
              "failed decrypting message from %s (offset=%d, length=%d, buf.length=%d): %s, headers are %s",
              msg.getSrc(),
              msg.getOffset(),
              msg.getLength(),
              msg.getRawBuffer().length,
              e,
              msg.printHeaders());
        }
      } else {
        batch.remove(
            msg); // a control message will get handled by ENCRYPT and should not be passed up
        handleUpEvent(msg, hdr);
      }
      return null;
    }
Exemple #5
0
  protected void handleUpEvent(Message msg, EncryptHeader hdr) {
    // check if we had some sort of encrypt control header if using supplied key we should not
    // process it
    if (suppliedKey) {
      log.warn("we received an encrypt header of %s while in configured mode", hdr.getType());
      return;
    }

    // see what sort of encrypt control message we have received
    switch (hdr.getType()) {
        // if a key request
      case EncryptHeader.KEY_REQUEST:
        log.debug("received a key request from peer %s", msg.getSrc());

        // if a key request send response key back
        try {
          // extract peer's public key
          PublicKey tmpKey = generatePubKey(msg.getBuffer());
          // send back the secret key we have
          sendSecretKey(getSecretKey(), tmpKey, msg.getSrc());
        } catch (Exception e) {
          log.warn("unable to reconstitute peer's public key");
        }
        break;
      case EncryptHeader.SECRETKEY:
        log.debug("received a secretkey response from keyserver %s", msg.getSrc());

        try {
          SecretKey tmp = decodeKey(msg.getBuffer());
          if (tmp == null) sendKeyRequest(); // unable to understand response, let's try again
          else {
            // otherwise lets set the returned key as the shared key
            setKeys(tmp, hdr.getVersion());
            log.debug("decoded secretkey response");
          }
        } catch (Exception e) {
          log.warn("unable to process received public key", e);
        }
        break;
      default:
        log.warn("received ignored encrypt header of %s", hdr.getType());
        break;
    }
  }