/** * Decode data using session key then is decoded using private key. * * @param message the message * @param encodedKey the encoded key * @return the byte[] * @throws GeneralSecurityException the general security exception */ public byte[] decodeData(byte[] message, byte[] encodedKey) throws GeneralSecurityException { sessionCipherPair = null; decodeSessionKey(encodedKey); return decodeData(message); }
/** * Validates RSA public and private key. * * @param keyPair the keypair * @return true if keys matches */ public static boolean validateKeyPair(KeyPair keyPair) { RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic(); RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate(); if (publicKey.getModulus().bitLength() != privateKey.getModulus().bitLength()) { LOG.error("Keypair length matching error"); return false; } byte[] rawPayload = new byte[64]; new Random().nextBytes(rawPayload); MessageEncoderDecoder encDec = new MessageEncoderDecoder(privateKey, publicKey); byte[] encodedPayload; byte[] decodedPayload; try { encodedPayload = encDec.encodeData(rawPayload); decodedPayload = encDec.decodeData(encodedPayload); } catch (GeneralSecurityException ex) { LOG.error("Validation keypair error ", ex); return false; } return Arrays.equals(rawPayload, decodedPayload); }
@Override public void onResponse(byte[] response) { LOG.debug("Response for channel [{}] received", getId()); byte[] decodedResponse; try { processingResponse = true; synchronized (httpClientLock) { decodedResponse = httpClient.getEncoderDecoder().decodeData(response); } demultiplexer.processResponse(decodedResponse); processingResponse = false; failoverManager.onServerConnected(currentServer); } catch (Exception ex) { LOG.error("Failed to process response {}", Arrays.toString(response)); LOG.error("Exception stack trace: ", ex); } }
private ClientSync decodeEncryptedRequest(SessionInitMessage message, MessageEncoderDecoder crypt, Map<Integer, PlatformEncDec> platformEncDecMap) throws GeneralSecurityException, PlatformEncDecException { byte[] requestRaw = crypt.decodeData( message.getEncodedMessageData(), message.getEncodedSessionKey()); LOG.trace("Request data decrypted"); ClientSync request = decodePlatformLevelData( platformEncDecMap, message.getPlatformId(), requestRaw); LOG.trace("Request data deserialized"); return request; }
private ClientSync decodeEncryptedRequest(SessionAwareMessage message) throws GeneralSecurityException, PlatformEncDecException { SessionInfo session = message.getSessionInfo(); crypt.setSessionCipherPair(session.getCipherPair()); byte[] requestRaw = crypt.decodeData(message.getEncodedMessageData()); LOG.trace("Request data decrypted"); ClientSync request = decodePlatformLevelData(message.getPlatformId(), requestRaw); LOG.trace("Request data deserialized"); return request; }
protected AbstractHttpClient getHttpClient() { AbstractHttpClient client = Mockito.mock(AbstractHttpClient.class); MessageEncoderDecoder crypt = Mockito.mock(MessageEncoderDecoder.class); try { Mockito.when(crypt.decodeData(Mockito.any(byte[].class))).thenReturn(new byte[]{5, 5, 5}); } catch (GeneralSecurityException e) { // TODO Auto-generated catch block e.printStackTrace(); } Mockito.when(client.getEncoderDecoder()).thenReturn(crypt); return client; } }
private ClientSync decodeEncryptedRequest(SessionInitMessage message) throws GeneralSecurityException, PlatformEncDecException { byte[] requestRaw = crypt.decodeData( message.getEncodedMessageData(), message.getEncodedSessionKey()); LOG.trace("Request data decrypted"); ClientSync request = decodePlatformLevelData(message.getPlatformId(), requestRaw); LOG.trace("Request data deserialized"); PublicKey endpointKey = getPublicKey(request); if (endpointKey == null) { LOG.warn("Endpoint Key is null"); throw new GeneralSecurityException("Endpoint Key is null"); } else { LOG.trace("Public key extracted"); } crypt.setRemotePublicKey(endpointKey); if (crypt.verify(message.getEncodedSessionKey(), message.getSessionKeySignature())) { LOG.trace("Request data verified"); } else { LOG.warn("Request data verification failed"); throw new GeneralSecurityException("Request data verification failed"); } return request; }
synchronized (this) { try { resultBody = encDec.decodeData(message.getAvroObject()); } catch (GeneralSecurityException ex) { LOG.error("Failed to decrypt message body for channel [{}]: {}", getId());
private void processTypes(Map<TransportType, ChannelDirection> types) throws Exception { LOG.trace("Processing types for [{}]", getId()); byte[] requestBodyRaw = getMultiplexer().compileRequest(types); byte[] decodedResponse = null; synchronized (this) { LinkedHashMap<String, byte[]> requestEntity = HttpRequestCreator.createBootstrapHttpRequest( requestBodyRaw, getHttpClient().getEncoderDecoder()); byte[] responseDataRaw = getHttpClient().executeHttpRequest("", requestEntity, false); decodedResponse = getHttpClient().getEncoderDecoder().decodeData(responseDataRaw); } getDemultiplexer().processResponse(decodedResponse); }
private void processTypes(Map<TransportType, ChannelDirection> types) throws Exception { byte[] requestBodyRaw = getMultiplexer().compileRequest(types); byte[] decodedResponse = null; synchronized (this) { LinkedHashMap<String, byte[]> requestEntity = HttpRequestCreator.createOperationHttpRequest( requestBodyRaw, getHttpClient().getEncoderDecoder()); byte[] responseDataRaw = getHttpClient().executeHttpRequest("", requestEntity, false); decodedResponse = getHttpClient().getEncoderDecoder().decodeData(responseDataRaw); } getDemultiplexer().processResponse(decodedResponse); }
@Test public void basicTest() throws Exception { String message = "secret" + new Random().nextInt(); MessageEncoderDecoder client = new MessageEncoderDecoder(clientPrivate, clientPublic, serverPublic); MessageEncoderDecoder server = new MessageEncoderDecoder(serverPrivate, serverPublic, clientPublic); MessageEncoderDecoder thief = new MessageEncoderDecoder(theifPrivate, theifPublic, clientPublic); byte[] secretData = client.encodeData(message.getBytes()); byte[] signature = client.sign(secretData); byte[] encodedSessionKey = client.getEncodedSessionKey(); Assert.assertTrue(server.verify(secretData, signature)); String decodedSecret = new String(server.decodeData(secretData, encodedSessionKey)); Assert.assertEquals(message, decodedSecret); byte[] theifData = thief.encodeData(message.getBytes()); byte[] theifSignature = thief.sign(theifData); Assert.assertFalse(server.verify(theifData, theifSignature)); }
@Test public void basicSubsequentTest() throws Exception { String message = "secret" + new Random().nextInt(); PrivateKey client2Private = theifPrivate; PublicKey client2Public = theifPublic; MessageEncoderDecoder client = new MessageEncoderDecoder(clientPrivate, clientPublic, serverPublic); MessageEncoderDecoder client2 = new MessageEncoderDecoder(client2Private, client2Public, serverPublic); MessageEncoderDecoder server = new MessageEncoderDecoder(serverPrivate, serverPublic); byte[] secretData = client.encodeData(message.getBytes()); byte[] signature = client.sign(secretData); byte[] encodedSessionKey = client.getEncodedSessionKey(); server.setRemotePublicKey(clientPublic); Assert.assertTrue(server.verify(secretData, signature)); String decodedSecret = new String(server.decodeData(secretData, encodedSessionKey)); Assert.assertEquals(message, decodedSecret); byte[] secretData2 = client2.encodeData(message.getBytes()); byte[] signature2 = client2.sign(secretData2); byte[] encodedSessionKey2 = client2.getEncodedSessionKey(); server.setRemotePublicKey(client2Public); Assert.assertTrue(server.verify(secretData2, signature2)); String decodedSecret2 = new String(server.decodeData(secretData2, encodedSessionKey2)); Assert.assertEquals(message, decodedSecret2); }