Fixed eisting test issue. Added unit test to check whether we can transfer keypair.
Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/43e9ecd0 Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/43e9ecd0 Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/43e9ecd0 Branch: refs/heads/feature/GEODE-420 Commit: 43e9ecd0999e2e1658215c861f1c606d1eff34c9 Parents: 2c30970 Author: Hitesh Khamesra <[email protected]> Authored: Mon May 16 09:20:38 2016 -0700 Committer: Hitesh Khamesra <[email protected]> Committed: Mon Aug 29 10:39:17 2016 -0700 ---------------------------------------------------------------------- .../membership/gms/messenger/GMSEncrypt.java | 43 +++++++++++++++++- .../gms/messenger/GMSEncryptJUnitTest.java | 47 +++++++++++++++++++- 2 files changed, 86 insertions(+), 4 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/43e9ecd0/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/GMSEncrypt.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/GMSEncrypt.java b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/GMSEncrypt.java index 3f61453..7cec567 100755 --- a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/GMSEncrypt.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/GMSEncrypt.java @@ -19,7 +19,9 @@ package com.gemstone.gemfire.distributed.internal.membership.gms.messenger; import java.math.BigInteger; import java.security.*; +import java.security.spec.EncodedKeySpec; import java.security.spec.InvalidKeySpecException; +import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; import java.util.HashMap; import java.util.Map; @@ -35,12 +37,14 @@ import javax.crypto.spec.SecretKeySpec; import com.gemstone.gemfire.distributed.internal.membership.InternalDistributedMember; import com.gemstone.gemfire.distributed.internal.membership.NetView; import com.gemstone.gemfire.distributed.internal.membership.gms.Services; + import org.apache.logging.log4j.Logger; import com.gemstone.gemfire.distributed.internal.DistributionConfig; import com.gemstone.gemfire.internal.logging.LogService; -public class GMSEncrypt { +public class GMSEncrypt implements Cloneable{ + public static long encodingsPerformed; public static long decodingsPerformed; @@ -81,8 +85,16 @@ public class GMSEncrypt { this.view.setPublicKey(services.getJoinLeave().getMemberID(), getPublicKeyBytes()); // TODO remove ciphers for departed members } + + protected void installView(NetView view, InternalDistributedMember mbr) { + this.view = view; + this.view.setPublicKey(mbr, getPublicKeyBytes()); + // TODO remove ciphers for departed members + } - + protected GMSEncrypt() { + + } public GMSEncrypt(Services services) throws Exception { this.services = services; @@ -101,6 +113,33 @@ public class GMSEncrypt { return dhPublicKey.getEncoded(); } + @Override + protected GMSEncrypt clone() throws CloneNotSupportedException { + try { + GMSEncrypt gmsEncrypt = new GMSEncrypt(); + gmsEncrypt.dhSKAlgo = this.dhSKAlgo; + + X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(this.dhPublicKey.getEncoded()); + KeyFactory keyFact = KeyFactory.getInstance("DH"); + // PublicKey pubKey = keyFact.generatePublic(x509KeySpec); + gmsEncrypt.dhPublicKey = keyFact.generatePublic(x509KeySpec); + final String format = this.dhPrivateKey.getFormat(); + System.out.println("private key format " + format); + System.out.println("public ksy format " + this.dhPublicKey.getFormat()); + PKCS8EncodedKeySpec x509KeySpecPKey = new PKCS8EncodedKeySpec(this.dhPrivateKey.getEncoded()); + + keyFact = KeyFactory.getInstance("DH"); + // PublicKey pubKey = keyFact.generatePublic(x509KeySpec); + gmsEncrypt.dhPrivateKey = keyFact.generatePrivate(x509KeySpecPKey); + + return gmsEncrypt; + } catch (Exception e) { + throw new RuntimeException("Unable to clone", e); + } + } + + + /** * Initialize the Diffie-Hellman keys. This method is not thread safe http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/43e9ecd0/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/GMSEncryptJUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/GMSEncryptJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/GMSEncryptJUnitTest.java index a591e47..de90328 100755 --- a/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/GMSEncryptJUnitTest.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/GMSEncryptJUnitTest.java @@ -66,8 +66,51 @@ public class GMSEncryptJUnitTest { netView.setPublicKey(mockMembers[1], gmsEncrypt1.getPublicKeyBytes()); netView.setPublicKey(mockMembers[2], gmsEncrypt2.getPublicKeyBytes()); - gmsEncrypt1.installView(netView); - gmsEncrypt2.installView(netView); + gmsEncrypt1.installView(netView, mockMembers[1]); + gmsEncrypt2.installView(netView, mockMembers[2]); + + // sender encrypts a message, so use receiver's public key + String ch = "Hello world"; + byte[] challenge = ch.getBytes(); + byte[] encryptedChallenge = gmsEncrypt1.encryptData(challenge, mockMembers[2]); + + // receiver decrypts the message using the sender's public key + byte[] decryptBytes = gmsEncrypt2.decryptData(encryptedChallenge, mockMembers[1]); + + // now send a response + String response = "Hello yourself!"; + byte[] responseBytes = response.getBytes(); + byte[] encryptedResponse = gmsEncrypt2.encryptData(responseBytes, mockMembers[1]); + + // receiver decodes the response + byte[] decryptedResponse = gmsEncrypt1.decryptData(encryptedResponse, mockMembers[2]); + + Assert.assertFalse(Arrays.equals(challenge, encryptedChallenge)); + + Assert.assertTrue(Arrays.equals(challenge, decryptBytes)); + + Assert.assertFalse(Arrays.equals(responseBytes, encryptedResponse)); + + Assert.assertTrue(Arrays.equals(responseBytes, decryptedResponse)); + + } + + @Test + public void testPublicKeyPrivateKeyFromSameMember() throws Exception{ + initMocks(); + + GMSEncrypt gmsEncrypt1 = new GMSEncrypt(services); // this will be the sender + GMSEncrypt gmsEncrypt2 = new GMSEncrypt(services); // this will be the receiver + + gmsEncrypt1 = gmsEncrypt1.clone(); + gmsEncrypt2 = gmsEncrypt2.clone(); + + // establish the public keys for the sender and receiver + netView.setPublicKey(mockMembers[1], gmsEncrypt1.getPublicKeyBytes()); + netView.setPublicKey(mockMembers[2], gmsEncrypt2.getPublicKeyBytes()); + + gmsEncrypt1.installView(netView, mockMembers[1]); + gmsEncrypt2.installView(netView, mockMembers[2]); // sender encrypts a message, so use receiver's public key String ch = "Hello world";
