Skip to content

Commit

Permalink
GEODE-1372 added test for different algo. Fixed issue for algo withou…
Browse files Browse the repository at this point in the history 
…t size
  • Loading branch information
@hiteshk25
hiteshk25 authored and Hitesh Khamesra committed Aug 29, 2016
1 parent 3a64308 commit 3244125
Show file tree
Hide file tree
Showing 3 changed files with 95 additions and 39 deletions.
24 changes: 11 additions & 13 deletions ...n/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/GMSEncrypt.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,7 @@ protected void installView(NetView view, InternalDistributedMember mbr) {
protected byte[] getClusterSecretKey() {
return this.clusterEncryptor.secretBytes;
}

protected synchronized void initClusterSecretKey() throws Exception {
if(this.clusterEncryptor == null) {
this.clusterEncryptor = new ClusterEncryptor(this);
Expand All @@ -104,7 +104,7 @@ protected synchronized void addClusterKey(byte[] secretBytes) {
//TODO we are reseeting here, in case there is some race
this.clusterEncryptor = new ClusterEncryptor(secretBytes);
}

protected GMSEncrypt() {
initEncryptors();
}
Expand Down Expand Up @@ -239,7 +239,7 @@ protected PeerEncryptor getPeerEncryptor(InternalDistributedMember member) throw

private Map<InternalDistributedMember, PeerEncryptor> getPeerEncryptorMap() {
int h = Math.abs(Thread.currentThread().getName().hashCode() % numberOfPeerEncryptorCopies);
ConcurrentHashMap m = copyOfPeerEncryptors[h];
ConcurrentHashMap<InternalDistributedMember, PeerEncryptor> m = copyOfPeerEncryptors[h];

if(m == null) {
synchronized (copyOfPeerEncryptors) {
Expand Down Expand Up @@ -439,10 +439,9 @@ protected static Cipher getEncryptCipher(String dhSKAlgo, byte[] secretBytes) th
int blocksize = getBlockSize(dhSKAlgo);

if (keysize == -1 || blocksize == -1) {
// TODO how should we do here, should we just throw runtime exception?
/* SecretKey sKey = ka.generateSecret(dhSKAlgo);
* encrypt = Cipher.getInstance(dhSKAlgo);
* encrypt.init(Cipher.ENCRYPT_MODE, sKey); */
SecretKeySpec sks = new SecretKeySpec(secretBytes, dhSKAlgo);
encrypt = Cipher.getInstance(dhSKAlgo);
encrypt.init(Cipher.ENCRYPT_MODE, sks);
} else {

String dhAlgoStr = getDhAlgoStr(dhSKAlgo);
Expand Down Expand Up @@ -491,10 +490,9 @@ protected static Cipher getDecryptCipher(String dhSKAlgo, byte[] secretBytes) th
int blocksize = getBlockSize(dhSKAlgo);

if (keysize == -1 || blocksize == -1) {
// TODO: how to do here, should we just throw runtime exception?
/* SecretKey sKey = ka.generateSecret(dhSKAlgo);
* decrypt = Cipher.getInstance(dhSKAlgo);
* decrypt.init(Cipher.DECRYPT_MODE, sKey); */
SecretKeySpec sks = new SecretKeySpec(secretBytes, dhSKAlgo);
decrypt = Cipher.getInstance(dhSKAlgo);
decrypt.init(Cipher.DECRYPT_MODE, sks);
} else {
String algoStr = getDhAlgoStr(dhSKAlgo);

Expand All @@ -515,7 +513,7 @@ protected static byte[] generateSecret(String dhSKAlgo, PrivateKey privateKey, P
int blocksize = getBlockSize(dhSKAlgo);

if (keysize == -1 || blocksize == -1) {
SecretKey sKey = ka.generateSecret(dhSKAlgo);
SecretKey sKey = ka.generateSecret(dhSKAlgo);
return sKey.getEncoded();
} else {
return ka.generateSecret();
Expand Down Expand Up @@ -552,7 +550,7 @@ public ClusterEncryptor(GMSEncrypt other) throws Exception {
public ClusterEncryptor(byte[] sb) {
this.secretBytes = sb;
}

public synchronized byte[] encryptBytes(byte[] data) throws Exception {
String algo = dhSKAlgo;
return GMSEncrypt.encryptBytes(data, getEncryptCipher(algo));
Expand Down
1 change: 1 addition & 0 deletions ...emstone/gemfire/distributed/internal/membership/gms/membership/GMSJoinLeaveJUnitTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,6 +87,7 @@ public void initMocks(boolean enableNetworkPartition, boolean useTestGMSJoinLeav
mockDistConfig = mock(DistributionConfig.class);
when(mockDistConfig.getEnableNetworkPartitionDetection()).thenReturn(enableNetworkPartition);
when(mockDistConfig.getLocators()).thenReturn("localhost[8888]");
when(mockDistConfig.getSecurityClientDHAlgo()).thenReturn("");
mockConfig = mock(ServiceConfig.class);
when(mockDistConfig.getStartLocator()).thenReturn("localhost[12345]");
when(mockConfig.getDistributionConfig()).thenReturn(mockDistConfig);
Expand Down
109 changes: 83 additions & 26 deletions ...m/gemstone/gemfire/distributed/internal/membership/gms/messenger/GMSEncryptJUnitTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,9 +46,13 @@ public class GMSEncryptJUnitTest {

NetView netView;

private void initMocks() throws Exception {
private void initMocks() throws Exception{
initMocks("AES:128");
}

private void initMocks(String algo) throws Exception {
Properties nonDefault = new Properties();
nonDefault.put(DistributionConfig.SECURITY_CLIENT_DHALGO_NAME, "AES:128");
nonDefault.put(DistributionConfig.SECURITY_CLIENT_DHALGO_NAME, algo);
DistributionConfigImpl config = new DistributionConfigImpl(nonDefault);
RemoteTransportConfig tconfig = new RemoteTransportConfig(config,
DistributionManager.NORMAL_DM_TYPE);
Expand All @@ -74,45 +78,51 @@ private void initMocks() throws Exception {

}

String[] algos = new String[]{"AES",
"Blowfish",
"DES",
"DESede"};

@Test
public void testOneMemberCanDecryptAnothersMessage() throws Exception{
initMocks();
for (String algo : algos) {
initMocks(algo);

GMSEncrypt gmsEncrypt1 = new GMSEncrypt(services, mockMembers[1]); // this will be the sender
GMSEncrypt gmsEncrypt2 = new GMSEncrypt(services, mockMembers[2]); // this will be the receiver
GMSEncrypt gmsEncrypt1 = new GMSEncrypt(services, mockMembers[1]); // this will be the sender
GMSEncrypt gmsEncrypt2 = new GMSEncrypt(services, mockMembers[2]); // this will be the receiver

// establish the public keys for the sender and receiver
netView.setPublicKey(mockMembers[1], gmsEncrypt1.getPublicKeyBytes());
netView.setPublicKey(mockMembers[2], gmsEncrypt2.getPublicKeyBytes());
// establish the public keys for the sender and receiver
netView.setPublicKey(mockMembers[1], gmsEncrypt1.getPublicKeyBytes());
netView.setPublicKey(mockMembers[2], gmsEncrypt2.getPublicKeyBytes());

gmsEncrypt1.installView(netView, mockMembers[1]);
gmsEncrypt2.installView(netView, mockMembers[2]);
gmsEncrypt1.installView(netView, mockMembers[1]);
gmsEncrypt2.installView(netView, mockMembers[2]);

// sender encrypts a message, so use receiver's public key
String ch = "Hello world";
byte[] challenge = ch.getBytes();
byte[] encryptedChallenge = gmsEncrypt1.encryptData(challenge, mockMembers[2]);
// sender encrypts a message, so use receiver's public key
String ch = "Hello world";
byte[] challenge = ch.getBytes();
byte[] encryptedChallenge = gmsEncrypt1.encryptData(challenge, mockMembers[2]);

// receiver decrypts the message using the sender's public key
byte[] decryptBytes = gmsEncrypt2.decryptData(encryptedChallenge, mockMembers[1]);
// receiver decrypts the message using the sender's public key
byte[] decryptBytes = gmsEncrypt2.decryptData(encryptedChallenge, mockMembers[1]);

// now send a response
String response = "Hello yourself!";
byte[] responseBytes = response.getBytes();
byte[] encryptedResponse = gmsEncrypt2.encryptData(responseBytes, mockMembers[1]);
// now send a response
String response = "Hello yourself!";
byte[] responseBytes = response.getBytes();
byte[] encryptedResponse = gmsEncrypt2.encryptData(responseBytes, mockMembers[1]);

// receiver decodes the response
byte[] decryptedResponse = gmsEncrypt1.decryptData(encryptedResponse, mockMembers[2]);
// receiver decodes the response
byte[] decryptedResponse = gmsEncrypt1.decryptData(encryptedResponse, mockMembers[2]);

Assert.assertFalse(Arrays.equals(challenge, encryptedChallenge));
Assert.assertFalse(Arrays.equals(challenge, encryptedChallenge));

Assert.assertTrue(Arrays.equals(challenge, decryptBytes));
Assert.assertTrue(Arrays.equals(challenge, decryptBytes));

Assert.assertFalse(Arrays.equals(responseBytes, encryptedResponse));
Assert.assertFalse(Arrays.equals(responseBytes, encryptedResponse));

Assert.assertTrue(Arrays.equals(responseBytes, decryptedResponse));
Assert.assertTrue(Arrays.equals(responseBytes, decryptedResponse));

}
}

@Test
Expand Down Expand Up @@ -247,6 +257,53 @@ public void testForClusterSecretKey() throws Exception{
Assert.assertTrue(Arrays.equals(challenge, decryptBytes));
}

@Test
public void testForClusterSecretKeyFromOtherMember() throws Exception{
for (String algo : algos) {
initMocks(algo);

final GMSEncrypt gmsEncrypt1 = new GMSEncrypt(services, mockMembers[1]); // this will be the sender
Thread.currentThread().sleep(100);
gmsEncrypt1.initClusterSecretKey();
final GMSEncrypt gmsEncrypt2 = new GMSEncrypt(services, mockMembers[2]); // this will be the sender

// establish the public keys for the sender and receiver
netView.setPublicKey(mockMembers[1], gmsEncrypt1.getPublicKeyBytes());
netView.setPublicKey(mockMembers[2], gmsEncrypt2.getPublicKeyBytes());

gmsEncrypt1.installView(netView, mockMembers[1]);

byte[] secretBytes = gmsEncrypt1.getClusterSecretKey();
gmsEncrypt2.addClusterKey(secretBytes);

gmsEncrypt2.installView(netView, mockMembers[1]);

// sender encrypts a message, so use receiver's public key
String ch = "Hello world";
byte[] challenge = ch.getBytes();
byte[] encryptedChallenge = gmsEncrypt1.encryptData(challenge);

// receiver decrypts the message using the sender's public key
byte[] decryptBytes = gmsEncrypt2.decryptData(encryptedChallenge);

// now send a response
String response = "Hello yourself!";
byte[] responseBytes = response.getBytes();
byte[] encryptedResponse = gmsEncrypt2.encryptData(responseBytes);

// receiver decodes the response
byte[] decryptedResponse = gmsEncrypt1.decryptData(encryptedResponse);

Assert.assertFalse(Arrays.equals(challenge, encryptedChallenge));

Assert.assertTrue(Arrays.equals(challenge, decryptBytes));

Assert.assertFalse(Arrays.equals(responseBytes, encryptedResponse));

Assert.assertTrue(Arrays.equals(responseBytes, decryptedResponse));
}
}

@Test
public void testForClusterSecretKeyFromOtherMemberMultipleThreads() throws Exception{
initMocks();
Expand Down

0 comments on commit 3244125

Please sign in to comment.