geode-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From hiteshkhame...@apache.org
Subject [09/24] incubator-geode git commit: GEODE-1372 added test for different algo. Fixed issue for algo without size
Date Mon, 29 Aug 2016 21:39:11 GMT
GEODE-1372 added test for different algo. Fixed issue for algo without size


Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/32441256
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/32441256
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/32441256

Branch: refs/heads/develop
Commit: 324412564b725cc3b32e5b306314bf3b29af9af1
Parents: 3a64308
Author: Hitesh Khamesra <hiteshk25@yahoo.com>
Authored: Fri Jun 3 14:57:37 2016 -0700
Committer: Hitesh Khamesra <hkhamesra@pivotal.io>
Committed: Mon Aug 29 10:39:18 2016 -0700

----------------------------------------------------------------------
 .../membership/gms/messenger/GMSEncrypt.java    |  24 ++--
 .../gms/membership/GMSJoinLeaveJUnitTest.java   |   1 +
 .../gms/messenger/GMSEncryptJUnitTest.java      | 109 ++++++++++++++-----
 3 files changed, 95 insertions(+), 39 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/32441256/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/GMSEncrypt.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/GMSEncrypt.java
b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/GMSEncrypt.java
index 8136c1a..1575864 100755
--- a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/GMSEncrypt.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/GMSEncrypt.java
@@ -92,7 +92,7 @@ public class GMSEncrypt implements Cloneable{
   protected byte[] getClusterSecretKey() {
     return this.clusterEncryptor.secretBytes;
   }
-
+  
   protected synchronized void initClusterSecretKey() throws Exception {
     if(this.clusterEncryptor == null) {
       this.clusterEncryptor = new ClusterEncryptor(this);
@@ -104,7 +104,7 @@ public class GMSEncrypt implements Cloneable{
     //TODO we are reseeting here, in case there is some race
     this.clusterEncryptor = new ClusterEncryptor(secretBytes);
   }
-
+  
   protected GMSEncrypt() {
     initEncryptors();
   }
@@ -239,7 +239,7 @@ public class GMSEncrypt implements Cloneable{
 
   private Map<InternalDistributedMember, PeerEncryptor> getPeerEncryptorMap() {
     int h = Math.abs(Thread.currentThread().getName().hashCode() % numberOfPeerEncryptorCopies);
-    ConcurrentHashMap m = copyOfPeerEncryptors[h];
+    ConcurrentHashMap<InternalDistributedMember, PeerEncryptor> m = copyOfPeerEncryptors[h];
     
     if(m == null) {
       synchronized (copyOfPeerEncryptors) {
@@ -439,10 +439,9 @@ public class GMSEncrypt implements Cloneable{
     int blocksize = getBlockSize(dhSKAlgo);
 
     if (keysize == -1 || blocksize == -1) {
-      // TODO how should we do here, should we just throw runtime exception?
-      /* SecretKey sKey = ka.generateSecret(dhSKAlgo);
-       * encrypt = Cipher.getInstance(dhSKAlgo);
-       * encrypt.init(Cipher.ENCRYPT_MODE, sKey); */
+      SecretKeySpec sks = new SecretKeySpec(secretBytes, dhSKAlgo);
+      encrypt = Cipher.getInstance(dhSKAlgo);
+      encrypt.init(Cipher.ENCRYPT_MODE, sks);
     } else {
 
       String dhAlgoStr = getDhAlgoStr(dhSKAlgo);
@@ -491,10 +490,9 @@ public class GMSEncrypt implements Cloneable{
     int blocksize = getBlockSize(dhSKAlgo);
 
     if (keysize == -1 || blocksize == -1) {
-      // TODO: how to do here, should we just throw runtime exception?
-      /* SecretKey sKey = ka.generateSecret(dhSKAlgo);
-       * decrypt = Cipher.getInstance(dhSKAlgo);
-       * decrypt.init(Cipher.DECRYPT_MODE, sKey); */
+      SecretKeySpec sks = new SecretKeySpec(secretBytes, dhSKAlgo);
+      decrypt = Cipher.getInstance(dhSKAlgo);
+      decrypt.init(Cipher.DECRYPT_MODE, sks);
     } else {
       String algoStr = getDhAlgoStr(dhSKAlgo);
 
@@ -515,7 +513,7 @@ public class GMSEncrypt implements Cloneable{
     int blocksize = getBlockSize(dhSKAlgo);
 
     if (keysize == -1 || blocksize == -1) {
-      SecretKey sKey = ka.generateSecret(dhSKAlgo);
+      SecretKey sKey = ka.generateSecret(dhSKAlgo);      
       return sKey.getEncoded();
     } else {
       return ka.generateSecret();
@@ -552,7 +550,7 @@ public class GMSEncrypt implements Cloneable{
     public ClusterEncryptor(byte[] sb) {
       this.secretBytes = sb;
     }
-
+    
     public synchronized byte[] encryptBytes(byte[] data) throws Exception {
       String algo = dhSKAlgo;
       return GMSEncrypt.encryptBytes(data, getEncryptCipher(algo));

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/32441256/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/membership/GMSJoinLeaveJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/membership/GMSJoinLeaveJUnitTest.java
b/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/membership/GMSJoinLeaveJUnitTest.java
index d652915..c44c327 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/membership/GMSJoinLeaveJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/membership/GMSJoinLeaveJUnitTest.java
@@ -87,6 +87,7 @@ public class GMSJoinLeaveJUnitTest {
     mockDistConfig = mock(DistributionConfig.class);
     when(mockDistConfig.getEnableNetworkPartitionDetection()).thenReturn(enableNetworkPartition);
     when(mockDistConfig.getLocators()).thenReturn("localhost[8888]");
+    when(mockDistConfig.getSecurityClientDHAlgo()).thenReturn("");
     mockConfig = mock(ServiceConfig.class);
     when(mockDistConfig.getStartLocator()).thenReturn("localhost[12345]");
     when(mockConfig.getDistributionConfig()).thenReturn(mockDistConfig);

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/32441256/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/GMSEncryptJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/GMSEncryptJUnitTest.java
b/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/GMSEncryptJUnitTest.java
index ace40d6..30abb7d 100755
--- a/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/GMSEncryptJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/distributed/internal/membership/gms/messenger/GMSEncryptJUnitTest.java
@@ -46,9 +46,13 @@ public class GMSEncryptJUnitTest {
 
   NetView netView;
 
-  private void initMocks() throws Exception {
+  private void initMocks() throws Exception{
+    initMocks("AES:128");
+  }
+  
+  private void initMocks(String algo) throws Exception {
     Properties nonDefault = new Properties();
-    nonDefault.put(DistributionConfig.SECURITY_CLIENT_DHALGO_NAME, "AES:128");
+    nonDefault.put(DistributionConfig.SECURITY_CLIENT_DHALGO_NAME, algo);
     DistributionConfigImpl config = new DistributionConfigImpl(nonDefault);
     RemoteTransportConfig tconfig = new RemoteTransportConfig(config,
       DistributionManager.NORMAL_DM_TYPE);
@@ -74,45 +78,51 @@ public class GMSEncryptJUnitTest {
 
   }
 
+  String[] algos = new String[]{"AES",
+      "Blowfish",
+      "DES",
+      "DESede"};
 
   @Test
   public void testOneMemberCanDecryptAnothersMessage() throws Exception{
-    initMocks();
+    for (String algo : algos) {
+      initMocks(algo);
 
-    GMSEncrypt gmsEncrypt1 = new GMSEncrypt(services, mockMembers[1]); // this will be the
sender
-    GMSEncrypt gmsEncrypt2 = new GMSEncrypt(services, mockMembers[2]); // this will be the
receiver
+      GMSEncrypt gmsEncrypt1 = new GMSEncrypt(services, mockMembers[1]); // this will be
the sender
+      GMSEncrypt gmsEncrypt2 = new GMSEncrypt(services, mockMembers[2]); // this will be
the receiver
 
-    // establish the public keys for the sender and receiver
-    netView.setPublicKey(mockMembers[1], gmsEncrypt1.getPublicKeyBytes());
-    netView.setPublicKey(mockMembers[2], gmsEncrypt2.getPublicKeyBytes());
+      // establish the public keys for the sender and receiver
+      netView.setPublicKey(mockMembers[1], gmsEncrypt1.getPublicKeyBytes());
+      netView.setPublicKey(mockMembers[2], gmsEncrypt2.getPublicKeyBytes());
 
-    gmsEncrypt1.installView(netView, mockMembers[1]);
-    gmsEncrypt2.installView(netView, mockMembers[2]);
+      gmsEncrypt1.installView(netView, mockMembers[1]);
+      gmsEncrypt2.installView(netView, mockMembers[2]);
 
-    // sender encrypts a message, so use receiver's public key
-    String ch = "Hello world";
-    byte[] challenge =  ch.getBytes();
-    byte[]  encryptedChallenge =  gmsEncrypt1.encryptData(challenge, mockMembers[2]);
+      // sender encrypts a message, so use receiver's public key
+      String ch = "Hello world";
+      byte[] challenge = ch.getBytes();
+      byte[] encryptedChallenge = gmsEncrypt1.encryptData(challenge, mockMembers[2]);
 
-    // receiver decrypts the message using the sender's public key
-    byte[] decryptBytes = gmsEncrypt2.decryptData(encryptedChallenge,  mockMembers[1]);
+      // receiver decrypts the message using the sender's public key
+      byte[] decryptBytes = gmsEncrypt2.decryptData(encryptedChallenge, mockMembers[1]);
 
-    // now send a response
-    String response = "Hello yourself!";
-    byte[] responseBytes = response.getBytes();
-    byte[] encryptedResponse = gmsEncrypt2.encryptData(responseBytes, mockMembers[1]);
+      // now send a response
+      String response = "Hello yourself!";
+      byte[] responseBytes = response.getBytes();
+      byte[] encryptedResponse = gmsEncrypt2.encryptData(responseBytes, mockMembers[1]);
 
-    // receiver decodes the response
-    byte[] decryptedResponse = gmsEncrypt1.decryptData(encryptedResponse,  mockMembers[2]);
+      // receiver decodes the response
+      byte[] decryptedResponse = gmsEncrypt1.decryptData(encryptedResponse, mockMembers[2]);
 
-    Assert.assertFalse(Arrays.equals(challenge, encryptedChallenge));
+      Assert.assertFalse(Arrays.equals(challenge, encryptedChallenge));
 
-    Assert.assertTrue(Arrays.equals(challenge, decryptBytes));
+      Assert.assertTrue(Arrays.equals(challenge, decryptBytes));
 
-    Assert.assertFalse(Arrays.equals(responseBytes, encryptedResponse));
+      Assert.assertFalse(Arrays.equals(responseBytes, encryptedResponse));
 
-    Assert.assertTrue(Arrays.equals(responseBytes, decryptedResponse));
+      Assert.assertTrue(Arrays.equals(responseBytes, decryptedResponse));
 
+    }
   }
   
   @Test
@@ -248,6 +258,53 @@ public class GMSEncryptJUnitTest {
   }
   
   @Test
+  public void testForClusterSecretKeyFromOtherMember() throws Exception{
+    for (String algo : algos) {
+      initMocks(algo);
+
+      final GMSEncrypt gmsEncrypt1 = new GMSEncrypt(services, mockMembers[1]); // this will
be the sender
+      Thread.currentThread().sleep(100);
+      gmsEncrypt1.initClusterSecretKey();
+      final GMSEncrypt gmsEncrypt2 = new GMSEncrypt(services, mockMembers[2]); // this will
be the sender
+
+      // establish the public keys for the sender and receiver
+      netView.setPublicKey(mockMembers[1], gmsEncrypt1.getPublicKeyBytes());
+      netView.setPublicKey(mockMembers[2], gmsEncrypt2.getPublicKeyBytes());
+
+      gmsEncrypt1.installView(netView, mockMembers[1]);
+
+      byte[] secretBytes = gmsEncrypt1.getClusterSecretKey();
+      gmsEncrypt2.addClusterKey(secretBytes);
+
+      gmsEncrypt2.installView(netView, mockMembers[1]);
+
+      // sender encrypts a message, so use receiver's public key
+      String ch = "Hello world";
+      byte[] challenge = ch.getBytes();
+      byte[] encryptedChallenge = gmsEncrypt1.encryptData(challenge);
+
+      // receiver decrypts the message using the sender's public key
+      byte[] decryptBytes = gmsEncrypt2.decryptData(encryptedChallenge);
+
+      // now send a response
+      String response = "Hello yourself!";
+      byte[] responseBytes = response.getBytes();
+      byte[] encryptedResponse = gmsEncrypt2.encryptData(responseBytes);
+
+      // receiver decodes the response
+      byte[] decryptedResponse = gmsEncrypt1.decryptData(encryptedResponse);
+
+      Assert.assertFalse(Arrays.equals(challenge, encryptedChallenge));
+
+      Assert.assertTrue(Arrays.equals(challenge, decryptBytes));
+
+      Assert.assertFalse(Arrays.equals(responseBytes, encryptedResponse));
+
+      Assert.assertTrue(Arrays.equals(responseBytes, decryptedResponse));
+    }
+  }
+  
+  @Test
   public void testForClusterSecretKeyFromOtherMemberMultipleThreads() throws Exception{
     initMocks();
 


Mime
View raw message