Example 1 with EncryptionPlugin
use of org.firebirdsql.gds.ng.wire.crypt.EncryptionPlugin in project jaybird by FirebirdSQL.
the class V13WireOperations method tryKnownServerKeys.
private void tryKnownServerKeys() throws IOException, SQLException {
boolean initializedEncryption = false;
SQLExceptionChainBuilder<SQLException> chainBuilder = new SQLExceptionChainBuilder<>();
for (KnownServerKey.PluginSpecificData pluginSpecificData : getPluginSpecificData()) {
EncryptionIdentifier encryptionIdentifier = pluginSpecificData.getEncryptionIdentifier();
EncryptionPluginSpi currentEncryptionSpi = SUPPORTED_ENCRYPTION_PLUGINS.get(encryptionIdentifier);
if (currentEncryptionSpi == null) {
continue;
}
try (CryptSessionConfig cryptSessionConfig = getCryptSessionConfig(encryptionIdentifier, pluginSpecificData.getSpecificData())) {
EncryptionPlugin encryptionPlugin = currentEncryptionSpi.createEncryptionPlugin(cryptSessionConfig);
EncryptionInitInfo encryptionInitInfo = encryptionPlugin.initializeEncryption();
if (encryptionInitInfo.isSuccess()) {
enableEncryption(encryptionInitInfo);
clearServerKeys();
initializedEncryption = true;
log.debug("Wire encryption established with " + encryptionIdentifier);
break;
} else {
chainBuilder.append(encryptionInitInfo.getException());
}
} catch (SQLException e) {
chainBuilder.append(e);
}
}
if (!initializedEncryption && getAttachProperties().getWireCryptAsEnum() == WireCrypt.REQUIRED) {
FbExceptionBuilder exceptionBuilder = new FbExceptionBuilder().nonTransientException(ISCConstants.isc_wirecrypt_incompatible);
if (chainBuilder.hasException()) {
exceptionBuilder.cause(chainBuilder.getException());
}
throw exceptionBuilder.toFlatSQLException();
}
if (chainBuilder.hasException()) {
SQLException current = chainBuilder.getException();
if (log.isWarnEnabled()) {
log.warn(initializedEncryption ? "Wire encryption established, but some plugins failed; see other loglines for details" : "No wire encryption established because of errors");
log.warn("Encryption plugin failed; see debug level for stacktraces:\n" + ExceptionHelper.collectAllMessages(current));
}
if (log.isDebugEnabled()) {
do {
log.debug("Encryption plugin failed", current);
} while ((current = current.getNextException()) != null);
}
}
}
Also used :
KnownServerKey(org.firebirdsql.gds.ng.wire.crypt.KnownServerKey)
SQLExceptionChainBuilder(org.firebirdsql.util.SQLExceptionChainBuilder)
SQLException(java.sql.SQLException)
EncryptionPlugin(org.firebirdsql.gds.ng.wire.crypt.EncryptionPlugin)
FbExceptionBuilder(org.firebirdsql.gds.ng.FbExceptionBuilder)
EncryptionInitInfo(org.firebirdsql.gds.ng.wire.crypt.EncryptionInitInfo)
EncryptionIdentifier(org.firebirdsql.gds.ng.wire.crypt.EncryptionIdentifier)
EncryptionPluginSpi(org.firebirdsql.gds.ng.wire.crypt.EncryptionPluginSpi)
CryptSessionConfig(org.firebirdsql.gds.ng.wire.crypt.CryptSessionConfig)
Aggregations
SQLException (java.sql.SQLException)1
FbExceptionBuilder (org.firebirdsql.gds.ng.FbExceptionBuilder)1
CryptSessionConfig (org.firebirdsql.gds.ng.wire.crypt.CryptSessionConfig)1
EncryptionIdentifier (org.firebirdsql.gds.ng.wire.crypt.EncryptionIdentifier)1
EncryptionInitInfo (org.firebirdsql.gds.ng.wire.crypt.EncryptionInitInfo)1
EncryptionPlugin (org.firebirdsql.gds.ng.wire.crypt.EncryptionPlugin)1
EncryptionPluginSpi (org.firebirdsql.gds.ng.wire.crypt.EncryptionPluginSpi)1
KnownServerKey (org.firebirdsql.gds.ng.wire.crypt.KnownServerKey)1
SQLExceptionChainBuilder (org.firebirdsql.util.SQLExceptionChainBuilder)1
