Search in sources :

Example 1 with EncryptionPlugin

use of org.firebirdsql.gds.ng.wire.crypt.EncryptionPlugin in project jaybird by FirebirdSQL.

the class V13WireOperations method tryKnownServerKeys.

private void tryKnownServerKeys() throws IOException, SQLException {
    boolean initializedEncryption = false;
    SQLExceptionChainBuilder<SQLException> chainBuilder = new SQLExceptionChainBuilder<>();
    for (KnownServerKey.PluginSpecificData pluginSpecificData : getPluginSpecificData()) {
        EncryptionIdentifier encryptionIdentifier = pluginSpecificData.getEncryptionIdentifier();
        EncryptionPluginSpi currentEncryptionSpi = SUPPORTED_ENCRYPTION_PLUGINS.get(encryptionIdentifier);
        if (currentEncryptionSpi == null) {
            continue;
        }
        try (CryptSessionConfig cryptSessionConfig = getCryptSessionConfig(encryptionIdentifier, pluginSpecificData.getSpecificData())) {
            EncryptionPlugin encryptionPlugin = currentEncryptionSpi.createEncryptionPlugin(cryptSessionConfig);
            EncryptionInitInfo encryptionInitInfo = encryptionPlugin.initializeEncryption();
            if (encryptionInitInfo.isSuccess()) {
                enableEncryption(encryptionInitInfo);
                clearServerKeys();
                initializedEncryption = true;
                log.debug("Wire encryption established with " + encryptionIdentifier);
                break;
            } else {
                chainBuilder.append(encryptionInitInfo.getException());
            }
        } catch (SQLException e) {
            chainBuilder.append(e);
        }
    }
    if (!initializedEncryption && getAttachProperties().getWireCryptAsEnum() == WireCrypt.REQUIRED) {
        FbExceptionBuilder exceptionBuilder = new FbExceptionBuilder().nonTransientException(ISCConstants.isc_wirecrypt_incompatible);
        if (chainBuilder.hasException()) {
            exceptionBuilder.cause(chainBuilder.getException());
        }
        throw exceptionBuilder.toFlatSQLException();
    }
    if (chainBuilder.hasException()) {
        SQLException current = chainBuilder.getException();
        if (log.isWarnEnabled()) {
            log.warn(initializedEncryption ? "Wire encryption established, but some plugins failed; see other loglines for details" : "No wire encryption established because of errors");
            log.warn("Encryption plugin failed; see debug level for stacktraces:\n" + ExceptionHelper.collectAllMessages(current));
        }
        if (log.isDebugEnabled()) {
            do {
                log.debug("Encryption plugin failed", current);
            } while ((current = current.getNextException()) != null);
        }
    }
}
Also used : KnownServerKey(org.firebirdsql.gds.ng.wire.crypt.KnownServerKey) SQLExceptionChainBuilder(org.firebirdsql.util.SQLExceptionChainBuilder) SQLException(java.sql.SQLException) EncryptionPlugin(org.firebirdsql.gds.ng.wire.crypt.EncryptionPlugin) FbExceptionBuilder(org.firebirdsql.gds.ng.FbExceptionBuilder) EncryptionInitInfo(org.firebirdsql.gds.ng.wire.crypt.EncryptionInitInfo) EncryptionIdentifier(org.firebirdsql.gds.ng.wire.crypt.EncryptionIdentifier) EncryptionPluginSpi(org.firebirdsql.gds.ng.wire.crypt.EncryptionPluginSpi) CryptSessionConfig(org.firebirdsql.gds.ng.wire.crypt.CryptSessionConfig)

Aggregations

SQLException (java.sql.SQLException)1 FbExceptionBuilder (org.firebirdsql.gds.ng.FbExceptionBuilder)1 CryptSessionConfig (org.firebirdsql.gds.ng.wire.crypt.CryptSessionConfig)1 EncryptionIdentifier (org.firebirdsql.gds.ng.wire.crypt.EncryptionIdentifier)1 EncryptionInitInfo (org.firebirdsql.gds.ng.wire.crypt.EncryptionInitInfo)1 EncryptionPlugin (org.firebirdsql.gds.ng.wire.crypt.EncryptionPlugin)1 EncryptionPluginSpi (org.firebirdsql.gds.ng.wire.crypt.EncryptionPluginSpi)1 KnownServerKey (org.firebirdsql.gds.ng.wire.crypt.KnownServerKey)1 SQLExceptionChainBuilder (org.firebirdsql.util.SQLExceptionChainBuilder)1