/// <returns>True for success, false for error (where this has called onError).</returns> internal bool decryptAndImportKdk(Data kdkData, EncryptError.OnError onError_0) { try { logger_.log(ILOG.J2CsMapping.Util.Logging.Level.INFO, "Decrypting and importing KDK {0}", kdkData.getName()); EncryptedContent encryptedContent_1 = new EncryptedContent(); encryptedContent_1.wireDecodeV2(kdkData.getContent()); SafeBag safeBag = new SafeBag(encryptedContent_1.getPayload()); Blob secret = keyChain_.getTpm().decrypt( encryptedContent_1.getPayloadKey().buf(), credentialsKey_.getName()); if (secret.isNull()) { onError_0.onError(net.named_data.jndn.encrypt.EncryptError.ErrorCode.TpmKeyNotFound, "Could not decrypt secret, " + credentialsKey_.getName().toUri() + " not found in TPM"); return(false); } internalKeyChain_.importSafeBag(safeBag, secret.buf()); return(true); } catch (Exception ex) { // This can be EncodingException, Pib.Error, Tpm.Error, or a bunch of // other runtime-derived errors. onError_0.onError(net.named_data.jndn.encrypt.EncryptError.ErrorCode.DecryptionFailure, "Failed to decrypt KDK [" + kdkData.getName().toUri() + "]: " + ex); return(false); } }
internal void decryptCkAndProcessPendingDecrypts(DecryptorV2.ContentKey contentKey_0, Data ckData_1, Name kdkKeyName, EncryptError.OnError onError_2) { logger_.log(ILOG.J2CsMapping.Util.Logging.Level.INFO, "Decrypting CK data {0}", ckData_1.getName()); EncryptedContent content = new EncryptedContent(); try { content.wireDecodeV2(ckData_1.getContent()); } catch (Exception ex) { onError_2.onError(net.named_data.jndn.encrypt.EncryptError.ErrorCode.InvalidEncryptedFormat, "Error decrypting EncryptedContent: " + ex); return; } Blob ckBits; try { ckBits = internalKeyChain_.getTpm().decrypt( content.getPayload().buf(), kdkKeyName); } catch (Exception ex_3) { // We don't expect this from the in-memory KeyChain. onError_2.onError(net.named_data.jndn.encrypt.EncryptError.ErrorCode.DecryptionFailure, "Error decrypting the CK EncryptedContent " + ex_3); return; } if (ckBits.isNull()) { onError_2.onError(net.named_data.jndn.encrypt.EncryptError.ErrorCode.TpmKeyNotFound, "Could not decrypt secret, " + kdkKeyName.toUri() + " not found in TPM"); return; } contentKey_0.bits = ckBits; contentKey_0.isRetrieved = true; /* foreach */ foreach (ContentKey.PendingDecrypt pendingDecrypt in contentKey_0.pendingDecrypts) { // TODO: If this calls onError, should we quit? doDecrypt(pendingDecrypt.encryptedContent, contentKey_0.bits, pendingDecrypt.onSuccess, pendingDecrypt.onError); } ILOG.J2CsMapping.Collections.Collections.Clear(contentKey_0.pendingDecrypts); }