public Anonymous_C5(DecryptorV2 paramouter_DecryptorV2,
net.named_data.jndn.encrypt.EncryptError.OnError onError_0, DecryptorV2.ContentKey contentKey_1)
{
this.onError = onError_0;
this.contentKey = contentKey_1;
this.outer_DecryptorV2 = paramouter_DecryptorV2;
}
internal void fetchKdk(DecryptorV2.ContentKey contentKey_0, Name kdkPrefix_1,
Data ckData_2, EncryptError.OnError onError_3,
int nTriesLeft_4)
{
// <kdk-prefix>/KDK/<kdk-id> /ENCRYPTED-BY /<credential-identity>/KEY/<key-id>
// \ / \ /
// ----------- ------------- --------------- ---------------
// \/ \/
// from the CK data from configuration
Name kdkName = new Name(kdkPrefix_1);
kdkName.append(net.named_data.jndn.encrypt.EncryptorV2.NAME_COMPONENT_ENCRYPTED_BY).append(
credentialsKey_.getName());
logger_.log(ILOG.J2CsMapping.Util.Logging.Level.INFO, "Fetching KDK {0}", kdkName);
try {
contentKey_0.pendingInterest = face_.expressInterest(new Interest(
kdkName).setMustBeFresh(true).setCanBePrefix(false),
new DecryptorV2.Anonymous_C2(this, kdkPrefix_1, onError_3, contentKey_0,
ckData_2), new DecryptorV2.Anonymous_C1(this, contentKey_0, onError_3, kdkPrefix_1,
ckData_2, nTriesLeft_4), new DecryptorV2.Anonymous_C0(contentKey_0, onError_3));
} catch (Exception ex) {
onError_3.onError(net.named_data.jndn.encrypt.EncryptError.ErrorCode.General,
"expressInterest error: " + ex);
}
}
public Anonymous_C2(DecryptorV2 paramouter_DecryptorV2, Name kdkPrefix_0,
net.named_data.jndn.encrypt.EncryptError.OnError onError_1, DecryptorV2.ContentKey contentKey_2, Data ckData_3)
{
this.kdkPrefix = kdkPrefix_0;
this.onError = onError_1;
this.contentKey = contentKey_2;
this.ckData = ckData_3;
this.outer_DecryptorV2 = paramouter_DecryptorV2;
}
public Anonymous_C4(DecryptorV2 paramouter_DecryptorV2,
net.named_data.jndn.encrypt.EncryptError.OnError onError_0, int nTriesLeft_1, DecryptorV2.ContentKey contentKey_2,
Name ckName_3)
{
this.onError = onError_0;
this.nTriesLeft = nTriesLeft_1;
this.contentKey = contentKey_2;
this.ckName = ckName_3;
this.outer_DecryptorV2 = paramouter_DecryptorV2;
}
/// <summary>
/// Asynchronously decrypt the encryptedContent.
/// </summary>
///
/// <param name="encryptedContent">the EncryptedContent object. If you may change it later, then pass in a copy of the object.</param>
/// <param name="onSuccess">NOTE: The library will log any exceptions thrown by this callback, but for better error handling the callback should catch and properly handle any exceptions.</param>
/// <param name="onError_0">error string. NOTE: The library will log any exceptions thrown by this callback, but for better error handling the callback should catch and properly handle any exceptions.</param>
public void decrypt(EncryptedContent encryptedContent,
DecryptorV2.DecryptSuccessCallback onSuccess, EncryptError.OnError onError_0)
{
if (encryptedContent.getKeyLocator().getType() != net.named_data.jndn.KeyLocatorType.KEYNAME)
{
logger_.log(ILOG.J2CsMapping.Util.Logging.Level.INFO,
"Missing required KeyLocator in the supplied EncryptedContent block");
onError_0.onError(net.named_data.jndn.encrypt.EncryptError.ErrorCode.MissingRequiredKeyLocator,
"Missing required KeyLocator in the supplied EncryptedContent block");
return;
}
if (!encryptedContent.hasInitialVector())
{
logger_.log(ILOG.J2CsMapping.Util.Logging.Level.INFO,
"Missing required initial vector in the supplied EncryptedContent block");
onError_0.onError(
net.named_data.jndn.encrypt.EncryptError.ErrorCode.MissingRequiredInitialVector,
"Missing required initial vector in the supplied EncryptedContent block");
return;
}
Name ckName_1 = encryptedContent.getKeyLocatorName();
DecryptorV2.ContentKey contentKey_2 = ILOG.J2CsMapping.Collections.Collections.Get(contentKeys_, ckName_1);
bool isNew = (contentKey_2 == null);
if (isNew)
{
contentKey_2 = new DecryptorV2.ContentKey();
ILOG.J2CsMapping.Collections.Collections.Put(contentKeys_, ckName_1, contentKey_2);
}
if (contentKey_2.isRetrieved)
{
doDecrypt(encryptedContent, contentKey_2.bits, onSuccess, onError_0);
}
else
{
logger_.log(
ILOG.J2CsMapping.Util.Logging.Level.INFO,
"CK {0} not yet available, so adding to the pending decrypt queue",
ckName_1);
ILOG.J2CsMapping.Collections.Collections.Add(contentKey_2.pendingDecrypts, new ContentKey.PendingDecrypt(
encryptedContent, onSuccess, onError_0));
}
if (isNew)
{
fetchCk(ckName_1, contentKey_2, onError_0, net.named_data.jndn.encrypt.EncryptorV2.N_RETRIES);
}
}
internal void decryptCkAndProcessPendingDecrypts(DecryptorV2.ContentKey contentKey_0,
Data ckData_1, Name kdkKeyName, EncryptError.OnError onError_2)
{
logger_.log(ILOG.J2CsMapping.Util.Logging.Level.INFO, "Decrypting CK data {0}", ckData_1.getName());
EncryptedContent content = new EncryptedContent();
try {
content.wireDecodeV2(ckData_1.getContent());
} catch (Exception ex) {
onError_2.onError(net.named_data.jndn.encrypt.EncryptError.ErrorCode.InvalidEncryptedFormat,
"Error decrypting EncryptedContent: " + ex);
return;
}
Blob ckBits;
try {
ckBits = internalKeyChain_.getTpm().decrypt(
content.getPayload().buf(), kdkKeyName);
} catch (Exception ex_3) {
// We don't expect this from the in-memory KeyChain.
onError_2.onError(net.named_data.jndn.encrypt.EncryptError.ErrorCode.DecryptionFailure,
"Error decrypting the CK EncryptedContent " + ex_3);
return;
}
if (ckBits.isNull())
{
onError_2.onError(net.named_data.jndn.encrypt.EncryptError.ErrorCode.TpmKeyNotFound,
"Could not decrypt secret, " + kdkKeyName.toUri()
+ " not found in TPM");
return;
}
contentKey_0.bits = ckBits;
contentKey_0.isRetrieved = true;
/* foreach */
foreach (ContentKey.PendingDecrypt pendingDecrypt in contentKey_0.pendingDecrypts)
{
// TODO: If this calls onError, should we quit?
doDecrypt(pendingDecrypt.encryptedContent, contentKey_0.bits,
pendingDecrypt.onSuccess, pendingDecrypt.onError);
}
ILOG.J2CsMapping.Collections.Collections.Clear(contentKey_0.pendingDecrypts);
}
internal void fetchCk(Name ckName_0, DecryptorV2.ContentKey contentKey_1,
EncryptError.OnError onError_2, int nTriesLeft_3)
{
// The full name of the CK is
//
// <whatever-prefix>/CK/<ck-id> /ENCRYPTED-BY /<kek-prefix>/KEK/<key-id>
// \ / \ /
// ----------- ------------- ----------- -----------
// \/ \/
// from the encrypted data unknown (name in retrieved CK is used to determine KDK)
logger_.log(ILOG.J2CsMapping.Util.Logging.Level.INFO, "Fetching CK {0}", ckName_0);
try {
contentKey_1.pendingInterest = face_.expressInterest(new Interest(
ckName_0).setMustBeFresh(false).setCanBePrefix(true),
new DecryptorV2.Anonymous_C5(this, onError_2, contentKey_1), new DecryptorV2.Anonymous_C4(this, onError_2, nTriesLeft_3, contentKey_1,
ckName_0), new DecryptorV2.Anonymous_C3(contentKey_1, onError_2));
} catch (Exception ex) {
onError_2.onError(net.named_data.jndn.encrypt.EncryptError.ErrorCode.General,
"expressInterest error: " + ex);
}
}
public Anonymous_C0(DecryptorV2.ContentKey contentKey_0, net.named_data.jndn.encrypt.EncryptError.OnError onError_1)
{
this.contentKey = contentKey_0;
this.onError = onError_1;
}
