001    /*
002     * Cumulus4j - Securing your data in the cloud - http://cumulus4j.org
003     * Copyright (C) 2011 NightLabs Consulting GmbH
004     *
005     * This program is free software: you can redistribute it and/or modify
006     * it under the terms of the GNU Affero General Public License as
007     * published by the Free Software Foundation, either version 3 of the
008     * License, or (at your option) any later version.
009     *
010     * This program is distributed in the hope that it will be useful,
011     * but WITHOUT ANY WARRANTY; without even the implied warranty of
012     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
013     * GNU Affero General Public License for more details.
014     *
015     * You should have received a copy of the GNU Affero General Public License
016     * along with this program.  If not, see <http://www.gnu.org/licenses/>.
017     */
018    package org.cumulus4j.keymanager.channel;
019    
020    import java.io.IOException;
021    import java.security.GeneralSecurityException;
022    import java.util.Date;
023    
024    import org.bouncycastle.crypto.CryptoException;
025    import org.cumulus4j.keymanager.Session;
026    import org.cumulus4j.keymanager.SessionManager;
027    import org.cumulus4j.keymanager.back.shared.GetKeyRequest;
028    import org.cumulus4j.keymanager.back.shared.GetKeyResponse;
029    import org.cumulus4j.keymanager.back.shared.KeyEncryptionUtil;
030    import org.cumulus4j.keymanager.back.shared.Response;
031    import org.cumulus4j.keystore.AuthenticationException;
032    import org.cumulus4j.keystore.KeyNotFoundException;
033    
034    /**
035     * <p>
036     * Handler for {@link GetKeyRequest}.
037     * </p>
038     * <p>
039     * If the {@link Session} is found for the given
040     * {@link org.cumulus4j.keymanager.back.shared.Request#getCryptoSessionID() cryptoSessionID} and
041     * it is not {@link Session#isReleased() locked}, this handler looks up the desired key and
042     * sends it in a {@link GetKeyResponse} to the server.
043     * </p>
044     *
045     * @author Marco หงุ่ยตระกูล-Schulze - marco at nightlabs dot de
046     */
047    public class GetKeyRequestHandler extends AbstractRequestHandler<GetKeyRequest>
048    {
049    
050            @Override
051            public Response handle(GetKeyRequest request)
052            throws AuthenticationException, KeyNotFoundException, GeneralSecurityException, IOException, CryptoException
053            {
054                    SessionManager sessionManager = getKeyManagerChannelManager().getSessionManager();
055                    Session session = sessionManager.getSessionForCryptoSessionID(request.getCryptoSessionID());
056    
057                    // TODO typed exceptions/typed responses?!
058                    if (session == null)
059                            throw new IllegalStateException("There is no session for cryptoSessionID=" + request.getCryptoSessionID() + "!");
060    
061                    if (session.isReleased())
062                            throw new IllegalStateException("The session for cryptoSessionID=" + request.getCryptoSessionID() + " is currently locked!");
063    
064                    if (session.getExpiry().before(new Date()))
065                            throw new IllegalStateException("The session for cryptoSessionID=" + request.getCryptoSessionID() + " is already expired!");
066    
067                    byte[] key = sessionManager.getKeyStore().getKey(session.getUserName(), session.getPassword(), request.getKeyID());
068                    byte[] keyEncodedEncrypted = KeyEncryptionUtil.encryptKey(key, request.getKeyEncryptionTransformation(), request.getKeyEncryptionPublicKey());
069                    return new GetKeyResponse(request, request.getKeyID(), keyEncodedEncrypted);
070            }
071    
072    }