in client/src/main/java/org/apache/qpid/client/message/Encrypted010MessageFactory.java [60:182]
protected AbstractJMSMessage createMessage(final AbstractAMQMessageDelegate delegate, final ByteBuffer data)
throws QpidException
{
SecretKeySpec secretKeySpec;
String algorithm;
byte[] initVector;
try
{
try
{
if (delegate.hasProperty(MessageEncryptionHelper.ENCRYPTION_ALGORITHM_PROPERTY))
{
algorithm = delegate.getProperty(MessageEncryptionHelper.ENCRYPTION_ALGORITHM_PROPERTY).toString();
if (delegate.hasProperty(MessageEncryptionHelper.KEY_INIT_VECTOR_PROPERTY))
{
Object ivObj = delegate.getProperty(MessageEncryptionHelper.KEY_INIT_VECTOR_PROPERTY);
if (ivObj instanceof byte[])
{
initVector = (byte[]) ivObj;
}
else
{
throw new QpidException("If the property '"
+ MessageEncryptionHelper.KEY_INIT_VECTOR_PROPERTY
+ "' is present, it must contain a byte array");
}
}
else
{
initVector = null;
}
if (delegate.hasProperty(MessageEncryptionHelper.ENCRYPTED_KEYS_PROPERTY))
{
Object keyInfoObj = delegate.getProperty(MessageEncryptionHelper.ENCRYPTED_KEYS_PROPERTY);
if (keyInfoObj instanceof Collection)
{
secretKeySpec = getContentEncryptionKey((Collection) keyInfoObj,
algorithm,
_messageFactoryRegistry.getSession());
if (secretKeySpec == null)
{
throw new QpidException("Could not locate key information to decrypt the message");
}
}
else
{
throw new QpidException("An encrypted message must contain the property '"
+ MessageEncryptionHelper.ENCRYPTED_KEYS_PROPERTY
+ "'");
}
}
else
{
throw new QpidException("An encrypted message must contain the property '"
+ MessageEncryptionHelper.ENCRYPTED_KEYS_PROPERTY
+ "'");
}
}
else
{
throw new QpidException("Encrypted message must carry the encryption algorithm in the property '"
+ MessageEncryptionHelper.ENCRYPTED_KEYS_PROPERTY
+ "'");
}
Cipher cipher = Cipher.getInstance(algorithm);
cipher.init(Cipher.DECRYPT_MODE, secretKeySpec, new IvParameterSpec(initVector));
byte[] encryptedData;
int offset;
int length;
if (data.hasArray())
{
encryptedData = data.array();
offset = data.arrayOffset() + data.position();
length = data.remaining();
}
else
{
encryptedData = new byte[data.remaining()];
data.duplicate().get(encryptedData);
offset = 0;
length = encryptedData.length;
}
final byte[] unencryptedBytes = decryptData(cipher, encryptedData, offset, length);
ByteBuffer buf = ByteBuffer.wrap(unencryptedBytes);
BBDecoder decoder = new BBDecoder();
decoder.init(buf);
DeliveryProperties deliveryProperties = (DeliveryProperties) decoder.readStruct32();
MessageProperties messageProperties = (MessageProperties) decoder.readStruct32();
int payloadOffset = buf.position();
final ByteBuffer unencryptedData =
ByteBuffer.wrap(unencryptedBytes, payloadOffset, unencryptedBytes.length - payloadOffset);
final AbstractAMQMessageDelegate newDelegate =
new AMQMessageDelegate_0_10(messageProperties, deliveryProperties, delegate.getDeliveryTag());
newDelegate.setJMSDestination(delegate.getJMSDestination());
final AbstractJMSMessageFactory unencryptedMessageFactory =
_messageFactoryRegistry.getMessageFactory(messageProperties.getContentType());
return unencryptedMessageFactory.createMessage(newDelegate, unencryptedData);
}
catch (GeneralSecurityException | IOException e)
{
throw new QpidException("Could not decode encrypted message", e);
}
}
catch(QpidException e)
{
LOGGER.error("Error when attempting to decrypt message " + delegate.getDeliveryTag() + " to address ("+delegate.getJMSDestination()+"). Message will be delivered to the client encrypted", e);
return _messageFactoryRegistry.getDefaultFactory().createMessage(delegate, data);
}
}