encrpytion: Warn both parties on SSL errors

Previously, we were trying to warn the server
when there is an SSL error, indicating that a
client is pretending to be someone else. The
problem is that it is hard to accuretely to
detect which side is on the wrong using the
exception types because different JVM
implementations throw different types of
exceptions for the same type of error.

In the end, I decided to warn both parties.
because it is easier and should lead to 'less'
confusion.

Credentials should not change by default,
so I don't think any of the warning systems
will be in use that prominently anyway.

Author: velitasali

pom.xml

@@ -22,7 +22,7 @@
 
     <groupId>org.monora.uprotocol</groupId>
     <artifactId>core</artifactId>
-    <version>0.1.0-ALPHA33</version>
+    <version>0.1.0-ALPHA34</version>
     <name>UProtocol</name>
     <description>Java implementation of uprotocol, an open specification for p2p content exchange</description>
     <url>https://github.com/uprotocol</url>

src/main/java/org/monora/uprotocol/core/CommunicationBridge.java

@@ -30,7 +30,7 @@
 import org.monora.uprotocol.core.protocol.Client;
 import org.monora.uprotocol.core.protocol.ClientAddress;
 import org.monora.uprotocol.core.protocol.ConnectionFactory;
-import org.monora.uprotocol.core.protocol.communication.CommunicationException;
+import org.monora.uprotocol.core.protocol.communication.CredentialsException;
 import org.monora.uprotocol.core.protocol.communication.ProtocolException;
 import org.monora.uprotocol.core.protocol.communication.SecurityException;
 import org.monora.uprotocol.core.protocol.communication.client.BlockedRemoteClientException;
@@ -39,6 +39,7 @@
 import org.monora.uprotocol.core.transfer.TransferItem;
 import org.monora.uprotocol.core.transfer.Transfers;
 
+import javax.net.ssl.SSLException;
 import javax.net.ssl.SSLSocket;
 import javax.net.ssl.SSLSocketFactory;
 import java.io.Closeable;
@@ -141,7 +142,7 @@ public void closeSafely() throws IOException
     static void convertToSSL(@NotNull ConnectionFactory connectionFactory,
                              @NotNull PersistenceProvider persistenceProvider,
                              @NotNull ActiveConnection activeConnection, @NotNull Client client, boolean isClient)
-            throws IOException, CommunicationException, CertificateException
+            throws IOException, ProtocolException, CertificateException
     {
         Socket socket = activeConnection.getSocket();
         SSLSocketFactory sslSocketFactory = persistenceProvider.getSSLContextFor(client).getSocketFactory();
@@ -188,8 +189,15 @@ static void convertToSSL(@NotNull ConnectionFactory connectionFactory,
 
         try {
             sslSocket.startHandshake();
+        } catch (SSLException e) {
+            boolean firstTime = !persistenceProvider.hasRequestForInvalidationOfCredentials(client.getClientUid());
+            if (firstTime) {
+                persistenceProvider.saveRequestForInvalidationOfCredentials(client.getClientUid());
+            }
+
+            throw new CredentialsException(client, e, firstTime);
         } catch (Exception e) {
-            throw new SecurityException(client, e);
+            throw new ProtocolException(e);
         }
     }
 
@@ -586,8 +594,16 @@ public CommunicationBridge connect() throws IOException, JSONException, Protocol
             persistenceProvider.persist(clientAddress);
 
             Responses.checkError(client, jsonObject);
-            convertToSSL(connectionFactory, persistenceProvider, activeConnection, client, true);
 
+            try {
+                convertToSSL(connectionFactory, persistenceProvider, activeConnection, client, true);
+            } catch (SecurityException e) {
+                if (!persistenceProvider.hasRequestForInvalidationOfCredentials(client.getClientUid())) {
+                    persistenceProvider.saveRequestForInvalidationOfCredentials(client.getClientUid());
+                }
+
+                throw e;
+            }
             return new CommunicationBridge(persistenceProvider, activeConnection, client, clientAddress);
         }
 

src/main/java/org/monora/uprotocol/core/TransportSession.java

@@ -13,6 +13,7 @@
 import org.monora.uprotocol.core.protocol.ClientAddress;
 import org.monora.uprotocol.core.protocol.ConnectionFactory;
 import org.monora.uprotocol.core.protocol.communication.ContentException;
+import org.monora.uprotocol.core.protocol.communication.CredentialsException;
 import org.monora.uprotocol.core.protocol.communication.ProtocolException;
 import org.monora.uprotocol.core.protocol.communication.SecurityException;
 import org.monora.uprotocol.core.spec.v1.Config;
@@ -100,11 +101,12 @@ public void onConnected(@NotNull ActiveConnection activeConnection)
 
             handleRequest(new CommunicationBridge(persistenceProvider, activeConnection, client, clientAddress),
                     client, clientAddress, hasPin, request);
-        } catch (SecurityException e) {
-            if (!persistenceProvider.hasRequestForInvalidationOfCredentials(e.client.getClientUid())) {
-                persistenceProvider.saveRequestForInvalidationOfCredentials(e.client.getClientUid());
+        } catch (CredentialsException e) {
+            if (e.firstTime) {
                 transportSeat.notifyClientCredentialsChanged(e.client);
             }
+        } catch (SecurityException e) {
+            getLogger().log(Level.INFO, "Security error occurred: " + e.toString());
         } catch (ClosedException e) {
             getLogger().log(Level.INFO, "Closed successfully by " + (e.remoteRequested ? "remote" : "you"));
         } catch (CancelledException e) {

src/main/java/org/monora/uprotocol/core/protocol/communication/CredentialsException.java

@@ -0,0 +1,32 @@
+package org.monora.uprotocol.core.protocol.communication;
+
+import org.jetbrains.annotations.NotNull;
+import org.monora.uprotocol.core.persistence.PersistenceProvider;
+import org.monora.uprotocol.core.protocol.Client;
+
+/**
+ * Thrown when an SSL-related error occurs and is considered a result of invalid credentials.
+ */
+public class CredentialsException extends SecurityException
+{
+    /**
+     * Will be true if {@link PersistenceProvider#hasRequestForInvalidationOfCredentials(String)} returned false and
+     * {@link PersistenceProvider#saveRequestForInvalidationOfCredentials(String)} was invoked.
+     */
+    public final boolean firstTime;
+
+    /**
+     * Create a new instance.
+     *
+     * @param client    With which the error occurred.
+     * @param cause     Of the issue.
+     * @param firstTime Will be true if {@link PersistenceProvider#hasRequestForInvalidationOfCredentials(String)}
+     *                  returned false and {@link PersistenceProvider#saveRequestForInvalidationOfCredentials(String)}
+     *                  was invoked.
+     */
+    public CredentialsException(@NotNull Client client, @NotNull Throwable cause, boolean firstTime)
+    {
+        super(client, cause);
+        this.firstTime = firstTime;
+    }
+}

src/main/java/org/monora/uprotocol/core/protocol/communication/SecurityException.java

@@ -1,21 +1,15 @@
 package org.monora.uprotocol.core.protocol.communication;
 
 import org.jetbrains.annotations.NotNull;
-import org.jetbrains.annotations.Nullable;
 import org.monora.uprotocol.core.protocol.Client;
 
 /**
  * Thrown when an SSL-related error occurs.
- * <p>
- * The cause reflects what exactly went wrong.
  */
 public class SecurityException extends CommunicationException
 {
-    public SecurityException(@NotNull Client client, @Nullable Throwable cause)
+    public SecurityException(@NotNull Client client, @NotNull Throwable cause)
     {
         super(client, cause);
-
-        if (cause == null)
-            throw new NullPointerException("The cause cannot be null.");
     }
 }

src/test/java/org/monora/uprotocol/RequestTest.java

@@ -8,8 +8,8 @@
 import org.monora.uprotocol.core.CommunicationBridge;
 import org.monora.uprotocol.core.protocol.Client;
 import org.monora.uprotocol.core.protocol.communication.ContentException;
+import org.monora.uprotocol.core.protocol.communication.CredentialsException;
 import org.monora.uprotocol.core.protocol.communication.ProtocolException;
-import org.monora.uprotocol.core.protocol.communication.SecurityException;
 import org.monora.uprotocol.core.protocol.communication.client.BlockedRemoteClientException;
 import org.monora.uprotocol.core.protocol.communication.client.DifferentRemoteClientException;
 import org.monora.uprotocol.core.protocol.communication.client.UnauthorizedClientException;
@@ -19,7 +19,6 @@
 import org.monora.uprotocol.variant.holder.TransferHolder;
 import org.monora.uprotocol.variant.test.DefaultTestBase;
 
-import javax.net.ssl.SSLHandshakeException;
 import java.io.IOException;
 import java.security.cert.CertificateException;
 import java.util.ArrayList;
@@ -163,8 +162,8 @@ public void remoteNotifiesAsNotFoundWhenGroupNotExists() throws ProtocolExceptio
         }
     }
 
-    @Test(expected = SecurityException.class)
-    public void failsWithKeyMismatchTest() throws IOException, InterruptedException, ProtocolException,
+    @Test(expected = CredentialsException.class)
+    public void failsWithCredentialsMismatchTest() throws IOException, InterruptedException, ProtocolException,
             CertificateException
     {
         primarySession.start();
@@ -223,7 +222,7 @@ public void connectsAfterKeyMismatchWithRightKey() throws IOException, ProtocolE
 
         try (CommunicationBridge bridge = openConnection(secondaryPersistence, clientAddress)) {
             bridge.requestAcquaintance();
-        } catch (SecurityException ignored) {
+        } catch (CredentialsException ignored) {
         }
 
         primaryPersistence.restoreSecrets();
@@ -249,12 +248,9 @@ public void acceptNewKeysTest() throws IOException, InterruptedException, Protoc
 
         try (CommunicationBridge bridge = openConnection(secondaryPersistence, clientAddress)) {
             bridge.requestAcquaintance();
-        } catch (SecurityException e) {
-            if (e.getCause() instanceof SSLHandshakeException) {
-                e.client.setClientCertificate(null);
-                secondaryPersistence.persist(e.client, true);
-            } else
-                throw e;
+        } catch (CredentialsException e) {
+            e.client.setClientCertificate(null);
+            secondaryPersistence.persist(e.client, true);
         }
 
         try (CommunicationBridge bridge = openConnection(secondaryPersistence, clientAddress)) {
@@ -468,10 +464,56 @@ public void throwsDifferentClientExceptionOnUidMismatch() throws IOException, In
 
         primarySession.start();
 
-        try(CommunicationBridge bridge = builder.connect()) {
+        try (CommunicationBridge bridge = builder.connect()) {
             Assert.fail("The above statement should have failed");
         } finally {
             primarySession.stop();
         }
     }
+
+    @Test
+    public void warnsBothPartiesOnInvalidServerCredentials() throws IOException, InterruptedException,
+            ProtocolException, CertificateException
+    {
+        primarySession.start();
+
+        try (CommunicationBridge bridge = openConnection(secondaryPersistence, clientAddress)) {
+            bridge.requestAcquaintance();
+        }
+
+        primaryPersistence.regenerateSecrets();
+
+        try (CommunicationBridge bridge = openConnection(secondaryPersistence, clientAddress)) {
+            Assert.fail("Should have not reached here.");
+        } catch (Exception e) {
+            Assert.assertTrue("Should result in the right error", e instanceof CredentialsException);
+        } finally {
+            primarySession.stop();
+        }
+
+        Assert.assertTrue("Both parties should be warned", primaryPersistence.gotInvalidationRequest());
+    }
+
+    @Test
+    public void warnsBothPartiesOnInvalidClientCredentials() throws IOException, InterruptedException,
+            ProtocolException, CertificateException
+    {
+        primarySession.start();
+
+        try (CommunicationBridge bridge = openConnection(secondaryPersistence, clientAddress)) {
+            bridge.requestAcquaintance();
+        }
+
+        secondaryPersistence.regenerateSecrets();
+
+        try (CommunicationBridge bridge = openConnection(secondaryPersistence, clientAddress)) {
+            Assert.fail("Should have not reached here");
+        } catch (Exception e) {
+            Assert.assertTrue("Should result in the right error", e instanceof CredentialsException);
+        } finally {
+            primarySession.stop();
+        }
+
+        Assert.assertTrue("Both parties should be warned", primaryPersistence.gotInvalidationRequest());
+    }
 }

src/test/java/org/monora/uprotocol/variant/persistence/BasePersistenceProvider.java

@@ -61,6 +61,8 @@ public abstract class BasePersistenceProvider implements PersistenceProvider
     private @Nullable KeyPair keyPairBackup;
     private @Nullable X509Certificate certificateBackup;
 
+    private boolean gotInvalidationRequest = false;
+
     private int networkPin;
 
     public BasePersistenceProvider()
@@ -108,7 +110,13 @@ public BasePersistenceProvider()
         }
     }
 
-    public boolean hasPicture(@NotNull Client client) {
+    public boolean gotInvalidationRequest()
+    {
+        return gotInvalidationRequest;
+    }
+
+    public boolean hasPicture(@NotNull Client client)
+    {
         return pictureList.containsKey(client.getClientUid());
     }
 
@@ -406,10 +414,7 @@ public void revokeNetworkPin()
     @Override
     public void saveRequestForInvalidationOfCredentials(@NotNull String clientUid)
     {
-        if (hasRequestForInvalidationOfCredentials(clientUid)) {
-            return;
-        }
-
+        gotInvalidationRequest = true;
         synchronized (invalidationRequestList) {
             invalidationRequestList.add(clientUid);
         }