I have a requirement to secure the Java RMI calls with Asymmetric key cryptography (RSA) in a Peer 2 Peer File sharing application.
I referred this, but it uses a passphrase (Symmetric Key) to XOR the messages. I want that the client encrypts the RMI Socket stream with server's public key and the server should use its private key to decrypt the socket input stream. Assumption: Every node in the P2P File sharing application has each other's public key
Since there can be multiple client-servers (P2P nodes), the clients should use the relevant server's public key to encrypt the socket stream data.
I could not find any other reference using asymmetric key to secure RMI calls. Please help.
UPDATE:
I'm a student and this is a university project where I have to secure the communications happening over the RMI using RSA cryptography. So, I don't have any choice left.
In the previous projects, I created a Napster & Gnutella style P2P file sharing system. Now the task is to use RSA to encrypt the communications between nodes using their public-private keys.
I really appreciate any help/guidance in this direction. Please do not close this question.
UPDATE 2
Implement RSA cryptography without using in-built libraries except java.math.BigInteger and java.security.SecureRandom
I don't know if I should answer my own question.
I tried many approaches but I got exceptions and the nodes were not starting. So, I believe there is not a generic way to secure RMI communications through RSA cryptography for my situations.
So, I tried a different approach.
I changed the method signature of the RMI methods in the interface and implementations from
public void query(MessageID messageID, long TTL, String fileName, String upstreamIP) throws RemoteException
to
public void query(byte[] bytes) throws RemoteException
Now, before every RMI call, I convert the arguments to a custom object and then into bytes, apply the RSA encryption using the sender's private key to convert into encrypted bytes and then pass it to the server.
On the server end, collect the bytes, decrypt them using the sender's RSA public key and then cast to the custom object, extract the information and finally pass to the business logic. This process is done on each RMI call.
This is similar to the sockets, where we write everything into the the stream. Eventually, in the RMI call, the objects which we pass are converted into bytes. So, using this approach I'm explicitly converting them into bytes and then apply the encryption and pass it through RMI. Over the network, it will be transferred as encrypted bytes. This will be for all the RMI calls which includes the messages as well as the file content.