Author: nextgens
Date: 2006-09-05 19:37:45 +0000 (Tue, 05 Sep 2006)
New Revision: 10398
Added:
trunk/freenet/src/freenet/crypt/KeyAgreementSchemeContext.java
trunk/freenet/src/freenet/crypt/StationToStationContext.java
Modified:
trunk/freenet/src/freenet/crypt/DiffieHellmanContext.java
trunk/freenet/src/freenet/node/FNPPacketMangler.java
trunk/freenet/src/freenet/node/PeerNode.java
Log:
more work toward integrating StS
Modified: trunk/freenet/src/freenet/crypt/DiffieHellmanContext.java
===================================================================
--- trunk/freenet/src/freenet/crypt/DiffieHellmanContext.java 2006-09-05
19:13:09 UTC (rev 10397)
+++ trunk/freenet/src/freenet/crypt/DiffieHellmanContext.java 2006-09-05
19:37:45 UTC (rev 10398)
@@ -8,7 +8,7 @@
import freenet.support.HexUtil;
import freenet.support.Logger;
-public class DiffieHellmanContext {
+public class DiffieHellmanContext extends KeyAgreementSchemeContext {
// Set on startup
/** My exponent. We keep this and then raise our peer's exponential to
this power. */
@@ -23,8 +23,8 @@
byte[] key;
BlockCipher cipher;
- boolean logMINOR;
+
public String toString() {
StringBuffer sb = new StringBuffer();
sb.append(super.toString());
@@ -97,16 +97,7 @@
peerExponential = a;
}
- long lastUsedTime;
-
/**
- * @return The time at which this object was last used.
- */
- public synchronized long lastUsedTime() {
- return lastUsedTime;
- }
-
- /**
* @return True if getCipher() will work. If this returns false,
getCipher() will
* probably NPE.
*/
Added: trunk/freenet/src/freenet/crypt/KeyAgreementSchemeContext.java
===================================================================
--- trunk/freenet/src/freenet/crypt/KeyAgreementSchemeContext.java
2006-09-05 19:13:09 UTC (rev 10397)
+++ trunk/freenet/src/freenet/crypt/KeyAgreementSchemeContext.java
2006-09-05 19:37:45 UTC (rev 10398)
@@ -0,0 +1,13 @@
+package freenet.crypt;
+
+public abstract class KeyAgreementSchemeContext {
+ protected long lastUsedTime;
+ protected boolean logMINOR;
+
+ /**
+ * @return The time at which this object was last used.
+ */
+ public synchronized long lastUsedTime() {
+ return lastUsedTime;
+ }
+}
Added: trunk/freenet/src/freenet/crypt/StationToStationContext.java
===================================================================
--- trunk/freenet/src/freenet/crypt/StationToStationContext.java
2006-09-05 19:13:09 UTC (rev 10397)
+++ trunk/freenet/src/freenet/crypt/StationToStationContext.java
2006-09-05 19:37:45 UTC (rev 10398)
@@ -0,0 +1,89 @@
+package freenet.crypt;
+
+import java.math.BigInteger;
+import java.util.Random;
+
+import net.i2p.util.NativeBigInteger;
+import freenet.support.HexUtil;
+import freenet.support.Logger;
+
+public class StationToStationContext extends KeyAgreementSchemeContext {
+
+ // Set on startup
+
+ /** Random number */
+ final int myRandom;
+
+ /** My exponential */
+ final NativeBigInteger myExponential;
+
+ /** His pubkey */
+ final DSAPublicKey hisPubKey;
+
+ /** Our private key */
+ final DSAPrivateKey ourPrivateKey;
+
+ /** The group we both share */
+ final DSAGroup group;
+
+ /** The rng */
+ final Random random;
+
+ // Generated or set later
+ NativeBigInteger peerExponential = null;
+ NativeBigInteger key = null;
+
+ boolean logMINOR;
+
+ public StationToStationContext(DSAPrivateKey ourKey, DSAGroup group,
DSAPublicKey hisKey, Random rand) {
+ this.ourPrivateKey = ourKey;
+ this.random = rand;
+ this.group = group;
+ this.hisPubKey = hisKey;
+ // How big is the random ?
+ this.myRandom = random.nextInt();
+ this.myExponential = (NativeBigInteger) group.getG().pow(myRandom);
+ lastUsedTime = System.currentTimeMillis();
+ logMINOR = Logger.shouldLog(Logger.MINOR, this);
+ }
+
+ public synchronized NativeBigInteger getOurExponential() {
+ lastUsedTime = System.currentTimeMillis();
+ return myExponential;
+ }
+
+ public synchronized BigInteger getKey() {
+ lastUsedTime = System.currentTimeMillis();
+ if(key != null) return key;
+ if(peerExponential == null) throw new IllegalStateException("Can't
call getKey() until setOtherSideExponential() has been called!");
+
+ // Calculate key
+ if(logMINOR)
+ Logger.minor(this, "My exponent: "+myExponential.toHexString()+",
my random: "+myRandom+", peer's exponential: "+peerExponential.toHexString());
+ key = (NativeBigInteger) peerExponential.pow(myRandom);
+
+ if(logMINOR)
+ Logger.minor(this, "Key="+HexUtil.bytesToHex(key.toByteArray()));
+ return key;
+ }
+
+ public synchronized byte[] concatAndSignAndCrypt(){
+ if(peerExponential == null) throw new IllegalStateException("Can't call
concatAndSign() until setOtherSideExponential() has been called!");
+ if(key == null) throw new IllegalStateException("Can't call
concatAndSign() until getKey() has been called!");
+
+ String sig = new String(myExponential+","+peerExponential);
+ //FIXME: REDFLAG: it should be encrypted as well!
+ return DSA.sign(group, ourPrivateKey, new BigInteger(sig.getBytes()),
random).toString().getBytes();
+ }
+
+ public synchronized void setOtherSideExponential(NativeBigInteger a) {
+ lastUsedTime = System.currentTimeMillis();
+ if(peerExponential != null) {
+ if(!peerExponential.equals(a))
+ throw new IllegalStateException("Assigned other side
exponential twice");
+ else return;
+ }
+ if(a == null) throw new NullPointerException();
+ peerExponential = a;
+ }
+}
Modified: trunk/freenet/src/freenet/node/FNPPacketMangler.java
===================================================================
--- trunk/freenet/src/freenet/node/FNPPacketMangler.java 2006-09-05
19:13:09 UTC (rev 10397)
+++ trunk/freenet/src/freenet/node/FNPPacketMangler.java 2006-09-05
19:37:45 UTC (rev 10398)
@@ -214,11 +214,11 @@
if(logMINOR) Logger.minor(this, "Received auth packet for
"+pn.getPeer()+" (pt="+packetType+", v="+version+", nt="+negType+") (last
packet sent "+delta+"ms ago) from "+replyTo+"");
/* Format:
- * 1 byte - version number (0)
+ * 1 byte - version number (1)
* 1 byte - negotiation type (0 = simple DH, will not be supported
when implement JFKi || 1 = StS)
* 1 byte - packet type (0-3)
*/
- if(version == 1) {
+ if(version != 1) {
Logger.error(this, "Decrypted auth packet but invalid version:
"+version);
return;
}
@@ -451,7 +451,7 @@
* @return
*/
private DiffieHellmanContext processDHTwoOrThree(int i, byte[] payload,
PeerNode pn, Peer replyTo, boolean sendCompletion) {
- DiffieHellmanContext ctx = pn.getDHContext();
+ DiffieHellmanContext ctx = (DiffieHellmanContext)
pn.getKeyAgreementSchemeContext();
if((ctx == null) || !ctx.canGetCipher()) {
if(shouldLogErrorInHandshake()) {
Logger.error(this, "Cannot get cipher");
@@ -535,7 +535,7 @@
NativeBigInteger a = new NativeBigInteger(1, aAsBytes);
DiffieHellmanContext ctx;
if(phase == 1) {
- ctx = pn.getDHContext();
+ ctx = (DiffieHellmanContext) pn.getKeyAgreementSchemeContext();
if(ctx == null) {
if(shouldLogErrorInHandshake())
Logger.error(this, "Could not get context for phase 1
handshake from "+pn);
Modified: trunk/freenet/src/freenet/node/PeerNode.java
===================================================================
--- trunk/freenet/src/freenet/node/PeerNode.java 2006-09-05 19:13:09 UTC
(rev 10397)
+++ trunk/freenet/src/freenet/node/PeerNode.java 2006-09-05 19:37:45 UTC
(rev 10398)
@@ -34,6 +34,7 @@
import freenet.crypt.DSAPublicKey;
import freenet.crypt.DSASignature;
import freenet.crypt.DiffieHellmanContext;
+import freenet.crypt.KeyAgreementSchemeContext;
import freenet.crypt.UnsupportedCipherException;
import freenet.crypt.ciphers.Rijndael;
import freenet.io.comm.DMT;
@@ -237,7 +238,7 @@
final BlockCipher outgoingSetupCipher;
/** The context object for the currently running negotiation. */
- private DiffieHellmanContext ctx;
+ private KeyAgreementSchemeContext ctx;
/** The other side's boot ID. This is a random number generated
* at startup.
@@ -1043,7 +1044,7 @@
* @param now The current time.
*/
public boolean hasLiveHandshake(long now) {
- DiffieHellmanContext c = null;
+ KeyAgreementSchemeContext c = null;
synchronized(this) {
c = ctx;
}
@@ -1309,7 +1310,7 @@
randomizeMaxTimeBetweenPacketSends();
}
- public synchronized DiffieHellmanContext getDHContext() {
+ public synchronized KeyAgreementSchemeContext
getKeyAgreementSchemeContext() {
return ctx;
}
