Author: nextgens
Date: 2006-09-06 13:24:08 +0000 (Wed, 06 Sep 2006)
New Revision: 10405
Modified:
trunk/freenet/src/freenet/node/FNPPacketMangler.java
trunk/freenet/src/freenet/node/Node.java
trunk/freenet/src/freenet/node/PeerNode.java
Log:
We need to specify the encoding : UTF-8 when using getBytes()
Modified: trunk/freenet/src/freenet/node/FNPPacketMangler.java
===================================================================
--- trunk/freenet/src/freenet/node/FNPPacketMangler.java 2006-09-06
12:11:41 UTC (rev 10404)
+++ trunk/freenet/src/freenet/node/FNPPacketMangler.java 2006-09-06
13:24:08 UTC (rev 10405)
@@ -11,6 +11,7 @@
import freenet.crypt.DiffieHellmanContext;
import freenet.crypt.EntropySource;
import freenet.crypt.PCFBMode;
+import freenet.crypt.StationToStationContext;
import freenet.io.comm.*;
import freenet.io.comm.Peer.LocalAddressException;
import freenet.support.Fields;
@@ -280,7 +281,7 @@
}else if (negType == 1){
// We are gonna do simple StS
- if((packetType < 0) || (packetType > 3)) {
+ if((packetType < 0) || (packetType > 2)) {
Logger.error(this, "Decrypted auth packet but unknown
packet type "+packetType+" from "+replyTo+" possibly from "+pn);
return;
}
@@ -305,6 +306,19 @@
* This secret, K, can then be used to encrypt further
communication.
*/
+ if(packetType == 0) {
+ StationToStationContext ctx = new
StationToStationContext(node.getMyPrivKey(), pn.peerCryptoGroup, pn.peerPubKey,
node.random);
+ if(ctx == null) return;
+ // Send g^x%p
+ sendFirstStSPacket(1, ctx.getOurExponential(), pn,
replyTo);
+ } else if(packetType == 1) {
+ StationToStationContext ctx = new
StationToStationContext(node.getMyPrivKey(), pn.peerCryptoGroup, pn.peerPubKey,
node.random);
+ if(ctx == null) return;
+ sendSecondStSPacket(2, ctx, pn, replyTo, payload);
+ } else if(packetType == 2) {
+
+ }
+
// Not implemented yet... fail
return;
}
@@ -544,7 +558,7 @@
} else {
ctx = DiffieHellman.generateContext();
// Don't calculate the key until we need it
- pn.setDHContext(ctx);
+ pn.setKeyAgreementSchemeContext(ctx);
}
ctx.setOtherSideExponential(a);
if(logMINOR) Logger.minor(this, "His exponential: "+a.toHexString());
@@ -1446,7 +1460,7 @@
long DHTime2 = System.currentTimeMillis();
if((DHTime2 - DHTime1) > 1000)
Logger.error(this, "DHTime2 is more than a second after
DHTime1 ("+(DHTime2 - DHTime1)+") working on "+pn.getName());
- pn.setDHContext(ctx);
+ pn.setKeyAgreementSchemeContext(ctx);
long DHTime3 = System.currentTimeMillis();
if((DHTime3 - DHTime2) > 1000)
Logger.error(this, "DHTime3 is more than a second after
DHTime2 ("+(DHTime3 - DHTime2)+") working on "+pn.getName());
@@ -1488,4 +1502,24 @@
if(context == null) return false;
return !((PeerNode)context).isConnected();
}
+
+ /**
+ * Send a first-half (phase 0 or 1) StS negotiation packet to the node.
+ * @param phase The phase of the message to be sent (0 or 1).
+ * @param integer
+ * @param replyTo
+ */
+ private void sendFirstStSPacket(int phase, NativeBigInteger integer,
PeerNode pn, Peer replyTo) {
+ if(logMINOR) Logger.minor(this, "Sending ("+phase+")
"+integer.toHexString()+" to "+pn.getPeer());
+ byte[] data = integer.toByteArray();
+
+ sendAuthPacket(1, 1, phase, data, pn, replyTo);
+ }
+
+ private void sendSecondStSPacket(int phase, StationToStationContext ctx,
PeerNode pn, Peer replyTo, byte[] data) {
+ NativeBigInteger hisExponent = new NativeBigInteger(data);
+ ctx.setOtherSideExponential(hisExponent);
+
+ sendAuthPacket(1, 1, phase, ctx.concatAndSignAndCrypt(), pn, replyTo);
+ }
}
Modified: trunk/freenet/src/freenet/node/Node.java
===================================================================
--- trunk/freenet/src/freenet/node/Node.java 2006-09-06 12:11:41 UTC (rev
10404)
+++ trunk/freenet/src/freenet/node/Node.java 2006-09-06 13:24:08 UTC (rev
10405)
@@ -383,6 +383,7 @@
static final int EXIT_COULD_NOT_START_FCP = 17;
static final int EXIT_COULD_NOT_START_FPROXY = 18;
static final int EXIT_COULD_NOT_START_TMCI = 19;
+ static final int EXIT_CRAPPY_JVM = 255;
public static final int EXIT_DATABASE_REQUIRES_RESTART = 20;
public static final int EXIT_COULD_NOT_START_UPDATER = 21;
static final int EXIT_EXTRA_PEER_DATA_DIR = 22;
@@ -1660,7 +1661,15 @@
// TODO: maybe synchronize ?
if(myReferenceSignature == null || mySignedReference == null ||
!mySignedReference.equals(fs.toOrderedString())){
mySignedReference = fs.toOrderedString();
- myReferenceSignature = DSA.sign(myCryptoGroup,
myPrivKey, new BigInteger(mySignedReference.getBytes()), random);
+ try{
+ myReferenceSignature = DSA.sign(myCryptoGroup,
myPrivKey, new BigInteger(mySignedReference.getBytes("UTF-8")), random);
+ } catch(UnsupportedEncodingException e){
+ //duh ?
+ Logger.error(this, "Error while signing the
node identity!"+e);
+ System.err.println("Error while signing the
node identity!"+e);
+ e.printStackTrace();
+ exit(EXIT_CRAPPY_JVM);
+ }
}
fs.put("sig", myReferenceSignature.toString());
@@ -2992,4 +3001,12 @@
return totalPayloadSent;
}
}
+
+ protected DSAPrivateKey getMyPrivKey() {
+ return myPrivKey;
+ }
+
+ protected DSAPublicKey getMyPubKey() {
+ return myPubKey;
+ }
}
Modified: trunk/freenet/src/freenet/node/PeerNode.java
===================================================================
--- trunk/freenet/src/freenet/node/PeerNode.java 2006-09-06 12:11:41 UTC
(rev 10404)
+++ trunk/freenet/src/freenet/node/PeerNode.java 2006-09-06 13:24:08 UTC
(rev 10405)
@@ -33,7 +33,6 @@
import freenet.crypt.DSAGroup;
import freenet.crypt.DSAPublicKey;
import freenet.crypt.DSASignature;
-import freenet.crypt.DiffieHellmanContext;
import freenet.crypt.KeyAgreementSchemeContext;
import freenet.crypt.UnsupportedCipherException;
import freenet.crypt.ciphers.Rijndael;
@@ -409,12 +408,23 @@
String signature = fs.get("sig");
fs.removeValue("sig");
- if(signature == null || !DSA.verify(peerPubKey, new
DSASignature(signature), new BigInteger(fs.toOrderedString().getBytes()))){
- Logger.error(this, "The integrity of the reference has
been compromized!");
- this.isSignatureVerificationSuccessfull = false;
- if((Version.getArbitraryBuildNumber(version)>966) &&
(!fromLocal)) // TODO: REMOVE: the backward compat. kludge : version checking
- throw new
ReferenceSignatureVerificationException("The integrity of the reference has
been compromized!");
- }else
+ if(!fromLocal){
+ try{
+ if(signature == null || !DSA.verify(peerPubKey,
new DSASignature(signature), new
BigInteger(fs.toOrderedString().getBytes("UTF-8")))){
+ Logger.error(this, "The integrity of
the reference has been compromized!");
+ this.isSignatureVerificationSuccessfull
= false;
+
if(Version.getArbitraryBuildNumber(version)>966) // TODO: REMOVE: the backward
compat. kludge : version checking
+ throw new
ReferenceSignatureVerificationException("The integrity of the reference has
been compromized!");
+ }else
+ this.isSignatureVerificationSuccessfull
= true;
+ } catch (UnsupportedEncodingException e) {
+ // duh ?
+ Logger.error(this, "Error while signing the
node identity!"+e);
+ System.err.println("Error while signing the
node identity!"+e);
+ e.printStackTrace();
+ node.exit(Node.EXIT_CRAPPY_JVM);
+ }
+ }else // Local is always good (assumed)
this.isSignatureVerificationSuccessfull = true;
} catch (IllegalBase64Exception e) {
Logger.error(this, "Caught "+e, e);
@@ -1322,9 +1332,9 @@
return ctx;
}
- public synchronized void setDHContext(DiffieHellmanContext ctx2) {
+ public synchronized void
setKeyAgreementSchemeContext(KeyAgreementSchemeContext ctx2) {
this.ctx = ctx2;
- if(logMINOR) Logger.minor(this, "setDHContext("+ctx2+") on "+this);
+ if(logMINOR) Logger.minor(this,
"setKeyAgreementSchemeContext("+ctx2+") on "+this);
}
/**
