Author: nextgens
Date: 2007-12-01 14:49:29 +0000 (Sat, 01 Dec 2007)
New Revision: 16180
Modified:
trunk/freenet/src/freenet/crypt/DiffieHellmanContext.java
trunk/freenet/src/freenet/crypt/DiffieHellmanLightContext.java
trunk/freenet/src/freenet/crypt/KeyAgreementSchemeContext.java
trunk/freenet/src/freenet/node/FNPPacketMangler.java
trunk/freenet/src/freenet/node/PeerNode.java
Log:
JFK: make DiffieHellmanLightContext extend a refactored
KeyAgreementSchemeContext
The purpose is to fix PeerNode.hasliveHandshake(long)
Modified: trunk/freenet/src/freenet/crypt/DiffieHellmanContext.java
===================================================================
--- trunk/freenet/src/freenet/crypt/DiffieHellmanContext.java 2007-12-01
13:55:50 UTC (rev 16179)
+++ trunk/freenet/src/freenet/crypt/DiffieHellmanContext.java 2007-12-01
14:49:29 UTC (rev 16180)
@@ -4,6 +4,7 @@
package freenet.crypt;
+import freenet.crypt.ciphers.Rijndael;
import net.i2p.util.NativeBigInteger;
import freenet.support.HexUtil;
import freenet.support.Logger;
@@ -18,6 +19,9 @@
/** The group we both share */
final DHGroup group;
+ BlockCipher cipher;
+ byte[] key;
+
// Generated or set later
NativeBigInteger peerExponential;
@@ -86,4 +90,17 @@
public NativeBigInteger getHisExponential() {
return peerExponential;
}
+
+ public synchronized BlockCipher getCipher() {
+ lastUsedTime = System.currentTimeMillis();
+ if(cipher != null) return cipher;
+ getKey();
+ try {
+ cipher = new Rijndael(256, 256);
+ } catch (UnsupportedCipherException e1) {
+ throw new Error(e1);
+ }
+ cipher.initialize(key);
+ return cipher;
+ }
}
Modified: trunk/freenet/src/freenet/crypt/DiffieHellmanLightContext.java
===================================================================
--- trunk/freenet/src/freenet/crypt/DiffieHellmanLightContext.java
2007-12-01 13:55:50 UTC (rev 16179)
+++ trunk/freenet/src/freenet/crypt/DiffieHellmanLightContext.java
2007-12-01 14:49:29 UTC (rev 16180)
@@ -7,7 +7,7 @@
import net.i2p.util.NativeBigInteger;
-public class DiffieHellmanLightContext {
+public class DiffieHellmanLightContext extends KeyAgreementSchemeContext {
/** My exponent.*/
public final NativeBigInteger myExponent;
@@ -17,8 +17,6 @@
public DSASignature signature = null;
/** A timestamp: when was the context created ? */
public final long lifetime = System.currentTimeMillis();
-
- private final boolean logMINOR;
public String toString() {
StringBuffer sb = new StringBuffer();
@@ -34,7 +32,8 @@
public DiffieHellmanLightContext(NativeBigInteger myExponent,
NativeBigInteger myExponential) {
this.myExponent = myExponent;
this.myExponential = myExponential;
- logMINOR = Logger.shouldLog(Logger.MINOR, this);
+ this.lastUsedTime = System.currentTimeMillis();
+ this.logMINOR = Logger.shouldLog(Logger.MINOR, this);
}
public void setSignature(DSASignature sig) {
@@ -45,6 +44,7 @@
* Calling the following is costy; avoid
*/
public NativeBigInteger getHMACKey(NativeBigInteger peerExponential,
DHGroup group) {
+ lastUsedTime = System.currentTimeMillis();
BigInteger P = group.getP();
NativeBigInteger sharedSecret =
(NativeBigInteger) peerExponential.modPow(myExponent,
P);
Modified: trunk/freenet/src/freenet/crypt/KeyAgreementSchemeContext.java
===================================================================
--- trunk/freenet/src/freenet/crypt/KeyAgreementSchemeContext.java
2007-12-01 13:55:50 UTC (rev 16179)
+++ trunk/freenet/src/freenet/crypt/KeyAgreementSchemeContext.java
2007-12-01 14:49:29 UTC (rev 16180)
@@ -3,35 +3,15 @@
* http://www.gnu.org/ for further details of the GPL. */
package freenet.crypt;
-import freenet.crypt.ciphers.Rijndael;
-
public abstract class KeyAgreementSchemeContext {
- BlockCipher cipher;
- byte[] key;
-
- protected long lastUsedTime;
- protected boolean logMINOR;
-
- /**
- * @return The time at which this object was last used.
- */
- public synchronized long lastUsedTime() {
- return lastUsedTime;
- }
-
- public abstract byte[] getKey();
- public abstract boolean canGetCipher();
-
- public synchronized BlockCipher getCipher() {
- lastUsedTime = System.currentTimeMillis();
- if(cipher != null) return cipher;
- getKey();
- try {
- cipher = new Rijndael(256, 256);
- } catch (UnsupportedCipherException e1) {
- throw new Error(e1);
- }
- cipher.initialize(key);
- return cipher;
- }
-}
+
+ protected long lastUsedTime;
+ protected boolean logMINOR;
+
+ /**
+ * @return The time at which this object was last used.
+ */
+ public synchronized long lastUsedTime() {
+ return lastUsedTime;
+ }
+}
\ No newline at end of file
Modified: trunk/freenet/src/freenet/node/FNPPacketMangler.java
===================================================================
--- trunk/freenet/src/freenet/node/FNPPacketMangler.java 2007-12-01
13:55:50 UTC (rev 16179)
+++ trunk/freenet/src/freenet/node/FNPPacketMangler.java 2007-12-01
14:49:29 UTC (rev 16180)
@@ -535,12 +535,13 @@
private void sendJFKMessage1(PeerNode pn, Peer replyTo) {
if(logMINOR) Logger.minor(this, "Sending a JFK(1) message to
"+pn);
final long now = System.currentTimeMillis();
- if((pn.jfkContext == null) || ((pn.jfkContextLifetime +
15*60*1000) < now)) {
- pn.jfkContext = getLightDiffieHellmanContext();
+ DiffieHellmanLightContext ctx = (DiffieHellmanLightContext)
pn.getKeyAgreementSchemeContext();
+ if((ctx == null) || ((pn.jfkContextLifetime + 15*60*1000) <
now)) {
pn.jfkContextLifetime = now;
+ pn.setKeyAgreementSchemeContext(ctx =
getLightDiffieHellmanContext());
}
int offset = 0;
- byte[] myExponential =
stripBigIntegerToNetworkFormat(pn.jfkContext.myExponential);
+ byte[] myExponential =
stripBigIntegerToNetworkFormat(ctx.myExponential);
byte[] nonce = new byte[NONCE_SIZE];
node.random.nextBytes(nonce);
@@ -1026,7 +1027,7 @@
pn.jfkKs = null;
// We want to clear it here so that new handshake requests
// will be sent with a different DH pair
- pn.jfkContext = null;
+ pn.setKeyAgreementSchemeContext(null);
synchronized (pn) {
// FIXME TRUE MULTI-HOMING: winner-takes-all, kill all
other connection attempts since we can't deal with multiple active connections
// Also avoids leaking
@@ -1052,7 +1053,9 @@
if(logMINOR) Logger.minor(this, "Sending a JFK(3) message to
"+pn);
BlockCipher c = null;
try { c = new Rijndael(256, 256); } catch
(UnsupportedCipherException e) {}
- byte[] ourExponential =
stripBigIntegerToNetworkFormat(pn.jfkContext.myExponential);
+ DiffieHellmanLightContext ctx = (DiffieHellmanLightContext)
pn.getKeyAgreementSchemeContext();
+ if(ctx == null) return;
+ byte[] ourExponential =
stripBigIntegerToNetworkFormat(ctx.myExponential);
pn.jfkMyRef = crypto.myCompressedSetupRef();
byte[] data = new byte[8 + pn.jfkMyRef.length];
System.arraycopy(Fields.longToBytes(node.bootID), 0, data, 0,
8);
@@ -1094,7 +1097,7 @@
byte[] r =
localSignature.getRBytes(Node.SIGNATURE_PARAMETER_LENGTH);
byte[] s =
localSignature.getSBytes(Node.SIGNATURE_PARAMETER_LENGTH);
- BigInteger computedExponential =
pn.jfkContext.getHMACKey(_hisExponential, Global.DHgroupA);
+ BigInteger computedExponential =
ctx.getHMACKey(_hisExponential, Global.DHgroupA);
pn.jfkKs = computeJFKSharedKey(computedExponential,
nonceInitiator, nonceResponder, "0");
pn.jfkKe = computeJFKSharedKey(computedExponential,
nonceInitiator, nonceResponder, "1");
pn.jfkKa = computeJFKSharedKey(computedExponential,
nonceInitiator, nonceResponder, "2");
@@ -2430,9 +2433,6 @@
if((DHTime2 - DHTime1) > 1000)
Logger.error(this, "DHTime2 is more than a
second after DHTime1 ("+(DHTime2 - DHTime1)+") working on "+pn.userToString());
pn.setKeyAgreementSchemeContext(ctx);
- long DHTime3 = System.currentTimeMillis();
- if((DHTime3 - DHTime2) > 1000)
- Logger.error(this, "DHTime3 is more than a
second after DHTime2 ("+(DHTime3 - DHTime2)+") working on "+pn.userToString());
}
int sentCount = 0;
long loopTime1 = System.currentTimeMillis();
Modified: trunk/freenet/src/freenet/node/PeerNode.java
===================================================================
--- trunk/freenet/src/freenet/node/PeerNode.java 2007-12-01 13:55:50 UTC
(rev 16179)
+++ trunk/freenet/src/freenet/node/PeerNode.java 2007-12-01 14:49:29 UTC
(rev 16180)
@@ -29,7 +29,6 @@
import freenet.crypt.DSAGroup;
import freenet.crypt.DSAPublicKey;
import freenet.crypt.DSASignature;
-import freenet.crypt.DiffieHellmanLightContext;
import freenet.crypt.KeyAgreementSchemeContext;
import freenet.crypt.SHA256;
import freenet.crypt.UnsupportedCipherException;
@@ -102,7 +101,6 @@
// The following is used only if we are the initiator
protected long jfkContextLifetime = 0;
- protected DiffieHellmanLightContext jfkContext = null;
/** My low-level address for SocketManager purposes */
private Peer detectedPeer;
/** My OutgoingPacketMangler i.e. the object which encrypts packets
sent to this node */
@@ -914,6 +912,7 @@
hasRekeyed = true;
isRekeying = true;
sendHandshakeTime = now; // Immediately
+ ctx = null;
}
}
@@ -1509,7 +1508,6 @@
if(previousTracker == null)
previousTracker =
unverifiedTracker;
unverifiedTracker = newTracker;
- ctx = null;
} else {
prev = currentTracker;
previousTracker = prev;
@@ -1517,8 +1515,8 @@
unverifiedTracker = null;
neverConnected = false;
peerAddedTime = 0; // don't store anymore
- ctx = null;
}
+ ctx = null;
isRekeying = false;
timeLastRekeyed = now;
totalBytesExchangedWithCurrentTracker = 0;
