Author: toad
Date: 2007-02-07 15:27:50 +0000 (Wed, 07 Feb 2007)
New Revision: 11684
Modified:
trunk/freenet/src/freenet/clients/http/FProxyToadlet.java
trunk/freenet/src/freenet/crypt/DSAPublicKey.java
trunk/freenet/src/freenet/crypt/DiffieHellmanContext.java
trunk/freenet/src/freenet/crypt/SHA256.java
trunk/freenet/src/freenet/crypt/StationToStationContext.java
trunk/freenet/src/freenet/keys/CHKBlock.java
trunk/freenet/src/freenet/keys/ClientCHKBlock.java
trunk/freenet/src/freenet/keys/ClientKSK.java
trunk/freenet/src/freenet/keys/ClientSSK.java
trunk/freenet/src/freenet/keys/InsertableClientSSK.java
trunk/freenet/src/freenet/keys/Key.java
trunk/freenet/src/freenet/keys/NodeSSK.java
trunk/freenet/src/freenet/keys/SSKBlock.java
trunk/freenet/src/freenet/node/FNPPacketMangler.java
trunk/freenet/src/freenet/node/LocationManager.java
trunk/freenet/src/freenet/node/Node.java
trunk/freenet/src/freenet/node/PeerNode.java
trunk/freenet/src/freenet/node/SSKInsertSender.java
trunk/freenet/src/freenet/support/io/BucketTools.java
Log:
Pool SHA256's.
Modified: trunk/freenet/src/freenet/clients/http/FProxyToadlet.java
===================================================================
--- trunk/freenet/src/freenet/clients/http/FProxyToadlet.java 2007-02-07
14:54:33 UTC (rev 11683)
+++ trunk/freenet/src/freenet/clients/http/FProxyToadlet.java 2007-02-07
15:27:50 UTC (rev 11684)
@@ -486,7 +486,9 @@
throw new Error(e);
}
- return HexUtil.bytesToHex(md.digest(bos.toByteArray()));
+ String f = HexUtil.bytesToHex(md.digest(bos.toByteArray()));
+ SHA256.returnMessageDigest(md);
+ return f;
}
public static void maybeCreateFProxyEtc(NodeClientCore core, Node node,
Config config, SubConfig fproxyConfig) throws IOException,
InvalidConfigValueException {
Modified: trunk/freenet/src/freenet/crypt/DSAPublicKey.java
===================================================================
--- trunk/freenet/src/freenet/crypt/DSAPublicKey.java 2007-02-07 14:54:33 UTC
(rev 11683)
+++ trunk/freenet/src/freenet/crypt/DSAPublicKey.java 2007-02-07 15:27:50 UTC
(rev 11684)
@@ -142,7 +142,9 @@
public byte[] asBytesHash() {
MessageDigest md256 = SHA256.getMessageDigest();
- return md256.digest(asBytes());
+ byte[] hash = md256.digest(asBytes());
+ SHA256.returnMessageDigest(md256);
+ return hash;
}
public byte[] asPaddedBytes() {
Modified: trunk/freenet/src/freenet/crypt/DiffieHellmanContext.java
===================================================================
--- trunk/freenet/src/freenet/crypt/DiffieHellmanContext.java 2007-02-07
14:54:33 UTC (rev 11683)
+++ trunk/freenet/src/freenet/crypt/DiffieHellmanContext.java 2007-02-07
15:27:50 UTC (rev 11684)
@@ -59,6 +59,7 @@
md = SHA256.getMessageDigest();
key = md.digest(sharedSecret.toByteArray());
+ SHA256.returnMessageDigest(md);
if(logMINOR)
Logger.minor(this, "Key="+HexUtil.bytesToHex(key));
return key;
Modified: trunk/freenet/src/freenet/crypt/SHA256.java
===================================================================
--- trunk/freenet/src/freenet/crypt/SHA256.java 2007-02-07 14:54:33 UTC (rev
11683)
+++ trunk/freenet/src/freenet/crypt/SHA256.java 2007-02-07 15:27:50 UTC (rev
11684)
@@ -41,6 +41,7 @@
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
+import java.util.Vector;
import org.tanukisoftware.wrapper.WrapperManager;
@@ -322,12 +323,15 @@
return HexUtil.bytesToHex(d);
}
+ static private final Vector digests = new Vector();
+
/**
* Create a new SHA-256 MessageDigest
* Either succeed or stop the node.
*/
- public static MessageDigest getMessageDigest() {
+ public synchronized static MessageDigest getMessageDigest() {
try {
+ if(!digests.isEmpty()) return (MessageDigest) digests.remove(0);
return MessageDigest.getInstance("SHA-256");
} catch (NoSuchAlgorithmException e2) {
//TODO: maybe we should point to a HOWTO for freejvms
@@ -339,6 +343,26 @@
return null;
}
+ /**
+ * Return a MessageDigest to the pool.
+ * Must be SHA-256 !
+ */
+ public synchronized static void returnMessageDigest(MessageDigest
md256) {
+ if(md256 == null) return;
+ String algo = md256.getAlgorithm();
+ if(!(algo.equals("SHA-256") || algo.equals("SHA256")))
+ throw new IllegalArgumentException("Should be SHA-256
but is "+algo);
+ md256.reset();
+ digests.add(md256);
+ }
+
+ public static byte[] digest(byte[] data) {
+ MessageDigest md = getMessageDigest();
+ byte[] hash = md.digest(data);
+ returnMessageDigest(md);
+ return hash;
+ }
+
public static void main(String[] args) {
byte[] buffer=new byte[1024];
SHA256 s=new SHA256();
Modified: trunk/freenet/src/freenet/crypt/StationToStationContext.java
===================================================================
--- trunk/freenet/src/freenet/crypt/StationToStationContext.java
2007-02-07 14:54:33 UTC (rev 11683)
+++ trunk/freenet/src/freenet/crypt/StationToStationContext.java
2007-02-07 15:27:50 UTC (rev 11684)
@@ -91,7 +91,7 @@
lastUsedTime = System.currentTimeMillis();
if(hisExponential == null) throw new IllegalStateException("Can't call
concatAndSignAndCrypt() until setOtherSideExponential() has been called!");
if(key == null) getKey();
-
+
MessageDigest md = SHA256.getMessageDigest();
String message = "(" + myExponential + ',' + hisExponential + ')';
@@ -114,6 +114,8 @@
e.printStackTrace();
}
+ SHA256.returnMessageDigest(md);
+
return result;
}
@@ -134,14 +136,17 @@
is.close();
if(signatureToCheck != null)
- if(DSA.verify(hisPubKey, new
DSASignature(signatureToCheck), new BigInteger(md.digest(message.getBytes()))))
+ if(DSA.verify(hisPubKey, new
DSASignature(signatureToCheck), new BigInteger(md.digest(message.getBytes()))))
{
+ SHA256.returnMessageDigest(md);
return true;
+ }
} catch(IOException e){
Logger.error(this, "Error :"+e);
e.printStackTrace();
}
+ SHA256.returnMessageDigest(md);
return false;
}
Modified: trunk/freenet/src/freenet/keys/CHKBlock.java
===================================================================
--- trunk/freenet/src/freenet/keys/CHKBlock.java 2007-02-07 14:54:33 UTC
(rev 11683)
+++ trunk/freenet/src/freenet/keys/CHKBlock.java 2007-02-07 15:27:50 UTC
(rev 11684)
@@ -81,6 +81,7 @@
md.update(headers);
md.update(data);
byte[] hash = md.digest();
+ SHA256.returnMessageDigest(md);
if(key == null) {
chk = new NodeCHK(hash, cryptoAlgorithm);
} else {
Modified: trunk/freenet/src/freenet/keys/ClientCHKBlock.java
===================================================================
--- trunk/freenet/src/freenet/keys/ClientCHKBlock.java 2007-02-07 14:54:33 UTC
(rev 11683)
+++ trunk/freenet/src/freenet/keys/ClientCHKBlock.java 2007-02-07 15:27:50 UTC
(rev 11684)
@@ -101,10 +101,12 @@
MessageDigest md256 = SHA256.getMessageDigest();
byte[] dkey = md256.digest(dbuf);
if(!java.util.Arrays.equals(dkey, key.cryptoKey)) {
+ SHA256.returnMessageDigest(md256);
throw new CHKDecodeException("Check failed: decrypt key ==
H(data)");
}
// Check: IV == hash of decryption key
byte[] predIV = md256.digest(dkey);
+ SHA256.returnMessageDigest(md256); md256 = null;
// Extract the IV
byte[] iv = new byte[32];
System.arraycopy(hbuf, 0, iv, 0, 32);
@@ -112,9 +114,11 @@
throw new CHKDecodeException("Check failed: Decrypted IV ==
H(decryption key)");
// Checks complete
int size = ((hbuf[32] & 0xff) << 8) + (hbuf[33] & 0xff);
- if((size > 32768) || (size < 0))
+ if((size > 32768) || (size < 0)) {
throw new CHKDecodeException("Invalid size: "+size);
- return Key.decompress(dontCompress ? false : key.isCompressed(), dbuf,
size, bf, Math.min(maxLength, MAX_LENGTH_BEFORE_COMPRESSION),
key.compressionAlgorithm, false);
+ }
+ return Key.decompress(dontCompress ? false : key.isCompressed(), dbuf,
size, bf,
+ Math.min(maxLength, MAX_LENGTH_BEFORE_COMPRESSION),
key.compressionAlgorithm, false);
}
/**
@@ -190,6 +194,8 @@
md256.update(header);
byte[] finalHash = md256.digest(data);
+ SHA256.returnMessageDigest(md256);
+
// Now convert it into a ClientCHK
key = new ClientCHK(finalHash, encKey, asMetadata,
Key.ALGO_AES_PCFB_256_SHA256, compressionAlgorithm);
Modified: trunk/freenet/src/freenet/keys/ClientKSK.java
===================================================================
--- trunk/freenet/src/freenet/keys/ClientKSK.java 2007-02-07 14:54:33 UTC
(rev 11683)
+++ trunk/freenet/src/freenet/keys/ClientKSK.java 2007-02-07 15:27:50 UTC
(rev 11684)
@@ -46,6 +46,7 @@
DSAPublicKey pubKey = new DSAPublicKey(Global.DSAgroupBigA,
privKey);
byte[] pubKeyHash = md256.digest(pubKey.asBytes());
try {
+ SHA256.returnMessageDigest(md256);
return new ClientKSK(keyword, pubKeyHash, pubKey,
privKey, keywordHash);
} catch (MalformedURLException e) {
throw new Error(e);
Modified: trunk/freenet/src/freenet/keys/ClientSSK.java
===================================================================
--- trunk/freenet/src/freenet/keys/ClientSSK.java 2007-02-07 14:54:33 UTC
(rev 11683)
+++ trunk/freenet/src/freenet/keys/ClientSSK.java 2007-02-07 15:27:50 UTC
(rev 11684)
@@ -71,6 +71,7 @@
} catch (UnsupportedCipherException e) {
throw new Error(e);
}
+ SHA256.returnMessageDigest(md);
}
public ClientSSK(FreenetURI origURI) throws MalformedURLException {
Modified: trunk/freenet/src/freenet/keys/InsertableClientSSK.java
===================================================================
--- trunk/freenet/src/freenet/keys/InsertableClientSSK.java 2007-02-07
14:54:33 UTC (rev 11683)
+++ trunk/freenet/src/freenet/keys/InsertableClientSSK.java 2007-02-07
15:27:50 UTC (rev 11684)
@@ -69,7 +69,9 @@
DSAPublicKey pubKey = new DSAPublicKey(g, privKey);
MessageDigest md = SHA256.getMessageDigest();
md.update(pubKey.asBytes());
- return new InsertableClientSSK(uri.getDocName(), md.digest(),
pubKey, privKey, uri.getCryptoKey(), keyType);
+ byte[] pkHash = md.digest();
+ SHA256.returnMessageDigest(md);
+ return new InsertableClientSSK(uri.getDocName(), pkHash,
pubKey, privKey, uri.getCryptoKey(), keyType);
}
public ClientSSKBlock encode(Bucket sourceData, boolean asMetadata,
boolean dontCompress, short alreadyCompressedCodec, long sourceLength,
RandomSource r) throws SSKEncodeException, IOException {
@@ -173,6 +175,7 @@
if(x != SSKBlock.TOTAL_HEADERS_LENGTH)
throw new IllegalStateException("Too long");
try {
+ SHA256.returnMessageDigest(md256);
return new ClientSSKBlock(data, headers, this, false);
// FIXME set last arg to true to not verify
} catch (SSKVerifyException e) {
IllegalStateException exception=new
IllegalStateException("Impossible encoding error: "+e.getMessage());
@@ -208,7 +211,10 @@
DSAPublicKey pubKey = new DSAPublicKey(g, privKey);
MessageDigest md = SHA256.getMessageDigest();
try {
- return new InsertableClientSSK(docName,
md.digest(pubKey.asBytes()), pubKey, privKey, ckey,
Key.ALGO_AES_PCFB_256_SHA256);
+ byte[] pkHash = md.digest(pubKey.asBytes());
+ SHA256.returnMessageDigest(md);
+ return new InsertableClientSSK(docName, pkHash, pubKey,
privKey, ckey,
+ Key.ALGO_AES_PCFB_256_SHA256);
} catch (MalformedURLException e) {
throw new Error(e);
}
Modified: trunk/freenet/src/freenet/keys/Key.java
===================================================================
--- trunk/freenet/src/freenet/keys/Key.java 2007-02-07 14:54:33 UTC (rev
11683)
+++ trunk/freenet/src/freenet/keys/Key.java 2007-02-07 15:27:50 UTC (rev
11684)
@@ -82,6 +82,7 @@
md.update((byte)(TYPE >> 8));
md.update((byte)TYPE);
byte[] digest = md.digest();
+ SHA256.returnMessageDigest(md); md = null;
long asLong = Math.abs(Fields.bytesToLong(digest));
// Math.abs can actually return negative...
if(asLong == Long.MIN_VALUE)
Modified: trunk/freenet/src/freenet/keys/NodeSSK.java
===================================================================
--- trunk/freenet/src/freenet/keys/NodeSSK.java 2007-02-07 14:54:33 UTC (rev
11683)
+++ trunk/freenet/src/freenet/keys/NodeSSK.java 2007-02-07 15:27:50 UTC (rev
11684)
@@ -56,6 +56,7 @@
if(pubKey != null) {
MessageDigest md256 = SHA256.getMessageDigest();
byte[] hash = md256.digest(pubKey.asBytes());
+ SHA256.returnMessageDigest(md256);
if(!Arrays.equals(hash, pkHash))
throw new SSKVerifyException("Invalid pubKey:
wrong hash");
}
@@ -71,7 +72,9 @@
MessageDigest md256 = SHA256.getMessageDigest();
md256.update(ehDocname);
md256.update(pkHash);
- return md256.digest();
+ byte[] key = md256.digest();
+ SHA256.returnMessageDigest(md256);
+ return key;
}
public void write(DataOutput _index) throws IOException {
@@ -126,8 +129,7 @@
if(pubKey2 == null) return;
if((pubKey == null) || !pubKey2.equals(pubKey)) {
if(pubKey2 != null) {
- MessageDigest md256 = SHA256.getMessageDigest();
- byte[] newPubKeyHash =
md256.digest(pubKey2.asBytes());
+ byte[] newPubKeyHash =
SHA256.digest(pubKey2.asBytes());
if(Arrays.equals(pubKeyHash, newPubKeyHash)) {
if(pubKey != null) {
// same hash, yet different
keys!
Modified: trunk/freenet/src/freenet/keys/SSKBlock.java
===================================================================
--- trunk/freenet/src/freenet/keys/SSKBlock.java 2007-02-07 14:54:33 UTC
(rev 11683)
+++ trunk/freenet/src/freenet/keys/SSKBlock.java 2007-02-07 15:27:50 UTC
(rev 11684)
@@ -143,6 +143,7 @@
}
if(!Arrays.equals(ehDocname, nodeKey.encryptedHashedDocname))
throw new SSKVerifyException("E(H(docname)) wrong -
wrong key?? \nfrom headers: "+HexUtil.bytesToHex(ehDocname)+"\nfrom key:
"+HexUtil.bytesToHex(nodeKey.encryptedHashedDocname));
+ SHA256.returnMessageDigest(md);
}
public Key getKey() {
Modified: trunk/freenet/src/freenet/node/FNPPacketMangler.java
===================================================================
--- trunk/freenet/src/freenet/node/FNPPacketMangler.java 2007-02-07
14:54:33 UTC (rev 11683)
+++ trunk/freenet/src/freenet/node/FNPPacketMangler.java 2007-02-07
15:27:50 UTC (rev 11684)
@@ -171,6 +171,7 @@
int ivLength = pcfb.lengthIV();
MessageDigest md = SHA256.getMessageDigest();
int digestLength = md.getDigestLength();
+ SHA256.returnMessageDigest(md);
if(length < digestLength + ivLength + 4) {
if(logMINOR) Logger.minor(this, "Too short: "+length+" should be
at least "+(digestLength + ivLength + 4));
return false;
@@ -393,10 +394,8 @@
System.arraycopy(Fields.longToBytes(node.bootID), 0, data, 0, 8);
System.arraycopy(myRef, 0, data, 8, myRef.length);
- MessageDigest md = SHA256.getMessageDigest();
+ byte[] hash = SHA256.digest(data);
- byte[] hash = md.digest(data);
-
pcfb.blockEncipher(hash, 0, hash.length);
pcfb.blockEncipher(data, 0, data.length);
@@ -498,6 +497,7 @@
Logger.error(this, "Tried to send auth packet to local
address: "+replyTo+" for "+pn);
}
if(logMINOR) Logger.minor(this, "Sending auth packet (long) to
"+replyTo+" - size "+data.length+" data length: "+output.length);
+ SHA256.returnMessageDigest(md);
}
private void sendPacket(byte[] data, Peer replyTo, PeerNode pn, int
alreadyReportedBytes) throws LocalAddressException {
@@ -548,6 +548,7 @@
// Check the hash
MessageDigest md = SHA256.getMessageDigest();
byte[] realHash = md.digest(data);
+ SHA256.returnMessageDigest(md); md = null;
if(Arrays.equals(realHash, hash)) {
// Success!
long bootID = Fields.bytesToLong(data);
@@ -701,6 +702,7 @@
md.update(seqBuf);
md.update(plaintext);
byte[] realHash = md.digest();
+ SHA256.returnMessageDigest(md);
// Now decrypt the original hash
@@ -1428,6 +1430,8 @@
byte[] digestTemp;
digestTemp = md.digest();
+
+ SHA256.returnMessageDigest(md); md = null;
if(logMINOR) Logger.minor(this, "\nHash:
"+HexUtil.bytesToHex(digestTemp));
Modified: trunk/freenet/src/freenet/node/LocationManager.java
===================================================================
--- trunk/freenet/src/freenet/node/LocationManager.java 2007-02-07 14:54:33 UTC
(rev 11683)
+++ trunk/freenet/src/freenet/node/LocationManager.java 2007-02-07 15:27:50 UTC
(rev 11684)
@@ -224,6 +224,8 @@
}
public void run() {
+ MessageDigest md = SHA256.getMessageDigest();
+
try {
// We are already locked by caller
// Because if we can't get lock they need to send a reject
@@ -232,8 +234,6 @@
byte[] hisHash =
((ShortBuffer)origMessage.getObject(DMT.HASH)).getData();
- MessageDigest md = SHA256.getMessageDigest();
-
if(hisHash.length != md.getDigestLength()) {
Logger.error(this, "Invalid SwapRequest from peer: wrong
length hash "+hisHash.length+" on "+uid);
// FIXME: Should we send a reject?
@@ -347,6 +347,7 @@
} finally {
unlock();
removeRecentlyForwardedItem(item);
+ SHA256.returnMessageDigest(md);
}
}
}
@@ -364,6 +365,7 @@
public void run() {
long uid = r.nextLong();
if(!lock()) return;
+ MessageDigest md = SHA256.getMessageDigest();
try {
startedSwaps++;
// We can't lock friends_locations, so lets just
@@ -378,8 +380,6 @@
myValueLong[i+2] = Double.doubleToLongBits(friendLocs[i]);
byte[] myValue = Fields.longsToBytes(myValueLong);
- MessageDigest md = SHA256.getMessageDigest();
-
byte[] myHash = md.digest(myValue);
Message m = DMT.createFNPSwapRequest(uid, myHash, 6);
@@ -522,6 +522,7 @@
unlock();
if(item != null)
removeRecentlyForwardedItem(item);
+ SHA256.returnMessageDigest(md);
}
}
Modified: trunk/freenet/src/freenet/node/Node.java
===================================================================
--- trunk/freenet/src/freenet/node/Node.java 2007-02-07 14:54:33 UTC (rev
11683)
+++ trunk/freenet/src/freenet/node/Node.java 2007-02-07 15:27:50 UTC (rev
11684)
@@ -552,6 +552,7 @@
MessageDigest md = SHA256.getMessageDigest();
identityHash = md.digest(myIdentity);
identityHashHash = md.digest(identityHash);
+ SHA256.returnMessageDigest(md); md = null;
String loc = fs.get("location");
Location l;
try {
@@ -673,6 +674,7 @@
this.myPubKey = new DSAPublicKey(myCryptoGroup, myPrivKey);
myARK = InsertableClientSSK.createRandom(r, "ark");
myARKNumber = 0;
+ SHA256.returnMessageDigest(md);
}
/**
@@ -1730,6 +1732,7 @@
try{
MessageDigest md =
SHA256.getMessageDigest();
myReferenceSignature =
DSA.sign(myCryptoGroup, myPrivKey, new
BigInteger(md.digest(mySignedReference.getBytes("UTF-8"))), random);
+ SHA256.returnMessageDigest(md);
} catch(UnsupportedEncodingException e){
//duh ?
Logger.error(this, "Error while signing
the node identity!"+e);
@@ -2592,6 +2595,7 @@
} else {
Logger.error(this, "New hash is wrong");
}
+ // REDFLAG don't recycle md256 because
something wierd is happening if we are here
throw new IllegalArgumentException("Wrong
hash?? Already have different key with same hash!");
}
cachedPubKeys.push(w, key);
Modified: trunk/freenet/src/freenet/node/PeerNode.java
===================================================================
--- trunk/freenet/src/freenet/node/PeerNode.java 2007-02-07 14:54:33 UTC
(rev 11683)
+++ trunk/freenet/src/freenet/node/PeerNode.java 2007-02-07 15:27:50 UTC
(rev 11684)
@@ -627,6 +627,8 @@
// Setup the queuedToSendN2NTMExtraPeerDataFileNumbers
queuedToSendN2NTMExtraPeerDataFileNumbers = new HashSet();
+
+ SHA256.returnMessageDigest(md);
}
private boolean parseARK(SimpleFieldSet fs, boolean onStartup) {
Modified: trunk/freenet/src/freenet/node/SSKInsertSender.java
===================================================================
--- trunk/freenet/src/freenet/node/SSKInsertSender.java 2007-02-07 14:54:33 UTC
(rev 11683)
+++ trunk/freenet/src/freenet/node/SSKInsertSender.java 2007-02-07 15:27:50 UTC
(rev 11684)
@@ -90,8 +90,7 @@
throw new IllegalArgumentException("Must have pubkey to insert
data!!");
// pubKey.fingerprint() is not the same as hash(pubKey.asBytes())).
FIXME it should be!
byte[] pubKeyAsBytes = pubKey.asBytes();
- MessageDigest md256 = SHA256.getMessageDigest();
- pubKeyHash = md256.digest(pubKeyAsBytes);
+ pubKeyHash = SHA256.digest(pubKeyAsBytes);
this.block = block;
startTime = System.currentTimeMillis();
}
Modified: trunk/freenet/src/freenet/support/io/BucketTools.java
===================================================================
--- trunk/freenet/src/freenet/support/io/BucketTools.java 2007-02-07
14:54:33 UTC (rev 11683)
+++ trunk/freenet/src/freenet/support/io/BucketTools.java 2007-02-07
15:27:50 UTC (rev 11684)
@@ -284,7 +284,9 @@
throw new EOFException();
if((bytesRead != bucketLength) && (bucketLength > 0))
throw new IOException("Read "+bytesRead+" but
bucket length "+bucketLength+ '!');
- return md.digest();
+ byte[] retval = md.digest();
+ SHA256.returnMessageDigest(md);
+ return retval;
} finally {
if(is != null) is.close();
}
