Author: toad
Date: 2007-02-10 00:46:42 +0000 (Sat, 10 Feb 2007)
New Revision: 11732
Modified:
trunk/freenet/src/freenet/client/async/ClientRequestScheduler.java
trunk/freenet/src/freenet/client/async/SingleFileFetcher.java
trunk/freenet/src/freenet/crypt/DSA.java
trunk/freenet/src/freenet/crypt/DSAGroupGenerator.java
trunk/freenet/src/freenet/crypt/StationToStationContext.java
trunk/freenet/src/freenet/keys/SSKBlock.java
trunk/freenet/src/freenet/node/Node.java
trunk/freenet/src/freenet/node/PeerNode.java
Log:
Fix another minor crypto compatibility issue
Modified: trunk/freenet/src/freenet/client/async/ClientRequestScheduler.java
===================================================================
--- trunk/freenet/src/freenet/client/async/ClientRequestScheduler.java
2007-02-10 00:17:03 UTC (rev 11731)
+++ trunk/freenet/src/freenet/client/async/ClientRequestScheduler.java
2007-02-10 00:46:42 UTC (rev 11732)
@@ -174,6 +174,8 @@
} catch (KeyVerifyException e) {
// Verify exception, probably bogus at
source;
// verifies at low-level, but not at
decode.
+ if(logMINOR)
+ Logger.minor(this, "Decode
failed: "+e, e);
getter.onFailure(new
LowLevelGetException(LowLevelGetException.DECODE_FAILED));
return;
}
Modified: trunk/freenet/src/freenet/client/async/SingleFileFetcher.java
===================================================================
--- trunk/freenet/src/freenet/client/async/SingleFileFetcher.java
2007-02-10 00:17:03 UTC (rev 11731)
+++ trunk/freenet/src/freenet/client/async/SingleFileFetcher.java
2007-02-10 00:46:42 UTC (rev 11732)
@@ -131,6 +131,8 @@
try {
data = block.decode(ctx.bucketFactory,
(int)(Math.min(ctx.maxOutputLength, Integer.MAX_VALUE)), false);
} catch (KeyDecodeException e1) {
+ if(logMINOR)
+ Logger.minor(this, "Decode failure: "+e1, e1);
onFailure(new
FetchException(FetchException.BLOCK_DECODE_ERROR, e1.getMessage()));
return;
} catch (IOException e) {
Modified: trunk/freenet/src/freenet/crypt/DSA.java
===================================================================
--- trunk/freenet/src/freenet/crypt/DSA.java 2007-02-10 00:17:03 UTC (rev
11731)
+++ trunk/freenet/src/freenet/crypt/DSA.java 2007-02-10 00:46:42 UTC (rev
11732)
@@ -92,12 +92,13 @@
/**
* Verifies the message authenticity given a group, the public key
* (y), a signature, and the hash of the message (m).
+ * @param forceMod If enabled, skip the clipping m to 255 bits.
*/
public static boolean verify(DSAPublicKey kp,
DSASignature sig,
- BigInteger m) {
+ BigInteger m, boolean forceMod) {
if(m.signum() == -1) throw new IllegalArgumentException();
- if(kp.getGroup().getQ().bitLength() == 256)
+ if(kp.getGroup().getQ().bitLength() == 256 && !forceMod)
m = m.and(SIGNATURE_MASK);
try {
// 0<r<q has to be true
@@ -137,7 +138,7 @@
DSAPrivateKey pk=new DSAPrivateKey(g, y);
DSAPublicKey pub=new DSAPublicKey(g, pk);
DSASignature sig=sign(g, pk, BigInteger.ZERO, y);
- System.err.println(verify(pub, sig, BigInteger.ZERO));
+ System.err.println(verify(pub, sig, BigInteger.ZERO, false));
while(true) {
long totalTimeSigning = 0;
long totalTimeVerifying = 0;
@@ -167,7 +168,7 @@
long t1 = System.currentTimeMillis();
sig = sign(g, pk, m, y);
long t2 = System.currentTimeMillis();
- if(!verify(pub, sig, m)) {
+ if(!verify(pub, sig, m, false)) {
System.err.println("Failed to verify!");
}
long t3 = System.currentTimeMillis();
Modified: trunk/freenet/src/freenet/crypt/DSAGroupGenerator.java
===================================================================
--- trunk/freenet/src/freenet/crypt/DSAGroupGenerator.java 2007-02-10
00:17:03 UTC (rev 11731)
+++ trunk/freenet/src/freenet/crypt/DSAGroupGenerator.java 2007-02-10
00:46:42 UTC (rev 11732)
@@ -162,7 +162,7 @@
long now = System.currentTimeMillis();
DSASignature sig = DSA.sign(group, privKey, m, r);
long middle = System.currentTimeMillis();
- boolean success = DSA.verify(pubKey, sig, m);
+ boolean success = DSA.verify(pubKey, sig, m, false);
long end = System.currentTimeMillis();
if(success) {
totalSigTime += (middle - now);
Modified: trunk/freenet/src/freenet/crypt/StationToStationContext.java
===================================================================
--- trunk/freenet/src/freenet/crypt/StationToStationContext.java
2007-02-10 00:17:03 UTC (rev 11731)
+++ trunk/freenet/src/freenet/crypt/StationToStationContext.java
2007-02-10 00:46:42 UTC (rev 11732)
@@ -129,7 +129,7 @@
is.close();
if(signatureToCheck != null)
- if(DSA.verify(hisPubKey, new
DSASignature(signatureToCheck), new BigInteger(1,
SHA256.digest(message.getBytes())))) {
+ if(DSA.verify(hisPubKey, new
DSASignature(signatureToCheck), new BigInteger(1,
SHA256.digest(message.getBytes())), false)) {
return true;
}
Modified: trunk/freenet/src/freenet/keys/SSKBlock.java
===================================================================
--- trunk/freenet/src/freenet/keys/SSKBlock.java 2007-02-10 00:17:03 UTC
(rev 11731)
+++ trunk/freenet/src/freenet/keys/SSKBlock.java 2007-02-10 00:46:42 UTC
(rev 11732)
@@ -137,7 +137,8 @@
// Now verify it
NativeBigInteger r = new NativeBigInteger(1, bufR);
NativeBigInteger s = new NativeBigInteger(1, bufS);
- if(!DSA.verify(pubKey, new DSASignature(r, s), new
NativeBigInteger(1, overallHash))) {
+ if(!(DSA.verify(pubKey, new DSASignature(r, s), new
NativeBigInteger(1, overallHash), false) ||
+ (DSA.verify(pubKey, new DSASignature(r,
s), new NativeBigInteger(1, overallHash), true)))) {
throw new SSKVerifyException("Signature
verification failed for node-level SSK");
}
}
Modified: trunk/freenet/src/freenet/node/Node.java
===================================================================
--- trunk/freenet/src/freenet/node/Node.java 2007-02-10 00:17:03 UTC (rev
11731)
+++ trunk/freenet/src/freenet/node/Node.java 2007-02-10 00:46:42 UTC (rev
11732)
@@ -1800,7 +1800,7 @@
if(logMINOR) Logger.minor(this, "m =
"+m.toString(16));
myReferenceSignature =
DSA.sign(myCryptoGroup, myPrivKey, m, random);
// FIXME remove this ... eventually
- if(!DSA.verify(myPubKey,
myReferenceSignature, m))
+ if(!DSA.verify(myPubKey,
myReferenceSignature, m, false))
Logger.error(this, "Signature
failed!");
} catch(UnsupportedEncodingException e){
//duh ?
Modified: trunk/freenet/src/freenet/node/PeerNode.java
===================================================================
--- trunk/freenet/src/freenet/node/PeerNode.java 2007-02-10 00:17:03 UTC
(rev 11731)
+++ trunk/freenet/src/freenet/node/PeerNode.java 2007-02-10 00:46:42 UTC
(rev 11732)
@@ -418,7 +418,7 @@
try{
boolean failed = false;
if(signature == null || peerCryptoGroup == null
|| peerPubKey == null ||
- (failed =
!DSA.verify(peerPubKey, new DSASignature(signature), new BigInteger(1,
md.digest(fs.toOrderedString().getBytes("UTF-8")))))){
+ (failed =
!DSA.verify(peerPubKey, new DSASignature(signature), new BigInteger(1,
md.digest(fs.toOrderedString().getBytes("UTF-8"))), false))){
String errCause = "";
if(signature == null) errCause += " (No
signature)";
if(peerCryptoGroup == null) errCause +=
" (No peer crypto group)";
