Author: toad
Date: 2007-03-20 21:16:49 +0000 (Tue, 20 Mar 2007)
New Revision: 12240
Modified:
trunk/freenet/src/freenet/crypt/SHA256.java
trunk/freenet/src/freenet/keys/InsertableClientSSK.java
trunk/freenet/src/freenet/node/FNPPacketMangler.java
trunk/freenet/src/freenet/node/LocationManager.java
trunk/freenet/src/freenet/node/Node.java
trunk/freenet/src/freenet/node/PeerNode.java
trunk/freenet/src/freenet/support/io/BucketTools.java
Log:
Don't reuse SHA256's in finally {} blocks, they may not be fit to be reused.
Use SHA256.digest more.
Modified: trunk/freenet/src/freenet/crypt/SHA256.java
===================================================================
--- trunk/freenet/src/freenet/crypt/SHA256.java 2007-03-20 21:15:35 UTC (rev
12239)
+++ trunk/freenet/src/freenet/crypt/SHA256.java 2007-03-20 21:16:49 UTC (rev
12240)
@@ -380,5 +380,9 @@
System.out.println(HexUtil.bytesToHex(rv));
}
+ public static int getDigestLength() {
+ return 32;
+ }
+
}
Modified: trunk/freenet/src/freenet/keys/InsertableClientSSK.java
===================================================================
--- trunk/freenet/src/freenet/keys/InsertableClientSSK.java 2007-03-20
21:15:35 UTC (rev 12239)
+++ trunk/freenet/src/freenet/keys/InsertableClientSSK.java 2007-03-20
21:16:49 UTC (rev 12240)
@@ -211,10 +211,8 @@
DSAGroup g = Global.DSAgroupBigA;
DSAPrivateKey privKey = new DSAPrivateKey(g, r);
DSAPublicKey pubKey = new DSAPublicKey(g, privKey);
- MessageDigest md = SHA256.getMessageDigest();
try {
- byte[] pkHash = md.digest(pubKey.asBytes());
- SHA256.returnMessageDigest(md);
+ byte[] pkHash = SHA256.digest(pubKey.asBytes());
return new InsertableClientSSK(docName, pkHash, pubKey,
privKey, ckey,
Key.ALGO_AES_PCFB_256_SHA256);
} catch (MalformedURLException e) {
Modified: trunk/freenet/src/freenet/node/FNPPacketMangler.java
===================================================================
--- trunk/freenet/src/freenet/node/FNPPacketMangler.java 2007-03-20
21:15:35 UTC (rev 12239)
+++ trunk/freenet/src/freenet/node/FNPPacketMangler.java 2007-03-20
21:16:49 UTC (rev 12240)
@@ -475,8 +475,7 @@
int paddingLength = node.random.nextInt(100);
byte[] iv = new byte[pcfb.lengthIV()];
node.random.nextBytes(iv);
- MessageDigest md = SHA256.getMessageDigest();
- byte[] hash = md.digest(output);
+ byte[] hash = SHA256.digest(output);
if(logMINOR) Logger.minor(this, "Data hash:
"+HexUtil.bytesToHex(hash));
byte[] data = new byte[iv.length + hash.length + 2 /* length */ +
output.length + paddingLength];
pcfb.reset(iv);
@@ -498,7 +497,6 @@
Logger.error(this, "Tried to send auth packet to local
address: "+replyTo+" for "+pn);
}
if(logMINOR) Logger.minor(this, "Sending auth packet (long) to
"+replyTo+" - size "+data.length+" data length: "+output.length);
- SHA256.returnMessageDigest(md);
}
private void sendPacket(byte[] data, Peer replyTo, PeerNode pn, int
alreadyReportedBytes) throws LocalAddressException {
@@ -722,7 +720,7 @@
// Verify
tracker.pn.verified(tracker);
- for(int i=0;i<md.getDigestLength();i++) {
+ for(int i=0;i<HASH_LENGTH;i++) {
packetHash[i] ^= buf[offset+i];
}
if(logMINOR) Logger.minor(this, "Contributing entropy");
Modified: trunk/freenet/src/freenet/node/LocationManager.java
===================================================================
--- trunk/freenet/src/freenet/node/LocationManager.java 2007-03-20 21:15:35 UTC
(rev 12239)
+++ trunk/freenet/src/freenet/node/LocationManager.java 2007-03-20 21:16:49 UTC
(rev 12240)
@@ -340,12 +340,12 @@
if(logMINOR) Logger.minor(this, "Didn't swap: "+myLoc+" <->
"+hisLoc+" - "+uid);
noSwaps++;
}
+ SHA256.returnMessageDigest(md);
} catch (Throwable t) {
Logger.error(this, "Caught "+t, t);
} finally {
unlock();
removeRecentlyForwardedItem(item);
- SHA256.returnMessageDigest(md);
}
}
}
@@ -363,7 +363,6 @@
public void run() {
long uid = r.nextLong();
if(!lock()) return;
- MessageDigest md = SHA256.getMessageDigest();
try {
startedSwaps++;
// We can't lock friends_locations, so lets just
@@ -378,7 +377,7 @@
myValueLong[i+2] = Double.doubleToLongBits(friendLocs[i]);
byte[] myValue = Fields.longsToBytes(myValueLong);
- byte[] myHash = md.digest(myValue);
+ byte[] myHash = SHA256.digest(myValue);
Message m = DMT.createFNPSwapRequest(uid, myHash, 6);
@@ -468,7 +467,7 @@
// First does it verify?
- byte[] rehash = md.digest(hisBuf);
+ byte[] rehash = SHA256.digest(hisBuf);
if(!java.util.Arrays.equals(rehash, hisHash)) {
Logger.error(this, "Bad hash in SwapComplete - malicious
node? on "+uid);
@@ -520,7 +519,6 @@
unlock();
if(item != null)
removeRecentlyForwardedItem(item);
- SHA256.returnMessageDigest(md);
}
}
Modified: trunk/freenet/src/freenet/node/Node.java
===================================================================
--- trunk/freenet/src/freenet/node/Node.java 2007-03-20 21:15:35 UTC (rev
12239)
+++ trunk/freenet/src/freenet/node/Node.java 2007-03-20 21:16:49 UTC (rev
12240)
@@ -573,10 +573,8 @@
} catch (IllegalBase64Exception e2) {
throw new IOException();
}
- MessageDigest md = SHA256.getMessageDigest();
- identityHash = md.digest(myIdentity);
- identityHashHash = md.digest(identityHash);
- SHA256.returnMessageDigest(md); md = null;
+ identityHash = SHA256.digest(myIdentity);
+ identityHashHash = SHA256.digest(identityHash);
String loc = fs.get("location");
Location l;
try {
Modified: trunk/freenet/src/freenet/node/PeerNode.java
===================================================================
--- trunk/freenet/src/freenet/node/PeerNode.java 2007-03-20 21:15:35 UTC
(rev 12239)
+++ trunk/freenet/src/freenet/node/PeerNode.java 2007-03-20 21:16:49 UTC
(rev 12240)
@@ -347,10 +347,8 @@
throw new FSParseException(e);
}
- MessageDigest md = SHA256.getMessageDigest();
-
if(identity == null) throw new FSParseException("No identity");
- identityHash = md.digest(identity);
+ identityHash = SHA256.digest(identity);
hashCode = Fields.hashCode(identityHash);
version = fs.get("version");
Version.seenVersion(version);
@@ -420,8 +418,8 @@
boolean failed = false;
if(signature == null || peerCryptoGroup == null
|| peerPubKey == null ||
(failed = !
-
(DSA.verify(peerPubKey, new DSASignature(signature), new BigInteger(1,
md.digest(fs.toOrderedString().getBytes("UTF-8"))), false) ||
-
(DSA.verify(peerPubKey, new DSASignature(signature), new BigInteger(1,
md.digest(fs.toOrderedString().getBytes("UTF-8"))), true))))) { // FIXME remove
,true after pre-1013 are obsolete
+
(DSA.verify(peerPubKey, new DSASignature(signature), new BigInteger(1,
SHA256.digest(fs.toOrderedString().getBytes("UTF-8"))), false) ||
+
(DSA.verify(peerPubKey, new DSASignature(signature), new BigInteger(1,
SHA256.digest(fs.toOrderedString().getBytes("UTF-8"))), true))))) { // FIXME
remove ,true after pre-1013 are obsolete
String errCause = "";
if(signature == null) errCause += " (No
signature)";
if(peerCryptoGroup == null) errCause +=
" (No peer crypto group)";
@@ -455,9 +453,9 @@
// Setup incoming and outgoing setup ciphers
byte[] nodeKey = node.identityHash;
byte[] nodeKeyHash = node.identityHashHash;
- byte[] setupKeyHash = md.digest(identityHash);
+ byte[] setupKeyHash = SHA256.digest(identityHash);
- int digestLength = md.getDigestLength();
+ int digestLength = SHA256.getDigestLength();
incomingSetupKey = new byte[digestLength];
for(int i=0;i<incomingSetupKey.length;i++)
incomingSetupKey[i] = (byte) (nodeKey[i] ^ setupKeyHash[i]);
@@ -632,8 +630,6 @@
// Setup the queuedToSendN2NTMExtraPeerDataFileNumbers
queuedToSendN2NTMExtraPeerDataFileNumbers = new LinkedHashSet();
-
- SHA256.returnMessageDigest(md);
}
private boolean parseARK(SimpleFieldSet fs, boolean onStartup) {
Modified: trunk/freenet/src/freenet/support/io/BucketTools.java
===================================================================
--- trunk/freenet/src/freenet/support/io/BucketTools.java 2007-03-20
21:15:35 UTC (rev 12239)
+++ trunk/freenet/src/freenet/support/io/BucketTools.java 2007-03-20
21:16:49 UTC (rev 12240)
@@ -245,7 +245,8 @@
int readBytes = is.read(buf);
if(readBytes < 0) break;
bytesRead += readBytes;
- md.update(buf, 0, readBytes);
+ if(readBytes > 0)
+ md.update(buf, 0, readBytes);
}
if((bytesRead < bucketLength) && (bucketLength > 0))
throw new EOFException();
