Author: nextgens
Date: 2007-10-20 13:24:49 +0000 (Sat, 20 Oct 2007)
New Revision: 15453
Modified:
trunk/freenet/src/freenet/crypt/DiffieHellman.java
trunk/freenet/src/freenet/crypt/DiffieHellmanLightContext.java
trunk/freenet/src/freenet/node/FNPPacketMangler.java
trunk/freenet/src/freenet/node/Node.java
trunk/freenet/src/freenet/node/NodeCrypto.java
trunk/freenet/src/freenet/node/NodeStarter.java
trunk/freenet/src/freenet/node/PeerNode.java
Log:
JFK: compute the sig of the DH exponent off-thread.
*It might break opennet.*
Yes it sucks but I'm not sure on how to do to improve it. Do we really
need/want one additional thread per mangler ?
Modified: trunk/freenet/src/freenet/crypt/DiffieHellman.java
===================================================================
--- trunk/freenet/src/freenet/crypt/DiffieHellman.java 2007-10-20 11:42:17 UTC
(rev 15452)
+++ trunk/freenet/src/freenet/crypt/DiffieHellman.java 2007-10-20 13:24:49 UTC
(rev 15453)
@@ -9,6 +9,8 @@
import java.util.Random;
import java.util.Stack;
+import freenet.node.FNPPacketMangler;
+import freenet.node.NodeCrypto;
import freenet.support.Logger;
import net.i2p.util.NativeBigInteger;
@@ -31,9 +33,11 @@
private static final int PRECALC_TIMEOUT = 193 * 1000;
private static Random r;
- private static DHGroup group = Global.DHgroupA;
- private static Stack precalcBuffer = new Stack();
- private static Object precalcerWaitObj = new Object();
+ private static NodeCrypto crypt;
+ private static DSAGroup dsaGr;
+ private final static DHGroup group = Global.DHgroupA;
+ private final static Stack precalcBuffer = new Stack();
+ private final static Object precalcerWaitObj = new Object();
private static Thread precalcThread;
@@ -78,8 +82,10 @@
}
}
- public static void init(Random random) {
- r = random;
+ public static void init(Random random, NodeCrypto crypto, DSAGroup
dsaGroup) {
+ crypt = crypto;
+ dsaGr = dsaGroup;
+ r = random;
precalcThread.start();
}
@@ -120,7 +126,7 @@
if((time2 - time1) > 300) {
Logger.error(null,
"DiffieHellman.generateLightContext(): time2 is more than 300ms after time1
("+(time2 - time1)+ ')');
}
- return new DiffieHellmanLightContext(params[0], params[1]);
+ return new DiffieHellmanLightContext(params[0], params[1], new
DSASignature(params[2], params[3]));
}
public static NativeBigInteger[] getParams() {
@@ -137,10 +143,16 @@
}
private static NativeBigInteger[] genParams() {
- NativeBigInteger params[] = new NativeBigInteger[2];
- // Don't need NativeBigInteger?
+ NativeBigInteger params[] = new NativeBigInteger[4];
+
params[0] = new NativeBigInteger(256, r);
- params[1] = (NativeBigInteger) group.getG().modPow(params[0],
group.getP());
+ NativeBigInteger exponential = (NativeBigInteger)
group.getG().modPow(params[0], group.getP());
+ params[1] = exponential;
+
+ DSASignature sig =
crypt.sign(SHA256.digest(FNPPacketMangler.assembleDHParams(exponential,
dsaGr)));
+ params[2] = new NativeBigInteger(sig.getR());
+ params[3] = new NativeBigInteger(sig.getS());
+
return params;
}
Modified: trunk/freenet/src/freenet/crypt/DiffieHellmanLightContext.java
===================================================================
--- trunk/freenet/src/freenet/crypt/DiffieHellmanLightContext.java
2007-10-20 11:42:17 UTC (rev 15452)
+++ trunk/freenet/src/freenet/crypt/DiffieHellmanLightContext.java
2007-10-20 13:24:49 UTC (rev 15453)
@@ -29,16 +29,13 @@
return sb.toString();
}
- public DiffieHellmanLightContext(NativeBigInteger myExponent,
NativeBigInteger myExponential) {
+ public DiffieHellmanLightContext(NativeBigInteger myExponent,
NativeBigInteger myExponential, DSASignature sig) {
this.myExponent = myExponent;
this.myExponential = myExponential;
+ this.signature = sig;
logMINOR = Logger.shouldLog(Logger.MINOR, this);
}
- public void setSignature(DSASignature sig) {
- this.signature = sig;
- }
-
/*
* Calling the following is costy; avoid
*/
Modified: trunk/freenet/src/freenet/node/FNPPacketMangler.java
===================================================================
--- trunk/freenet/src/freenet/node/FNPPacketMangler.java 2007-10-20
11:42:17 UTC (rev 15452)
+++ trunk/freenet/src/freenet/node/FNPPacketMangler.java 2007-10-20
13:24:49 UTC (rev 15453)
@@ -2335,6 +2335,10 @@
* @see
freenet.node.OutgoingPacketMangler#sendHandshake(freenet.node.PeerNode)
*/
public void sendHandshake(PeerNode pn) {
+ if(!node.isHasStarted()) {
+ Logger.normal(this, "Attempting to send a handshake
while the node is starting up... cancel it.");
+ return;
+ }
int negType = pn.selectNegType(this);
if(negType == -1) {
if(pn.isRoutingCompatible())
@@ -2419,7 +2423,7 @@
}
public int[] supportedNegTypes() {
- return new int[] { 2, 1 };
+ return new int[] { 1, 2 };
}
public int fullHeadersLengthOneMessage() {
@@ -2449,7 +2453,6 @@
if((currentDHContext == null) ||
(currentDHContextLifetime + 1800000 /*30mins*/) < now) {
currentDHContextLifetime = now;
currentDHContext =
DiffieHellman.generateLightContext();
-
currentDHContext.setSignature(crypto.sign(SHA256.digest(assembleDHParams(currentDHContext.myExponential,
crypto.getCryptoGroup()))));
}
}
return currentDHContext;
@@ -2458,7 +2461,7 @@
/*
* Prepare DH parameters of message2 for them to be signed (useful in
message3 to check the sig)
*/
- private byte[] assembleDHParams(BigInteger exponential, DSAGroup group)
{
+ public static byte[] assembleDHParams(NativeBigInteger exponential,
DSAGroup group) {
byte[] _myExponential =
stripBigIntegerToNetworkFormat(exponential);
byte[] _myGroup = group.getP().toByteArray();
byte[] toSign = new byte[_myExponential.length +
_myGroup.length];
@@ -2523,7 +2526,7 @@
}
}
- private byte[] stripBigIntegerToNetworkFormat(BigInteger exponential) {
+ public static byte[] stripBigIntegerToNetworkFormat(BigInteger
exponential) {
byte[] data = exponential.toByteArray();
int targetLength = DiffieHellman.modulusLengthInBytes();
Modified: trunk/freenet/src/freenet/node/Node.java
===================================================================
--- trunk/freenet/src/freenet/node/Node.java 2007-10-20 11:42:17 UTC (rev
15452)
+++ trunk/freenet/src/freenet/node/Node.java 2007-10-20 13:24:49 UTC (rev
15453)
@@ -45,6 +45,7 @@
import freenet.config.PersistentConfig;
import freenet.config.SubConfig;
import freenet.crypt.DSAPublicKey;
+import freenet.crypt.DiffieHellman;
import freenet.crypt.RandomSource;
import freenet.crypt.SHA256;
import freenet.crypt.Yarrow;
@@ -425,6 +426,11 @@
}
darknetCrypto.readCrypto(fs);
+ //TODO: That sucks. It breaks layering rules and will
eventually break opennet as the key isn't likely to be the same.
+ // Tell me if you know how to improve it.
+ // No, generating two sigs isn't an option as it's sub-optimal.
+ // running one additionnal thread per mangler might be one.
+ DiffieHellman.init(random, darknetCrypto,
darknetCrypto.getCryptoGroup());
swapIdentifier =
Fields.bytesToLong(darknetCrypto.identityHashHash);
String loc = fs.get("location");
Modified: trunk/freenet/src/freenet/node/NodeCrypto.java
===================================================================
--- trunk/freenet/src/freenet/node/NodeCrypto.java 2007-10-20 11:42:17 UTC
(rev 15452)
+++ trunk/freenet/src/freenet/node/NodeCrypto.java 2007-10-20 13:24:49 UTC
(rev 15453)
@@ -37,7 +37,7 @@
* Cryptographic and transport level node identity.
* @author toad
*/
-class NodeCrypto {
+public class NodeCrypto {
final Node node;
final boolean isOpennet;
@@ -88,7 +88,6 @@
logMINOR = Logger.shouldLog(Logger.MINOR, this);
config.starting(this);
-
try {
int port = config.getPort();
@@ -135,7 +134,6 @@
socket.setLowLevelFilter(packetMangler = new
FNPPacketMangler(node, this, socket));
detector = new NodeIPPortDetector(node, node.ipDetector, this);
-
} catch (NodeInitException e) {
config.stopping(this);
throw e;
@@ -386,7 +384,7 @@
}
/** Sign a hash */
- DSASignature sign(byte[] hash) {
+ public DSASignature sign(byte[] hash) {
return DSA.sign(cryptoGroup, privKey, new NativeBigInteger(1,
hash), random);
}
Modified: trunk/freenet/src/freenet/node/NodeStarter.java
===================================================================
--- trunk/freenet/src/freenet/node/NodeStarter.java 2007-10-20 11:42:17 UTC
(rev 15452)
+++ trunk/freenet/src/freenet/node/NodeStarter.java 2007-10-20 13:24:49 UTC
(rev 15453)
@@ -13,7 +13,6 @@
import freenet.config.InvalidConfigValueException;
import freenet.config.PersistentConfig;
import freenet.config.SubConfig;
-import freenet.crypt.DiffieHellman;
import freenet.crypt.RandomSource;
import freenet.crypt.Yarrow;
import freenet.support.Executor;
@@ -115,8 +114,6 @@
// Setup RNG
RandomSource random = new Yarrow();
-
- DiffieHellman.init(random);
// Thread to keep the node up.
// JVM deadlocks losing a lock when two threads of different
types (daemon|app)
@@ -284,7 +281,6 @@
// Setup RNG
RandomSource random = new Yarrow();
- DiffieHellman.init(random);
// Thread to keep the node up.
// JVM deadlocks losing a lock when two threads of different
types (daemon|app)
Modified: trunk/freenet/src/freenet/node/PeerNode.java
===================================================================
--- trunk/freenet/src/freenet/node/PeerNode.java 2007-10-20 11:42:17 UTC
(rev 15452)
+++ trunk/freenet/src/freenet/node/PeerNode.java 2007-10-20 13:24:49 UTC
(rev 15453)
@@ -2642,7 +2642,7 @@
/**
* Select the most appropriate negType, taking the user's preference
into account
- * order matters
+ * order matters: last is best
*
* @param mangler
* @return -1 if no common negType has been found
