[freenet-cvs] r15089 - in branches/freenet-jfk/src/freenet: crypt node

Sun, 9 Sep 2007 19:41:49 +0000 (UTC) 

Author: nextgens
Date: 2007-09-09 19:41:49 +0000 (Sun, 09 Sep 2007)
New Revision: 15089

Modified:
   branches/freenet-jfk/src/freenet/crypt/DiffieHellmanLightContext.java
   branches/freenet-jfk/src/freenet/node/FNPPacketMangler.java
   branches/freenet-jfk/src/freenet/node/NodeCrypto.java
Log:
Message2 is now sent, hopefully properly.

I know, I know ... shouldn't have changed the visibility of 
NodeCrypto.sign(byte[])

Modified: branches/freenet-jfk/src/freenet/crypt/DiffieHellmanLightContext.java
===================================================================
--- branches/freenet-jfk/src/freenet/crypt/DiffieHellmanLightContext.java       
2007-09-09 19:11:42 UTC (rev 15088)
+++ branches/freenet-jfk/src/freenet/crypt/DiffieHellmanLightContext.java       
2007-09-09 19:41:49 UTC (rev 15089)
@@ -1,5 +1,6 @@
 package freenet.crypt;

+import freenet.node.NodeCrypto;
 import net.i2p.util.NativeBigInteger;

 public class DiffieHellmanLightContext {
@@ -10,6 +11,8 @@
        public final NativeBigInteger myExponential;
        /** The group we both share */
        public final DHGroup group;
+       /** The signature of (g^r, grpR) */
+       public final DSASignature signature;

        public String toString() {
                StringBuffer sb = new StringBuffer();
@@ -22,9 +25,17 @@
                return sb.toString();
        }

-       public DiffieHellmanLightContext(NativeBigInteger myExponent, 
NativeBigInteger myExponential, DHGroup group) {
+       // FIXME: remove the layering violation, sign it *before* the 
constructor so that it doesn't need NodeCrypto
+       public DiffieHellmanLightContext(NodeCrypto crypto, NativeBigInteger 
myExponent, NativeBigInteger myExponential, DHGroup group) {
                this.myExponent = myExponent;
                this.myExponential = myExponential;
                this.group = group;
+               
+               byte[] _myExponential = myExponential.toByteArray();
+               byte[] _myGroup = group.asBytes();
+               byte[] toSign = new byte[_myExponential.length + 
_myGroup.length];
+               System.arraycopy(_myExponential, 0, toSign, 0, 
_myExponential.length);
+               System.arraycopy(_myGroup, 0, toSign, _myExponential.length, 
_myGroup.length);
+               this.signature = crypto.sign(SHA256.digest(toSign));
        }
 }
\ No newline at end of file

Modified: branches/freenet-jfk/src/freenet/node/FNPPacketMangler.java
===================================================================
--- branches/freenet-jfk/src/freenet/node/FNPPacketMangler.java 2007-09-09 
19:11:42 UTC (rev 15088)
+++ branches/freenet-jfk/src/freenet/node/FNPPacketMangler.java 2007-09-09 
19:41:49 UTC (rev 15089)
@@ -11,6 +11,7 @@
 import java.util.Arrays;
 import net.i2p.util.NativeBigInteger;
 import freenet.crypt.BlockCipher;
+import freenet.crypt.DSA;
 import freenet.crypt.DSAGroup;
 import freenet.crypt.DSAPrivateKey;
 import freenet.crypt.DSASignature;
@@ -526,17 +527,34 @@
        // FIXME: IDr' ?
        private void sendMessage2(byte[] nonceInitator, byte[] hisExponential, 
PeerNode pn, Peer replyTo) {
                DiffieHellmanLightContext dhContext = 
getLightDiffieHellmanContext();
+               byte[] idR = new byte[0];
                byte[] myDHGroup = dhContext.group.asBytes();
                byte[] myNonce = new byte[NONCE_SIZE];
                byte[] myExponential = dhContext.myExponential.toByteArray();
                node.random.nextBytes(myNonce);
+               byte[] signature = 
dhContext.signature.toString().getBytes("UTF-8");
+               byte[] authenticator = 
computeHashedJFKAuthenticator(myExponential, myNonce, nonceInitator, idR);

-               byte[] authenticator = computeJFKAuthenticator(myExponential, 
myNonce, nonceInitator, null);
+               byte[] message2 = new 
byte[NONCE_SIZE*2+DiffieHellman.modulusLengthInBytes()+myDHGroup.length+
+                                          signature.length+
+                                          SHA256.getDigestLength()];
+
+               int offset = 0;
+               System.arraycopy(nonceInitator, 0, message2, offset, 
NONCE_SIZE);
+               offset += NONCE_SIZE;
+               System.arraycopy(myNonce, 0, message2, offset, NONCE_SIZE);
+               offset += NONCE_SIZE;
+               System.arraycopy(myExponential, 0, message2, offset, 
myExponential.length);
+               offset += myExponential.length;
+               System.arraycopy(idR, 0, message2, offset, idR.length);
+               offset += idR.length;

-               byte[] message2 = new 
byte[NONCE_SIZE*2+DiffieHellman.modulusLengthInBytes()+myDHGroup.length+
-                                          authenticator.length+
-                                          ];
-                                          
+               System.arraycopy(signature, 0, message2, offset, 
signature.length);
+               offset += signature.length;
+               
+               System.arraycopy(authenticator, 0, message2, offset, 
authenticator.length);
+               
+               sendMessage1or2Packet(1,2,2,message2,pn,replyTo);
        }

        /*
@@ -545,7 +563,7 @@
         * 
         * (costs a HMAC and the allocation of a few bytes)
         */
-       private byte[] computeJFKAuthenticator(byte[] gR, byte[] nR, byte[] nI, 
byte[] address){
+       private byte[] computeJFKAuthenticator(byte[] gR, byte[] nR, byte[] nI, 
byte[] address) {
                byte[] authData=new 
byte[gR.length+nR.length+nI.length+address.length];
                int offset = 0;

@@ -565,6 +583,12 @@
                // TODO: is that 512 LSB ?
                return hash.mac(gR, authData, 9);
        }
+       /*
+        * Hash the authenticator using SHA256
+        */
+       private byte[] computeHashedJFKAuthenticator(byte[] gR, byte[] nR, 
byte[] nI, byte[] address) {
+               return SHA256.digest(computeJFKAuthenticator(gR, nR, nI, 
address));
+       }

        /*
         * Responder Method:Message2
@@ -728,8 +752,7 @@

                byte[] address = replyTo.getAddress().getAddress();
                // FIXME: feed computeJFKAuthenticator with the right 
parameters ^-^
-               byte[] authenticator = computeJFKAuthenticator(data, data, 
data, address);
-               sendMessage3Packet(1,2,2,data,pn,replyTo, 
SHA256.digest(authenticator));
+               sendMessage3Packet(1,2,2,data,pn,replyTo, 
computeHashedJFKAuthenticator(null, null, null, null));
        }

        /*
@@ -2186,7 +2209,7 @@
        }

        private synchronized DiffieHellmanLightContext 
getLightDiffieHellmanContext() {
-               if(currentDHContext == null)
+               if(currentDHContext == null){
                        currentDHContext = DiffieHellman.generateLightContext();
                return currentDHContext;
        }

Modified: branches/freenet-jfk/src/freenet/node/NodeCrypto.java
===================================================================
--- branches/freenet-jfk/src/freenet/node/NodeCrypto.java       2007-09-09 
19:11:42 UTC (rev 15088)
+++ branches/freenet-jfk/src/freenet/node/NodeCrypto.java       2007-09-09 
19:41:49 UTC (rev 15089)
@@ -37,7 +37,7 @@
  * Cryptographic and transport level node identity. 
  * @author toad
  */
-class NodeCrypto {
+public class NodeCrypto {

        final Node node;
        final boolean isOpennet;
@@ -383,7 +383,7 @@
        }

        /** Sign a hash */
-       DSASignature sign(byte[] hash) {
+       public DSASignature sign(byte[] hash) {
                return DSA.sign(cryptoGroup, privKey, new NativeBigInteger(1, 
hash), random);
        }
         // Sign a hash with a specified PrivateKey

Reply via email to