[freenet-cvs] r15252 - branches/freenet-jfk/src/freenet/node

Sat, 22 Sep 2007 10:34:00 +0000 (UTC) 

Author: kryptos
Date: 2007-09-22 10:33:59 +0000 (Sat, 22 Sep 2007)
New Revision: 15252

Modified:
   branches/freenet-jfk/src/freenet/node/FNPPacketMangler.java
Log:
Updates to JFK: Fixed JFK(4)

Modified: branches/freenet-jfk/src/freenet/node/FNPPacketMangler.java
===================================================================
--- branches/freenet-jfk/src/freenet/node/FNPPacketMangler.java 2007-09-21 
23:24:55 UTC (rev 15251)
+++ branches/freenet-jfk/src/freenet/node/FNPPacketMangler.java 2007-09-22 
10:33:59 UTC (rev 15252)
@@ -11,17 +11,13 @@
 import net.i2p.util.NativeBigInteger;
 import freenet.crypt.BlockCipher;
 import freenet.crypt.DSA;
-import freenet.crypt.DSAGroup;
-import freenet.crypt.DSAPrivateKey;
 import freenet.crypt.DSASignature;
 import freenet.crypt.DiffieHellman;
 import freenet.crypt.DiffieHellmanContext;
 import freenet.crypt.DiffieHellmanLightContext;
 import freenet.crypt.EntropySource;
-import freenet.crypt.Global;
 import freenet.crypt.HMAC;
 import freenet.crypt.PCFBMode;
-import freenet.crypt.RandomSource;
 import freenet.crypt.SHA256;
 import freenet.crypt.crypto_Random.eKey;
 import freenet.io.comm.AsyncMessageCallback;
@@ -43,10 +39,10 @@
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.ObjectOutputStream;
-import java.io.UnsupportedEncodingException;
 import java.math.BigInteger;
-import java.util.Map;
+import java.util.ArrayList;
 import java.util.HashMap;
+import java.util.List;

 /**
  * @author amphibian
@@ -75,6 +71,7 @@
         */

        private final HashMap authenticatorCache;
+        private final List buffer;
        final eKey encryptionKey;

        /** We renew it on each *successful* run of the protocol (the spec. 
says "once a while") - access is synchronized! */
@@ -120,6 +117,7 @@
                fnpTimingSource = new EntropySource();
                myPacketDataSource = new EntropySource();
                authenticatorCache = new HashMap();
+                buffer = new ArrayList();
                encryptionKey = new eKey();

                fullHeadersLengthMinimum = HEADERS_LENGTH_MINIMUM + 
sock.getHeadersLength();
@@ -804,7 +802,7 @@
                DiffieHellmanLightContext dhContext = 
getLightDiffieHellmanContext();
                byte[] ourExponential = dhContext.myExponential.toByteArray();
                byte[] unVerifiedData=new 
byte[NONCE_SIZE*2+DiffieHellman.modulusLengthInBytes()*2];
-               int offset = 0;
+               int offset = 
0;http://www.google.co.in/search?q=inline+gpg&ie=utf-8&oe=utf-8&aq=t&rls=com.ubuntu:en-US:official&client=firefox-a
                // Ni
                 System.arraycopy(nonceInitiator, 0, unVerifiedData, offset, 
NONCE_SIZE);
                offset += NONCE_SIZE;
@@ -845,6 +843,14 @@
                byte[] iv=new byte[pk.lengthIV()];
                 node.random.nextBytes(iv);
                byte[] idI = new byte[0];
+                // Buffer of Ni,Nr,g^i,g^r,IDi
+                byte[] buf =  new byte[unVerifiedData.length+idI.length];
+                System.arraycopy(unVerifiedData,0,buf,0,unVerifiedData.length);
+                System.arraycopy(idI,0,buf,unVerifiedData.length,idI.length);
+                // Store buf in a List for use in JFK(4)
+                synchronized(buffer){
+                    buffer.add(buf);
+                }
                 int encryptedDataLength = iv.length + idI.length + r.length + 
s.length + 2;
                byte[] encryptedData = new byte[encryptedDataLength];
                System.arraycopy(iv, 0, encryptedData, 0, iv.length);
@@ -894,9 +900,31 @@
                 inputOffset += ivLength;
                 // Now verify signature
                 // FIXME: How do we verify the signature?
+                byte[] r = new byte[Node.SIGNATURE_PARAMETER_LENGTH];
+               System.arraycopy(payload, inputOffset, r, 0, 
Node.SIGNATURE_PARAMETER_LENGTH);
+               inputOffset += Node.SIGNATURE_PARAMETER_LENGTH;
+               byte[] s = new byte[Node.SIGNATURE_PARAMETER_LENGTH];
+               System.arraycopy(payload, inputOffset, s, 0, 
Node.SIGNATURE_PARAMETER_LENGTH);
+               inputOffset += Node.SIGNATURE_PARAMETER_LENGTH;
+               DSASignature remoteSignature = new DSASignature(new 
NativeBigInteger(1,r), new NativeBigInteger(1,s));
+               if(logMINOR)
+                    Logger.minor(this, "Remote sent us the following sig 
:"+remoteSignature.toLongString());
+               // Since we need the params only for signature verification, we 
can immediately remove them from the List
+                // Thus, at any point of time, the list will only contain only 
one entry
+                byte[] locallyExpectedExponentials = new 
byte[Node.SIGNATURE_PARAMETER_LENGTH*2];
+                synchronized(buffer){
+                    try{
+                        locallyExpectedExponentials = 
SHA256.digest(getBytes(buffer.get(0)));
+                    }catch(IOException e){
+                        Logger.error(this,"Error getting signData in bytes");
+                    }
+                }
+                buffer.remove(0);
+               if(!DSA.verify(pn.peerPubKey, remoteSignature, new 
NativeBigInteger(1, locallyExpectedExponentials), false)) {
+                       Logger.error(this, "The signature verification has 
failed!!");
+                       return;
+               }          

-                // FIXME: cache JFK(4)?
-                
                 // FIXME: JFK handshake completion?
         }
        /*
@@ -2227,6 +2255,7 @@

                return SHA256.digest(toSign);
        }
+       
        /*
         * Actually sign the DH parameters for message2
         */

Reply via email to