[freenet-cvs] r15380 - branches/freenet-jfk/src/freenet/node

Sat, 29 Sep 2007 10:20:07 +0000 (UTC) 

Author: nextgens
Date: 2007-09-29 10:20:07 +0000 (Sat, 29 Sep 2007)
New Revision: 15380

Modified:
   branches/freenet-jfk/src/freenet/node/FNPPacketMangler.java
Log:
Doh... the hmac verification was failing because we tried to authenticate the 
cyphertext and the plaintext on the other end.

The DSA signature verification is still failing though.

Modified: branches/freenet-jfk/src/freenet/node/FNPPacketMangler.java
===================================================================
--- branches/freenet-jfk/src/freenet/node/FNPPacketMangler.java 2007-09-29 
09:59:55 UTC (rev 15379)
+++ branches/freenet-jfk/src/freenet/node/FNPPacketMangler.java 2007-09-29 
10:20:07 UTC (rev 15380)
@@ -755,10 +755,10 @@
                // We compute the HMAC of ("I"+cyphertext) : the cyphertext 
includes the IV!
                byte[] prefix = null;
                try { prefix = "I".getBytes("UTF-8"); } catch 
(UnsupportedEncodingException e) {}
-               byte[] decypheredPayload = new byte[prefix.length + 
payload.length - inputOffset];
+               byte[] decypheredPayload = new byte[prefix.length + ivLength + 
Node.SIGNATURE_PARAMETER_LENGTH*2];
                System.arraycopy(prefix, 0, decypheredPayload, 
decypheredPayloadOffset, prefix.length);
                decypheredPayloadOffset += prefix.length;
-               System.arraycopy(payload, inputOffset, decypheredPayload, 
decypheredPayloadOffset, payload.length - inputOffset);
+               System.arraycopy(payload, inputOffset, decypheredPayload, 
decypheredPayloadOffset, ivLength + Node.SIGNATURE_PARAMETER_LENGTH*2);
                if(!mac.verify(Ka, decypheredPayload, hmac)) {
                        Logger.error(this, "The digest-HMAC doesn't match; 
let's discard the packet");
                        return;
@@ -768,7 +768,7 @@
                pk.reset(decypheredPayload, decypheredPayloadOffset);
                decypheredPayloadOffset += ivLength;
                // Decrypt the payload
-               pk.blockDecipher(decypheredPayload, decypheredPayloadOffset, 
payload.length-decypheredPayloadOffset);
+               pk.blockDecipher(decypheredPayload, decypheredPayloadOffset, 
Node.SIGNATURE_PARAMETER_LENGTH*2);
                /*
                 * DecipheredData Format:
                 * Signature-r,s
@@ -896,13 +896,13 @@
                System.arraycopy(s, 0, cleartext, cleartextOffset, 
Node.SIGNATURE_PARAMETER_LENGTH);
                cleartextOffset += Node.SIGNATURE_PARAMETER_LENGTH;

+               int cleartextToEncypherOffset = prefix.length + ivLength;
+               pcfb.blockEncipher(cleartext, cleartextToEncypherOffset, 
Node.SIGNATURE_PARAMETER_LENGTH * 2);
+               
                // We compute the HMAC of (prefix + cyphertext) Includes the IV!
                HMAC mac = new HMAC(SHA256.getInstance());
                byte[] hmac = mac.mac(Ka, cleartext, HASH_LENGTH);

-               int cleartextToEncypherOffset = prefix.length + ivLength;
-               pcfb.blockEncipher(cleartext, cleartextToEncypherOffset, 
Node.SIGNATURE_PARAMETER_LENGTH * 2);
-               
                // copy stuffs back to the message
                System.arraycopy(hmac, 0, message3, offset, HASH_LENGTH);
                offset += HASH_LENGTH;

Reply via email to