node

[email protected] Sun, 30 Sep 2007 06:54:18 +0000 (UTC)

Author: nextgens
Date: 2007-09-30 06:54:17 +0000 (Sun, 30 Sep 2007)
New Revision: 15411


Modified:
   trunk/freenet/src/freenet/node/FNPPacketMangler.java
Log:
jfk: Verify the nonce sent back by the responder on message2

Modified: trunk/freenet/src/freenet/node/FNPPacketMangler.java
===================================================================
--- trunk/freenet/src/freenet/node/FNPPacketMangler.java        2007-09-30 
06:46:48 UTC (rev 15410)
+++ trunk/freenet/src/freenet/node/FNPPacketMangler.java        2007-09-30 
06:54:17 UTC (rev 15411)
@@ -504,12 +504,12 @@
                DiffieHellmanLightContext dhContext = 
getLightDiffieHellmanContext(pn);
                int offset = 0;
                byte[] myExponential = 
stripBigIntegerToNetworkFormat(dhContext.myExponential);
-               byte[] myNonce = new byte[NONCE_SIZE];
-               node.random.nextBytes(myNonce);
-
+               pn.jfkNonceInitiator = new byte[NONCE_SIZE];
+               node.random.nextBytes(pn.jfkNonceInitiator);
+               
                byte[] message1 = new 
byte[NONCE_SIZE+DiffieHellman.modulusLengthInBytes()];

-               System.arraycopy(myNonce, 0, message1, offset, NONCE_SIZE);
+               System.arraycopy(pn.jfkNonceInitiator, 0, message1, offset, 
NONCE_SIZE);
                offset += NONCE_SIZE;
                System.arraycopy(myExponential, 0, message1, offset, 
DiffieHellman.modulusLengthInBytes());

@@ -683,6 +683,12 @@
        {
                final long t1 = System.currentTimeMillis();
                if(logMINOR) Logger.minor(this, "Got a JFK(3) message, 
processing it - "+pn);
+               
+               byte[] myNi = pn.jfkNonceInitiator;
+               // We don't except such a message;
+               if(myNi == null)
+                       return;
+               
                BlockCipher c = null;
                try { c = new Rijndael(256, 256); } catch 
(UnsupportedCipherException e) {}
                int inputOffset=3;
@@ -744,6 +750,11 @@
                }

                // some sanity checks
+               if(!Arrays.equals(myNi, nonceInitiator)) {
+                       Logger.error(this, "Huh? the responder sent us a 
different nonce back! -"+pn);
+                       return;
+               }
+               
                NativeBigInteger _hisExponential = new NativeBigInteger(1, 
initiatorExponential);
                if(_hisExponential.compareTo(NativeBigInteger.ONE) < 1) {
                        Logger.error(this, "We can't accept the exponential 
"+pn+" sent us; it's smaller than 1!!");
@@ -956,6 +967,7 @@
                pn.jfkKa = null;
                pn.jfkKe = null;
                pn.jfkKs = null;
+               pn.jfkNonceInitiator = null;

                final long t2=System.currentTimeMillis();
                if((t2-t1)>500)

[freenet-cvs] r15411 - trunk/freenet/src/freenet/node

Reply via email to