[freenet-cvs] r14924 - in branches/freenet-jfk: devnotes src/freenet/node

kryptos at freenetproject.org kryptos at freenetproject.org
Thu Aug 30 14:51:37 UTC 2007 

Author: kryptos
Date: 2007-08-30 14:51:36 +0000 (Thu, 30 Aug 2007)
New Revision: 14924

Removed:
   branches/freenet-jfk/devnotes/crypto_Notes.txt
Modified:
   branches/freenet-jfk/src/freenet/node/FNPPacketMangler.java
Log:
Error in authentication verified

Deleted: branches/freenet-jfk/devnotes/crypto_Notes.txt
===================================================================
--- branches/freenet-jfk/devnotes/crypto_Notes.txt	2007-08-30 09:37:43 UTC (rev 14923)
+++ branches/freenet-jfk/devnotes/crypto_Notes.txt	2007-08-30 14:51:36 UTC (rev 14924)
@@ -1,20 +0,0 @@
-//////////////////////Just fast Keying//////////////////////////   
-
-   Message 1, I->R:  Ni, g^i
-
-   Message 2, R->I:  Ni, Nr, g^r, GRPINFOr, 
-                     SIG{r}(g^r, GRPINFOr), HMAC{HKr}(Ni, Nr, g^i, g^r)
-
-   Message 3, I->R:  Ni, Nr, g^i, g^r, HMAC{HKr}(Ni, Nr, g^i, g^r),
-                     E{Ke}( sa, SIG{i}(Ni, Nr, g^i, g^r))
-
-   Message 4, R->I:  E{Ke}(SIG{r}(Ni, Nr, g^i, g^r , IDi, sa))
-
-
-   HKr: A transient hash key private to the Responder; this is a
-        global parameter for the Responder (i.e., it is not different
-        for every different protocol run), which changes periodically:
-        the Responder must pick a new g^r every time HKr changes.
-
-   Ke:  A shared key derived from g^ir, Ni, and Nr, used to protect
-        messages 3 and 4 of the protocol.

Modified: branches/freenet-jfk/src/freenet/node/FNPPacketMangler.java
===================================================================
--- branches/freenet-jfk/src/freenet/node/FNPPacketMangler.java	2007-08-30 09:37:43 UTC (rev 14923)
+++ branches/freenet-jfk/src/freenet/node/FNPPacketMangler.java	2007-08-30 14:51:36 UTC (rev 14924)
@@ -92,6 +92,7 @@
 	
 	final int fullHeadersLengthMinimum;
 	final int fullHeadersLengthOneMessage;
+        private static byte[] AUTHENTICATOR;
 	
     public FNPPacketMangler(Node node, NodeCrypto crypt, PacketSocketHandler sock) {
         this.node = node;
@@ -493,13 +494,11 @@
                 System.arraycopy(iNonce(),0,authData,0,iNonce().length);
                 System.arraycopy(rNonce(),0,authData,iNonce().length+1,rNonce().length);
 		System.arraycopy(Gr(pn),0,authData,iNonce().length+rNonce().length+1,Gr(pn).length);
-		//Calculate the Hash of the Concatenated data(Responder exponentials and nonces
-		//using a key that will be private to the responder
-		HKrGenerator trKey=new HKrGenerator(node);
-                byte[] hkr=new byte[16];
-		hkr=trKey.getNewHKr();
-		HMAC hash=new HMAC(SHA1.getInstance());
-                return hash.mac(hkr,authData,20);
+		/*
+                 * Calculate the Hash of the Concatenated data(Responder exponentials, nonces)
+		 * using a key that will be private to the responder
+                 */
+		return authData;
     }
     /*
      * Responder Method:Message2
@@ -536,12 +535,15 @@
                  * Compute the authenticator
                  * Used by the responder in Message4 to verify the authenticity of the message
                  */
-		byte[] authenticator=processMessageAuth(pn);
-		byte[] Message2=new byte[authenticator.length+unVerifiedData.length+s.length+r.length+1];
+		HKrGenerator trKey=new HKrGenerator(node);
+                byte[] hkr=trKey.getNewHKr();
+		HMAC hash=new HMAC(SHA1.getInstance());
+                AUTHENTICATOR=hash.mac(hkr,processMessageAuth(pn),hkr.length);
+		byte[] Message2=new byte[AUTHENTICATOR.length+unVerifiedData.length+s.length+r.length+1];
 		byte[] signedData=new byte[s.length+r.length];
 		System.arraycopy(signedData,0,Message2,0,signedData.length);
 		System.arraycopy(unVerifiedData,0,Message2,signData.length+1,unVerifiedData.length);
-		System.arraycopy(authenticator,0,Message2,signedData.length+unVerifiedData.length+1,authenticator.length);
+		System.arraycopy(AUTHENTICATOR,0,Message2,signedData.length+unVerifiedData.length+1,AUTHENTICATOR.length);
                 //Send params:Version,negType,phase,data,peernode,peer
 		sendMessage1or2Packet(1,2,1,Message2,pn,replyTo);
 		long t2=System.currentTimeMillis();
@@ -575,7 +577,6 @@
         byte[] r = sig.getRBytes(Node.SIGNATURE_PARAMETER_LENGTH);
         byte[] s = sig.getSBytes(Node.SIGNATURE_PARAMETER_LENGTH);
         Logger.minor(this, " r="+HexUtil.bytesToHex(sig.getR().toByteArray())+" s="+HexUtil.bytesToHex(sig.getS().toByteArray()));
-        byte[] authenticator=processMessageAuth(pn);
         BlockCipher c=pn.outgoingSetupCipher;
         if(logMINOR)
             Logger.minor(this,"Cipher"+HexUtil.bytesToHex(pn.outgoingSetupKey));
@@ -603,10 +604,10 @@
         System.arraycopy(s, 0, encryptedData, count, s.length);
         count += s.length;
         pk.blockEncipher(encryptedData, 0, encryptedData.length);
-        byte[] message3=new byte[encryptedData.length+authenticator.length+unVerifiedData.length+1];
+        byte[] message3=new byte[encryptedData.length+AUTHENTICATOR.length+unVerifiedData.length+1];
         System.arraycopy(encryptedData,0,message3,0,encryptedData.length);
-        System.arraycopy(authenticator,0,message3,encryptedData.length+1,authenticator.length);
-	System.arraycopy(unVerifiedData,0,message3,encryptedData.length+authenticator.length+1,unVerifiedData.length);
+        System.arraycopy(AUTHENTICATOR,0,message3,encryptedData.length+1,AUTHENTICATOR.length);
+	System.arraycopy(unVerifiedData,0,message3,encryptedData.length+AUTHENTICATOR.length+1,unVerifiedData.length);
         return message3;
         
     }

More information about the cvs mailing list