[freenet-cvs] r16180 - in trunk/freenet/src/freenet: crypt node
nextgens at freenetproject.org
nextgens at freenetproject.org
Sat Dec 1 14:49:29 UTC 2007
Author: nextgens
Date: 2007-12-01 14:49:29 +0000 (Sat, 01 Dec 2007)
New Revision: 16180
Modified:
trunk/freenet/src/freenet/crypt/DiffieHellmanContext.java
trunk/freenet/src/freenet/crypt/DiffieHellmanLightContext.java
trunk/freenet/src/freenet/crypt/KeyAgreementSchemeContext.java
trunk/freenet/src/freenet/node/FNPPacketMangler.java
trunk/freenet/src/freenet/node/PeerNode.java
Log:
JFK: make DiffieHellmanLightContext extend a refactored KeyAgreementSchemeContext
The purpose is to fix PeerNode.hasliveHandshake(long)
Modified: trunk/freenet/src/freenet/crypt/DiffieHellmanContext.java
===================================================================
--- trunk/freenet/src/freenet/crypt/DiffieHellmanContext.java 2007-12-01 13:55:50 UTC (rev 16179)
+++ trunk/freenet/src/freenet/crypt/DiffieHellmanContext.java 2007-12-01 14:49:29 UTC (rev 16180)
@@ -4,6 +4,7 @@
package freenet.crypt;
+import freenet.crypt.ciphers.Rijndael;
import net.i2p.util.NativeBigInteger;
import freenet.support.HexUtil;
import freenet.support.Logger;
@@ -18,6 +19,9 @@
/** The group we both share */
final DHGroup group;
+ BlockCipher cipher;
+ byte[] key;
+
// Generated or set later
NativeBigInteger peerExponential;
@@ -86,4 +90,17 @@
public NativeBigInteger getHisExponential() {
return peerExponential;
}
+
+ public synchronized BlockCipher getCipher() {
+ lastUsedTime = System.currentTimeMillis();
+ if(cipher != null) return cipher;
+ getKey();
+ try {
+ cipher = new Rijndael(256, 256);
+ } catch (UnsupportedCipherException e1) {
+ throw new Error(e1);
+ }
+ cipher.initialize(key);
+ return cipher;
+ }
}
Modified: trunk/freenet/src/freenet/crypt/DiffieHellmanLightContext.java
===================================================================
--- trunk/freenet/src/freenet/crypt/DiffieHellmanLightContext.java 2007-12-01 13:55:50 UTC (rev 16179)
+++ trunk/freenet/src/freenet/crypt/DiffieHellmanLightContext.java 2007-12-01 14:49:29 UTC (rev 16180)
@@ -7,7 +7,7 @@
import net.i2p.util.NativeBigInteger;
-public class DiffieHellmanLightContext {
+public class DiffieHellmanLightContext extends KeyAgreementSchemeContext {
/** My exponent.*/
public final NativeBigInteger myExponent;
@@ -17,8 +17,6 @@
public DSASignature signature = null;
/** A timestamp: when was the context created ? */
public final long lifetime = System.currentTimeMillis();
-
- private final boolean logMINOR;
public String toString() {
StringBuffer sb = new StringBuffer();
@@ -34,7 +32,8 @@
public DiffieHellmanLightContext(NativeBigInteger myExponent, NativeBigInteger myExponential) {
this.myExponent = myExponent;
this.myExponential = myExponential;
- logMINOR = Logger.shouldLog(Logger.MINOR, this);
+ this.lastUsedTime = System.currentTimeMillis();
+ this.logMINOR = Logger.shouldLog(Logger.MINOR, this);
}
public void setSignature(DSASignature sig) {
@@ -45,6 +44,7 @@
* Calling the following is costy; avoid
*/
public NativeBigInteger getHMACKey(NativeBigInteger peerExponential, DHGroup group) {
+ lastUsedTime = System.currentTimeMillis();
BigInteger P = group.getP();
NativeBigInteger sharedSecret =
(NativeBigInteger) peerExponential.modPow(myExponent, P);
Modified: trunk/freenet/src/freenet/crypt/KeyAgreementSchemeContext.java
===================================================================
--- trunk/freenet/src/freenet/crypt/KeyAgreementSchemeContext.java 2007-12-01 13:55:50 UTC (rev 16179)
+++ trunk/freenet/src/freenet/crypt/KeyAgreementSchemeContext.java 2007-12-01 14:49:29 UTC (rev 16180)
@@ -3,35 +3,15 @@
* http://www.gnu.org/ for further details of the GPL. */
package freenet.crypt;
-import freenet.crypt.ciphers.Rijndael;
-
public abstract class KeyAgreementSchemeContext {
- BlockCipher cipher;
- byte[] key;
-
- protected long lastUsedTime;
- protected boolean logMINOR;
-
- /**
- * @return The time at which this object was last used.
- */
- public synchronized long lastUsedTime() {
- return lastUsedTime;
- }
-
- public abstract byte[] getKey();
- public abstract boolean canGetCipher();
-
- public synchronized BlockCipher getCipher() {
- lastUsedTime = System.currentTimeMillis();
- if(cipher != null) return cipher;
- getKey();
- try {
- cipher = new Rijndael(256, 256);
- } catch (UnsupportedCipherException e1) {
- throw new Error(e1);
- }
- cipher.initialize(key);
- return cipher;
- }
-}
+
+ protected long lastUsedTime;
+ protected boolean logMINOR;
+
+ /**
+ * @return The time at which this object was last used.
+ */
+ public synchronized long lastUsedTime() {
+ return lastUsedTime;
+ }
+}
\ No newline at end of file
Modified: trunk/freenet/src/freenet/node/FNPPacketMangler.java
===================================================================
--- trunk/freenet/src/freenet/node/FNPPacketMangler.java 2007-12-01 13:55:50 UTC (rev 16179)
+++ trunk/freenet/src/freenet/node/FNPPacketMangler.java 2007-12-01 14:49:29 UTC (rev 16180)
@@ -535,12 +535,13 @@
private void sendJFKMessage1(PeerNode pn, Peer replyTo) {
if(logMINOR) Logger.minor(this, "Sending a JFK(1) message to "+pn);
final long now = System.currentTimeMillis();
- if((pn.jfkContext == null) || ((pn.jfkContextLifetime + 15*60*1000) < now)) {
- pn.jfkContext = getLightDiffieHellmanContext();
+ DiffieHellmanLightContext ctx = (DiffieHellmanLightContext) pn.getKeyAgreementSchemeContext();
+ if((ctx == null) || ((pn.jfkContextLifetime + 15*60*1000) < now)) {
pn.jfkContextLifetime = now;
+ pn.setKeyAgreementSchemeContext(ctx = getLightDiffieHellmanContext());
}
int offset = 0;
- byte[] myExponential = stripBigIntegerToNetworkFormat(pn.jfkContext.myExponential);
+ byte[] myExponential = stripBigIntegerToNetworkFormat(ctx.myExponential);
byte[] nonce = new byte[NONCE_SIZE];
node.random.nextBytes(nonce);
@@ -1026,7 +1027,7 @@
pn.jfkKs = null;
// We want to clear it here so that new handshake requests
// will be sent with a different DH pair
- pn.jfkContext = null;
+ pn.setKeyAgreementSchemeContext(null);
synchronized (pn) {
// FIXME TRUE MULTI-HOMING: winner-takes-all, kill all other connection attempts since we can't deal with multiple active connections
// Also avoids leaking
@@ -1052,7 +1053,9 @@
if(logMINOR) Logger.minor(this, "Sending a JFK(3) message to "+pn);
BlockCipher c = null;
try { c = new Rijndael(256, 256); } catch (UnsupportedCipherException e) {}
- byte[] ourExponential = stripBigIntegerToNetworkFormat(pn.jfkContext.myExponential);
+ DiffieHellmanLightContext ctx = (DiffieHellmanLightContext) pn.getKeyAgreementSchemeContext();
+ if(ctx == null) return;
+ byte[] ourExponential = stripBigIntegerToNetworkFormat(ctx.myExponential);
pn.jfkMyRef = crypto.myCompressedSetupRef();
byte[] data = new byte[8 + pn.jfkMyRef.length];
System.arraycopy(Fields.longToBytes(node.bootID), 0, data, 0, 8);
@@ -1094,7 +1097,7 @@
byte[] r = localSignature.getRBytes(Node.SIGNATURE_PARAMETER_LENGTH);
byte[] s = localSignature.getSBytes(Node.SIGNATURE_PARAMETER_LENGTH);
- BigInteger computedExponential = pn.jfkContext.getHMACKey(_hisExponential, Global.DHgroupA);
+ BigInteger computedExponential = ctx.getHMACKey(_hisExponential, Global.DHgroupA);
pn.jfkKs = computeJFKSharedKey(computedExponential, nonceInitiator, nonceResponder, "0");
pn.jfkKe = computeJFKSharedKey(computedExponential, nonceInitiator, nonceResponder, "1");
pn.jfkKa = computeJFKSharedKey(computedExponential, nonceInitiator, nonceResponder, "2");
@@ -2430,9 +2433,6 @@
if((DHTime2 - DHTime1) > 1000)
Logger.error(this, "DHTime2 is more than a second after DHTime1 ("+(DHTime2 - DHTime1)+") working on "+pn.userToString());
pn.setKeyAgreementSchemeContext(ctx);
- long DHTime3 = System.currentTimeMillis();
- if((DHTime3 - DHTime2) > 1000)
- Logger.error(this, "DHTime3 is more than a second after DHTime2 ("+(DHTime3 - DHTime2)+") working on "+pn.userToString());
}
int sentCount = 0;
long loopTime1 = System.currentTimeMillis();
Modified: trunk/freenet/src/freenet/node/PeerNode.java
===================================================================
--- trunk/freenet/src/freenet/node/PeerNode.java 2007-12-01 13:55:50 UTC (rev 16179)
+++ trunk/freenet/src/freenet/node/PeerNode.java 2007-12-01 14:49:29 UTC (rev 16180)
@@ -29,7 +29,6 @@
import freenet.crypt.DSAGroup;
import freenet.crypt.DSAPublicKey;
import freenet.crypt.DSASignature;
-import freenet.crypt.DiffieHellmanLightContext;
import freenet.crypt.KeyAgreementSchemeContext;
import freenet.crypt.SHA256;
import freenet.crypt.UnsupportedCipherException;
@@ -102,7 +101,6 @@
// The following is used only if we are the initiator
protected long jfkContextLifetime = 0;
- protected DiffieHellmanLightContext jfkContext = null;
/** My low-level address for SocketManager purposes */
private Peer detectedPeer;
/** My OutgoingPacketMangler i.e. the object which encrypts packets sent to this node */
@@ -914,6 +912,7 @@
hasRekeyed = true;
isRekeying = true;
sendHandshakeTime = now; // Immediately
+ ctx = null;
}
}
@@ -1509,7 +1508,6 @@
if(previousTracker == null)
previousTracker = unverifiedTracker;
unverifiedTracker = newTracker;
- ctx = null;
} else {
prev = currentTracker;
previousTracker = prev;
@@ -1517,8 +1515,8 @@
unverifiedTracker = null;
neverConnected = false;
peerAddedTime = 0; // don't store anymore
- ctx = null;
}
+ ctx = null;
isRekeying = false;
timeLastRekeyed = now;
totalBytesExchangedWithCurrentTracker = 0;
More information about the cvs
mailing list