[freenet-cvs] r11732 - in trunk/freenet/src/freenet: client/async crypt keys node

toad at freenetproject.org toad at freenetproject.org
Sat Feb 10 00:46:44 UTC 2007 

Author: toad
Date: 2007-02-10 00:46:42 +0000 (Sat, 10 Feb 2007)
New Revision: 11732

Modified:
   trunk/freenet/src/freenet/client/async/ClientRequestScheduler.java
   trunk/freenet/src/freenet/client/async/SingleFileFetcher.java
   trunk/freenet/src/freenet/crypt/DSA.java
   trunk/freenet/src/freenet/crypt/DSAGroupGenerator.java
   trunk/freenet/src/freenet/crypt/StationToStationContext.java
   trunk/freenet/src/freenet/keys/SSKBlock.java
   trunk/freenet/src/freenet/node/Node.java
   trunk/freenet/src/freenet/node/PeerNode.java
Log:
Fix another minor crypto compatibility issue

Modified: trunk/freenet/src/freenet/client/async/ClientRequestScheduler.java
===================================================================
--- trunk/freenet/src/freenet/client/async/ClientRequestScheduler.java	2007-02-10 00:17:03 UTC (rev 11731)
+++ trunk/freenet/src/freenet/client/async/ClientRequestScheduler.java	2007-02-10 00:46:42 UTC (rev 11732)
@@ -174,6 +174,8 @@
 				} catch (KeyVerifyException e) {
 					// Verify exception, probably bogus at source;
 					// verifies at low-level, but not at decode.
+					if(logMINOR)
+						Logger.minor(this, "Decode failed: "+e, e);
 					getter.onFailure(new LowLevelGetException(LowLevelGetException.DECODE_FAILED));
 					return;
 				}

Modified: trunk/freenet/src/freenet/client/async/SingleFileFetcher.java
===================================================================
--- trunk/freenet/src/freenet/client/async/SingleFileFetcher.java	2007-02-10 00:17:03 UTC (rev 11731)
+++ trunk/freenet/src/freenet/client/async/SingleFileFetcher.java	2007-02-10 00:46:42 UTC (rev 11732)
@@ -131,6 +131,8 @@
 		try {
 			data = block.decode(ctx.bucketFactory, (int)(Math.min(ctx.maxOutputLength, Integer.MAX_VALUE)), false);
 		} catch (KeyDecodeException e1) {
+			if(logMINOR)
+				Logger.minor(this, "Decode failure: "+e1, e1);
 			onFailure(new FetchException(FetchException.BLOCK_DECODE_ERROR, e1.getMessage()));
 			return;
 		} catch (IOException e) {

Modified: trunk/freenet/src/freenet/crypt/DSA.java
===================================================================
--- trunk/freenet/src/freenet/crypt/DSA.java	2007-02-10 00:17:03 UTC (rev 11731)
+++ trunk/freenet/src/freenet/crypt/DSA.java	2007-02-10 00:46:42 UTC (rev 11732)
@@ -92,12 +92,13 @@
 	/**
 	 * Verifies the message authenticity given a group, the public key
 	 * (y), a signature, and the hash of the message (m).
+	 * @param forceMod If enabled, skip the clipping m to 255 bits.
 	 */
 	public static boolean verify(DSAPublicKey kp,
 			DSASignature sig,
-			BigInteger m) {
+			BigInteger m, boolean forceMod) {
 		if(m.signum() == -1) throw new IllegalArgumentException();
-		if(kp.getGroup().getQ().bitLength() == 256)
+		if(kp.getGroup().getQ().bitLength() == 256 && !forceMod)
 			m = m.and(SIGNATURE_MASK);
 		try {
 			// 0<r<q has to be true
@@ -137,7 +138,7 @@
 		DSAPrivateKey pk=new DSAPrivateKey(g, y);
 		DSAPublicKey pub=new DSAPublicKey(g, pk);
 		DSASignature sig=sign(g, pk, BigInteger.ZERO, y);
-		System.err.println(verify(pub, sig, BigInteger.ZERO));
+		System.err.println(verify(pub, sig, BigInteger.ZERO, false));
 		while(true) {
 			long totalTimeSigning = 0;
 			long totalTimeVerifying = 0;
@@ -167,7 +168,7 @@
 				long t1 = System.currentTimeMillis();
 				sig = sign(g, pk, m, y);
 				long t2 = System.currentTimeMillis();
-				if(!verify(pub, sig, m)) {
+				if(!verify(pub, sig, m, false)) {
 					System.err.println("Failed to verify!");
 				}
 				long t3 = System.currentTimeMillis();

Modified: trunk/freenet/src/freenet/crypt/DSAGroupGenerator.java
===================================================================
--- trunk/freenet/src/freenet/crypt/DSAGroupGenerator.java	2007-02-10 00:17:03 UTC (rev 11731)
+++ trunk/freenet/src/freenet/crypt/DSAGroupGenerator.java	2007-02-10 00:46:42 UTC (rev 11732)
@@ -162,7 +162,7 @@
     	long now = System.currentTimeMillis();
     	DSASignature sig = DSA.sign(group, privKey, m, r);
     	long middle = System.currentTimeMillis();
-    	boolean success = DSA.verify(pubKey, sig, m);
+    	boolean success = DSA.verify(pubKey, sig, m, false);
     	long end = System.currentTimeMillis();
     	if(success) {
     		totalSigTime += (middle - now);

Modified: trunk/freenet/src/freenet/crypt/StationToStationContext.java
===================================================================
--- trunk/freenet/src/freenet/crypt/StationToStationContext.java	2007-02-10 00:17:03 UTC (rev 11731)
+++ trunk/freenet/src/freenet/crypt/StationToStationContext.java	2007-02-10 00:46:42 UTC (rev 11732)
@@ -129,7 +129,7 @@
     		is.close();
 
     		if(signatureToCheck != null)
-    			if(DSA.verify(hisPubKey, new DSASignature(signatureToCheck), new BigInteger(1, SHA256.digest(message.getBytes())))) {
+    			if(DSA.verify(hisPubKey, new DSASignature(signatureToCheck), new BigInteger(1, SHA256.digest(message.getBytes())), false)) {
     				return true;
     			}
 

Modified: trunk/freenet/src/freenet/keys/SSKBlock.java
===================================================================
--- trunk/freenet/src/freenet/keys/SSKBlock.java	2007-02-10 00:17:03 UTC (rev 11731)
+++ trunk/freenet/src/freenet/keys/SSKBlock.java	2007-02-10 00:46:42 UTC (rev 11732)
@@ -137,7 +137,8 @@
 			// Now verify it
 			NativeBigInteger r = new NativeBigInteger(1, bufR);
 			NativeBigInteger s = new NativeBigInteger(1, bufS);
-			if(!DSA.verify(pubKey, new DSASignature(r, s), new NativeBigInteger(1, overallHash))) {
+			if(!(DSA.verify(pubKey, new DSASignature(r, s), new NativeBigInteger(1, overallHash), false) ||
+					(DSA.verify(pubKey, new DSASignature(r, s), new NativeBigInteger(1, overallHash), true)))) {
 				throw new SSKVerifyException("Signature verification failed for node-level SSK");
 			}
 		}

Modified: trunk/freenet/src/freenet/node/Node.java
===================================================================
--- trunk/freenet/src/freenet/node/Node.java	2007-02-10 00:17:03 UTC (rev 11731)
+++ trunk/freenet/src/freenet/node/Node.java	2007-02-10 00:46:42 UTC (rev 11732)
@@ -1800,7 +1800,7 @@
 					if(logMINOR) Logger.minor(this, "m = "+m.toString(16));
 					myReferenceSignature = DSA.sign(myCryptoGroup, myPrivKey, m, random);
 					// FIXME remove this ... eventually
-					if(!DSA.verify(myPubKey, myReferenceSignature, m))
+					if(!DSA.verify(myPubKey, myReferenceSignature, m, false))
 						Logger.error(this, "Signature failed!");
 				} catch(UnsupportedEncodingException e){
 					//duh ?

Modified: trunk/freenet/src/freenet/node/PeerNode.java
===================================================================
--- trunk/freenet/src/freenet/node/PeerNode.java	2007-02-10 00:17:03 UTC (rev 11731)
+++ trunk/freenet/src/freenet/node/PeerNode.java	2007-02-10 00:46:42 UTC (rev 11732)
@@ -418,7 +418,7 @@
     			try{
     				boolean failed = false;
     				if(signature == null || peerCryptoGroup == null || peerPubKey == null || 
-    						(failed = !DSA.verify(peerPubKey, new DSASignature(signature), new BigInteger(1, md.digest(fs.toOrderedString().getBytes("UTF-8")))))){
+    						(failed = !DSA.verify(peerPubKey, new DSASignature(signature), new BigInteger(1, md.digest(fs.toOrderedString().getBytes("UTF-8"))), false))){
     					String errCause = "";
     					if(signature == null) errCause += " (No signature)";
     					if(peerCryptoGroup == null) errCause += " (No peer crypto group)";

More information about the cvs mailing list