[freenet-cvs] r15373 - branches/freenet-jfk/src/freenet/node

Fri Sep 28 23:30:29 UTC 2007

Author: kryptos
Date: 2007-09-28 23:30:28 +0000 (Fri, 28 Sep 2007)
New Revision: 15373

Modified:
   branches/freenet-jfk/src/freenet/node/FNPPacketMangler.java
   branches/freenet-jfk/src/freenet/node/PeerNode.java
Log:
 Another fix to sendMessage4Packet();Remove previous compilation errors

Modified: branches/freenet-jfk/src/freenet/node/FNPPacketMangler.java
===================================================================

--- branches/freenet-jfk/src/freenet/node/FNPPacketMangler.java	2007-09-28 22:27:54 UTC (rev 15372)
+++ branches/freenet-jfk/src/freenet/node/FNPPacketMangler.java	2007-09-28 23:30:28 UTC (rev 15373)
@@ -434,7 +434,7 @@
 				 * using the same keys as in the previous message.
 				 * The signature is non-message recovering
 				 */
-				processMessage4(payload,pn,replyTo);
+				//processMessage4(payload,pn,replyTo);
 			}
 		}
 		else {
@@ -853,6 +853,7 @@
 		// g^r
 		System.arraycopy(hisExponential, 0,message3, offset, hisExponential.length);
 		offset += hisExponential.length;
+                
 		// Authenticator
 		System.arraycopy(authenticator, 0, message3, offset, HASH_LENGTH);
 		offset += HASH_LENGTH;
@@ -893,7 +894,7 @@
 		System.arraycopy(s, 0, cleartext, cleartextOffset, Node.SIGNATURE_PARAMETER_LENGTH);
 		cleartextOffset += Node.SIGNATURE_PARAMETER_LENGTH;
 		
-		// We compute the HMAC of ("I"+cyphertext) : the cyphertext includes the IV!
+		// We compute the HMAC of (prefix + cyphertext) Includes the IV!
 		HMAC mac = new HMAC(SHA256.getInstance());
 		byte[] hmac = mac.mac(Ka, cleartext, HASH_LENGTH);
 		
@@ -910,50 +911,8 @@
 		sendAuthPacket(1, 2, 2, message3, pn, replyTo);
 	}
 
+	
 	/*
-	 * Process Message4 packet
-	 * @param Payload 
-	 * @param The peerNode we are talking to
-	 * @param The peer to which we need to send the packet
-	 */
-	private void processMessage4( byte[] payload,PeerNode pn,Peer replyTo) 
-	{
-		long t1 = System.currentTimeMillis();
-		if(logMINOR)
-			Logger.minor(this, "Got a JFK(4) message, processing it");
-		int inputOffset=3;
-		// Decrypt
-		BlockCipher c = pn.outgoingSetupCipher;
-		PCFBMode pk=PCFBMode.create(c);
-		int ivLength = pk.lengthIV();
-		pk.reset(payload,inputOffset);
-		// Decrypt the rest of the payload
-		pk.blockDecipher(payload,inputOffset,payload.length-inputOffset);
-		inputOffset += ivLength;
-		// Now verify signature
-
-		byte[] r = new byte[Node.SIGNATURE_PARAMETER_LENGTH];
-		System.arraycopy(payload, inputOffset, r, 0, Node.SIGNATURE_PARAMETER_LENGTH);
-		inputOffset += Node.SIGNATURE_PARAMETER_LENGTH;
-		byte[] s = new byte[Node.SIGNATURE_PARAMETER_LENGTH];
-		System.arraycopy(payload, inputOffset, s, 0, Node.SIGNATURE_PARAMETER_LENGTH);
-		inputOffset += Node.SIGNATURE_PARAMETER_LENGTH;
-		DSASignature remoteSignature = new DSASignature(new NativeBigInteger(1,r), new NativeBigInteger(1,s));
-		if(logMINOR)
-			Logger.minor(this, "Remote sent us the following sig :"+remoteSignature.toLongString());
-
-		byte[] locallyExpectedExponentials = new byte[NONCE_SIZE*2+DiffieHellman.modulusLengthInBytes()*2];
-		System.arraycopy(pn.bufferJFK,0,locallyExpectedExponentials,0,pn.bufferJFK.length);
-
-		if(!DSA.verify(pn.peerPubKey, remoteSignature, new NativeBigInteger(1, locallyExpectedExponentials), false)) {
-			Logger.error(this, "The signature verification has failed!!");
-			return;
-		}       
-		Logger.normal(this,"Reached end of JFK. Now send completed handshake");
-		// FIXME: When do we send the Handshake?
-		// FIXME: What about noderef?
-	}
-	/*
 	 * FOrmat:
 	 * E[S[Ni,Nr,g^i,g^r,idI]] 
 	 */
@@ -977,7 +936,8 @@
 		if(logMINOR) Logger.minor(this, "We are using Ka=" + HexUtil.bytesToHex(Ka));
 		c.initialize(Ke);
 		PCFBMode pk=PCFBMode.create(c);
-		byte[] iv=new byte[pk.lengthIV()];
+                int ivLength = pk.lengthIV();
+		byte[] iv=new byte[ivLength];
 		node.random.nextBytes(iv);
                 pk.reset(iv);
                 byte[] prefix = null;
@@ -1001,13 +961,13 @@
                 pk.blockEncipher(cleartext, cleartextToEncypherOffset, Node.SIGNATURE_PARAMETER_LENGTH*2 );
 		
                 // Message4 = hmac + IV + encryptedSignature
-                byte message4 = new byte[HASH_LENGTH + (c.getBlockSize() >> 3) + Node.SIGNATURE_PARAMETER_LENGTH * 2]; 
+                byte[] message4 = new byte[HASH_LENGTH + (c.getBlockSize() >> 3) + Node.SIGNATURE_PARAMETER_LENGTH * 2]; 
                 int offset = 0;
-                System.arraycopy(hmac, 0, message3, offset, HASH_LENGTH);
+                System.arraycopy(hmac, 0, message4, offset, HASH_LENGTH);
 		offset += HASH_LENGTH;
-		System.arraycopy(iv, 0, message3, offset, ivLength);
+		System.arraycopy(iv, 0, message4, offset, ivLength);
 		offset += ivLength;
-		System.arraycopy(cleartext, cleartextToEncypherOffset, message3, offset, Node.SIGNATURE_PARAMETER_LENGTH * 2);
+		System.arraycopy(cleartext, cleartextToEncypherOffset, message4, offset, Node.SIGNATURE_PARAMETER_LENGTH * 2);
 		
 		sendAuthPacket(1,2,3,message4,pn,replyTo);
 	}

Modified: branches/freenet-jfk/src/freenet/node/PeerNode.java
===================================================================
--- branches/freenet-jfk/src/freenet/node/PeerNode.java	2007-09-28 22:27:54 UTC (rev 15372)
+++ branches/freenet-jfk/src/freenet/node/PeerNode.java	2007-09-28 23:30:28 UTC (rev 15373)
@@ -87,12 +87,7 @@
      */
     protected boolean verifiedIncompatibleNewerVersion;
     
-    /*
-     * Buffer of Ni,Nr,g^i,g^r,Idi
-     * Currently Idi is not being used, but may find use in opennet
-     * Used to verify the signature in JFK(4)
-     */
-    protected byte[] bufferJFK = new byte[FNPPacketMangler.NONCE_SIZE*2+DiffieHellman.modulusLengthInBytes()*2];
+    
 	
     /** My low-level address for SocketManager purposes */
     private Peer detectedPeer;


