Include protocol version in key derivation.

2026-02-13 11:19:04 +01:00 · 2017-11-28 11:37:59 +00:00
parent 32e0b39771
commit 0084e51263
2 changed files with 17 additions and 9 deletions
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/contact/ContactExchangeTask.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/contact/ContactExchangeTask.java
@@ -12,6 +12,11 @@ import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
@NotNullByDefault
 public interface ContactExchangeTask {

+	/**
+	 * The current version of the contact exchange protocol
+	 */
+	int PROTOCOL_VERSION = 0;
+
 	/**
 	 * Label for deriving Alice's header key from the master secret.
 	 */
--- a/bramble-core/src/main/java/org/briarproject/bramble/contact/ContactExchangeTaskImpl.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/contact/ContactExchangeTaskImpl.java
@@ -142,8 +142,9 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask {

 		// Derive the header keys for the transport streams
 		SecretKey aliceHeaderKey = crypto.deriveKey(ALICE_KEY_LABEL,
-				masterSecret);
-		SecretKey bobHeaderKey = crypto.deriveKey(BOB_KEY_LABEL, masterSecret);
+				masterSecret, new byte[] {PROTOCOL_VERSION});
+		SecretKey bobHeaderKey = crypto.deriveKey(BOB_KEY_LABEL, masterSecret,
+				new byte[] {PROTOCOL_VERSION});

 		// Create the readers
 		InputStream streamReader =
@@ -157,8 +158,10 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask {
 		BdfWriter w = bdfWriterFactory.createWriter(streamWriter);

 		// Derive the nonces to be signed
-		byte[] aliceNonce = crypto.mac(ALICE_NONCE_LABEL, masterSecret);
-		byte[] bobNonce = crypto.mac(BOB_NONCE_LABEL, masterSecret);
+		byte[] aliceNonce = crypto.mac(ALICE_NONCE_LABEL, masterSecret,
+				new byte[] {PROTOCOL_VERSION});
+		byte[] bobNonce = crypto.mac(BOB_NONCE_LABEL, masterSecret,
+				new byte[] {PROTOCOL_VERSION});

 		// Exchange pseudonyms, signed nonces, and timestamps
 		long localTimestamp = clock.currentTimeMillis();
@@ -197,8 +200,8 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask {

 		try {
 			// Add the contact
-			ContactId contactId = addContact(remoteAuthor, masterSecret,
-					timestamp, alice, remoteProperties);
+			ContactId contactId = addContact(remoteAuthor, timestamp,
+					remoteProperties);
 			// Reuse the connection as a transport connection
 			connectionManager.manageOutgoingConnection(contactId, transportId,
 					conn);
@@ -295,15 +298,15 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask {
 		return remote;
 	}

-	private ContactId addContact(Author remoteAuthor, SecretKey master,
-			long timestamp, boolean alice,
+	private ContactId addContact(Author remoteAuthor, long timestamp,
 			Map<TransportId, TransportProperties> remoteProperties)
 			throws DbException {
 		ContactId contactId;
 		Transaction txn = db.startTransaction(false);
 		try {
 			contactId = contactManager.addContact(txn, remoteAuthor,
-					localAuthor.getId(), master, timestamp, alice, true, true);
+					localAuthor.getId(), masterSecret, timestamp, alice,
+					true, true);
 			transportPropertyManager.addRemoteProperties(txn, contactId,
 					remoteProperties);
 			db.commitTransaction(txn);