Frame the encrypted data independently of inter-packet boundaries and

authenticate each frame before parsing its contents. Each connection starts with a tag, followed by any number of frames, each starting with the frame number (32 bits) and payload length (16 bits), and ending with a MAC (256 bits). Tags have the following format: 32 bits reserved, 16 bits for the transport ID, 32 bits for the connection number, 32 bits (set to zero in the tag) for the frame number, and 16 bits (set to zero in the tag) for the block number. The tag is encrypted with the tag key in ECB mode. Frame numbers for each connection must start from zero and must be contiguous and strictly increasing. Each frame is encrypted with the frame key in CTR mode, using the plaintext tag with the appropriate frame number to initialise the counter. The maximum frame size is 64 KiB, including header and footer. The maximum amount of data that can be sent over a connection is 2^32 frames - roughly 2^48 bytes, or 8 terabytes, with the maximum frame size of 64 KiB. If that isn't sufficient we can add another 16 bits to the frame counter.
2026-02-12 10:49:06 +01:00 · 2011-08-19 01:46:51 +02:00
parent 4dd303d9e1
commit 2411e2008b
67 changed files with 1283 additions and 1440 deletions
--- a/api/net/sf/briar/api/serial/FormatException.java
+++ b/api/net/sf/briar/api/serial/FormatException.java
@@ -1,4 +1,4 @@
-package net.sf.briar.api.serial;
+package net.sf.briar.api;

 import java.io.IOException;

--- a/api/net/sf/briar/api/crypto/CryptoComponent.java
+++ b/api/net/sf/briar/api/crypto/CryptoComponent.java
@@ -12,13 +12,13 @@ public interface CryptoComponent {

 	SecretKey deriveIncomingMacKey(byte[] secret);

-	SecretKey deriveIncomingPacketKey(byte[] secret);
+	SecretKey deriveIncomingFrameKey(byte[] secret);

 	SecretKey deriveIncomingTagKey(byte[] secret);

 	SecretKey deriveOutgoingMacKey(byte[] secret);

-	SecretKey deriveOutgoingPacketKey(byte[] secret);
+	SecretKey deriveOutgoingFrameKey(byte[] secret);

 	SecretKey deriveOutgoingTagKey(byte[] secret);

@@ -32,7 +32,7 @@ public interface CryptoComponent {

 	MessageDigest getMessageDigest();

-	Cipher getPacketCipher();
+	Cipher getFrameCipher();

 	Signature getSignature();

--- a/api/net/sf/briar/api/transport/ConnectionReader.java
+++ b/api/net/sf/briar/api/transport/ConnectionReader.java
@@ -0,0 +1,13 @@
+package net.sf.briar.api.transport;
+
+import java.io.InputStream;
+
+/** Decrypts and authenticates data received over a connection. */
+public interface ConnectionReader {
+
+	/**
+	 * Returns an input stream from which the decrypted, authenticated data can
+	 * be read.
+	 */
+	InputStream getInputStream();
+}
--- a/api/net/sf/briar/api/transport/ConnectionReaderFactory.java
+++ b/api/net/sf/briar/api/transport/ConnectionReaderFactory.java
@@ -0,0 +1,9 @@
+package net.sf.briar.api.transport;
+
+import java.io.InputStream;
+
+public interface ConnectionReaderFactory {
+
+	ConnectionReader createConnectionReader(InputStream in, int transportId,
+			long connection, byte[] secret);
+}
--- a/api/net/sf/briar/api/transport/ConnectionWriter.java
+++ b/api/net/sf/briar/api/transport/ConnectionWriter.java
@@ -0,0 +1,13 @@
+package net.sf.briar.api.transport;
+
+import java.io.OutputStream;
+
+/** Encrypts and authenticates data to be sent over a connection. */
+public interface ConnectionWriter {
+
+	/**
+	 * Returns an output stream to which unencrypted, unauthenticated data can
+	 * be written.
+	 */
+	OutputStream getOutputStream();
+}
--- a/api/net/sf/briar/api/transport/ConnectionWriterFactory.java
+++ b/api/net/sf/briar/api/transport/ConnectionWriterFactory.java
@@ -0,0 +1,9 @@
+package net.sf.briar.api.transport;
+
+import java.io.OutputStream;
+
+public interface ConnectionWriterFactory {
+
+	ConnectionWriter createConnectionWriter(OutputStream out, int transportId,
+			long connection, byte[] secret);
+}
--- a/api/net/sf/briar/api/transport/PacketReader.java
+++ b/api/net/sf/briar/api/transport/PacketReader.java
@@ -1,26 +0,0 @@
-package net.sf.briar.api.transport;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.GeneralSecurityException;
-
-/**
- * Reads encrypted packets from an underlying input stream, decrypts and
- * authenticates them.
- */
-public interface PacketReader {
-
-	/**
-	 * Returns the input stream from which packets should be read. (Note that
-	 * this is not the underlying input stream.)
-	 */
-	InputStream getInputStream();
-
-	/**
-	 * Finishes reading the current packet (if any), authenticates the packet
-	 * and prepares to read the next packet. If this method is called twice in
-	 * succession without any intervening reads, the underlying input stream
-	 * will be unaffected.
-	 */
-	void finishPacket() throws IOException, GeneralSecurityException;
-}
--- a/api/net/sf/briar/api/transport/PacketReaderFactory.java
+++ b/api/net/sf/briar/api/transport/PacketReaderFactory.java
@@ -1,9 +0,0 @@
-package net.sf.briar.api.transport;
-
-import java.io.InputStream;
-
-public interface PacketReaderFactory {
-
-	PacketReader createPacketReader(byte[] firstTag, InputStream in,
-			int transportId, long connection, byte[] secret);
-}
--- a/api/net/sf/briar/api/transport/PacketWriter.java
+++ b/api/net/sf/briar/api/transport/PacketWriter.java
@@ -1,24 +0,0 @@
-package net.sf.briar.api.transport;
-
-import java.io.IOException;
-import java.io.OutputStream;
-
-/**
- * A filter that adds tags and MACs to outgoing packets, encrypts them and
- * writes them to the underlying output stream.
- */
-public interface PacketWriter {
-
-	/**
-	 * Returns the output stream to which packets should be written. (Note that
-	 * this is not the underlying output stream.)
-	 */
-	OutputStream getOutputStream();
-
-	/**
-	 * Finishes writing the current packet (if any) and prepares to write the
-	 * next packet. If this method is called twice in succession without any
-	 * intervening writes, the underlying output stream will be unaffected.
-	 */
-	void finishPacket() throws IOException;
-}
--- a/api/net/sf/briar/api/transport/PacketWriterFactory.java
+++ b/api/net/sf/briar/api/transport/PacketWriterFactory.java
@@ -1,9 +0,0 @@
-package net.sf.briar.api.transport;
-
-import java.io.OutputStream;
-
-public interface PacketWriterFactory {
-
-	PacketWriter createPacketWriter(OutputStream out, int transportId,
-			long connection, byte[] secret);
-}
--- a/api/net/sf/briar/api/transport/TransportConstants.java
+++ b/api/net/sf/briar/api/transport/TransportConstants.java
@@ -9,14 +9,4 @@ public interface TransportConstants {

 	/** The length in bytes of the tag that uniquely identifies a connection. */
 	static final int TAG_LENGTH = 16;
-
-	/**
-	 * The maximum value that can be represented as an unsigned 16-bit integer.
-	 */
-	static final int MAX_16_BIT_UNSIGNED = 65535; // 2^16 - 1
-
-	/**
-	 * The maximum value that can be represented as an unsigned 32-bit integer.
-	 */
-	static final long MAX_32_BIT_UNSIGNED = 4294967295L; // 2^32 - 1
 }
--- a/api/net/sf/briar/api/transport/batch/BatchTransportPlugin.java
+++ b/api/net/sf/briar/api/transport/batch/BatchTransportPlugin.java
@@ -22,8 +22,8 @@ public interface BatchTransportPlugin {
 	 * Starts the plugin. Any connections that are later initiated by contacts
 	 * or established through polling will be passed to the given callback.
 	 */
-	void start(Map<String, String> localTransports,
-			Map<ContactId, Map<String, String>> remoteTransports,
+	void start(Map<String, String> localProperties,
+			Map<ContactId, Map<String, String>> remoteProperties,
 			Map<String, String> config, BatchTransportCallback c)
 	throws InvalidTransportException, InvalidConfigException;

@@ -34,11 +34,11 @@ public interface BatchTransportPlugin {
 	void stop();

 	/** Updates the plugin's local transport properties. */
-	void setLocalTransports(Map<String, String> transports)
+	void setLocalProperties(Map<String, String> properties)
 	throws InvalidTransportException;

 	/** Updates the plugin's transport properties for the given contact. */
-	void setRemoteTransports(ContactId c, Map<String, String> transports)
+	void setRemoteProperties(ContactId c, Map<String, String> properties)
 	throws InvalidTransportException;

 	/** Updates the plugin's configuration properties. */
--- a/api/net/sf/briar/api/transport/stream/StreamTransportPlugin.java
+++ b/api/net/sf/briar/api/transport/stream/StreamTransportPlugin.java
@@ -22,8 +22,8 @@ public interface StreamTransportPlugin {
 	 * Starts the plugin. Any connections that are later initiated by contacts
 	 * or established through polling will be passed to the given callback.
 	 */
-	void start(Map<String, String> localTransports,
-			Map<ContactId, Map<String, String>> remoteTransports,
+	void start(Map<String, String> localProperties,
+			Map<ContactId, Map<String, String>> remoteProperties,
 			Map<String, String> config, StreamTransportCallback c)
 	throws InvalidTransportException, InvalidConfigException;

@@ -34,11 +34,11 @@ public interface StreamTransportPlugin {
 	void stop();

 	/** Updates the plugin's local transport properties. */
-	void setLocalTransports(Map<String, String> transports)
+	void setLocalProperties(Map<String, String> properties)
 	throws InvalidTransportException;

 	/** Updates the plugin's transport properties for the given contact. */
-	void setRemoteTransports(ContactId c, Map<String, String> transports)
+	void setRemoteProperties(ContactId c, Map<String, String> properties)
 	throws InvalidTransportException;

 	/** Updates the plugin's configuration properties. */