Kaladaran/briar
0
0
Fork 0
mirror of https://code.briarproject.org/briar/briar.git synced 2026-02-15 12:19:54 +01:00
Code Issues Projects Releases Wiki Activity

Switched to AESLightEngine to minimise cache timing side-channel leaks.

Browse Source
This commit is contained in:
akwizgran
2013-07-12 18:54:50 +01:00
parent a2fffedc64
commit 2ee3869327
1 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
briar-core/src/net/sf/briar/crypto/CryptoComponentImpl.java
View File

@@ -32,7 +32,7 @@ import org.spongycastle.crypto.CipherParameters;
import org.spongycastle.crypto.Mac; import org.spongycastle.crypto.Mac;
import org.spongycastle.crypto.agreement.ECDHCBasicAgreement; import org.spongycastle.crypto.agreement.ECDHCBasicAgreement;
import org.spongycastle.crypto.digests.SHA384Digest; import org.spongycastle.crypto.digests.SHA384Digest;
import org.spongycastle.crypto.engines.AESFastEngine; import org.spongycastle.crypto.engines.AESLightEngine;
import org.spongycastle.crypto.generators.ECKeyPairGenerator; import org.spongycastle.crypto.generators.ECKeyPairGenerator;
import org.spongycastle.crypto.generators.PKCS5S2ParametersGenerator; import org.spongycastle.crypto.generators.PKCS5S2ParametersGenerator;
import org.spongycastle.crypto.macs.CMac; import org.spongycastle.crypto.macs.CMac;
@@ -282,7 +282,7 @@ class CryptoComponentImpl implements CryptoComponent {
} }
public AuthenticatedCipher getFrameCipher() { public AuthenticatedCipher getFrameCipher() {
AEADBlockCipher cipher = new GCMBlockCipher(new AESFastEngine()); AEADBlockCipher cipher = new GCMBlockCipher(new AESLightEngine());
return new AuthenticatedCipherImpl(cipher, MAC_BYTES); return new AuthenticatedCipherImpl(cipher, MAC_BYTES);
} }
@@ -292,7 +292,7 @@ class CryptoComponentImpl implements CryptoComponent {
throw new IllegalArgumentException(); throw new IllegalArgumentException();
for(int i = 0; i < TAG_LENGTH; i++) tag[i] = 0; for(int i = 0; i < TAG_LENGTH; i++) tag[i] = 0;
ByteUtils.writeUint32(connection, tag, 0); ByteUtils.writeUint32(connection, tag, 0);
BlockCipher cipher = new AESFastEngine(); BlockCipher cipher = new AESLightEngine();
assert cipher.getBlockSize() == TAG_LENGTH; assert cipher.getBlockSize() == TAG_LENGTH;
KeyParameter k = new KeyParameter(tagKey.getEncoded()); KeyParameter k = new KeyParameter(tagKey.getEncoded());
cipher.init(true, k); cipher.init(true, k);
@@ -317,7 +317,7 @@ class CryptoComponentImpl implements CryptoComponent {
System.arraycopy(iv, 0, output, salt.length, iv.length); System.arraycopy(iv, 0, output, salt.length, iv.length);
// Initialise the cipher and encrypt the plaintext // Initialise the cipher and encrypt the plaintext
try { try {
AEADBlockCipher c = new GCMBlockCipher(new AESFastEngine()); AEADBlockCipher c = new GCMBlockCipher(new AESLightEngine());
AuthenticatedCipher cipher = new AuthenticatedCipherImpl(c, AuthenticatedCipher cipher = new AuthenticatedCipherImpl(c,
MAC_BYTES); MAC_BYTES);
cipher.init(ENCRYPT_MODE, key, iv, null); cipher.init(ENCRYPT_MODE, key, iv, null);
@@ -345,7 +345,7 @@ class CryptoComponentImpl implements CryptoComponent {
// Initialise the cipher // Initialise the cipher
AuthenticatedCipher cipher; AuthenticatedCipher cipher;
try { try {
AEADBlockCipher c = new GCMBlockCipher(new AESFastEngine()); AEADBlockCipher c = new GCMBlockCipher(new AESLightEngine());
cipher = new AuthenticatedCipherImpl(c, MAC_BYTES); cipher = new AuthenticatedCipherImpl(c, MAC_BYTES);
cipher.init(DECRYPT_MODE, key, iv, null); cipher.init(DECRYPT_MODE, key, iv, null);
} catch(GeneralSecurityException e) { } catch(GeneralSecurityException e) {
@@ -405,7 +405,7 @@ class CryptoComponentImpl implements CryptoComponent {
throw new IllegalArgumentException(); throw new IllegalArgumentException();
if(label[label.length - 1] != '\0') if(label[label.length - 1] != '\0')
throw new IllegalArgumentException(); throw new IllegalArgumentException();
Mac prf = new CMac(new AESFastEngine()); Mac prf = new CMac(new AESLightEngine());
KeyParameter k = new KeyParameter(secret); KeyParameter k = new KeyParameter(secret);
prf.init(k); prf.init(k);
int macLength = prf.getMacSize(); int macLength = prf.getMacSize();