Upgraded hash function to SHA-384 and MAC to HMAC-SHA-384.

This matches the security level of AES-256 according to NSA Suite B. To
better comply with Suite B we should replace the combination of CTR mode
and HMAC with GCM, which would reduce the MAC size from 48 to 16 bytes.

api/net/sf/briar/api/protocol/ProtocolConstants.java

@@ -22,13 +22,13 @@ public interface ProtocolConstants {
 	static final int MAX_PROPERTY_LENGTH = 100;
 
 	/** The maximum number of groups a node may subscribe to. */
-	static final int MAX_GROUPS = 6000;
+	static final int MAX_GROUPS = 5000;
 
 	/** The maximum length of a group's name in UTF-8 bytes. */
 	static final int MAX_GROUP_NAME_LENGTH = 50;
 
 	/** The maximum length of a public key in bytes. */
-	static final int MAX_PUBLIC_KEY_LENGTH = 100;
+	static final int MAX_PUBLIC_KEY_LENGTH = 120;
 
 	/** The maximum length of an author's name in UTF-8 bytes. */
 	static final int MAX_AUTHOR_NAME_LENGTH = 50;
@@ -44,7 +44,7 @@ public interface ProtocolConstants {
 	static final int MAX_SUBJECT_LENGTH = 100;
 
 	/** The maximum length of a signature in bytes. */
-	static final int MAX_SIGNATURE_LENGTH = 100;
+	static final int MAX_SIGNATURE_LENGTH = 120;
 
 	/** The length of a message's random salt in bytes. */
 	static final int SALT_LENGTH = 8;

api/net/sf/briar/api/protocol/UniqueId.java

@@ -5,14 +5,14 @@ import java.util.Arrays;
 public abstract class UniqueId {
 
 	/** The length of a unique identifier in bytes. */
-	public static final int LENGTH = 32;
+	public static final int LENGTH = 48;
 
 	protected final byte[] id;
 
 	private int hashCode = -1;
 
 	protected UniqueId(byte[] id) {
-		assert id.length == LENGTH;
+		if(id.length != LENGTH) throw new IllegalArgumentException();
 		this.id = id;
 	}
 

api/net/sf/briar/api/transport/TransportConstants.java

@@ -12,7 +12,7 @@ public interface TransportConstants {
 	static final int FRAME_HEADER_LENGTH = 9;
 
 	/** The length of the MAC in bytes. */
-	static final int MAC_LENGTH = 32;
+	static final int MAC_LENGTH = 48;
 
 	/**
 	 * The minimum connection length in bytes that all transport plugins must

components/net/sf/briar/crypto/CryptoComponentImpl.java

@@ -25,16 +25,16 @@ class CryptoComponentImpl implements CryptoComponent {
 
 	private static final String PROVIDER = "BC";
 	private static final String KEY_PAIR_ALGO = "ECDSA";
-	private static final int KEY_PAIR_BITS = 256;
+	private static final int KEY_PAIR_BITS = 384;
 	private static final String SECRET_KEY_ALGO = "AES";
 	private static final int SECRET_KEY_BYTES = 32; // 256 bits
 	private static final int KEY_DERIVATION_IV_BYTES = 16; // 128 bits
 	private static final String KEY_DERIVATION_ALGO = "AES/CTR/NoPadding";
-	private static final String DIGEST_ALGO = "SHA-256";
+	private static final String DIGEST_ALGO = "SHA-384";
 	private static final String SIGNATURE_ALGO = "ECDSA";
 	private static final String TAG_CIPHER_ALGO = "AES/ECB/NoPadding";
 	private static final String FRAME_CIPHER_ALGO = "AES/CTR/NoPadding";
-	private static final String MAC_ALGO = "HMacSHA256";
+	private static final String MAC_ALGO = "HMacSHA384";
 
 	// Labels for key derivation, null-terminated
 	private static final byte[] TAG = { 'T', 'A', 'G', 0 };

components/net/sf/briar/db/H2Database.java

@@ -24,7 +24,7 @@ import com.google.inject.Inject;
 /** Contains all the H2-specific code for the database. */
 class H2Database extends JdbcDatabase {
 
-	private static final String HASH_TYPE = "BINARY(32)";
+	private static final String HASH_TYPE = "BINARY(48)";
 	private static final String BINARY_TYPE = "BINARY";
 	private static final String COUNTER_TYPE = "INT NOT NULL AUTO_INCREMENT";
 	private static final String SECRET_TYPE = "BINARY(32)";

components/net/sf/briar/plugins/bluetooth/BluetoothPlugin.java

@@ -37,7 +37,8 @@ class BluetoothPlugin implements DuplexPlugin {
 
 	public static final byte[] TRANSPORT_ID =
 		StringUtils.fromHexString("d99c9313c04417dcf22fc60d12a187ea"
-				+ "00a539fd260f08a13a0d8a900cde5e49");
+				+ "00a539fd260f08a13a0d8a900cde5e49"
+				+ "1b4df2ffd42e40c408f2db7868f518aa");
 
 	private static final TransportId ID = new TransportId(TRANSPORT_ID);
 	private static final Logger LOG =

components/net/sf/briar/plugins/file/RemovableDrivePlugin.java

@@ -21,7 +21,8 @@ implements RemovableDriveMonitor.Callback {
 
 	public static final byte[] TRANSPORT_ID =
 		StringUtils.fromHexString("7c81bf5c9b1cd557685548c85f976bbd"
-				+ "e633d2418ea2e230e5710fb43c6f8cc0");
+				+ "e633d2418ea2e230e5710fb43c6f8cc0"
+				+ "68abca3a9d0edb13bcea13b851725c5d");
 
 	private static final TransportId ID = new TransportId(TRANSPORT_ID);
 	private static final Logger LOG =

components/net/sf/briar/plugins/socket/SimpleSocketPlugin.java

@@ -25,7 +25,8 @@ class SimpleSocketPlugin extends SocketPlugin {
 
 	public static final byte[] TRANSPORT_ID =
 		StringUtils.fromHexString("58c66d999e492b85065924acfd739d80"
-				+ "c65a62f87e5a4fc6c284f95908b9007d");
+				+ "c65a62f87e5a4fc6c284f95908b9007d"
+				+ "512a93ebf89bf68f50a29e96eebf97b6");
 
 	private static final TransportId ID = new TransportId(TRANSPORT_ID);
 	private static final Logger LOG =

components/net/sf/briar/plugins/tor/TorPlugin.java

@@ -34,7 +34,8 @@ class TorPlugin implements DuplexPlugin {
 
 	public static final byte[] TRANSPORT_ID =
 		StringUtils.fromHexString("f264721575cb7ee710772f35abeb3db4"
-				+ "a91f474e14de346be296c2efc99effdd");
+				+ "a91f474e14de346be296c2efc99effdd"
+				+ "f35921e6ed87a25c201f044da4767981");
 
 	private static final TransportId ID = new TransportId(TRANSPORT_ID);
 	private static final Logger LOG =

test/net/sf/briar/crypto/ErasableKeyTest.java

@@ -19,7 +19,7 @@ public class ErasableKeyTest extends BriarTestCase {
 	private static final String CIPHER_MODE = "AES/CTR/NoPadding";
 	private static final int IV_BYTES = 16; // 128 bits
 	private static final int KEY_BYTES = 32; // 256 bits
-	private static final String MAC = "HMacSHA256";
+	private static final String MAC = "HMacSHA384";
 
 	private final Random random = new Random();