From 69fac86a0cb74c2980576025eb0fec29ec28d2be Mon Sep 17 00:00:00 2001 From: akwizgran Date: Mon, 5 Jul 2021 18:02:22 +0100 Subject: [PATCH] Clear keys from session when moving to AWAIT_ACTIVATE state. --- .../IntroduceeProtocolEngine.java | 3 +- .../briar/introduction/IntroduceeSession.java | 31 ++++++++++++++----- .../IntroduceeProtocolEngineTest.java | 6 ++++ 3 files changed, 32 insertions(+), 8 deletions(-) diff --git a/briar-core/src/main/java/org/briarproject/briar/introduction/IntroduceeProtocolEngine.java b/briar-core/src/main/java/org/briarproject/briar/introduction/IntroduceeProtocolEngine.java index d198a3bd3..03372d6c8 100644 --- a/briar-core/src/main/java/org/briarproject/briar/introduction/IntroduceeProtocolEngine.java +++ b/briar-core/src/main/java/org/briarproject/briar/introduction/IntroduceeProtocolEngine.java @@ -49,6 +49,7 @@ import javax.inject.Inject; import static java.lang.Math.max; import static java.util.logging.Level.WARNING; +import static org.briarproject.bramble.api.nullsafety.NullSafety.requireNonNull; import static org.briarproject.bramble.api.system.Clock.MIN_REASONABLE_TIME_MS; import static org.briarproject.bramble.util.LogUtils.logException; import static org.briarproject.briar.introduction.IntroduceeState.AWAIT_AUTH; @@ -476,7 +477,7 @@ class IntroduceeProtocolEngine // add signed transport properties for the contact transportPropertyManager.addRemoteProperties(txn, contactId, - s.getRemote().transportProperties); + requireNonNull(s.getRemote().transportProperties)); } catch (ContactExistsException e) { // Ignore this, because the other introducee might have deleted us } diff --git a/briar-core/src/main/java/org/briarproject/briar/introduction/IntroduceeSession.java b/briar-core/src/main/java/org/briarproject/briar/introduction/IntroduceeSession.java index 13fd4df0f..80f9d95b3 100644 --- a/briar-core/src/main/java/org/briarproject/briar/introduction/IntroduceeSession.java +++ b/briar-core/src/main/java/org/briarproject/briar/introduction/IntroduceeSession.java @@ -116,8 +116,8 @@ class IntroduceeSession extends Session static IntroduceeSession awaitActivate(IntroduceeSession s, AuthMessage m, Message sent, @Nullable Map transportKeys) { - Local local = new Local(s.local, sent.getId(), sent.getTimestamp()); - Remote remote = new Remote(s.remote, m.getMessageId()); + Local local = Local.clear(s.local, sent.getId(), sent.getTimestamp()); + Remote remote = Remote.clear(s.remote, m.getMessageId()); return new IntroduceeSession(s.getSessionId(), AWAIT_ACTIVATE, s.getRequestTimestamp(), s.contactGroupId, s.introducer, local, remote, null, transportKeys); @@ -228,11 +228,15 @@ class IntroduceeSession extends Session this.ephemeralPrivateKey = ephemeralPrivateKey; } - private Local(Local s, @Nullable MessageId lastMessageId, - long lastMessageTimestamp) { - this(s.alice, lastMessageId, lastMessageTimestamp, - s.ephemeralPublicKey, s.ephemeralPrivateKey, - s.transportProperties, s.acceptTimestamp, s.macKey); + /** + * Returns a copy of the given Local, updating the last message ID + * and timestamp and clearing the ephemeral keys. + */ + private static Local clear(Local s, + @Nullable MessageId lastMessageId, long lastMessageTimestamp) { + return new Local(s.alice, lastMessageId, lastMessageTimestamp, + null, null, s.transportProperties, s.acceptTimestamp, + s.macKey); } } @@ -249,10 +253,23 @@ class IntroduceeSession extends Session this.author = author; } + /** + * Returns a copy of the given Remote, updating the last message ID. + */ private Remote(Remote s, @Nullable MessageId lastMessageId) { this(s.alice, s.author, lastMessageId, s.ephemeralPublicKey, s.transportProperties, s.acceptTimestamp, s.macKey); } + + /** + * Returns a copy of the given Remote, updating the last message ID + * and clearing the ephemeral keys. + */ + private static Remote clear(Remote s, + @Nullable MessageId lastMessageId) { + return new Remote(s.alice, s.author, lastMessageId, null, + s.transportProperties, s.acceptTimestamp, s.macKey); + } } } diff --git a/briar-core/src/test/java/org/briarproject/briar/introduction/IntroduceeProtocolEngineTest.java b/briar-core/src/test/java/org/briarproject/briar/introduction/IntroduceeProtocolEngineTest.java index b78817352..ab2d1cc36 100644 --- a/briar-core/src/test/java/org/briarproject/briar/introduction/IntroduceeProtocolEngineTest.java +++ b/briar-core/src/test/java/org/briarproject/briar/introduction/IntroduceeProtocolEngineTest.java @@ -54,6 +54,7 @@ import static org.briarproject.briar.introduction.IntroduceeState.AWAIT_AUTH; import static org.briarproject.briar.introduction.IntroduceeState.START; import static org.briarproject.briar.introduction.MessageType.ABORT; import static org.briarproject.briar.introduction.MessageType.ACTIVATE; +import static org.junit.Assert.assertArrayEquals; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNull; @@ -176,9 +177,14 @@ public class IntroduceeProtocolEngineTest extends BrambleMockTestCase { IntroduceeSession.Local afterLocal = after.getLocal(); assertEquals(activateMessage.getId(), afterLocal.lastMessageId); assertEquals(now, afterLocal.lastMessageTimestamp); + assertNull(afterLocal.ephemeralPublicKey); + assertNull(afterLocal.ephemeralPrivateKey); + assertArrayEquals(localMacKey.getBytes(), afterLocal.macKey); IntroduceeSession.Remote afterRemote = after.getRemote(); assertEquals(authMessage.getMessageId(), afterRemote.lastMessageId); + assertNull(afterRemote.ephemeralPublicKey); + assertArrayEquals(remoteMacKey.getBytes(), afterRemote.macKey); } @Test