mirror of
https://code.briarproject.org/briar/briar.git
synced 2026-02-21 07:09:56 +01:00
Store the incoming and outgoing secrets separately.
This commit is contained in:
akwizgran
@@ -4,14 +4,15 @@ import static net.sf.briar.api.transport.TransportConstants.IV_LENGTH;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.Random;
|
||||
|
||||
import javax.crypto.Cipher;
|
||||
import net.sf.briar.api.crypto.ErasableKey;
|
||||
|
||||
import junit.framework.TestCase;
|
||||
import net.sf.briar.TestUtils;
|
||||
import net.sf.briar.api.ContactId;
|
||||
import net.sf.briar.api.crypto.CryptoComponent;
|
||||
import net.sf.briar.api.crypto.ErasableKey;
|
||||
import net.sf.briar.api.db.DatabaseComponent;
|
||||
import net.sf.briar.api.protocol.Transport;
|
||||
import net.sf.briar.api.protocol.TransportId;
|
||||
@@ -31,7 +32,7 @@ public class ConnectionRecogniserImplTest extends TestCase {
|
||||
|
||||
private final CryptoComponent crypto;
|
||||
private final ContactId contactId;
|
||||
private final byte[] secret;
|
||||
private final byte[] inSecret;
|
||||
private final TransportId transportId;
|
||||
private final TransportIndex localIndex, remoteIndex;
|
||||
private final Collection<Transport> transports;
|
||||
@@ -42,7 +43,8 @@ public class ConnectionRecogniserImplTest extends TestCase {
|
||||
Injector i = Guice.createInjector(new CryptoModule());
|
||||
crypto = i.getInstance(CryptoComponent.class);
|
||||
contactId = new ContactId(1);
|
||||
secret = new byte[18];
|
||||
inSecret = new byte[123];
|
||||
new Random().nextBytes(inSecret);
|
||||
transportId = new TransportId(TestUtils.getRandomId());
|
||||
localIndex = new TransportIndex(13);
|
||||
remoteIndex = new TransportIndex(7);
|
||||
@@ -63,8 +65,8 @@ public class ConnectionRecogniserImplTest extends TestCase {
|
||||
will(returnValue(transports));
|
||||
oneOf(db).getContacts();
|
||||
will(returnValue(Collections.singletonList(contactId)));
|
||||
oneOf(db).getSharedSecret(contactId);
|
||||
will(returnValue(secret));
|
||||
oneOf(db).getSharedSecret(contactId, true);
|
||||
will(returnValue(inSecret));
|
||||
oneOf(db).getRemoteIndex(contactId, transportId);
|
||||
will(returnValue(remoteIndex));
|
||||
oneOf(db).getConnectionWindow(contactId, remoteIndex);
|
||||
@@ -79,7 +81,7 @@ public class ConnectionRecogniserImplTest extends TestCase {
|
||||
@Test
|
||||
public void testExpectedIv() throws Exception {
|
||||
// Calculate the expected IV for connection number 3
|
||||
ErasableKey ivKey = crypto.deriveIncomingIvKey(secret);
|
||||
ErasableKey ivKey = crypto.deriveIvKey(inSecret, true);
|
||||
Cipher ivCipher = crypto.getIvCipher();
|
||||
ivCipher.init(Cipher.ENCRYPT_MODE, ivKey);
|
||||
byte[] iv = IvEncoder.encodeIv(true, remoteIndex, 3L);
|
||||
@@ -94,8 +96,8 @@ public class ConnectionRecogniserImplTest extends TestCase {
|
||||
will(returnValue(transports));
|
||||
oneOf(db).getContacts();
|
||||
will(returnValue(Collections.singletonList(contactId)));
|
||||
oneOf(db).getSharedSecret(contactId);
|
||||
will(returnValue(secret));
|
||||
oneOf(db).getSharedSecret(contactId, true);
|
||||
will(returnValue(inSecret));
|
||||
oneOf(db).getRemoteIndex(contactId, transportId);
|
||||
will(returnValue(remoteIndex));
|
||||
oneOf(db).getConnectionWindow(contactId, remoteIndex);
|
||||
@@ -105,8 +107,8 @@ public class ConnectionRecogniserImplTest extends TestCase {
|
||||
will(returnValue(connectionWindow));
|
||||
oneOf(db).setConnectionWindow(contactId, remoteIndex,
|
||||
connectionWindow);
|
||||
oneOf(db).getSharedSecret(contactId);
|
||||
will(returnValue(secret));
|
||||
oneOf(db).getSharedSecret(contactId, true);
|
||||
will(returnValue(inSecret));
|
||||
}});
|
||||
final ConnectionRecogniserImpl c =
|
||||
new ConnectionRecogniserImpl(crypto, db);
|
||||
|
||||
@@ -4,6 +4,7 @@ import static net.sf.briar.api.protocol.ProtocolConstants.MAX_PACKET_LENGTH;
|
||||
import static net.sf.briar.api.transport.TransportConstants.MIN_CONNECTION_LENGTH;
|
||||
|
||||
import java.io.ByteArrayOutputStream;
|
||||
import java.util.Random;
|
||||
|
||||
import junit.framework.TestCase;
|
||||
import net.sf.briar.TestDatabaseModule;
|
||||
@@ -26,7 +27,7 @@ import com.google.inject.Injector;
|
||||
public class ConnectionWriterTest extends TestCase {
|
||||
|
||||
private final ConnectionWriterFactory connectionWriterFactory;
|
||||
private final byte[] secret = new byte[100];
|
||||
private final byte[] outSecret;
|
||||
private final TransportIndex transportIndex = new TransportIndex(13);
|
||||
private final long connection = 12345L;
|
||||
|
||||
@@ -38,6 +39,8 @@ public class ConnectionWriterTest extends TestCase {
|
||||
new TestDatabaseModule(), new TransportBatchModule(),
|
||||
new TransportModule(), new TransportStreamModule());
|
||||
connectionWriterFactory = i.getInstance(ConnectionWriterFactory.class);
|
||||
outSecret = new byte[123];
|
||||
new Random().nextBytes(outSecret);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -45,7 +48,7 @@ public class ConnectionWriterTest extends TestCase {
|
||||
ByteArrayOutputStream out =
|
||||
new ByteArrayOutputStream(MIN_CONNECTION_LENGTH);
|
||||
ConnectionWriter w = connectionWriterFactory.createConnectionWriter(out,
|
||||
MIN_CONNECTION_LENGTH, transportIndex, connection, secret);
|
||||
MIN_CONNECTION_LENGTH, transportIndex, connection, outSecret);
|
||||
// Check that the connection writer thinks there's room for a packet
|
||||
long capacity = w.getRemainingCapacity();
|
||||
assertTrue(capacity >= MAX_PACKET_LENGTH);
|
||||
|
||||
@@ -29,10 +29,10 @@ public class FrameReadWriteTest extends TestCase {
|
||||
|
||||
private final CryptoComponent crypto;
|
||||
private final Cipher ivCipher, frameCipher;
|
||||
private final Random random;
|
||||
private final byte[] outSecret;
|
||||
private final ErasableKey ivKey, frameKey, macKey;
|
||||
private final Mac mac;
|
||||
private final Random random;
|
||||
private final byte[] secret = new byte[100];
|
||||
private final TransportIndex transportIndex = new TransportIndex(13);
|
||||
private final long connection = 12345L;
|
||||
|
||||
@@ -42,12 +42,14 @@ public class FrameReadWriteTest extends TestCase {
|
||||
crypto = i.getInstance(CryptoComponent.class);
|
||||
ivCipher = crypto.getIvCipher();
|
||||
frameCipher = crypto.getFrameCipher();
|
||||
// Since we're sending frames to ourselves, we only need outgoing keys
|
||||
ivKey = crypto.deriveOutgoingIvKey(secret);
|
||||
frameKey = crypto.deriveOutgoingFrameKey(secret);
|
||||
macKey = crypto.deriveOutgoingMacKey(secret);
|
||||
mac = crypto.getMac();
|
||||
random = new Random();
|
||||
// Since we're sending frames to ourselves, we only need outgoing keys
|
||||
outSecret = new byte[123];
|
||||
random.nextBytes(outSecret);
|
||||
ivKey = crypto.deriveIvKey(outSecret, true);
|
||||
frameKey = crypto.deriveFrameKey(outSecret, true);
|
||||
macKey = crypto.deriveMacKey(outSecret, true);
|
||||
mac = crypto.getMac();
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -9,6 +9,7 @@ import java.io.InputStream;
|
||||
import java.io.OutputStream;
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.Random;
|
||||
|
||||
import junit.framework.TestCase;
|
||||
import net.sf.briar.TestDatabaseModule;
|
||||
@@ -54,7 +55,7 @@ public class BatchConnectionReadWriteTest extends TestCase {
|
||||
private final File bobDir = new File(testDir, "bob");
|
||||
private final TransportId transportId;
|
||||
private final TransportIndex transportIndex;
|
||||
private final byte[] aliceSecret, bobSecret;
|
||||
private final byte[] aliceToBobSecret, bobToAliceSecret;
|
||||
|
||||
private Injector alice, bob;
|
||||
|
||||
@@ -63,9 +64,11 @@ public class BatchConnectionReadWriteTest extends TestCase {
|
||||
transportId = new TransportId(TestUtils.getRandomId());
|
||||
transportIndex = new TransportIndex(1);
|
||||
// Create matching secrets for Alice and Bob
|
||||
aliceSecret = new byte[123];
|
||||
aliceSecret[0] = (byte) 1;
|
||||
bobSecret = new byte[123];
|
||||
Random r = new Random();
|
||||
aliceToBobSecret = new byte[123];
|
||||
r.nextBytes(aliceToBobSecret);
|
||||
bobToAliceSecret = new byte[123];
|
||||
r.nextBytes(bobToAliceSecret);
|
||||
}
|
||||
|
||||
@Before
|
||||
@@ -102,7 +105,7 @@ public class BatchConnectionReadWriteTest extends TestCase {
|
||||
DatabaseComponent db = alice.getInstance(DatabaseComponent.class);
|
||||
db.open(false);
|
||||
// Add Bob as a contact and send him a message
|
||||
ContactId contactId = db.addContact(aliceSecret);
|
||||
ContactId contactId = db.addContact(bobToAliceSecret, aliceToBobSecret);
|
||||
String subject = "Hello";
|
||||
byte[] messageBody = "Hi Bob!".getBytes("UTF-8");
|
||||
MessageEncoder encoder = alice.getInstance(MessageEncoder.class);
|
||||
@@ -134,7 +137,7 @@ public class BatchConnectionReadWriteTest extends TestCase {
|
||||
MessageListener listener = new MessageListener();
|
||||
db.addListener(listener);
|
||||
// Add Alice as a contact
|
||||
ContactId contactId = db.addContact(bobSecret);
|
||||
ContactId contactId = db.addContact(aliceToBobSecret, bobToAliceSecret);
|
||||
// Add the transport
|
||||
assertEquals(transportIndex, db.addTransport(transportId));
|
||||
// Fake a transport update from Alice
|
||||
|
||||
Reference in New Issue
Block a user