From 82a52638cfc97d44c9d5b8d3b6286c633aafb300 Mon Sep 17 00:00:00 2001
From: akwizgran <michael@briarproject.org>
Date: Mon, 3 Jun 2019 16:08:32 +0100
Subject: [PATCH] Derive rendezvous key from static master key.

---
 .../api/rendezvous/RendezvousConstants.java   |  2 +-
 .../api/rendezvous/RendezvousCrypto.java      |  7 +------
 .../rendezvous/RendezvousCryptoImpl.java      | 21 ++-----------------
 .../rendezvous/RendezvousPollerImpl.java      |  8 ++++++-
 4 files changed, 11 insertions(+), 27 deletions(-)

diff --git a/bramble-api/src/main/java/org/briarproject/bramble/api/rendezvous/RendezvousConstants.java b/bramble-api/src/main/java/org/briarproject/bramble/api/rendezvous/RendezvousConstants.java
index d114db90c..df4885845 100644
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/rendezvous/RendezvousConstants.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/rendezvous/RendezvousConstants.java
@@ -21,7 +21,7 @@ public interface RendezvousConstants {
 	long POLLING_INTERVAL_MS = MINUTES.toMillis(1);
 
 	/**
-	 * Label for deriving the rendezvous key from the handshake key pairs.
+	 * Label for deriving the rendezvous key from the static master key.
 	 */
 	String RENDEZVOUS_KEY_LABEL =
 			"org.briarproject.bramble.rendezvous/RENDEZVOUS_KEY";
diff --git a/bramble-api/src/main/java/org/briarproject/bramble/api/rendezvous/RendezvousCrypto.java b/bramble-api/src/main/java/org/briarproject/bramble/api/rendezvous/RendezvousCrypto.java
index 141e61285..268b80579 100644
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/rendezvous/RendezvousCrypto.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/rendezvous/RendezvousCrypto.java
@@ -1,18 +1,13 @@
 package org.briarproject.bramble.api.rendezvous;
 
-import org.briarproject.bramble.api.crypto.KeyPair;
-import org.briarproject.bramble.api.crypto.PublicKey;
 import org.briarproject.bramble.api.crypto.SecretKey;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.TransportId;
 
-import java.security.GeneralSecurityException;
-
 @NotNullByDefault
 public interface RendezvousCrypto {
 
-	SecretKey deriveRendezvousKey(PublicKey theirPublicKey, KeyPair ourKeyPair)
-			throws GeneralSecurityException;
+	SecretKey deriveRendezvousKey(SecretKey staticMasterKey);
 
 	KeyMaterialSource createKeyMaterialSource(SecretKey rendezvousKey,
 			TransportId t);
diff --git a/bramble-core/src/main/java/org/briarproject/bramble/rendezvous/RendezvousCryptoImpl.java b/bramble-core/src/main/java/org/briarproject/bramble/rendezvous/RendezvousCryptoImpl.java
index b627b6c51..a8cea4be7 100644
--- a/bramble-core/src/main/java/org/briarproject/bramble/rendezvous/RendezvousCryptoImpl.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/rendezvous/RendezvousCryptoImpl.java
@@ -1,23 +1,17 @@
 package org.briarproject.bramble.rendezvous;
 
-import org.briarproject.bramble.api.Bytes;
 import org.briarproject.bramble.api.crypto.CryptoComponent;
-import org.briarproject.bramble.api.crypto.KeyPair;
-import org.briarproject.bramble.api.crypto.PublicKey;
 import org.briarproject.bramble.api.crypto.SecretKey;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.TransportId;
 import org.briarproject.bramble.api.rendezvous.KeyMaterialSource;
 import org.briarproject.bramble.api.rendezvous.RendezvousCrypto;
 
-import java.security.GeneralSecurityException;
-
 import javax.annotation.concurrent.Immutable;
 import javax.inject.Inject;
 
 import static org.briarproject.bramble.api.rendezvous.RendezvousConstants.KEY_MATERIAL_LABEL;
 import static org.briarproject.bramble.api.rendezvous.RendezvousConstants.RENDEZVOUS_KEY_LABEL;
-import static org.briarproject.bramble.api.rendezvous.RendezvousConstants.PROTOCOL_VERSION;
 import static org.briarproject.bramble.util.StringUtils.toUtf8;
 
 @Immutable
@@ -32,19 +26,8 @@ class RendezvousCryptoImpl implements RendezvousCrypto {
 	}
 
 	@Override
-	public SecretKey deriveRendezvousKey(PublicKey theirPublicKey,
-			KeyPair ourKeyPair) throws GeneralSecurityException {
-		byte[] ourPublicKeyBytes = ourKeyPair.getPublic().getEncoded();
-		byte[] theirPublicKeyBytes = theirPublicKey.getEncoded();
-		boolean alice = new Bytes(ourPublicKeyBytes).compareTo(
-				new Bytes(theirPublicKeyBytes)) < 0;
-		byte[][] inputs = {
-				new byte[] {PROTOCOL_VERSION},
-				alice ? ourPublicKeyBytes : theirPublicKeyBytes,
-				alice ? theirPublicKeyBytes : ourPublicKeyBytes
-		};
-		return crypto.deriveSharedSecret(RENDEZVOUS_KEY_LABEL, theirPublicKey,
-				ourKeyPair, inputs);
+	public SecretKey deriveRendezvousKey(SecretKey staticMasterKey) {
+		return crypto.deriveKey(RENDEZVOUS_KEY_LABEL, staticMasterKey);
 	}
 
 	@Override
diff --git a/bramble-core/src/main/java/org/briarproject/bramble/rendezvous/RendezvousPollerImpl.java b/bramble-core/src/main/java/org/briarproject/bramble/rendezvous/RendezvousPollerImpl.java
index 53f5d5c17..a64d43951 100644
--- a/bramble-core/src/main/java/org/briarproject/bramble/rendezvous/RendezvousPollerImpl.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/rendezvous/RendezvousPollerImpl.java
@@ -8,6 +8,7 @@ import org.briarproject.bramble.api.contact.event.PendingContactAddedEvent;
 import org.briarproject.bramble.api.contact.event.PendingContactRemovedEvent;
 import org.briarproject.bramble.api.crypto.KeyPair;
 import org.briarproject.bramble.api.crypto.SecretKey;
+import org.briarproject.bramble.api.crypto.TransportCrypto;
 import org.briarproject.bramble.api.db.DatabaseComponent;
 import org.briarproject.bramble.api.db.DbException;
 import org.briarproject.bramble.api.event.Event;
@@ -71,6 +72,7 @@ class RendezvousPollerImpl implements RendezvousPoller, Service, EventListener {
 	private final ScheduledExecutorService scheduler;
 	private final DatabaseComponent db;
 	private final IdentityManager identityManager;
+	private final TransportCrypto transportCrypto;
 	private final RendezvousCrypto rendezvousCrypto;
 	private final PluginManager pluginManager;
 	private final ConnectionManager connectionManager;
@@ -91,6 +93,7 @@ class RendezvousPollerImpl implements RendezvousPoller, Service, EventListener {
 			@Scheduler ScheduledExecutorService scheduler,
 			DatabaseComponent db,
 			IdentityManager identityManager,
+			TransportCrypto transportCrypto,
 			RendezvousCrypto rendezvousCrypto,
 			PluginManager pluginManager,
 			ConnectionManager connectionManager,
@@ -99,6 +102,7 @@ class RendezvousPollerImpl implements RendezvousPoller, Service, EventListener {
 		this.scheduler = scheduler;
 		this.db = db;
 		this.identityManager = identityManager;
+		this.transportCrypto = transportCrypto;
 		this.rendezvousCrypto = rendezvousCrypto;
 		this.pluginManager = pluginManager;
 		this.connectionManager = connectionManager;
@@ -145,8 +149,10 @@ class RendezvousPollerImpl implements RendezvousPoller, Service, EventListener {
 				handshakeKeyPair = db.transactionWithResult(true,
 						identityManager::getHandshakeKeys);
 			}
+			SecretKey staticMasterKey = transportCrypto
+					.deriveStaticMasterKey(p.getPublicKey(), handshakeKeyPair);
 			SecretKey rendezvousKey = rendezvousCrypto
-					.deriveRendezvousKey(p.getPublicKey(), handshakeKeyPair);
+					.deriveRendezvousKey(staticMasterKey);
 			requireNull(rendezvousKeys.put(p.getId(), rendezvousKey));
 			for (PluginState ps : pluginStates.values()) {
 				RendezvousEndpoint endpoint =