Kaladaran/briar
0
0
Fork 0
mirror of https://code.briarproject.org/briar/briar.git synced 2026-02-21 23:29:52 +01:00
Code Issues Projects Releases Wiki Activity

Require a label for signing

Browse Source 
This adds a sign() and a verify() method to the CryptoComponent
that take a mandatory label argument to ensure that signatures can't be
repurposed.
This commit is contained in:
Torsten Grote
2016-11-17 16:36:51 -02:00
parent 9b09b64ad3
commit c86d971166
20 changed files with 158 additions and 107 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
briar-core/src/org/briarproject/privategroup/GroupMessageFactoryImpl.java
View File

@@ -51,8 +51,8 @@ class GroupMessageFactoryImpl implements GroupMessageFactory {
int type = JOIN.getInt();
BdfList toSign = BdfList.of(groupId, timestamp, type,
member.getName(), member.getPublicKey(), invite);
byte[] memberSignature =
clientHelper.sign(toSign, member.getPrivateKey());
byte[] memberSignature = clientHelper
.sign(SIGNING_LABEL_JOIN, toSign, member.getPrivateKey());
// Compose the message
BdfList body =
@@ -78,8 +78,8 @@ class GroupMessageFactoryImpl implements GroupMessageFactory {
BdfList toSign = BdfList.of(groupId, timestamp, type,
author.getName(), author.getPublicKey(), parentId,
previousMsgId, content);
byte[] signature =
clientHelper.sign(toSign, author.getPrivateKey());
byte[] signature = clientHelper
.sign(SIGNING_LABEL_POST, toSign, author.getPrivateKey());
// Compose the message
BdfList body =

13
briar-core/src/org/briarproject/privategroup/GroupMessageValidator.java
View File

@@ -27,9 +27,12 @@ import java.util.Collection;
import static org.briarproject.api.identity.AuthorConstants.MAX_AUTHOR_NAME_LENGTH;
import static org.briarproject.api.identity.AuthorConstants.MAX_PUBLIC_KEY_LENGTH;
import static org.briarproject.api.identity.AuthorConstants.MAX_SIGNATURE_LENGTH;
import static org.briarproject.api.privategroup.GroupMessageFactory.SIGNING_LABEL_JOIN;
import static org.briarproject.api.privategroup.GroupMessageFactory.SIGNING_LABEL_POST;
import static org.briarproject.api.privategroup.MessageType.JOIN;
import static org.briarproject.api.privategroup.MessageType.POST;
import static org.briarproject.api.privategroup.PrivateGroupConstants.MAX_GROUP_POST_BODY_LENGTH;
import static org.briarproject.api.privategroup.invitation.GroupInvitationFactory.SIGNING_LABEL_INVITE;
import static org.briarproject.privategroup.GroupConstants.KEY_INITIAL_JOIN_MSG;
import static org.briarproject.privategroup.GroupConstants.KEY_MEMBER_ID;
import static org.briarproject.privategroup.GroupConstants.KEY_MEMBER_NAME;
@@ -130,7 +133,7 @@ class GroupMessageValidator extends BdfMessageValidator {
.createInviteToken(creator.getId(), member.getId(),
pg.getId(), inviteTimestamp);
try {
clientHelper.verifySignature(creatorSignature,
clientHelper.verifySignature(SIGNING_LABEL_INVITE, creatorSignature,
creator.getPublicKey(), token);
} catch (GeneralSecurityException e) {
throw new InvalidMessageException(e);
@@ -146,8 +149,8 @@ class GroupMessageValidator extends BdfMessageValidator {
BdfList signed = BdfList.of(g.getId(), m.getTimestamp(), JOIN.getInt(),
member.getName(), member.getPublicKey(), invite);
try {
clientHelper.verifySignature(memberSignature, member.getPublicKey(),
signed);
clientHelper.verifySignature(SIGNING_LABEL_JOIN, memberSignature,
member.getPublicKey(), signed);
} catch (GeneralSecurityException e) {
throw new InvalidMessageException(e);
}
@@ -189,8 +192,8 @@ class GroupMessageValidator extends BdfMessageValidator {
member.getName(), member.getPublicKey(), parentId,
previousMessageId, content);
try {
clientHelper
.verifySignature(signature, member.getPublicKey(), signed);
clientHelper.verifySignature(SIGNING_LABEL_POST, signature,
member.getPublicKey(), signed);
} catch (GeneralSecurityException e) {
throw new InvalidMessageException(e);
}

3
briar-core/src/org/briarproject/privategroup/invitation/GroupInvitationFactoryImpl.java
View File

@@ -36,7 +36,7 @@ class GroupInvitationFactoryImpl implements GroupInvitationFactory {
BdfList token = createInviteToken(creatorId, memberId, privateGroupId,
timestamp);
try {
return clientHelper.sign(token, privateKey);
return clientHelper.sign(SIGNING_LABEL_INVITE, token, privateKey);
} catch (GeneralSecurityException e) {
throw new IllegalArgumentException(e);
} catch (FormatException e) {
@@ -50,7 +50,6 @@ class GroupInvitationFactoryImpl implements GroupInvitationFactory {
Group contactGroup = contactGroupFactory.createContactGroup(CLIENT_ID,
creatorId, memberId);
return BdfList.of(
0, // TODO: Replace with a namespaced string
timestamp,
contactGroup.getId(),
privateGroupId

5
briar-core/src/org/briarproject/privategroup/invitation/GroupInvitationValidator.java
View File

@@ -31,6 +31,7 @@ import static org.briarproject.api.identity.AuthorConstants.MAX_SIGNATURE_LENGTH
import static org.briarproject.api.privategroup.PrivateGroupConstants.GROUP_SALT_LENGTH;
import static org.briarproject.api.privategroup.PrivateGroupConstants.MAX_GROUP_INVITATION_MSG_LENGTH;
import static org.briarproject.api.privategroup.PrivateGroupConstants.MAX_GROUP_NAME_LENGTH;
import static org.briarproject.api.privategroup.invitation.GroupInvitationFactory.SIGNING_LABEL_INVITE;
import static org.briarproject.privategroup.invitation.MessageType.ABORT;
import static org.briarproject.privategroup.invitation.MessageType.INVITE;
import static org.briarproject.privategroup.invitation.MessageType.JOIN;
@@ -96,13 +97,13 @@ class GroupInvitationValidator extends BdfMessageValidator {
groupName, creator, salt);
// Verify the signature
BdfList signed = BdfList.of(
INVITE.getValue(),
m.getTimestamp(),
m.getGroupId(),
privateGroup.getId()
);
try {
clientHelper.verifySignature(signature, creatorPublicKey, signed);
clientHelper.verifySignature(SIGNING_LABEL_INVITE, signature,
creatorPublicKey, signed);
} catch (GeneralSecurityException e) {
throw new FormatException();
}