Remove method that just wraps a MAC call.

2026-02-12 10:49:06 +01:00 · 2017-11-28 10:40:19 +00:00
parent cc87e6fd1f
commit d2348a4e7d
5 changed files with 17 additions and 34 deletions
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/CryptoComponent.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/CryptoComponent.java
@@ -32,18 +32,6 @@ public interface CryptoComponent {
 	 */
 	SecretKey deriveKey(String label, SecretKey k, byte[]... inputs);

-	/**
-	 * Derives a nonce from the given secret key that can be used for key
-	 * binding.
-	 *
-	 * TODO: This just calls mac(), remove it
-	 *
-	 * @param label a namespaced label indicating the purpose of this nonce,
-	 * to prevent it from being repurposed or colliding with a nonce derived
-	 * for another purpose
-	 */
-	byte[] deriveKeyBindingNonce(String label, SecretKey k);
-
 	/**
 	 * Derives a common shared secret from two public keys and one of the
 	 * corresponding private keys.
--- a/bramble-core/src/main/java/org/briarproject/bramble/contact/ContactExchangeTaskImpl.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/contact/ContactExchangeTaskImpl.java
@@ -157,10 +157,8 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask {
 		BdfWriter w = bdfWriterFactory.createWriter(streamWriter);

 		// Derive the nonces to be signed
-		byte[] aliceNonce = crypto.deriveKeyBindingNonce(ALICE_NONCE_LABEL,
-				masterSecret);
-		byte[] bobNonce = crypto.deriveKeyBindingNonce(BOB_NONCE_LABEL,
-				masterSecret);
+		byte[] aliceNonce = crypto.mac(ALICE_NONCE_LABEL, masterSecret);
+		byte[] bobNonce = crypto.mac(BOB_NONCE_LABEL, masterSecret);

 		// Exchange pseudonyms, signed nonces, and timestamps
 		long localTimestamp = clock.currentTimeMillis();
--- a/bramble-core/src/main/java/org/briarproject/bramble/crypto/CryptoComponentImpl.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/crypto/CryptoComponentImpl.java
@@ -220,12 +220,9 @@ class CryptoComponentImpl implements CryptoComponent {

 	@Override
 	public SecretKey deriveKey(String label, SecretKey k, byte[]... inputs) {
-		return new SecretKey(mac(label, k, inputs));
-	}
-
-	@Override
-	public byte[] deriveKeyBindingNonce(String label, SecretKey k) {
-		return mac(label, k);
+		byte[] mac = mac(label, k, inputs);
+		if (mac.length != SecretKey.LENGTH) throw new IllegalStateException();
+		return new SecretKey(mac);
 	}

 	@Override
--- a/briar-core/src/main/java/org/briarproject/briar/introduction/IntroduceeManager.java
+++ b/briar-core/src/main/java/org/briarproject/briar/introduction/IntroduceeManager.java
@@ -451,15 +451,16 @@ class IntroduceeManager {
 	private void deriveMacKeysAndNonces(BdfDictionary localState,
 			LocalAuthor author, SecretKey secretKey, boolean alice)
 			throws FormatException, GeneralSecurityException {
-		// Derive two nonces and MAC keys from the shared secret key
-		byte[] ourNonce = cryptoComponent.deriveKeyBindingNonce(
-				alice ? ALICE_NONCE_LABEL : BOB_NONCE_LABEL, secretKey);
-		byte[] theirNonce = cryptoComponent.deriveKeyBindingNonce(
-				alice ? BOB_NONCE_LABEL : ALICE_NONCE_LABEL, secretKey);
-		SecretKey ourMacKey = cryptoComponent.deriveKey(
-				alice ? ALICE_MAC_KEY_LABEL : BOB_MAC_KEY_LABEL, secretKey);
-		SecretKey theirMacKey = cryptoComponent.deriveKey(
-				alice ? BOB_MAC_KEY_LABEL : ALICE_MAC_KEY_LABEL, secretKey);
+		// Derive two nonces and two MAC keys from the shared secret key
+		String ourNonceLabel = alice ? ALICE_NONCE_LABEL : BOB_NONCE_LABEL;
+		String theirNonceLabel = alice ? BOB_NONCE_LABEL : ALICE_NONCE_LABEL;
+		byte[] ourNonce = cryptoComponent.mac(ourNonceLabel, secretKey);
+		byte[] theirNonce = cryptoComponent.mac(theirNonceLabel, secretKey);
+		String ourKeyLabel = alice ? ALICE_MAC_KEY_LABEL : BOB_MAC_KEY_LABEL;
+		String theirKeyLabel = alice ? BOB_MAC_KEY_LABEL : ALICE_MAC_KEY_LABEL;
+		SecretKey ourMacKey = cryptoComponent.deriveKey(ourKeyLabel, secretKey);
+		SecretKey theirMacKey =
+				cryptoComponent.deriveKey(theirKeyLabel, secretKey);

 		// Save the other nonce and MAC key for the verification
 		localState.put(NONCE, theirNonce);
--- a/briar-core/src/test/java/org/briarproject/briar/introduction/IntroductionIntegrationTest.java
+++ b/briar-core/src/test/java/org/briarproject/briar/introduction/IntroductionIntegrationTest.java
@@ -755,8 +755,7 @@ public class IntroductionIntegrationTest
 		// Nonce 1
 		SecretKey sharedSecret = crypto.deriveSharedSecret(SHARED_SECRET_LABEL,
 				eKeyPair2.getPublic(), eKeyPair1, true);
-		byte[] nonce1 = crypto.deriveKeyBindingNonce(ALICE_NONCE_LABEL,
-				sharedSecret);
+		byte[] nonce1 = crypto.mac(ALICE_NONCE_LABEL, sharedSecret);

 		// Signature 1
 		byte[] sig1 = crypto.sign(SIGNING_LABEL, nonce1,
@@ -791,7 +790,7 @@ public class IntroductionIntegrationTest
 		byte[] ePublicKeyBytes1f = eKeyPair1f.getPublic().getEncoded();
 		sharedSecret = crypto.deriveSharedSecret(SHARED_SECRET_LABEL,
 				eKeyPair2.getPublic(), eKeyPair1f, true);
-		nonce1 = crypto.deriveKeyBindingNonce(ALICE_NONCE_LABEL, sharedSecret);
+		nonce1 = crypto.mac(ALICE_NONCE_LABEL, sharedSecret);

 		// recalculate MAC
 		macKey1 = crypto.deriveKey(ALICE_MAC_KEY_LABEL, sharedSecret);