diff --git a/bramble-api/src/main/java/org/briarproject/bramble/api/contact/ContactExchangeTask.java b/bramble-api/src/main/java/org/briarproject/bramble/api/contact/ContactExchangeTask.java index d54bff1c3..c72b0fa7e 100644 --- a/bramble-api/src/main/java/org/briarproject/bramble/api/contact/ContactExchangeTask.java +++ b/bramble-api/src/main/java/org/briarproject/bramble/api/contact/ContactExchangeTask.java @@ -18,30 +18,30 @@ public interface ContactExchangeTask { byte PROTOCOL_VERSION = 1; /** - * Label for deriving Alice's header key from the master secret. + * Label for deriving Alice's header key from the master key. */ String ALICE_KEY_LABEL = "org.briarproject.bramble.contact/ALICE_HEADER_KEY"; /** - * Label for deriving Bob's header key from the master secret. + * Label for deriving Bob's header key from the master key. */ String BOB_KEY_LABEL = "org.briarproject.bramble.contact/BOB_HEADER_KEY"; /** - * Label for deriving Alice's key binding nonce from the master secret. + * Label for deriving Alice's key binding nonce from the master key. */ String ALICE_NONCE_LABEL = "org.briarproject.bramble.contact/ALICE_NONCE"; /** - * Label for deriving Bob's key binding nonce from the master secret. + * Label for deriving Bob's key binding nonce from the master key. */ String BOB_NONCE_LABEL = "org.briarproject.bramble.contact/BOB_NONCE"; /** * Exchanges contact information with a remote peer. */ - void startExchange(LocalAuthor localAuthor, SecretKey masterSecret, + void startExchange(LocalAuthor localAuthor, SecretKey masterKey, DuplexTransportConnection conn, TransportId transportId, boolean alice); } diff --git a/bramble-api/src/main/java/org/briarproject/bramble/api/contact/ContactManager.java b/bramble-api/src/main/java/org/briarproject/bramble/api/contact/ContactManager.java index 7996cbf54..72c352206 100644 --- a/bramble-api/src/main/java/org/briarproject/bramble/api/contact/ContactManager.java +++ b/bramble-api/src/main/java/org/briarproject/bramble/api/contact/ContactManager.java @@ -13,8 +13,6 @@ import java.util.Collection; import javax.annotation.Nullable; -import static org.briarproject.bramble.api.contact.PendingContact.PendingContactState.FAILED; - @NotNullByDefault public interface ContactManager { @@ -33,7 +31,7 @@ public interface ContactManager { * @param alice true if the local party is Alice */ ContactId addContact(Transaction txn, Author remote, AuthorId local, - SecretKey master, long timestamp, boolean alice, boolean verified, + SecretKey rootKey, long timestamp, boolean alice, boolean verified, boolean active) throws DbException; /** @@ -50,7 +48,7 @@ public interface ContactManager { * * @param alice true if the local party is Alice */ - ContactId addContact(Author remote, AuthorId local, SecretKey master, + ContactId addContact(Author remote, AuthorId local, SecretKey rootKey, long timestamp, boolean alice, boolean verified, boolean active) throws DbException; diff --git a/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/TransportCrypto.java b/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/TransportCrypto.java index 37be4fe8c..a984a5c6f 100644 --- a/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/TransportCrypto.java +++ b/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/TransportCrypto.java @@ -12,12 +12,12 @@ public interface TransportCrypto { /** * Derives initial transport keys for the given transport in the given - * time period from the given master secret. + * time period from the given root key. * * @param alice whether the keys are for use by Alice or Bob. * @param active whether the keys are usable for outgoing streams. */ - TransportKeys deriveTransportKeys(TransportId t, SecretKey master, + TransportKeys deriveTransportKeys(TransportId t, SecretKey rootKey, long timePeriod, boolean alice, boolean active); /** diff --git a/bramble-api/src/main/java/org/briarproject/bramble/api/keyagreement/KeyAgreementConstants.java b/bramble-api/src/main/java/org/briarproject/bramble/api/keyagreement/KeyAgreementConstants.java index 4041d0ce4..2f5170b91 100644 --- a/bramble-api/src/main/java/org/briarproject/bramble/api/keyagreement/KeyAgreementConstants.java +++ b/bramble-api/src/main/java/org/briarproject/bramble/api/keyagreement/KeyAgreementConstants.java @@ -40,8 +40,8 @@ public interface KeyAgreementConstants { "org.briarproject.bramble.keyagreement/SHARED_SECRET"; /** - * Label for deriving the master secret. + * Label for deriving the master key. */ - String MASTER_SECRET_LABEL = + String MASTER_KEY_LABEL = "org.briarproject.bramble.keyagreement/MASTER_SECRET"; } diff --git a/bramble-api/src/main/java/org/briarproject/bramble/api/transport/KeyManager.java b/bramble-api/src/main/java/org/briarproject/bramble/api/transport/KeyManager.java index 7071a5e47..827c94fb7 100644 --- a/bramble-api/src/main/java/org/briarproject/bramble/api/transport/KeyManager.java +++ b/bramble-api/src/main/java/org/briarproject/bramble/api/transport/KeyManager.java @@ -28,7 +28,7 @@ public interface KeyManager { * @param active whether the derived keys can be used for outgoing streams */ Map addContact(Transaction txn, ContactId c, - SecretKey master, long timestamp, boolean alice, boolean active) + SecretKey rootKey, long timestamp, boolean alice, boolean active) throws DbException; /** diff --git a/bramble-api/src/main/java/org/briarproject/bramble/api/transport/TransportConstants.java b/bramble-api/src/main/java/org/briarproject/bramble/api/transport/TransportConstants.java index 2f58af225..60e9197ee 100644 --- a/bramble-api/src/main/java/org/briarproject/bramble/api/transport/TransportConstants.java +++ b/bramble-api/src/main/java/org/briarproject/bramble/api/transport/TransportConstants.java @@ -82,23 +82,23 @@ public interface TransportConstants { int REORDERING_WINDOW_SIZE = 32; /** - * Label for deriving Alice's initial tag key from the master secret. + * Label for deriving Alice's initial tag key from the root key. */ String ALICE_TAG_LABEL = "org.briarproject.bramble.transport/ALICE_TAG_KEY"; /** - * Label for deriving Bob's initial tag key from the master secret. + * Label for deriving Bob's initial tag key from the root key. */ String BOB_TAG_LABEL = "org.briarproject.bramble.transport/BOB_TAG_KEY"; /** - * Label for deriving Alice's initial header key from the master secret. + * Label for deriving Alice's initial header key from the root key. */ String ALICE_HEADER_LABEL = "org.briarproject.bramble.transport/ALICE_HEADER_KEY"; /** - * Label for deriving Bob's initial header key from the master secret. + * Label for deriving Bob's initial header key from the root key. */ String BOB_HEADER_LABEL = "org.briarproject.bramble.transport/BOB_HEADER_KEY"; diff --git a/bramble-core/src/main/java/org/briarproject/bramble/contact/ContactExchangeTaskImpl.java b/bramble-core/src/main/java/org/briarproject/bramble/contact/ContactExchangeTaskImpl.java index 76163e696..061a43a48 100644 --- a/bramble-core/src/main/java/org/briarproject/bramble/contact/ContactExchangeTaskImpl.java +++ b/bramble-core/src/main/java/org/briarproject/bramble/contact/ContactExchangeTaskImpl.java @@ -77,7 +77,7 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask { private volatile LocalAuthor localAuthor; private volatile DuplexTransportConnection conn; private volatile TransportId transportId; - private volatile SecretKey masterSecret; + private volatile SecretKey masterKey; private volatile boolean alice; @Inject @@ -104,13 +104,13 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask { } @Override - public void startExchange(LocalAuthor localAuthor, SecretKey masterSecret, + public void startExchange(LocalAuthor localAuthor, SecretKey masterKey, DuplexTransportConnection conn, TransportId transportId, boolean alice) { this.localAuthor = localAuthor; this.conn = conn; this.transportId = transportId; - this.masterSecret = masterSecret; + this.masterKey = masterKey; this.alice = alice; start(); } @@ -142,9 +142,9 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask { } // Derive the header keys for the transport streams - SecretKey aliceHeaderKey = crypto.deriveKey(ALICE_KEY_LABEL, - masterSecret, new byte[] {PROTOCOL_VERSION}); - SecretKey bobHeaderKey = crypto.deriveKey(BOB_KEY_LABEL, masterSecret, + SecretKey aliceHeaderKey = crypto.deriveKey(ALICE_KEY_LABEL, masterKey, + new byte[] {PROTOCOL_VERSION}); + SecretKey bobHeaderKey = crypto.deriveKey(BOB_KEY_LABEL, masterKey, new byte[] {PROTOCOL_VERSION}); // Create the readers @@ -163,9 +163,9 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask { .createRecordWriter(streamWriter.getOutputStream()); // Derive the nonces to be signed - byte[] aliceNonce = crypto.mac(ALICE_NONCE_LABEL, masterSecret, + byte[] aliceNonce = crypto.mac(ALICE_NONCE_LABEL, masterKey, new byte[] {PROTOCOL_VERSION}); - byte[] bobNonce = crypto.mac(BOB_NONCE_LABEL, masterSecret, + byte[] bobNonce = crypto.mac(BOB_NONCE_LABEL, masterKey, new byte[] {PROTOCOL_VERSION}); byte[] localNonce = alice ? aliceNonce : bobNonce; byte[] remoteNonce = alice ? bobNonce : aliceNonce; @@ -293,7 +293,7 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask { throws DbException { return db.transactionWithResult(false, txn -> { ContactId contactId = contactManager.addContact(txn, remoteAuthor, - localAuthor.getId(), masterSecret, timestamp, alice, + localAuthor.getId(), masterKey, timestamp, alice, true, true); transportPropertyManager.addRemoteProperties(txn, contactId, remoteProperties); diff --git a/bramble-core/src/main/java/org/briarproject/bramble/contact/ContactManagerImpl.java b/bramble-core/src/main/java/org/briarproject/bramble/contact/ContactManagerImpl.java index bee28f7d2..1bae6b16d 100644 --- a/bramble-core/src/main/java/org/briarproject/bramble/contact/ContactManagerImpl.java +++ b/bramble-core/src/main/java/org/briarproject/bramble/contact/ContactManagerImpl.java @@ -69,10 +69,10 @@ class ContactManagerImpl implements ContactManager { @Override public ContactId addContact(Transaction txn, Author remote, AuthorId local, - SecretKey master, long timestamp, boolean alice, boolean verified, + SecretKey rootKey, long timestamp, boolean alice, boolean verified, boolean active) throws DbException { ContactId c = db.addContact(txn, remote, local, verified, active); - keyManager.addContact(txn, c, master, timestamp, alice, active); + keyManager.addContact(txn, c, rootKey, timestamp, alice, active); Contact contact = db.getContact(txn, c); for (ContactHook hook : hooks) hook.addingContact(txn, contact); return c; @@ -88,11 +88,11 @@ class ContactManagerImpl implements ContactManager { } @Override - public ContactId addContact(Author remote, AuthorId local, SecretKey master, - long timestamp, boolean alice, boolean verified, boolean active) - throws DbException { + public ContactId addContact(Author remote, AuthorId local, + SecretKey rootKey, long timestamp, boolean alice, boolean verified, + boolean active) throws DbException { return db.transactionWithResult(false, txn -> - addContact(txn, remote, local, master, timestamp, alice, + addContact(txn, remote, local, rootKey, timestamp, alice, verified, active)); } diff --git a/bramble-core/src/main/java/org/briarproject/bramble/crypto/TransportCryptoImpl.java b/bramble-core/src/main/java/org/briarproject/bramble/crypto/TransportCryptoImpl.java index a05b2487b..350fd2257 100644 --- a/bramble-core/src/main/java/org/briarproject/bramble/crypto/TransportCryptoImpl.java +++ b/bramble-core/src/main/java/org/briarproject/bramble/crypto/TransportCryptoImpl.java @@ -43,12 +43,12 @@ class TransportCryptoImpl implements TransportCrypto { @Override public TransportKeys deriveTransportKeys(TransportId t, - SecretKey master, long timePeriod, boolean alice, boolean active) { - // Keys for the previous period are derived from the master secret - SecretKey inTagPrev = deriveTagKey(master, t, !alice); - SecretKey inHeaderPrev = deriveHeaderKey(master, t, !alice); - SecretKey outTagPrev = deriveTagKey(master, t, alice); - SecretKey outHeaderPrev = deriveHeaderKey(master, t, alice); + SecretKey rootKey, long timePeriod, boolean alice, boolean active) { + // Keys for the previous period are derived from the root key + SecretKey inTagPrev = deriveTagKey(rootKey, t, !alice); + SecretKey inHeaderPrev = deriveHeaderKey(rootKey, t, !alice); + SecretKey outTagPrev = deriveTagKey(rootKey, t, alice); + SecretKey outHeaderPrev = deriveHeaderKey(rootKey, t, alice); // Derive the keys for the current and next periods SecretKey inTagCurr = rotateKey(inTagPrev, timePeriod); SecretKey inHeaderCurr = rotateKey(inHeaderPrev, timePeriod); @@ -70,8 +70,7 @@ class TransportCryptoImpl implements TransportCrypto { } @Override - public TransportKeys rotateTransportKeys(TransportKeys k, - long timePeriod) { + public TransportKeys rotateTransportKeys(TransportKeys k, long timePeriod) { if (k.getTimePeriod() >= timePeriod) return k; IncomingKeys inPrev = k.getPreviousIncomingKeys(); IncomingKeys inCurr = k.getCurrentIncomingKeys(); @@ -101,18 +100,18 @@ class TransportCryptoImpl implements TransportCrypto { return crypto.deriveKey(ROTATE_LABEL, k, period); } - private SecretKey deriveTagKey(SecretKey master, TransportId t, + private SecretKey deriveTagKey(SecretKey rootKey, TransportId t, boolean alice) { String label = alice ? ALICE_TAG_LABEL : BOB_TAG_LABEL; byte[] id = toUtf8(t.getString()); - return crypto.deriveKey(label, master, id); + return crypto.deriveKey(label, rootKey, id); } - private SecretKey deriveHeaderKey(SecretKey master, TransportId t, + private SecretKey deriveHeaderKey(SecretKey rootKey, TransportId t, boolean alice) { String label = alice ? ALICE_HEADER_LABEL : BOB_HEADER_LABEL; byte[] id = toUtf8(t.getString()); - return crypto.deriveKey(label, master, id); + return crypto.deriveKey(label, rootKey, id); } @Override @@ -146,23 +145,23 @@ class TransportCryptoImpl implements TransportCrypto { return new OutgoingKeys(tag, header, timePeriod, true); } - private SecretKey deriveStaticTagKey(TransportId t, SecretKey root, + private SecretKey deriveStaticTagKey(TransportId t, SecretKey rootKey, boolean alice, long timePeriod) { String label = alice ? ALICE_STATIC_TAG_LABEL : BOB_STATIC_TAG_LABEL; byte[] id = toUtf8(t.getString()); byte[] period = new byte[INT_64_BYTES]; writeUint64(timePeriod, period, 0); - return crypto.deriveKey(label, root, id, period); + return crypto.deriveKey(label, rootKey, id, period); } - private SecretKey deriveStaticHeaderKey(TransportId t, SecretKey root, + private SecretKey deriveStaticHeaderKey(TransportId t, SecretKey rootKey, boolean alice, long timePeriod) { String label = alice ? ALICE_STATIC_HEADER_LABEL : BOB_STATIC_HEADER_LABEL; byte[] id = toUtf8(t.getString()); byte[] period = new byte[INT_64_BYTES]; writeUint64(timePeriod, period, 0); - return crypto.deriveKey(label, root, id, period); + return crypto.deriveKey(label, rootKey, id, period); } @Override diff --git a/bramble-core/src/main/java/org/briarproject/bramble/keyagreement/KeyAgreementProtocol.java b/bramble-core/src/main/java/org/briarproject/bramble/keyagreement/KeyAgreementProtocol.java index 5825c9500..682041c90 100644 --- a/bramble-core/src/main/java/org/briarproject/bramble/keyagreement/KeyAgreementProtocol.java +++ b/bramble-core/src/main/java/org/briarproject/bramble/keyagreement/KeyAgreementProtocol.java @@ -14,7 +14,7 @@ import java.io.IOException; import java.security.GeneralSecurityException; import java.util.Arrays; -import static org.briarproject.bramble.api.keyagreement.KeyAgreementConstants.MASTER_SECRET_LABEL; +import static org.briarproject.bramble.api.keyagreement.KeyAgreementConstants.MASTER_KEY_LABEL; import static org.briarproject.bramble.api.keyagreement.KeyAgreementConstants.PROTOCOL_VERSION; import static org.briarproject.bramble.api.keyagreement.KeyAgreementConstants.SHARED_SECRET_LABEL; @@ -90,7 +90,7 @@ class KeyAgreementProtocol { /** * Perform the BQP protocol. * - * @return the negotiated master secret. + * @return the negotiated master key. * @throws AbortException when the protocol may have been tampered with. * @throws IOException for all other other connection errors. */ @@ -115,7 +115,7 @@ class KeyAgreementProtocol { receiveConfirm(s, theirPublicKey); sendConfirm(s, theirPublicKey); } - return crypto.deriveKey(MASTER_SECRET_LABEL, s); + return crypto.deriveKey(MASTER_KEY_LABEL, s); } catch (AbortException e) { sendAbort(e.getCause() != null); throw e; diff --git a/bramble-core/src/main/java/org/briarproject/bramble/keyagreement/KeyAgreementTaskImpl.java b/bramble-core/src/main/java/org/briarproject/bramble/keyagreement/KeyAgreementTaskImpl.java index b6e994231..e2735c394 100644 --- a/bramble-core/src/main/java/org/briarproject/bramble/keyagreement/KeyAgreementTaskImpl.java +++ b/bramble-core/src/main/java/org/briarproject/bramble/keyagreement/KeyAgreementTaskImpl.java @@ -114,9 +114,9 @@ class KeyAgreementTaskImpl extends Thread implements KeyAgreementTask, keyAgreementCrypto, payloadEncoder, transport, remotePayload, localPayload, localKeyPair, alice); try { - SecretKey master = protocol.perform(); + SecretKey masterKey = protocol.perform(); KeyAgreementResult result = - new KeyAgreementResult(master, transport.getConnection(), + new KeyAgreementResult(masterKey, transport.getConnection(), transport.getTransportId(), alice); LOG.info("Finished BQP protocol"); // Broadcast result to caller diff --git a/bramble-core/src/main/java/org/briarproject/bramble/transport/KeyManagerImpl.java b/bramble-core/src/main/java/org/briarproject/bramble/transport/KeyManagerImpl.java index 624c8b2b8..482ee5b7f 100644 --- a/bramble-core/src/main/java/org/briarproject/bramble/transport/KeyManagerImpl.java +++ b/bramble-core/src/main/java/org/briarproject/bramble/transport/KeyManagerImpl.java @@ -96,13 +96,13 @@ class KeyManagerImpl implements KeyManager, Service, EventListener { @Override public Map addContact(Transaction txn, ContactId c, - SecretKey master, long timestamp, boolean alice, boolean active) + SecretKey rootKey, long timestamp, boolean alice, boolean active) throws DbException { Map ids = new HashMap<>(); for (Entry e : managers.entrySet()) { TransportId t = e.getKey(); TransportKeyManager m = e.getValue(); - ids.put(t, m.addContact(txn, c, master, timestamp, alice, active)); + ids.put(t, m.addContact(txn, c, rootKey, timestamp, alice, active)); } return ids; } diff --git a/bramble-core/src/main/java/org/briarproject/bramble/transport/TransportKeyManager.java b/bramble-core/src/main/java/org/briarproject/bramble/transport/TransportKeyManager.java index b407db16c..fa3f54e11 100644 --- a/bramble-core/src/main/java/org/briarproject/bramble/transport/TransportKeyManager.java +++ b/bramble-core/src/main/java/org/briarproject/bramble/transport/TransportKeyManager.java @@ -15,7 +15,7 @@ interface TransportKeyManager { void start(Transaction txn) throws DbException; - KeySetId addContact(Transaction txn, ContactId c, SecretKey master, + KeySetId addContact(Transaction txn, ContactId c, SecretKey rootKey, long timestamp, boolean alice, boolean active) throws DbException; void activateKeys(Transaction txn, KeySetId k) throws DbException; diff --git a/bramble-core/src/main/java/org/briarproject/bramble/transport/TransportKeyManagerImpl.java b/bramble-core/src/main/java/org/briarproject/bramble/transport/TransportKeyManagerImpl.java index f23ad45f3..d5442f356 100644 --- a/bramble-core/src/main/java/org/briarproject/bramble/transport/TransportKeyManagerImpl.java +++ b/bramble-core/src/main/java/org/briarproject/bramble/transport/TransportKeyManagerImpl.java @@ -170,7 +170,7 @@ class TransportKeyManagerImpl implements TransportKeyManager { } @Override - public KeySetId addContact(Transaction txn, ContactId c, SecretKey master, + public KeySetId addContact(Transaction txn, ContactId c, SecretKey rootKey, long timestamp, boolean alice, boolean active) throws DbException { lock.lock(); try { @@ -178,7 +178,7 @@ class TransportKeyManagerImpl implements TransportKeyManager { long timePeriod = timestamp / timePeriodLength; // Derive the transport keys TransportKeys k = transportCrypto.deriveTransportKeys(transportId, - master, timePeriod, alice, active); + rootKey, timePeriod, alice, active); // Rotate the keys to the current time period if necessary timePeriod = clock.currentTimeMillis() / timePeriodLength; k = transportCrypto.rotateTransportKeys(k, timePeriod); diff --git a/bramble-core/src/test/java/org/briarproject/bramble/contact/ContactManagerImplTest.java b/bramble-core/src/test/java/org/briarproject/bramble/contact/ContactManagerImplTest.java index 375fcade5..9289bf4e8 100644 --- a/bramble-core/src/test/java/org/briarproject/bramble/contact/ContactManagerImplTest.java +++ b/bramble-core/src/test/java/org/briarproject/bramble/contact/ContactManagerImplTest.java @@ -64,7 +64,7 @@ public class ContactManagerImplTest extends BrambleMockTestCase { @Test public void testAddContact() throws Exception { - SecretKey master = getSecretKey(); + SecretKey rootKey = getSecretKey(); long timestamp = System.currentTimeMillis(); boolean alice = new Random().nextBoolean(); Transaction txn = new Transaction(null, false); @@ -73,14 +73,14 @@ public class ContactManagerImplTest extends BrambleMockTestCase { oneOf(db).transactionWithResult(with(false), withDbCallable(txn)); oneOf(db).addContact(txn, remote, local, verified, active); will(returnValue(contactId)); - oneOf(keyManager).addContact(txn, contactId, master, timestamp, + oneOf(keyManager).addContact(txn, contactId, rootKey, timestamp, alice, active); oneOf(db).getContact(txn, contactId); will(returnValue(contact)); }}); assertEquals(contactId, contactManager.addContact(remote, local, - master, timestamp, alice, verified, active)); + rootKey, timestamp, alice, verified, active)); } @Test diff --git a/bramble-core/src/test/java/org/briarproject/bramble/crypto/KeyDerivationTest.java b/bramble-core/src/test/java/org/briarproject/bramble/crypto/KeyDerivationTest.java index 41bbc11db..33c13753b 100644 --- a/bramble-core/src/test/java/org/briarproject/bramble/crypto/KeyDerivationTest.java +++ b/bramble-core/src/test/java/org/briarproject/bramble/crypto/KeyDerivationTest.java @@ -30,12 +30,12 @@ public class KeyDerivationTest extends BrambleTestCase { private final TransportCrypto transportCrypto = new TransportCryptoImpl(crypto); private final TransportId transportId = getTransportId(); - private final SecretKey master = getSecretKey(); + private final SecretKey rootKey = getSecretKey(); @Test public void testKeysAreDistinct() { TransportKeys k = transportCrypto.deriveTransportKeys(transportId, - master, 123, true, true); + rootKey, 123, true, true); assertAllDifferent(k); } @@ -43,9 +43,9 @@ public class KeyDerivationTest extends BrambleTestCase { public void testCurrentKeysMatchCurrentKeysOfContact() { // Start in time period 123 TransportKeys kA = transportCrypto.deriveTransportKeys(transportId, - master, 123, true, true); + rootKey, 123, true, true); TransportKeys kB = transportCrypto.deriveTransportKeys(transportId, - master, 123, false, true); + rootKey, 123, false, true); // Alice's incoming keys should equal Bob's outgoing keys assertArrayEquals(kA.getCurrentIncomingKeys().getTagKey().getBytes(), kB.getCurrentOutgoingKeys().getTagKey().getBytes()); @@ -75,9 +75,9 @@ public class KeyDerivationTest extends BrambleTestCase { public void testPreviousKeysMatchPreviousKeysOfContact() { // Start in time period 123 TransportKeys kA = transportCrypto.deriveTransportKeys(transportId, - master, 123, true, true); + rootKey, 123, true, true); TransportKeys kB = transportCrypto.deriveTransportKeys(transportId, - master, 123, false, true); + rootKey, 123, false, true); // Compare Alice's previous keys in period 456 with Bob's current keys // in period 455 kA = transportCrypto.rotateTransportKeys(kA, 456); @@ -102,9 +102,9 @@ public class KeyDerivationTest extends BrambleTestCase { public void testNextKeysMatchNextKeysOfContact() { // Start in time period 123 TransportKeys kA = transportCrypto.deriveTransportKeys(transportId, - master, 123, true, true); + rootKey, 123, true, true); TransportKeys kB = transportCrypto.deriveTransportKeys(transportId, - master, 123, false, true); + rootKey, 123, false, true); // Compare Alice's current keys in period 456 with Bob's next keys in // period 455 kA = transportCrypto.rotateTransportKeys(kA, 456); @@ -125,13 +125,13 @@ public class KeyDerivationTest extends BrambleTestCase { } @Test - public void testMasterKeyAffectsOutput() { - SecretKey master1 = getSecretKey(); - assertFalse(Arrays.equals(master.getBytes(), master1.getBytes())); + public void testRootKeyAffectsOutput() { + SecretKey rootKey1 = getSecretKey(); + assertFalse(Arrays.equals(rootKey.getBytes(), rootKey1.getBytes())); TransportKeys k = transportCrypto.deriveTransportKeys(transportId, - master, 123, true, true); + rootKey, 123, true, true); TransportKeys k1 = transportCrypto.deriveTransportKeys(transportId, - master1, 123, true, true); + rootKey1, 123, true, true); assertAllDifferent(k, k1); } @@ -140,9 +140,9 @@ public class KeyDerivationTest extends BrambleTestCase { TransportId transportId1 = getTransportId(); assertNotEquals(transportId.getString(), transportId1.getString()); TransportKeys k = transportCrypto.deriveTransportKeys(transportId, - master, 123, true, true); + rootKey, 123, true, true); TransportKeys k1 = transportCrypto.deriveTransportKeys(transportId1, - master, 123, true, true); + rootKey, 123, true, true); assertAllDifferent(k, k1); } diff --git a/bramble-core/src/test/java/org/briarproject/bramble/keyagreement/KeyAgreementProtocolTest.java b/bramble-core/src/test/java/org/briarproject/bramble/keyagreement/KeyAgreementProtocolTest.java index e070db6a9..516f7f1b2 100644 --- a/bramble-core/src/test/java/org/briarproject/bramble/keyagreement/KeyAgreementProtocolTest.java +++ b/bramble-core/src/test/java/org/briarproject/bramble/keyagreement/KeyAgreementProtocolTest.java @@ -17,7 +17,7 @@ import org.junit.Rule; import org.junit.Test; import static org.briarproject.bramble.api.keyagreement.KeyAgreementConstants.COMMIT_LENGTH; -import static org.briarproject.bramble.api.keyagreement.KeyAgreementConstants.MASTER_SECRET_LABEL; +import static org.briarproject.bramble.api.keyagreement.KeyAgreementConstants.MASTER_KEY_LABEL; import static org.briarproject.bramble.api.keyagreement.KeyAgreementConstants.PROTOCOL_VERSION; import static org.briarproject.bramble.api.keyagreement.KeyAgreementConstants.SHARED_SECRET_LABEL; import static org.briarproject.bramble.test.TestUtils.getRandomBytes; @@ -74,7 +74,7 @@ public class KeyAgreementProtocolTest extends BrambleTestCase { Payload ourPayload = new Payload(aliceCommit, null); KeyPair ourKeyPair = new KeyPair(ourPubKey, null); SecretKey sharedSecret = getSecretKey(); - SecretKey masterSecret = getSecretKey(); + SecretKey masterKey = getSecretKey(); KeyAgreementProtocol protocol = new KeyAgreementProtocol(callbacks, crypto, keyAgreementCrypto, payloadEncoder, transport, @@ -134,13 +134,13 @@ public class KeyAgreementProtocolTest extends BrambleTestCase { true, false); will(returnValue(bobConfirm)); - // Alice computes master secret - oneOf(crypto).deriveKey(MASTER_SECRET_LABEL, sharedSecret); - will(returnValue(masterSecret)); + // Alice derives master key + oneOf(crypto).deriveKey(MASTER_KEY_LABEL, sharedSecret); + will(returnValue(masterKey)); }}); // execute - assertThat(masterSecret, is(equalTo(protocol.perform()))); + assertThat(masterKey, is(equalTo(protocol.perform()))); } @Test @@ -150,7 +150,7 @@ public class KeyAgreementProtocolTest extends BrambleTestCase { Payload ourPayload = new Payload(bobCommit, null); KeyPair ourKeyPair = new KeyPair(ourPubKey, null); SecretKey sharedSecret = getSecretKey(); - SecretKey masterSecret = getSecretKey(); + SecretKey masterKey = getSecretKey(); KeyAgreementProtocol protocol = new KeyAgreementProtocol(callbacks, crypto, keyAgreementCrypto, payloadEncoder, transport, @@ -209,13 +209,13 @@ public class KeyAgreementProtocolTest extends BrambleTestCase { will(returnValue(bobConfirm)); oneOf(transport).sendConfirm(bobConfirm); - // Bob computes master secret - oneOf(crypto).deriveKey(MASTER_SECRET_LABEL, sharedSecret); - will(returnValue(masterSecret)); + // Bob derives master key + oneOf(crypto).deriveKey(MASTER_KEY_LABEL, sharedSecret); + will(returnValue(masterKey)); }}); // execute - assertThat(masterSecret, is(equalTo(protocol.perform()))); + assertThat(masterKey, is(equalTo(protocol.perform()))); } @Test(expected = AbortException.class) @@ -373,8 +373,8 @@ public class KeyAgreementProtocolTest extends BrambleTestCase { // Alice aborts oneOf(transport).sendAbort(false); - // Alice never computes master secret - never(crypto).deriveKey(MASTER_SECRET_LABEL, sharedSecret); + // Alice never derives master key + never(crypto).deriveKey(MASTER_KEY_LABEL, sharedSecret); }}); // execute diff --git a/bramble-core/src/test/java/org/briarproject/bramble/transport/TransportKeyManagerImplTest.java b/bramble-core/src/test/java/org/briarproject/bramble/transport/TransportKeyManagerImplTest.java index 8b79d4849..2f0b7d58a 100644 --- a/bramble-core/src/test/java/org/briarproject/bramble/transport/TransportKeyManagerImplTest.java +++ b/bramble-core/src/test/java/org/briarproject/bramble/transport/TransportKeyManagerImplTest.java @@ -64,7 +64,7 @@ public class TransportKeyManagerImplTest extends BrambleMockTestCase { private final KeySetId keySetId1 = new KeySetId(456); private final SecretKey tagKey = TestUtils.getSecretKey(); private final SecretKey headerKey = TestUtils.getSecretKey(); - private final SecretKey masterKey = TestUtils.getSecretKey(); + private final SecretKey rootKey = TestUtils.getSecretKey(); private final Random random = new Random(); @Test @@ -120,7 +120,7 @@ public class TransportKeyManagerImplTest extends BrambleMockTestCase { Transaction txn = new Transaction(null, false); context.checking(new Expectations() {{ - oneOf(transportCrypto).deriveTransportKeys(transportId, masterKey, + oneOf(transportCrypto).deriveTransportKeys(transportId, rootKey, 999, alice, true); will(returnValue(transportKeys)); // Get the current time (1 ms after start of time period 1000) @@ -147,7 +147,7 @@ public class TransportKeyManagerImplTest extends BrambleMockTestCase { // The timestamp is 1 ms before the start of time period 1000 long timestamp = timePeriodLength * 1000 - 1; assertEquals(keySetId, transportKeyManager.addContact(txn, contactId, - masterKey, timestamp, alice, true)); + rootKey, timestamp, alice, true)); assertTrue(transportKeyManager.canSendOutgoingStreams(contactId)); } @@ -180,7 +180,7 @@ public class TransportKeyManagerImplTest extends BrambleMockTestCase { // The timestamp is at the start of time period 1000 long timestamp = timePeriodLength * 1000; assertEquals(keySetId, transportKeyManager.addContact(txn, contactId, - masterKey, timestamp, alice, true)); + rootKey, timestamp, alice, true)); assertFalse(transportKeyManager.canSendOutgoingStreams(contactId)); assertNull(transportKeyManager.getStreamContext(txn, contactId)); } @@ -206,7 +206,7 @@ public class TransportKeyManagerImplTest extends BrambleMockTestCase { // The timestamp is at the start of time period 1000 long timestamp = timePeriodLength * 1000; assertEquals(keySetId, transportKeyManager.addContact(txn, contactId, - masterKey, timestamp, alice, true)); + rootKey, timestamp, alice, true)); // The first request should return a stream context assertTrue(transportKeyManager.canSendOutgoingStreams(contactId)); StreamContext ctx = transportKeyManager.getStreamContext(txn, @@ -238,7 +238,7 @@ public class TransportKeyManagerImplTest extends BrambleMockTestCase { // The timestamp is at the start of time period 1000 long timestamp = timePeriodLength * 1000; assertEquals(keySetId, transportKeyManager.addContact(txn, contactId, - masterKey, timestamp, alice, active)); + rootKey, timestamp, alice, active)); assertEquals(active, transportKeyManager.canSendOutgoingStreams(contactId)); // The tag should not be recognised @@ -256,7 +256,7 @@ public class TransportKeyManagerImplTest extends BrambleMockTestCase { List tags = new ArrayList<>(); context.checking(new Expectations() {{ - oneOf(transportCrypto).deriveTransportKeys(transportId, masterKey, + oneOf(transportCrypto).deriveTransportKeys(transportId, rootKey, 1000, alice, true); will(returnValue(transportKeys)); // Get the current time (the start of time period 1000) @@ -291,7 +291,7 @@ public class TransportKeyManagerImplTest extends BrambleMockTestCase { // The timestamp is at the start of time period 1000 long timestamp = timePeriodLength * 1000; assertEquals(keySetId, transportKeyManager.addContact(txn, contactId, - masterKey, timestamp, alice, true)); + rootKey, timestamp, alice, true)); assertTrue(transportKeyManager.canSendOutgoingStreams(contactId)); // Use the first tag (previous time period, stream number 0) assertEquals(REORDERING_WINDOW_SIZE * 3, tags.size()); @@ -394,7 +394,7 @@ public class TransportKeyManagerImplTest extends BrambleMockTestCase { // The timestamp is at the start of time period 1000 long timestamp = timePeriodLength * 1000; assertEquals(keySetId, transportKeyManager.addContact(txn, contactId, - masterKey, timestamp, alice, false)); + rootKey, timestamp, alice, false)); // The keys are inactive so no stream context should be returned assertFalse(transportKeyManager.canSendOutgoingStreams(contactId)); assertNull(transportKeyManager.getStreamContext(txn, contactId)); @@ -421,7 +421,7 @@ public class TransportKeyManagerImplTest extends BrambleMockTestCase { List tags = new ArrayList<>(); context.checking(new Expectations() {{ - oneOf(transportCrypto).deriveTransportKeys(transportId, masterKey, + oneOf(transportCrypto).deriveTransportKeys(transportId, rootKey, 1000, alice, false); will(returnValue(transportKeys)); // Get the current time (the start of time period 1000) @@ -460,7 +460,7 @@ public class TransportKeyManagerImplTest extends BrambleMockTestCase { // The timestamp is at the start of time period 1000 long timestamp = timePeriodLength * 1000; assertEquals(keySetId, transportKeyManager.addContact(txn, contactId, - masterKey, timestamp, alice, false)); + rootKey, timestamp, alice, false)); // The keys are inactive so no stream context should be returned assertFalse(transportKeyManager.canSendOutgoingStreams(contactId)); assertNull(transportKeyManager.getStreamContext(txn, contactId)); @@ -488,7 +488,7 @@ public class TransportKeyManagerImplTest extends BrambleMockTestCase { private void expectAddContactNoRotation(boolean alice, boolean active, TransportKeys transportKeys, Transaction txn) throws Exception { context.checking(new Expectations() {{ - oneOf(transportCrypto).deriveTransportKeys(transportId, masterKey, + oneOf(transportCrypto).deriveTransportKeys(transportId, rootKey, 1000, alice, active); will(returnValue(transportKeys)); // Get the current time (the start of time period 1000) diff --git a/briar-core/src/main/java/org/briarproject/briar/introduction/IntroductionCrypto.java b/briar-core/src/main/java/org/briarproject/briar/introduction/IntroductionCrypto.java index 37f7aa10f..79b77a149 100644 --- a/briar-core/src/main/java/org/briarproject/briar/introduction/IntroductionCrypto.java +++ b/briar-core/src/main/java/org/briarproject/briar/introduction/IntroductionCrypto.java @@ -41,7 +41,8 @@ interface IntroductionCrypto { /** * Derives a MAC key from the session's master key for Alice or Bob. * - * @param masterKey The key returned by {@link #deriveMasterKey(IntroduceeSession)} + * @param masterKey The key returned by + * {@link #deriveMasterKey(IntroduceeSession)} * @param alice true for Alice's MAC key, false for Bob's * @return The MAC key */ diff --git a/briar-core/src/test/java/org/briarproject/briar/messaging/SimplexMessagingIntegrationTest.java b/briar-core/src/test/java/org/briarproject/briar/messaging/SimplexMessagingIntegrationTest.java index af0c4bea9..bbe1baaf3 100644 --- a/briar-core/src/test/java/org/briarproject/briar/messaging/SimplexMessagingIntegrationTest.java +++ b/briar-core/src/test/java/org/briarproject/briar/messaging/SimplexMessagingIntegrationTest.java @@ -56,7 +56,7 @@ public class SimplexMessagingIntegrationTest extends BriarTestCase { private final File testDir = getTestDirectory(); private final File aliceDir = new File(testDir, "alice"); private final File bobDir = new File(testDir, "bob"); - private final SecretKey master = getSecretKey(); + private final SecretKey rootKey = getSecretKey(); private final long timestamp = System.currentTimeMillis(); private SimplexMessagingIntegrationTestComponent alice, bob; @@ -110,7 +110,7 @@ public class SimplexMessagingIntegrationTest extends BriarTestCase { lifecycleManager.waitForStartup(); // Add the other user as a contact ContactManager contactManager = device.getContactManager(); - return contactManager.addContact(remote, local.getId(), master, + return contactManager.addContact(remote, local.getId(), rootKey, timestamp, alice, true, true); }