Kaladaran/briar
0
0
Fork 0
mirror of https://code.briarproject.org/briar/briar.git synced 2026-02-14 19:59:05 +01:00
Code Issues Projects Releases Wiki Activity

Fix master secret/master key/root key terminology.

Browse Source 
In the key agreement, contact exchange and introduction protocols we
refer to the master key. In the transport protocol we refer to the root
key. When adding a contact in person, the key agreement protocol's
master key is used as the transport root key. When a contact is
introduced, the introduction protocol's master key is used as the
transport root key.
This commit is contained in:
akwizgran
2019-04-10 14:30:01 +01:00
parent d4b929fc6c
commit d5ac2c9ead
20 changed files with 103 additions and 105 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
bramble-core/src/test/java/org/briarproject/bramble/contact/ContactManagerImplTest.java
View File

@@ -64,7 +64,7 @@ public class ContactManagerImplTest extends BrambleMockTestCase {
@Test
public void testAddContact() throws Exception {
SecretKey master = getSecretKey();
SecretKey rootKey = getSecretKey();
long timestamp = System.currentTimeMillis();
boolean alice = new Random().nextBoolean();
Transaction txn = new Transaction(null, false);
@@ -73,14 +73,14 @@ public class ContactManagerImplTest extends BrambleMockTestCase {
oneOf(db).transactionWithResult(with(false), withDbCallable(txn));
oneOf(db).addContact(txn, remote, local, verified, active);
will(returnValue(contactId));
oneOf(keyManager).addContact(txn, contactId, master, timestamp,
oneOf(keyManager).addContact(txn, contactId, rootKey, timestamp,
alice, active);
oneOf(db).getContact(txn, contactId);
will(returnValue(contact));
}});
assertEquals(contactId, contactManager.addContact(remote, local,
master, timestamp, alice, verified, active));
rootKey, timestamp, alice, verified, active));
}
@Test

30
bramble-core/src/test/java/org/briarproject/bramble/crypto/KeyDerivationTest.java
View File

@@ -30,12 +30,12 @@ public class KeyDerivationTest extends BrambleTestCase {
private final TransportCrypto transportCrypto =
new TransportCryptoImpl(crypto);
private final TransportId transportId = getTransportId();
private final SecretKey master = getSecretKey();
private final SecretKey rootKey = getSecretKey();
@Test
public void testKeysAreDistinct() {
TransportKeys k = transportCrypto.deriveTransportKeys(transportId,
master, 123, true, true);
rootKey, 123, true, true);
assertAllDifferent(k);
}
@@ -43,9 +43,9 @@ public class KeyDerivationTest extends BrambleTestCase {
public void testCurrentKeysMatchCurrentKeysOfContact() {
// Start in time period 123
TransportKeys kA = transportCrypto.deriveTransportKeys(transportId,
master, 123, true, true);
rootKey, 123, true, true);
TransportKeys kB = transportCrypto.deriveTransportKeys(transportId,
master, 123, false, true);
rootKey, 123, false, true);
// Alice's incoming keys should equal Bob's outgoing keys
assertArrayEquals(kA.getCurrentIncomingKeys().getTagKey().getBytes(),
kB.getCurrentOutgoingKeys().getTagKey().getBytes());
@@ -75,9 +75,9 @@ public class KeyDerivationTest extends BrambleTestCase {
public void testPreviousKeysMatchPreviousKeysOfContact() {
// Start in time period 123
TransportKeys kA = transportCrypto.deriveTransportKeys(transportId,
master, 123, true, true);
rootKey, 123, true, true);
TransportKeys kB = transportCrypto.deriveTransportKeys(transportId,
master, 123, false, true);
rootKey, 123, false, true);
// Compare Alice's previous keys in period 456 with Bob's current keys
// in period 455
kA = transportCrypto.rotateTransportKeys(kA, 456);
@@ -102,9 +102,9 @@ public class KeyDerivationTest extends BrambleTestCase {
public void testNextKeysMatchNextKeysOfContact() {
// Start in time period 123
TransportKeys kA = transportCrypto.deriveTransportKeys(transportId,
master, 123, true, true);
rootKey, 123, true, true);
TransportKeys kB = transportCrypto.deriveTransportKeys(transportId,
master, 123, false, true);
rootKey, 123, false, true);
// Compare Alice's current keys in period 456 with Bob's next keys in
// period 455
kA = transportCrypto.rotateTransportKeys(kA, 456);
@@ -125,13 +125,13 @@ public class KeyDerivationTest extends BrambleTestCase {
}
@Test
public void testMasterKeyAffectsOutput() {
SecretKey master1 = getSecretKey();
assertFalse(Arrays.equals(master.getBytes(), master1.getBytes()));
public void testRootKeyAffectsOutput() {
SecretKey rootKey1 = getSecretKey();
assertFalse(Arrays.equals(rootKey.getBytes(), rootKey1.getBytes()));
TransportKeys k = transportCrypto.deriveTransportKeys(transportId,
master, 123, true, true);
rootKey, 123, true, true);
TransportKeys k1 = transportCrypto.deriveTransportKeys(transportId,
master1, 123, true, true);
rootKey1, 123, true, true);
assertAllDifferent(k, k1);
}
@@ -140,9 +140,9 @@ public class KeyDerivationTest extends BrambleTestCase {
TransportId transportId1 = getTransportId();
assertNotEquals(transportId.getString(), transportId1.getString());
TransportKeys k = transportCrypto.deriveTransportKeys(transportId,
master, 123, true, true);
rootKey, 123, true, true);
TransportKeys k1 = transportCrypto.deriveTransportKeys(transportId1,
master, 123, true, true);
rootKey, 123, true, true);
assertAllDifferent(k, k1);
}

26
bramble-core/src/test/java/org/briarproject/bramble/keyagreement/KeyAgreementProtocolTest.java
View File

@@ -17,7 +17,7 @@ import org.junit.Rule;
import org.junit.Test;
import static org.briarproject.bramble.api.keyagreement.KeyAgreementConstants.COMMIT_LENGTH;
import static org.briarproject.bramble.api.keyagreement.KeyAgreementConstants.MASTER_SECRET_LABEL;
import static org.briarproject.bramble.api.keyagreement.KeyAgreementConstants.MASTER_KEY_LABEL;
import static org.briarproject.bramble.api.keyagreement.KeyAgreementConstants.PROTOCOL_VERSION;
import static org.briarproject.bramble.api.keyagreement.KeyAgreementConstants.SHARED_SECRET_LABEL;
import static org.briarproject.bramble.test.TestUtils.getRandomBytes;
@@ -74,7 +74,7 @@ public class KeyAgreementProtocolTest extends BrambleTestCase {
Payload ourPayload = new Payload(aliceCommit, null);
KeyPair ourKeyPair = new KeyPair(ourPubKey, null);
SecretKey sharedSecret = getSecretKey();
SecretKey masterSecret = getSecretKey();
SecretKey masterKey = getSecretKey();
KeyAgreementProtocol protocol = new KeyAgreementProtocol(callbacks,
crypto, keyAgreementCrypto, payloadEncoder, transport,
@@ -134,13 +134,13 @@ public class KeyAgreementProtocolTest extends BrambleTestCase {
true, false);
will(returnValue(bobConfirm));
// Alice computes master secret
oneOf(crypto).deriveKey(MASTER_SECRET_LABEL, sharedSecret);
will(returnValue(masterSecret));
// Alice derives master key
oneOf(crypto).deriveKey(MASTER_KEY_LABEL, sharedSecret);
will(returnValue(masterKey));
}});
// execute
assertThat(masterSecret, is(equalTo(protocol.perform())));
assertThat(masterKey, is(equalTo(protocol.perform())));
}
@Test
@@ -150,7 +150,7 @@ public class KeyAgreementProtocolTest extends BrambleTestCase {
Payload ourPayload = new Payload(bobCommit, null);
KeyPair ourKeyPair = new KeyPair(ourPubKey, null);
SecretKey sharedSecret = getSecretKey();
SecretKey masterSecret = getSecretKey();
SecretKey masterKey = getSecretKey();
KeyAgreementProtocol protocol = new KeyAgreementProtocol(callbacks,
crypto, keyAgreementCrypto, payloadEncoder, transport,
@@ -209,13 +209,13 @@ public class KeyAgreementProtocolTest extends BrambleTestCase {
will(returnValue(bobConfirm));
oneOf(transport).sendConfirm(bobConfirm);
// Bob computes master secret
oneOf(crypto).deriveKey(MASTER_SECRET_LABEL, sharedSecret);
will(returnValue(masterSecret));
// Bob derives master key
oneOf(crypto).deriveKey(MASTER_KEY_LABEL, sharedSecret);
will(returnValue(masterKey));
}});
// execute
assertThat(masterSecret, is(equalTo(protocol.perform())));
assertThat(masterKey, is(equalTo(protocol.perform())));
}
@Test(expected = AbortException.class)
@@ -373,8 +373,8 @@ public class KeyAgreementProtocolTest extends BrambleTestCase {
// Alice aborts
oneOf(transport).sendAbort(false);
// Alice never computes master secret
never(crypto).deriveKey(MASTER_SECRET_LABEL, sharedSecret);
// Alice never derives master key
never(crypto).deriveKey(MASTER_KEY_LABEL, sharedSecret);
}});
// execute

24
bramble-core/src/test/java/org/briarproject/bramble/transport/TransportKeyManagerImplTest.java
View File

@@ -64,7 +64,7 @@ public class TransportKeyManagerImplTest extends BrambleMockTestCase {
private final KeySetId keySetId1 = new KeySetId(456);
private final SecretKey tagKey = TestUtils.getSecretKey();
private final SecretKey headerKey = TestUtils.getSecretKey();
private final SecretKey masterKey = TestUtils.getSecretKey();
private final SecretKey rootKey = TestUtils.getSecretKey();
private final Random random = new Random();
@Test
@@ -120,7 +120,7 @@ public class TransportKeyManagerImplTest extends BrambleMockTestCase {
Transaction txn = new Transaction(null, false);
context.checking(new Expectations() {{
oneOf(transportCrypto).deriveTransportKeys(transportId, masterKey,
oneOf(transportCrypto).deriveTransportKeys(transportId, rootKey,
999, alice, true);
will(returnValue(transportKeys));
// Get the current time (1 ms after start of time period 1000)
@@ -147,7 +147,7 @@ public class TransportKeyManagerImplTest extends BrambleMockTestCase {
// The timestamp is 1 ms before the start of time period 1000
long timestamp = timePeriodLength * 1000 - 1;
assertEquals(keySetId, transportKeyManager.addContact(txn, contactId,
masterKey, timestamp, alice, true));
rootKey, timestamp, alice, true));
assertTrue(transportKeyManager.canSendOutgoingStreams(contactId));
}
@@ -180,7 +180,7 @@ public class TransportKeyManagerImplTest extends BrambleMockTestCase {
// The timestamp is at the start of time period 1000
long timestamp = timePeriodLength * 1000;
assertEquals(keySetId, transportKeyManager.addContact(txn, contactId,
masterKey, timestamp, alice, true));
rootKey, timestamp, alice, true));
assertFalse(transportKeyManager.canSendOutgoingStreams(contactId));
assertNull(transportKeyManager.getStreamContext(txn, contactId));
}
@@ -206,7 +206,7 @@ public class TransportKeyManagerImplTest extends BrambleMockTestCase {
// The timestamp is at the start of time period 1000
long timestamp = timePeriodLength * 1000;
assertEquals(keySetId, transportKeyManager.addContact(txn, contactId,
masterKey, timestamp, alice, true));
rootKey, timestamp, alice, true));
// The first request should return a stream context
assertTrue(transportKeyManager.canSendOutgoingStreams(contactId));
StreamContext ctx = transportKeyManager.getStreamContext(txn,
@@ -238,7 +238,7 @@ public class TransportKeyManagerImplTest extends BrambleMockTestCase {
// The timestamp is at the start of time period 1000
long timestamp = timePeriodLength * 1000;
assertEquals(keySetId, transportKeyManager.addContact(txn, contactId,
masterKey, timestamp, alice, active));
rootKey, timestamp, alice, active));
assertEquals(active,
transportKeyManager.canSendOutgoingStreams(contactId));
// The tag should not be recognised
@@ -256,7 +256,7 @@ public class TransportKeyManagerImplTest extends BrambleMockTestCase {
List<byte[]> tags = new ArrayList<>();
context.checking(new Expectations() {{
oneOf(transportCrypto).deriveTransportKeys(transportId, masterKey,
oneOf(transportCrypto).deriveTransportKeys(transportId, rootKey,
1000, alice, true);
will(returnValue(transportKeys));
// Get the current time (the start of time period 1000)
@@ -291,7 +291,7 @@ public class TransportKeyManagerImplTest extends BrambleMockTestCase {
// The timestamp is at the start of time period 1000
long timestamp = timePeriodLength * 1000;
assertEquals(keySetId, transportKeyManager.addContact(txn, contactId,
masterKey, timestamp, alice, true));
rootKey, timestamp, alice, true));
assertTrue(transportKeyManager.canSendOutgoingStreams(contactId));
// Use the first tag (previous time period, stream number 0)
assertEquals(REORDERING_WINDOW_SIZE * 3, tags.size());
@@ -394,7 +394,7 @@ public class TransportKeyManagerImplTest extends BrambleMockTestCase {
// The timestamp is at the start of time period 1000
long timestamp = timePeriodLength * 1000;
assertEquals(keySetId, transportKeyManager.addContact(txn, contactId,
masterKey, timestamp, alice, false));
rootKey, timestamp, alice, false));
// The keys are inactive so no stream context should be returned
assertFalse(transportKeyManager.canSendOutgoingStreams(contactId));
assertNull(transportKeyManager.getStreamContext(txn, contactId));
@@ -421,7 +421,7 @@ public class TransportKeyManagerImplTest extends BrambleMockTestCase {
List<byte[]> tags = new ArrayList<>();
context.checking(new Expectations() {{
oneOf(transportCrypto).deriveTransportKeys(transportId, masterKey,
oneOf(transportCrypto).deriveTransportKeys(transportId, rootKey,
1000, alice, false);
will(returnValue(transportKeys));
// Get the current time (the start of time period 1000)
@@ -460,7 +460,7 @@ public class TransportKeyManagerImplTest extends BrambleMockTestCase {
// The timestamp is at the start of time period 1000
long timestamp = timePeriodLength * 1000;
assertEquals(keySetId, transportKeyManager.addContact(txn, contactId,
masterKey, timestamp, alice, false));
rootKey, timestamp, alice, false));
// The keys are inactive so no stream context should be returned
assertFalse(transportKeyManager.canSendOutgoingStreams(contactId));
assertNull(transportKeyManager.getStreamContext(txn, contactId));
@@ -488,7 +488,7 @@ public class TransportKeyManagerImplTest extends BrambleMockTestCase {
private void expectAddContactNoRotation(boolean alice, boolean active,
TransportKeys transportKeys, Transaction txn) throws Exception {
context.checking(new Expectations() {{
oneOf(transportCrypto).deriveTransportKeys(transportId, masterKey,
oneOf(transportCrypto).deriveTransportKeys(transportId, rootKey,
1000, alice, active);
will(returnValue(transportKeys));
// Get the current time (the start of time period 1000)