Kaladaran/briar
0
0
Fork 0
mirror of https://code.briarproject.org/briar/briar.git synced 2026-02-12 10:49:06 +01:00
Code Issues Projects Releases Wiki Activity

Converted incoming encryption layer from frames to segments.

Browse Source
This commit is contained in:
akwizgran
2012-01-17 16:45:25 +00:00
parent 8c0020873c
commit f6ed6dd60b
23 changed files with 285 additions and 180 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
api/net/sf/briar/api/plugins/Segment.java
View File

@@ -2,8 +2,6 @@ package net.sf.briar.api.plugins;
public interface Segment {
void clear();
byte[] getBuffer();
int getLength();

5
components/net/sf/briar/crypto/CryptoComponentImpl.java
View File

@@ -30,9 +30,10 @@ class CryptoComponentImpl implements CryptoComponent {
private static final String CIPHER_ALGO = "AES/CTR/NoPadding";
private static final String SECRET_KEY_ALGO = "AES";
private static final int SECRET_KEY_BYTES = 32; // 256 bits
private static final int KEY_DERIVATION_IV_BYTES = 16; // 128 bits
private static final String MAC_ALGO = "HMacSHA256";
private static final String SIGNATURE_ALGO = "ECDSA";
private static final int KEY_DERIVATION_IV_BYTES = 16; // 128 bits
private static final String TAG_CIPHER_ALGO = "AES/ECB/NoPadding";
// Labels for key derivation, null-terminated
private static final byte[] FRAME = { 'F', 'R', 'A', 'M', 'E', 0 };
@@ -176,7 +177,7 @@ class CryptoComponentImpl implements CryptoComponent {
public Cipher getTagCipher() {
try {
return Cipher.getInstance(CIPHER_ALGO, PROVIDER);
return Cipher.getInstance(TAG_CIPHER_ALGO, PROVIDER);
} catch(GeneralSecurityException e) {
throw new RuntimeException(e);
}

9
components/net/sf/briar/transport/ConnectionReaderFactoryImpl.java
View File

@@ -27,9 +27,9 @@ class ConnectionReaderFactoryImpl implements ConnectionReaderFactory {
// Validate the tag
Cipher tagCipher = crypto.getTagCipher();
ErasableKey tagKey = crypto.deriveTagKey(secret, true);
boolean valid = TagEncoder.validateTag(tag, 0, tagCipher, tagKey);
long segmentNumber = TagEncoder.decodeTag(tag, tagCipher, tagKey);
tagKey.erase();
if(!valid) throw new IllegalArgumentException();
if(segmentNumber != 0) throw new IllegalArgumentException();
return createConnectionReader(in, true, secret);
}
@@ -51,7 +51,10 @@ class ConnectionReaderFactoryImpl implements ConnectionReaderFactory {
Mac mac = crypto.getMac();
IncomingEncryptionLayer decrypter = new IncomingEncryptionLayerImpl(in,
tagCipher, frameCipher, tagKey, frameKey, false);
// No error correction
IncomingErrorCorrectionLayer correcter =
new NullIncomingErrorCorrectionLayer(decrypter);
// Create the reader
return new ConnectionReaderImpl(decrypter, mac, macKey);
return new ConnectionReaderImpl(correcter, mac, macKey);
}
}

35
components/net/sf/briar/transport/ConnectionReaderImpl.java
View File

@@ -2,12 +2,13 @@ package net.sf.briar.transport;
import static net.sf.briar.api.transport.TransportConstants.FRAME_HEADER_LENGTH;
import static net.sf.briar.api.transport.TransportConstants.MAC_LENGTH;
import static net.sf.briar.api.transport.TransportConstants.MAX_FRAME_LENGTH;
import static net.sf.briar.util.ByteUtils.MAX_32_BIT_UNSIGNED;
import java.io.IOException;
import java.io.InputStream;
import java.security.InvalidKeyException;
import java.util.Collection;
import java.util.Collections;
import javax.crypto.Mac;
@@ -17,16 +18,16 @@ import net.sf.briar.api.transport.ConnectionReader;
class ConnectionReaderImpl extends InputStream implements ConnectionReader {
private final IncomingEncryptionLayer decrypter;
private final IncomingErrorCorrectionLayer in;
private final Mac mac;
private final byte[] buf;
private final Frame frame;
private long frame = 0L;
private long frameNumber = 0L;
private int offset = 0, length = 0;
ConnectionReaderImpl(IncomingEncryptionLayer decrypter, Mac mac,
ConnectionReaderImpl(IncomingErrorCorrectionLayer in, Mac mac,
ErasableKey macKey) {
this.decrypter = decrypter;
this.in = in;
this.mac = mac;
// Initialise the MAC
try {
@@ -37,7 +38,7 @@ class ConnectionReaderImpl extends InputStream implements ConnectionReader {
macKey.erase();
if(mac.getMacLength() != MAC_LENGTH)
throw new IllegalArgumentException();
buf = new byte[MAX_FRAME_LENGTH];
frame = new Frame();
}
public InputStream getInputStream() {
@@ -47,7 +48,7 @@ class ConnectionReaderImpl extends InputStream implements ConnectionReader {
@Override
public int read() throws IOException {
while(length == 0) if(!readFrame()) return -1;
int b = buf[offset] & 0xff;
int b = frame.getBuffer()[offset] & 0xff;
offset++;
length--;
return b;
@@ -62,7 +63,7 @@ class ConnectionReaderImpl extends InputStream implements ConnectionReader {
public int read(byte[] b, int off, int len) throws IOException {
while(length == 0) if(!readFrame()) return -1;
len = Math.min(len, length);
System.arraycopy(buf, offset, b, off, len);
System.arraycopy(frame.getBuffer(), offset, b, off, len);
offset += len;
length -= len;
return len;
@@ -71,17 +72,19 @@ class ConnectionReaderImpl extends InputStream implements ConnectionReader {
private boolean readFrame() throws IOException {
assert length == 0;
// Don't allow more than 2^32 frames to be read
if(frame > MAX_32_BIT_UNSIGNED) throw new IllegalStateException();
if(frameNumber > MAX_32_BIT_UNSIGNED) throw new IllegalStateException();
// Read a frame
int frameLength = decrypter.readFrame(buf);
if(frameLength == -1) return false;
Collection<Long> window = Collections.singleton(frameNumber);
if(!in.readFrame(frame, window)) return false;
// Check that the frame number is correct and the length is legal
if(!HeaderEncoder.validateHeader(buf, frame))
byte[] buf = frame.getBuffer();
if(!HeaderEncoder.validateHeader(buf, frameNumber))
throw new FormatException();
// Check that the payload and padding lengths are correct
int payload = HeaderEncoder.getPayloadLength(buf);
int padding = HeaderEncoder.getPaddingLength(buf);
if(frameLength != FRAME_HEADER_LENGTH + payload + padding + MAC_LENGTH)
throw new FormatException();
if(frame.getLength() != FRAME_HEADER_LENGTH + payload + padding
+ MAC_LENGTH) throw new FormatException();
// Check that the padding is all zeroes
int paddingStart = FRAME_HEADER_LENGTH + payload;
for(int i = paddingStart; i < paddingStart + padding; i++) {
@@ -96,7 +99,7 @@ class ConnectionReaderImpl extends InputStream implements ConnectionReader {
}
offset = FRAME_HEADER_LENGTH;
length = payload;
frame++;
frameNumber++;
return true;
}
}

2
components/net/sf/briar/transport/ConnectionRecogniserImpl.java
View File

@@ -103,7 +103,7 @@ DatabaseListener {
private Bytes calculateTag(Context ctx, byte[] secret) {
ErasableKey tagKey = crypto.deriveTagKey(secret, true);
byte[] tag = new byte[TAG_LENGTH];
TagEncoder.encodeTag(tag, 0, tagCipher, tagKey);
TagEncoder.encodeTag(tag, 0L, tagCipher, tagKey);
tagKey.erase();
return new Bytes(tag);
}

6
components/net/sf/briar/transport/ConnectionWriterFactoryImpl.java
View File

@@ -29,12 +29,12 @@ class ConnectionWriterFactoryImpl implements ConnectionWriterFactory {
public ConnectionWriter createConnectionWriter(OutputStream out,
long capacity, byte[] secret, byte[] tag) {
// Decrypt the tag
// Validate the tag
Cipher tagCipher = crypto.getTagCipher();
ErasableKey tagKey = crypto.deriveTagKey(secret, true);
boolean valid = TagEncoder.validateTag(tag, 0, tagCipher, tagKey);
long segmentNumber = TagEncoder.decodeTag(tag, tagCipher, tagKey);
tagKey.erase();
if(!valid) throw new IllegalArgumentException();
if(segmentNumber != 0) throw new IllegalArgumentException();
return createConnectionWriter(out, capacity, false, secret);
}

25
components/net/sf/briar/transport/Frame.java Normal file
View File

@@ -0,0 +1,25 @@
package net.sf.briar.transport;
import static net.sf.briar.api.transport.TransportConstants.MAX_FRAME_LENGTH;
class Frame {
private final byte[] buf = new byte[MAX_FRAME_LENGTH];
private int length = -1;
public byte[] getBuffer() {
return buf;
}
public int getLength() {
if(length == -1) throw new IllegalStateException();
return length;
}
public void setLength(int length) {
if(length < 0 || length > buf.length)
throw new IllegalArgumentException();
this.length = length;
}
}

8
components/net/sf/briar/transport/IncomingEncryptionLayer.java
View File

@@ -2,11 +2,13 @@ package net.sf.briar.transport;
import java.io.IOException;
import net.sf.briar.api.plugins.Segment;
interface IncomingEncryptionLayer {
/**
* Reads a frame into the given buffer and returns its length, or -1 if no
* more frames can be read.
* Reads a segment, excluding its tag, into the given buffer. Returns false
* if no more segments can be read from the connection.
*/
int readFrame(byte[] b) throws IOException;
boolean readSegment(Segment s) throws IOException;
}

65
components/net/sf/briar/transport/IncomingEncryptionLayerImpl.java
View File

@@ -2,8 +2,9 @@ package net.sf.briar.transport;
import static net.sf.briar.api.transport.TransportConstants.FRAME_HEADER_LENGTH;
import static net.sf.briar.api.transport.TransportConstants.MAC_LENGTH;
import static net.sf.briar.api.transport.TransportConstants.MAX_FRAME_LENGTH;
import static net.sf.briar.api.transport.TransportConstants.MAX_SEGMENT_LENGTH;
import static net.sf.briar.api.transport.TransportConstants.TAG_LENGTH;
import static net.sf.briar.util.ByteUtils.MAX_32_BIT_UNSIGNED;
import java.io.EOFException;
import java.io.IOException;
@@ -15,6 +16,7 @@ import javax.crypto.spec.IvParameterSpec;
import net.sf.briar.api.FormatException;
import net.sf.briar.api.crypto.ErasableKey;
import net.sf.briar.api.plugins.Segment;
class IncomingEncryptionLayerImpl implements IncomingEncryptionLayer {
@@ -22,10 +24,11 @@ class IncomingEncryptionLayerImpl implements IncomingEncryptionLayer {
private final Cipher tagCipher, frameCipher;
private final ErasableKey tagKey, frameKey;
private final int blockSize;
private final byte[] iv;
private final byte[] iv, ciphertext;
private final boolean tagEverySegment;
private long frame = 0L;
private boolean firstSegment = true;
private long segmentNumber = 0L;
IncomingEncryptionLayerImpl(InputStream in, Cipher tagCipher,
Cipher frameCipher, ErasableKey tagKey, ErasableKey frameKey,
@@ -40,71 +43,73 @@ class IncomingEncryptionLayerImpl implements IncomingEncryptionLayer {
if(blockSize < FRAME_HEADER_LENGTH)
throw new IllegalArgumentException();
iv = IvEncoder.encodeIv(0, blockSize);
ciphertext = new byte[MAX_SEGMENT_LENGTH];
}
public int readFrame(byte[] b) throws IOException {
if(frame > MAX_32_BIT_UNSIGNED) throw new IllegalStateException();
boolean tag = tagEverySegment && frame > 0;
// Clear the buffer before exposing it to the transport plugin
for(int i = 0; i < b.length; i++) b[i] = 0;
public boolean readSegment(Segment s) throws IOException {
boolean tag = tagEverySegment && !firstSegment;
try {
// If a tag is expected then read, decrypt and validate it
if(tag) {
int offset = 0;
while(offset < TAG_LENGTH) {
int read = in.read(b, offset, TAG_LENGTH - offset);
int read = in.read(ciphertext, offset, TAG_LENGTH - offset);
if(read == -1) {
if(offset == 0) return -1;
if(offset == 0) return false;
throw new EOFException();
}
offset += read;
}
if(!TagEncoder.validateTag(b, frame, tagCipher, tagKey))
throw new FormatException();
long seg = TagEncoder.decodeTag(ciphertext, tagCipher, tagKey);
if(seg == -1) throw new FormatException();
segmentNumber = seg;
}
// Read the first block
// Read the first block of the frame/segment
int offset = 0;
while(offset < blockSize) {
int read = in.read(b, offset, blockSize - offset);
int read = in.read(ciphertext, offset, blockSize - offset);
if(read == -1) {
if(offset == 0 && !tag) return -1;
if(offset == 0 && !tag && !firstSegment) return false;
throw new EOFException();
}
offset += read;
}
// Decrypt the first block
// Decrypt the first block of the frame/segment
byte[] plaintext = s.getBuffer();
try {
IvEncoder.updateIv(iv, frame);
IvEncoder.updateIv(iv, segmentNumber);
IvParameterSpec ivSpec = new IvParameterSpec(iv);
frameCipher.init(Cipher.DECRYPT_MODE, frameKey, ivSpec);
int decrypted = frameCipher.update(b, 0, blockSize, b);
int decrypted = frameCipher.update(ciphertext, 0, blockSize,
plaintext);
if(decrypted != blockSize) throw new RuntimeException();
} catch(GeneralSecurityException badCipher) {
throw new RuntimeException(badCipher);
}
// Validate and parse the header
if(!HeaderEncoder.validateHeader(b, frame))
throw new FormatException();
int payload = HeaderEncoder.getPayloadLength(b);
int padding = HeaderEncoder.getPaddingLength(b);
// Parse the frame header
int payload = HeaderEncoder.getPayloadLength(plaintext);
int padding = HeaderEncoder.getPaddingLength(plaintext);
int length = FRAME_HEADER_LENGTH + payload + padding + MAC_LENGTH;
// Read the remainder of the frame
if(length > MAX_FRAME_LENGTH) throw new FormatException();
// Read the remainder of the frame/segment
while(offset < length) {
int read = in.read(b, offset, length - offset);
int read = in.read(ciphertext, offset, length - offset);
if(read == -1) throw new EOFException();
offset += read;
}
// Decrypt the remainder of the frame
// Decrypt the remainder of the frame/segment
try {
int decrypted = frameCipher.doFinal(b, blockSize,
length - blockSize, b, blockSize);
int decrypted = frameCipher.doFinal(ciphertext, blockSize,
length - blockSize, plaintext, blockSize);
if(decrypted != length - blockSize)
throw new RuntimeException();
} catch(GeneralSecurityException badCipher) {
throw new RuntimeException(badCipher);
}
frame++;
return length;
s.setLength(length);
s.setSegmentNumber(segmentNumber++);
firstSegment = false;
return true;
} catch(IOException e) {
frameKey.erase();
tagKey.erase();

14
components/net/sf/briar/transport/IncomingErrorCorrectionLayer.java Normal file
View File

@@ -0,0 +1,14 @@
package net.sf.briar.transport;
import java.io.IOException;
import java.util.Collection;
interface IncomingErrorCorrectionLayer {
/**
* Reads a frame into the given buffer. The frame number must be contained
* in the given window. Returns false if no more frames can be read from
* the connection.
*/
boolean readFrame(Frame f, Collection<Long> window) throws IOException;
}

44
components/net/sf/briar/transport/IncomingSegmentedEncryptionLayer.java
View File

@@ -4,7 +4,6 @@ import static net.sf.briar.api.transport.TransportConstants.FRAME_HEADER_LENGTH;
import static net.sf.briar.api.transport.TransportConstants.MAC_LENGTH;
import static net.sf.briar.api.transport.TransportConstants.MAX_SEGMENT_LENGTH;
import static net.sf.briar.api.transport.TransportConstants.TAG_LENGTH;
import static net.sf.briar.util.ByteUtils.MAX_32_BIT_UNSIGNED;
import java.io.IOException;
import java.security.GeneralSecurityException;
@@ -27,7 +26,8 @@ class IncomingSegmentedEncryptionLayer implements IncomingEncryptionLayer {
private final Segment segment;
private final boolean tagEverySegment;
private long frame = 0L;
private boolean firstSegment = true;
private long segmentNumber = 0L;
IncomingSegmentedEncryptionLayer(SegmentSource in, Cipher tagCipher,
Cipher frameCipher, ErasableKey tagKey, ErasableKey frameKey,
@@ -45,41 +45,37 @@ class IncomingSegmentedEncryptionLayer implements IncomingEncryptionLayer {
segment = new SegmentImpl();
}
public int readFrame(byte[] b) throws IOException {
if(frame > MAX_32_BIT_UNSIGNED) throw new IllegalStateException();
boolean tag = tagEverySegment && frame > 0;
// Clear the buffer before exposing it to the transport plugin
segment.clear();
public boolean readSegment(Segment s) throws IOException {
boolean tag = tagEverySegment && !firstSegment;
try {
// Read the segment
if(!in.readSegment(segment)) return -1;
if(!in.readSegment(segment)) return false;
int offset = tag ? TAG_LENGTH : 0, length = segment.getLength();
if(length > MAX_SEGMENT_LENGTH) throw new FormatException();
if(length < offset + FRAME_HEADER_LENGTH + MAC_LENGTH)
throw new FormatException();
// If a tag is expected, decrypt and validate it
if(tag && !TagEncoder.validateTag(segment.getBuffer(), frame,
tagCipher, tagKey)) throw new FormatException();
// Decrypt the frame
byte[] ciphertext = segment.getBuffer();
// If a tag is expected then decrypt and validate it
if(tag) {
long seg = TagEncoder.decodeTag(ciphertext, tagCipher, tagKey);
if(seg == -1) throw new FormatException();
segmentNumber = seg;
}
// Decrypt the segment
try {
IvEncoder.updateIv(iv, frame);
IvEncoder.updateIv(iv, segmentNumber);
IvParameterSpec ivSpec = new IvParameterSpec(iv);
frameCipher.init(Cipher.DECRYPT_MODE, frameKey, ivSpec);
int decrypted = frameCipher.doFinal(segment.getBuffer(), offset,
length - offset, b);
int decrypted = frameCipher.doFinal(ciphertext, offset,
length - offset, s.getBuffer());
if(decrypted != length - offset) throw new RuntimeException();
} catch(GeneralSecurityException badCipher) {
throw new RuntimeException(badCipher);
}
// Validate and parse the header
if(!HeaderEncoder.validateHeader(b, frame))
throw new FormatException();
int payload = HeaderEncoder.getPayloadLength(b);
int padding = HeaderEncoder.getPaddingLength(b);
if(length != offset + FRAME_HEADER_LENGTH + payload + padding
+ MAC_LENGTH) throw new FormatException();
frame++;
return length - offset;
s.setLength(length - offset);
s.setSegmentNumber(segmentNumber++);
firstSegment = false;
return true;
} catch(IOException e) {
frameKey.erase();
tagKey.erase();

31
components/net/sf/briar/transport/NullIncomingErrorCorrectionLayer.java Normal file
View File

@@ -0,0 +1,31 @@
package net.sf.briar.transport;
import java.io.IOException;
import java.util.Collection;
import net.sf.briar.api.plugins.Segment;
class NullIncomingErrorCorrectionLayer implements IncomingErrorCorrectionLayer {
private final IncomingEncryptionLayer in;
private final Segment segment;
NullIncomingErrorCorrectionLayer(IncomingEncryptionLayer in) {
this.in = in;
segment = new SegmentImpl();
}
public boolean readFrame(Frame f, Collection<Long> window)
throws IOException {
while(true) {
if(!in.readSegment(segment)) return false;
byte[] buf = segment.getBuffer();
if(window.contains(HeaderEncoder.getFrameNumber(buf))) break;
}
int length = segment.getLength();
// FIXME: Unnecessary copy
System.arraycopy(segment.getBuffer(), 0, f.getBuffer(), 0, length);
f.setLength(length);
return true;
}
}

6
components/net/sf/briar/transport/SegmentImpl.java
View File

@@ -11,12 +11,6 @@ class SegmentImpl implements Segment {
private int length = -1;
private long segmentNumber = -1;
public void clear() {
for(int i = 0; i < buf.length; i++) buf[i] = 0;
length = -1;
segmentNumber = -1;
}
public byte[] getBuffer() {
return buf;
}

40
components/net/sf/briar/transport/TagEncoder.java
View File

@@ -6,28 +6,22 @@ import static net.sf.briar.util.ByteUtils.MAX_32_BIT_UNSIGNED;
import java.security.GeneralSecurityException;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import net.sf.briar.api.crypto.ErasableKey;
import net.sf.briar.util.ByteUtils;
class TagEncoder {
private static final byte[] BLANK = new byte[TAG_LENGTH];
static void encodeTag(byte[] tag, long frame, Cipher tagCipher,
static void encodeTag(byte[] tag, long segmentNumber, Cipher tagCipher,
ErasableKey tagKey) {
if(tag.length < TAG_LENGTH) throw new IllegalArgumentException();
if(frame < 0 || frame > MAX_32_BIT_UNSIGNED)
if(segmentNumber < 0 || segmentNumber > MAX_32_BIT_UNSIGNED)
throw new IllegalArgumentException();
// Encode the frame number as a uint32 at the end of the IV
byte[] iv = new byte[tagCipher.getBlockSize()];
if(iv.length != TAG_LENGTH) throw new IllegalArgumentException();
ByteUtils.writeUint32(frame, iv, iv.length - 4);
IvParameterSpec ivSpec = new IvParameterSpec(iv);
// Encode the segment number as a uint32 at the end of the tag
ByteUtils.writeUint32(segmentNumber, tag, TAG_LENGTH - 4);
try {
tagCipher.init(Cipher.ENCRYPT_MODE, tagKey, ivSpec);
int encrypted = tagCipher.doFinal(BLANK, 0, TAG_LENGTH, tag);
tagCipher.init(Cipher.ENCRYPT_MODE, tagKey);
int encrypted = tagCipher.doFinal(tag, 0, TAG_LENGTH, tag);
if(encrypted != TAG_LENGTH) throw new IllegalArgumentException();
} catch(GeneralSecurityException e) {
// Unsuitable cipher or key
@@ -35,26 +29,18 @@ class TagEncoder {
}
}
static boolean validateTag(byte[] tag, long frame, Cipher tagCipher,
ErasableKey tagKey) {
if(frame < 0 || frame > MAX_32_BIT_UNSIGNED)
throw new IllegalArgumentException();
if(tag.length < TAG_LENGTH) return false;
// Encode the frame number as a uint32 at the end of the IV
byte[] iv = new byte[tagCipher.getBlockSize()];
if(iv.length != TAG_LENGTH) throw new IllegalArgumentException();
ByteUtils.writeUint32(frame, iv, iv.length - 4);
IvParameterSpec ivSpec = new IvParameterSpec(iv);
static long decodeTag(byte[] tag, Cipher tagCipher, ErasableKey tagKey) {
if(tag.length < TAG_LENGTH) throw new IllegalArgumentException();
try {
tagCipher.init(Cipher.DECRYPT_MODE, tagKey, ivSpec);
tagCipher.init(Cipher.DECRYPT_MODE, tagKey);
byte[] plaintext = tagCipher.doFinal(tag, 0, TAG_LENGTH);
if(plaintext.length != TAG_LENGTH)
throw new IllegalArgumentException();
// The plaintext should be blank
for(int i = 0; i < plaintext.length; i++) {
if(plaintext[i] != 0) return false;
// All but the last four bytes of the plaintext should be blank
for(int i = 0; i < TAG_LENGTH - 4; i++) {
if(plaintext[i] != 0) return -1;
}
return true;
return ByteUtils.readUint32(plaintext, TAG_LENGTH - 4);
} catch(GeneralSecurityException e) {
// Unsuitable cipher or key
throw new IllegalArgumentException(e);

32
test/net/sf/briar/transport/ConnectionReaderImplTest.java
View File

@@ -33,7 +33,9 @@ public class ConnectionReaderImplTest extends TransportTest {
// Read the frame
ByteArrayInputStream in = new ByteArrayInputStream(frame);
IncomingEncryptionLayer decrypter = new NullIncomingEncryptionLayer(in);
ConnectionReader r = new ConnectionReaderImpl(decrypter, mac, macKey);
IncomingErrorCorrectionLayer correcter =
new NullIncomingErrorCorrectionLayer(decrypter);
ConnectionReader r = new ConnectionReaderImpl(correcter, mac, macKey);
// There should be no bytes available before EOF
assertEquals(-1, r.getInputStream().read());
}
@@ -51,7 +53,9 @@ public class ConnectionReaderImplTest extends TransportTest {
// Read the frame
ByteArrayInputStream in = new ByteArrayInputStream(frame);
IncomingEncryptionLayer decrypter = new NullIncomingEncryptionLayer(in);
ConnectionReader r = new ConnectionReaderImpl(decrypter, mac, macKey);
IncomingErrorCorrectionLayer correcter =
new NullIncomingErrorCorrectionLayer(decrypter);
ConnectionReader r = new ConnectionReaderImpl(correcter, mac, macKey);
// There should be one byte available before EOF
assertEquals(0, r.getInputStream().read());
assertEquals(-1, r.getInputStream().read());
@@ -77,7 +81,9 @@ public class ConnectionReaderImplTest extends TransportTest {
// Read the first frame
ByteArrayInputStream in = new ByteArrayInputStream(out.toByteArray());
IncomingEncryptionLayer decrypter = new NullIncomingEncryptionLayer(in);
ConnectionReader r = new ConnectionReaderImpl(decrypter, mac, macKey);
IncomingErrorCorrectionLayer correcter =
new NullIncomingErrorCorrectionLayer(decrypter);
ConnectionReader r = new ConnectionReaderImpl(correcter, mac, macKey);
byte[] read = new byte[MAX_PAYLOAD_LENGTH];
TestUtils.readFully(r.getInputStream(), read);
// Try to read the second frame
@@ -111,7 +117,9 @@ public class ConnectionReaderImplTest extends TransportTest {
// Read the first frame
ByteArrayInputStream in = new ByteArrayInputStream(out.toByteArray());
IncomingEncryptionLayer decrypter = new NullIncomingEncryptionLayer(in);
ConnectionReader r = new ConnectionReaderImpl(decrypter, mac, macKey);
IncomingErrorCorrectionLayer correcter =
new NullIncomingErrorCorrectionLayer(decrypter);
ConnectionReader r = new ConnectionReaderImpl(correcter, mac, macKey);
byte[] read = new byte[MAX_PAYLOAD_LENGTH - paddingLength];
TestUtils.readFully(r.getInputStream(), read);
// Try to read the second frame
@@ -137,7 +145,9 @@ public class ConnectionReaderImplTest extends TransportTest {
// Read the frame
ByteArrayInputStream in = new ByteArrayInputStream(frame);
IncomingEncryptionLayer decrypter = new NullIncomingEncryptionLayer(in);
ConnectionReader r = new ConnectionReaderImpl(decrypter, mac, macKey);
IncomingErrorCorrectionLayer correcter =
new NullIncomingErrorCorrectionLayer(decrypter);
ConnectionReader r = new ConnectionReaderImpl(correcter, mac, macKey);
// The non-zero padding should be rejected
try {
r.getInputStream().read();
@@ -169,7 +179,9 @@ public class ConnectionReaderImplTest extends TransportTest {
// Read the frames
ByteArrayInputStream in = new ByteArrayInputStream(out.toByteArray());
IncomingEncryptionLayer decrypter = new NullIncomingEncryptionLayer(in);
ConnectionReader r = new ConnectionReaderImpl(decrypter, mac, macKey);
IncomingErrorCorrectionLayer correcter =
new NullIncomingErrorCorrectionLayer(decrypter);
ConnectionReader r = new ConnectionReaderImpl(correcter, mac, macKey);
byte[] read = new byte[payloadLength];
TestUtils.readFully(r.getInputStream(), read);
assertArrayEquals(new byte[payloadLength], read);
@@ -193,7 +205,9 @@ public class ConnectionReaderImplTest extends TransportTest {
// Try to read the frame - not a single byte should be read
ByteArrayInputStream in = new ByteArrayInputStream(frame);
IncomingEncryptionLayer decrypter = new NullIncomingEncryptionLayer(in);
ConnectionReader r = new ConnectionReaderImpl(decrypter, mac, macKey);
IncomingErrorCorrectionLayer correcter =
new NullIncomingErrorCorrectionLayer(decrypter);
ConnectionReader r = new ConnectionReaderImpl(correcter, mac, macKey);
try {
r.getInputStream().read();
fail();
@@ -215,7 +229,9 @@ public class ConnectionReaderImplTest extends TransportTest {
// Try to read the frame - not a single byte should be read
ByteArrayInputStream in = new ByteArrayInputStream(frame);
IncomingEncryptionLayer decrypter = new NullIncomingEncryptionLayer(in);
ConnectionReader r = new ConnectionReaderImpl(decrypter, mac, macKey);
IncomingErrorCorrectionLayer correcter =
new NullIncomingErrorCorrectionLayer(decrypter);
ConnectionReader r = new ConnectionReaderImpl(correcter, mac, macKey);
try {
r.getInputStream().read();
fail();

2
test/net/sf/briar/transport/ConnectionRecogniserImplTest.java
View File

@@ -618,7 +618,7 @@ public class ConnectionRecogniserImplTest extends BriarTestCase {
ErasableKey tagKey = crypto.deriveTagKey(secret, true);
Cipher tagCipher = crypto.getTagCipher();
byte[] tag = new byte[TAG_LENGTH];
TagEncoder.encodeTag(tag, 0, tagCipher, tagKey);
TagEncoder.encodeTag(tag, 0L, tagCipher, tagKey);
return tag;
}
}

8
test/net/sf/briar/transport/FrameReadWriteTest.java
View File

@@ -62,7 +62,7 @@ public class FrameReadWriteTest extends BriarTestCase {
private void testWriteAndRead(boolean initiator) throws Exception {
// Encode the tag
byte[] tag = new byte[TAG_LENGTH];
TagEncoder.encodeTag(tag, 0, tagCipher, tagKey);
TagEncoder.encodeTag(tag, 0L, tagCipher, tagKey);
// Generate two random frames
byte[] frame = new byte[12345];
random.nextBytes(frame);
@@ -89,11 +89,13 @@ public class FrameReadWriteTest extends BriarTestCase {
byte[] recoveredTag = new byte[TAG_LENGTH];
assertEquals(TAG_LENGTH, in.read(recoveredTag));
assertArrayEquals(tag, recoveredTag);
assertTrue(TagEncoder.validateTag(tag, 0, tagCipher, tagKey));
assertEquals(0L, TagEncoder.decodeTag(tag, tagCipher, tagKey));
// Read the frames back
IncomingEncryptionLayer decrypter = new IncomingEncryptionLayerImpl(in,
tagCipher, frameCipher, tagKey, frameKey, false);
ConnectionReader reader = new ConnectionReaderImpl(decrypter, mac,
IncomingErrorCorrectionLayer correcter =
new NullIncomingErrorCorrectionLayer(decrypter);
ConnectionReader reader = new ConnectionReaderImpl(correcter, mac,
macKey);
InputStream in1 = reader.getInputStream();
byte[] recovered = new byte[frame.length];

36
test/net/sf/briar/transport/IncomingEncryptionLayerImplTest.java
View File

@@ -2,7 +2,6 @@ package net.sf.briar.transport;
import static net.sf.briar.api.transport.TransportConstants.FRAME_HEADER_LENGTH;
import static net.sf.briar.api.transport.TransportConstants.MAC_LENGTH;
import static net.sf.briar.api.transport.TransportConstants.MAX_FRAME_LENGTH;
import static net.sf.briar.api.transport.TransportConstants.TAG_LENGTH;
import java.io.ByteArrayInputStream;
@@ -13,6 +12,7 @@ import javax.crypto.spec.IvParameterSpec;
import net.sf.briar.BriarTestCase;
import net.sf.briar.api.crypto.CryptoComponent;
import net.sf.briar.api.crypto.ErasableKey;
import net.sf.briar.api.plugins.Segment;
import net.sf.briar.crypto.CryptoModule;
import org.apache.commons.io.output.ByteArrayOutputStream;
@@ -38,14 +38,14 @@ public class IncomingEncryptionLayerImplTest extends BriarTestCase {
@Test
public void testDecryptionWithFirstSegmentTagged() throws Exception {
// Calculate the ciphertext for the first frame
// Calculate the ciphertext for the first segment
byte[] plaintext = new byte[FRAME_HEADER_LENGTH + 123 + MAC_LENGTH];
HeaderEncoder.encodeHeader(plaintext, 0L, 123, 0);
byte[] iv = IvEncoder.encodeIv(0L, frameCipher.getBlockSize());
IvParameterSpec ivSpec = new IvParameterSpec(iv);
frameCipher.init(Cipher.ENCRYPT_MODE, frameKey, ivSpec);
byte[] ciphertext = frameCipher.doFinal(plaintext, 0, plaintext.length);
// Calculate the ciphertext for the second frame
// Calculate the ciphertext for the second segment
byte[] plaintext1 = new byte[FRAME_HEADER_LENGTH + 1234 + MAC_LENGTH];
HeaderEncoder.encodeHeader(plaintext1, 1L, 1234, 0);
IvEncoder.updateIv(iv, 1L);
@@ -62,13 +62,19 @@ public class IncomingEncryptionLayerImplTest extends BriarTestCase {
IncomingEncryptionLayer decrypter = new IncomingEncryptionLayerImpl(in,
tagCipher, frameCipher, tagKey, frameKey, false);
// First frame
byte[] decrypted = new byte[MAX_FRAME_LENGTH];
assertEquals(plaintext.length, decrypter.readFrame(decrypted));
Segment s = new SegmentImpl();
assertTrue(decrypter.readSegment(s));
assertEquals(plaintext.length, s.getLength());
assertEquals(0L, s.getSegmentNumber());
byte[] decrypted = s.getBuffer();
for(int i = 0; i < plaintext.length; i++) {
assertEquals(plaintext[i], decrypted[i]);
}
// Second frame
assertEquals(plaintext1.length, decrypter.readFrame(decrypted));
assertTrue(decrypter.readSegment(s));
assertEquals(plaintext1.length, s.getLength());
assertEquals(1L, s.getSegmentNumber());
decrypted = s.getBuffer();
for(int i = 0; i < plaintext1.length; i++) {
assertEquals(plaintext1[i], decrypted[i]);
}
@@ -76,18 +82,18 @@ public class IncomingEncryptionLayerImplTest extends BriarTestCase {
@Test
public void testDecryptionWithEverySegmentTagged() throws Exception {
// Calculate the ciphertext for the first frame
// Calculate the ciphertext for the first segment
byte[] plaintext = new byte[FRAME_HEADER_LENGTH + 123 + MAC_LENGTH];
HeaderEncoder.encodeHeader(plaintext, 0L, 123, 0);
byte[] iv = IvEncoder.encodeIv(0L, frameCipher.getBlockSize());
IvParameterSpec ivSpec = new IvParameterSpec(iv);
frameCipher.init(Cipher.ENCRYPT_MODE, frameKey, ivSpec);
byte[] ciphertext = frameCipher.doFinal(plaintext, 0, plaintext.length);
// Calculate the ciphertext for the second frame, including its tag
// Calculate the ciphertext for the second segment, including its tag
byte[] plaintext1 = new byte[FRAME_HEADER_LENGTH + 1234 + MAC_LENGTH];
HeaderEncoder.encodeHeader(plaintext1, 1L, 1234, 0);
byte[] ciphertext1 = new byte[TAG_LENGTH + plaintext1.length];
TagEncoder.encodeTag(ciphertext1, 1, tagCipher, tagKey);
TagEncoder.encodeTag(ciphertext1, 1L, tagCipher, tagKey);
IvEncoder.updateIv(iv, 1L);
ivSpec = new IvParameterSpec(iv);
frameCipher.init(Cipher.ENCRYPT_MODE, frameKey, ivSpec);
@@ -102,13 +108,19 @@ public class IncomingEncryptionLayerImplTest extends BriarTestCase {
IncomingEncryptionLayer decrypter = new IncomingEncryptionLayerImpl(in,
tagCipher, frameCipher, tagKey, frameKey, true);
// First frame
byte[] decrypted = new byte[MAX_FRAME_LENGTH];
assertEquals(plaintext.length, decrypter.readFrame(decrypted));
Segment s = new SegmentImpl();
assertTrue(decrypter.readSegment(s));
assertEquals(plaintext.length, s.getLength());
assertEquals(0L, s.getSegmentNumber());
byte[] decrypted = s.getBuffer();
for(int i = 0; i < plaintext.length; i++) {
assertEquals(plaintext[i], decrypted[i]);
}
// Second frame
assertEquals(plaintext1.length, decrypter.readFrame(decrypted));
assertTrue(decrypter.readSegment(s));
assertEquals(plaintext1.length, s.getLength());
assertEquals(1L, s.getSegmentNumber());
decrypted = s.getBuffer();
for(int i = 0; i < plaintext1.length; i++) {
assertEquals(plaintext1[i], decrypted[i]);
}

31
test/net/sf/briar/transport/IncomingSegmentedEncryptionLayerTest.java
View File

@@ -2,7 +2,6 @@ package net.sf.briar.transport;
import static net.sf.briar.api.transport.TransportConstants.FRAME_HEADER_LENGTH;
import static net.sf.briar.api.transport.TransportConstants.MAC_LENGTH;
import static net.sf.briar.api.transport.TransportConstants.MAX_FRAME_LENGTH;
import static net.sf.briar.api.transport.TransportConstants.TAG_LENGTH;
import java.io.IOException;
@@ -39,14 +38,14 @@ public class IncomingSegmentedEncryptionLayerTest extends BriarTestCase {
@Test
public void testDecryptionWithFirstSegmentTagged() throws Exception {
// Calculate the ciphertext for the first frame
// Calculate the ciphertext for the first segment
byte[] plaintext = new byte[FRAME_HEADER_LENGTH + 123 + MAC_LENGTH];
HeaderEncoder.encodeHeader(plaintext, 0L, 123, 0);
byte[] iv = IvEncoder.encodeIv(0L, frameCipher.getBlockSize());
IvParameterSpec ivSpec = new IvParameterSpec(iv);
frameCipher.init(Cipher.ENCRYPT_MODE, frameKey, ivSpec);
byte[] ciphertext = frameCipher.doFinal(plaintext, 0, plaintext.length);
// Calculate the ciphertext for the second frame
// Calculate the ciphertext for the second segment
byte[] plaintext1 = new byte[FRAME_HEADER_LENGTH + 1234 + MAC_LENGTH];
HeaderEncoder.encodeHeader(plaintext1, 1L, 1234, 0);
IvEncoder.updateIv(iv, 1L);
@@ -61,13 +60,19 @@ public class IncomingSegmentedEncryptionLayerTest extends BriarTestCase {
new IncomingSegmentedEncryptionLayer(in, tagCipher, frameCipher,
tagKey, frameKey, false);
// First frame
byte[] decrypted = new byte[MAX_FRAME_LENGTH];
assertEquals(plaintext.length, decrypter.readFrame(decrypted));
Segment s = new SegmentImpl();
assertTrue(decrypter.readSegment(s));
assertEquals(plaintext.length, s.getLength());
assertEquals(0L, s.getSegmentNumber());
byte[] decrypted = s.getBuffer();
for(int i = 0; i < plaintext.length; i++) {
assertEquals(plaintext[i], decrypted[i]);
}
// Second frame
assertEquals(plaintext1.length, decrypter.readFrame(decrypted));
assertTrue(decrypter.readSegment(s));
assertEquals(plaintext1.length, s.getLength());
assertEquals(1L, s.getSegmentNumber());
decrypted = s.getBuffer();
for(int i = 0; i < plaintext1.length; i++) {
assertEquals(plaintext1[i], decrypted[i]);
}
@@ -86,7 +91,7 @@ public class IncomingSegmentedEncryptionLayerTest extends BriarTestCase {
byte[] plaintext1 = new byte[FRAME_HEADER_LENGTH + 1234 + MAC_LENGTH];
HeaderEncoder.encodeHeader(plaintext1, 1L, 1234, 0);
byte[] ciphertext1 = new byte[TAG_LENGTH + plaintext1.length];
TagEncoder.encodeTag(ciphertext1, 1, tagCipher, tagKey);
TagEncoder.encodeTag(ciphertext1, 1L, tagCipher, tagKey);
IvEncoder.updateIv(iv, 1L);
ivSpec = new IvParameterSpec(iv);
frameCipher.init(Cipher.ENCRYPT_MODE, frameKey, ivSpec);
@@ -99,13 +104,19 @@ public class IncomingSegmentedEncryptionLayerTest extends BriarTestCase {
new IncomingSegmentedEncryptionLayer(in, tagCipher, frameCipher,
tagKey, frameKey, true);
// First frame
byte[] decrypted = new byte[MAX_FRAME_LENGTH];
assertEquals(plaintext.length, decrypter.readFrame(decrypted));
Segment s = new SegmentImpl();
assertTrue(decrypter.readSegment(s));
assertEquals(plaintext.length, s.getLength());
assertEquals(0L, s.getSegmentNumber());
byte[] decrypted = s.getBuffer();
for(int i = 0; i < plaintext.length; i++) {
assertEquals(plaintext[i], decrypted[i]);
}
// Second frame
assertEquals(plaintext1.length, decrypter.readFrame(decrypted));
assertTrue(decrypter.readSegment(s));
assertEquals(plaintext1.length, s.getLength());
assertEquals(1L, s.getSegmentNumber());
decrypted = s.getBuffer();
for(int i = 0; i < plaintext1.length; i++) {
assertEquals(plaintext1[i], decrypted[i]);
}

26
test/net/sf/briar/transport/NullIncomingEncryptionLayer.java
View File

@@ -9,38 +9,44 @@ import java.io.IOException;
import java.io.InputStream;
import net.sf.briar.api.FormatException;
import net.sf.briar.api.plugins.Segment;
/** An encryption layer that performs no encryption. */
class NullIncomingEncryptionLayer implements IncomingEncryptionLayer {
private final InputStream in;
private long segmentNumber = 0L;
NullIncomingEncryptionLayer(InputStream in) {
this.in = in;
}
public int readFrame(byte[] b) throws IOException {
// Read the header to determine the frame length
public boolean readSegment(Segment s) throws IOException {
byte[] buf = s.getBuffer();
// Read the frame header
int offset = 0, length = FRAME_HEADER_LENGTH;
while(offset < length) {
int read = in.read(b, offset, length - offset);
int read = in.read(buf, offset, length - offset);
if(read == -1) {
if(offset == 0) return -1;
if(offset == 0) return false;
throw new EOFException();
}
offset += read;
}
// Parse the header
int payload = HeaderEncoder.getPayloadLength(b);
int padding = HeaderEncoder.getPaddingLength(b);
// Parse the frame header
int payload = HeaderEncoder.getPayloadLength(buf);
int padding = HeaderEncoder.getPaddingLength(buf);
length = FRAME_HEADER_LENGTH + payload + padding + MAC_LENGTH;
if(length > MAX_FRAME_LENGTH) throw new FormatException();
// Read the remainder of the frame
// Read the remainder of the frame/segment
while(offset < length) {
int read = in.read(b, offset, length - offset);
int read = in.read(buf, offset, length - offset);
if(read == -1) throw new EOFException();
offset += read;
}
return length;
s.setLength(length);
s.setSegmentNumber(segmentNumber++);
return true;
}
}

16
test/net/sf/briar/transport/OutgoingEncryptionLayerImplTest.java
View File

@@ -39,14 +39,14 @@ public class OutgoingEncryptionLayerImplTest extends BriarTestCase {
public void testEncryptionWithFirstSegmentTagged() throws Exception {
// Calculate the expected tag
byte[] tag = new byte[TAG_LENGTH];
TagEncoder.encodeTag(tag, 0, tagCipher, tagKey);
// Calculate the expected ciphertext for the first frame
TagEncoder.encodeTag(tag, 0L, tagCipher, tagKey);
// Calculate the expected ciphertext for the first segment
byte[] iv = new byte[frameCipher.getBlockSize()];
byte[] plaintext = new byte[123 + MAC_LENGTH];
IvParameterSpec ivSpec = new IvParameterSpec(iv);
frameCipher.init(Cipher.ENCRYPT_MODE, frameKey, ivSpec);
byte[] ciphertext = frameCipher.doFinal(plaintext);
// Calculate the expected ciphertext for the second frame
// Calculate the expected ciphertext for the second segment
byte[] plaintext1 = new byte[1234 + MAC_LENGTH];
IvEncoder.updateIv(iv, 1L);
ivSpec = new IvParameterSpec(iv);
@@ -76,17 +76,17 @@ public class OutgoingEncryptionLayerImplTest extends BriarTestCase {
public void testEncryptionWithEverySegmentTagged() throws Exception {
// Calculate the expected tag for the first segment
byte[] tag = new byte[TAG_LENGTH];
TagEncoder.encodeTag(tag, 0, tagCipher, tagKey);
// Calculate the expected ciphertext for the first frame
TagEncoder.encodeTag(tag, 0L, tagCipher, tagKey);
// Calculate the expected ciphertext for the first segment
byte[] iv = new byte[frameCipher.getBlockSize()];
byte[] plaintext = new byte[123 + MAC_LENGTH];
IvParameterSpec ivSpec = new IvParameterSpec(iv);
frameCipher.init(Cipher.ENCRYPT_MODE, frameKey, ivSpec);
byte[] ciphertext = frameCipher.doFinal(plaintext);
// Calculate the expected tag for the second frame
// Calculate the expected tag for the second segment
byte[] tag1 = new byte[TAG_LENGTH];
TagEncoder.encodeTag(tag1, 1, tagCipher, tagKey);
// Calculate the expected ciphertext for the second frame
TagEncoder.encodeTag(tag1, 1L, tagCipher, tagKey);
// Calculate the expected ciphertext for the second segment
byte[] plaintext1 = new byte[1234 + MAC_LENGTH];
IvEncoder.updateIv(iv, 1L);
ivSpec = new IvParameterSpec(iv);

18
test/net/sf/briar/transport/OutgoingSegmentedEncryptionLayerTest.java
View File

@@ -42,14 +42,14 @@ public class OutgoingSegmentedEncryptionLayerTest extends BriarTestCase {
public void testEncryptionWithFirstSegmentTagged() throws Exception {
// Calculate the expected tag
byte[] tag = new byte[TAG_LENGTH];
TagEncoder.encodeTag(tag, 0, tagCipher, tagKey);
// Calculate the expected ciphertext for the first frame
TagEncoder.encodeTag(tag, 0L, tagCipher, tagKey);
// Calculate the expected ciphertext for the first segment
byte[] iv = new byte[frameCipher.getBlockSize()];
byte[] plaintext = new byte[123 + MAC_LENGTH];
IvParameterSpec ivSpec = new IvParameterSpec(iv);
frameCipher.init(Cipher.ENCRYPT_MODE, frameKey, ivSpec);
byte[] ciphertext = frameCipher.doFinal(plaintext);
// Calculate the expected ciphertext for the second frame
// Calculate the expected ciphertext for the second segment
byte[] plaintext1 = new byte[1234 + MAC_LENGTH];
IvEncoder.updateIv(iv, 1L);
ivSpec = new IvParameterSpec(iv);
@@ -78,19 +78,19 @@ public class OutgoingSegmentedEncryptionLayerTest extends BriarTestCase {
@Test
public void testEncryptionWithEverySegmentTagged() throws Exception {
// Calculate the expected tag for the first frame
// Calculate the expected tag for the first segment
byte[] tag = new byte[TAG_LENGTH];
TagEncoder.encodeTag(tag, 0, tagCipher, tagKey);
// Calculate the expected ciphertext for the first frame
TagEncoder.encodeTag(tag, 0L, tagCipher, tagKey);
// Calculate the expected ciphertext for the first segment
byte[] iv = new byte[frameCipher.getBlockSize()];
byte[] plaintext = new byte[123 + MAC_LENGTH];
IvParameterSpec ivSpec = new IvParameterSpec(iv);
frameCipher.init(Cipher.ENCRYPT_MODE, frameKey, ivSpec);
byte[] ciphertext = frameCipher.doFinal(plaintext);
// Calculate the expected tag for the second frame
// Calculate the expected tag for the second segment
byte[] tag1 = new byte[TAG_LENGTH];
TagEncoder.encodeTag(tag1, 1, tagCipher, tagKey);
// Calculate the expected ciphertext for the second frame
TagEncoder.encodeTag(tag1, 1L, tagCipher, tagKey);
// Calculate the expected ciphertext for the second segment
byte[] plaintext1 = new byte[1234 + MAC_LENGTH];
IvEncoder.updateIv(iv, 1L);
ivSpec = new IvParameterSpec(iv);

4
test/net/sf/briar/transport/TransportTest.java
View File

@@ -16,8 +16,8 @@ import com.google.inject.Injector;
public abstract class TransportTest extends BriarTestCase {
static final int MAX_PAYLOAD_LENGTH
= MAX_FRAME_LENGTH - FRAME_HEADER_LENGTH - MAC_LENGTH;
static final int MAX_PAYLOAD_LENGTH =
MAX_FRAME_LENGTH - FRAME_HEADER_LENGTH - MAC_LENGTH;
protected final Mac mac;
protected final ErasableKey macKey;