Kaladaran/briar
0
0
Fork 0
mirror of https://code.briarproject.org/briar/briar.git synced 2026-02-16 04:39:54 +01:00
Code Issues Projects Releases Wiki Activity
438 Commits 133 Branches 200 Tags
c8338f986600a59682a25d875f0e2ecf99b26df8
Commit Graph

72 Commits

Author SHA1 Message Date
akwizgran
c8338f9866 Connection readers and writers don't need the connection context. 2011-12-02 14:23:45 +00:00
akwizgran
51d58fadad Include the frame number in the header. 
This ensures the frame number is covered by the MAC, cleanly
separating encryption from authentication (previously we depended on
the encryption layer to garble frames if they were reordered).
 2011-12-02 13:37:44 +00:00
akwizgran
14d5e6fe64 Replaced encrypted IVs with pseudo-random tags. 2011-12-02 12:57:39 +00:00
akwizgran
f3fdd85996 Renamed "encrypted IVs" as "tags" (actual crypto changes to follow). 2011-12-02 12:02:55 +00:00
akwizgran
28b9e399ae Don't swallow interrupts. 2011-12-01 19:49:22 +00:00
akwizgran
7bf2ee64a8 Use immutable collections for thread safety. 2011-11-29 11:01:09 +00:00
akwizgran
42430272f4 Removed the initiator flag from the IV (no longer needed with the new 
key derivation rules).
 2011-11-28 17:34:50 +00:00
akwizgran
9345b5c71b Avoid DB lookups where possible. 2011-11-24 22:09:04 +00:00
akwizgran
8068fa0d38 Don't keep connection windows in memory. 2011-11-24 13:56:58 +00:00
akwizgran
046becd388 Shutdown manager (untested on Windows). 2011-11-18 17:13:55 +00:00
akwizgran
859ece6328 Erase connection windows before discarding them. 
And I rewrote the locking in ConnectionRecogniserImpl again. I hate
that class so much.
 2011-11-18 15:25:30 +00:00
akwizgran
a349a3f1ea Fixed the locking in ConnectionRecogniserImpl. Again. 
Database calls are made outside the lock, with the exception of
{get,set}ConnectionWindow(), which seems to be unavoidable if we want
to ensure replay protection within and across sessions.
 2011-11-18 14:16:51 +00:00
akwizgran
6fada9f243 Finer-grained locking in the connection recogniser. 2011-11-17 20:06:19 +00:00
akwizgran
2b45cf0dd1 Accept connections asynchronously. 2011-11-17 18:59:34 +00:00
akwizgran
66d973bcdd Ignore expected IVs that arrive by the wrong transport. 
This prevents an attacker from replaying connections to test whether a
transport endpoint has the same owner as an endpoint on another
transport (eg probing a Bluetooth device to see whether it has the
same owner as a given internet host).
 2011-11-17 09:24:28 +00:00
akwizgran
a144884ecd Erase connection windows if the JVM shuts down cleanly. 2011-11-16 18:41:40 +00:00
akwizgran
01dd658200 Keep the connection windows in memory. 2011-11-16 17:57:56 +00:00
akwizgran
f10512d787 Erase keys after using them. (Copies created by ciphers, etc, may 
still exist.)
 2011-11-16 16:22:35 +00:00
akwizgran
f6ae4734ce Forward secrecy. 
Each connection's keys are derived from a secret that is erased after
deriving the keys and the secret for the next connection.
 2011-11-16 15:35:16 +00:00
akwizgran
d02a68edfc Return a connection context for outgoing connections (the secret will 
be included in this context in the near future).
 2011-11-15 17:47:30 +00:00
akwizgran
fabdaf5957 Remove transport ID from connection context. 2011-11-15 17:32:31 +00:00
akwizgran
6a15c03e81 Store the incoming and outgoing secrets separately. 2011-11-15 16:07:14 +00:00
akwizgran
f41d48eb9f Made secret keys erasable from memory. 2011-11-15 14:43:06 +00:00
akwizgran
df054b1743 Store each connection window slot as a database row. 
This is less memory-efficient but necessary for the coming forward
secrecy changes.
 2011-11-15 13:08:20 +00:00
akwizgran
72be34768b Minor refactoring. 2011-11-14 22:14:52 +00:00
akwizgran
73aa7d14d7 Split transport identifiers into two: TransportId (globally unique) 
and TransportIndex (locally unique).

This is the first step towards forward secrecy. Also removed the
Writable interface and unnecessary user-defined types, moved various
constants to ProtocolConstants and renamed some classes.
 2011-11-14 21:40:05 +00:00
akwizgran
48d638746c Invitation API and two (untested) implementations. 2011-10-27 17:52:03 +01:00
akwizgran
d7a417f36d Validate the decrypted IV before creating a reader/writer. 2011-10-18 15:58:10 +01:00
akwizgran
2f457162a5 Attach the affected contact IDs to subscription update events. 2011-10-17 23:24:23 +01:00
akwizgran
ec56b12384 Converted database events from an enum to classes to allow them to 
carry data.
 2011-10-17 22:47:38 +01:00
akwizgran
89001e4c91 Double-check the initiator flag and transport ID of incoming 
connections, and invert the flag for the responder's side.
 2011-10-15 14:15:25 +01:00
akwizgran
2618fea0eb Guice module for stream transport connections. 2011-10-14 22:50:34 +01:00
akwizgran
e214c40b11 Code cleanup and comments. 2011-10-14 22:48:16 +01:00
akwizgran
0ef1fcb686 De-uglified some code and moved two API classes. 2011-10-14 21:49:58 +01:00
akwizgran
cb06ebc5d2 Locking. 2011-10-14 21:37:55 +01:00
akwizgran
0d11553134 StreamConnectionFactory and ConnectionDispatcherImpl (untested). 2011-10-14 21:07:49 +01:00
akwizgran
718bd8c540 Moved DB accesses outside the lock. 2011-10-14 20:07:37 +01:00
akwizgran
8ece8f3243 First stab at the StreamConnection state machine. Needs work. 2011-10-14 19:50:17 +01:00
akwizgran
d48c7b6900 Converted {Incoming,Outgoing}BatchConnection into Runnables. 
Also changed the dispose() method of readers/writers/connections to
swallow any exceptions that occur, since the caller can't do anything
except log them.
 2011-10-14 16:14:29 +01:00
akwizgran
72b594d270 Type-safe transport IDs. 2011-09-30 12:52:29 +01:00
akwizgran
a8b96f11fd Added Consumer support to Writer, to avoid redundant copying. 2011-09-28 18:47:24 +01:00
akwizgran
a1b664b639 More refactoring to connect ConnectionRecogniser to ConnectionReader. 
Added TestDatabaseModule so tests can specify their own DB
configuration. The modules are currently too tightly coupled - see
whether any dependencies can be removed.
 2011-09-28 14:21:38 +01:00
akwizgran
4aff0c4f88 Refactored transport component and renamed WritersModule. 
The goal of the refactoring was to clean up the dependencies of
IncomingBatchConnection and OutgoingBatchConnection.
 2011-09-27 19:21:44 +01:00
akwizgran
09971c8460 Implemented incoming and outgoing batch connections (untested). 2011-09-22 16:26:06 +01:00
akwizgran
eba6884281 Javadocs. 2011-09-21 18:09:56 +01:00
akwizgran
10c3b21726 Expose the encryption and authentication overhead without breaking 
encapsulation.

This should allow callers to calculate maximum packet sizes without
knowing the details of the transport protocol.
 2011-09-21 15:22:25 +01:00
akwizgran
f6e5ef415a BadPaddingExceptions should be rethrown as RuntimeExceptions. 2011-09-19 14:53:44 +01:00
akwizgran
7cdca62063 IOException(Throwable) constructor isn't available in Java 5. 2011-09-19 14:49:27 +01:00
akwizgran
7ed747b2a3 Added an initiator flag (bit 31) to the IV. 
The flag is used to distinguish between the initiator and responder
directions of a stream-mode connection, allowing them to use the same
connection number without risking IV reuse.

The flag is also raised for batch-mode connections, which only have
one direction.
 2011-09-07 17:21:52 +01:00
akwizgran
472dff3d61 Removed redundant frame number from header. 2011-09-01 11:11:31 +01:00