e2cb1027af
Moved message verification into a separate thread pool.
2011-12-07 21:33:14 +00:00
b7c3224618
Decouple the database from IO.
...
This will enable asynchronous access to the database for IO threads.
2011-12-07 00:23:35 +00:00
e24a3218ca
Moved message verification and DB writes off the IO thread.
2011-12-05 22:52:00 +00:00
ab722f9371
Minor refactoring.
2011-12-02 16:32:50 +00:00
726799d848
Check that padding is set to zero.
2011-12-02 16:21:20 +00:00
4ab5dfcac0
Allow empty frames.
2011-12-02 16:10:44 +00:00
c8338f9866
Connection readers and writers don't need the connection context.
2011-12-02 14:23:45 +00:00
51d58fadad
Include the frame number in the header.
...
This ensures the frame number is covered by the MAC, cleanly
separating encryption from authentication (previously we depended on
the encryption layer to garble frames if they were reordered).
2011-12-02 13:37:44 +00:00
14d5e6fe64
Replaced encrypted IVs with pseudo-random tags.
2011-12-02 12:57:39 +00:00
f3fdd85996
Renamed "encrypted IVs" as "tags" (actual crypto changes to follow).
2011-12-02 12:02:55 +00:00
42430272f4
Removed the initiator flag from the IV (no longer needed with the new
...
key derivation rules).
2011-11-28 17:34:50 +00:00
aefa7798e1
One more unit test for the road...
2011-11-24 22:12:05 +00:00
9345b5c71b
Avoid DB lookups where possible.
2011-11-24 22:09:04 +00:00
8068fa0d38
Don't keep connection windows in memory.
2011-11-24 13:56:58 +00:00
046becd388
Shutdown manager (untested on Windows).
2011-11-18 17:13:55 +00:00
dacaa4566d
Minor protocol refactoring.
2011-11-18 11:27:34 +00:00
2b45cf0dd1
Accept connections asynchronously.
2011-11-17 18:59:34 +00:00
66d973bcdd
Ignore expected IVs that arrive by the wrong transport.
...
This prevents an attacker from replaying connections to test whether a
transport endpoint has the same owner as an endpoint on another
transport (eg probing a Bluetooth device to see whether it has the
same owner as a given internet host).
2011-11-17 09:24:28 +00:00
01dd658200
Keep the connection windows in memory.
2011-11-16 17:57:56 +00:00
f10512d787
Erase keys after using them. (Copies created by ciphers, etc, may
...
still exist.)
2011-11-16 16:22:35 +00:00
a13a1769e5
Unit test for key derivation.
2011-11-16 15:54:17 +00:00
f6ae4734ce
Forward secrecy.
...
Each connection's keys are derived from a secret that is erased after
deriving the keys and the secret for the next connection.
2011-11-16 15:35:16 +00:00
fabdaf5957
Remove transport ID from connection context.
2011-11-15 17:32:31 +00:00
9220bb3426
Key derivation function based on NIST SP 800-108.
2011-11-15 17:19:11 +00:00
6a15c03e81
Store the incoming and outgoing secrets separately.
2011-11-15 16:07:14 +00:00
f41d48eb9f
Made secret keys erasable from memory.
2011-11-15 14:43:06 +00:00
23be7fd876
Removed double-encryption of shared secrets.
2011-11-15 14:09:28 +00:00
df054b1743
Store each connection window slot as a database row.
...
This is less memory-efficient but necessary for the coming forward
secrecy changes.
2011-11-15 13:08:20 +00:00
6fd8493d3d
Singleton lists and singleton sets aren't equal, so use lists
...
consistently.
2011-11-15 09:42:21 +00:00
72be34768b
Minor refactoring.
2011-11-14 22:14:52 +00:00
73aa7d14d7
Split transport identifiers into two: TransportId (globally unique)
...
and TransportIndex (locally unique).
This is the first step towards forward secrecy. Also removed the
Writable interface and unnecessary user-defined types, moved various
constants to ProtocolConstants and renamed some classes.
2011-11-14 21:40:05 +00:00
f2d80825bc
Separated the subject line from the message body.
2011-10-21 18:25:25 +01:00
d7a417f36d
Validate the decrypted IV before creating a reader/writer.
2011-10-18 15:58:10 +01:00
ec56b12384
Converted database events from an enum to classes to allow them to
...
carry data.
2011-10-17 22:47:38 +01:00
0ef1fcb686
De-uglified some code and moved two API classes.
2011-10-14 21:49:58 +01:00
d48c7b6900
Converted {Incoming,Outgoing}BatchConnection into Runnables.
...
Also changed the dispose() method of readers/writers/connections to
swallow any exceptions that occur, since the caller can't do anything
except log them.
2011-10-14 16:14:29 +01:00
a49a95347f
Use dedicated classes for transport properties and configs.
2011-10-11 17:28:47 +01:00
775d76d040
Removed unused classes.
2011-10-05 18:54:49 +01:00
8940dc83cb
Replaced assertTrue(Arrays.equals()) with assertArrayEquals().
2011-10-05 17:07:52 +01:00
11a6858c46
Updated transport plugin API.
2011-10-04 17:49:18 +01:00
72b594d270
Type-safe transport IDs.
2011-09-30 12:52:29 +01:00
7190509ede
Use numeric IDs rather than names to identify transports.
2011-09-29 15:40:09 +01:00
c77b4e5b91
Get the outgoing connection number from the database.
2011-09-28 19:26:57 +01:00
5aa7da2048
ProtocolIntegrationTest (formerly FileReadWriteTest) doesn't need to
...
use a file.
2011-09-28 18:58:45 +01:00
9c2e3917bf
Added an integration test for batch transports.
2011-09-28 14:43:23 +01:00
a1b664b639
More refactoring to connect ConnectionRecogniser to ConnectionReader.
...
Added TestDatabaseModule so tests can specify their own DB
configuration. The modules are currently too tightly coupled - see
whether any dependencies can be removed.
2011-09-28 14:21:38 +01:00
4aff0c4f88
Refactored transport component and renamed WritersModule.
...
The goal of the refactoring was to clean up the dependencies of
IncomingBatchConnection and OutgoingBatchConnection.
2011-09-27 19:21:44 +01:00
4b0e91f52c
Removed test classes' dependency on ByteArray{Input,Output)Stream.
2011-09-23 16:36:07 +01:00
09971c8460
Implemented incoming and outgoing batch connections (untested).
2011-09-22 16:26:06 +01:00
fadd95ae49
Added a test for MAX_PACKET_LENGTH.
2011-09-21 15:56:50 +01:00
akwizgran