Kaladaran/briar
0
0
Fork 0
mirror of https://code.briarproject.org/briar/briar.git synced 2026-02-14 03:39:05 +01:00
Code Issues Projects Releases Wiki Activity
2,675 Commits 133 Branches 200 Tags
e2eda8fef08dedb4ff8e187dc637863023796f7f
Commit Graph

78 Commits

Author SHA1 Message Date
akwizgran
4be1c1bb7d Include stream number in stream header nonce. 2016-09-20 15:27:01 +01:00
Torsten Grote
fc5a7290e3 Calculate and verify signature and MAC for Introduction ACKs 
Before the introducee sends her ACK,
she derives a master key from the ephemeral shared secret as before.

Two nonces and a MAC key are then derived from the master key.
The local introducee signs one of the nonces and calculates a MAC
over her own identity public key, ephemeral public key,
transport properties and timestamp.
The local introducee includes the signature and MAC in her ACK.

On receiving the remote introducee's ACK,
the local introducee verifies the signature and MAC.
Should the verification fail, an ABORT is sent to the introducer and
the remote introducee that was added as inactive is deleted again.
 2016-08-30 19:58:54 -03:00
akwizgran
30f2c192c6 Added MAC function to crypto component. 2016-08-26 10:06:24 +01:00
akwizgran
be84afc543 System.lineSeparator() doesn't exist in Java 6. 2016-08-22 16:20:38 +01:00
akwizgran
c6c62cab6c Use one connection per dev report. 
This allows simpler server-side code, and a failure part-way through sending won't require restarting from the beginning next time.
 2016-08-22 16:12:57 +01:00
str4d
5c2f56549b Refactor MessageEncrypter interface to use PublicKey and PrivateKey 2016-04-21 01:08:39 +00:00
str4d
d545aaa892 Encrypt and save crash reports, send them the next time TorPlugin start 
Will currently fail at runtime; requires a public key and a server onion.
 2016-04-20 23:42:46 +00:00
akwizgran
28086cd359 ECIES encryption for feedback and crash reports. 2016-04-21 11:38:46 +12:00
akwizgran
94cca59249 Use Bouncy Castle for encoding public keys. 2016-04-21 11:38:46 +12:00
akwizgran
e78ba2e806 Key derivation fixes, renamed a key derivation method. 2016-03-30 12:02:49 +01:00
str4d
701cfdba48 Extract contact exchange protocol from BT introduction protocol 2016-03-26 15:53:02 +13:00
Ernir Erlingsson
6f233070fe Semi-encapsulated the core/api dependency graphs and created a proper structure to load eager singletons 2016-03-14 21:02:51 +01:00
Ernir Erlingsson
9af3ce123a Added eager singletons and made some fixes 2016-03-14 21:02:51 +01:00
Ernir Erlingsson
1be400eb84 Switched Roboguice/Guice out for Dagger 2 2016-03-14 21:01:21 +01:00
str4d
c822623677 Migrate Bluetooth protocol to BQP's master secret derivation 2016-02-02 02:45:49 +00:00
str4d
77e4ec381a Implement BQP crypto 2016-02-02 02:45:49 +00:00
str4d
4d7a23779a Rename crypto methods and constants for Bluetooth key agreement 2016-02-02 02:45:49 +00:00
akwizgran
88475bdd54 Transport properties client. #229 2016-01-27 12:51:55 +00:00
akwizgran
5355951466 Separate the sync layer from its clients. #112 2016-01-20 10:35:09 +00:00
akwizgran
3c6ead0603 Code clarity, more unit tests for ByteUtils. 
Addresses comments for !48.
 2016-01-12 11:10:22 +00:00
akwizgran
99f8d21eea Fixed a typo. 2016-01-04 12:47:49 +00:00
akwizgran
6a4aea77fb Final crypto changes for BTPv2. #111 
Use BLAKE2s to generate tags.
KDF arguments for key rotation.
Frame IV format.
 2016-01-04 12:42:30 +00:00
akwizgran
7e115fed6d Allow output shorter than getDigestSize(). 2016-01-01 14:28:38 +00:00
akwizgran
7c1ee9ce87 Restored accidentally deleted javadoc. 2015-12-31 17:46:18 +00:00
akwizgran
90af176810 Use BLAKE2s for hashing, key derivation and signatures. 
SHA-256 is still used for password-based key derivation (will be replaced with Argon2) and Fortuna.
 2015-12-31 17:42:11 +00:00
str4d
d5b347e6c9 BLAKE2s implementation 
Implementation is based on the BLAKE2b implementation from BouncyCastle, and is
therefore licensed under the BouncyCastle license (which will make future
upstreaming of the code easier).
 2015-12-31 16:01:33 +00:00
akwizgran
d7f204019d Merge branch 'use-xsalsa20-poly1305' into 'master' 
Use XSalsa20-Poly1305 instead of AES-GCM for transport encryption and password storage.

This patch integrates @str4d's new authenticated cipher implementation. It depends on !18.

See merge request !35
 2015-12-28 18:07:20 +00:00
str4d
efa7ac00ea Merge branch '190-key-manager-duplicates' into 'master' 
Fix off-by-one error in key rotation

Fixes #190.

See merge request !32
 2015-12-23 19:41:21 +00:00
akwizgran
73bb3b0065 Fixed return value of process(). 2015-12-18 16:47:01 +00:00
akwizgran
fc897bd1b9 Use XSalsa20-Poly1305 instead of AES-GCM. #111 2015-12-18 16:47:01 +00:00
akwizgran
6fab0e87e0 Better variable names. 2015-12-18 16:47:01 +00:00
akwizgran
a3ecd93999 Merge branch '169-blake2' into 'master' 
Switch KDF from SHA-256 to Blake2. #169

The BTP spec calls for Blake2s, but there's no Java implementation available. I suggest we go with Blake2b for now. If it turns out to be a performance bottleneck on 32-bit platforms we can consider implementing Blake2s and merging it upstream.

This depends on !13.

See merge request !21
 2015-12-18 16:43:45 +00:00
akwizgran
f2efe7f2ea Implement stream header for BTPv2. #111 2015-12-18 13:34:02 +00:00
akwizgran
d2dea42cec Fixed off-by-one error in key rotation. #190 2015-12-18 11:29:13 +00:00
akwizgran
c7e4d5ffa9 Merge branch '147-crypto_secretbox' into 'master' 
147 crypto secretbox

Closes #147

See merge request !27
 2015-12-17 09:23:26 +00:00
str4d
d9808c48f0 Implement XSalsa20/Poly1305 2015-12-16 19:51:14 +00:00
str4d
20b2bcb86f Expand JavaDocs for AuthenticatedCipher 2015-12-16 19:50:57 +00:00
akwizgran
b29ff927b0 Switch KDF from SHA-256 to Blake2. #169 2015-12-15 13:21:06 +00:00
akwizgran
9868feeb2a Refactor KeyManager and TagRecogniser. #55 2015-12-14 11:02:49 +00:00
akwizgran
8529c976c2 Renamed a bunch of lock variables. 
"synchLock" will become confusing when we have lots of objects with "sync" in the name.
 2015-12-03 16:39:53 +00:00
akwizgran
027ae8340f Whitespace-only code formatting changes. 2015-11-30 09:38:25 +00:00
akwizgran
f8a4a4920d Merge branch 'AbrahamKiggundu/briar-master': better lock encapsulation 2015-01-29 11:28:48 +00:00
akwizgran
0dbfd7073f Comments to indicate which locks guard which variables. 2015-01-29 11:12:41 +00:00
akwizgran
47bd84122e Code formatting and small cleanups. 2015-01-28 21:18:31 +00:00
akwizgran
7fbad8dc26 Use FortunaGenerator to implement PseudoRandom. 2015-01-14 20:46:03 +00:00
akwizgran
1c7432cac4 Use a provider to instantiate AuthenticatedCipher. 2015-01-14 19:59:38 +00:00
akwizgran
03247aedd6 Log how long it takes to generate and verify signatures. 2015-01-14 19:09:37 +00:00
akwizgran
112d80420c Downgrade to 256-bit curve for performance. 
Also reduced hash function to 256 bits because our target security level
is now 128 bits.
 2015-01-09 13:23:44 +00:00
akwizgran
5d46d3a4b4 AuthenticatedCipher interface isn't needed outside crypto package. 2015-01-09 13:06:44 +00:00
akwizgran
dc5e37a96d Remove AAD from AuthenticatedCipher interface. 2015-01-09 13:01:02 +00:00