mirror of
https://code.briarproject.org/briar/briar.git
synced 2026-02-18 05:39:53 +01:00
73aa7d14d7
and TransportIndex (locally unique). This is the first step towards forward secrecy. Also removed the Writable interface and unnecessary user-defined types, moved various constants to ProtocolConstants and renamed some classes.
77 lines
2.5 KiB
Java
77 lines
2.5 KiB
Java
package net.sf.briar.transport;
|
|
|
|
import java.io.OutputStream;
|
|
import java.security.InvalidKeyException;
|
|
|
|
import javax.crypto.BadPaddingException;
|
|
import javax.crypto.Cipher;
|
|
import javax.crypto.IllegalBlockSizeException;
|
|
import javax.crypto.Mac;
|
|
import javax.crypto.SecretKey;
|
|
|
|
import net.sf.briar.api.crypto.CryptoComponent;
|
|
import net.sf.briar.api.protocol.TransportIndex;
|
|
import net.sf.briar.api.transport.ConnectionWriter;
|
|
import net.sf.briar.api.transport.ConnectionWriterFactory;
|
|
|
|
import com.google.inject.Inject;
|
|
|
|
class ConnectionWriterFactoryImpl implements ConnectionWriterFactory {
|
|
|
|
private final CryptoComponent crypto;
|
|
|
|
@Inject
|
|
public ConnectionWriterFactoryImpl(CryptoComponent crypto) {
|
|
this.crypto = crypto;
|
|
}
|
|
|
|
public ConnectionWriter createConnectionWriter(OutputStream out,
|
|
long capacity, TransportIndex i, long connection, byte[] secret) {
|
|
return createConnectionWriter(out, capacity, true, i, connection,
|
|
secret);
|
|
}
|
|
|
|
public ConnectionWriter createConnectionWriter(OutputStream out,
|
|
long capacity, TransportIndex i, byte[] encryptedIv,
|
|
byte[] secret) {
|
|
// Decrypt the IV
|
|
Cipher ivCipher = crypto.getIvCipher();
|
|
SecretKey ivKey = crypto.deriveIncomingIvKey(secret);
|
|
byte[] iv;
|
|
try {
|
|
ivCipher.init(Cipher.DECRYPT_MODE, ivKey);
|
|
iv = ivCipher.doFinal(encryptedIv);
|
|
} catch(BadPaddingException badCipher) {
|
|
throw new RuntimeException(badCipher);
|
|
} catch(IllegalBlockSizeException badCipher) {
|
|
throw new RuntimeException(badCipher);
|
|
} catch(InvalidKeyException badKey) {
|
|
throw new RuntimeException(badKey);
|
|
}
|
|
// Validate the IV
|
|
if(!IvEncoder.validateIv(iv, true, i))
|
|
throw new IllegalArgumentException();
|
|
// Copy the connection number
|
|
long connection = IvEncoder.getConnectionNumber(iv);
|
|
return createConnectionWriter(out, capacity, false, i, connection,
|
|
secret);
|
|
}
|
|
|
|
private ConnectionWriter createConnectionWriter(OutputStream out,
|
|
long capacity, boolean initiator, TransportIndex i, long connection,
|
|
byte[] secret) {
|
|
// Create the encrypter
|
|
Cipher ivCipher = crypto.getIvCipher();
|
|
Cipher frameCipher = crypto.getFrameCipher();
|
|
SecretKey ivKey = crypto.deriveOutgoingIvKey(secret);
|
|
SecretKey frameKey = crypto.deriveOutgoingFrameKey(secret);
|
|
byte[] iv = IvEncoder.encodeIv(initiator, i, connection);
|
|
ConnectionEncrypter encrypter = new ConnectionEncrypterImpl(out,
|
|
capacity, iv, ivCipher, frameCipher, ivKey, frameKey);
|
|
// Create the writer
|
|
Mac mac = crypto.getMac();
|
|
SecretKey macKey = crypto.deriveOutgoingMacKey(secret);
|
|
return new ConnectionWriterImpl(encrypter, mac, macKey);
|
|
}
|
|
}
|