echelon/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Router: Move ElGamalAESEngine from core to router

Browse Source 
Client end-to-end crypto removed 13 years ago
Not used by any client, app, or plugin.
This commit is contained in:
zzz
2018-11-23 13:04:28 +00:00
parent 5c0c69c654
commit 535f2daab0
6 changed files with 72 additions and 89 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
core/java/src/net/i2p/I2PAppContext.java
View File

@ -13,7 +13,6 @@ import net.i2p.client.naming.NamingService;
import net.i2p.crypto.AESEngine;
import net.i2p.crypto.CryptixAESEngine;
import net.i2p.crypto.DSAEngine;
import net.i2p.crypto.ElGamalAESEngine;
import net.i2p.crypto.ElGamalEngine;
import net.i2p.crypto.HMAC256Generator;
import net.i2p.crypto.HMACGenerator;
@ -74,7 +73,6 @@ public class I2PAppContext {
protected SessionKeyManager _sessionKeyManager;
private NamingService _namingService;
private ElGamalEngine _elGamalEngine;
private ElGamalAESEngine _elGamalAESEngine;
private AESEngine _AESEngine;
private LogManager _logManager;
private HMACGenerator _hmac;
@ -94,7 +92,6 @@ public class I2PAppContext {
protected volatile boolean _sessionKeyManagerInitialized;
private volatile boolean _namingServiceInitialized;
private volatile boolean _elGamalEngineInitialized;
private volatile boolean _elGamalAESEngineInitialized;
private volatile boolean _AESEngineInitialized;
private volatile boolean _logManagerInitialized;
private volatile boolean _hmacInitialized;
@ -120,7 +117,7 @@ public class I2PAppContext {
private final ClientAppManager _appManager;
// split up big lock on this to avoid deadlocks
private final Object _lock1 = new Object(), _lock2 = new Object(), _lock3 = new Object(), _lock4 = new Object(),
_lock5 = new Object(), _lock6 = new Object(), _lock7 = new Object(), _lock8 = new Object(),
_lock5 = new Object(), _lock7 = new Object(), _lock8 = new Object(),
_lock9 = new Object(), _lock10 = new Object(), _lock11 = new Object(), _lock12 = new Object(),
_lock13 = new Object(), _lock14 = new Object(), _lock16 = new Object(),
_lock17 = new Object(), _lock18 = new Object(), _lock19 = new Object(), _lock20 = new Object();
@ -682,27 +679,6 @@ public class I2PAppContext {
}
}
/**
* Access the ElGamal/AES+SessionTag engine for this context. The algorithm
* makes use of the context's sessionKeyManager to coordinate transparent
* access to the sessionKeys and sessionTags, as well as the context's elGamal
* engine (which in turn keeps stats, etc).
*
*/
public ElGamalAESEngine elGamalAESEngine() {
if (!_elGamalAESEngineInitialized)
initializeElGamalAESEngine();
return _elGamalAESEngine;
}
private void initializeElGamalAESEngine() {
synchronized (_lock6) {
if (_elGamalAESEngine == null)
_elGamalAESEngine = new ElGamalAESEngine(this);
_elGamalAESEngineInitialized = true;
}
}
/**
* Ok, I'll admit it. there is no good reason for having a context specific
* AES engine. We dont really keep stats on it, since its just too fast to

39
core/java/src/net/i2p/client/impl/I2CPMessageProducer.java
View File

@ -164,7 +164,7 @@ class I2CPMessageProducer {
}
msg.setSessionId(sid);
msg.setNonce(nonce);
Payload data = createPayload(dest, payload, null, null, null, null);
Payload data = createPayload(payload);
msg.setPayload(data);
session.sendMessage(msg);
}
@ -191,7 +191,7 @@ class I2CPMessageProducer {
}
msg.setSessionId(sid);
msg.setNonce(nonce);
Payload data = createPayload(dest, payload, null, null, null, null);
Payload data = createPayload(payload);
msg.setPayload(data);
session.sendMessage(msg);
}
@ -300,40 +300,13 @@ class I2CPMessageProducer {
}
/**
* Should we include the I2CP end to end crypto (which is in addition to any
* garlic crypto added by the router)
*
* Create a new payload.
* No more end-to-end encryption, just set the "encrypted" data to the payload.
*/
static final boolean END_TO_END_CRYPTO = false;
/**
* Create a new signed payload and send it off to the destination
*
* @param tag unused - no end-to-end crypto
* @param tags unused - no end-to-end crypto
* @param key unused - no end-to-end crypto
* @param newKey unused - no end-to-end crypto
*/
private Payload createPayload(Destination dest, byte[] payload, SessionTag tag, SessionKey key, Set<SessionTag> tags,
SessionKey newKey) throws I2PSessionException {
if (dest == null) throw new I2PSessionException("No destination specified");
private static Payload createPayload(byte[] payload) throws I2PSessionException {
if (payload == null) throw new I2PSessionException("No payload specified");
Payload data = new Payload();
if (!END_TO_END_CRYPTO) {
data.setEncryptedData(payload);
return data;
}
// no padding at this level
// the garlic may pad, and the tunnels may pad, and the transports may pad
int size = payload.length;
byte encr[] = _context.elGamalAESEngine().encrypt(payload, dest.getPublicKey(), key, tags, tag, newKey, size);
// yes, in an intelligent component, newTags would be queued for confirmation along with key, and
// generateNewTags would only generate tags if necessary
data.setEncryptedData(encr);
//_log.debug("Encrypting the payload to public key " + dest.getPublicKey().toBase64() + "\nPayload: "
// + data.calculateHash());
data.setEncryptedData(payload);
return data;
}

41
core/java/src/net/i2p/crypto/AESEngine.java
View File

@ -79,7 +79,7 @@ public class AESEngine {
int size = Hash.HASH_LENGTH
+ 4 // sizeof(payload)
+ payload.length;
int padding = ElGamalAESEngine.getPaddingSize(size, paddedSize);
int padding = getPaddingSize(size, paddedSize);
byte data[] = new byte[size + padding];
_context.sha().calculateHash(iv, 0, 16, data, 0);
@ -89,7 +89,7 @@ public class AESEngine {
cur += 4;
System.arraycopy(payload, 0, data, cur, payload.length);
cur += payload.length;
byte paddingData[] = ElGamalAESEngine.getPadding(_context, size, paddedSize);
byte paddingData[] = getPadding(_context, size, paddedSize);
System.arraycopy(paddingData, 0, data, cur, paddingData.length);
encrypt(data, 0, data, 0, sessionKey, iv, data.length);
@ -183,6 +183,43 @@ public class AESEngine {
System.arraycopy(payload, inIndex, rv, outIndex, rv.length - outIndex);
}
/**
* Return random bytes for padding the data to a mod 16 size so that it is
* at least minPaddedSize
*
* Public for ElGamalAESEngine.
* Not a public API, not for external use.
*
* @since 0.9.38 moved from ElGamalAESEngine
*/
public final static byte[] getPadding(I2PAppContext context, int curSize, long minPaddedSize) {
int size = getPaddingSize(curSize, minPaddedSize);
byte rv[] = new byte[size];
context.random().nextBytes(rv);
return rv;
}
/**
* Return size for padding the data to a mod 16 size so that it is
* at least minPaddedSize
*
* Public for ElGamalAESEngine.
* Not a public API, not for external use.
*
* @since 0.9.38 moved from ElGamalAESEngine
*/
public final static int getPaddingSize(int curSize, long minPaddedSize) {
int diff = 0;
if (curSize < minPaddedSize) {
diff = (int) minPaddedSize - curSize;
}
int numPadding = diff;
if (((curSize + diff) % 16) != 0) numPadding += (16 - ((curSize + diff) % 16));
return numPadding;
}
/******
public static void main(String args[]) {
I2PAppContext ctx = new I2PAppContext();

15
router/java/src/net/i2p/router/RouterContext.java
View File

@ -15,6 +15,7 @@ import net.i2p.data.router.RouterInfo;
import net.i2p.data.router.RouterKeyGenerator;
import net.i2p.internal.InternalClientManager;
import net.i2p.router.client.ClientManagerFacadeImpl;
import net.i2p.router.crypto.ElGamalAESEngine;
import net.i2p.router.crypto.TransientSessionKeyManager;
import net.i2p.router.dummy.*;
import net.i2p.router.message.GarlicMessageParser;
@ -68,6 +69,7 @@ public class RouterContext extends I2PAppContext {
private RouterAppManager _appManager;
private RouterKeyGenerator _routingKeyGenerator;
private GarlicMessageParser _garlicMessageParser;
private ElGamalAESEngine _elGamalAESEngine;
private final Set<Runnable> _finalShutdownTasks;
// split up big lock on this to avoid deadlocks
private volatile boolean _initialized;
@ -211,6 +213,7 @@ public class RouterContext extends I2PAppContext {
_clientManagerFacade = new DummyClientManagerFacade(this);
// internal client manager is null
}
_elGamalAESEngine = new ElGamalAESEngine(this);
_garlicMessageParser = new GarlicMessageParser(this);
_clientMessagePool = new ClientMessagePool(this);
_jobQueue = new JobQueue(this);
@ -667,4 +670,16 @@ public class RouterContext extends I2PAppContext {
public GarlicMessageParser garlicMessageParser() {
return _garlicMessageParser;
}
/**
* Access the ElGamal/AES+SessionTag engine for this context. The algorithm
* makes use of the context's sessionKeyManager to coordinate transparent
* access to the sessionKeys and sessionTags, as well as the context's elGamal
* engine (which in turn keeps stats, etc).
*
* @since 0.9.38 moved from superclass (app context)
*/
public ElGamalAESEngine elGamalAESEngine() {
return _elGamalAESEngine;
}
}

32
core/java/src/net/i2p/crypto/ElGamalAESEngine.java → router/java/src/net/i2p/router/crypto/ElGamalAESEngine.java
View File

@ -1,4 +1,4 @@
package net.i2p.crypto;
package net.i2p.router.crypto;
/*
* free (adj.): unencumbered; not under the control of others
@ -16,6 +16,8 @@ import java.util.List;
import java.util.Set;
import net.i2p.I2PAppContext;
import net.i2p.crypto.AESEngine;
import net.i2p.crypto.SessionKeyManager;
import net.i2p.data.DataFormatException;
import net.i2p.data.DataHelper;
import net.i2p.data.Hash;
@ -31,6 +33,8 @@ import net.i2p.util.SimpleByteCache;
* supplied keys and data.
*
* No, this does not extend AESEngine or CryptixAESEngine.
*
* @since 0.9.38 moved from net.i2p.crypto
*/
public final class ElGamalAESEngine {
private final Log _log;
@ -649,7 +653,7 @@ public final class ElGamalAESEngine {
+ Hash.HASH_LENGTH
+ (newKey == null ? 1 : 1 + SessionKey.KEYSIZE_BYTES)
+ data.length;
int totalSize = size + getPaddingSize(size, paddedSize);
int totalSize = size + AESEngine.getPaddingSize(size, paddedSize);
byte aesData[] = new byte[totalSize + prefixBytes];
@ -683,7 +687,7 @@ public final class ElGamalAESEngine {
cur += data.length;
//_log.debug("raw data written: " + len);
byte padding[] = getPadding(_context, size, paddedSize);
byte padding[] = AESEngine.getPadding(_context, size, paddedSize);
//_log.debug("padding length: " + padding.length);
System.arraycopy(padding, 0, aesData, cur, padding.length);
cur += padding.length;
@ -696,28 +700,6 @@ public final class ElGamalAESEngine {
return aesData;
}
/**
* Return random bytes for padding the data to a mod 16 size so that it is
* at least minPaddedSize
*
*/
final static byte[] getPadding(I2PAppContext context, int curSize, long minPaddedSize) {
int size = getPaddingSize(curSize, minPaddedSize);
byte rv[] = new byte[size];
context.random().nextBytes(rv);
return rv;
}
final static int getPaddingSize(int curSize, long minPaddedSize) {
int diff = 0;
if (curSize < minPaddedSize) {
diff = (int) minPaddedSize - curSize;
}
int numPadding = diff;
if (((curSize + diff) % 16) != 0) numPadding += (16 - ((curSize + diff) % 16));
return numPadding;
}
/****
public static void main(String args[]) {

6
router/java/src/net/i2p/router/message/GarlicMessageParser.java
View File

@ -10,7 +10,6 @@ package net.i2p.router.message;
import java.util.Date;
import net.i2p.I2PAppContext;
import net.i2p.crypto.SessionKeyManager;
import net.i2p.data.Certificate;
import net.i2p.data.DataFormatException;
@ -18,6 +17,7 @@ import net.i2p.data.DataHelper;
import net.i2p.data.PrivateKey;
import net.i2p.data.i2np.GarlicClove;
import net.i2p.data.i2np.GarlicMessage;
import net.i2p.router.RouterContext;
import net.i2p.util.Log;
/**
@ -27,7 +27,7 @@ import net.i2p.util.Log;
*/
public class GarlicMessageParser {
private final Log _log;
private final I2PAppContext _context;
private final RouterContext _context;
/**
* Huge limit just to reduce chance of trouble. Typ. usage is 3.
@ -35,7 +35,7 @@ public class GarlicMessageParser {
*/
private static final int MAX_CLOVES = 32;
public GarlicMessageParser(I2PAppContext context) {
public GarlicMessageParser(RouterContext context) {
_context = context;
_log = _context.logManager().getLog(GarlicMessageParser.class);
}