Avoid possible NPEs (ticket #2286)
Bundle up to 5 tunnel messages
Use read buffer to send RI and termination
Temp buf doesn't need 2 bytes for length
RI size check
Log tweaks
- Change key encoding to match curdle draft
- Support key decoding based on curdle draft
- Implement true constant-time cmov()
- Add handling of X509Key-wrapped EdDSA keys (GitHub PR #47)
- Clarify that KeyPairGenerator takes a key size, not strength
- Javadocs
GitHub PR #58:
- Make GroupElement immutable by moving the pre-computed logic to the constructors,
allowing the synchronized checking of whether the pre-computed logic had executed or not
to be removed since it always has when it is used because those code paths
are modified to request it at construction time.
- This allows getNegativeA() to be lazy, and doesn't need volatile due to the immutability
(and final fields - this is important part of the contract with the JVM memory model).
- Remove synchronized contention from the named curve table get method.
- Generally remove use of the named curve table get method with a constant curve name
in hot code paths in favour of using a new static constant for the curve spec.
Overall performance changes:
- Keygen 46% faster
- Signing 39% slower (due to cmov)
- Verify 2% faster
- Address generation and validation fixes to match proposal changes
- Fixes for persistence of static s and iv
- Add methods for keygen and getters for static s and iv
- Add OutboundNTCP2State for outbound establishment
- Add support to InboundEstablishState
- Add data phase support to NTCPConnection
- Refactor NTCPConnection for multiple protocols
- Support concurrent pending outbound messages in NTCPConnection
NTCP1: Cleanups and performance improvements
- EventPumper tweaks and logging
- Eliminate extra data copy in NTCPConnection message sending
- Remove _meta field in NTCPConnection
- Locking changes in NTCPConnection and EstablishState classes
- Zero out DH keys when done
- Fix read when buffer position nonzero in NTCPConnection
- NTCPConnection make more methods package private
- Do AES decryption in data phase all at once when possible
- Drop expired outbound messages in NTCPConnection before sending
- Pass extra data from EstablishState directly to NTCPConnection
to avoid race, remove getExtraBytes() method
- Remove getException, getError, getFailedBySkew methods and calls from Reader
