From 0084e5126326f3d73db371090c0a8f06a5084419 Mon Sep 17 00:00:00 2001
From: akwizgran <michael@briarproject.org>
Date: Tue, 28 Nov 2017 11:37:59 +0000
Subject: [PATCH] Include protocol version in key derivation.

---
 .../api/contact/ContactExchangeTask.java      |  5 +++++
 .../contact/ContactExchangeTaskImpl.java      | 21 +++++++++++--------
 2 files changed, 17 insertions(+), 9 deletions(-)

diff --git a/bramble-api/src/main/java/org/briarproject/bramble/api/contact/ContactExchangeTask.java b/bramble-api/src/main/java/org/briarproject/bramble/api/contact/ContactExchangeTask.java
index 5750c0e3b4..f07fe3ea5a 100644
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/contact/ContactExchangeTask.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/contact/ContactExchangeTask.java
@@ -12,6 +12,11 @@ import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
 @NotNullByDefault
 public interface ContactExchangeTask {
 
+	/**
+	 * The current version of the contact exchange protocol
+	 */
+	int PROTOCOL_VERSION = 0;
+
 	/**
 	 * Label for deriving Alice's header key from the master secret.
 	 */
diff --git a/bramble-core/src/main/java/org/briarproject/bramble/contact/ContactExchangeTaskImpl.java b/bramble-core/src/main/java/org/briarproject/bramble/contact/ContactExchangeTaskImpl.java
index 50a4f841cb..773fa1aab7 100644
--- a/bramble-core/src/main/java/org/briarproject/bramble/contact/ContactExchangeTaskImpl.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/contact/ContactExchangeTaskImpl.java
@@ -142,8 +142,9 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask {
 
 		// Derive the header keys for the transport streams
 		SecretKey aliceHeaderKey = crypto.deriveKey(ALICE_KEY_LABEL,
-				masterSecret);
-		SecretKey bobHeaderKey = crypto.deriveKey(BOB_KEY_LABEL, masterSecret);
+				masterSecret, new byte[] {PROTOCOL_VERSION});
+		SecretKey bobHeaderKey = crypto.deriveKey(BOB_KEY_LABEL, masterSecret,
+				new byte[] {PROTOCOL_VERSION});
 
 		// Create the readers
 		InputStream streamReader =
@@ -157,8 +158,10 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask {
 		BdfWriter w = bdfWriterFactory.createWriter(streamWriter);
 
 		// Derive the nonces to be signed
-		byte[] aliceNonce = crypto.mac(ALICE_NONCE_LABEL, masterSecret);
-		byte[] bobNonce = crypto.mac(BOB_NONCE_LABEL, masterSecret);
+		byte[] aliceNonce = crypto.mac(ALICE_NONCE_LABEL, masterSecret,
+				new byte[] {PROTOCOL_VERSION});
+		byte[] bobNonce = crypto.mac(BOB_NONCE_LABEL, masterSecret,
+				new byte[] {PROTOCOL_VERSION});
 
 		// Exchange pseudonyms, signed nonces, and timestamps
 		long localTimestamp = clock.currentTimeMillis();
@@ -197,8 +200,8 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask {
 
 		try {
 			// Add the contact
-			ContactId contactId = addContact(remoteAuthor, masterSecret,
-					timestamp, alice, remoteProperties);
+			ContactId contactId = addContact(remoteAuthor, timestamp,
+					remoteProperties);
 			// Reuse the connection as a transport connection
 			connectionManager.manageOutgoingConnection(contactId, transportId,
 					conn);
@@ -295,15 +298,15 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask {
 		return remote;
 	}
 
-	private ContactId addContact(Author remoteAuthor, SecretKey master,
-			long timestamp, boolean alice,
+	private ContactId addContact(Author remoteAuthor, long timestamp,
 			Map<TransportId, TransportProperties> remoteProperties)
 			throws DbException {
 		ContactId contactId;
 		Transaction txn = db.startTransaction(false);
 		try {
 			contactId = contactManager.addContact(txn, remoteAuthor,
-					localAuthor.getId(), master, timestamp, alice, true, true);
+					localAuthor.getId(), masterSecret, timestamp, alice,
+					true, true);
 			transportPropertyManager.addRemoteProperties(txn, contactId,
 					remoteProperties);
 			db.commitTransaction(txn);
-- 
GitLab