diff --git a/bramble-api/src/main/java/org/briarproject/bramble/api/client/ClientHelper.java b/bramble-api/src/main/java/org/briarproject/bramble/api/client/ClientHelper.java
index dd60bb610077338a63d1bebf15f5106f9194e886..b0de14cdac2437d1dc9e33926cd19fe18db3e7b5 100644
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/client/ClientHelper.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/client/ClientHelper.java
@@ -105,8 +105,8 @@ public interface ClientHelper {
byte[] sign(String label, BdfList toSign, byte[] privateKey)
throws FormatException, GeneralSecurityException;
- void verifySignature(String label, byte[] sig, byte[] publicKey,
- BdfList signed) throws FormatException, GeneralSecurityException;
+ void verifySignature(byte[] signature, String label, BdfList signed,
+ byte[] publicKey) throws FormatException, GeneralSecurityException;
Author parseAndValidateAuthor(BdfList author) throws FormatException;
diff --git a/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/CryptoComponent.java b/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/CryptoComponent.java
index 19a542f8af87478e94347595139f954a8cbbe8a3..fdc83aabbd4265e12cded32c51aa322676fbc131 100644
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/CryptoComponent.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/CryptoComponent.java
@@ -67,8 +67,8 @@ public interface CryptoComponent {
* signature created for another purpose
* @return true if the signature was valid, false otherwise.
*/
- boolean verify(String label, byte[] signedData, byte[] publicKey,
- byte[] signature) throws GeneralSecurityException;
+ boolean verifySignature(byte[] signature, String label, byte[] signed,
+ byte[] publicKey) throws GeneralSecurityException;
/**
* Returns the hash of the given inputs. The inputs are unambiguously
@@ -91,6 +91,18 @@ public interface CryptoComponent {
*/
byte[] mac(String label, SecretKey macKey, byte[]... inputs);
+ /**
+ * Verifies that the given message authentication code is valid for the
+ * given secret key and inputs.
+ *
+ * @param label a namespaced label indicating the purpose of this MAC, to
+ * prevent it from being repurposed or colliding with a MAC created for
+ * another purpose
+ * @return true if the MAC was valid, false otherwise.
+ */
+ boolean verifyMac(byte[] mac, String label, SecretKey macKey,
+ byte[]... inputs);
+
/**
* Encrypts and authenticates the given plaintext so it can be written to
* storage. The encryption and authentication keys are derived from the
diff --git a/bramble-core/src/main/java/org/briarproject/bramble/client/ClientHelperImpl.java b/bramble-core/src/main/java/org/briarproject/bramble/client/ClientHelperImpl.java
index 7c833a66d4c5b143dc8425c85b9b4553644a87ab..afc40d91b87198f658f2eb39cda20f1955aa88ca 100644
--- a/bramble-core/src/main/java/org/briarproject/bramble/client/ClientHelperImpl.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/client/ClientHelperImpl.java
@@ -381,9 +381,10 @@ class ClientHelperImpl implements ClientHelper {
}
@Override
- public void verifySignature(String label, byte[] sig, byte[] publicKey,
- BdfList signed) throws FormatException, GeneralSecurityException {
- if (!crypto.verify(label, toByteArray(signed), publicKey, sig)) {
+ public void verifySignature(byte[] signature, String label, BdfList signed,
+ byte[] publicKey) throws FormatException, GeneralSecurityException {
+ if (!crypto.verifySignature(signature, label, toByteArray(signed),
+ publicKey)) {
throw new GeneralSecurityException("Invalid signature");
}
}
diff --git a/bramble-core/src/main/java/org/briarproject/bramble/contact/ContactExchangeTaskImpl.java b/bramble-core/src/main/java/org/briarproject/bramble/contact/ContactExchangeTaskImpl.java
index f495b5648090fffad3662f08be4949738882fd91..6fdcc7aaddfadef8883fb0c6450d98894ac67d46 100644
--- a/bramble-core/src/main/java/org/briarproject/bramble/contact/ContactExchangeTaskImpl.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/contact/ContactExchangeTaskImpl.java
@@ -251,7 +251,8 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask {
r.readListEnd();
LOG.info("Received pseudonym");
// Verify the signature
- if (!crypto.verify(SIGNING_LABEL_EXCHANGE, nonce, publicKey, sig)) {
+ if (!crypto.verifySignature(sig, SIGNING_LABEL_EXCHANGE, nonce,
+ publicKey)) {
if (LOG.isLoggable(INFO))
LOG.info("Invalid signature");
throw new GeneralSecurityException();
diff --git a/bramble-core/src/main/java/org/briarproject/bramble/crypto/CryptoComponentImpl.java b/bramble-core/src/main/java/org/briarproject/bramble/crypto/CryptoComponentImpl.java
index 4161db31ab556f5183cd7476c25e1f64725ad1f6..83e759e3b945850fe9d46ad579ed954f09481460 100644
--- a/bramble-core/src/main/java/org/briarproject/bramble/crypto/CryptoComponentImpl.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/crypto/CryptoComponentImpl.java
@@ -205,12 +205,12 @@ class CryptoComponentImpl implements CryptoComponent {
}
@Override
- public boolean verify(String label, byte[] signedData, byte[] publicKey,
- byte[] signature) throws GeneralSecurityException {
+ public boolean verifySignature(byte[] signature, String label,
+ byte[] signed, byte[] publicKey) throws GeneralSecurityException {
PublicKey key = signatureKeyParser.parsePublicKey(publicKey);
Signature sig = new EdSignature();
sig.initVerify(key);
- updateSignature(sig, label, signedData);
+ updateSignature(sig, label, signed);
return sig.verify(signature);
}
@@ -262,6 +262,17 @@ class CryptoComponentImpl implements CryptoComponent {
return output;
}
+ @Override
+ public boolean verifyMac(byte[] mac, String label, SecretKey macKey,
+ byte[]... inputs) {
+ byte[] expected = mac(label, macKey, inputs);
+ if (mac.length != expected.length) return false;
+ // Constant-time comparison
+ int cmp = 0;
+ for (int i = 0; i < mac.length; i++) cmp |= mac[i] ^ expected[i];
+ return cmp == 0;
+ }
+
@Override
public byte[] encryptWithPassword(byte[] input, String password) {
AuthenticatedCipher cipher = new XSalsa20Poly1305AuthenticatedCipher();
diff --git a/bramble-core/src/test/java/org/briarproject/bramble/client/ClientHelperImplTest.java b/bramble-core/src/test/java/org/briarproject/bramble/client/ClientHelperImplTest.java
index 0d54281a807d0cc5415a4ff8f7c6b38309ba4277..dec1e11002621da274612bd9793b58946456cb09 100644
--- a/bramble-core/src/test/java/org/briarproject/bramble/client/ClientHelperImplTest.java
+++ b/bramble-core/src/test/java/org/briarproject/bramble/client/ClientHelperImplTest.java
@@ -37,6 +37,7 @@ import java.util.Random;
import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_AUTHOR_NAME_LENGTH;
import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_PUBLIC_KEY_LENGTH;
+import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_SIGNATURE_LENGTH;
import static org.briarproject.bramble.test.TestUtils.getAuthor;
import static org.briarproject.bramble.test.TestUtils.getRandomBytes;
import static org.briarproject.bramble.test.TestUtils.getRandomId;
@@ -300,30 +301,34 @@ public class ClientHelperImplTest extends BrambleTestCase {
@Test
public void testVerifySignature() throws Exception {
+ byte[] signature = getRandomBytes(MAX_SIGNATURE_LENGTH);
byte[] publicKey = getRandomBytes(42);
- byte[] bytes = expectToByteArray(list);
+ byte[] signed = expectToByteArray(list);
context.checking(new Expectations() {{
- oneOf(cryptoComponent).verify(label, bytes, publicKey, rawMessage);
+ oneOf(cryptoComponent).verifySignature(signature, label, signed,
+ publicKey);
will(returnValue(true));
}});
- clientHelper.verifySignature(label, rawMessage, publicKey, list);
+ clientHelper.verifySignature(signature, label, list, publicKey);
context.assertIsSatisfied();
}
@Test
public void testVerifyWrongSignature() throws Exception {
+ byte[] signature = getRandomBytes(MAX_SIGNATURE_LENGTH);
byte[] publicKey = getRandomBytes(42);
- byte[] bytes = expectToByteArray(list);
+ byte[] signed = expectToByteArray(list);
context.checking(new Expectations() {{
- oneOf(cryptoComponent).verify(label, bytes, publicKey, rawMessage);
+ oneOf(cryptoComponent).verifySignature(signature, label, signed,
+ publicKey);
will(returnValue(false));
}});
try {
- clientHelper.verifySignature(label, rawMessage, publicKey, list);
+ clientHelper.verifySignature(signature, label, list, publicKey);
fail();
} catch (GeneralSecurityException e) {
// expected
diff --git a/bramble-core/src/test/java/org/briarproject/bramble/crypto/EdSignatureTest.java b/bramble-core/src/test/java/org/briarproject/bramble/crypto/EdSignatureTest.java
index 3fb5c3a9c4a83f85df988e9fc4a0b9bb22e0b8ae..62bf218196b0465e7ef54dd408b61a0abf673b4b 100644
--- a/bramble-core/src/test/java/org/briarproject/bramble/crypto/EdSignatureTest.java
+++ b/bramble-core/src/test/java/org/briarproject/bramble/crypto/EdSignatureTest.java
@@ -143,9 +143,9 @@ public class EdSignatureTest extends SignatureTest {
}
@Override
- protected boolean verify(String label, byte[] signedData, byte[] publicKey,
- byte[] signature) throws GeneralSecurityException {
- return crypto.verify(label, signedData, publicKey, signature);
+ protected boolean verify(byte[] signature, String label, byte[] signed,
+ byte[] publicKey) throws GeneralSecurityException {
+ return crypto.verifySignature(signature, label, signed, publicKey);
}
@Test
diff --git a/bramble-core/src/test/java/org/briarproject/bramble/crypto/KeyEncodingAndParsingTest.java b/bramble-core/src/test/java/org/briarproject/bramble/crypto/KeyEncodingAndParsingTest.java
index 30d62ef8cd28ac85cb3f27b965bdeea0aad44981..7c14ca505ab5bbe4d4223a1c14ba0ba1dc2d261d 100644
--- a/bramble-core/src/test/java/org/briarproject/bramble/crypto/KeyEncodingAndParsingTest.java
+++ b/bramble-core/src/test/java/org/briarproject/bramble/crypto/KeyEncodingAndParsingTest.java
@@ -126,13 +126,13 @@ public class KeyEncodingAndParsingTest extends BrambleTestCase {
byte[] signature = crypto.sign("test", message,
privateKey.getEncoded());
// Verify the signature
- assertTrue(crypto.verify("test", message, publicKey.getEncoded(),
- signature));
+ assertTrue(crypto.verifySignature(signature, "test", message,
+ publicKey.getEncoded()));
// Encode and parse the public key - no exceptions should be thrown
publicKey = parser.parsePublicKey(publicKey.getEncoded());
// Verify the signature again
- assertTrue(crypto.verify("test", message, publicKey.getEncoded(),
- signature));
+ assertTrue(crypto.verifySignature(signature, "test", message,
+ publicKey.getEncoded()));
}
@Test
@@ -146,15 +146,15 @@ public class KeyEncodingAndParsingTest extends BrambleTestCase {
byte[] signature = crypto.sign("test", message,
privateKey.getEncoded());
// Verify the signature
- assertTrue(crypto.verify("test", message, publicKey.getEncoded(),
- signature));
+ assertTrue(crypto.verifySignature(signature, "test", message,
+ publicKey.getEncoded()));
// Encode and parse the private key - no exceptions should be thrown
privateKey = parser.parsePrivateKey(privateKey.getEncoded());
// Sign the data again - the signatures should be the same
byte[] signature1 = crypto.sign("test", message,
privateKey.getEncoded());
- assertTrue(crypto.verify("test", message, publicKey.getEncoded(),
- signature1));
+ assertTrue(crypto.verifySignature(signature1, "test", message,
+ publicKey.getEncoded()));
assertArrayEquals(signature, signature1);
}
diff --git a/bramble-core/src/test/java/org/briarproject/bramble/crypto/MacTest.java b/bramble-core/src/test/java/org/briarproject/bramble/crypto/MacTest.java
index 7fb0717b79746ff19c8f31893fdb23ed9f935675..b55fc10171177f3e5e49fabbefbc7b1054a98834 100644
--- a/bramble-core/src/test/java/org/briarproject/bramble/crypto/MacTest.java
+++ b/bramble-core/src/test/java/org/briarproject/bramble/crypto/MacTest.java
@@ -13,6 +13,7 @@ import static org.briarproject.bramble.test.TestUtils.getSecretKey;
import static org.briarproject.bramble.util.StringUtils.getRandomString;
import static org.junit.Assert.assertArrayEquals;
import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
public class MacTest extends BrambleTestCase {
@@ -32,6 +33,7 @@ public class MacTest extends BrambleTestCase {
byte[] mac = crypto.mac(label1, key1, input1, input2, input3);
byte[] mac1 = crypto.mac(label1, key1, input1, input2, input3);
assertArrayEquals(mac, mac1);
+ assertTrue(crypto.verifyMac(mac, label1, key1, input1, input2, input3));
}
@Test
@@ -40,6 +42,11 @@ public class MacTest extends BrambleTestCase {
byte[] mac = crypto.mac(label1, key1, input1, input2, input3);
byte[] mac1 = crypto.mac(label2, key1, input1, input2, input3);
assertFalse(Arrays.equals(mac, mac1));
+ // Each MAC should fail to verify with the other MAC's label
+ assertFalse(crypto.verifyMac(mac, label2, key1, input1, input2,
+ input3));
+ assertFalse(crypto.verifyMac(mac1, label1, key2, input1, input2,
+ input3));
}
@Test
@@ -48,6 +55,11 @@ public class MacTest extends BrambleTestCase {
byte[] mac = crypto.mac(label1, key1, input1, input2, input3);
byte[] mac1 = crypto.mac(label1, key2, input1, input2, input3);
assertFalse(Arrays.equals(mac, mac1));
+ // Each MAC should fail to verify with the other MAC's key
+ assertFalse(crypto.verifyMac(mac, label1, key2, input1, input2,
+ input3));
+ assertFalse(crypto.verifyMac(mac1, label2, key1, input1, input2,
+ input3));
}
@Test
@@ -57,6 +69,11 @@ public class MacTest extends BrambleTestCase {
byte[] mac = crypto.mac(label1, key1, input1, input2, input3);
byte[] mac1 = crypto.mac(label1, key1, input3, input2, input1);
assertFalse(Arrays.equals(mac, mac1));
+ // Each MAC should fail to verify with the other MAC's inputs
+ assertFalse(crypto.verifyMac(mac, label1, key2, input3, input2,
+ input1));
+ assertFalse(crypto.verifyMac(mac1, label1, key1, input1, input2,
+ input3));
}
}
diff --git a/bramble-core/src/test/java/org/briarproject/bramble/crypto/SignatureTest.java b/bramble-core/src/test/java/org/briarproject/bramble/crypto/SignatureTest.java
index 09561c8c69d1fa36aa36c2a5ad82564df37143e0..2939541b34e1df14a2d2bd0cc8114a3eaf247c5c 100644
--- a/bramble-core/src/test/java/org/briarproject/bramble/crypto/SignatureTest.java
+++ b/bramble-core/src/test/java/org/briarproject/bramble/crypto/SignatureTest.java
@@ -28,8 +28,8 @@ public abstract class SignatureTest extends BrambleTestCase {
protected abstract byte[] sign(String label, byte[] toSign,
byte[] privateKey) throws GeneralSecurityException;
- protected abstract boolean verify(String label, byte[] signedData,
- byte[] publicKey, byte[] signature) throws GeneralSecurityException;
+ protected abstract boolean verify(byte[] signature, String label,
+ byte[] signed, byte[] publicKey) throws GeneralSecurityException;
SignatureTest() {
crypto = new CryptoComponentImpl(new TestSecureRandomProvider(), null);
@@ -85,7 +85,7 @@ public abstract class SignatureTest extends BrambleTestCase {
@Test
public void testSignatureVerification() throws Exception {
byte[] sig = sign(label, inputBytes, privateKey);
- assertTrue(verify(label, inputBytes, publicKey, sig));
+ assertTrue(verify(sig, label, inputBytes, publicKey));
}
@Test
@@ -95,7 +95,7 @@ public abstract class SignatureTest extends BrambleTestCase {
byte[] privateKey2 = k2.getPrivate().getEncoded();
// calculate the signature with different key, should fail to verify
byte[] sig = sign(label, inputBytes, privateKey2);
- assertFalse(verify(label, inputBytes, publicKey, sig));
+ assertFalse(verify(sig, label, inputBytes, publicKey));
}
@Test
@@ -104,7 +104,7 @@ public abstract class SignatureTest extends BrambleTestCase {
byte[] inputBytes2 = TestUtils.getRandomBytes(123);
// calculate the signature with different input, should fail to verify
byte[] sig = sign(label, inputBytes, privateKey);
- assertFalse(verify(label, inputBytes2, publicKey, sig));
+ assertFalse(verify(sig, label, inputBytes2, publicKey));
}
@Test
@@ -113,7 +113,7 @@ public abstract class SignatureTest extends BrambleTestCase {
String label2 = StringUtils.getRandomString(42);
// calculate the signature with different label, should fail to verify
byte[] sig = sign(label, inputBytes, privateKey);
- assertFalse(verify(label2, inputBytes, publicKey, sig));
+ assertFalse(verify(sig, label2, inputBytes, publicKey));
}
}
diff --git a/briar-core/src/main/java/org/briarproject/briar/blog/BlogPostValidator.java b/briar-core/src/main/java/org/briarproject/briar/blog/BlogPostValidator.java
index 122fbe7f9494080b7177fca187d4474d100e40f8..6dc845623967bf04289ba1f7b187bd18bf3c2132 100644
--- a/briar-core/src/main/java/org/briarproject/briar/blog/BlogPostValidator.java
+++ b/briar-core/src/main/java/org/briarproject/briar/blog/BlogPostValidator.java
@@ -111,8 +111,8 @@ class BlogPostValidator extends BdfMessageValidator {
Blog b = blogFactory.parseBlog(g);
Author a = b.getAuthor();
try {
- clientHelper.verifySignature(SIGNING_LABEL_POST, sig,
- a.getPublicKey(), signed);
+ clientHelper.verifySignature(sig, SIGNING_LABEL_POST, signed,
+ a.getPublicKey());
} catch (GeneralSecurityException e) {
throw new InvalidMessageException(e);
}
@@ -157,8 +157,8 @@ class BlogPostValidator extends BdfMessageValidator {
Blog b = blogFactory.parseBlog(g);
Author a = b.getAuthor();
try {
- clientHelper.verifySignature(SIGNING_LABEL_COMMENT, sig,
- a.getPublicKey(), signed);
+ clientHelper.verifySignature(sig, SIGNING_LABEL_COMMENT,
+ signed, a.getPublicKey());
} catch (GeneralSecurityException e) {
throw new InvalidMessageException(e);
}
diff --git a/briar-core/src/main/java/org/briarproject/briar/forum/ForumPostValidator.java b/briar-core/src/main/java/org/briarproject/briar/forum/ForumPostValidator.java
index 89260bf7cb4f3e2dd45c52303add5f58b424d148..8357361c7324e25d1a9ea52f6f3f061b64e6433e 100644
--- a/briar-core/src/main/java/org/briarproject/briar/forum/ForumPostValidator.java
+++ b/briar-core/src/main/java/org/briarproject/briar/forum/ForumPostValidator.java
@@ -66,8 +66,8 @@ class ForumPostValidator extends BdfMessageValidator {
BdfList signed = BdfList.of(g.getId(), m.getTimestamp(), parent,
authorList, content);
try {
- clientHelper.verifySignature(SIGNING_LABEL_POST, sig,
- author.getPublicKey(), signed);
+ clientHelper.verifySignature(sig, SIGNING_LABEL_POST,
+ signed, author.getPublicKey());
} catch (GeneralSecurityException e) {
throw new InvalidMessageException(e);
}
diff --git a/briar-core/src/main/java/org/briarproject/briar/introduction/IntroduceeManager.java b/briar-core/src/main/java/org/briarproject/briar/introduction/IntroduceeManager.java
index 82b6cc9499f3174fc0c29a2ba99622d08e956d4c..4666ac92e68bdf30621f35fa33e3801c221ef23f 100644
--- a/briar-core/src/main/java/org/briarproject/briar/introduction/IntroduceeManager.java
+++ b/briar-core/src/main/java/org/briarproject/briar/introduction/IntroduceeManager.java
@@ -500,7 +500,7 @@ class IntroduceeManager {
byte[] key = localState.getRaw(PUBLIC_KEY);
// Verify the signature
- if (!cryptoComponent.verify(SIGNING_LABEL, nonce, key, sig)) {
+ if (!cryptoComponent.verifySignature(sig, SIGNING_LABEL, nonce, key)) {
LOG.warning("Invalid nonce signature in ACK");
throw new GeneralSecurityException();
}
diff --git a/briar-core/src/main/java/org/briarproject/briar/privategroup/GroupMessageValidator.java b/briar-core/src/main/java/org/briarproject/briar/privategroup/GroupMessageValidator.java
index cb5741fdbb45b3aa2abcafcaaa505304e5fefecf..525a7216aeb6b5f60eb01bcbe69e4d0cfca02331 100644
--- a/briar-core/src/main/java/org/briarproject/briar/privategroup/GroupMessageValidator.java
+++ b/briar-core/src/main/java/org/briarproject/briar/privategroup/GroupMessageValidator.java
@@ -112,8 +112,9 @@ class GroupMessageValidator extends BdfMessageValidator {
creator.getId(), member.getId(), g.getId(),
inviteTimestamp);
try {
- clientHelper.verifySignature(SIGNING_LABEL_INVITE,
- creatorSignature, creator.getPublicKey(), token);
+ clientHelper.verifySignature(creatorSignature,
+ SIGNING_LABEL_INVITE,
+ token, creator.getPublicKey());
} catch (GeneralSecurityException e) {
throw new FormatException();
}
@@ -128,8 +129,8 @@ class GroupMessageValidator extends BdfMessageValidator {
inviteList
);
try {
- clientHelper.verifySignature(SIGNING_LABEL_JOIN, memberSignature,
- member.getPublicKey(), signed);
+ clientHelper.verifySignature(memberSignature, SIGNING_LABEL_JOIN,
+ signed, member.getPublicKey());
} catch (GeneralSecurityException e) {
throw new FormatException();
}
@@ -165,8 +166,8 @@ class GroupMessageValidator extends BdfMessageValidator {
content
);
try {
- clientHelper.verifySignature(SIGNING_LABEL_POST, signature,
- member.getPublicKey(), signed);
+ clientHelper.verifySignature(signature, SIGNING_LABEL_POST,
+ signed, member.getPublicKey());
} catch (GeneralSecurityException e) {
throw new FormatException();
}
diff --git a/briar-core/src/main/java/org/briarproject/briar/privategroup/invitation/GroupInvitationValidator.java b/briar-core/src/main/java/org/briarproject/briar/privategroup/invitation/GroupInvitationValidator.java
index 8d7f0feb34d97a86ab67546317ab8ad9c6d9f1ea..251b416a88a5aff44225ae74073b6dfed7fd6eea 100644
--- a/briar-core/src/main/java/org/briarproject/briar/privategroup/invitation/GroupInvitationValidator.java
+++ b/briar-core/src/main/java/org/briarproject/briar/privategroup/invitation/GroupInvitationValidator.java
@@ -94,8 +94,8 @@ class GroupInvitationValidator extends BdfMessageValidator {
privateGroup.getId()
);
try {
- clientHelper.verifySignature(SIGNING_LABEL_INVITE, signature,
- creator.getPublicKey(), signed);
+ clientHelper.verifySignature(signature, SIGNING_LABEL_INVITE,
+ signed, creator.getPublicKey());
} catch (GeneralSecurityException e) {
throw new FormatException();
}
diff --git a/briar-core/src/test/java/org/briarproject/briar/blog/BlogPostValidatorTest.java b/briar-core/src/test/java/org/briarproject/briar/blog/BlogPostValidatorTest.java
index 6ca21569d91dbfdb95887d895c1626992d463965..f2ca321d7f5c872ed0824db6e06dc1a7e4a2f6ca 100644
--- a/briar-core/src/test/java/org/briarproject/briar/blog/BlogPostValidatorTest.java
+++ b/briar-core/src/test/java/org/briarproject/briar/blog/BlogPostValidatorTest.java
@@ -280,7 +280,7 @@ public class BlogPostValidatorTest extends BriarTestCase {
oneOf(clientHelper).toList(b.getAuthor());
will(returnValue(authorList));
oneOf(clientHelper)
- .verifySignature(label, sig, author.getPublicKey(), signed);
+ .verifySignature(sig, label, signed, author.getPublicKey());
}});
}
diff --git a/briar-core/src/test/java/org/briarproject/briar/forum/ForumPostValidatorTest.java b/briar-core/src/test/java/org/briarproject/briar/forum/ForumPostValidatorTest.java
index ee04074e2804191f4c4643dc9d26650c001e1a24..6fc64fccb2a2fe9b8be91fe4f5684c08946d4f62 100644
--- a/briar-core/src/test/java/org/briarproject/briar/forum/ForumPostValidatorTest.java
+++ b/briar-core/src/test/java/org/briarproject/briar/forum/ForumPostValidatorTest.java
@@ -64,8 +64,8 @@ public class ForumPostValidatorTest extends ValidatorTestCase {
public void testAcceptsNullParentId() throws Exception {
expectCreateAuthor();
context.checking(new Expectations() {{
- oneOf(clientHelper).verifySignature(SIGNING_LABEL_POST, signature,
- authorPublicKey, signedWithoutParent);
+ oneOf(clientHelper).verifySignature(signature, SIGNING_LABEL_POST,
+ signedWithoutParent, authorPublicKey);
}});
BdfMessageContext messageContext = v.validateMessage(message, group,
@@ -139,8 +139,8 @@ public class ForumPostValidatorTest extends ValidatorTestCase {
expectCreateAuthor();
context.checking(new Expectations() {{
- oneOf(clientHelper).verifySignature(SIGNING_LABEL_POST, signature,
- authorPublicKey, signedWithShortContent);
+ oneOf(clientHelper).verifySignature(signature, SIGNING_LABEL_POST,
+ signedWithShortContent, authorPublicKey);
}});
BdfMessageContext messageContext = v.validateMessage(message, group,
@@ -189,8 +189,8 @@ public class ForumPostValidatorTest extends ValidatorTestCase {
throws Exception {
expectCreateAuthor();
context.checking(new Expectations() {{
- oneOf(clientHelper).verifySignature(SIGNING_LABEL_POST, signature,
- authorPublicKey, signedWithParent);
+ oneOf(clientHelper).verifySignature(signature, SIGNING_LABEL_POST,
+ signedWithParent, authorPublicKey);
will(throwException(new FormatException()));
}});
@@ -203,8 +203,8 @@ public class ForumPostValidatorTest extends ValidatorTestCase {
throws Exception {
expectCreateAuthor();
context.checking(new Expectations() {{
- oneOf(clientHelper).verifySignature(SIGNING_LABEL_POST, signature,
- authorPublicKey, signedWithParent);
+ oneOf(clientHelper).verifySignature(signature, SIGNING_LABEL_POST,
+ signedWithParent, authorPublicKey);
will(throwException(new GeneralSecurityException()));
}});
diff --git a/briar-core/src/test/java/org/briarproject/briar/introduction/IntroduceeManagerTest.java b/briar-core/src/test/java/org/briarproject/briar/introduction/IntroduceeManagerTest.java
index 647502b131275c5cc7a7166a36023049ea62d74a..5f8391d9b8be793e3c53290c1b6ad3be1d18e3b5 100644
--- a/briar-core/src/test/java/org/briarproject/briar/introduction/IntroduceeManagerTest.java
+++ b/briar-core/src/test/java/org/briarproject/briar/introduction/IntroduceeManagerTest.java
@@ -262,8 +262,8 @@ public class IntroduceeManagerTest extends BriarTestCase {
);
context.checking(new Expectations() {{
- oneOf(cryptoComponent).verify(SIGNING_LABEL, nonce,
- introducee2.getAuthor().getPublicKey(), sig);
+ oneOf(cryptoComponent).verifySignature(sig, SIGNING_LABEL, nonce,
+ introducee2.getAuthor().getPublicKey());
will(returnValue(false));
}});
@@ -292,8 +292,8 @@ public class IntroduceeManagerTest extends BriarTestCase {
state.put(SIGNATURE, sig);
context.checking(new Expectations() {{
- oneOf(cryptoComponent).verify(SIGNING_LABEL, nonce,
- publicKeyBytes, sig);
+ oneOf(cryptoComponent).verifySignature(sig, SIGNING_LABEL, nonce,
+ publicKeyBytes);
will(returnValue(true));
}});
introduceeManager.verifySignature(state);
diff --git a/briar-core/src/test/java/org/briarproject/briar/privategroup/GroupMessageValidatorTest.java b/briar-core/src/test/java/org/briarproject/briar/privategroup/GroupMessageValidatorTest.java
index 8d8039794878cd2da2746212787060fc9ad3b56c..196ce09ca663ac28a2fe1370bdd96e0de7b67d8a 100644
--- a/briar-core/src/test/java/org/briarproject/briar/privategroup/GroupMessageValidatorTest.java
+++ b/briar-core/src/test/java/org/briarproject/briar/privategroup/GroupMessageValidatorTest.java
@@ -401,8 +401,8 @@ public class GroupMessageValidatorTest extends ValidatorTestCase {
expectParseAuthor(creatorList, creator);
expectParsePrivateGroup();
context.checking(new Expectations() {{
- oneOf(clientHelper).verifySignature(SIGNING_LABEL_JOIN,
- memberSignature, creator.getPublicKey(), signed);
+ oneOf(clientHelper).verifySignature(memberSignature,
+ SIGNING_LABEL_JOIN, signed, creator.getPublicKey());
if (!memberSigValid)
will(throwException(new GeneralSecurityException()));
}});
@@ -422,13 +422,13 @@ public class GroupMessageValidatorTest extends ValidatorTestCase {
oneOf(groupInvitationFactory).createInviteToken(creator.getId(),
member.getId(), privateGroup.getId(), inviteTimestamp);
will(returnValue(token));
- oneOf(clientHelper).verifySignature(SIGNING_LABEL_INVITE,
- creatorSignature, creator.getPublicKey(), token);
+ oneOf(clientHelper).verifySignature(creatorSignature,
+ SIGNING_LABEL_INVITE, token, creator.getPublicKey());
if (!creatorSigValid) {
will(throwException(new GeneralSecurityException()));
} else {
- oneOf(clientHelper).verifySignature(SIGNING_LABEL_JOIN,
- memberSignature, member.getPublicKey(), signed);
+ oneOf(clientHelper).verifySignature(memberSignature,
+ SIGNING_LABEL_JOIN, signed, member.getPublicKey());
if (!memberSigValid)
will(throwException(new GeneralSecurityException()));
}
@@ -648,8 +648,8 @@ public class GroupMessageValidatorTest extends ValidatorTestCase {
);
expectParseAuthor(memberList, member);
context.checking(new Expectations() {{
- oneOf(clientHelper).verifySignature(SIGNING_LABEL_POST,
- memberSignature, member.getPublicKey(), signed);
+ oneOf(clientHelper).verifySignature(memberSignature,
+ SIGNING_LABEL_POST, signed, member.getPublicKey());
if (!sigValid)
will(throwException(new GeneralSecurityException()));
}});
diff --git a/briar-core/src/test/java/org/briarproject/briar/privategroup/invitation/GroupInvitationValidatorTest.java b/briar-core/src/test/java/org/briarproject/briar/privategroup/invitation/GroupInvitationValidatorTest.java
index d469b959ed074fdefddf651650afe983cdc12f4c..d68a5edabd4a0f17377547632dec388fe4069a78 100644
--- a/briar-core/src/test/java/org/briarproject/briar/privategroup/invitation/GroupInvitationValidatorTest.java
+++ b/briar-core/src/test/java/org/briarproject/briar/privategroup/invitation/GroupInvitationValidatorTest.java
@@ -256,8 +256,8 @@ public class GroupInvitationValidatorTest extends ValidatorTestCase {
oneOf(privateGroupFactory).createPrivateGroup(groupName, creator,
salt);
will(returnValue(privateGroup));
- oneOf(clientHelper).verifySignature(SIGNING_LABEL_INVITE, signature,
- creator.getPublicKey(), signed);
+ oneOf(clientHelper).verifySignature(signature, SIGNING_LABEL_INVITE,
+ signed, creator.getPublicKey());
if (exception) {
will(throwException(new GeneralSecurityException()));
} else {