diff --git a/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/CryptoComponent.java b/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/CryptoComponent.java
index f4f065c97393dea173a93d788b9f757700405fcb..19a542f8af87478e94347595139f954a8cbbe8a3 100644
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/CryptoComponent.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/CryptoComponent.java
@@ -22,10 +22,6 @@ public interface CryptoComponent {
KeyParser getSignatureKeyParser();
- KeyPair generateEdKeyPair();
-
- KeyParser getEdKeyParser();
-
KeyParser getMessageKeyParser();
/**
@@ -53,7 +49,7 @@ public interface CryptoComponent {
throws GeneralSecurityException;
/**
- * Signs the given byte[] with the given ECDSA private key.
+ * Signs the given byte[] with the given private key.
*
* @param label a namespaced label indicating the purpose of this
* signature, to prevent it from being repurposed or colliding with a
@@ -62,18 +58,9 @@ public interface CryptoComponent {
byte[] sign(String label, byte[] toSign, byte[] privateKey)
throws GeneralSecurityException;
- /**
- * Signs the given byte[] with the given Ed25519 private key.
- *
- * @param label A label specific to this signature
- * to ensure that the signature cannot be repurposed
- */
- byte[] signEd(String label, byte[] toSign, byte[] privateKey)
- throws GeneralSecurityException;
-
/**
* Verifies that the given signature is valid for the signed data
- * and the given ECDSA public key.
+ * and the given public key.
*
* @param label a namespaced label indicating the purpose of this
* signature, to prevent it from being repurposed or colliding with a
@@ -83,17 +70,6 @@ public interface CryptoComponent {
boolean verify(String label, byte[] signedData, byte[] publicKey,
byte[] signature) throws GeneralSecurityException;
- /**
- * Verifies that the given signature is valid for the signed data
- * and the given Ed25519 public key.
- *
- * @param label A label that was specific to this signature
- * to ensure that the signature cannot be repurposed
- * @return true if the signature was valid, false otherwise.
- */
- boolean verifyEd(String label, byte[] signedData, byte[] publicKey,
- byte[] signature) throws GeneralSecurityException;
-
/**
* Returns the hash of the given inputs. The inputs are unambiguously
* combined by prefixing each input with its length.
diff --git a/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/CryptoConstants.java b/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/CryptoConstants.java
new file mode 100644
index 0000000000000000000000000000000000000000..d221c85c5faabdd9232a92643ee75d1d24194514
--- /dev/null
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/CryptoConstants.java
@@ -0,0 +1,19 @@
+package org.briarproject.bramble.api.crypto;
+
+public interface CryptoConstants {
+
+ /**
+ * The maximum length of an agreement public key in bytes.
+ */
+ int MAX_AGREEMENT_PUBLIC_KEY_BYTES = 65;
+
+ /**
+ * The maximum length of a signature public key in bytes.
+ */
+ int MAX_SIGNATURE_PUBLIC_KEY_BYTES = 32;
+
+ /**
+ * The maximum length of a signature in bytes.
+ */
+ int MAX_SIGNATURE_BYTES = 64;
+}
diff --git a/bramble-api/src/main/java/org/briarproject/bramble/api/identity/Author.java b/bramble-api/src/main/java/org/briarproject/bramble/api/identity/Author.java
index 830a32643f2ca4b933e99f9a6239ca40292a8ef0..8a3682e6c5c37deb40b66f7e7b3d4a2351db04a0 100644
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/identity/Author.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/identity/Author.java
@@ -22,7 +22,7 @@ public class Author {
/**
* The current version of the author structure.
*/
- public static final int FORMAT_VERSION = 0;
+ public static final int FORMAT_VERSION = 1;
private final AuthorId id;
private final int formatVersion;
diff --git a/bramble-api/src/main/java/org/briarproject/bramble/api/identity/AuthorConstants.java b/bramble-api/src/main/java/org/briarproject/bramble/api/identity/AuthorConstants.java
index 0699f972dc894120d9ea3a088ab83b7463c222f9..6d2ad47ebd670ec9abc618fd6a8ca4c41989d2bf 100644
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/identity/AuthorConstants.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/identity/AuthorConstants.java
@@ -1,5 +1,8 @@
package org.briarproject.bramble.api.identity;
+import static org.briarproject.bramble.api.crypto.CryptoConstants.MAX_SIGNATURE_BYTES;
+import static org.briarproject.bramble.api.crypto.CryptoConstants.MAX_SIGNATURE_PUBLIC_KEY_BYTES;
+
public interface AuthorConstants {
/**
@@ -8,26 +11,14 @@ public interface AuthorConstants {
int MAX_AUTHOR_NAME_LENGTH = 50;
/**
- * The maximum length of a public key in bytes.
- * <p>
- * Public keys use SEC1 format: 0x04 x y, where x and y are unsigned
- * big-endian integers.
- * <p>
- * For a 256-bit elliptic curve, the maximum length is 2 * 256 / 8 + 1.
+ * The maximum length of a public key in bytes. This applies to the
+ * signature algorithm used by the current {@link Author format version}.
*/
- int MAX_PUBLIC_KEY_LENGTH = 65;
+ int MAX_PUBLIC_KEY_LENGTH = MAX_SIGNATURE_PUBLIC_KEY_BYTES;
/**
- * The maximum length of a signature in bytes.
- * <p>
- * A signature is an ASN.1 DER sequence containing two integers, r and s.
- * The format is 0x30 len1 0x02 len2 r 0x02 len3 s, where len1 is
- * len(0x02 len2 r 0x02 len3 s) as a DER length, len2 is len(r) as a DER
- * length, len3 is len(s) as a DER length, and r and s are signed
- * big-endian integers of minimal length.
- * <p>
- * For a 256-bit elliptic curve, the lengths are one byte each, so the
- * maximum length is 2 * 256 / 8 + 8.
+ * The maximum length of a signature in bytes. This applies to the
+ * signature algorithm used by the current {@link Author format version}.
*/
- int MAX_SIGNATURE_LENGTH = 72;
+ int MAX_SIGNATURE_LENGTH = MAX_SIGNATURE_BYTES;
}
diff --git a/bramble-core/src/main/java/org/briarproject/bramble/crypto/CryptoComponentImpl.java b/bramble-core/src/main/java/org/briarproject/bramble/crypto/CryptoComponentImpl.java
index 44e7f353c72a80a5ae4cb123573753e81d17f5b2..4a0a3e4a6f8741c1278be10b24702671e413cebf 100644
--- a/bramble-core/src/main/java/org/briarproject/bramble/crypto/CryptoComponentImpl.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/crypto/CryptoComponentImpl.java
@@ -46,7 +46,6 @@ class CryptoComponentImpl implements CryptoComponent {
private static final int AGREEMENT_KEY_PAIR_BITS = 256;
private static final int SIGNATURE_KEY_PAIR_BITS = 256;
- private static final int ED_KEY_PAIR_BITS = 256;
private static final int STORAGE_IV_BYTES = 24; // 196 bits
private static final int PBKDF_SALT_BYTES = 32; // 256 bits
private static final int PBKDF_FORMAT_SCRYPT = 0;
@@ -54,11 +53,9 @@ class CryptoComponentImpl implements CryptoComponent {
private final SecureRandom secureRandom;
private final PasswordBasedKdf passwordBasedKdf;
private final ECKeyPairGenerator agreementKeyPairGenerator;
- private final ECKeyPairGenerator signatureKeyPairGenerator;
+ private final KeyPairGenerator signatureKeyPairGenerator;
private final KeyParser agreementKeyParser, signatureKeyParser;
private final MessageEncrypter messageEncrypter;
- private final KeyPairGenerator edKeyPairGenerator;
- private final KeyParser edKeyParser;
@Inject
CryptoComponentImpl(SecureRandomProvider secureRandomProvider,
@@ -87,16 +84,13 @@ class CryptoComponentImpl implements CryptoComponent {
PARAMETERS, secureRandom);
agreementKeyPairGenerator = new ECKeyPairGenerator();
agreementKeyPairGenerator.init(params);
- signatureKeyPairGenerator = new ECKeyPairGenerator();
- signatureKeyPairGenerator.init(params);
+ signatureKeyPairGenerator = new KeyPairGenerator();
+ signatureKeyPairGenerator.initialize(SIGNATURE_KEY_PAIR_BITS,
+ secureRandom);
agreementKeyParser = new Sec1KeyParser(PARAMETERS,
AGREEMENT_KEY_PAIR_BITS);
- signatureKeyParser = new Sec1KeyParser(PARAMETERS,
- SIGNATURE_KEY_PAIR_BITS);
+ signatureKeyParser = new EdKeyParser();
messageEncrypter = new MessageEncrypter(secureRandom);
- edKeyPairGenerator = new KeyPairGenerator();
- edKeyPairGenerator.initialize(ED_KEY_PAIR_BITS, secureRandom);
- edKeyParser = new EdKeyParser();
}
// Based on https://android-developers.googleblog.com/2013/08/some-securerandom-thoughts.html
@@ -155,21 +149,6 @@ class CryptoComponentImpl implements CryptoComponent {
return secret;
}
- @Override
- public KeyPair generateEdKeyPair() {
- java.security.KeyPair keyPair = edKeyPairGenerator.generateKeyPair();
- EdDSAPublicKey edPublicKey = (EdDSAPublicKey) keyPair.getPublic();
- PublicKey publicKey = new EdPublicKey(edPublicKey.getAbyte());
- EdDSAPrivateKey edPrivateKey = (EdDSAPrivateKey) keyPair.getPrivate();
- PrivateKey privateKey = new EdPrivateKey(edPrivateKey.getSeed());
- return new KeyPair(publicKey, privateKey);
- }
-
- @Override
- public KeyParser getEdKeyParser() {
- return edKeyParser;
- }
-
@Override
public KeyPair generateAgreementKeyPair() {
AsymmetricCipherKeyPair keyPair =
@@ -193,17 +172,11 @@ class CryptoComponentImpl implements CryptoComponent {
@Override
public KeyPair generateSignatureKeyPair() {
- AsymmetricCipherKeyPair keyPair =
- signatureKeyPairGenerator.generateKeyPair();
- // Return a wrapper that uses the SEC 1 encoding
- ECPublicKeyParameters ecPublicKey =
- (ECPublicKeyParameters) keyPair.getPublic();
- PublicKey publicKey = new Sec1PublicKey(ecPublicKey
- );
- ECPrivateKeyParameters ecPrivateKey =
- (ECPrivateKeyParameters) keyPair.getPrivate();
- PrivateKey privateKey = new Sec1PrivateKey(ecPrivateKey,
- SIGNATURE_KEY_PAIR_BITS);
+ java.security.KeyPair keyPair = signatureKeyPairGenerator.generateKeyPair();
+ EdDSAPublicKey edPublicKey = (EdDSAPublicKey) keyPair.getPublic();
+ PublicKey publicKey = new EdPublicKey(edPublicKey.getAbyte());
+ EdDSAPrivateKey edPrivateKey = (EdDSAPrivateKey) keyPair.getPrivate();
+ PrivateKey privateKey = new EdPrivateKey(edPrivateKey.getSeed());
return new KeyPair(publicKey, privateKey);
}
@@ -240,19 +213,8 @@ class CryptoComponentImpl implements CryptoComponent {
@Override
public byte[] sign(String label, byte[] toSign, byte[] privateKey)
throws GeneralSecurityException {
- return sign(new SignatureImpl(secureRandom), signatureKeyParser, label,
- toSign, privateKey);
- }
-
- @Override
- public byte[] signEd(String label, byte[] toSign, byte[] privateKey)
- throws GeneralSecurityException {
- return sign(new EdSignature(), edKeyParser, label, toSign, privateKey);
- }
-
- private byte[] sign(Signature sig, KeyParser keyParser, String label,
- byte[] toSign, byte[] privateKey) throws GeneralSecurityException {
- PrivateKey key = keyParser.parsePrivateKey(privateKey);
+ PrivateKey key = signatureKeyParser.parsePrivateKey(privateKey);
+ Signature sig = new EdSignature();
sig.initSign(key);
updateSignature(sig, label, toSign);
return sig.sign();
@@ -261,21 +223,8 @@ class CryptoComponentImpl implements CryptoComponent {
@Override
public boolean verify(String label, byte[] signedData, byte[] publicKey,
byte[] signature) throws GeneralSecurityException {
- return verify(new SignatureImpl(secureRandom), signatureKeyParser,
- label, signedData, publicKey, signature);
- }
-
- @Override
- public boolean verifyEd(String label, byte[] signedData, byte[] publicKey,
- byte[] signature) throws GeneralSecurityException {
- return verify(new EdSignature(), edKeyParser, label, signedData,
- publicKey, signature);
- }
-
- private boolean verify(Signature sig, KeyParser keyParser, String label,
- byte[] signedData, byte[] publicKey, byte[] signature)
- throws GeneralSecurityException {
- PublicKey key = keyParser.parsePublicKey(publicKey);
+ PublicKey key = signatureKeyParser.parsePublicKey(publicKey);
+ Signature sig = new EdSignature();
sig.initVerify(key);
updateSignature(sig, label, signedData);
return sig.verify(signature);
diff --git a/bramble-core/src/main/java/org/briarproject/bramble/crypto/SignatureImpl.java b/bramble-core/src/main/java/org/briarproject/bramble/crypto/SignatureImpl.java
deleted file mode 100644
index 02ec2eabb0ecba3f61314c46f4a24ac74f7632f7..0000000000000000000000000000000000000000
--- a/bramble-core/src/main/java/org/briarproject/bramble/crypto/SignatureImpl.java
+++ /dev/null
@@ -1,91 +0,0 @@
-package org.briarproject.bramble.crypto;
-
-import org.briarproject.bramble.api.crypto.PrivateKey;
-import org.briarproject.bramble.api.crypto.PublicKey;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.spongycastle.crypto.Digest;
-import org.spongycastle.crypto.digests.Blake2bDigest;
-import org.spongycastle.crypto.params.ECPrivateKeyParameters;
-import org.spongycastle.crypto.params.ECPublicKeyParameters;
-import org.spongycastle.crypto.params.ParametersWithRandom;
-import org.spongycastle.crypto.signers.DSADigestSigner;
-import org.spongycastle.crypto.signers.DSAKCalculator;
-import org.spongycastle.crypto.signers.ECDSASigner;
-import org.spongycastle.crypto.signers.HMacDSAKCalculator;
-
-import java.security.GeneralSecurityException;
-import java.security.SecureRandom;
-import java.util.logging.Logger;
-
-import javax.annotation.concurrent.NotThreadSafe;
-
-import static java.util.logging.Level.INFO;
-
-@NotThreadSafe
-@NotNullByDefault
-class SignatureImpl implements Signature {
-
- private static final Logger LOG =
- Logger.getLogger(SignatureImpl.class.getName());
-
- private final SecureRandom secureRandom;
- private final DSADigestSigner signer;
-
- SignatureImpl(SecureRandom secureRandom) {
- this.secureRandom = secureRandom;
- Digest digest = new Blake2bDigest(256);
- DSAKCalculator calculator = new HMacDSAKCalculator(digest);
- signer = new DSADigestSigner(new ECDSASigner(calculator), digest);
- }
-
- @Override
- public void initSign(PrivateKey k) throws GeneralSecurityException {
- if (!(k instanceof Sec1PrivateKey))
- throw new IllegalArgumentException();
- ECPrivateKeyParameters priv = ((Sec1PrivateKey) k).getKey();
- signer.init(true, new ParametersWithRandom(priv, secureRandom));
- }
-
- @Override
- public void initVerify(PublicKey k) throws GeneralSecurityException {
- if (!(k instanceof Sec1PublicKey))
- throw new IllegalArgumentException();
- ECPublicKeyParameters pub = ((Sec1PublicKey) k).getKey();
- signer.init(false, pub);
- }
-
- @Override
- public void update(byte b) {
- signer.update(b);
- }
-
- @Override
- public void update(byte[] b) {
- update(b, 0, b.length);
- }
-
- @Override
- public void update(byte[] b, int off, int len) {
- signer.update(b, off, len);
- }
-
- @Override
- public byte[] sign() {
- long now = System.currentTimeMillis();
- byte[] signature = signer.generateSignature();
- long duration = System.currentTimeMillis() - now;
- if (LOG.isLoggable(INFO))
- LOG.info("Generating signature took " + duration + " ms");
- return signature;
- }
-
- @Override
- public boolean verify(byte[] signature) {
- long now = System.currentTimeMillis();
- boolean valid = signer.verifySignature(signature);
- long duration = System.currentTimeMillis() - now;
- if (LOG.isLoggable(INFO))
- LOG.info("Verifying signature took " + duration + " ms");
- return valid;
- }
-}
diff --git a/bramble-core/src/test/java/org/briarproject/bramble/crypto/EcdsaSignatureTest.java b/bramble-core/src/test/java/org/briarproject/bramble/crypto/EcdsaSignatureTest.java
deleted file mode 100644
index 1d1c960cd1d9279cbd577e9b22141a09b4a33f14..0000000000000000000000000000000000000000
--- a/bramble-core/src/test/java/org/briarproject/bramble/crypto/EcdsaSignatureTest.java
+++ /dev/null
@@ -1,25 +0,0 @@
-package org.briarproject.bramble.crypto;
-
-import org.briarproject.bramble.api.crypto.KeyPair;
-
-import java.security.GeneralSecurityException;
-
-public class EcdsaSignatureTest extends SignatureTest {
-
- @Override
- protected KeyPair generateKeyPair() {
- return crypto.generateSignatureKeyPair();
- }
-
- @Override
- protected byte[] sign(String label, byte[] toSign, byte[] privateKey)
- throws GeneralSecurityException {
- return crypto.sign(label, toSign, privateKey);
- }
-
- @Override
- protected boolean verify(String label, byte[] signedData, byte[] publicKey,
- byte[] signature) throws GeneralSecurityException {
- return crypto.verify(label, signedData, publicKey, signature);
- }
-}
diff --git a/bramble-core/src/test/java/org/briarproject/bramble/crypto/EdSignatureTest.java b/bramble-core/src/test/java/org/briarproject/bramble/crypto/EdSignatureTest.java
index fcbd73e1560c364b04656278303fd7ca2d7e653f..3fb5c3a9c4a83f85df988e9fc4a0b9bb22e0b8ae 100644
--- a/bramble-core/src/test/java/org/briarproject/bramble/crypto/EdSignatureTest.java
+++ b/bramble-core/src/test/java/org/briarproject/bramble/crypto/EdSignatureTest.java
@@ -133,19 +133,19 @@ public class EdSignatureTest extends SignatureTest {
@Override
protected KeyPair generateKeyPair() {
- return crypto.generateEdKeyPair();
+ return crypto.generateSignatureKeyPair();
}
@Override
protected byte[] sign(String label, byte[] toSign, byte[] privateKey)
throws GeneralSecurityException {
- return crypto.signEd(label, toSign, privateKey);
+ return crypto.sign(label, toSign, privateKey);
}
@Override
protected boolean verify(String label, byte[] signedData, byte[] publicKey,
byte[] signature) throws GeneralSecurityException {
- return crypto.verifyEd(label, signedData, publicKey, signature);
+ return crypto.verify(label, signedData, publicKey, signature);
}
@Test
diff --git a/bramble-core/src/test/java/org/briarproject/bramble/crypto/KeyEncodingAndParsingTest.java b/bramble-core/src/test/java/org/briarproject/bramble/crypto/KeyEncodingAndParsingTest.java
index a7136e5cd59714b530e78c6b344704ba1ea73ece..1f2cad4dc7cda8344aaea99f1f72b699f3e2cc1a 100644
--- a/bramble-core/src/test/java/org/briarproject/bramble/crypto/KeyEncodingAndParsingTest.java
+++ b/bramble-core/src/test/java/org/briarproject/bramble/crypto/KeyEncodingAndParsingTest.java
@@ -6,13 +6,14 @@ import org.briarproject.bramble.api.crypto.PrivateKey;
import org.briarproject.bramble.api.crypto.PublicKey;
import org.briarproject.bramble.test.BrambleTestCase;
import org.briarproject.bramble.test.TestSecureRandomProvider;
-import org.briarproject.bramble.test.TestUtils;
import org.junit.Test;
import java.security.GeneralSecurityException;
-import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_PUBLIC_KEY_LENGTH;
-import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_SIGNATURE_LENGTH;
+import static org.briarproject.bramble.api.crypto.CryptoConstants.MAX_AGREEMENT_PUBLIC_KEY_BYTES;
+import static org.briarproject.bramble.api.crypto.CryptoConstants.MAX_SIGNATURE_BYTES;
+import static org.briarproject.bramble.api.crypto.CryptoConstants.MAX_SIGNATURE_PUBLIC_KEY_BYTES;
+import static org.briarproject.bramble.test.TestUtils.getRandomBytes;
import static org.junit.Assert.assertArrayEquals;
import static org.junit.Assert.assertTrue;
@@ -28,7 +29,7 @@ public class KeyEncodingAndParsingTest extends BrambleTestCase {
KeyPair keyPair = crypto.generateSignatureKeyPair();
// Check the length of the public key
byte[] publicKey = keyPair.getPublic().getEncoded();
- assertTrue(publicKey.length <= MAX_PUBLIC_KEY_LENGTH);
+ assertTrue(publicKey.length <= MAX_AGREEMENT_PUBLIC_KEY_BYTES);
}
}
@@ -45,7 +46,8 @@ public class KeyEncodingAndParsingTest extends BrambleTestCase {
aPub = parser.parsePublicKey(aPub.getEncoded());
aPub = parser.parsePublicKey(aPub.getEncoded());
// Derive the shared secret again - it should be the same
- byte[] secret1 = crypto.performRawKeyAgreement(bPair.getPrivate(), aPub);
+ byte[] secret1 =
+ crypto.performRawKeyAgreement(bPair.getPrivate(), aPub);
assertArrayEquals(secret, secret1);
}
@@ -62,7 +64,8 @@ public class KeyEncodingAndParsingTest extends BrambleTestCase {
bPriv = parser.parsePrivateKey(bPriv.getEncoded());
bPriv = parser.parsePrivateKey(bPriv.getEncoded());
// Derive the shared secret again - it should be the same
- byte[] secret1 = crypto.performRawKeyAgreement(bPriv, aPair.getPublic());
+ byte[] secret1 =
+ crypto.performRawKeyAgreement(bPriv, aPair.getPublic());
assertArrayEquals(secret, secret1);
}
@@ -76,12 +79,12 @@ public class KeyEncodingAndParsingTest extends BrambleTestCase {
// Parse some random byte arrays - expect GeneralSecurityException
for (int i = 0; i < 1000; i++) {
try {
- parser.parsePublicKey(TestUtils.getRandomBytes(pubLength));
+ parser.parsePublicKey(getRandomBytes(pubLength));
} catch (GeneralSecurityException expected) {
// Expected
}
try {
- parser.parsePrivateKey(TestUtils.getRandomBytes(privLength));
+ parser.parsePrivateKey(getRandomBytes(privLength));
} catch (GeneralSecurityException expected) {
// Expected
}
@@ -95,7 +98,7 @@ public class KeyEncodingAndParsingTest extends BrambleTestCase {
KeyPair keyPair = crypto.generateSignatureKeyPair();
// Check the length of the public key
byte[] publicKey = keyPair.getPublic().getEncoded();
- assertTrue(publicKey.length <= MAX_PUBLIC_KEY_LENGTH);
+ assertTrue(publicKey.length <= MAX_SIGNATURE_PUBLIC_KEY_BYTES);
}
}
@@ -106,44 +109,53 @@ public class KeyEncodingAndParsingTest extends BrambleTestCase {
KeyPair keyPair = crypto.generateSignatureKeyPair();
byte[] key = keyPair.getPrivate().getEncoded();
// Sign some random data and check the length of the signature
- byte[] toBeSigned = TestUtils.getRandomBytes(1234);
+ byte[] toBeSigned = getRandomBytes(1234);
byte[] signature = crypto.sign("label", toBeSigned, key);
- assertTrue(signature.length <= MAX_SIGNATURE_LENGTH);
+ assertTrue(signature.length <= MAX_SIGNATURE_BYTES);
}
}
@Test
public void testSignaturePublicKeyEncodingAndParsing() throws Exception {
KeyParser parser = crypto.getSignatureKeyParser();
- // Generate two key pairs
- KeyPair aPair = crypto.generateSignatureKeyPair();
- KeyPair bPair = crypto.generateSignatureKeyPair();
- // Derive the shared secret
- PublicKey aPub = aPair.getPublic();
- byte[] secret = crypto.performRawKeyAgreement(bPair.getPrivate(), aPub);
+ // Generate a key pair and sign some data
+ KeyPair keyPair = crypto.generateSignatureKeyPair();
+ PublicKey publicKey = keyPair.getPublic();
+ PrivateKey privateKey = keyPair.getPrivate();
+ byte[] message = getRandomBytes(123);
+ byte[] signature = crypto.sign("test", message,
+ privateKey.getEncoded());
+ // Verify the signature
+ assertTrue(crypto.verify("test", message, publicKey.getEncoded(),
+ signature));
// Encode and parse the public key - no exceptions should be thrown
- aPub = parser.parsePublicKey(aPub.getEncoded());
- aPub = parser.parsePublicKey(aPub.getEncoded());
- // Derive the shared secret again - it should be the same
- byte[] secret1 = crypto.performRawKeyAgreement(bPair.getPrivate(), aPub);
- assertArrayEquals(secret, secret1);
+ publicKey = parser.parsePublicKey(publicKey.getEncoded());
+ // Verify the signature again
+ assertTrue(crypto.verify("test", message, publicKey.getEncoded(),
+ signature));
}
@Test
public void testSignaturePrivateKeyEncodingAndParsing() throws Exception {
KeyParser parser = crypto.getSignatureKeyParser();
- // Generate two key pairs
- KeyPair aPair = crypto.generateSignatureKeyPair();
- KeyPair bPair = crypto.generateSignatureKeyPair();
- // Derive the shared secret
- PrivateKey bPriv = bPair.getPrivate();
- byte[] secret = crypto.performRawKeyAgreement(bPriv, aPair.getPublic());
+ // Generate a key pair and sign some data
+ KeyPair keyPair = crypto.generateSignatureKeyPair();
+ PublicKey publicKey = keyPair.getPublic();
+ PrivateKey privateKey = keyPair.getPrivate();
+ byte[] message = getRandomBytes(123);
+ byte[] signature = crypto.sign("test", message,
+ privateKey.getEncoded());
+ // Verify the signature
+ assertTrue(crypto.verify("test", message, publicKey.getEncoded(),
+ signature));
// Encode and parse the private key - no exceptions should be thrown
- bPriv = parser.parsePrivateKey(bPriv.getEncoded());
- bPriv = parser.parsePrivateKey(bPriv.getEncoded());
- // Derive the shared secret again - it should be the same
- byte[] secret1 = crypto.performRawKeyAgreement(bPriv, aPair.getPublic());
- assertArrayEquals(secret, secret1);
+ privateKey = parser.parsePrivateKey(privateKey.getEncoded());
+ // Sign the data again - the signatures should be the same
+ byte[] signature1 = crypto.sign("test", message,
+ privateKey.getEncoded());
+ assertTrue(crypto.verify("test", message, publicKey.getEncoded(),
+ signature1));
+ assertArrayEquals(signature, signature1);
}
@Test
@@ -156,12 +168,12 @@ public class KeyEncodingAndParsingTest extends BrambleTestCase {
// Parse some random byte arrays - expect GeneralSecurityException
for (int i = 0; i < 1000; i++) {
try {
- parser.parsePublicKey(TestUtils.getRandomBytes(pubLength));
+ parser.parsePublicKey(getRandomBytes(pubLength));
} catch (GeneralSecurityException expected) {
// Expected
}
try {
- parser.parsePrivateKey(TestUtils.getRandomBytes(privLength));
+ parser.parsePrivateKey(getRandomBytes(privLength));
} catch (GeneralSecurityException expected) {
// Expected
}
diff --git a/briar-core/src/main/java/org/briarproject/briar/introduction/IntroductionValidator.java b/briar-core/src/main/java/org/briarproject/briar/introduction/IntroductionValidator.java
index 705a36f00a6e4dc1b9179656d595dd8343aaeebf..9fc526e49c24a709cc2a43d9abaea0b5973c944d 100644
--- a/briar-core/src/main/java/org/briarproject/briar/introduction/IntroductionValidator.java
+++ b/briar-core/src/main/java/org/briarproject/briar/introduction/IntroductionValidator.java
@@ -15,6 +15,7 @@ import org.briarproject.briar.client.BdfQueueMessageValidator;
import javax.annotation.concurrent.Immutable;
+import static org.briarproject.bramble.api.crypto.CryptoConstants.MAX_AGREEMENT_PUBLIC_KEY_BYTES;
import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_AUTHOR_NAME_LENGTH;
import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_PUBLIC_KEY_LENGTH;
import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_SIGNATURE_LENGTH;
@@ -133,7 +134,7 @@ class IntroductionValidator extends BdfQueueMessageValidator {
// parse ephemeral public key
pubkey = message.getRaw(4);
- checkLength(pubkey, 1, MAX_PUBLIC_KEY_LENGTH);
+ checkLength(pubkey, 1, MAX_AGREEMENT_PUBLIC_KEY_BYTES);
// parse transport properties
tp = message.getDictionary(5);
diff --git a/briar-core/src/test/java/org/briarproject/briar/introduction/IntroduceeManagerTest.java b/briar-core/src/test/java/org/briarproject/briar/introduction/IntroduceeManagerTest.java
index 72d178a7f72631184a33c3ab1758c75448688f7a..6617924ac12317fd5655bb27313ecf4c45c461ae 100644
--- a/briar-core/src/test/java/org/briarproject/briar/introduction/IntroduceeManagerTest.java
+++ b/briar-core/src/test/java/org/briarproject/briar/introduction/IntroduceeManagerTest.java
@@ -36,7 +36,7 @@ import org.junit.Test;
import java.security.GeneralSecurityException;
import java.security.SecureRandom;
-import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_PUBLIC_KEY_LENGTH;
+import static org.briarproject.bramble.api.crypto.CryptoConstants.MAX_AGREEMENT_PUBLIC_KEY_BYTES;
import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_SIGNATURE_LENGTH;
import static org.briarproject.bramble.api.sync.SyncConstants.MESSAGE_HEADER_LENGTH;
import static org.briarproject.bramble.test.TestUtils.getAuthor;
@@ -215,7 +215,7 @@ public class IntroduceeManagerTest extends BriarTestCase {
// turn request message into a response
msg.put(ACCEPT, true);
msg.put(TIME, time);
- msg.put(E_PUBLIC_KEY, getRandomBytes(MAX_PUBLIC_KEY_LENGTH));
+ msg.put(E_PUBLIC_KEY, getRandomBytes(MAX_AGREEMENT_PUBLIC_KEY_BYTES));
msg.put(TRANSPORT, new BdfDictionary());
context.checking(new Expectations() {{
@@ -308,7 +308,7 @@ public class IntroduceeManagerTest extends BriarTestCase {
byte[] publicKeyBytes = introducee2.getAuthor().getPublicKey();
BdfDictionary tp = BdfDictionary.of(new BdfEntry("fake", "fake"));
- byte[] ePublicKeyBytes = getRandomBytes(MAX_PUBLIC_KEY_LENGTH);
+ byte[] ePublicKeyBytes = getRandomBytes(MAX_AGREEMENT_PUBLIC_KEY_BYTES);
byte[] mac = getRandomBytes(MAC_LENGTH);
SecretKey macKey = getSecretKey();
diff --git a/briar-core/src/test/java/org/briarproject/briar/introduction/IntroductionIntegrationTest.java b/briar-core/src/test/java/org/briarproject/briar/introduction/IntroductionIntegrationTest.java
index ff4f28bb7b254015b896c422bb17564a2bdf2395..0cfa068f816b87d1ab51e545fce12c0288712c32 100644
--- a/briar-core/src/test/java/org/briarproject/briar/introduction/IntroductionIntegrationTest.java
+++ b/briar-core/src/test/java/org/briarproject/briar/introduction/IntroductionIntegrationTest.java
@@ -730,7 +730,7 @@ public class IntroductionIntegrationTest
@Test
public void testModifiedEphemeralPublicKey() throws Exception {
testModifiedResponse(response -> {
- KeyPair keyPair = crypto.generateSignatureKeyPair();
+ KeyPair keyPair = crypto.generateAgreementKeyPair();
response.put(E_PUBLIC_KEY, keyPair.getPublic().getEncoded());
return true;
});
diff --git a/briar-core/src/test/java/org/briarproject/briar/introduction/IntroductionValidatorTest.java b/briar-core/src/test/java/org/briarproject/briar/introduction/IntroductionValidatorTest.java
index afe880100fcc380d8f360420e6ae927738b2ce12..bd786802f079c3585c006283d4f95723b1e8bf58 100644
--- a/briar-core/src/test/java/org/briarproject/briar/introduction/IntroductionValidatorTest.java
+++ b/briar-core/src/test/java/org/briarproject/briar/introduction/IntroductionValidatorTest.java
@@ -20,6 +20,7 @@ import org.briarproject.briar.test.BriarTestCase;
import org.jmock.Mockery;
import org.junit.Test;
+import static org.briarproject.bramble.api.crypto.CryptoConstants.MAX_AGREEMENT_PUBLIC_KEY_BYTES;
import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_AUTHOR_NAME_LENGTH;
import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_PUBLIC_KEY_LENGTH;
import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_SIGNATURE_LENGTH;
@@ -164,7 +165,7 @@ public class IntroductionValidatorTest extends BriarTestCase {
byte[] groupId = getRandomId();
byte[] sessionId = getRandomId();
long time = clock.currentTimeMillis();
- byte[] publicKey = getRandomBytes(MAX_PUBLIC_KEY_LENGTH);
+ byte[] publicKey = getRandomBytes(MAX_AGREEMENT_PUBLIC_KEY_BYTES);
String transportId =
getRandomString(TransportId.MAX_TRANSPORT_ID_LENGTH);
BdfDictionary tProps = BdfDictionary.of(
@@ -255,7 +256,7 @@ public class IntroductionValidatorTest extends BriarTestCase {
byte[] groupId = getRandomId();
byte[] sessionId = getRandomId();
long time = clock.currentTimeMillis();
- byte[] publicKey = getRandomBytes(MAX_PUBLIC_KEY_LENGTH);
+ byte[] publicKey = getRandomBytes(MAX_AGREEMENT_PUBLIC_KEY_BYTES);
String transportId =
getRandomString(TransportId.MAX_TRANSPORT_ID_LENGTH);
BdfDictionary tProps = BdfDictionary.of(