From d2348a4e7d5cc22e9d9fea88c8d60397c1a66c3c Mon Sep 17 00:00:00 2001 From: akwizgran <michael@briarproject.org> Date: Tue, 28 Nov 2017 10:40:19 +0000 Subject: [PATCH] Remove method that just wraps a MAC call. --- .../bramble/api/crypto/CryptoComponent.java | 12 ------------ .../contact/ContactExchangeTaskImpl.java | 6 ++---- .../bramble/crypto/CryptoComponentImpl.java | 9 +++------ .../briar/introduction/IntroduceeManager.java | 19 ++++++++++--------- .../IntroductionIntegrationTest.java | 5 ++--- 5 files changed, 17 insertions(+), 34 deletions(-) diff --git a/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/CryptoComponent.java b/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/CryptoComponent.java index 90f9da6f09..3a2be304a6 100644 --- a/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/CryptoComponent.java +++ b/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/CryptoComponent.java @@ -32,18 +32,6 @@ public interface CryptoComponent { */ SecretKey deriveKey(String label, SecretKey k, byte[]... inputs); - /** - * Derives a nonce from the given secret key that can be used for key - * binding. - * - * TODO: This just calls mac(), remove it - * - * @param label a namespaced label indicating the purpose of this nonce, - * to prevent it from being repurposed or colliding with a nonce derived - * for another purpose - */ - byte[] deriveKeyBindingNonce(String label, SecretKey k); - /** * Derives a common shared secret from two public keys and one of the * corresponding private keys. diff --git a/bramble-core/src/main/java/org/briarproject/bramble/contact/ContactExchangeTaskImpl.java b/bramble-core/src/main/java/org/briarproject/bramble/contact/ContactExchangeTaskImpl.java index 5a86874ec3..50a4f841cb 100644 --- a/bramble-core/src/main/java/org/briarproject/bramble/contact/ContactExchangeTaskImpl.java +++ b/bramble-core/src/main/java/org/briarproject/bramble/contact/ContactExchangeTaskImpl.java @@ -157,10 +157,8 @@ class ContactExchangeTaskImpl extends Thread implements ContactExchangeTask { BdfWriter w = bdfWriterFactory.createWriter(streamWriter); // Derive the nonces to be signed - byte[] aliceNonce = crypto.deriveKeyBindingNonce(ALICE_NONCE_LABEL, - masterSecret); - byte[] bobNonce = crypto.deriveKeyBindingNonce(BOB_NONCE_LABEL, - masterSecret); + byte[] aliceNonce = crypto.mac(ALICE_NONCE_LABEL, masterSecret); + byte[] bobNonce = crypto.mac(BOB_NONCE_LABEL, masterSecret); // Exchange pseudonyms, signed nonces, and timestamps long localTimestamp = clock.currentTimeMillis(); diff --git a/bramble-core/src/main/java/org/briarproject/bramble/crypto/CryptoComponentImpl.java b/bramble-core/src/main/java/org/briarproject/bramble/crypto/CryptoComponentImpl.java index 5e2985ef8e..37af381df9 100644 --- a/bramble-core/src/main/java/org/briarproject/bramble/crypto/CryptoComponentImpl.java +++ b/bramble-core/src/main/java/org/briarproject/bramble/crypto/CryptoComponentImpl.java @@ -220,12 +220,9 @@ class CryptoComponentImpl implements CryptoComponent { @Override public SecretKey deriveKey(String label, SecretKey k, byte[]... inputs) { - return new SecretKey(mac(label, k, inputs)); - } - - @Override - public byte[] deriveKeyBindingNonce(String label, SecretKey k) { - return mac(label, k); + byte[] mac = mac(label, k, inputs); + if (mac.length != SecretKey.LENGTH) throw new IllegalStateException(); + return new SecretKey(mac); } @Override diff --git a/briar-core/src/main/java/org/briarproject/briar/introduction/IntroduceeManager.java b/briar-core/src/main/java/org/briarproject/briar/introduction/IntroduceeManager.java index 84cd1450ea..6ecfcef49c 100644 --- a/briar-core/src/main/java/org/briarproject/briar/introduction/IntroduceeManager.java +++ b/briar-core/src/main/java/org/briarproject/briar/introduction/IntroduceeManager.java @@ -451,15 +451,16 @@ class IntroduceeManager { private void deriveMacKeysAndNonces(BdfDictionary localState, LocalAuthor author, SecretKey secretKey, boolean alice) throws FormatException, GeneralSecurityException { - // Derive two nonces and MAC keys from the shared secret key - byte[] ourNonce = cryptoComponent.deriveKeyBindingNonce( - alice ? ALICE_NONCE_LABEL : BOB_NONCE_LABEL, secretKey); - byte[] theirNonce = cryptoComponent.deriveKeyBindingNonce( - alice ? BOB_NONCE_LABEL : ALICE_NONCE_LABEL, secretKey); - SecretKey ourMacKey = cryptoComponent.deriveKey( - alice ? ALICE_MAC_KEY_LABEL : BOB_MAC_KEY_LABEL, secretKey); - SecretKey theirMacKey = cryptoComponent.deriveKey( - alice ? BOB_MAC_KEY_LABEL : ALICE_MAC_KEY_LABEL, secretKey); + // Derive two nonces and two MAC keys from the shared secret key + String ourNonceLabel = alice ? ALICE_NONCE_LABEL : BOB_NONCE_LABEL; + String theirNonceLabel = alice ? BOB_NONCE_LABEL : ALICE_NONCE_LABEL; + byte[] ourNonce = cryptoComponent.mac(ourNonceLabel, secretKey); + byte[] theirNonce = cryptoComponent.mac(theirNonceLabel, secretKey); + String ourKeyLabel = alice ? ALICE_MAC_KEY_LABEL : BOB_MAC_KEY_LABEL; + String theirKeyLabel = alice ? BOB_MAC_KEY_LABEL : ALICE_MAC_KEY_LABEL; + SecretKey ourMacKey = cryptoComponent.deriveKey(ourKeyLabel, secretKey); + SecretKey theirMacKey = + cryptoComponent.deriveKey(theirKeyLabel, secretKey); // Save the other nonce and MAC key for the verification localState.put(NONCE, theirNonce); diff --git a/briar-core/src/test/java/org/briarproject/briar/introduction/IntroductionIntegrationTest.java b/briar-core/src/test/java/org/briarproject/briar/introduction/IntroductionIntegrationTest.java index f3e3fcf23f..b6b088f9d5 100644 --- a/briar-core/src/test/java/org/briarproject/briar/introduction/IntroductionIntegrationTest.java +++ b/briar-core/src/test/java/org/briarproject/briar/introduction/IntroductionIntegrationTest.java @@ -755,8 +755,7 @@ public class IntroductionIntegrationTest // Nonce 1 SecretKey sharedSecret = crypto.deriveSharedSecret(SHARED_SECRET_LABEL, eKeyPair2.getPublic(), eKeyPair1, true); - byte[] nonce1 = crypto.deriveKeyBindingNonce(ALICE_NONCE_LABEL, - sharedSecret); + byte[] nonce1 = crypto.mac(ALICE_NONCE_LABEL, sharedSecret); // Signature 1 byte[] sig1 = crypto.sign(SIGNING_LABEL, nonce1, @@ -791,7 +790,7 @@ public class IntroductionIntegrationTest byte[] ePublicKeyBytes1f = eKeyPair1f.getPublic().getEncoded(); sharedSecret = crypto.deriveSharedSecret(SHARED_SECRET_LABEL, eKeyPair2.getPublic(), eKeyPair1f, true); - nonce1 = crypto.deriveKeyBindingNonce(ALICE_NONCE_LABEL, sharedSecret); + nonce1 = crypto.mac(ALICE_NONCE_LABEL, sharedSecret); // recalculate MAC macKey1 = crypto.deriveKey(ALICE_MAC_KEY_LABEL, sharedSecret); -- GitLab