Changeset fd23b23


Ignore:
Timestamp:
Dec 11, 2018 12:19:46 PM (18 months ago)
Author:
zzz <zzz@…>
Branches:
master
Children:
2746ed5
Parents:
a63d2dc
Message:

Crypto: HMAC-SHA256 cleanup
Add byte[] key method to reduce object churn in NTCP2
Un-deprecate in context

Files:
3 edited

Legend:

Unmodified
Added
Removed
  • core/java/src/net/i2p/I2PAppContext.java

    ra63d2dc rfd23b23  
    747747    }
    748748
    749     /** @deprecated used only by syndie */
    750     @Deprecated
     749    /**
     750     * Un-deprecated in 0.9.38
     751     */
    751752    public HMAC256Generator hmac256() {
    752753        if (!_hmac256Initialized)
  • core/java/src/net/i2p/crypto/HMAC256Generator.java

    ra63d2dc rfd23b23  
    55import java.security.MessageDigest;
    66import java.security.NoSuchAlgorithmException;
     7import javax.crypto.Mac;
    78import javax.crypto.spec.SecretKeySpec;
    89
     
    2021 * As of 0.9.12, uses javax.crypto.Mac.
    2122 *
    22  * Deprecated, used only by Syndie.
     23 * Warning - used by Syndie, don't break it.
    2324 */
    2425public final class HMAC256Generator extends HMACGenerator {
     
    3435     */
    3536    @Override
     37    @Deprecated
    3638    protected I2PHMac acquire() {
    3739        throw new UnsupportedOperationException();
     
    4749     */
    4850    @Override
     51    @Deprecated
    4952    public Hash calculate(SessionKey key, byte data[]) {
    5053        throw new UnsupportedOperationException();
     
    6164    @Override
    6265    public void calculate(SessionKey key, byte data[], int offset, int length, byte target[], int targetOffset) {
     66        calculate(key.getData(), data, offset, length, target, targetOffset);
     67    }
     68   
     69    /**
     70     *  Calculate the HMAC of the data with the given key.
     71     *  Outputs 32 bytes to target starting at targetOffset.
     72     *
     73     *  @param key 32 bytes
     74     *  @throws UnsupportedOperationException if the JVM does not support it
     75     *  @throws IllegalArgumentException for bad key or target too small
     76     *  @since 0.9.38
     77     */
     78    public void calculate(byte[] key, byte data[], int offset, int length, byte target[], int targetOffset) {
    6379        try {
    64             javax.crypto.Mac mac = javax.crypto.Mac.getInstance("HmacSHA256");
    65             Key keyObj = new SecretKeySpec(key.getData(), "HmacSHA256");
     80            Mac mac = Mac.getInstance("HmacSHA256");
     81            Key keyObj = new SecretKeySpec(key, "HmacSHA256");
    6682            mac.init(keyObj);
    6783            mac.update(data, offset, length);
  • router/java/src/net/i2p/router/transport/ntcp/OutboundNTCP2State.java

    ra63d2dc rfd23b23  
    437437        // TODO use noise HMAC or HKDF method instead?
    438438        // ask_master = HKDF(ck, zerolen, info="ask")
    439         SessionKey tk = new SessionKey(state.getChainingKey());
    440         byte[] temp_key = doHMAC(ctx, tk, ZEROLEN);
    441         tk = new SessionKey(temp_key);
    442         byte[] ask_master = doHMAC(ctx, tk, ASK);
     439        byte[] temp_key = doHMAC(ctx, state.getChainingKey(), ZEROLEN);
     440        byte[] ask_master = doHMAC(ctx, temp_key, ASK);
    443441        byte[] tmp = new byte[32 + SIPHASH.length];
    444442        byte[] hash = state.getHandshakeHash();
    445443        System.arraycopy(hash, 0, tmp, 0, 32);
    446444        System.arraycopy(SIPHASH, 0, tmp, 32, SIPHASH.length);
    447         tk = new SessionKey(ask_master);
    448         temp_key = doHMAC(ctx, tk, tmp);
    449         tk = new SessionKey(temp_key);
    450         byte[] sip_master = doHMAC(ctx, tk, ONE);
    451         tk = new SessionKey(sip_master);
    452         temp_key = doHMAC(ctx, tk, ZEROLEN);
    453         tk = new SessionKey(temp_key);
     445        temp_key = doHMAC(ctx, ask_master, tmp);
     446        byte[] sip_master = doHMAC(ctx, temp_key, ONE);
     447        temp_key = doHMAC(ctx, sip_master, ZEROLEN);
    454448        // Output 1
    455         byte[] sip_ab = doHMAC(ctx, tk, ONE);
     449        byte[] sip_ab = doHMAC(ctx, temp_key, ONE);
    456450        // Output 2
    457451        tmp = new byte[KEY_SIZE + 1];
    458452        System.arraycopy(sip_ab, 0, tmp, 0, 32);
    459453        tmp[32] = 2;
    460         byte[] sip_ba = doHMAC(ctx, tk, tmp);
     454        byte[] sip_ba = doHMAC(ctx, temp_key, tmp);
    461455        Arrays.fill(temp_key, (byte) 0);
    462456        Arrays.fill(tmp, (byte) 0);
     
    464458    }
    465459
    466     private static byte[] doHMAC(RouterContext ctx, SessionKey key, byte data[]) {
     460    private static byte[] doHMAC(RouterContext ctx, byte[] key, byte[] data) {
    467461        byte[] rv = new byte[32];
    468462        ctx.hmac256().calculate(key, data, 0, data.length, rv, 0);
Note: See TracChangeset for help on using the changeset viewer.