/** * Tunnel layer encryption key that the current hop should use */ public SessionKey readLayerKey() { byte key[] = new byte[SessionKey.KEYSIZE_BYTES]; System.arraycopy(_data, OFF_LAYER_KEY, key, 0, SessionKey.KEYSIZE_BYTES); return new SessionKey(key); }
/** * Generates session key and mac key. */ public synchronized void generateSessionKey() throws DHSessionKeyBuilder.InvalidPublicParameterException { if (_sessionKey != null) return; try { _keyBuilder.setPeerPublicValue(_receivedX); } catch (IllegalStateException ise) { throw new DHSessionKeyBuilder.InvalidPublicParameterException("reused keys?", ise); } _sessionKey = _keyBuilder.getSessionKey(); ByteArray extra = _keyBuilder.getExtraBytes(); _macKey = new SessionKey(new byte[SessionKey.KEYSIZE_BYTES]); System.arraycopy(extra.getData(), 0, _macKey.getData(), 0, SessionKey.KEYSIZE_BYTES); if (_log.shouldLog(Log.DEBUG)) _log.debug("Established inbound keys. cipher: " + Base64.encode(_sessionKey.getData()) + " mac: " + Base64.encode(_macKey.getData())); }
public DataStructure createDataStructure() throws DataFormatException { SessionKey key = new SessionKey(); byte data[] = new byte[SessionKey.KEYSIZE_BYTES]; for (int i = 0; i < data.length; i++) data[i] = (byte)(i%16); key.setData(data); return key; } public DataStructure createStructureToRead() { return new SessionKey(); }
/** encrypt exactly 16 bytes using the session key * @param payload plaintext data, 16 bytes starting at inIndex * @param sessionKey private session key * @param out out parameter, 16 bytes starting at outIndex */ @Override public final void encryptBlock(byte payload[], int inIndex, SessionKey sessionKey, byte out[], int outIndex) { Object pkey = sessionKey.getPreparedKey(); if (pkey == null) { try { pkey = CryptixRijndael_Algorithm.makeKey(sessionKey.getData(), 16); sessionKey.setPreparedKey(pkey); } catch (InvalidKeyException ike) { _log.log(Log.CRIT, "Invalid key", ike); throw new IllegalArgumentException("invalid key? " + ike.getMessage()); } } CryptixRijndael_Algorithm.blockEncrypt(payload, out, inIndex, outIndex, pkey); }
System.arraycopy(decrypted, cur, rekeyVal, 0, SessionKey.KEYSIZE_BYTES); cur += SessionKey.KEYSIZE_BYTES; newKey = new SessionKey(); newKey.setData(rekeyVal); if (newKey != null) foundKey.setData(newKey.getData()); return unencrData;
/** * Calculate the HMAC of the data with the given key. * Outputs 32 bytes to target starting at targetOffset. * * @throws UnsupportedOperationException if the JVM does not support it * @throws IllegalArgumentException for bad key or target too small * @since 0.9.12 overrides HMACGenerator */ @Override public void calculate(SessionKey key, byte data[], int offset, int length, byte target[], int targetOffset) { calculate(key.getData(), data, offset, length, target, targetOffset); }
SessionTag st = new SessionTag(tag); SessionKey key = keyManager.consumeTag(st); SessionKey foundKey = new SessionKey(); SessionKey usedKey = new SessionKey(); Set<SessionTag> foundTags = new HashSet<SessionTag>(); byte decrypted[]; _log.debug("Decrypting existing session encrypted with tag: " + st.toString() + ": key: " + key.toBase64() + ": " + data.length + " bytes " /* + Base64.encode(data, 0, 64) */ ); if (foundKey.getData() != null) { if (shouldDebug) _log.debug("Found key: " + foundKey.toBase64() + " tags: " + foundTags + " wasExisting? " + wasExisting); keyManager.tagsReceived(foundKey, foundTags); } else if (usedKey.getData() != null) { if (shouldDebug) _log.debug("Used key: " + usedKey.toBase64() + " tags: " + foundTags + " wasExisting? " + wasExisting); keyManager.tagsReceived(usedKey, foundTags);
private void addFromProperties() { for (String prop : _ctx.getPropertyNames()) { if (!prop.startsWith(PROP_PFX)) continue; String key = _ctx.getProperty(prop); if (key == null || key.length() != 44) continue; String hb = prop.substring(PROP_PFX.length()); hb = hb.replace("$", "="); Hash dest = new Hash(); SessionKey sk = new SessionKey(); try { dest.fromBase64(hb); sk.fromBase64(key); super.put(dest, sk); } catch (DataFormatException dfe) { continue; } } } }
/** New key */ private String generateNewEncryptionKey() { TunnelController tun = getController(_tunnel); if (tun == null) { // creating new } else if (tun.getIsRunning() || tun.getIsStarting()) { return "Tunnel must be stopped before modifying leaseset encryption key"; } byte[] data = new byte[SessionKey.KEYSIZE_BYTES]; _context.random().nextBytes(data); SessionKey sk = new SessionKey(data); setEncryptKey(sk.toBase64()); setEncrypt(""); saveChanges(); return "New Leaseset Encryption Key: " + sk.toBase64(); }
key.writeBytes(elgSrc); }catch(DataFormatException dfe){ dfe.printStackTrace(); SessionKey nk = new SessionKey(); nk.readBytes(bais); }catch(DataFormatException dfe){ dfe.printStackTrace();
str.append("\n\tCalc HMAC: ").append(Base64.encode(calc, 0, MAC_SIZE)); str.append("\n\tRead HMAC: ").append(Base64.encode(_data, _packet.getOffset(), MAC_SIZE)); str.append("\n\tUsing key: ").append(macKey.toBase64()); if (DataHelper.eq(macKey.getData(), 0, _context.routerHash().getData(), 0, 32)) str.append(" (Intro)"); else
sets.addAll(e.getValue()); totalSets += sets.size(); buf.append("<tr><td><b>Session key:</b> ").append(skey.toBase64()).append("</td>" + "<td><b>Sets:</b> ").append(sets.size()).append("</td></tr>" + "<tr class=\"expiry\"><td colspan=\"2\"><ul>"); "<b>Ack Received?</b> ").append(sess.getAckReceived()).append("<br>" + "<b>Last Used:</b> ").append(DataHelper.formatDuration2(now - sess.getLastUsedDate())).append(" ago<br>" + "<b>Session key:</b> ").append(sess.getCurrentKey().toBase64()).append("</div></td>" + "<td><b># Sets:</b> ").append(sess.getTagSets().size()).append("</td></tr>" + "<tr><td colspan=\"2\"><ul>");
System.arraycopy(elgDecr, offset, key, 0, SessionKey.KEYSIZE_BYTES); offset += SessionKey.KEYSIZE_BYTES; usedKey.setData(key); byte[] preIV = SimpleByteCache.acquire(32); System.arraycopy(elgDecr, offset, preIV, 0, 32);
/** * Determine (approximately) how many available session tags for the current target * have been confirmed and are available * */ @Override public int getAvailableTags(PublicKey target, SessionKey key) { OutboundSession sess = getSession(target); if (sess == null) { return 0; } if (sess.getCurrentKey().equals(key)) { return sess.availableTags(); } return 0; }
/** * Calculate the HMAC of the data with the given key * * @return the first 16 bytes contain the HMAC, the last 16 bytes are zero * @deprecated unused (not even by Syndie) */ @Deprecated public Hash calculate(SessionKey key, byte data[]) { if ((key == null) || (key.getData() == null) || (data == null)) throw new NullPointerException("Null arguments for HMAC"); byte rv[] = acquireTmp(); Arrays.fill(rv, (byte)0x0); calculate(key, data, 0, data.length, rv, 0); return new Hash(rv); }
Hash h = dest.calculateHash(); if (encrypt && sk != null) { SessionKey key = new SessionKey(); try { key.fromBase64(sk); leaseSet.encrypt(key); _context.keyRing().put(h, key);
/** decrypt exactly 16 bytes of data with the session key provided * @param payload encrypted data, 16 bytes starting at inIndex * @param sessionKey private session key * @param rv out parameter, 16 bytes starting at outIndex */ @Override public final void decryptBlock(byte payload[], int inIndex, SessionKey sessionKey, byte rv[], int outIndex) { // just let it throw NPE or IAE later for speed, you'll figure it out //if ( (payload == null) || (rv == null) ) // throw new IllegalArgumentException("null block args"); //if (payload.length - inIndex > rv.length - outIndex) // throw new IllegalArgumentException("bad block args [payload.len=" + payload.length // + " inIndex=" + inIndex + " rv.len=" + rv.length // + " outIndex="+outIndex); Object pkey = sessionKey.getPreparedKey(); if (pkey == null) { try { pkey = CryptixRijndael_Algorithm.makeKey(sessionKey.getData(), 16); sessionKey.setPreparedKey(pkey); } catch (InvalidKeyException ike) { _log.log(Log.CRIT, "Invalid key", ike); throw new IllegalArgumentException("invalid key? " + ike.getMessage()); } } CryptixRijndael_Algorithm.blockDecrypt(payload, rv, inIndex, outIndex, pkey); }