* 2005-03-29 0.5.0.5 released

2005-03-29  jrandom
    * Decreased the initial RTT estimate to 10s to allow more retries.
    * Increased the default netDb store replication factor from 2 to 6 to take
      into consideration tunnel failures.
    * Address some statistical anonymity attacks against the netDb that could
      be mounted by an active internal adversary by only answering lookups for
      leaseSets we received through an unsolicited store.
    * Don't throttle lookup responses (we throttle enough elsewhere)
    * Fix the NewsFetcher so that it doesn't incorrectly resume midway through
      the file (thanks nickster!)
    * Updated the I2PTunnel HTML (thanks postman!)
    * Added support to the I2PTunnel pages for the URL parameter "passphrase",
      which, if matched against the router.config "i2ptunnel.passphrase" value,
      skips the nonce check.  If the config prop doesn't exist or is blank, no
      passphrase is accepted.
    * Implemented HMAC-SHA256.
    * Enable the tunnel batching with a 500ms delay by default
    * Dropped compatability with 0.5.0.3 and earlier releases

core/java/src/net/i2p/CoreVersion.java

@@ -14,8 +14,8 @@ package net.i2p;
  *
  */
 public class CoreVersion {
-    public final static String ID = "$Revision: 1.31 $ $Date: 2005/03/18 17:34:53 $";
-    public final static String VERSION = "0.5.0.4";
+    public final static String ID = "$Revision: 1.32 $ $Date: 2005/03/24 02:29:28 $";
+    public final static String VERSION = "0.5.0.5";
 
     public static void main(String args[]) {
         System.out.println("I2P Core version: " + VERSION);

core/java/src/net/i2p/crypto/HMACSHA256Generator.java

@@ -1,33 +1,101 @@
 package net.i2p.crypto;
 
+import java.util.Arrays;
 import net.i2p.I2PAppContext;
 import net.i2p.data.DataHelper;
 import net.i2p.data.Hash;
 import net.i2p.data.SessionKey;
 
 /**
- * Calculate the HMAC-SHA256 of a key+message.  Currently FAKE - returns a stupid
- * kludgy hash: H(H(key) XOR H(data)).  Fix me!
+ * Calculate the HMAC-SHA256 of a key+message.
  *
  */
 public class HMACSHA256Generator {
-    public HMACSHA256Generator(I2PAppContext context) { // nop
+    private I2PAppContext _context;
+    public HMACSHA256Generator(I2PAppContext context) {
+        _context = context;
     }
     
     public static HMACSHA256Generator getInstance() {
         return I2PAppContext.getGlobalContext().hmac();
     }
     
+    private static final int PAD_LENGTH = 64;
+    
+    private static final byte[] _IPAD = new byte[PAD_LENGTH];
+    private static final byte[] _OPAD = new byte[PAD_LENGTH];
+    static {
+        for (int i = 0; i < _IPAD.length; i++) {
+            _IPAD[i] = 0x36;
+            _OPAD[i] = 0x5C;
+        }
+    }
+    
+
+    public Buffer createBuffer(int dataLen) { return new Buffer(dataLen); }
+    
+    public class Buffer {
+        private byte padded[];
+        private byte innerBuf[];
+        private SHA256EntryCache.CacheEntry innerEntry;
+        private byte rv[];
+        private byte outerBuf[];
+        private SHA256EntryCache.CacheEntry outerEntry;
+
+        public Buffer(int dataLength) {
+            padded = new byte[PAD_LENGTH];
+            innerBuf = new byte[dataLength + PAD_LENGTH];
+            innerEntry = _context.sha().cache().acquire(innerBuf.length);
+            rv = new byte[Hash.HASH_LENGTH];
+            outerBuf = new byte[Hash.HASH_LENGTH + PAD_LENGTH];
+            outerEntry = _context.sha().cache().acquire(outerBuf.length);
+        }
+        
+        public void releaseCached() {
+            _context.sha().cache().release(innerEntry);
+            _context.sha().cache().release(outerEntry);
+        }
+        
+        public byte[] getHash() { return rv; }
+    }
+    
     /**
-     * This should calculate the HMAC/SHA256, but it DOESNT.  Its just a kludge.
-     * Fix me.
+     * Calculate the HMAC of the data with the given key
      */
     public Hash calculate(SessionKey key, byte data[]) {
         if ((key == null) || (key.getData() == null) || (data == null))
             throw new NullPointerException("Null arguments for HMAC");
-
-        Hash hkey = SHA256Generator.getInstance().calculateHash(key.getData());
-        Hash hdata = SHA256Generator.getInstance().calculateHash(data);
-        return SHA256Generator.getInstance().calculateHash(DataHelper.xor(hkey.getData(), hdata.getData()));
+        
+        Buffer buf = new Buffer(data.length);
+        calculate(key, data, buf);
+        Hash rv = new Hash(buf.rv);
+        buf.releaseCached();
+        return rv;
+    }
+    
+    /**
+     * Calculate the HMAC of the data with the given key
+     */
+    public void calculate(SessionKey key, byte data[], Buffer buf) {
+        // inner hash
+        padKey(key.getData(), _IPAD, buf.padded);
+        System.arraycopy(buf.padded, 0, buf.innerBuf, 0, PAD_LENGTH);
+        System.arraycopy(data, 0, buf.innerBuf, PAD_LENGTH, data.length);
+        
+        Hash h = _context.sha().calculateHash(buf.innerBuf, buf.innerEntry);
+        
+        // outer hash
+        padKey(key.getData(), _OPAD, buf.padded);
+        System.arraycopy(buf.padded, 0, buf.outerBuf, 0, PAD_LENGTH);
+        System.arraycopy(h.getData(), 0, buf.outerBuf, PAD_LENGTH, Hash.HASH_LENGTH);
+        
+        h = _context.sha().calculateHash(buf.outerBuf, buf.outerEntry);
+        System.arraycopy(h.getData(), 0, buf.rv, 0, Hash.HASH_LENGTH);
+    }
+    
+    private static final void padKey(byte key[], byte pad[], byte out[]) {
+        for (int i = 0; i < SessionKey.KEYSIZE_BYTES; i++)
+            out[i] = (byte) (key[i] ^ pad[i]);
+        Arrays.fill(out, SessionKey.KEYSIZE_BYTES, PAD_LENGTH, pad[0]);
     }
 }

core/java/src/net/i2p/data/Base64.java

@@ -329,6 +329,8 @@ public class Base64 {
      * replacing / with ~, and + with -
      */
     private static String safeEncode(byte[] source, int off, int len, boolean useStandardAlphabet) {
+        if (len + off > source.length)
+            throw new ArrayIndexOutOfBoundsException("Trying to encode too much!  source.len=" + source.length + " off=" + off + " len=" + len);
         String encoded = encodeBytes(source, off, len, false);
         if (useStandardAlphabet) {
             // noop

core/java/src/net/i2p/data/LeaseSet.java

@@ -35,6 +35,7 @@ public class LeaseSet extends DataStructureImpl {
     private Signature _signature;
     private volatile Hash _currentRoutingKey;
     private volatile byte[] _routingKeyGenMod;
+    private boolean _receivedAsPublished;
 
     /** um, no lease can last more than a year.  */
     private final static long MAX_FUTURE_EXPIRATION = 365 * 24 * 60 * 60 * 1000L;
@@ -47,6 +48,7 @@ public class LeaseSet extends DataStructureImpl {
         setRoutingKey(null);
         _leases = new ArrayList();
         _routingKeyGenMod = null;
+        _receivedAsPublished = false;
     }
 
     public Destination getDestination() {
@@ -72,6 +74,14 @@ public class LeaseSet extends DataStructureImpl {
     public void setSigningKey(SigningPublicKey key) {
         _signingKey = key;
     }
+    
+    /**
+     * If true, we received this LeaseSet by a remote peer publishing it to
+     * us, rather than by searching for it ourselves or locally creating it.
+     *
+     */
+    public boolean getReceivedAsPublished() { return _receivedAsPublished; }
+    public void setReceivedAsPublished(boolean received) { _receivedAsPublished = received; }
 
     public void addLease(Lease lease) {
         if (lease == null) throw new IllegalArgumentException("erm, null lease");

core/java/test/net/i2p/crypto/HMACSHA256Bench.java

@@ -0,0 +1,112 @@
+package net.i2p.crypto;
+
+/* 
+ * Copyright (c) 2003, TheCrypto
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions are met:
+ * 
+ * - Redistributions of source code must retain the above copyright notice, this 
+ *   list of conditions and the following disclaimer.
+ * - Redistributions in binary form must reproduce the above copyright notice, 
+ *   this list of conditions and the following disclaimer in the documentation 
+ *   and/or other materials provided with the distribution.
+ * -  Neither the name of the TheCrypto may be used to endorse or promote 
+ *    products derived from this software without specific prior written 
+ *    permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+import net.i2p.I2PAppContext;
+import net.i2p.data.Hash;
+import net.i2p.data.SessionKey;
+
+public class HMACSHA256Bench {
+	public static void main(String args[]) {
+        I2PAppContext ctx = I2PAppContext.getGlobalContext();
+        SessionKey key = ctx.keyGenerator().generateSessionKey();
+		Hash asdfs = HMACSHA256Generator.getInstance().calculate(key, "qwerty".getBytes());
+			
+		int times = 100000;
+		long shorttime = 0;
+		long medtime = 0;
+		long longtime = 0;
+		long minShort = 0;
+		long maxShort = 0;
+		long minMed = 0;
+		long maxMed = 0;
+		long minLong = 0;
+		long maxLong = 0;
+        
+		long shorttime1 = 0;
+		long medtime1 = 0;
+		long longtime1 = 0;
+		long minShort1 = 0;
+		long maxShort1 = 0;
+		long minMed1 = 0;
+		long maxMed1 = 0;
+		long minLong1 = 0;
+		long maxLong1 = 0;
+        
+		byte[] smess = new String("abc").getBytes();
+		StringBuffer buf = new StringBuffer();
+		for (int x = 0; x < 2*1024; x++) {
+			buf.append("a");
+		}
+		byte[] mmess = buf.toString().getBytes(); // new String("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq").getBytes();
+		buf = new StringBuffer();
+		for (int x = 0; x < 10000; x++) {
+			buf.append("a");
+		}
+		byte[] lmess = buf.toString().getBytes();
+        
+        HMACSHA256Generator.Buffer sbuf = ctx.hmac().createBuffer(smess.length);
+        HMACSHA256Generator.Buffer mbuf = ctx.hmac().createBuffer(mmess.length);
+        HMACSHA256Generator.Buffer lbuf = ctx.hmac().createBuffer(lmess.length);
+        
+		// warm up the engines
+        ctx.hmac().calculate(key, smess, sbuf);
+        ctx.hmac().calculate(key, mmess, mbuf);
+        ctx.hmac().calculate(key, lmess, lbuf);
+        
+        long before = System.currentTimeMillis();
+        for (int x = 0; x < times; x++)
+            ctx.hmac().calculate(key, smess, sbuf);
+        long after = System.currentTimeMillis();
+        
+        display(times, before, after, smess.length, "3 byte");
+        
+        before = System.currentTimeMillis();
+        for (int x = 0; x < times; x++)
+            ctx.hmac().calculate(key, mmess, mbuf);
+        after = System.currentTimeMillis();
+
+        display(times, before, after, mmess.length, "2KB");
+        
+        before = System.currentTimeMillis();
+        for (int x = 0; x < times; x++)
+            ctx.hmac().calculate(key, lmess, lbuf);
+        after = System.currentTimeMillis();
+
+        display(times, before, after, lmess.length, "10KB");
+	}
+    
+    private static void display(int times, long before, long after, int len, String name) {
+        double rate = ((double)times)/(((double)after-(double)before)/1000.0d);
+        double kbps = ((double)len/1024.0d)*((double)times)/(((double)after-(double)before)/1000.0d);
+        System.out.println(name + " HMAC-SHA256 pulled " + kbps + "KBps or " + rate + " calcs per second");
+    }
+}
+