EstablishState
InboundEstablishState
, OutboundEstablishState
abstract class EstablishBase extends Object implements EstablishState
Alice contacts Bob ========================================================= Message 1 (Session Request): X+(H(X) xor Bob.identHash)-----------------------------> Message 2 (Session Created): <----------------------------------------Y+E(H(X+Y)+tsB, sk, Y[239:255]) Message 3 (Session Confirm A): E(sz+Alice.identity+tsA+padding+S(X+Y+Bob.identHash+tsA+tsB), sk, hX_xor_Bob.identHash[16:31])---> Message 4 (Session Confirm B): <----------------------E(S(X+Y+Alice.identHash+tsA+tsB)+padding, sk, prev) Key: X, Y: 256 byte DH keys H(): 32 byte SHA256 Hash E(data, session key, IV): AES256 Encrypt S(): 40 byte DSA Signature tsA, tsB: timestamps (4 bytes, seconds since epoch) sk: 32 byte Session key sz: 2 byte size of Alice identity to followAlternately, when Bob receives a connection, it could be a check connection (perhaps prompted by Bob asking for someone to verify his listener). check connections are formatted per isCheckInfo() NOTE: Check info is unused.
Modifier and Type | Class | Description |
---|---|---|
protected static class |
EstablishBase.State |
Modifier and Type | Field | Description |
---|---|---|
protected NTCPConnection |
_con |
|
protected RouterContext |
_context |
|
protected byte[] |
_curDecrypted |
decryption buffer
|
protected DHSessionKeyBuilder |
_dh |
|
protected byte[] |
_e_bobSig |
|
protected byte[] |
_e_hXY_tsB |
|
protected byte[] |
_hX_xor_bobIdentHash |
|
protected Log |
_log |
|
protected long |
_peerSkew |
OUR clock minus HIS clock, in seconds
Inbound: tsB - tsA - rtt/2
Outbound: tsA - tsB - rtt/2
|
protected byte[] |
_prevEncrypted |
previously received encrypted block (or the IV)
|
protected int |
_received |
bytes received so far
|
protected EstablishBase.State |
_state |
|
protected Object |
_stateLock |
|
protected NTCPTransport |
_transport |
|
protected long |
_tsA |
Alice's timestamp in seconds, this is in message #3, *after* _tsB
Only saved for outbound.
|
protected long |
_tsB |
Bob's timestamp in seconds, this is in message #2, *before* _tsA
|
protected byte[] |
_X |
|
protected byte[] |
_Y |
|
protected static int |
AES_SIZE |
|
static net.i2p.router.transport.ntcp.EstablishBase.FailedEstablishState |
FAILED |
|
protected static int |
HXY_SIZE |
|
protected static int |
HXY_TSB_PAD_SIZE |
|
protected static int |
MAX_RI_SIZE |
|
protected static int |
MIN_RI_SIZE |
|
static net.i2p.router.transport.ntcp.EstablishBase.VerifiedEstablishState |
VERIFIED |
|
protected static int |
XY_SIZE |
Modifier | Constructor | Description |
---|---|---|
protected |
EstablishBase(RouterContext ctx,
NTCPTransport transport,
NTCPConnection con) |
Modifier and Type | Method | Description |
---|---|---|
protected static String |
_x(String s) |
Mark a string for extraction by xgettext and translation.
|
protected void |
changeState(EstablishBase.State state) |
|
void |
close(String reason,
Exception e) |
Release resources on timeout.
|
protected void |
fail(String reason) |
Caller must synch.
|
protected void |
fail(String reason,
Exception e) |
Caller must synch.
|
protected void |
fail(String reason,
Exception e,
boolean bySkew) |
Caller must synch.
|
String |
getError() |
|
Exception |
getException() |
|
byte[] |
getExtraBytes() |
if complete, this will contain any bytes received as part of the
handshake that were after the actual handshake.
|
boolean |
getFailedBySkew() |
Was this connection failed because of clock skew?
|
abstract int |
getVersion() |
Get the NTCP version
|
boolean |
isComplete() |
If synchronized on this, fails with
deadlocks from all over via CSFI.isEstablished().
|
boolean |
isCorrupt() |
did the handshake fail for some reason?
|
protected String |
prefix() |
|
protected void |
prepareExtra(ByteBuffer buf) |
Anything left over in the byte buffer after verification is extra
All data must be copied out of the buffer as Reader.processRead()
will return it to the pool.
|
void |
prepareOutbound() |
Does nothing.
|
void |
receive(ByteBuffer src) |
parse the contents of the buffer as part of the handshake.
|
protected void |
releaseBufs(boolean isVerified) |
Only call once.
|
String |
toString() |
|
protected static void |
xor32(byte[] a,
byte[] b) |
XOR a into b.
|
public static final net.i2p.router.transport.ntcp.EstablishBase.VerifiedEstablishState VERIFIED
public static final net.i2p.router.transport.ntcp.EstablishBase.FailedEstablishState FAILED
protected final RouterContext _context
protected final Log _log
protected final byte[] _X
protected final byte[] _hX_xor_bobIdentHash
protected final byte[] _Y
protected final byte[] _e_hXY_tsB
protected transient long _tsB
protected transient long _tsA
protected transient long _peerSkew
protected transient byte[] _e_bobSig
protected byte[] _prevEncrypted
protected final byte[] _curDecrypted
protected int _received
protected final DHSessionKeyBuilder _dh
protected final NTCPTransport _transport
protected final NTCPConnection _con
protected static final int MIN_RI_SIZE
protected static final int MAX_RI_SIZE
protected static final int AES_SIZE
protected static final int XY_SIZE
protected static final int HXY_SIZE
protected static final int HXY_TSB_PAD_SIZE
protected final Object _stateLock
protected volatile EstablishBase.State _state
protected EstablishBase(RouterContext ctx, NTCPTransport transport, NTCPConnection con)
protected void changeState(EstablishBase.State state)
public void receive(ByteBuffer src)
receive
in interface EstablishState
public void prepareOutbound()
prepareOutbound
in interface EstablishState
public boolean getFailedBySkew()
getFailedBySkew
in interface EstablishState
public boolean isCorrupt()
isCorrupt
in interface EstablishState
public boolean isComplete()
isComplete
in interface EstablishState
public abstract int getVersion()
getVersion
in interface EstablishState
protected void prepareExtra(ByteBuffer buf)
public byte[] getExtraBytes()
getExtraBytes
in interface EstablishState
public void close(String reason, Exception e)
close
in interface EstablishState
e
- may be nullprotected void fail(String reason)
protected void releaseBufs(boolean isVerified)
public String getError()
getError
in interface EstablishState
public Exception getException()
getException
in interface EstablishState
protected static void xor32(byte[] a, byte[] b)
a
- 32 bytesb
- 32 bytesprotected String prefix()