2005-07-04 jrandom

* Within the tunnel, use xor(IV, msg[0:16]) as the flag to detect dups, rather than the IV by itself, preventing an attack that would let colluding internal adversaries tag a message to determine that they are in the same tunnel. Thanks dvorak for the catch! * Drop long inactive profiles on startup and shutdown * /configstats.jsp: web interface to pick what stats to log * Deliver more session tags to account for wider window sizes * Cache some intermediate values in our HMACSHA256 and BC's HMAC * Track the client send rate (stream.sendBps and client.sendBpsRaw) * UrlLauncher: adjust the browser selection order * I2PAppContext: hooks for dummy HMACSHA256 and a weak PRNG * StreamSinkClient: add support for sending an unlimited amount of data * Migrate the tests out of the default build jars 2005-06-22 Comwiz * Migrate the core tests to junit
2005-07-04 20:44:17 +00:00
parent 440cf2c983
commit 18d3f5d25d
80 changed files with 2398 additions and 958 deletions
--- a/core/java/src/org/bouncycastle/crypto/macs/HMac.java
+++ b/core/java/src/org/bouncycastle/crypto/macs/HMac.java
@@ -31,13 +31,17 @@ import org.bouncycastle.crypto.Digest;
 import org.bouncycastle.crypto.Mac;
 //import org.bouncycastle.crypto.params.KeyParameter;
 import java.util.Arrays;
+import java.util.ArrayList;

 /**
 * HMAC implementation based on RFC2104
 *
 * H(K XOR opad, H(K XOR ipad, text))
 *
- * modified by jrandom to use the session key byte array directly
+ * modified by jrandom to use the session key byte array directly and to cache
+ * a frequently used buffer (called on doFinal).  changes released into the public
+ * domain in 2005.
+ *
 */
 public class HMac
 implements Mac
@@ -137,11 +141,13 @@ implements Mac
        byte[] out,
        int outOff)
    {
-        byte[] tmp = new byte[digestSize];
+        byte[] tmp = acquireTmp();
+        //byte[] tmp = new byte[digestSize];
        digest.doFinal(tmp, 0);

        digest.update(outputPad, 0, outputPad.length);
        digest.update(tmp, 0, tmp.length);
+        releaseTmp(tmp);

        int     len = digest.doFinal(out, outOff);

@@ -149,6 +155,26 @@ implements Mac

        return len;
    }
+    
+    private static ArrayList _tmpBuf = new ArrayList();
+    private static byte[] acquireTmp() {
+        byte rv[] = null;
+        synchronized (_tmpBuf) {
+            if (_tmpBuf.size() > 0)
+                rv = (byte[])_tmpBuf.remove(0);
+        }
+        if (rv != null)
+            Arrays.fill(rv, (byte)0x0);
+        else
+            rv = new byte[32]; // hard coded against SHA256 (should be digestSize)
+        return rv;
+    }
+    private static void releaseTmp(byte buf[]) {
+        synchronized (_tmpBuf) {
+            if (_tmpBuf.size() < 100) 
+                _tmpBuf.add((Object)buf);
+        }
+    }

    /**
     * Reset the mac generator.
--- a/core/java/src/org/xlattice/crypto/filters/BloomSHA1.java
+++ b/core/java/src/org/xlattice/crypto/filters/BloomSHA1.java
@@ -47,6 +47,16 @@ public class BloomSHA1 {
    protected final int filterBits;
    protected final int filterWords;
    
+    public static void main(String args[]) {
+        BloomSHA1 b = new BloomSHA1(24, 11);
+        for (int i = 0; i < 100; i++) {
+            byte v[] = new byte[32];
+            v[0] = (byte)i;
+            b.insert(v);
+        }
+    }
+    
+    
    /**
     * Creates a filter with 2^m bits and k 'hash functions', where
     * each hash function is portion of the 160-bit SHA1 hash.