AGentooCat/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Packages Projects Releases Wiki Activity

SSU2: Zero out intermediate handshake KDF results in-memory when done

Browse Source 
Minor cleanup in est. mgr
This commit is contained in:
zzz
2023-01-26 07:13:54 -05:00
parent 9275c79b39
commit ad64e9c21e
3 changed files with 13 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
router/java/src/net/i2p/router/transport/udp/EstablishmentManager.java
View File

@@ -826,10 +826,10 @@ class EstablishmentManager {
if (_transport.isTooClose(to.getIP()))
return;
DatagramPacket pkt = fromPacket.getPacket();
int off = pkt.getOffset();
int len = pkt.getLength();
if (len < MIN_LONG_DATA_LEN)
return;
int off = pkt.getOffset();
byte data[] = pkt.getData();
int type = data[off + TYPE_OFFSET] & 0xff;
if (type == SSU2Util.SESSION_REQUEST_FLAG_BYTE && len < MIN_SESSION_REQUEST_LEN)

6
router/java/src/net/i2p/router/transport/udp/InboundEstablishState2.java
View File

@@ -7,6 +7,7 @@ import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.net.UnknownHostException;
import java.security.GeneralSecurityException;
import java.util.Arrays;
import java.util.ArrayList;
import java.util.List;
@@ -829,6 +830,11 @@ class InboundEstablishState2 extends InboundEstablishState implements SSU2Payloa
"\nGenerated header key 2 for A->B: " + Base64.encode(h_ab) +
"\nGenerated header key 2 for B->A: " + Base64.encode(h_ba));
****/
Arrays.fill(ckd, (byte) 0);
Arrays.fill(k_ab, (byte) 0);
Arrays.fill(k_ba, (byte) 0);
Arrays.fill(d_ab, (byte) 0);
Arrays.fill(d_ba, (byte) 0);
_handshakeState.destroy();
if (_createdSentCount == 1)
_rtt = (int) ( _context.clock().now() - _lastSend );

6
router/java/src/net/i2p/router/transport/udp/OutboundEstablishState2.java
View File

@@ -6,6 +6,7 @@ import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.net.UnknownHostException;
import java.security.GeneralSecurityException;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -766,6 +767,11 @@ class OutboundEstablishState2 extends OutboundEstablishState implements SSU2Payl
"\nGenerated header key 2 for A->B: " + Base64.encode(h_ab) +
"\nGenerated header key 2 for B->A: " + Base64.encode(h_ba));
****/
Arrays.fill(ckd, (byte) 0);
Arrays.fill(k_ab, (byte) 0);
Arrays.fill(k_ba, (byte) 0);
Arrays.fill(d_ab, (byte) 0);
Arrays.fill(d_ba, (byte) 0);
_handshakeState.destroy();
if (_requestSentCount == 1)
_rtt = (int) ( _context.clock().now() - _lastSend );