net.i2p.router.crypto.ratchet

Class RatchetSKM

java.lang.Object

net.i2p.crypto.SessionKeyManager

net.i2p.router.crypto.ratchet.RatchetSKM

All Implemented Interfaces:

SessionTagListener

public class RatchetSKM
extends net.i2p.crypto.SessionKeyManager
implements SessionTagListener

Since:

0.9.44

Field Summary

Fields

Modifier and Type	Field and Description
protected RouterContext	_context
(package private) static long	SESSION_LIFETIME_MAX_MS Keep unused inbound session tags around for this long (a few minutes longer than session tags are used on the outbound side so that no reasonable network lag can cause failed decrypts) This is also the max idle time for an outbound session.
(package private) static long	SESSION_PENDING_DURATION_MS
(package private) static long	SESSION_TAG_DURATION_MS Let outbound session tags sit around for this long before expiring them.

Constructor Summary

Constructors

Constructor and Description
RatchetSKM(RouterContext context) For the router SKM only.
RatchetSKM(RouterContext context, net.i2p.data.Destination dest) The session key manager is constructed and accessed through the client manager.

Method Summary

Modifier and Type	Method and Description
(package private) void	ackRequested(net.i2p.data.PublicKey target, int id, int n)
boolean	addTag(RatchetSessionTag tag, RatchetTagSet ts) Map the tag to this tagset.
RatchetEntry	consumeNextAvailableTag(net.i2p.data.PublicKey target) Outbound.
net.i2p.data.SessionTag	consumeNextAvailableTag(net.i2p.data.PublicKey target, net.i2p.data.SessionKey key)
SessionKeyAndNonce	consumeTag(RatchetSessionTag tag) Inbound.
net.i2p.data.SessionKey	consumeTag(net.i2p.data.SessionTag tag)
(package private) boolean	createSession(net.i2p.data.PublicKey target, net.i2p.data.Destination d, HandshakeState state, ReplyCallback callback) Inbound or outbound.
void	createSession(net.i2p.data.PublicKey target, net.i2p.data.SessionKey key)
void	expireTag(RatchetSessionTag tag, RatchetTagSet ts) Remove the tag associated with this tagset.
void	failTags(net.i2p.data.PublicKey target) Deprecated. unused and rather drastic
void	failTags(net.i2p.data.PublicKey target, net.i2p.data.SessionKey key, net.i2p.crypto.TagSetHandle ts)
int	getAvailableTags(net.i2p.data.PublicKey target, net.i2p.data.SessionKey key) Determine (approximately) how many available session tags for the current target have been confirmed and are available
long	getAvailableTimeLeft(net.i2p.data.PublicKey target, net.i2p.data.SessionKey key) Determine how long the available tags will be available for before expiring, in milliseconds
net.i2p.data.SessionKey	getCurrentKey(net.i2p.data.PublicKey target)
net.i2p.data.SessionKey	getCurrentOrNewKey(net.i2p.data.PublicKey target)
net.i2p.data.Destination	getDestination()
(package private) net.i2p.data.Destination	getDestination(net.i2p.data.PublicKey target)
int	getLowThreshold()
int	getTagsToSend() How many to send, IF we need to.
(package private) boolean	isDuplicate(net.i2p.data.PublicKey pk)
(package private) void	nextKeyReceived(net.i2p.data.PublicKey target, NextSessionKey key)
(package private) void	receivedACK(net.i2p.data.PublicKey target, int id, int n)
(package private) void	registerCallback(net.i2p.data.PublicKey target, int id, int n, ReplyCallback callback)
(package private) boolean	registerTimer(net.i2p.data.PublicKey target, net.i2p.data.Destination d, net.i2p.util.SimpleTimer2.TimedEvent timer) Side effect - binds this session to the supplied destination.
void	renderStatusHTML(Writer out)
boolean	shouldSendTags(net.i2p.data.PublicKey target, net.i2p.data.SessionKey key, int lowThreshold)
void	shutdown() Cannot be restarted
void	tagsAcked(net.i2p.data.PublicKey target, net.i2p.data.SessionKey key, net.i2p.crypto.TagSetHandle ts)
net.i2p.crypto.TagSetHandle	tagsDelivered(net.i2p.data.PublicKey target, net.i2p.data.SessionKey key, Set<net.i2p.data.SessionTag> sessionTags)
void	tagsReceived(net.i2p.data.SessionKey key, RatchetSessionTag tag, long expire) One time session
void	tagsReceived(net.i2p.data.SessionKey key, Set<net.i2p.data.SessionTag> sessionTags)
void	tagsReceived(net.i2p.data.SessionKey key, Set<net.i2p.data.SessionTag> sessionTags, long expire)
(package private) boolean	updateSession(net.i2p.data.PublicKey target, HandshakeState oldState, HandshakeState state, ReplyCallback callback, SplitKeys split) Inbound or outbound.

Methods inherited from class net.i2p.crypto.SessionKeyManager

createSession, shouldSendTags

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

_context

protected final RouterContext _context

SESSION_TAG_DURATION_MS

static final long SESSION_TAG_DURATION_MS

Let outbound session tags sit around for this long before expiring them. Inbound tag expiration is set by SESSION_LIFETIME_MAX_MS

See Also:

Constant Field Values

SESSION_LIFETIME_MAX_MS

static final long SESSION_LIFETIME_MAX_MS

Keep unused inbound session tags around for this long (a few minutes longer than session tags are used on the outbound side so that no reasonable network lag can cause failed decrypts) This is also the max idle time for an outbound session.

See Also:

Constant Field Values

SESSION_PENDING_DURATION_MS

static final long SESSION_PENDING_DURATION_MS

See Also:

Constant Field Values

Constructor Detail

RatchetSKM

public RatchetSKM(RouterContext context)

For the router SKM only.

Since:

0.9.48

RatchetSKM

public RatchetSKM(RouterContext context,
                  net.i2p.data.Destination dest)

The session key manager is constructed and accessed through the client manager.

Parameters:

dest - null for router's SKM only

Method Detail

shutdown

public void shutdown()

Cannot be restarted

Overrides:

shutdown in class net.i2p.crypto.SessionKeyManager

getDestination

public net.i2p.data.Destination getDestination()

Since:

0.9.46

getCurrentKey

public net.i2p.data.SessionKey getCurrentKey(net.i2p.data.PublicKey target)

Overrides:

getCurrentKey in class net.i2p.crypto.SessionKeyManager

Throws:

UnsupportedOperationException - always

getCurrentOrNewKey

public net.i2p.data.SessionKey getCurrentOrNewKey(net.i2p.data.PublicKey target)

Overrides:

getCurrentOrNewKey in class net.i2p.crypto.SessionKeyManager

Throws:

UnsupportedOperationException - always

createSession

public void createSession(net.i2p.data.PublicKey target,
                          net.i2p.data.SessionKey key)

Overrides:

createSession in class net.i2p.crypto.SessionKeyManager

Throws:

UnsupportedOperationException - always

isDuplicate

boolean isDuplicate(net.i2p.data.PublicKey pk)

Returns:

true if a dup

Since:

0.9.46

createSession

boolean createSession(net.i2p.data.PublicKey target,
                      net.i2p.data.Destination d,
                      HandshakeState state,
                      ReplyCallback callback)

Inbound or outbound. Checks state.getRole() to determine. For outbound (NS sent), adds to list of pending inbound sessions and returns true. For inbound (NS rcvd), if no other pending outbound sessions, creates one and returns true, or false if one already exists.

Parameters:

d - null if unknown

callback - null for inbound, may be null for outbound

updateSession

boolean updateSession(net.i2p.data.PublicKey target,
                      HandshakeState oldState,
                      HandshakeState state,
                      ReplyCallback callback,
                      SplitKeys split)

Inbound or outbound. Checks state.getRole() to determine. For outbound (NSR rcvd by Alice), sets session to transition to ES mode outbound. For inbound (NSR sent by Bob), sets up inbound ES tagset.

Parameters:

oldState - null for inbound, pre-clone for outbound

Returns:

true if this was the first NSR received

nextKeyReceived

void nextKeyReceived(net.i2p.data.PublicKey target,
                     NextSessionKey key)

Since:

0.9.46

registerTimer

boolean registerTimer(net.i2p.data.PublicKey target,
                      net.i2p.data.Destination d,
                      net.i2p.util.SimpleTimer2.TimedEvent timer)

Side effect - binds this session to the supplied destination.

Parameters:

d - the far-end Destination for this PublicKey if known, or null

Returns:

true if registered

Since:

0.9.47

getDestination

net.i2p.data.Destination getDestination(net.i2p.data.PublicKey target)

Returns:

the far-end Destination for this PublicKey, or null

Since:

0.9.47

consumeNextAvailableTag

public net.i2p.data.SessionTag consumeNextAvailableTag(net.i2p.data.PublicKey target,
                                                       net.i2p.data.SessionKey key)

Overrides:

consumeNextAvailableTag in class net.i2p.crypto.SessionKeyManager

Throws:

UnsupportedOperationException - always

consumeNextAvailableTag

public RatchetEntry consumeNextAvailableTag(net.i2p.data.PublicKey target)

Outbound. Retrieve the next available session tag and key for sending a message to the target. If this returns null, no session is set up yet, and a New Session message should be sent. If this returns non-null, the tag in the RatchetEntry will be non-null. If the SessionKeyAndNonce contains a HandshakeState, then the session setup is in progress, and a New Session Reply message should be sent. Otherwise, an Existing Session message should be sent.

getTagsToSend

public int getTagsToSend()

How many to send, IF we need to.

Overrides:

getTagsToSend in class net.i2p.crypto.SessionKeyManager

Returns:

the configured value (not adjusted for current available)

getLowThreshold

public int getLowThreshold()

Overrides:

getLowThreshold in class net.i2p.crypto.SessionKeyManager

Returns:

the configured value

shouldSendTags

public boolean shouldSendTags(net.i2p.data.PublicKey target,
                              net.i2p.data.SessionKey key,
                              int lowThreshold)

Overrides:

shouldSendTags in class net.i2p.crypto.SessionKeyManager

Returns:

false always

getAvailableTags

public int getAvailableTags(net.i2p.data.PublicKey target,
                            net.i2p.data.SessionKey key)

Determine (approximately) how many available session tags for the current target have been confirmed and are available

Overrides:

getAvailableTags in class net.i2p.crypto.SessionKeyManager

getAvailableTimeLeft

public long getAvailableTimeLeft(net.i2p.data.PublicKey target,
                                 net.i2p.data.SessionKey key)

Determine how long the available tags will be available for before expiring, in milliseconds

Overrides:

getAvailableTimeLeft in class net.i2p.crypto.SessionKeyManager

tagsDelivered

public net.i2p.crypto.TagSetHandle tagsDelivered(net.i2p.data.PublicKey target,
                                                 net.i2p.data.SessionKey key,
                                                 Set<net.i2p.data.SessionTag> sessionTags)

Overrides:

tagsDelivered in class net.i2p.crypto.SessionKeyManager

Throws:

UnsupportedOperationException - always

failTags

@Deprecated
public void failTags(net.i2p.data.PublicKey target)

Deprecated. unused and rather drastic

Mark all of the tags delivered to the target up to this point as invalid, since the peer has failed to respond when they should have. This call essentially lets the system recover from corrupted tag sets and crashes

Overrides:

failTags in class net.i2p.crypto.SessionKeyManager

Throws:

UnsupportedOperationException - always

failTags

public void failTags(net.i2p.data.PublicKey target,
                     net.i2p.data.SessionKey key,
                     net.i2p.crypto.TagSetHandle ts)

Overrides:

failTags in class net.i2p.crypto.SessionKeyManager

Throws:

UnsupportedOperationException - always

tagsAcked

public void tagsAcked(net.i2p.data.PublicKey target,
                      net.i2p.data.SessionKey key,
                      net.i2p.crypto.TagSetHandle ts)

Overrides:

tagsAcked in class net.i2p.crypto.SessionKeyManager

Throws:

UnsupportedOperationException - always

tagsReceived

public void tagsReceived(net.i2p.data.SessionKey key,
                         Set<net.i2p.data.SessionTag> sessionTags)

Overrides:

tagsReceived in class net.i2p.crypto.SessionKeyManager

Throws:

UnsupportedOperationException - always

tagsReceived

public void tagsReceived(net.i2p.data.SessionKey key,
                         Set<net.i2p.data.SessionTag> sessionTags,
                         long expire)

Overrides:

tagsReceived in class net.i2p.crypto.SessionKeyManager

Throws:

UnsupportedOperationException - always

tagsReceived

public void tagsReceived(net.i2p.data.SessionKey key,
                         RatchetSessionTag tag,
                         long expire)

One time session

Parameters:

expire - time from now

consumeTag

public net.i2p.data.SessionKey consumeTag(net.i2p.data.SessionTag tag)

Overrides:

consumeTag in class net.i2p.crypto.SessionKeyManager

Throws:

UnsupportedOperationException - always

consumeTag

public SessionKeyAndNonce consumeTag(RatchetSessionTag tag)

Inbound. Determine if we have received a session key associated with the given session tag, and if so, discard it and return the decryption key it was received with (via tagsReceived(...)). returns null if no session key matches If the return value has null data, it will have a non-null HandshakeState.

Returns:

a SessionKeyAndNonce or null

addTag

public boolean addTag(RatchetSessionTag tag,
                      RatchetTagSet ts)

Map the tag to this tagset.

Specified by:

addTag in interface SessionTagListener

Returns:

true if added, false if dup

expireTag

public void expireTag(RatchetSessionTag tag,
                      RatchetTagSet ts)

Remove the tag associated with this tagset.

Specified by:

expireTag in interface SessionTagListener

registerCallback

void registerCallback(net.i2p.data.PublicKey target,
                      int id,
                      int n,
                      ReplyCallback callback)

Since:

0.9.46

receivedACK

void receivedACK(net.i2p.data.PublicKey target,
                 int id,
                 int n)

Since:

0.9.46

ackRequested

void ackRequested(net.i2p.data.PublicKey target,
                  int id,
                  int n)

Since:

0.9.46

renderStatusHTML

public void renderStatusHTML(Writer out)
                      throws IOException

Overrides:

renderStatusHTML in class net.i2p.crypto.SessionKeyManager

Throws:

IOException