[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] [metrics-db/master] Use secure random number generator for secrets.

To: or-cvs@xxxxxxxxxxxxx
Subject: [or-cvs] [metrics-db/master] Use secure random number generator for secrets.
From: karsten@xxxxxxxxxxxxxx
Date: Thu, 10 Feb 2011 08:14:09 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-cvs-outgoing@xxxxxxxx
Delivered-to: or-cvs@xxxxxxxx
Delivery-date: Thu, 10 Feb 2011 03:14:31 -0500
Patch-author: Karsten Loesing <karsten.loesing@xxxxxxx>
Reply-to: or-cvs@xxxxxxxxxxxxx
Sender: owner-or-cvs@xxxxxxxxxxxxx

commit 4675eb0afdc5839a8b2d02fa525b61af63dbd116
Author: Karsten Loesing <karsten.loesing@xxxxxxx>
Date:   Wed Feb 9 18:16:20 2011 +0100

    Use secure random number generator for secrets.
---
 .../ernie/db/SanitizedBridgesWriter.java           |   20 +++++++++++++++++---
 1 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/src/org/torproject/ernie/db/SanitizedBridgesWriter.java b/src/org/torproject/ernie/db/SanitizedBridgesWriter.java
index 122aae8..aa1bcec 100644
--- a/src/org/torproject/ernie/db/SanitizedBridgesWriter.java
+++ b/src/org/torproject/ernie/db/SanitizedBridgesWriter.java
@@ -3,6 +3,7 @@
 package org.torproject.ernie.db;
 
 import java.io.*;
+import java.security.*;
 import java.text.ParseException;
 import java.text.SimpleDateFormat;
 import java.util.*;
@@ -177,6 +178,8 @@ public class SanitizedBridgesWriter {
 
   private File bridgeIpSecretsFile;
 
+  private SecureRandom secureRandom;
+
   /**
    * Initializes this class, including reading in the known descriptor
    * mapping.
@@ -203,6 +206,18 @@ public class SanitizedBridgesWriter {
         DescriptorMapping>();
     this.descriptorPublicationTimes = new TreeSet<String>();
 
+    /* Initialize secure random number generator if we need it. */
+    if (this.replaceIPAddressesWithHashes) {
+      try {
+        this.secureRandom = SecureRandom.getInstance("SHA1PRNG", "SUN");
+      } catch (GeneralSecurityException e) {
+        this.logger.log(Level.WARNING, "Could not initialize secure "
+            + "random number generator! Not calculating any IP address "
+            + "hashes in this execution!", e);
+        this.persistenceProblemWithSecrets = true;
+      }
+    }
+
     /* Read hex-encoded secrets for replacing IP addresses with hashes
      * from disk. */
     this.secretsForHashingIPAddresses = new TreeMap<String, byte[]>();
@@ -316,9 +331,8 @@ public class SanitizedBridgesWriter {
       System.arraycopy(fingerprintBytes, 0, hashInput, 4, 20);
       String month = published.substring(0, "yyyy-MM".length());
       if (!this.secretsForHashingIPAddresses.containsKey(month)) {
-        // TODO implement generating secrets using a secure random
-        // generator
-        byte[] secret = ("secret for hashing IPs: " + month).getBytes();
+        byte[] secret = new byte[31];
+        this.secureRandom.nextBytes(secret);
         if (month.compareTo(
             this.bridgeDescriptorMappingsCutOffTimestamp) < 0) {
           this.logger.warning("Generated a secret that we won't make "

Prev by Author: [or-cvs] [metrics-db/master] Sort sanitized bridges by their fingerprint hashes.
Next by Author: [or-cvs] [metrics-db/master] Make secrets persistent.
Previous by thread: [or-cvs] [metrics-db/master] Make secrets persistent.
Next by thread: [or-cvs] [metrics-db/master] Delete secrets that we don't need anymore.
Index(es):
- Author
- Thread