TransientSessionKeyManager (Javadocs [I2P+ 2.11.0+]

java.lang.Object
- net.i2p.crypto.SessionKeyManager
- - net.i2p.router.crypto.TransientSessionKeyManager

```
public class TransientSessionKeyManager
extends SessionKeyManager
```
Implement the session key management, but keep everything in memory (don't write to disk). However, this being java, we cannot guarantee that the keys aren't swapped out to disk so this should not be considered secure in that sense. The outbound and inbound sides are completely independent, each with their own keys and tags. For a new session, outbound tags are not considered delivered until an ack is received. Otherwise, the loss of the first message would render all subsequent messages undecryptable. For an existing session, outbound tags are immediately considered delivered, and are later revoked if the ack times out. This prevents massive stream slowdown caused by repeated tag delivery after the minimum tag threshold is reached. Included tags pushes messages above the ideal 1956 size by ~2KB and causes excessive fragmentation and padding. As the tags are not seen by the streaming lib, they aren't accounted for in the window size, and one or more of a series of large messages is likely to be dropped, either due to high fragmentation or drop priorites at the tunnel OBEP. For this to work, the minimum tag threshold and tag delivery quanitity defined in GarlicMessageBuilder must be chosen with streaming lib windows sizes in mind. If a single TagSet is not delivered, there will be no stall as long as the current window size is smaller than the minimum tag threshold. Additional TagSets will be sent before the acked tags completely run out. See below. All subsequent messages will fail to decrypt. See ConnectionOptions in streaming for more information. There are large inefficiencies caused by the repeated delivery of tags in a new session. With an initial streaming window size of 6 and 40 tags per delivery, a web server would deliver up to 240 tags (7680 bytes, not including bundled leaseset, etc.) in the first volley of the response. Could the two directions be linked somehow, such that the initial request could contain a key or tags for the response? Should the tag threshold and quantity be adaptive? Todo: Switch to ConcurrentHashMaps and ReadWriteLocks, only get write lock during cleanup

Field Summary

Fields
Modifier and Type	Field and Description
`protected I2PAppContext`	`_context`
`static int`	`DEFAULT_TAGS` This was 100 since 0.6.1.10 (50 before that).
`static int`	`LOW_THRESHOLD` ditto
`static int`	`MAX_INBOUND_SESSION_TAGS` a few MB? how about 24 MB! This is the max size of _inboundTagSets.

Constructor Summary

Constructors
Constructor and Description
`TransientSessionKeyManager(I2PAppContext context)` The session key manager should only be constructed and accessed through the application context.
`TransientSessionKeyManager(I2PAppContext context, int tagsToSend, int lowThreshold)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`SessionTag`	`consumeNextAvailableTag(PublicKey target, SessionKey key)` Retrieve the next available session tag for identifying the use of the given key when communicating with the target.
`SessionKey`	`consumeTag(SessionTag tag)` Determine if we have received a session key associated with the given session tag, and if so, discard it (but keep track for frequent dups) and return the decryption key it was received with (via tagsReceived(...)).
`void`	`createSession(PublicKey target, SessionKey key)` Associate a new session key with the specified target.
`void`	`failTags(PublicKey target, SessionKey key, TagSetHandle ts)` Mark these tags as invalid, since the peer has failed to ack them in time.
`int`	`getAvailableTags(PublicKey target, SessionKey key)` Determine (approximately) how many available session tags for the current target have been confirmed and are available
`long`	`getAvailableTimeLeft(PublicKey target, SessionKey key)` Determine how long the available tags will be available for before expiring, in milliseconds
`SessionKey`	`getCurrentKey(PublicKey target)` Retrieve the session key currently associated with encryption to the target, or null if a new session key should be generated.
`SessionKey`	`getCurrentOrNewKey(PublicKey target)` Retrieve the session key currently associated with encryption to the target.
`int`	`getLowThreshold()` Get the low threshold for tag sending.
`int`	`getTagsToSend()` How many to send, IF we need to.
`void`	`renderStatusHTML(Writer out)`
`boolean`	`shouldSendTags(PublicKey target, SessionKey key, int lowThreshold)` Determine if tags should be sent to the target with the specified threshold.
`void`	`shutdown()` Called when the system is closing down, instructing the session key manager to take whatever precautions are necessary (saving state, etc)
`void`	`tagsAcked(PublicKey target, SessionKey key, TagSetHandle ts)` Mark these tags as acked, start to use them (if we haven't already) If the set was previously failed, it will be added back in.
`TagSetHandle`	`tagsDelivered(PublicKey target, SessionKey key, Set<SessionTag> sessionTags)` Take note of the fact that the given sessionTags associated with the key for encryption to the target have been sent.
`void`	`tagsReceived(SessionKey key, Set<SessionTag> sessionTags)` Accept the given tags and associate them with the given key for decryption
`void`	`tagsReceived(SessionKey key, Set<SessionTag> sessionTags, long expire)` Accept the given tags and associate them with the given key for decryption

Methods inherited from class net.i2p.crypto.SessionKeyManager
createSession, failTags, shouldSendTags

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - _context
```
protected final I2PAppContext _context
```
  - DEFAULT_TAGS
```
public static final int DEFAULT_TAGS
```
    This was 100 since 0.6.1.10 (50 before that). It's important because:
```
  - Tags are 32 bytes. So it previously added 3200 bytes to an initial message.
  - Too many tags adds a huge overhead to short-duration connections
    (like http, datagrams, etc.)
  - Large messages have a much higher chance of being dropped due to one of their
    1KB fragments being discarded by a tunnel participant.
  - This reduces the effective maximum datagram size because the client doesn't
    know when tags will be bundled, so the tag size must be subtracted from the
    maximum I2NP size or transport limit.
 
```
    Issues with too small a value:
```
  - When tags are sent, a reply leaseset (~1KB) is always bundled. Maybe we don't need
    to bundle more than every minute or so rather than every time?
  - Does the number of tags (and the threshold of 20) limit the effective streaming lib
    window size? Should the threshold and the number of sent tags be variable based on
    the message rate?
 
```
    We have to be very careful if we implement an adaptive scheme, since the key manager is per-router, not per-local-dest. Or maybe that's a bad idea, and we need to move to a per-dest manager. This needs further investigation. So a value somewhat higher than the low threshold seems appropriate. Use care when adjusting these values. See ConnectionOptions in streaming, and TransientSessionKeyManager in crypto, for more information.
    See Also:
    
    Constant Field Values
  - LOW_THRESHOLD
```
public static final int LOW_THRESHOLD
```
    ditto
    
    See Also:
    
    Constant Field Values
  - MAX_INBOUND_SESSION_TAGS
```
public static final int MAX_INBOUND_SESSION_TAGS
```
    a few MB? how about 24 MB! This is the max size of _inboundTagSets.
    
    See Also:
    
    Constant Field Values
- Constructor Detail
  - TransientSessionKeyManager
```
public TransientSessionKeyManager(I2PAppContext context)
```
    The session key manager should only be constructed and accessed through the application context. This constructor should only be used by the appropriate application context itself.
  - TransientSessionKeyManager
```
public TransientSessionKeyManager(I2PAppContext context,
                                  int tagsToSend,
                                  int lowThreshold)
```
    Parameters:
    
    tagsToSend - how many to send at a time, may be lower or higher than lowThreshold. 1-128
    
    lowThreshold - below this, send more. 1-128
- Method Detail
  - consumeNextAvailableTag
```
public SessionTag consumeNextAvailableTag(PublicKey target,
                                          SessionKey key)
```
    Retrieve the next available session tag for identifying the use of the given key when communicating with the target. If this returns null, no tags are available so ElG should be used with the given key (a new sessionKey should NOT be used)
    
    Overrides:
    
    consumeNextAvailableTag in class SessionKeyManager
  - consumeTag
```
public SessionKey consumeTag(SessionTag tag)
```
    Determine if we have received a session key associated with the given session tag, and if so, discard it (but keep track for frequent dups) and return the decryption key it was received with (via tagsReceived(...)). returns null if no session key matches
    
    Overrides:
    
    consumeTag in class SessionKeyManager
  - createSession
```
public void createSession(PublicKey target,
                          SessionKey key)
```
    Associate a new session key with the specified target. Metrics to determine when to expire that key begin with this call. Racy if called after getCurrentKey() to check for a current session; use getCurrentOrNewKey() in that case.
    
    Overrides:
    
    createSession in class SessionKeyManager
    
    Parameters:
    
    target - public key to which the data should be encrypted, must be ELGAMAL_2048.
    
    Throws:
    
    IllegalArgumentException - on bad target EncType
  - failTags
```
public void failTags(PublicKey target,
                     SessionKey key,
                     TagSetHandle ts)
```
    Mark these tags as invalid, since the peer has failed to ack them in time.
    
    Overrides:
    
    failTags in class SessionKeyManager
  - getAvailableTags
```
public int getAvailableTags(PublicKey target,
                            SessionKey key)
```
    Determine (approximately) how many available session tags for the current target have been confirmed and are available
    
    Overrides:
    
    getAvailableTags in class SessionKeyManager
  - getAvailableTimeLeft
```
public long getAvailableTimeLeft(PublicKey target,
                                 SessionKey key)
```
    Determine how long the available tags will be available for before expiring, in milliseconds
    
    Overrides:
    
    getAvailableTimeLeft in class SessionKeyManager
  - getCurrentKey
```
public SessionKey getCurrentKey(PublicKey target)
```
    Retrieve the session key currently associated with encryption to the target, or null if a new session key should be generated. Warning - don't generate a new session if this returns null, it's racy, use getCurrentOrNewKey()
    
    Overrides:
    
    getCurrentKey in class SessionKeyManager
  - getCurrentOrNewKey
```
public SessionKey getCurrentOrNewKey(PublicKey target)
```
    Retrieve the session key currently associated with encryption to the target. Generates a new session and session key if not previously exising.
    
    Overrides:
    
    getCurrentOrNewKey in class SessionKeyManager
    
    Parameters:
    
    target - public key to which the data should be encrypted, must be ELGAMAL_2048.
    
    Returns:
    
    non-null
    
    Throws:
    
    IllegalArgumentException - on bad target EncType
  - getLowThreshold
```
public int getLowThreshold()
```
    Description copied from class: SessionKeyManager
    
    Get the low threshold for tag sending.
    
    Overrides:
    
    getLowThreshold in class SessionKeyManager
    
    Returns:
    
    the configured value
  - getTagsToSend
```
public int getTagsToSend()
```
    How many to send, IF we need to.
    
    Overrides:
    
    getTagsToSend in class SessionKeyManager
    
    Returns:
    
    the configured value (not adjusted for current available)
  - renderStatusHTML
```
public void renderStatusHTML(Writer out)
                      throws IOException
```
    Overrides:
    
    renderStatusHTML in class SessionKeyManager
    
    Throws:
    
    IOException
  - shouldSendTags
```
public boolean shouldSendTags(PublicKey target,
                              SessionKey key,
                              int lowThreshold)
```
    Description copied from class: SessionKeyManager
    
    Determine if tags should be sent to the target with the specified threshold.
    
    Overrides:
    
    shouldSendTags in class SessionKeyManager
    
    Parameters:
    
    target - the target public key
    
    key - the session key
    
    lowThreshold - the low threshold
    
    Returns:
    
    true if we have less than the threshold or what we have is about to expire
  - shutdown
```
public void shutdown()
```
    Description copied from class: SessionKeyManager
    
    Called when the system is closing down, instructing the session key manager to take whatever precautions are necessary (saving state, etc)
    
    Overrides:
    
    shutdown in class SessionKeyManager
  - tagsAcked
```
public void tagsAcked(PublicKey target,
                      SessionKey key,
                      TagSetHandle ts)
```
    Mark these tags as acked, start to use them (if we haven't already) If the set was previously failed, it will be added back in.
    
    Overrides:
    
    tagsAcked in class SessionKeyManager
  - tagsDelivered
```
public TagSetHandle tagsDelivered(PublicKey target,
                                  SessionKey key,
                                  Set<SessionTag> sessionTags)
```
    Take note of the fact that the given sessionTags associated with the key for encryption to the target have been sent. Whether to use the tags immediately (i.e. assume they will be received) or to wait until an ack, is implementation dependent. Here, we wait for the ack if the session is new, otherwise we use right away. Will this work??? If the tags are pipelined sufficiently, it will.
    
    Overrides:
    
    tagsDelivered in class SessionKeyManager
    
    Returns:
    
    the TagSetHandle. Caller MUST subsequently call failTags() or tagsAcked() with this handle.
  - tagsReceived
```
public void tagsReceived(SessionKey key,
                         Set<SessionTag> sessionTags)
```
    Accept the given tags and associate them with the given key for decryption
    
    Overrides:
    
    tagsReceived in class SessionKeyManager
    
    Parameters:
    
    sessionTags - modifiable; NOT copied
  - tagsReceived
```
public void tagsReceived(SessionKey key,
                         Set<SessionTag> sessionTags,
                         long expire)
```
    Accept the given tags and associate them with the given key for decryption
    
    Overrides:
    
    tagsReceived in class SessionKeyManager
    
    Parameters:
    
    sessionTags - modifiable; NOT copied. Non-null, non-empty.
    
    expire - time from now

Class TransientSessionKeyManager

Field Summary

Constructor Summary

Method Summary

Methods inherited from class net.i2p.crypto.SessionKeyManager

Methods inherited from class java.lang.Object

Field Detail

_context

DEFAULT_TAGS

LOW_THRESHOLD

MAX_INBOUND_SESSION_TAGS

Constructor Detail

TransientSessionKeyManager

TransientSessionKeyManager

Method Detail

consumeNextAvailableTag

consumeTag

createSession

failTags

getAvailableTags

getAvailableTimeLeft

getCurrentKey

getCurrentOrNewKey

getLowThreshold

getTagsToSend

renderStatusHTML

shouldSendTags

shutdown

tagsAcked

tagsDelivered

tagsReceived

tagsReceived