Router: Check for key certs in dests (prop. 145)

2020-04-23 19:16:31 +00:00
parent bc11e66429
commit 5e2db982dd
2 changed files with 10 additions and 0 deletions
--- a/router/java/src/net/i2p/router/client/ClientMessageEventListener.java
+++ b/router/java/src/net/i2p/router/client/ClientMessageEventListener.java
@ -226,6 +226,11 @@ class ClientMessageEventListener implements I2CPMessageReader.I2CPMessageEventLi
    private void handleCreateSession(CreateSessionMessage message) {
        SessionConfig in = message.getSessionConfig();
        Destination dest = in.getDestination();
+        if (dest.getEncType() != EncType.ELGAMAL_2048) {
+            // Enc type in key cert, proposal 145, unsupported
+            _runner.disconnectClient("Destinations with key certs unsupported");
+            return;
+        }
        if (in.verifySignature()) {
            if (_log.shouldLog(Log.DEBUG))
                _log.debug("Signature verified correctly on create session message");
--- a/router/java/src/net/i2p/router/message/OutboundClientMessageOneShotJob.java
+++ b/router/java/src/net/i2p/router/message/OutboundClientMessageOneShotJob.java
@ -272,6 +272,11 @@ public class OutboundClientMessageOneShotJob extends JobImpl {
    public String getName() { return "Outbound client message"; }
    
    public void runJob() {
+        if (_to.getEncType() != EncType.ELGAMAL_2048) {
+            // Enc type in key cert, proposal 145, unsupported
+            dieFatal(MessageStatusMessage.STATUS_SEND_FAILURE_UNSUPPORTED_ENCRYPTION);
+            return;
+        }
        long now = getContext().clock().now();
        if (now >= _overallExpiration) {
            dieFatal(MessageStatusMessage.STATUS_SEND_FAILURE_EXPIRED);