echelon/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

NetDB: Disallow RSA for RI or LS

Browse Source
This commit is contained in:
zzz
2016-10-21 18:21:12 +00:00
parent f5f411b62f
commit 71f7c712cd
2 changed files with 11 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
core/java/src/net/i2p/data/DatabaseEntry.java
View File

@ -13,6 +13,8 @@ import java.util.Arrays;
import net.i2p.I2PAppContext;
import net.i2p.crypto.DSAEngine;
import net.i2p.crypto.SigAlgo;
import net.i2p.crypto.SigType;
/**
*<p>
@ -206,6 +208,12 @@ public abstract class DatabaseEntry extends DataStructureImpl {
if (data == null)
return false;
// if the data is non-null the SPK will be non-null
return DSAEngine.getInstance().verifySignature(_signature, data, getSigningPublicKey());
SigningPublicKey spk = getSigningPublicKey();
SigType type = spk.getType();
// As of 0.9.28, disallow RSA as it's so slow it could be
// used as a DoS
if (type == null || type.getBaseAlgorithm() == SigAlgo.RSA)
return false;
return DSAEngine.getInstance().verifySignature(_signature, data, spk);
}
}