echelon/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Blinding:

Browse Source 
- Blinding only throws IAE
- Remove context arg from encode()
- Hook in new form args on /configkeyring
- Show b33 on /configkeyring
- Remove support for appended secret in b33
- Persist cache immediately when storing secret or privkey
- Fix i2ptunnel for std. ls2
- Add auth/secret required flags to BlindData
more to do
This commit is contained in:
zzz
2019-05-28 15:12:20 +00:00
parent 0c7c19451c
commit 973aab8f53
9 changed files with 274 additions and 116 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
apps/i2ptunnel/java/src/net/i2p/i2ptunnel/web/IndexBean.java
View File

@ -564,13 +564,13 @@ public class IndexBean {
Destination d = getDestination(tunnel);
if (d != null) {
int mode = _helper.getEncryptMode(tunnel);
if (mode > 1) {
if (mode > 1 && mode < 10) {
try {
String secret = _helper.getBlindedPassword(tunnel);
boolean requireSecret = secret != null && secret.length() > 0 &&
(mode == 3 || mode == 5 || mode == 7 || mode == 9);
boolean requireAuth = mode >= 4 && mode <= 9;
return Blinding.encode(_context, d.getSigningPublicKey(), requireSecret, requireAuth);
return Blinding.encode(d.getSigningPublicKey(), requireSecret, requireAuth);
} catch (RuntimeException re) {}
}
}

7
apps/i2ptunnel/jsp/editServer.jsi
View File

@ -462,13 +462,10 @@
%>
<option title="<%=intl._t("Only clients with the password will be able to connect")%>" value="3" <%=(curEncryptMode.equals("3") ? " selected=\"selected\"" : "")%> >
<%=intl._t("Blinded with lookup password")%></option>
<%
// TODO, unimplemented
%>
<option title="<%=intl._t("Only clients with the encryption key will be able to connect")%>" value="4" <%=(curEncryptMode.equals("4") ? " selected=\"selected\"" : "")%> >
<%=intl._t("Blinded with shared key")%></option>
<%=intl._t("Blinded with shared key")%> (PSK)</option>
<option title="<%=intl._t("Only clients with the password and key will be able to connect")%>" value="5" <%=(curEncryptMode.equals("5") ? " selected=\"selected\"" : "")%> >
<%=intl._t("Blinded with lookup password and shared key")%></option>
<%=intl._t("Blinded with lookup password and shared key")%> (PSK)</option>
<option title="<%=intl._t("Only clients with the encryption key will be able to connect")%>" value="6" <%=(curEncryptMode.equals("6") ? " selected=\"selected\"" : "")%> >
<%=intl._t("Blinded with per-user key")%> (PSK)</option>
<option title="<%=intl._t("Only clients with the password and key will be able to connect")%>" value="7" <%=(curEncryptMode.equals("7") ? " selected=\"selected\"" : "")%> >

178
apps/routerconsole/java/src/net/i2p/router/web/helpers/ConfigKeyringHandler.java
View File

@ -1,8 +1,16 @@
package net.i2p.router.web.helpers;
import net.i2p.crypto.Blinding;
import net.i2p.crypto.EncType;
import net.i2p.crypto.SigType;
import net.i2p.data.Base64;
import net.i2p.data.BlindData;
import net.i2p.data.DataFormatException;
import net.i2p.data.Destination;
import net.i2p.data.Hash;
import net.i2p.data.PrivateKey;
import net.i2p.data.SessionKey;
import net.i2p.data.SigningPublicKey;
import net.i2p.router.web.FormHandler;
import net.i2p.util.ConvertToHash;
@ -12,33 +20,151 @@ import net.i2p.util.ConvertToHash;
public class ConfigKeyringHandler extends FormHandler {
private String _peer;
private String _key;
private String _secret;
private int _mode;
@Override
protected void processForm() {
boolean adding = _action.equals(_t("Add key"));
if (adding || _action.equals(_t("Delete key"))) {
if (_peer == null)
if (_peer == null) {
addFormError(_t("You must enter a destination"));
if (_key == null && adding)
addFormError(_t("You must enter a key"));
if (_peer == null || (_key == null && adding))
return;
Hash h = ConvertToHash.getHash(_peer);
}
Hash h = null;
if (!_peer.endsWith(".b32.i2p") || _peer.length() <= 60) {
// don't wait for several seconds for b33 lookup
h = ConvertToHash.getHash(_peer);
}
if (adding) {
SessionKey sk = new SessionKey();
try {
sk.fromBase64(_key);
} catch (DataFormatException dfe) {}
if (h == null || h.getData() == null) {
addFormError(_t("Invalid destination"));
} else if (_context.clientManager().isLocal(h)) {
// don't bother translating
addFormError("Cannot add key for local destination. Enable encryption in the Hidden Services Manager.");
} else if (sk.getData() == null) {
addFormError(_t("Invalid key"));
byte[] b = null;
if (_mode == 1 || _mode == 4 || _mode == 5) {
if (_key == null) {
addFormError(_t("You must enter a key"));
return;
}
b = Base64.decode(_key);
if (b == null || b.length != 32) {
addFormError(_t("Invalid key"));
return;
}
}
if (_mode == 1) {
// LS1
if (h == null || h.getData() == null) {
addFormError(_t("Invalid destination"));
} else if (_context.clientManager().isLocal(h)) {
// don't bother translating
addFormError("Cannot add key for local destination. Enable encryption in the Hidden Services Manager.");
} else {
SessionKey sk = new SessionKey(b);
_context.keyRing().put(h, sk);
addFormNotice(_t("Key for {0} added to keyring", h.toBase32()));
}
} else {
_context.keyRing().put(h, sk);
addFormNotice(_t("Key for {0} added to keyring", h.toBase32()));
if ((_mode == 3 || _mode == 5 || _mode == 7) && _secret == null) {
addFormError(_t("Lookup password required"));
return;
}
// b33 if supplied as hostname
BlindData bdin = null;
try {
bdin = Blinding.decode(_context, _peer);
} catch (IllegalArgumentException iae) {}
// we need the dest or the spk, not just the desthash
SigningPublicKey spk = null;
Destination d = null;
// don't cause LS fetch
if (!_peer.endsWith(".b32.i2p"))
d = _context.namingService().lookup(_peer);
if (d != null) {
spk = d.getSigningPublicKey();
} else if (bdin != null) {
spk = bdin.getUnblindedPubKey();
}
if (spk == null) {
addFormError(_t("Requires hostname, destination, or blinded base32"));
return;
}
// from BlindCache
BlindData bdold = _context.netDb().getBlindData(spk);
if (bdold != null && d == null)
d = bdold.getDestination();
if (d != null && _context.clientManager().isLocal(d)) {
// don't bother translating
addFormError("Cannot add key for local destination. Enable encryption in the Hidden Services Manager.");
return;
}
SigType blindType;
if (bdin != null) {
blindType = bdin.getBlindedSigType();
} else if (bdold != null) {
blindType = bdold.getBlindedSigType();
} else {
blindType = Blinding.getDefaultBlindedType(spk.getType());
}
int atype;
PrivateKey pk;
if (_mode == 4 || _mode == 5) {
atype = BlindData.AUTH_PSK;
// use supplied pk
pk = new PrivateKey(EncType.ECIES_X25519, b);
} else if (_mode == 6 || _mode == 7) {
atype = BlindData.AUTH_DH;
// create new pk
b = new byte[32];
_context.random().nextBytes(b);
pk = new PrivateKey(EncType.ECIES_X25519, b);
} else {
// modes 2 and 3
atype = BlindData.AUTH_NONE;
pk = null;
}
if (_mode == 2 || _mode == 4 || _mode == 6)
_secret = null;
if (bdin != null) {
// more checks based on supplied b33
if (bdin.getSecretRequired() && _secret == null) {
addFormError(_t("Destination requires lookup password"));
return;
}
if (!bdin.getSecretRequired() && _secret != null) {
addFormError(_t("Destination does not require lookup password"));
return;
}
if (bdin.getAuthRequired() && pk == null) {
addFormError(_t("Destination requires encryption key"));
return;
}
if (!bdin.getAuthRequired() && pk != null) {
addFormError(_t("Destination does not require encryption key"));
return;
}
}
// to BlindCache
BlindData bdout;
if (d != null) {
bdout = new BlindData(_context, d, blindType, _secret, atype, pk);
} else {
bdout = new BlindData(_context, spk, blindType, _secret, atype, pk);
}
if (bdold != null) {
// debug
addFormNotice("already cached: " + bdold);
}
try {
_context.netDb().setBlindData(bdout);
addFormNotice(_t("Key for {0} added to keyring", bdout.toBase32()));
if (_mode == 6 || _mode == 7) {
addFormNotice(_t("Send your new key to the server opererator") + ": " + pk.toPublic().toBase64());
}
} catch (IllegalArgumentException iae) {
addFormError(_t("Invalid destination") + ": " + iae.getMessage());
}
}
} else { // Delete
if (h != null && h.getData() != null) {
@ -61,4 +187,20 @@ public class ConfigKeyringHandler extends FormHandler {
public void setPeer(String peer) { if (peer != null) _peer = peer.trim(); }
public void setKey(String key) { if (key != null) _key = key.trim(); }
/** @since 0.9.41 */
public void setNofilter_blindedPassword(String pw) {
if (pw != null) {
pw = pw.trim();
if (pw.length() > 0)
_secret = pw;
}
}
/** @since 0.9.41 */
public void setEncryptMode(String m) {
try {
_mode = Integer.parseInt(m);
} catch (NumberFormatException nfe) {}
}
}

14
apps/routerconsole/java/src/net/i2p/router/web/helpers/ConfigKeyringHelper.java
View File

@ -85,15 +85,15 @@ public class ConfigKeyringHelper extends HelperBase {
List<BlindData> bdata = _context.netDb().getBlindData();
// TODO sort by hostname
for (BlindData bd : bdata) {
Hash h = bd.getDestHash();
if (h == null)
continue;
buf.append("\n<tr><td>");
buf.append(h.toBase32());
buf.append(bd.toBase32());
buf.append("</td><td>");
String host = _context.namingService().reverseLookup(h);
if (host != null)
buf.append(host);
Hash h = bd.getDestHash();
if (h != null) {
String host = _context.namingService().reverseLookup(h);
if (host != null)
buf.append(host);
}
buf.append("</td><td>");
int type = bd.getAuthType();
PrivateKey pk = bd.getAuthPrivKey();

4
apps/routerconsole/jsp/configkeyring.jsp
View File

@ -52,9 +52,9 @@
<%=intl._t("Blinded with shared key")%></option>
<option title="<%=intl._t("Only clients with the password and key will be able to connect")%>" value="5">
<%=intl._t("Blinded with lookup password and shared key")%></option>
<option title="<%=intl._t("Only clients with the encryption key will be able to connect")%>" value="8">
<option title="<%=intl._t("Only clients with the encryption key will be able to connect")%>" value="6">
<%=intl._t("Blinded with per-user key")%> (DH)</option>
<option title="<%=intl._t("Only clients with the password and key will be able to connect")%>" value="9">
<option title="<%=intl._t("Only clients with the password and key will be able to connect")%>" value="7">
<%=intl._t("Blinded with lookup password and per-user key")%> (DH)</option>
</select></td>
</tr><tr>

117
core/java/src/net/i2p/crypto/Blinding.java
View File

@ -53,14 +53,13 @@ public final class Blinding {
* @param key must be SigType EdDSA_SHA512_Ed25519 or RedDSA_SHA512_Ed25519
* @param alpha must be SigType RedDSA_SHA512_Ed25519
* @return SigType RedDSA_SHA512_Ed25519
* @throws UnsupportedOperationException unless supported SigTypes
* @throws IllegalArgumentException on bad inputs
* @throws IllegalArgumentException on bad inputs or unsupported SigTypes
*/
public static SigningPublicKey blind(SigningPublicKey key, SigningPrivateKey alpha) {
SigType type = key.getType();
if ((type != TYPE && type != TYPER) ||
alpha.getType() != TYPER)
throw new UnsupportedOperationException();
throw new IllegalArgumentException("Unsupported blinding from " + type + " to " + alpha.getType());
try {
EdDSAPublicKey jk = SigUtil.toJavaEdDSAKey(key);
EdDSAPrivateKey ajk = SigUtil.toJavaEdDSAKey(alpha);
@ -77,14 +76,13 @@ public final class Blinding {
* @param key must be SigType EdDSA_SHA512_Ed25519 or RedDSA_SHA512_Ed25519
* @param alpha must be SigType RedDSA_SHA512_Ed25519
* @return SigType RedDSA_SHA512_Ed25519
* @throws UnsupportedOperationException unless supported SigTypes
* @throws IllegalArgumentException on bad inputs
* @throws IllegalArgumentException on bad inputs or unsupported SigTypes
*/
public static SigningPrivateKey blind(SigningPrivateKey key, SigningPrivateKey alpha) {
SigType type = key.getType();
if ((type != TYPE && type != TYPER) ||
alpha.getType() != TYPER)
throw new UnsupportedOperationException();
throw new IllegalArgumentException("Unsupported blinding from " + type + " to " + alpha.getType());
try {
EdDSAPrivateKey jk = SigUtil.toJavaEdDSAKey(key);
EdDSAPrivateKey ajk = SigUtil.toJavaEdDSAKey(alpha);
@ -101,12 +99,11 @@ public final class Blinding {
* @param key must be SigType RedDSA_SHA512_Ed25519
* @param alpha must be SigType RedDSA_SHA512_Ed25519
* @return SigType EdDSA_SHA512_Ed25519
* @throws UnsupportedOperationException unless supported SigTypes
* @throws IllegalArgumentException on bad inputs
* @throws IllegalArgumentException on bad inputs or unsupported SigTypes
*/
public static SigningPrivateKey unblind(SigningPrivateKey key, SigningPrivateKey alpha) {
if (key.getType() != TYPER || alpha.getType() != TYPER)
throw new UnsupportedOperationException();
throw new IllegalArgumentException("Unsupported blinding from " + key.getType() + " / " + alpha.getType());
try {
EdDSAPrivateKey bjk = SigUtil.toJavaEdDSAKey(key);
EdDSAPrivateKey ajk = SigUtil.toJavaEdDSAKey(alpha);
@ -124,8 +121,7 @@ public final class Blinding {
* @param destspk must be SigType EdDSA_SHA512_Ed25519
* @param secret may be null or zero-length
* @return SigType RedDSA_SHA512_Ed25519
* @throws UnsupportedOperationException unless supported SigTypes
* @throws IllegalArgumentException on bad inputs
* @throws IllegalArgumentException on bad inputs or unsupported SigTypes
* @since 0.9.39
*/
public static SigningPrivateKey generateAlpha(I2PAppContext ctx, SigningPublicKey destspk, String secret) {
@ -141,12 +137,14 @@ public final class Blinding {
* @param secret may be null or zero-length
* @param now for what time?
* @return SigType RedDSA_SHA512_Ed25519
* @throws UnsupportedOperationException unless supported SigTypes
* @throws IllegalArgumentException on bad inputs
* @throws IllegalArgumentException on bad inputs or unsupported SigTypes
* @since 0.9.39
*/
public static SigningPrivateKey generateAlpha(I2PAppContext ctx, SigningPublicKey destspk,
String secret, long now) {
SigType type = destspk.getType();
if (type != TYPE && type != TYPER)
throw new IllegalArgumentException("Unsupported blinding from " + type);
String modVal;
synchronized(_fmt) {
modVal = _fmt.format(now);
@ -170,7 +168,7 @@ public final class Blinding {
// SHA256("I2PGenerateAlpha" || spk || sigtypein || sigtypeout)
System.arraycopy(INFO_ALPHA, 0, in, 0, INFO_ALPHA.length);
System.arraycopy(destspk.getData(), 0, in, INFO_ALPHA.length, destspk.length());
DataHelper.toLong(in, stoff, 2, destspk.getType().getCode());
DataHelper.toLong(in, stoff, 2, type.getCode());
DataHelper.toLong(in, stoff + 2, 2, TYPER.getCode());
Hash salt = ctx.sha().calculateHash(in);
hkdf.calculate(salt.getData(), data, INFO, out, out, 32);
@ -198,14 +196,13 @@ public final class Blinding {
/**
* Decode a new-format b32 address.
* PRELIMINARY - Subject to change - see proposal 149
* See proposal 149.
*
* @param address ending with ".b32.i2p"
* @throws IllegalArgumentException on bad inputs
* @throws UnsupportedOperationException unless supported SigTypes
* @throws IllegalArgumentException on bad inputs or unsupported SigTypes
* @since 0.9.40
*/
public static BlindData decode(I2PAppContext ctx, String address) throws RuntimeException {
public static BlindData decode(I2PAppContext ctx, String address) throws IllegalArgumentException {
address = address.toLowerCase(Locale.US);
if (!address.endsWith(".b32.i2p"))
throw new IllegalArgumentException("Not a .b32.i2p address");
@ -219,15 +216,15 @@ public final class Blinding {
/**
* Decode a new-format b32 address.
* PRELIMINARY - Subject to change - see proposal 149
* See proposal 149.
* NOTE: Not for external use, use decode(String)
*
* @param b 35+ bytes
* @return BlindData structure, use getUnblindedPubKey() for the result
* @throws IllegalArgumentException on bad inputs
* @throws UnsupportedOperationException unless supported SigTypes
* @throws IllegalArgumentException on bad inputs or unsupported SigTypes
* @since 0.9.40
*/
public static BlindData decode(I2PAppContext ctx, byte[] b) throws RuntimeException {
public static BlindData decode(I2PAppContext ctx, byte[] b) throws IllegalArgumentException {
Checksum crc = new CRC32();
crc.update(b, 3, b.length - 3);
long check = crc.getValue();
@ -239,8 +236,6 @@ public final class Blinding {
throw new IllegalArgumentException("Corrupt b32 or unsupported options");
if ((flag & FLAG_TWOBYTE) != 0)
throw new IllegalArgumentException("Two byte sig types unsupported");
if ((flag & FLAG_AUTH) != 0)
throw new IllegalArgumentException("Per-client auth unsupported");
// TODO two-byte sigtypes
int st1 = b[1] & 0xff;
int st2 = b[2] & 0xff;
@ -261,85 +256,49 @@ public final class Blinding {
byte[] spkData = new byte[spkLen];
System.arraycopy(b, 3, spkData, 0, spkLen);
SigningPublicKey spk = new SigningPublicKey(sigt1, spkData);
String secret;
if ((flag & FLAG_SECRET) != 0) {
if (4 + spkLen > b.length) {
//throw new IllegalArgumentException("No secret data");
secret = null;
} else {
int secLen = b[3 + spkLen] & 0xff;
if (4 + spkLen + secLen != b.length)
throw new IllegalArgumentException("Bad b32 length");
secret = DataHelper.getUTF8(b, 4 + spkLen, secLen);
}
} else if (3 + spkLen != b.length) {
if (3 + spkLen != b.length)
throw new IllegalArgumentException("b32 too long");
} else {
secret = null;
}
BlindData rv = new BlindData(ctx, spk, sigt2, secret);
BlindData rv = new BlindData(ctx, spk, sigt2, null);
if ((flag & FLAG_SECRET) != 0)
rv.setSecretRequired();
if ((flag & FLAG_AUTH) != 0)
rv.setAuthRequired();
return rv;
}
/**
* Encode a public key as a new-format b32 address.
* PRELIMINARY - Subject to change - see proposal 149
* See proposal 149.
*
* @return (56 chars).b32.i2p
* @throws IllegalArgumentException on bad inputs
* @throws UnsupportedOperationException unless supported SigTypes
* @throws IllegalArgumentException on bad inputs or unsupported SigTypes
* @since 0.9.40
*/
public static String encode(I2PAppContext ctx, SigningPublicKey key) throws RuntimeException {
return encode(ctx, key, false, false, null);
public static String encode(SigningPublicKey key) throws IllegalArgumentException {
return encode(key, false, false);
}
/**
* Encode a public key as a new-format b32 address.
* PRELIMINARY - Subject to change - see proposal 149
* See proposal 149.
*
* @return (56 chars).b32.i2p
* @throws IllegalArgumentException on bad inputs
* @throws UnsupportedOperationException unless supported SigTypes
* @throws IllegalArgumentException on bad inputs or unsupported SigTypes
* @since 0.9.40
*/
public static String encode(I2PAppContext ctx, SigningPublicKey key,
boolean requireSecret, boolean requireAuth) throws RuntimeException {
return encode(ctx, key, requireSecret, requireAuth, null);
}
/**
* Encode a public key as a new-format b32 address.
* PRELIMINARY - Subject to change - see proposal 149
*
* @param secret may be empty or null
* @return (56+ chars).b32.i2p
* @throws IllegalArgumentException on bad inputs
* @throws UnsupportedOperationException unless supported SigTypes
* @since 0.9.40
*/
public static String encode(I2PAppContext ctx, SigningPublicKey key,
boolean requireSecret, boolean requireAuth,
String secret) throws RuntimeException {
public static String encode(SigningPublicKey key,
boolean requireSecret, boolean requireAuth) throws IllegalArgumentException {
SigType type = key.getType();
if (type != TYPE && type != TYPER)
throw new UnsupportedOperationException();
byte sdata[] = (secret != null) ? DataHelper.getUTF8(secret) : null;
int slen = (secret != null) ? 1 + sdata.length : 0;
if (slen > 256)
throw new IllegalArgumentException("secret too long");
throw new IllegalArgumentException("Unsupported blinding from " + type);
byte[] d = key.getData();
byte[] b = new byte[d.length + slen + 3];
byte[] b = new byte[d.length + 3];
System.arraycopy(d, 0, b, 3, d.length);
if (slen > 0) {
b[3 + d.length] = (byte) sdata.length;
System.arraycopy(sdata, 0, b, 4 + d.length, sdata.length);
}
Checksum crc = new CRC32();
crc.update(b, 3, b.length - 3);
long check = crc.getValue();
// TODO two-byte sigtypes
if (slen > 0 || requireSecret)
if (requireSecret)
b[0] = FLAG_SECRET;
if (requireAuth)
b[0] |= FLAG_AUTH;
@ -367,8 +326,8 @@ public final class Blinding {
SigningPublicKey pub = (SigningPublicKey) keys[0];
SigningPrivateKey priv = (SigningPrivateKey) keys[1];
I2PAppContext ctx = I2PAppContext.getGlobalContext();
//String b32 = encode(ctx, pub, null);
String b32 = encode(ctx, pub, "foobarbaz");
//String b32 = encode(pub, null);
String b32 = encode(pub, "foobarbaz");
System.out.println("pub b32 is " + b32);
BlindData bd = decode(ctx, b32);
if (bd.getBlindedPubKey().equals(pub))

48
core/java/src/net/i2p/data/BlindData.java
View File

@ -23,6 +23,8 @@ public class BlindData {
private SigningPrivateKey _alpha;
private Destination _dest;
private long _routingKeyGenMod;
private boolean _secretRequired;
private boolean _authRequired;
/**
* bits 3-0 including per-client bit
@ -39,6 +41,11 @@ public class BlindData {
* @since 0.9.41
*/
public static final int AUTH_PSK = 3;
/**
* Enabled, unspecified type
* @since 0.9.41
*/
public static final int AUTH_ON = 999;
/**
* @param secret may be null or zero-length
@ -83,6 +90,10 @@ public class BlindData {
throw new IllegalArgumentException();
_authType = authType;
_authKey = authKey;
if (secret != null)
_secretRequired = true;
if (authKey != null)
_authRequired = true;
// defer until needed
//calculate();
}
@ -197,6 +208,42 @@ public class BlindData {
_blindHash = _context.sha().calculateHash(hashData);
}
/**
* b33 format
* @since 0.9.41
*/
public synchronized String toBase32() {
return Blinding.encode(_clearSPK, _secret != null, _authKey != null);
}
/**
* @since 0.9.41
*/
public void setSecretRequired() {
_secretRequired = true;
}
/**
* @since 0.9.41
*/
public boolean getSecretRequired() {
return _secretRequired;
}
/**
* @since 0.9.41
*/
public void setAuthRequired() {
_authRequired = true;
}
/**
* @since 0.9.41
*/
public boolean getAuthRequired() {
return _authRequired;
}
@Override
public synchronized String toString() {
calculate();
@ -219,6 +266,7 @@ public class BlindData {
buf.append("\n\tDestination: ").append(_dest);
else
buf.append("\n\tDestination: unknown");
buf.append("\n\tB32 : ").append(toBase32());
buf.append(']');
return buf.toString();
}

2
core/java/src/net/i2p/data/PrivateKeyFile.java
View File

@ -769,7 +769,7 @@ public class PrivateKeyFile {
if (type == SigType.EdDSA_SHA512_Ed25519 ||
type == SigType.RedDSA_SHA512_Ed25519) {
I2PAppContext ctx = I2PAppContext.getGlobalContext();
s.append("\nBlinded B32: ").append(Blinding.encode(ctx, spk));
s.append("\nBlinded B32: ").append(Blinding.encode(spk));
}
}
s.append("\nContains: ");

14
router/java/src/net/i2p/router/networkdb/kademlia/BlindCache.java
View File

@ -168,7 +168,19 @@ class BlindCache {
}
}
/**
* Persists immediately if secret or privkey is non-null
*/
public void addToCache(BlindData bd) {
storeInCache(bd);
if (bd.getSecret() != null || bd.getAuthPrivKey() != null)
store();
}
/**
* @since 0.9.41 from addToCache()
*/
private void storeInCache(BlindData bd) {
_cache.put(bd.getUnblindedPubKey(), bd);
_reverseCache.put(bd.getBlindedPubKey(), bd);
Destination dest = bd.getDestination();
@ -257,7 +269,7 @@ class BlindCache {
if (line.startsWith("#"))
continue;
try {
addToCache(fromPersistentString(line));
storeInCache(fromPersistentString(line));
count++;
} catch (IllegalArgumentException iae) {
if (log.shouldLog(Log.WARN))