echelon/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

RouterInfo: Backport fix for verification of EdDSA RI sig type

Browse Source 
from i2p.i2p.zzz.test2
This commit is contained in:
zzz
2014-08-30 12:35:14 +00:00
parent 0f7a3dba87
commit a72866ee6a
1 changed files with 25 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
core/java/src/net/i2p/data/RouterInfo.java
View File

@ -30,6 +30,7 @@ import net.i2p.crypto.DSAEngine;
import net.i2p.crypto.SHA1; import net.i2p.crypto.SHA1;
import net.i2p.crypto.SHA1Hash; import net.i2p.crypto.SHA1Hash;
import net.i2p.crypto.SHA256Generator; import net.i2p.crypto.SHA256Generator;
import net.i2p.crypto.SigType;
import net.i2p.util.Clock; import net.i2p.util.Clock;
import net.i2p.util.Log; import net.i2p.util.Log;
import net.i2p.util.OrderedProperties; import net.i2p.util.OrderedProperties;
@ -518,17 +519,27 @@ public class RouterInfo extends DatabaseEntry {
public void readBytes(InputStream in, boolean verifySig) throws DataFormatException, IOException { public void readBytes(InputStream in, boolean verifySig) throws DataFormatException, IOException {
if (_signature != null) if (_signature != null)
throw new IllegalStateException(); throw new IllegalStateException();
_identity = new RouterIdentity();
_identity.readBytes(in);
// can't set the digest until we know the sig type
InputStream din; InputStream din;
MessageDigest digest; MessageDigest digest;
if (verifySig) { if (verifySig) {
digest = SHA1.getInstance(); SigType type = _identity.getSigningPublicKey().getType();
if (type != SigType.EdDSA_SHA512_Ed25519) {
// This won't work for EdDSA
digest = _identity.getSigningPublicKey().getType().getDigestInstance();
// TODO any better way?
digest.update(_identity.toByteArray());
din = new DigestInputStream(in, digest); din = new DigestInputStream(in, digest);
} else { } else {
digest = null; digest = null;
din = in; din = in;
} }
_identity = new RouterIdentity(); } else {
_identity.readBytes(din); digest = null;
din = in;
}
// avoid thrashing objects // avoid thrashing objects
//Date when = DataHelper.readDate(in); //Date when = DataHelper.readDate(in);
//if (when == null) //if (when == null)
@ -558,9 +569,16 @@ public class RouterInfo extends DatabaseEntry {
_signature.readBytes(in); _signature.readBytes(in);
if (verifySig) { if (verifySig) {
SHA1Hash hash = new SHA1Hash(digest.digest()); SigType type = _identity.getSigningPublicKey().getType();
if (type != SigType.EdDSA_SHA512_Ed25519) {
// This won't work for EdDSA
SimpleDataStructure hash = _identity.getSigningPublicKey().getType().getHashInstance();
hash.setData(digest.digest());
_isValid = DSAEngine.getInstance().verifySignature(_signature, hash, _identity.getSigningPublicKey()); _isValid = DSAEngine.getInstance().verifySignature(_signature, hash, _identity.getSigningPublicKey());
_validated = true; _validated = true;
} else {
doValidate();
}
if (!_isValid) { if (!_isValid) {
throw new DataFormatException("Bad sig"); throw new DataFormatException("Bad sig");
} }