echelon/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix creation of Encrypted LS2

Browse Source 
Blinded flag bit goes on the inner LS, not the outer
Fix corruption of inner signature
Broken in 0.9.42
This commit is contained in:
zzz
2020-06-06 17:24:26 +00:00
parent cd77461fba
commit ac76d544b9
4 changed files with 21 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
core/java/src/net/i2p/data/EncryptedLeaseSet.java
View File

@ -411,10 +411,6 @@ public class EncryptedLeaseSet extends LeaseSet2 {
if (_signature == null)
throw new IllegalStateException("not signed");
ByteArrayOutputStream baos = new ByteArrayOutputStream();
// inner LS is always unpublished
int saveFlags = _flags;
setUnpublished();
setBlindedWhenPublished();
try {
// Inner layer - type - data covered by sig
baos.write(KEY_TYPE_LS2);
@ -425,8 +421,6 @@ public class EncryptedLeaseSet extends LeaseSet2 {
throw new IllegalStateException("Error encrypting LS2", dfe);
} catch (IOException ioe) {
throw new IllegalStateException("Error encrypting LS2", ioe);
} finally {
_flags = saveFlags;
}
// layer 2 (inner) encryption
@ -847,14 +841,16 @@ public class EncryptedLeaseSet extends LeaseSet2 {
// inner LS is always unpublished
int saveFlags = _flags;
setUnpublished();
setBlindedWhenPublished();
super.sign(key);
_flags = saveFlags;
if (_log.shouldDebug()) {
_log.debug("Created inner: " + super.toString());
_log.debug("Sign inner with key: " + key.getType() + ' ' + key.toBase64());
_log.debug("Corresponding pubkey: " + key.toPublic());
_log.debug("Inner sig: " + _signature.getType() + ' ' + _signature.toBase64());
}
encrypt(authType, clientKeys);
_flags = saveFlags;
SigningPrivateKey bkey = Blinding.blind(key, _alpha);
int len = size();
ByteArrayOutputStream out = new ByteArrayOutputStream(1 + len);

12
core/java/src/net/i2p/data/LeaseSet2.java
View File

@ -88,7 +88,12 @@ public class LeaseSet2 extends LeaseSet {
return (_flags & FLAG_UNPUBLISHED) != 0;
}
/**
* @throws IllegalStateException if already signed
*/
public void setUnpublished() {
if (_signature != null && (_flags & FLAG_UNPUBLISHED) == 0)
throw new IllegalStateException();
_flags |= FLAG_UNPUBLISHED;
}
@ -102,9 +107,12 @@ public class LeaseSet2 extends LeaseSet {
/**
* Set if the unencrypted LS, when published, will be blinded/encrypted
* @throws IllegalStateException if already signed
* @since 0.9.42
*/
public void setBlindedWhenPublished() {
if (_signature != null && (_flags & FLAG_BLINDED) == 0)
throw new IllegalStateException();
_flags |= FLAG_BLINDED;
}
@ -251,8 +259,11 @@ public class LeaseSet2 extends LeaseSet {
* @param transientSPK the key that will sign the leaseset
* @param offlineSig the signature by the spk in the destination
* @return success, false if verify failed or expired
* @throws IllegalStateException if already signed
*/
public boolean setOfflineSignature(long expires, SigningPublicKey transientSPK, Signature offlineSig) {
if (_signature != null)
throw new IllegalStateException();
_flags |= FLAG_OFFLINE_KEYS;
_transientExpires = expires;
_transientSigningPublicKey = transientSPK;
@ -691,6 +702,7 @@ public class LeaseSet2 extends LeaseSet {
}
}
buf.append("\n\tUnpublished? ").append(isUnpublished());
buf.append("\n\tBlinded? ").append(isBlindedWhenPublished());
buf.append("\n\tSignature: ").append(_signature);
buf.append("\n\tPublished: ").append(new java.util.Date(_published));
buf.append("\n\tExpires: ").append(new java.util.Date(_expires));