forked from I2P_Developers/i2p.i2p
Fix creation of Encrypted LS2
Blinded flag bit goes on the inner LS, not the outer Fix corruption of inner signature Broken in 0.9.42
This commit is contained in:
@ -411,10 +411,6 @@ public class EncryptedLeaseSet extends LeaseSet2 {
|
|||||||
if (_signature == null)
|
if (_signature == null)
|
||||||
throw new IllegalStateException("not signed");
|
throw new IllegalStateException("not signed");
|
||||||
ByteArrayOutputStream baos = new ByteArrayOutputStream();
|
ByteArrayOutputStream baos = new ByteArrayOutputStream();
|
||||||
// inner LS is always unpublished
|
|
||||||
int saveFlags = _flags;
|
|
||||||
setUnpublished();
|
|
||||||
setBlindedWhenPublished();
|
|
||||||
try {
|
try {
|
||||||
// Inner layer - type - data covered by sig
|
// Inner layer - type - data covered by sig
|
||||||
baos.write(KEY_TYPE_LS2);
|
baos.write(KEY_TYPE_LS2);
|
||||||
@ -425,8 +421,6 @@ public class EncryptedLeaseSet extends LeaseSet2 {
|
|||||||
throw new IllegalStateException("Error encrypting LS2", dfe);
|
throw new IllegalStateException("Error encrypting LS2", dfe);
|
||||||
} catch (IOException ioe) {
|
} catch (IOException ioe) {
|
||||||
throw new IllegalStateException("Error encrypting LS2", ioe);
|
throw new IllegalStateException("Error encrypting LS2", ioe);
|
||||||
} finally {
|
|
||||||
_flags = saveFlags;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// layer 2 (inner) encryption
|
// layer 2 (inner) encryption
|
||||||
@ -847,14 +841,16 @@ public class EncryptedLeaseSet extends LeaseSet2 {
|
|||||||
// inner LS is always unpublished
|
// inner LS is always unpublished
|
||||||
int saveFlags = _flags;
|
int saveFlags = _flags;
|
||||||
setUnpublished();
|
setUnpublished();
|
||||||
|
setBlindedWhenPublished();
|
||||||
super.sign(key);
|
super.sign(key);
|
||||||
_flags = saveFlags;
|
|
||||||
if (_log.shouldDebug()) {
|
if (_log.shouldDebug()) {
|
||||||
|
_log.debug("Created inner: " + super.toString());
|
||||||
_log.debug("Sign inner with key: " + key.getType() + ' ' + key.toBase64());
|
_log.debug("Sign inner with key: " + key.getType() + ' ' + key.toBase64());
|
||||||
_log.debug("Corresponding pubkey: " + key.toPublic());
|
_log.debug("Corresponding pubkey: " + key.toPublic());
|
||||||
_log.debug("Inner sig: " + _signature.getType() + ' ' + _signature.toBase64());
|
_log.debug("Inner sig: " + _signature.getType() + ' ' + _signature.toBase64());
|
||||||
}
|
}
|
||||||
encrypt(authType, clientKeys);
|
encrypt(authType, clientKeys);
|
||||||
|
_flags = saveFlags;
|
||||||
SigningPrivateKey bkey = Blinding.blind(key, _alpha);
|
SigningPrivateKey bkey = Blinding.blind(key, _alpha);
|
||||||
int len = size();
|
int len = size();
|
||||||
ByteArrayOutputStream out = new ByteArrayOutputStream(1 + len);
|
ByteArrayOutputStream out = new ByteArrayOutputStream(1 + len);
|
||||||
|
|||||||
@ -88,7 +88,12 @@ public class LeaseSet2 extends LeaseSet {
|
|||||||
return (_flags & FLAG_UNPUBLISHED) != 0;
|
return (_flags & FLAG_UNPUBLISHED) != 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @throws IllegalStateException if already signed
|
||||||
|
*/
|
||||||
public void setUnpublished() {
|
public void setUnpublished() {
|
||||||
|
if (_signature != null && (_flags & FLAG_UNPUBLISHED) == 0)
|
||||||
|
throw new IllegalStateException();
|
||||||
_flags |= FLAG_UNPUBLISHED;
|
_flags |= FLAG_UNPUBLISHED;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -102,9 +107,12 @@ public class LeaseSet2 extends LeaseSet {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Set if the unencrypted LS, when published, will be blinded/encrypted
|
* Set if the unencrypted LS, when published, will be blinded/encrypted
|
||||||
|
* @throws IllegalStateException if already signed
|
||||||
* @since 0.9.42
|
* @since 0.9.42
|
||||||
*/
|
*/
|
||||||
public void setBlindedWhenPublished() {
|
public void setBlindedWhenPublished() {
|
||||||
|
if (_signature != null && (_flags & FLAG_BLINDED) == 0)
|
||||||
|
throw new IllegalStateException();
|
||||||
_flags |= FLAG_BLINDED;
|
_flags |= FLAG_BLINDED;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -251,8 +259,11 @@ public class LeaseSet2 extends LeaseSet {
|
|||||||
* @param transientSPK the key that will sign the leaseset
|
* @param transientSPK the key that will sign the leaseset
|
||||||
* @param offlineSig the signature by the spk in the destination
|
* @param offlineSig the signature by the spk in the destination
|
||||||
* @return success, false if verify failed or expired
|
* @return success, false if verify failed or expired
|
||||||
|
* @throws IllegalStateException if already signed
|
||||||
*/
|
*/
|
||||||
public boolean setOfflineSignature(long expires, SigningPublicKey transientSPK, Signature offlineSig) {
|
public boolean setOfflineSignature(long expires, SigningPublicKey transientSPK, Signature offlineSig) {
|
||||||
|
if (_signature != null)
|
||||||
|
throw new IllegalStateException();
|
||||||
_flags |= FLAG_OFFLINE_KEYS;
|
_flags |= FLAG_OFFLINE_KEYS;
|
||||||
_transientExpires = expires;
|
_transientExpires = expires;
|
||||||
_transientSigningPublicKey = transientSPK;
|
_transientSigningPublicKey = transientSPK;
|
||||||
@ -691,6 +702,7 @@ public class LeaseSet2 extends LeaseSet {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
buf.append("\n\tUnpublished? ").append(isUnpublished());
|
buf.append("\n\tUnpublished? ").append(isUnpublished());
|
||||||
|
buf.append("\n\tBlinded? ").append(isBlindedWhenPublished());
|
||||||
buf.append("\n\tSignature: ").append(_signature);
|
buf.append("\n\tSignature: ").append(_signature);
|
||||||
buf.append("\n\tPublished: ").append(new java.util.Date(_published));
|
buf.append("\n\tPublished: ").append(new java.util.Date(_published));
|
||||||
buf.append("\n\tExpires: ").append(new java.util.Date(_expires));
|
buf.append("\n\tExpires: ").append(new java.util.Date(_expires));
|
||||||
|
|||||||
@ -1,4 +1,9 @@
|
|||||||
|
2020-06-06 zzz
|
||||||
|
* Data: Fix creation of Encrypted LS2
|
||||||
|
* I2CP: Fix issues with persisted leaseset private keys
|
||||||
|
|
||||||
2020-06-03 zzz
|
2020-06-03 zzz
|
||||||
|
* i2psnark: Enable dual-keys
|
||||||
* Router: Implement ratchet-layer acks (proposal 144)
|
* Router: Implement ratchet-layer acks (proposal 144)
|
||||||
|
|
||||||
2020-06-01 zzz
|
2020-06-01 zzz
|
||||||
|
|||||||
@ -18,7 +18,7 @@ public class RouterVersion {
|
|||||||
/** deprecated */
|
/** deprecated */
|
||||||
public final static String ID = "Monotone";
|
public final static String ID = "Monotone";
|
||||||
public final static String VERSION = CoreVersion.VERSION;
|
public final static String VERSION = CoreVersion.VERSION;
|
||||||
public final static long BUILD = 4;
|
public final static long BUILD = 5;
|
||||||
|
|
||||||
/** for example "-test" */
|
/** for example "-test" */
|
||||||
public final static String EXTRA = "";
|
public final static String EXTRA = "";
|
||||||
|
|||||||
Reference in New Issue
Block a user