/** * This can come in later but the hash must match. * @throws IllegalArgumentException if hash of dest doesn't match previous hash */ public void setDestination(Destination dest) throws IllegalArgumentException { if (this.dest != null) return; if (!dest.calculateHash().equals(this.hash)) throw new IllegalArgumentException("Hash mismatch, was: " + this.hash + " new: " + dest.calculateHash()); this.dest = dest; }
/** * @param padding null OK, must be non-null if spubkey length < 128 * @throws IllegalArgumentException on mismatch of spubkey and spk types * @since 0.9.16 */ public PrivateKeyFile(File file, PublicKey pubkey, SigningPublicKey spubkey, Certificate cert, PrivateKey pk, SigningPrivateKey spk, byte[] padding) { if (spubkey.getType() != spk.getType()) throw new IllegalArgumentException("Signing key type mismatch"); this.file = file; this.client = null; this.dest = new Destination(); this.dest.setPublicKey(pubkey); this.dest.setSigningPublicKey(spubkey); this.dest.setCertificate(cert); if (padding != null) this.dest.setPadding(padding); this.privKey = pk; this.signingPrivKey = spk; }
@Override public boolean equals(Object obj) { if (obj == null || !(obj instanceof I2PSocketAddress)) return false; I2PSocketAddress o = (I2PSocketAddress) obj; if (_port != o._port) return false; if (_dest != null) return _dest.equals(o._dest); if (o._dest != null) return false; if (_host != null) return _host.equals(o._host); return o._host == null; }
/** * Change cert type - caller must also call write(). * Side effect - creates new Destination object. */ public Certificate setCertType(int t) { if (this.dest == null) throw new IllegalArgumentException("Dest is null"); Certificate c = new Certificate(); c.setCertificateType(t); // dests now immutable, must create new Destination newdest = new Destination(); newdest.setPublicKey(dest.getPublicKey()); newdest.setSigningPublicKey(dest.getSigningPublicKey()); newdest.setCertificate(c); dest = newdest; return c; }
protected byte[] doWriteMessage() throws I2CPMessageException, IOException { if (_dest == null) { if (_hash == null) return new byte[0]; // null response allowed return _hash.getData(); } ByteArrayOutputStream os = new ByteArrayOutputStream(_dest.size()); try { _dest.writeBytes(os); } catch (DataFormatException dfe) { throw new I2CPMessageException("Error writing out the dest", dfe); } return os.toByteArray(); }
if (dest == null) return false; if (dest.getSigType() != SigType.DSA_SHA1) return false; PublicKey pub = dest.getPublicKey(); PrivateKey priv = pkf.getPrivKey(); SimpleDataStructure[] signingKeys = KeyGenerator.getInstance().generateSigningKeys(PREFERRED_SIGTYPE); SigningPrivateKey signingPrivKey = (SigningPrivateKey) signingKeys[1]; KeyCertificate cert = new KeyCertificate(signingPubKey); Destination d = new Destination(); d.setPublicKey(pub); d.setSigningPublicKey(signingPubKey); d.setCertificate(cert); int len = signingPubKey.length(); if (len < 128) { byte[] pad = new byte[128 - len]; RandomSource.getInstance().nextBytes(pad); d.setPadding(pad); } else if (len > 128) { d.writeBytes(out); priv.writeBytes(out); signingPrivKey.writeBytes(out); try { out.close(); } catch (IOException ioe) {} String destStr = d.toBase64(); log("Alternate private key created and saved in " + altFile.getAbsolutePath()); log("You should backup this file in a secure place.");
/** connect to the given destination */ I2PSocket connect(PeerID peer) throws IOException { I2PSocketManager mgr = _manager; if (mgr == null) throw new IOException("No socket manager"); Destination addr = peer.getAddress(); if (addr == null) throw new IOException("Null address"); if (addr.equals(getMyDestination())) throw new IOException("Attempt to connect to myself"); Hash dest = addr.calculateHash(); if (_banlist.contains(dest)) throw new IOException("Not trying to contact " + dest.toBase64() + ", as they are banlisted"); try { // TODO opts.setPort(xxx); connect(addr, opts) // DHT moved above 6881 in 0.9.9 I2PSocket rv = _manager.connect(addr); if (rv != null) _banlist.remove(dest); return rv; } catch (I2PException ie) { _banlist.add(dest); _context.simpleTimer2().addEvent(new Unbanlist(dest), 10*60*1000); IOException ioe = new IOException("Unable to reach the peer " + peer); ioe.initCause(ie); throw ioe; } }
if (dest.getSigningPublicKey().equals(existingClient.getSigningPublicKey())) throw new IllegalArgumentException("signing key must differ"); if (!dest.getPublicKey().equals(existingClient.getPublicKey())) throw new IllegalArgumentException("encryption key mismatch"); Hash h = dest.calculateHash(); Hash e = existingClient.calculateHash(); synchronized(this) { TunnelPool inbound = _clientInboundPools.get(h); if (inbound != null || outbound != null) { if (_log.shouldLog(Log.WARN)) _log.warn("already have alias " + dest.toBase32()); return false; _log.warn("Added " + dest.toBase32() + " as alias for " + existingClient.toBase32() + " with settings " + settings); return true;
System.arraycopy(this.dest.getPublicKey().getData(), 0, data, 0, PublicKey.KEYSIZE_BYTES); System.arraycopy(this.dest.getSigningPublicKey().getData(), 0, data, PublicKey.KEYSIZE_BYTES, SigningPublicKey.KEYSIZE_BYTES); byte[] payload = new byte[Hash.HASH_LENGTH + Signature.SIGNATURE_BYTES]; Signature sign = DSAEngine.getInstance().sign(data, spk2); System.arraycopy(sig, 0, payload, 0, Signature.SIGNATURE_BYTES); byte[] h2 = d2.calculateHash().getData(); System.arraycopy(h2, 0, payload, Signature.SIGNATURE_BYTES, Hash.HASH_LENGTH); c.setCertificateType(Certificate.CERTIFICATE_TYPE_SIGNED);
/** * create from an existing Dest * @param d must be non-null */ public VerifiedDestination(Destination d) throws DataFormatException { this(d.toBase64()); }
/** * Does the base64 information look OK * * @param data * @return OK */ private static boolean is64ok(String data) { try { new Destination(data); return true; } catch (Exception e) { return false; } }
boolean useOldKeys = true; int colon = sspk.indexOf(':'); SigType type = dest.getSigType(); if (colon > 0) { String stype = sspk.substring(0, colon); PublicKey pk = dest.getPublicKey(); for (Map.Entry<Destination, LeaseInfo> e : _existingLeaseSets.entrySet()) { if (pk.equals(e.getKey().getPublicKey())) { privKeys.addAll(e.getValue().getPrivateKeys()); if (_log.shouldLog(Log.DEBUG)) boolean encrypt = Boolean.parseBoolean(opts.getProperty(PROP_LS_ENCRYPT)); String sk = opts.getProperty(PROP_LS_KEY); Hash h = dest.calculateHash(); if (encrypt && sk != null) { SessionKey key = new SessionKey();
_log.info("Connecting to " + peer.calculateHash().toBase64().substring(0,6) + " with options: " + opts); if (!_subsessions.isEmpty()) { updateUserDsaList(); Hash h = peer.calculateHash(); SigAlgo myAlgo = session.getMyDestination().getSigType().getBaseAlgorithm(); if ((myAlgo == SigAlgo.EC && _ecUnsupported.contains(h)) || (myAlgo == SigAlgo.EdDSA && _edUnsupported.contains(h)) || if (sess.getMyDestination().getSigType() == SigType.DSA_SHA1) { session = sess; break;
public void readBytes(InputStream rawConfig) throws DataFormatException, IOException { _destination = Destination.create(rawConfig); _options = DataHelper.readProperties(rawConfig); _creationDate = DataHelper.readDate(rawConfig); _signature = new Signature(_destination.getSigningPublicKey().getType()); _signature.readBytes(rawConfig); }
Hash destHash = dest.calculateHash(); if (_log.shouldLog(Log.DEBUG)) _log.debug("SessionEstablished called for destination " + destHash); if (!dest.getPublicKey().equals(sp.dest.getPublicKey())) return SessionStatusMessage.STATUS_INVALID;
/** * Read in the given destination, display it, and write it to the given location * Deprecated - only used by CLI * * @param readFrom stream to read the destination from * @param pubDest stream to write the destination to * @param l logger to send messages to */ private static void showKey(InputStream readFrom, OutputStream pubDest, Logging l) { try { Destination d = new Destination(); d.readBytes(readFrom); l.log("Destination: " + d.toBase32()); readFrom.close(); writePubKey(d, pubDest, l); } catch (I2PException ex) { ex.printStackTrace(); } catch (IOException ex) { ex.printStackTrace(); } }
synchronized(_cache) { rv = _cache.get(sk); if (rv != null && rv.getPublicKey().equals(pk) && rv.getCertificate().equals(c)) { rv = new Destination(pk, sk, c, padding); _cache.put(sk, rv);
/** * Write out the destination to the stream * Deprecated - only used by CLI * * @param d Destination to write * @param o stream to write the destination to, or null for noop * @param l logger to send messages to */ private static void writePubKey(Destination d, OutputStream o, Logging l) throws I2PException, IOException { if (o == null) return; d.writeBytes(o); l.log("Public key saved."); }
/** * Verify that the PublicKey matches the PrivateKey, and * the SigningPublicKey matches the SigningPrivateKey. * * @return success * @since 0.9.16 */ public boolean validateKeyPairs() { try { if (!dest.getPublicKey().equals(KeyGenerator.getPublicKey(privKey))) return false; return dest.getSigningPublicKey().equals(KeyGenerator.getSigningPublicKey(signingPrivKey)); } catch (IllegalArgumentException iae) { return false; } }
@Override public boolean verifyClientLiveliness() { if (_manager == null) return true; boolean lively = true; for (Destination dest : _manager.getRunnerDestinations()) { ClientConnectionRunner runner = _manager.getRunner(dest); if ( (runner == null) || (runner.getIsDead())) continue; LeaseSet ls = runner.getLeaseSet(dest.calculateHash()); if (ls == null) continue; // still building long howLongAgo = _context.clock().now() - ls.getEarliestLeaseDate(); if (howLongAgo > MAX_TIME_TO_REBUILD) { if (_log.shouldLog(Log.ERROR)) _log.error("Client " + dest.toBase32() + " has a leaseSet that expired " + DataHelper.formatDuration(howLongAgo) + " ago"); lively = false; } } return lively; }