/** * The conmment file for a torrent * @param confDir the config directory * @param ih 20-byte infohash * @since 0.9.31 */ private static File commentFile(File confDir, byte[] ih) { String hex = I2PSnarkUtil.toHex(ih); File subdir = new SecureDirectory(confDir, SUBDIR_PREFIX + B64.charAt((ih[0] >> 2) & 0x3f)); return new File(subdir, hex + COMMENT_FILE_SUFFIX); }
/** * The config file for a torrent * @param confDir the config directory * @param ih 20-byte infohash * @since 0.9.15 */ private static File configFile(File confDir, byte[] ih) { String hex = I2PSnarkUtil.toHex(ih); File subdir = new SecureDirectory(confDir, SUBDIR_PREFIX + B64.charAt((ih[0] >> 2) & 0x3f)); return new File(subdir, hex + CONFIG_FILE_SUFFIX); }
public ProfilePersistenceHelper(RouterContext ctx) { _context = ctx; _log = ctx.logManager().getLog(ProfilePersistenceHelper.class); String dir = _context.getProperty(PROP_PEER_PROFILE_DIR, DEFAULT_PEER_PROFILE_DIR); _profileDir = new SecureDirectory(_context.getRouterDir(), dir); if (!_profileDir.exists()) _profileDir.mkdirs(); for (int j = 0; j < B64.length(); j++) { File subdir = new SecureDirectory(_profileDir, DIR_PREFIX + B64.charAt(j)); if (!subdir.exists()) subdir.mkdir(); } }
public File getDataDir() { String dir = _config.getProperty(PROP_DIR, _contextName); File f; if (areFilesPublic()) f = new File(dir); else f = new SecureDirectory(dir); if (!f.isAbsolute()) { if (areFilesPublic()) f = new File(_context.getAppDir(), dir); else f = new SecureDirectory(_context.getAppDir(), dir); } return f; }
private File getDbDir(String dbDir) throws IOException { File f = new SecureDirectory(_context.getRouterDir(), dbDir); if (!f.exists()) { boolean created = f.mkdirs(); if (!created) throw new IOException("Unable to create the DB directory [" + f.getAbsolutePath() + "]"); } if (!f.isDirectory()) throw new IOException("DB directory [" + f.getAbsolutePath() + "] is not a directory!"); if (!f.canRead()) throw new IOException("DB directory [" + f.getAbsolutePath() + "] is not readable!"); if (!f.canWrite()) throw new IOException("DB directory [" + f.getAbsolutePath() + "] is not writable!"); if (_flat) { unmigrate(f); } else { for (int j = 0; j < B64.length(); j++) { File subdir = new SecureDirectory(f, DIR_PREFIX + B64.charAt(j)); if (!subdir.exists()) subdir.mkdir(); } File routerInfoFiles[] = f.listFiles(RI_FILTER); if (routerInfoFiles != null) migrate(f, routerInfoFiles); } return f; }
_tmpDirRand.nextBytes(rand); String f = "i2p-" + Base64.encode(rand) + ".tmp"; _tmpDir = new SecureDirectory(d, f); if (_tmpDir.exists()) { } else { System.err.println("WARNING: Could not create temp dir " + _tmpDir.getAbsolutePath()); _tmpDir = new SecureDirectory(_routerDir, "tmp"); _tmpDir.mkdirs(); if (!_tmpDir.exists())
/** * Create (if necessary) and load the key store, then run. */ private SigningPrivateKey initialize() throws GeneralSecurityException { File dir = new SecureDirectory(_context.getConfigDir(), KS_DIR); File keyStore = new File(dir, KEYSTORE_PREFIX + _fname + KEYSTORE_SUFFIX); verifyKeyStore(keyStore); return getPrivKey(keyStore); }
public void runJob() { String keyDir = getContext().getProperty(PROP_KEYDIR, DEFAULT_KEYDIR); File dir = new SecureDirectory(getContext().getRouterDir(), keyDir); if (!dir.exists()) dir.mkdirs(); if (dir.exists() && dir.isDirectory() && dir.canRead() && dir.canWrite()) { synchronized(KeyManager.this) { syncKeys(dir); } } else { _log.log(Log.CRIT, "Unable to synchronize keys in " + keyDir + " - permissions problem?"); } }
/** * Save the CRL just in case. * @param ksdir parent of directory to save in * @since 0.9.25 */ private void exportCRL(File ksdir, X509CRL crl) { File sdir = new SecureDirectory(ksdir, CRL_DIR); if (sdir.exists() || sdir.mkdirs()) { String name = KEYSTORE_PREFIX + _fname.replace("@", "_at_") + '-' + System.currentTimeMillis() + CRL_SUFFIX; File out = new File(sdir, name); boolean success = CertUtil.saveCRL(crl, out); if (success) { _log.logAlways(Log.INFO, "Created certificate revocation list (CRL) for netdb family \"" + _fname + "\" in file: " + out.getAbsolutePath() + "\n" + "Back up the keystore and CRL files and keep them secure.\n" + "If your private key is ever compromised, give the CRL to an I2P developer for publication."); } else { _log.error("Error saving family key CRL"); } } else { _log.error("Error saving family key CRL"); } }
if (parent != null) { if (!parent.exists()) { File sd = new SecureDirectory(parent.getAbsolutePath()); boolean ok = sd.mkdirs(); if (!ok) {
File dir = ks.getParentFile(); if (!dir.exists()) { File sdir = new SecureDirectory(dir.getAbsolutePath()); if (!sdir.mkdirs()) throw new IOException("Unable to create keystore " + ks);
/** * Pull the cert back OUT of the keystore and save it as ascii * so the clients can get to it. * * @param name used to generate output file name * @param opts must contain optPfx + PROP_KEY_ALIAS * @param optPfx add this prefix when getting options */ private static void exportCert(File ks, String name, Properties opts, String optPfx) { File sdir = new SecureDirectory(I2PAppContext.getGlobalContext().getConfigDir(), CERT_DIR); if (sdir.exists() || sdir.mkdirs()) { String keyAlias = opts.getProperty(optPfx + PROP_KEY_ALIAS); String ksPass = opts.getProperty(optPfx + PROP_KEYSTORE_PASSWORD, KeyStoreUtil.DEFAULT_KEYSTORE_PASSWORD); File out = new File(sdir, PREFIX + name + ASCII_KEYFILE_SUFFIX); boolean success = KeyStoreUtil.exportCert(ks, ksPass, keyAlias, out); if (!success) error("Error getting SSL cert to save as ASCII"); } else { error("Error saving ASCII SSL keys"); } }
/** * Pull the cert back OUT of the keystore and save it as ascii * so the clients can get to it. * * @param name used to generate output file name * @param opts must contain PROP_KEY_ALIAS */ private static void exportCert(File ks, String name, Properties opts) { File sdir = new SecureDirectory(I2PAppContext.getGlobalContext().getConfigDir(), CERT_DIR); if (sdir.exists() || sdir.mkdirs()) { String keyAlias = opts.getProperty(PROP_KEY_ALIAS); String ksPass = opts.getProperty(PROP_KEYSTORE_PASSWORD, KeyStoreUtil.DEFAULT_KEYSTORE_PASSWORD); File out = new File(sdir, PREFIX + name + ASCII_KEYFILE_SUFFIX); boolean success = KeyStoreUtil.exportCert(ks, ksPass, keyAlias, out); if (!success) error("Error getting SSL cert to save as ASCII"); } else { error("Error saving ASCII SSL keys"); } }
/** * @return success if it exists and we have a password, or it was created successfully. * @throws GeneralSecurityException on keystore error */ private void verifyKeyStore(File ks) throws GeneralSecurityException { if (ks.exists()) { if (_context.getProperty(PROP_KEY_PASSWORD) == null) { String s ="Family key error, must set " + PROP_KEY_PASSWORD + " in " + (new File(_context.getConfigDir(), "router.config")).getAbsolutePath(); _log.error(s); throw new GeneralSecurityException(s); } return; } File dir = ks.getParentFile(); if (!dir.exists()) { File sdir = new SecureDirectory(dir.getAbsolutePath()); if (!sdir.mkdirs()) { String s ="Family key error, must set " + PROP_KEY_PASSWORD + " in " + (new File(_context.getConfigDir(), "router.config")).getAbsolutePath(); _log.error(s); throw new GeneralSecurityException(s); } } try { createKeyStore(ks); } catch (IOException ioe) { throw new GeneralSecurityException("Failed to create NetDb family keystore", ioe); } }
/** * Pull the cert back OUT of the keystore and save it as ascii * so the clients can get to it. * * @param name used to generate output file name * @param opts must contain PROP_KEY_ALIAS */ private static void exportCert(File ks, String name, Properties opts) { File sdir = new SecureDirectory(I2PAppContext.getGlobalContext().getConfigDir(), CERT_DIR); if (sdir.exists() || sdir.mkdirs()) { String keyAlias = opts.getProperty(PROP_KEY_ALIAS); String ksPass = opts.getProperty(PROP_KEYSTORE_PASSWORD, KeyStoreUtil.DEFAULT_KEYSTORE_PASSWORD); File out = new File(sdir, PREFIX + name + ASCII_KEYFILE_SUFFIX); boolean success = KeyStoreUtil.exportCert(ks, ksPass, keyAlias, out); if (!success) error("Error getting SSL cert to save as ASCII"); } else { error("Error saving ASCII SSL keys"); } }
/** * @return success if it exists and we have a password, or it was created successfully. */ private boolean verifyKeyStore(File ks) { if (ks.exists()) { boolean rv = _context.getProperty(PROP_KEY_PASSWORD) != null; if (!rv) _log.error("I2CP SSL error, must set " + PROP_KEY_PASSWORD + " in " + (new File(_context.getConfigDir(), "router.config")).getAbsolutePath()); return rv; } File dir = ks.getParentFile(); if (!dir.exists()) { File sdir = new SecureDirectory(dir.getAbsolutePath()); if (!sdir.mkdir()) return false; } boolean rv = createKeyStore(ks); // Now read it back out of the new keystore and save it in ascii form // where the clients can get to it. // Failure of this part is not fatal. if (rv) exportCert(ks); return rv; }
/** * Save the public key certificate * so the clients can get to it. */ private void exportCert(X509Certificate cert) { File sdir = new SecureDirectory(_context.getConfigDir(), CERT_DIR); if (sdir.exists() || sdir.mkdirs()) { String name = _fname.replace("@", "_at_") + CERT_SUFFIX; File out = new File(sdir, name); boolean success = CertUtil.saveCert(cert, out); if (success) { _log.logAlways(Log.INFO, "Created new public key certificate for netdb family \"" + _fname + "\" in file: " + out.getAbsolutePath() + "\n" + "The certificate will be associated with your router identity.\n" + "Copy the certificate to the directory $I2P/" + CERT_DIR + " for each of the other routers in the family.\n" + "Give this certificate to an I2P developer for inclusion in the next I2P release."); } else { _log.error("Error saving family key certificate"); } } else { _log.error("Error saving family key certificate"); } }
/** * Pull the cert back OUT of the keystore and save it as ascii * so the clients can get to it. */ private void exportCert(File ks) { File sdir = new SecureDirectory(_context.getConfigDir(), "certificates/i2cp"); if (sdir.exists() || sdir.mkdirs()) { String ksPass = _context.getProperty(PROP_KEYSTORE_PASSWORD, KeyStoreUtil.DEFAULT_KEYSTORE_PASSWORD); File out = new File(sdir, ASCII_KEYFILE); boolean success = KeyStoreUtil.exportCert(ks, ksPass, KEY_ALIAS, out); if (!success) _log.error("Error getting SSL cert to save as ASCII"); } else { _log.error("Error saving ASCII SSL keys"); } }
File netDbDir = new SecureDirectory(_context.getRouterDir(), dirName); if (!netDbDir.exists()) { netDbDir.mkdirs();
/** * @param baseName generally "i2psnark" * @since Jetty 7 */ public I2PSnarkUtil(I2PAppContext ctx, String baseName) { _context = ctx; _log = _context.logManager().getLog(Snark.class); _baseName = baseName; _opts = new HashMap<String, String>(); //setProxy("127.0.0.1", 4444); setI2CPConfig("127.0.0.1", I2PClient.DEFAULT_LISTEN_PORT, null); _banlist = new ConcurrentHashSet<Hash>(); _maxUploaders = Snark.MAX_TOTAL_UPLOADERS; _maxUpBW = SnarkManager.DEFAULT_MAX_UP_BW; _maxConnections = MAX_CONNECTIONS; _startupDelay = DEFAULT_STARTUP_DELAY; _shouldUseOT = DEFAULT_USE_OPENTRACKERS; _openTrackers = Collections.emptyList(); _shouldUseDHT = DEFAULT_USE_DHT; _collapsePanels = DEFAULT_COLLAPSE_PANELS; _enableRatings = _enableComments = true; _commentsName = ""; // This is used for both announce replies and .torrent file downloads, // so it must be available even if not connected to I2CP. // so much for multiple instances _tmpDir = new SecureDirectory(ctx.getTempDir(), baseName + '-' + ctx.random().nextInt()); //FileUtil.rmdir(_tmpDir, false); _tmpDir.mkdirs(); }