Changeset 2cd9b34


Ignore:
Timestamp:
Sep 2, 2017 12:21:55 PM (3 years ago)
Author:
zzz <zzz@…>
Branches:
master
Children:
8f4f7b7b
Parents:
94738c1
Message:

Data: Prohibit excess key data in certs (ticket #2035)

Files:
3 edited

Legend:

Unmodified
Added
Removed
  • core/java/src/net/i2p/data/SigningPublicKey.java

    r94738c1 r2cd9b34  
    133133            return new SigningPublicKey(null, _data);
    134134        int newLen = newType.getPubkeyLen();
    135         if (newLen == SigType.DSA_SHA1.getPubkeyLen())
     135        int ctype = kcert.getCryptoTypeCode();
     136        if (ctype == 0) {
     137            // prohibit excess key data
     138            // TODO non-zero crypto type if added
     139            int sz = 7;
     140            if (newLen > KEYSIZE_BYTES)
     141                sz += newLen - KEYSIZE_BYTES;
     142            if (kcert.size() != sz)
     143                throw new IllegalArgumentException("Excess data in key certificate");
     144        }
     145        if (newLen == KEYSIZE_BYTES)
    136146            return new SigningPublicKey(newType, _data);
    137147        byte[] newData = new byte[newLen];
    138         if (newLen < SigType.DSA_SHA1.getPubkeyLen()) {
     148        if (newLen < KEYSIZE_BYTES) {
    139149            // right-justified
    140150            System.arraycopy(_data, _data.length - newLen, newData, 0, newLen);
     
    164174            throw new IllegalStateException("Cannot convert " + _type + " to " + newType);
    165175        int newLen = newType.getPubkeyLen();
    166         if (newLen >= SigType.DSA_SHA1.getPubkeyLen())
     176        if (newLen >= KEYSIZE_BYTES)
    167177            return null;
    168         int padLen = SigType.DSA_SHA1.getPubkeyLen() - newLen;
     178        int padLen = KEYSIZE_BYTES - newLen;
    169179        byte[] pad = new byte[padLen];
    170180        System.arraycopy(_data, 0, pad, 0, padLen);
  • history.txt

    r94738c1 r2cd9b34  
     12017-09-02 zzz
     2 * Data: Prohibit excess key data in certs (ticket #2035)
     3 * i2psnark: New open trackers
     4 * Startup: Add property to disable output redirect (ticket #2037)
     5
    162017-08-26 str4d
    27 * Console (light):
  • router/java/src/net/i2p/router/RouterVersion.java

    r94738c1 r2cd9b34  
    1919    public final static String ID = "Monotone";
    2020    public final static String VERSION = CoreVersion.VERSION;
    21     public final static long BUILD = 1;
     21    public final static long BUILD = 2;
    2222
    2323    /** for example "-test" */
Note: See TracChangeset for help on using the changeset viewer.