Changeset 491cd0a

Timestamp:

Apr 2, 2019 5:32:39 PM (2 years ago)

Author:

zab2 <zab2@…>

Branches:

master

Children:

b7d980d

Parents:

e380b26 (diff), 567bccb (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the (diff) links above to see all the changes relative to each parent.

Message:

propagate from branch 'i2p.i2p.zab.2464' (head 47c50de0eaf4a41d0c0b2df3505ff3b885163791)

to branch 'i2p.i2p' (head a34db176d9f6313db1b8fd16926c8c2ca7e12e09)

Files:

• apps/i2ptunnel/java/src/net/i2p/i2ptunnel/I2PTunnelHTTPClient.java (modified) (1 diff)
• apps/sam/java/src/net/i2p/sam/SAMUtils.java (modified) (1 diff)
• core/java/src/net/i2p/crypto/Blinding.java (modified) (2 diffs)
• core/java/src/net/i2p/crypto/SelfSignedGenerator.java (modified) (1 diff)
• core/java/src/net/i2p/crypto/SigContext.java (added)
• core/java/src/net/i2p/data/Base32.java (modified) (1 diff)
• core/java/src/net/i2p/data/BlindData.java (modified) (6 diffs)
• core/java/src/net/i2p/data/DatabaseEntry.java (modified) (2 diffs)
• core/java/src/net/i2p/data/EncryptedLeaseSet.java (modified) (5 diffs)
• core/java/src/net/i2p/data/PrivateKey.java (modified) (4 diffs)
• core/java/src/net/i2p/data/SigningPrivateKey.java (modified) (4 diffs)
• debian-alt/jessie/control (modified) (5 diffs)
• debian-alt/precise/control (modified) (1 diff)
• debian-alt/trusty/control (modified) (1 diff)
• debian/po/sv.po (modified) (9 diffs)
• history.txt (modified) (1 diff)
• router/java/src/net/i2p/router/NetworkDatabaseFacade.java (modified) (2 diffs)
• router/java/src/net/i2p/router/RouterVersion.java (modified) (1 diff)
• router/java/src/net/i2p/router/client/ClientConnectionRunner.java (modified) (1 diff)
• router/java/src/net/i2p/router/client/LookupDestJob.java (modified) (10 diffs)
• router/java/src/net/i2p/router/message/SendMessageDirectJob.java (modified) (1 diff)
• router/java/src/net/i2p/router/networkdb/kademlia/BlindCache.java (added)
• router/java/src/net/i2p/router/networkdb/kademlia/KademliaNetworkDatabaseFacade.java (modified) (15 diffs)

apps/i2ptunnel/java/src/net/i2p/i2ptunnel/I2PTunnelHTTPClient.java

@@ -1248 +1248 @@
                 } else if(ahelperPresent) {
                     header = getErrorPage("dnfb", ERR_DESTINATION_UNKNOWN);
-                } else if(destination.length() == 60 && destination.toLowerCase(Locale.US).endsWith(".b32.i2p")) {
+                } else if(destination.length() >= 60 && destination.toLowerCase(Locale.US).endsWith(".b32.i2p")) {
                     header = getErrorPage("nols", ERR_DESTINATION_UNKNOWN);
                     extraMessage = _t("Destination lease set not found");

apps/sam/java/src/net/i2p/sam/SAMUtils.java

@@ -172 +172 @@
             if (s.length() >= 516)
                 msg = "Bad Base64 dest: ";
-            else if (s.length() == 60 && s.endsWith(".b32.i2p"))
+            else if (s.length() >= 60 && s.endsWith(".b32.i2p"))
                 msg = "Lease set not found: ";
             else

core/java/src/net/i2p/crypto/Blinding.java

@@ -219 +219 @@
      *
      *  @param b 35+ bytes
+     *  @return BlindData structure, use getUnblindedPubKey() for the result
      *  @throws IllegalArgumentException on bad inputs
      *  @throws UnsupportedOperationException unless supported SigTypes
@@ -314 +315 @@
     }
 
+    public static void main(String args[]) throws Exception {
+        if (args.length != 1) {
+            System.out.println("Usage: blinding {56 chars}.b32.i2p");
+            System.exit(1);
+        }
+        System.out.println("Blinded B32: " + args[0]);
+        System.out.println(decode(I2PAppContext.getGlobalContext(), args[0]).toString());
+    }
+
 /******
     public static void main(String args[]) throws Exception {

core/java/src/net/i2p/crypto/SelfSignedGenerator.java

@@ -250 +250 @@
         if (!cpub.equals(jpub)) {
             boolean ok = false;
-            if (cpub.getClass().getName().equals("sun.security.x509.X509Key")) {
+            if ((jpub instanceof EdDSAPublicKey) &&
+                cpub.getClass().getName().equals("sun.security.x509.X509Key")) {
                 // X509Certificate will sometimes contain an X509Key rather than the EdDSAPublicKey itself; the contained
                 // key is valid but needs to be instanced as an EdDSAPublicKey before it can be used.

core/java/src/net/i2p/data/Base32.java

@@ -116 +116 @@
         byte decoded[] = decode(DataHelper.getUTF8(read(in)));
         if (decoded == null) {
-            System.out.println("FAIL");
+            System.err.println("FAIL");
             return;
         }

core/java/src/net/i2p/data/BlindData.java

@@ -26 +26 @@
 
     /**
+     *  @param secret may be null or zero-length
      *  @throws IllegalArgumentException on various errors
      */
@@ -34 +35 @@
 
     /**
+     *  @param secret may be null or zero-length
      *  @throws IllegalArgumentException on various errors
      */
@@ -41 +43 @@
         _blindType = blindType;
         _secret = secret;
-        _authType = 0;
+        _authType = -1;
         _authKey = null;
         // defer until needed
@@ -48 +50 @@
 
     /**
-     *  @return The blinded key for the current day
+     *  @return The unblinded SPK, non-null
+     */
+    public SigningPublicKey getUnblindedPubKey() {
+        return _clearSPK;
+    }
+
+    /**
+     *  @return The type of the blinded key
+     */
+    public SigType getBlindedSigType() {
+        return _blindType;
+    }
+
+    /**
+     *  @return The blinded key for the current day, non-null
      */
     public synchronized SigningPublicKey getBlindedPubKey() {
         calculate();
         return _blindSPK;
+    }
+
+    /**
+     *  @return The hash of the destination if known, or null
+     */
+    public synchronized Hash getDestHash() {
+        return _dest != null ? _dest.getHash() : null;
     }
 
@@ -100 +123 @@
 
     /**
-     *  @return 0 for no client auth
+     *  @return -1 for no client auth
      */
     public int getAuthType() {
         return _authType;
+    }
+
+    /**
+     *  @return null for no client auth
+     */
+    public PrivateKey getAuthPrivKey() {
+        return _authKey;
     }
 
@@ -128 +158 @@
         _blindHash = _context.sha().calculateHash(hashData);
     }
+    
+    @Override
+    public synchronized String toString() {
+        calculate();
+        StringBuilder buf = new StringBuilder(1024);
+        buf.append("[BlindData: ");
+        buf.append("\n\tSigningPublicKey: ").append(_clearSPK);
+        buf.append("\n\tAlpha           : ").append(_alpha);
+        buf.append("\n\tBlindedPublicKey: ").append(_blindSPK);
+        buf.append("\n\tBlinded Hash    : ").append(_blindHash);
+        if (_secret != null)
+            buf.append("\n\tSecret          : \"").append(_secret).append('"');
+        buf.append("\n\tAuth Type       : ");
+        if (_authType >= 0)
+            buf.append(_authType);
+        else
+            buf.append("none");
+        if (_authKey != null)
+            buf.append("\n\tAuth Key   : ").append(_authKey);
+        if (_dest != null)
+            buf.append("\n\tDestination: ").append(_dest);
+        else
+            buf.append("\n\tDestination: unknown");
+        buf.append(']');
+        return buf.toString();
+    }
 }

core/java/src/net/i2p/data/DatabaseEntry.java

@@ -60 +60 @@
 
     protected volatile Signature _signature;
-    protected volatile Hash _currentRoutingKey;
-    protected volatile long _routingKeyGenMod;
+    // synch: this
+    private Hash _currentRoutingKey;
+    private long _routingKeyGenMod;
 
     /**
@@ -154 +155 @@
         RoutingKeyGenerator gen = ctx.routingKeyGenerator();
         long mod = gen.getLastChanged();
-        if (mod != _routingKeyGenMod) {
-            _currentRoutingKey = gen.getRoutingKey(getHash());
-            _routingKeyGenMod = mod;
+        synchronized(this) {
+            if (mod != _routingKeyGenMod) {
+                _currentRoutingKey = gen.getRoutingKey(getHash());
+                _routingKeyGenMod = mod;
+            }
+            return _currentRoutingKey;
         }
-        return _currentRoutingKey;
     }
 

core/java/src/net/i2p/data/EncryptedLeaseSet.java

@@ -34 +34 @@
     private Hash __calculatedHash;
     private SigningPrivateKey _alpha;
+    // to decrypt with if we don't have full dest
+    private SigningPublicKey _unblindedSPK;
     private String _secret;
     private final Log _log;
@@ -121 +123 @@
         }
         SigningPublicKey spk = dest.getSigningPublicKey();
+        setSigningKey(spk);
+    }
+
+    /**
+     * Overridden to set the blinded key
+     *
+     * @param spk unblinded key non-null, must be EdDSA_SHA512_Ed25519 or RedDSA_SHA512_Ed25519
+     * @throws IllegalStateException if already signed
+     * @throws IllegalArgumentException if not EdDSA
+     * @since 0.9.40
+     */
+    @Override
+    public void setSigningKey(SigningPublicKey spk) {
+        // TODO already-set checks
         SigType type = spk.getType();
         if (type != SigType.EdDSA_SHA512_Ed25519 &&
             type != SigType.RedDSA_SHA512_Ed25519)
             throw new IllegalArgumentException();
-        SigningPublicKey bpk = blind();
+        if (_unblindedSPK != null) {
+            if (!_unblindedSPK.equals(spk))
+                throw new IllegalArgumentException("unblinded pubkey mismatch");
+        } else {
+            _unblindedSPK = spk;
+        }
+        SigningPublicKey bpk = blind(spk);
         if (_signingKey == null)
             _signingKey = bpk;
@@ -140 +162 @@
      * @since 0.9.39
      */
-    private SigningPublicKey blind() {
-        SigningPublicKey spk = _destination.getSigningPublicKey();
+    private SigningPublicKey blind(SigningPublicKey spk) {
         I2PAppContext ctx = I2PAppContext.getGlobalContext();
         if (_published <= 0)
-            _alpha = Blinding.generateAlpha(ctx, _destination.getSigningPublicKey(), _secret);
+            _alpha = Blinding.generateAlpha(ctx, spk, _secret);
         else
-            _alpha = Blinding.generateAlpha(ctx, _destination.getSigningPublicKey(), _secret, _published);
+            _alpha = Blinding.generateAlpha(ctx, spk, _secret, _published);
         SigningPublicKey rv = Blinding.blind(spk, _alpha);
         if (_log.shouldDebug())
@@ -477 +498 @@
      */
     private byte[] getSubcredential(I2PAppContext ctx) {
-        if (_destination == null)
-            throw new IllegalStateException("no known destination to decrypt with");
-        SigningPublicKey destspk = _destination.getSigningPublicKey();
-        int spklen = destspk.length();
+        if (_unblindedSPK == null)
+            throw new IllegalStateException("no known SPK to decrypt with");
+        int spklen = _unblindedSPK.length();
         byte[] in = new byte[spklen + 4];
         // SHA256("credential" || spk || sigtypein || sigtypeout)
-        System.arraycopy(destspk.getData(), 0, in, 0, spklen);
-        DataHelper.toLong(in, spklen, 2, destspk.getType().getCode());
+        System.arraycopy(_unblindedSPK.getData(), 0, in, 0, spklen);
+        DataHelper.toLong(in, spklen, 2, _unblindedSPK.getType().getCode());
         DataHelper.toLong(in, spklen + 2, 2, SigType.RedDSA_SHA512_Ed25519.getCode());
         byte[] credential = hash(ctx, CREDENTIAL, in);
@@ -573 +593 @@
         }
         _log.info("ELS2 outer sig verify success");
-        if (_destination == null) {
-            _log.warn("ELS2 no dest to decrypt with");
+        if (_unblindedSPK == null) {
+            if (_log.shouldWarn())
+                _log.warn("ELS2 no dest/SPK to decrypt with", new Exception("I did it"));
             return true;
         }

core/java/src/net/i2p/data/PrivateKey.java

@@ -11 +11 @@
 
 import java.util.Arrays;
+import javax.security.auth.Destroyable;
 
 import net.i2p.crypto.EncType;
 import net.i2p.crypto.KeyGenerator;
+import net.i2p.util.SimpleByteCache;
 
 /**
@@ -25 +27 @@
  * @author jrandom
  */
-public class PrivateKey extends SimpleDataStructure {
+public class PrivateKey extends SimpleDataStructure implements Destroyable {
     private static final EncType DEF_TYPE = EncType.ELGAMAL_2048;
     public final static int KEYSIZE_BYTES = DEF_TYPE.getPrivkeyLen();
@@ -91 +93 @@
 
     /**
+     *  javax.security.auth.Destroyable interface
+     *
+     *  @since 0.9.40
+     */
+    public void destroy() {
+        byte[] data = _data;
+        if (data != null) {
+            _data = null;
+            Arrays.fill(data, (byte) 0);
+            SimpleByteCache.release(data);
+        }
+    }
+
+    /**
+     *  javax.security.auth.Destroyable interface
+     *
+     *  @since 0.9.40
+     */
+    public boolean isDestroyed() {
+        return _data == null;
+    }
+
+    /**
      *  @since 0.9.38
      */
@@ -96 +121 @@
     public String toString() {
         StringBuilder buf = new StringBuilder(64);
-        buf.append("[PrivateKey ").append(_type).append(": ");
+        buf.append("[PrivateKey ").append(_type).append(' ');
         int length = length();
         if (_data == null) {

core/java/src/net/i2p/data/SigningPrivateKey.java

@@ -11 +11 @@
 
 import java.util.Arrays;
+import javax.security.auth.Destroyable;
 
 import net.i2p.crypto.Blinding;
 import net.i2p.crypto.KeyGenerator;
 import net.i2p.crypto.SigType;
+import net.i2p.util.SimpleByteCache;
 
 /**
@@ -27 +29 @@
  * @author jrandom
  */
-public class SigningPrivateKey extends SimpleDataStructure {
+public class SigningPrivateKey extends SimpleDataStructure implements Destroyable {
     private static final SigType DEF_TYPE = SigType.DSA_SHA1;
     public final static int KEYSIZE_BYTES = DEF_TYPE.getPrivkeyLen();
@@ -117 +119 @@
 
     /**
+     *  javax.security.auth.Destroyable interface
+     *
+     *  @since 0.9.40
+     */
+    public void destroy() {
+        byte[] data = _data;
+        if (data != null) {
+            _data = null;
+            Arrays.fill(data, (byte) 0);
+            SimpleByteCache.release(data);
+        }
+    }
+
+    /**
+     *  javax.security.auth.Destroyable interface
+     *
+     *  @since 0.9.40
+     */
+    public boolean isDestroyed() {
+        return _data == null;
+    }
+
+    /**
      *  @since 0.9.8
      */
@@ -122 +147 @@
     public String toString() {
         StringBuilder buf = new StringBuilder(64);
-        buf.append("[SigningPrivateKey ").append(_type).append(": ");
+        buf.append("[SigningPrivateKey ").append(_type).append(' ');
         int length = length();
         if (_data == null) {

debian-alt/jessie/control

@@ -10 +10 @@
  ,debconf
  ,openjdk-7-jdk
-# Ant requires java 6 tools.jar:
-# Unable to locate tools.jar. Expected to find it in /usr/lib/jvm/java-6-openjdk-amd64/lib/tools.jar
- ,openjdk-6-jdk
  ,libtomcat8-java
  ,dh-apparmor
+ ,dh-systemd
+ ,bash-completion
  ,gettext
  ,libgetopt-java
@@ -34 +33 @@
  lsb-base (>= 3.0-6),
  service-wrapper
-Description: Anonymous network (I2P)
+Description: Invisible Internet Project (I2P) - anonymous network
  I2P is an anonymizing network, offering a simple layer that identity-sensitive
  applications can use to securely communicate. All data is wrapped with several
@@ -49 +48 @@
 Depends: ${shlibs:Depends}, i2p-router
 Homepage: https://geti2p.net/
-Description: I2P libjbigi library
+Description: Invisible Internet Project (I2P) - libjbigi library
  This Package contains the libjbigi JNI library (and on x86 platforms, jcpuid).
  .
@@ -63 +62 @@
 Depends: ${misc:Depends}
 Suggests: i2p, default-jdk-doc
-Description: I2P developer documentation
+Description: Invisible Internet Project (I2P) - developer documentation
  I2P is an anonymizing network, offering a simple layer that identity-sensitive
  applications can use to securely communicate. All data is wrapped with several
@@ -89 +88 @@
  ,privoxy
  ,syndie
-Description: Router for I2P
+Description: Invisible Internet Project (I2P) - Router
  I2P is an anonymizing network, offering a simple layer that identity-sensitive
  applications can use to securely communicate. All data is wrapped with several

debian-alt/precise/control

@@ -10 +10 @@
  ,debconf
  ,openjdk-7-jdk
-# Ant requires java 6 tools.jar:
-# Unable to locate tools.jar. Expected to find it in /usr/lib/jvm/java-6-openjdk-amd64/lib/tools.jar
- ,openjdk-6-jdk
  ,glassfish-javaee
  ,dh-apparmor
+ ,dh-systemd
  ,bash-completion
  ,gettext

debian-alt/trusty/control

@@ -10 +10 @@
  ,debconf
  ,openjdk-7-jdk
-# Ant requires java 6 tools.jar:
-# Unable to locate tools.jar. Expected to find it in /usr/lib/jvm/java-6-openjdk-amd64/lib/tools.jar
- ,openjdk-6-jdk
  ,glassfish-javaee
  ,dh-apparmor

debian/po/sv.po

@@ -2 +2 @@
 # Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
 # This file is distributed under the same license as the PACKAGE package.
-# 
+#
 # Translators:
 # Anders Nilsson <anders@devode.se>, 2015
@@ -12 +12 @@
 msgstr ""
 "Project-Id-Version: I2P\n"
-"Report-Msgid-Bugs-To: https://trac.i2p2.de/\n"
-"POT-Creation-Date: 2015-02-18 22:14+0000\n"
-"PO-Revision-Date: 2017-06-30 21:32+0000\n"
-"Last-Translator: Jony\n"
-"Language-Team: Swedish (Sweden) (http://www.transifex.com/otf/I2P/language/sv_SE/)\n"
+"Report-Msgid-Bugs-To: i2p@packages.debian.org\n"
+"POT-Creation-Date: 2017-11-12 14:01+0000\n"
+"PO-Revision-Date: 2019-03-26 06:10+0100\n"
+"Last-Translator: Jonatan Nyberg <jonatan.nyberg.karl@gmail.com>\n"
+"Language-Team: Swedish (Sweden) (http://www.transifex.com/otf/I2P/language/"
+"sv_SE/)\n"
+"Language: sv_SE\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
-"Language: sv_SE\n"
 "Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Generator: Poedit 2.2.1\n"
 
 #. Type: boolean
@@ -27 +29 @@
 #: ../i2p.templates:2001
 msgid "Should the I2P router be started at boot?"
-msgstr "Ska I2P routern startas vid systemstart?"
+msgstr "Ska I2P-routern startas vid systemstart?"
 
 #. Type: boolean
@@ -35 +37 @@
 "The I2P router can be run as a daemon that starts automatically when your "
 "computer boots up. This is the recommended configuration."
-msgstr "I2P routern kan köras som en tjänst (demon) som automatiskt startas när datorn startas. Detta är den rekommenderade konfigurationen. "
+msgstr ""
+"I2P-routern kan köras som en tjänst (demon) som automatiskt startas när "
+"datorn startas. Detta är den rekommenderade konfigurationen."
 
 #. Type: string
@@ -47 +51 @@
 #: ../i2p.templates:3001
 msgid ""
-"By default I2P is configured to run under the account i2psvc when running as"
-" a daemon. To use an **existing** I2P profile you may enter a different "
-"account name here. For example, if your previous I2P installation is at "
-"/home/user/i2p, you may enter 'user' here."
-msgstr "Som standard är I2P inställt för att köras under användaren i2psvc när det körs som tjänst. För att använda ett **existerande** I2P profil, ange en annan användare här. Exempelvis, om din tidigare I2P installation är /home/user/i2p så ange 'user' här."
+"By default I2P is configured to run under the account i2psvc when running as "
+"a daemon. To use an **existing** I2P profile you may enter a different "
+"account name here. For example, if your previous I2P installation is at /"
+"home/user/i2p, you may enter 'user' here."
+msgstr ""
+"Som standard är I2P konfigurerad för att köras under användaren i2psvc när "
+"det körs som tjänst. Om du vill använda en **befintlig** I2P-profil kan du "
+"ange ett annat kontonamn här. Till exempel, om din tidigare I2P-installation "
+"är på /home/user/I2P, kan du ange \"användare\" här."
 
 #. Type: string
@@ -59 +67 @@
 "Very important: If a user other than the default of 'i2psvc' is entered "
 "here, the chosen username *MUST* already exist."
-msgstr "OBS! Viktigt: Om en annan användare än standard 'i2psvc' skrivs in här. *MÅSTE* det användarnamnet redan existera."
+msgstr ""
+"Mycket viktigt: om en annan användare än standard 'i2psvc' anges här, "
+"*MÅSTE* det valda användarnamnet *redan finnas."
 
 #. Type: string
@@ -71 +81 @@
 #: ../i2p.templates:4001
 msgid "By default, I2P will only be allowed to use up to 128MB of RAM."
-msgstr "Som standard kommer I2P bara att använda  up till 128MB RAM."
+msgstr "Som standard får I2P endast använda upp till 128 MB RAM."
 
 #. Type: string
@@ -79 +89 @@
 "High bandwidth routers, as well as routers with a lot of active torrents / "
 "plugins, may need to have this value increased."
-msgstr "För routrar med hög bandbredd eller routrar med hög aktivitet kan detta behöva ökas"
+msgstr ""
+"För routrar med hög bandbredd samt routrar med en hel del aktiva torrenter / "
+"insticksmoduler, kan detta värde behöva ökas."
 
 #. Type: boolean
 #. Description
 #: ../i2p.templates:5001
-msgid "Run I2P daemon confined with AppArmor"
-msgstr "Kör I2P begränsad av AppArmor"
+msgid "Should the I2P daemon be confined with AppArmor?"
+msgstr "Ska I2P-demonen vara begränsad med AppArmor?"
 
 #. Type: boolean
@@ -93 +105 @@
 "With this option enabled I2P will be sandboxed with AppArmor, restricting "
 "which files and directories may be accessed by I2P."
-msgstr "Med det här valet aktiverat kommer I2P att köras i sandlåda med AppArmor, som begränsar vilka filer och mappar som kan kommas åt av I2P."
+msgstr ""
+"Med det här alternativet aktiverat kommer I2P att köras i sandlåda med "
+"AppArmor, som begränsar vilka filer och mappar som kan kommas åt av I2P."

history.txt

@@ +1 @@
+2019-03-27 zzz
+ * NetDB: Cache blinding data for lookups and decryption (proposal #123)
+
+2019-03-23 zzz
+ * Data: Preliminary work on new b32 format (proposal #149)
+ * SelfSignedGenerator:
+   - Fix generation with Ed25519ph keys (ticket #2465)
+   - Increase serial number from 63 to 71 bits
+ * SusiDNS: Add import feature (ticket #2447)
+
 2019-03-22 zzz
  * i2ptunnel: Escape {} in URLs (ticket #2130)

router/java/src/net/i2p/router/NetworkDatabaseFacade.java

@@ -14 +14 @@
 import java.util.Set;
 
+import net.i2p.data.BlindData;
 import net.i2p.data.DatabaseEntry;
 import net.i2p.data.Destination;
 import net.i2p.data.Hash;
 import net.i2p.data.LeaseSet;
+import net.i2p.data.SigningPublicKey;
 import net.i2p.data.router.RouterInfo;
 import net.i2p.router.networkdb.reseed.ReseedChecker;
@@ -162 +164 @@
      */
     public boolean isNegativeCachedForever(Hash key) { return false; }
+    
+    /**
+     *  @param spk unblinded key
+     *  @return BlindData or null
+     *  @since 0.9.40
+     */
+    public BlindData getBlindData(SigningPublicKey spk) {
+        return null;
+    }
+    
+    /**
+     *  @param bd new BlindData to put in the cache
+     *  @since 0.9.40
+     */
+    public void setBlindData(BlindData bd) {}
 }

router/java/src/net/i2p/router/RouterVersion.java

@@ -19 +19 @@
     public final static String ID = "Monotone";
     public final static String VERSION = CoreVersion.VERSION;
-    public final static long BUILD = 1;
+    public final static long BUILD = 2;
 
     /** for example "-test" */

router/java/src/net/i2p/router/client/ClientConnectionRunner.java

@@ -609 +609 @@
      * updated.  This takes care of all the LeaseRequestState stuff (including firing any jobs)
      *
-     * @param ls, if encrypted, the encrypted LS, not the decrypted one
+     * @param ls if encrypted, the encrypted LS, not the decrypted one
      */
     void leaseSetCreated(LeaseSet ls) {

router/java/src/net/i2p/router/client/LookupDestJob.java

@@ -10 +10 @@
 import net.i2p.data.Base32;
 import net.i2p.data.BlindData;
+import net.i2p.data.DatabaseEntry;
 import net.i2p.data.Destination;
+import net.i2p.data.EncryptedLeaseSet;
 import net.i2p.data.Hash;
 import net.i2p.data.LeaseSet;
+import net.i2p.data.SigningPublicKey;
 import net.i2p.data.i2cp.DestReplyMessage;
 import net.i2p.data.i2cp.HostReplyMessage;
@@ -35 +38 @@
     private final SessionId _sessID;
     private final Hash _fromLocalDest;
+    private final BlindData _blindData;
 
     private static final long DEFAULT_TIMEOUT = 15*1000;
@@ -70 +74 @@
         _sessID = sessID;
         _fromLocalDest = fromLocalDest;
+        BlindData bd = null;
         if (name != null && name.length() >= 60) {
             // convert a b32 lookup to a hash lookup
@@ -83 +88 @@
                     } else if (b.length >= 35) {
                         // encrypted LS2
+                        // lookup the blinded hash
                         try {
-                            BlindData bd = Blinding.decode(context, b);
+                            bd = Blinding.decode(context, b);
+                            SigningPublicKey spk = bd.getUnblindedPubKey();
+                            BlindData bd2 = getContext().netDb().getBlindData(spk);
+                            if (bd2 != null) {
+                                bd = bd2;
+                            } else {
+                                getContext().netDb().setBlindData(bd);
+                            }
                             h = bd.getBlindedHash();
                             if (_log.shouldDebug())
@@ -92 +105 @@
                             if (_log.shouldWarn())
                                 _log.debug("Failed blinding conversion of " + name, re);
-                            // lookup as a name, which will probably fail
+                            // Do NOT lookup as a name, naming service will call us again and infinite loop
+                            name = null;
+                            // h and name both null, runJob will fail immediately
                         }
                     }
@@ -100 +115 @@
         _hash = h;
         _name = name;
+        _blindData = bd;
     }
     
@@ -108 +124 @@
 
     public void runJob() {
+        if (_blindData != null) {
+            Destination d = _blindData.getDestination();
+            if (d != null) {
+                if (_log.shouldDebug())
+                    _log.debug("Found cached b33 lookup " + _name + " to " + d);
+                returnDest(d);
+                return;
+            }
+        }
         if (_name != null) {
             // inline, ignore timeout
@@ -120 +145 @@
                 returnFail();
             }
+        } else if (_hash != null) {
+            DoneJob done = new DoneJob(getContext());
+            // TODO tell router this is an encrypted lookup, skip 38 or earlier ffs?
+            getContext().netDb().lookupDestination(_hash, done, _timeout, _fromLocalDest);
         } else {
-            DoneJob done = new DoneJob(getContext());
-            getContext().netDb().lookupDestination(_hash, done, _timeout, _fromLocalDest);
+            // blinding decode fail
+            returnFail();
         }
     }
@@ -133 +162 @@
         public void runJob() {
             Destination dest = getContext().netDb().lookupDestinationLocally(_hash);
+            if (dest == null && _blindData != null) {
+                // TODO store and lookup original hash instead
+                LeaseSet ls = getContext().netDb().lookupLeaseSetLocally(_hash);
+                if (ls != null && ls.getType() == DatabaseEntry.KEY_TYPE_ENCRYPTED_LS2) {
+                    // already decrypted
+                    EncryptedLeaseSet encls = (EncryptedLeaseSet) ls;
+                    LeaseSet decls = encls.getDecryptedLeaseSet();
+                    if (decls != null) {
+                        dest = decls.getDestination();
+                    }
+                }
+            }
             if (dest != null) {
                 if (_log.shouldDebug())
@@ -164 +205 @@
         if (_reqID >= 0)
             msg = new HostReplyMessage(_sessID, HostReplyMessage.RESULT_FAILURE, _reqID);
+        else if (_hash != null)
+            msg = new DestReplyMessage(_hash);
         else
-            msg = new DestReplyMessage(_hash);
+            return; // shouldn't happen
         try {
             _runner.doSend(msg);

router/java/src/net/i2p/router/message/SendMessageDirectJob.java

@@ -77 +77 @@
         if (timeoutMs < 10*1000) {
             if (_log.shouldLog(Log.WARN))
-                _log.warn("Very little time given [" + timeoutMs + "], resetting to 5s", new Exception("stingy caller!"));
+                _log.warn("Very little time given [" + timeoutMs + "], resetting to 10s", new Exception("stingy caller!"));
             _expiration = ctx.clock().now() + 10*1000;
         } else {

router/java/src/net/i2p/router/networkdb/kademlia/KademliaNetworkDatabaseFacade.java

@@ -22 +22 @@
 import net.i2p.crypto.SigAlgo;
 import net.i2p.crypto.SigType;
+import net.i2p.data.BlindData;
 import net.i2p.data.Certificate;
 import net.i2p.data.DatabaseEntry;
@@ -27 +28 @@
 import net.i2p.data.DataHelper;
 import net.i2p.data.Destination;
+import net.i2p.data.EncryptedLeaseSet;
 import net.i2p.data.Hash;
 import net.i2p.data.KeyCertificate;
 import net.i2p.data.LeaseSet;
 import net.i2p.data.LeaseSet2;
+import net.i2p.data.SigningPublicKey;
 import net.i2p.data.i2np.DatabaseLookupMessage;
 import net.i2p.data.i2np.DatabaseStoreMessage;
@@ -74 +77 @@
     private NegativeLookupCache _negativeCache;
     protected final int _networkID;
+    private final BlindCache _blindCache;
 
     /** 
@@ -172 +176 @@
         _activeRequests = new HashMap<Hash, SearchJob>(8);
         _reseedChecker = new ReseedChecker(context);
+        _blindCache = new BlindCache(context);
         context.statManager().createRateStat("netDb.lookupDeferred", "how many lookups are deferred?", "NetworkDatabase", new long[] { 60*60*1000 });
         context.statManager().createRateStat("netDb.exploreKeySet", "how many keys are queued for exploration?", "NetworkDatabase", new long[] { 60*60*1000 });
@@ -247 +252 @@
         _exploreKeys.clear(); // hope this doesn't cause an explosion, it shouldn't.
         // _exploreKeys = null;
-        _negativeCache.clear();
+        if (_negativeCache != null)
+            _negativeCache.clear();
+        _blindCache.shutdown();
     }
     
@@ -258 +265 @@
         _ds.restart();
         _exploreKeys.clear();
+        _blindCache.startup();
 
         _initialized = true;
@@ -288 +296 @@
         _dbDir = dbDir;
         _negativeCache = new NegativeLookupCache(_context);
+        _blindCache.startup();
         
         createHandlers();
@@ -465 +474 @@
     
     /**
+     *  @param spk unblinded key
+     *  @return BlindData or null
+     *  @since 0.9.40
+     */
+    @Override
+    public BlindData getBlindData(SigningPublicKey spk) {
+        return _blindCache.getData(spk);
+    }
+    
+    /**
+     *  @param bd new BlindData to put in the cache
+     *  @since 0.9.40
+     */
+    @Override
+    public void setBlindData(BlindData bd) {
+        if (_log.shouldWarn())
+            _log.warn("Adding to blind cache: " + bd);
+        _blindCache.addToCache(bd);
+    }
+    
+    /**
      *  @return RouterInfo, LeaseSet, or null, validated
      *  @since 0.8.3
@@ -477 +507 @@
         if (DatabaseEntry.isLeaseSet(type)) {
             LeaseSet ls = (LeaseSet)rv;
-            if (ls.isCurrent(Router.CLOCK_FUDGE_FACTOR))
+            if (ls.isCurrent(Router.CLOCK_FUDGE_FACTOR)) {
                 return rv;
-            else
+            } else {
+                key = _blindCache.getHash(key);
                 fail(key);
+            }
         } else if (type == DatabaseEntry.KEY_TYPE_ROUTERINFO) {
             try {
@@ -534 +566 @@
             //if (_log.shouldLog(Log.DEBUG))
             //    _log.debug("leaseSet not found locally, running search");
+            key = _blindCache.getHash(key);
             search(key, onFindJob, onFailedLookupJob, timeoutMs, true, fromLocalDest);
         }
@@ -550 +583 @@
     public void lookupLeaseSetRemotely(Hash key, Hash fromLocalDest) {
         if (!_initialized) return;
+        key = _blindCache.getHash(key);
         search(key, null, null, 20*1000, true, fromLocalDest);
     }
@@ -565 +599 @@
                     return ls;
                 } else {
+                    key = _blindCache.getHash(key);
                     fail(key);
                     // this was an interesting key, so either refetch it or simply explore with it
@@ -600 +635 @@
             _context.jobQueue().addJob(onFinishedJob);
         } else {
+            key = _blindCache.getHash(key);
             search(key, onFinishedJob, onFinishedJob, timeoutMs, true, fromLocalDest);
         }
@@ -893 +929 @@
             throw new IllegalArgumentException("LS Hash collision");
 
+        EncryptedLeaseSet encls = null;
+        if (leaseSet.getType() == DatabaseEntry.KEY_TYPE_ENCRYPTED_LS2) {
+            // set dest or key before validate() calls verifySignature() which
+            // will do the decryption
+            BlindData bd = _blindCache.getReverseData(leaseSet.getSigningKey());
+            if (bd != null) {
+                if (_log.shouldWarn())
+                    _log.warn("Found blind data for encls: " + bd);
+                encls = (EncryptedLeaseSet) leaseSet;
+                Destination dest = bd.getDestination();
+                if (dest != null) {
+                    encls.setDestination(dest);
+                } else {
+                    encls.setSigningKey(bd.getUnblindedPubKey());
+                }
+            } else {
+                if (_log.shouldWarn())
+                    _log.warn("No blind data found for encls: " + encls);
+            }
+        }
+
+
         String err = validate(key, leaseSet);
         if (err != null)
@@ -899 +957 @@
         _ds.put(key, leaseSet);
         
+        if (encls != null) {
+            // we now have decrypted it, store it as well
+            LeaseSet decls = encls.getDecryptedLeaseSet();
+            if (decls != null) {
+                if (_log.shouldWarn())
+                    _log.warn("Successfully decrypted encls: " + decls);
+                // recursion
+                Destination dest = decls.getDestination();
+                store(dest.getHash(), decls);
+                _blindCache.setBlinded(dest);
+            }
+        }
+
         // Iterate through the old failure / success count, copying over the old
         // values (if any tunnels overlap between leaseSets).  no need to be