Changeset 71f7c71 for core


Ignore:
Timestamp:
Oct 21, 2016 6:21:12 PM (4 years ago)
Author:
zzz <zzz@…>
Branches:
master
Children:
b6521ed
Parents:
f5f411b6
Message:

NetDB: Disallow RSA for RI or LS

File:
1 edited

Legend:

Unmodified
Added
Removed
  • core/java/src/net/i2p/data/DatabaseEntry.java

    rf5f411b6 r71f7c71  
    1414import net.i2p.I2PAppContext;
    1515import net.i2p.crypto.DSAEngine;
     16import net.i2p.crypto.SigAlgo;
     17import net.i2p.crypto.SigType;
    1618
    1719/**
     
    207209            return false;
    208210        // if the data is non-null the SPK will be non-null
    209         return DSAEngine.getInstance().verifySignature(_signature, data, getSigningPublicKey());
     211        SigningPublicKey spk = getSigningPublicKey();
     212        SigType type = spk.getType();
     213        // As of 0.9.28, disallow RSA as it's so slow it could be
     214        // used as a DoS
     215        if (type == null || type.getBaseAlgorithm() == SigAlgo.RSA)
     216            return false;
     217        return DSAEngine.getInstance().verifySignature(_signature, data, spk);
    210218    }
    211219}
Note: See TracChangeset for help on using the changeset viewer.