Changeset 7d4acb62
- Timestamp:
- Apr 10, 2019 7:52:03 PM (2 years ago)
- Branches:
- master
- Children:
- 9a72c4b
- Parents:
- cddace2
- Files:
-
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
apps/i2ptunnel/java/src/net/i2p/i2ptunnel/web/IndexBean.java
rcddace2 r7d4acb62 20 20 import net.i2p.app.ClientAppManager; 21 21 import net.i2p.app.Outproxy; 22 import net.i2p.crypto.Blinding; 22 23 import net.i2p.data.Certificate; 23 24 import net.i2p.data.DataHelper; … … 553 554 return ""; 554 555 } 556 557 /** 558 * Works even if tunnel is not running. 559 * @return "{56 chars}.b32.i2p" or "" if not blinded 560 * @since 0.9.40 561 */ 562 public String getEncryptedBase32(int tunnel) { 563 Destination d = getDestination(tunnel); 564 if (d != null) { 565 int mode = _helper.getEncryptMode(tunnel); 566 if (mode > 1) { 567 try { 568 String secret = _helper.getBlindedPassword(tunnel); 569 boolean requireSecret = secret != null && secret.length() > 0; 570 return Blinding.encode(_context, d.getSigningPublicKey(), requireSecret, false); 571 } catch (RuntimeException re) {} 572 } 573 } 574 return ""; 575 } 555 576 556 577 /** -
apps/i2ptunnel/jsp/editServer.jsi
rcddace2 r7d4acb62 506 506 if (curSigType == 7 || curSigType == 11) { 507 507 %> 508 <span class="multiOption"><label title="<%=intl._t("Prevents s noopingby floodfills")%>"><input value="2" type="radio" name="encryptMode"<%=(curEncryptMode.equals("2") ? " checked=\"checked\"" : "")%> class="tickbox" />508 <span class="multiOption"><label title="<%=intl._t("Prevents server discovery by floodfills")%>"><input value="2" type="radio" name="encryptMode"<%=(curEncryptMode.equals("2") ? " checked=\"checked\"" : "")%> class="tickbox" /> 509 509 <%=intl._t("Blinded")%></label></span> 510 510 <span class="multiOption"><label title="<%=intl._t("Only clients with the password will be able to connect")%>"><input value="3" type="radio" name="encryptMode"<%=(curEncryptMode.equals("3") ? " checked=\"checked\"" : "")%> class="tickbox" /> 511 <%=intl._t("Blinded with password")%></label></span>511 <%=intl._t("Blinded with lookup password")%></label></span> 512 512 <% 513 513 if (editBean.isAdvanced()) { … … 517 517 <%=intl._t("Blinded with shared key")%></label></span> 518 518 <span class="multiOption"><label title="<%=intl._t("Only clients with the password and key will be able to connect")%>"><input value="5" type="radio" name="encryptMode"<%=(curEncryptMode.equals("5") ? " checked=\"checked\"" : "")%> class="tickbox" /> 519 <%=intl._t("Blinded with shared key and password")%></label></span>519 <%=intl._t("Blinded with lookup password and shared key")%></label></span> 520 520 <span class="multiOption"><label title="<%=intl._t("Only clients with the encryption key will be able to connect")%>"><input value="6" type="radio" name="encryptMode"<%=(curEncryptMode.equals("6") ? " checked=\"checked\"" : "")%> class="tickbox" /> 521 521 <%=intl._t("Blinded with per-user key")%></label></span> 522 522 <span class="multiOption"><label title="<%=intl._t("Only clients with the password and key will be able to connect")%>"><input value="7" type="radio" name="encryptMode"<%=(curEncryptMode.equals("7") ? " checked=\"checked\"" : "")%> class="tickbox" /> 523 <%=intl._t("Blinded with sharedpassword and per-user key")%></label></span>523 <%=intl._t("Blinded with lookup password and per-user key")%></label></span> 524 524 <% 525 525 } // isAdvanced() … … 554 554 <tr> 555 555 <td> 556 <b><%=intl._t(" Blinded Password")%>:</b>556 <b><%=intl._t("Optional lookup password")%>:</b> 557 557 <input type="password" name="nofilter_blindedPassword" title="<%=intl._t("Set password required to access this service")%>" value="<%=editBean.getBlindedPassword(curTunnel)%>" class="freetext password" /> 558 558 </td><td> </td> -
apps/i2ptunnel/jsp/index.jsp
rcddace2 r7d4acb62 198 198 </tr> 199 199 200 <% 201 String encName = indexBean.getEncryptedBase32(curServer); 202 if (encName != null && encName.length() > 0) { 203 %> 204 <tr> 205 <td class="tunnelDestination" colspan="6"> 206 <span class="tunnelDestinationLabel"><b><%=intl._t("Encrypted")%>:</b></span> 207 <%=encName%> 208 </td> 209 </tr> 210 <% 211 } // encName 212 %> 213 200 214 <tr> 201 215 <td class="tunnelDescription" colspan="6"> 202 <span class="tunnelDes criptionLabel"><b>Description:</b></span>216 <span class="tunnelDestinationLabel"><b><%=intl._t("Description")%>:</b></span> 203 217 <%=indexBean.getTunnelDescription(curServer)%> 204 218 </td> … … 206 220 207 221 <% 208 } 222 } // for loop 209 223 %> 210 224 -
core/java/src/net/i2p/crypto/Blinding.java
rcddace2 r7d4acb62 33 33 private static final String INFO = "i2pblinding1"; 34 34 private static final byte[] INFO_ALPHA = DataHelper.getASCII("I2PGenerateAlpha"); 35 36 private static final byte FLAG_TWOBYTE = 0x01; 37 private static final byte FLAG_SECRET = 0x02; 38 private static final byte FLAG_AUTH = 0x04; 35 39 36 40 // following copied from RouterKeyGenerator … … 234 238 if ((flag & 0xf8) != 0) 235 239 throw new IllegalArgumentException("Corrupt b32 or unsupported options"); 236 if ((flag & 0x01) != 0)240 if ((flag & FLAG_TWOBYTE) != 0) 237 241 throw new IllegalArgumentException("Two byte sig types unsupported"); 238 if ((flag & 0x04) != 0)242 if ((flag & FLAG_AUTH) != 0) 239 243 throw new IllegalArgumentException("Per-client auth unsupported"); 240 244 // TODO two-byte sigtypes … … 259 263 SigningPublicKey spk = new SigningPublicKey(sigt1, spkData); 260 264 String secret; 261 if ((flag & 0x02) != 0) { 262 if (4 + spkLen > b.length) 263 throw new IllegalArgumentException("No secret data"); 264 int secLen = b[3 + spkLen] & 0xff; 265 if (4 + spkLen + secLen != b.length) 266 throw new IllegalArgumentException("Bad b32 length"); 267 secret = DataHelper.getUTF8(b, 4 + spkLen, secLen); 265 if ((flag & FLAG_SECRET) != 0) { 266 if (4 + spkLen > b.length) { 267 //throw new IllegalArgumentException("No secret data"); 268 secret = null; 269 } else { 270 int secLen = b[3 + spkLen] & 0xff; 271 if (4 + spkLen + secLen != b.length) 272 throw new IllegalArgumentException("Bad b32 length"); 273 secret = DataHelper.getUTF8(b, 4 + spkLen, secLen); 274 } 268 275 } else if (3 + spkLen != b.length) { 269 276 throw new IllegalArgumentException("b32 too long"); … … 279 286 * PRELIMINARY - Subject to change - see proposal 149 280 287 * 288 * @return (56 chars).b32.i2p 289 * @throws IllegalArgumentException on bad inputs 290 * @throws UnsupportedOperationException unless supported SigTypes 291 * @since 0.9.40 292 */ 293 public static String encode(I2PAppContext ctx, SigningPublicKey key) throws RuntimeException { 294 return encode(ctx, key, false, false, null); 295 } 296 297 /** 298 * Encode a public key as a new-format b32 address. 299 * PRELIMINARY - Subject to change - see proposal 149 300 * 301 * @return (56 chars).b32.i2p 302 * @throws IllegalArgumentException on bad inputs 303 * @throws UnsupportedOperationException unless supported SigTypes 304 * @since 0.9.40 305 */ 306 public static String encode(I2PAppContext ctx, SigningPublicKey key, 307 boolean requireSecret, boolean requireAuth) throws RuntimeException { 308 return encode(ctx, key, requireSecret, requireAuth, null); 309 } 310 311 /** 312 * Encode a public key as a new-format b32 address. 313 * PRELIMINARY - Subject to change - see proposal 149 314 * 281 315 * @param secret may be empty or null 282 316 * @return (56+ chars).b32.i2p … … 285 319 * @since 0.9.40 286 320 */ 287 public static String encode(I2PAppContext ctx, SigningPublicKey key, String secret) throws RuntimeException { 321 public static String encode(I2PAppContext ctx, SigningPublicKey key, 322 boolean requireSecret, boolean requireAuth, 323 String secret) throws RuntimeException { 288 324 SigType type = key.getType(); 289 325 if (type != TYPE && type != TYPER) … … 304 340 long check = crc.getValue(); 305 341 // TODO two-byte sigtypes 306 if (slen > 0) 307 b[0] = 0x02; 342 if (slen > 0 || requireSecret) 343 b[0] = FLAG_SECRET; 344 if (requireAuth) 345 b[0] |= FLAG_AUTH; 308 346 b[1] = (byte) (type.getCode() & 0xff); 309 347 b[2] = (byte) (TYPER.getCode() & 0xff);
Note: See TracChangeset
for help on using the changeset viewer.