Changeset 82eea0a for core/java


Ignore:
Timestamp:
Mar 27, 2019 12:51:10 PM (16 months ago)
Author:
zzz <zzz@…>
Branches:
master
Children:
ea127d3
Parents:
14492d72
Message:

NetDB: Cache blinding data for lookups and decryption (proposal #123)

Location:
core/java/src/net/i2p/data
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • core/java/src/net/i2p/data/BlindData.java

    r14492d72 r82eea0a  
    2626
    2727    /**
     28     *  @param secret may be null or zero-length
    2829     *  @throws IllegalArgumentException on various errors
    2930     */
     
    3435
    3536    /**
     37     *  @param secret may be null or zero-length
    3638     *  @throws IllegalArgumentException on various errors
    3739     */
     
    4850
    4951    /**
    50      *  @return The blinded key for the current day
     52     *  @return The unblinded SPK, non-null
     53     */
     54    public SigningPublicKey getUnblindedPubKey() {
     55        return _clearSPK;
     56    }
     57
     58    /**
     59     *  @return The blinded key for the current day, non-null
    5160     */
    5261    public synchronized SigningPublicKey getBlindedPubKey() {
    5362        calculate();
    5463        return _blindSPK;
     64    }
     65
     66    /**
     67     *  @return The hash of the destination if known, or null
     68     */
     69    public synchronized Hash getDestHash() {
     70        return _dest != null ? _dest.getHash() : null;
    5571    }
    5672
     
    128144        _blindHash = _context.sha().calculateHash(hashData);
    129145    }
     146   
     147    @Override
     148    public synchronized String toString() {
     149        calculate();
     150        StringBuilder buf = new StringBuilder(256);
     151        buf.append("[BlindData: ");
     152        buf.append("\n\tSigningPublicKey: ").append(_clearSPK);
     153        buf.append("\n\tAlpha           : ").append(_alpha);
     154        buf.append("\n\tBlindedPublicKey: ").append(_blindSPK);
     155        buf.append("\n\tBlinded Hash    : ").append(_blindHash);
     156        buf.append("\n\tSecret: ").append(_secret);
     157        if (_dest != null)
     158            buf.append("\n\tDestination: ").append(_dest);
     159        if (_dest != null)
     160            buf.append("\n\tDestination: unknown");
     161        buf.append(']');
     162        return buf.toString();
     163    }
    130164}
  • core/java/src/net/i2p/data/EncryptedLeaseSet.java

    r14492d72 r82eea0a  
    3434    private Hash __calculatedHash;
    3535    private SigningPrivateKey _alpha;
     36    // to decrypt with if we don't have full dest
     37    private SigningPublicKey _unblindedSPK;
    3638    private String _secret;
    3739    private final Log _log;
     
    121123        }
    122124        SigningPublicKey spk = dest.getSigningPublicKey();
     125        setSigningKey(spk);
     126    }
     127
     128    /**
     129     * Overridden to set the blinded key
     130     *
     131     * @param spk unblinded key non-null, must be EdDSA_SHA512_Ed25519 or RedDSA_SHA512_Ed25519
     132     * @throws IllegalStateException if already signed
     133     * @throws IllegalArgumentException if not EdDSA
     134     * @since 0.9.40
     135     */
     136    @Override
     137    public void setSigningKey(SigningPublicKey spk) {
     138        // TODO already-set checks
    123139        SigType type = spk.getType();
    124140        if (type != SigType.EdDSA_SHA512_Ed25519 &&
    125141            type != SigType.RedDSA_SHA512_Ed25519)
    126142            throw new IllegalArgumentException();
    127         SigningPublicKey bpk = blind();
     143        if (_unblindedSPK != null) {
     144            if (!_unblindedSPK.equals(spk))
     145                throw new IllegalArgumentException("unblinded pubkey mismatch");
     146        } else {
     147            _unblindedSPK = spk;
     148        }
     149        SigningPublicKey bpk = blind(spk);
    128150        if (_signingKey == null)
    129151            _signingKey = bpk;
     
    140162     * @since 0.9.39
    141163     */
    142     private SigningPublicKey blind() {
    143         SigningPublicKey spk = _destination.getSigningPublicKey();
     164    private SigningPublicKey blind(SigningPublicKey spk) {
    144165        I2PAppContext ctx = I2PAppContext.getGlobalContext();
    145166        if (_published <= 0)
    146             _alpha = Blinding.generateAlpha(ctx, _destination.getSigningPublicKey(), _secret);
     167            _alpha = Blinding.generateAlpha(ctx, spk, _secret);
    147168        else
    148             _alpha = Blinding.generateAlpha(ctx, _destination.getSigningPublicKey(), _secret, _published);
     169            _alpha = Blinding.generateAlpha(ctx, spk, _secret, _published);
    149170        SigningPublicKey rv = Blinding.blind(spk, _alpha);
    150171        if (_log.shouldDebug())
     
    477498     */
    478499    private byte[] getSubcredential(I2PAppContext ctx) {
    479         if (_destination == null)
    480             throw new IllegalStateException("no known destination to decrypt with");
    481         SigningPublicKey destspk = _destination.getSigningPublicKey();
    482         int spklen = destspk.length();
     500        if (_unblindedSPK == null)
     501            throw new IllegalStateException("no known SPK to decrypt with");
     502        int spklen = _unblindedSPK.length();
    483503        byte[] in = new byte[spklen + 4];
    484504        // SHA256("credential" || spk || sigtypein || sigtypeout)
    485         System.arraycopy(destspk.getData(), 0, in, 0, spklen);
    486         DataHelper.toLong(in, spklen, 2, destspk.getType().getCode());
     505        System.arraycopy(_unblindedSPK.getData(), 0, in, 0, spklen);
     506        DataHelper.toLong(in, spklen, 2, _unblindedSPK.getType().getCode());
    487507        DataHelper.toLong(in, spklen + 2, 2, SigType.RedDSA_SHA512_Ed25519.getCode());
    488508        byte[] credential = hash(ctx, CREDENTIAL, in);
     
    573593        }
    574594        _log.info("ELS2 outer sig verify success");
    575         if (_destination == null) {
    576             _log.warn("ELS2 no dest to decrypt with");
     595        if (_unblindedSPK == null) {
     596            if (_log.shouldWarn())
     597                _log.warn("ELS2 no dest/SPK to decrypt with", new Exception("I did it"));
    577598            return true;
    578599        }
Note: See TracChangeset for help on using the changeset viewer.