Changeset a8bacd8 for core/java


Ignore:
Timestamp:
Nov 27, 2018 12:34:41 PM (20 months ago)
Author:
zzz <zzz@…>
Branches:
master
Children:
cc4da1b
Parents:
b93be8b
Message:

Data: Change LS2 sign/verify to match proposal changes

File:
1 edited

Legend:

Unmodified
Added
Removed
  • core/java/src/net/i2p/data/LeaseSet2.java

    rb93be8b ra8bacd8  
    339339
    340340    /**
     341     * Sign the structure using the supplied signing key.
     342     * Overridden because LS2 sigs cover the type byte.
     343     *
     344     * @throws IllegalStateException if already signed
     345     */
     346    @Override
     347    public void sign(SigningPrivateKey key) throws DataFormatException {
     348        if (_signature != null)
     349            throw new IllegalStateException();
     350        if (key == null)
     351            throw new DataFormatException("No signing key");
     352        int len = size();
     353        ByteArrayOutputStream out = new ByteArrayOutputStream(1 + len);
     354        try {
     355            // unlike LS1, sig covers type
     356            out.write(getType());
     357            writeBytesWithoutSig(out);
     358        } catch (IOException ioe) {
     359            throw new DataFormatException("Signature failed", ioe);
     360        }
     361        byte data[] = out.toByteArray();
     362        // now sign with the key
     363        _signature = DSAEngine.getInstance().sign(data, key);
     364        if (_signature == null)
     365            throw new DataFormatException("Signature failed with " + key.getType() + " key");
     366    }
     367
     368    /**
    341369     * Verify with the SPK in the dest for online sigs.
    342370     * Verify with the SPK in the offline sig section for offline sigs.
     
    345373    @Override
    346374    public boolean verifySignature() {
    347         if (!isOffline())
    348             return super.verifySignature();
    349375        if (_signature == null)
    350376            return false;
     
    353379        if (type == null || type.getBaseAlgorithm() == SigAlgo.RSA)
    354380            return false;
    355         // verify offline block
    356         if (!verifyOfflineSignature())
    357             return false;
    358         // verify LS2 using offline block's SPK
    359         // Disallow RSA as it's so slow it could be used as a DoS
    360         type = _transientSigningPublicKey.getType();
    361         if (type == null || type.getBaseAlgorithm() == SigAlgo.RSA)
    362             return false;
    363         byte data[] = getBytes();
    364         if (data == null)
    365             return false;
    366         return DSAEngine.getInstance().verifySignature(_signature, data, _transientSigningPublicKey);
     381        SigningPublicKey spk;
     382        if (isOffline()) {
     383            // verify LS2 using offline block's SPK
     384            // Disallow RSA as it's so slow it could be used as a DoS
     385            type = _transientSigningPublicKey.getType();
     386            if (type == null || type.getBaseAlgorithm() == SigAlgo.RSA)
     387                return false;
     388            if (!verifyOfflineSignature())
     389                return false;
     390            spk = _transientSigningPublicKey;
     391        } else {
     392            spk = getSigningPublicKey();
     393        }
     394        int len = size();
     395        ByteArrayOutputStream out = new ByteArrayOutputStream(1 + len);
     396        try {
     397            // unlike LS1, sig covers type
     398            out.write(getType());
     399            writeBytesWithoutSig(out);
     400        } catch (IOException ioe) {
     401            ioe.printStackTrace();
     402            return false;
     403        } catch (DataFormatException dfe) {
     404            dfe.printStackTrace();
     405            return false;
     406        }
     407        byte data[] = out.toByteArray();
     408        return DSAEngine.getInstance().verifySignature(_signature, data, spk);
    367409    }
    368410   
Note: See TracChangeset for help on using the changeset viewer.