Changes in / [6110957:d834c80]


Ignore:
Files:
5 added
1 deleted
23 edited

Legend:

Unmodified
Added
Removed
  • LICENSE.txt

    r6110957 rd834c80  
    3030--------
    3131
    32 Core:
     32Core (i2p.jar):
    3333Public domain except as listed below:
    3434
     
    5757   See licenses/LICENSE-LGPLv2.1.txt
    5858
    59    GMP 4.1.3 / 4.1.4:
    60    Copyright 1991, 1996, 1999, 2000 Free Software Foundation, Inc.
    61    See licenses/LICENSE-LGPLv2.1.txt
    62 
    6359   HashCash code:
    6460   Copyright 2006 Gregory Rubin grrubin@gmail.com
     
    7874
    7975
    80 Router:
     76Router (router.jar):
    8177Public domain except as listed below:
    8278   UPnP.java:
     
    137133
    138134
     135Jbigi Libraries (jbigi.jar):
     136   JNI code public domain.
     137
     138   GMP 4.1.3 / 4.1.4:
     139   Copyright 1991, 1996, 1999, 2000 Free Software Foundation, Inc.
     140   See licenses/LICENSE-LGPLv2.1.txt
     141
     142   GMP 4.3.2 / 5.0.2:
     143   Copyright 1991, 1996, 1999, 2000, 2007 Free Software Foundation, Inc.
     144   See licenses/LICENSE-LGPLv3.txt
     145
    139146
    140147Applications:
     
    146153   BOB:
    147154   Copyright (C) sponge
    148    DWTFYWTPL
     155   See licenses/COPYING-BOB.txt
    149156
    150157   I2PSnark:
  • apps/routerconsole/java/bundle-messages.sh

    r6110957 rd834c80  
    4444ROUTERFILES="\
    4545   ../../../core/java/src/net/i2p/data/DataHelper.java \
     46   ../../../router/java/src/net/i2p/router/Router.java \
    4647   ../../../router/java/src/net/i2p/router/RouterThrottleImpl.java \
    4748   ../../../router/java/src/net/i2p/router/tunnel/pool/BuildHandler.java \
  • apps/routerconsole/java/strings/Strings.java

    r6110957 rd834c80  
    9696        _("itag1");
    9797        _("itag2");
    98 
    99         // Descriptions for the stats that are graphed by default
    100         // There are over 500 stats currently defined, we aren't going to tag them all
    101         _("Low-level bandwidth receive rate");             // bw.recvRate
    102         _("Low-level bandwidth send rate");                // bw.sendRate
    103         _("How many peers we are actively talking with");  // router.activePeers
    104         // router.memoryUsed currently has the max size in the description so it can't be tagged
    105 
    10698    }
    10799}
  • core/c/README

    r6110957 rd834c80  
     1
     2Dynamic library build
     3=====================
     4
    15If you have a libgmp.so installed on your system already
    26(check in /usr/lib), you can build a dynamically linked libjbigi.so as follows:
    37        cd jbigi
    48        build.sh dynamic
    5 The built library is jbigi/lib/libjbigi.so .
     9You do, of course, need the gmp headers installed.
     10On ubuntu, check for libgmp3 and libgmp3-dev packages.
     11This is much easier and faster than building GMP from source.
    612       
    7 Otherwise, prior to building the jbigi library, you will need to fetch the GMP source
    8 from http://www.swox.com/gmp/, saving it to jbigi/gmp-4.2.2.tar.bz2 (it will
    9 be unpacked and built as necessary).
    1013
    11 Version 4.2.2 has not been extensively tested with I2P. If you would like
    12 to use a well-tested version, get gmp-4.1.4.tar.bz2, and edit jbigi/build.sh
    13 to change the version number.
     14Static library build
     15=====================
     16
     17Otherwise, the build script build.sh will download the the GMP source,
     18unpack and build it. The GMP version and download location are configured
     19in jbigi/build.sh, please review it to ensure you download
     20and build the desired version.
    1421
    1522To build the native jbigi and jcpuid libraries for the current host CPU,
    1623simply run sh build.sh and the results will be packaged up into jbigi.jar
    17 and the libjbigi.so library. To test, copy jbigi/lib/libjbigi.so
    18 and jcpuid/lib/freenet/support/CPUInformation/libjcpuid-*.so
    19 to your i2p/ directory. You can also copy jbigi.jar to the i2p/lib/ directory;
    20 it will be used only if the router fails to load the native library.
     24and the libjbigi.so library.
    2125
    2226To build the native jbigi libraries for all supported CPUs (on the current OS),
    2327go into jbigi/ and run build-all.sh (the results will be under jbigi/lib/)
     28
     29
     30Installation and testing
     31========================
     32
     33To test, copy jbigi/lib/libjbigi.so
     34and jcpuid/lib/freenet/support/CPUInformation/libjcpuid-*.so
     35to your i2p installation directory ($I2P). You may also copy jbigi.jar to the $I2P/lib/ directory;
     36it will be used only if the router fails to load the native library
     37from the I2P installation directory.
    2438
    2539The build.sh script runs two speed tests, one with your existing
  • core/c/jbigi/README

    r6110957 rd834c80  
    77TODO: What is jbigi
    88TODO: Document generated folder structure
    9 TODO: Instructions for adding the libraries to a jar
     9
    1010
    1111Linux-specific information:
     
    1919
    2020If the new jbigi is slower, then run 'build.sh' (without the 'dynamic'), which will download
    21 the 4.3.1 libgmp library, build, and test that.
     21the libgmp library, build, and test that.
    2222
    2323
  • core/java/src/net/i2p/crypto/DSAEngine.java

    r6110957 rd834c80  
    3030 */
    3131
     32import java.io.ByteArrayOutputStream;
    3233import java.io.IOException;
    3334import java.io.InputStream;
    3435import java.math.BigInteger;
     36import java.security.GeneralSecurityException;
     37import java.security.KeyFactory;;
    3538import java.security.MessageDigest;
     39import java.security.PrivateKey;
     40import java.security.PublicKey;
     41import java.security.spec.DSAPrivateKeySpec;
     42import java.security.spec.DSAPublicKeySpec;
     43import java.security.spec.KeySpec;
    3644
    3745import net.i2p.I2PAppContext;
     
    4553
    4654/**
     55 *  Sign and verify using DSA-SHA1.
     56 *  Also contains methods to sign and verify using a SHA-256 Hash, used by Syndie only.
     57 *
     58 *  The primary implementation is code from TheCryto.
     59 *  As of 0.8.7, also included is an alternate implementation using java.security libraries, which
     60 *  is slightly slower. This implementation could in the future be easily modified
     61 *  to use a new signing algorithm from java.security when we change the signing algorithm.
     62 *
    4763 *  Params and rv's changed from Hash to SHA1Hash for version 0.8.1
    4864 *  Hash variants of sign() and verifySignature() restored in 0.8.3, required by Syndie.
    4965 */
    5066public class DSAEngine {
    51     private Log _log;
    52     private I2PAppContext _context;
     67    private final Log _log;
     68    private final I2PAppContext _context;
     69
     70    //private static final boolean _isAndroid = System.getProperty("java.vendor").contains("Android");
     71    private static final boolean _useJavaLibs = false;   // = _isAndroid;
    5372
    5473    public DSAEngine(I2PAppContext context) {
     
    5675        _context = context;
    5776    }
     77
    5878    public static DSAEngine getInstance() {
    5979        return I2PAppContext.getGlobalContext().dsa();
    6080    }
     81
     82    /**
     83     *  Verify using DSA-SHA1.
     84     *  Uses TheCrypto code unless configured to use the java.security libraries.
     85     */
    6186    public boolean verifySignature(Signature signature, byte signedData[], SigningPublicKey verifyingKey) {
    62         return verifySignature(signature, signedData, 0, signedData.length, verifyingKey);
    63     }
     87        boolean rv;
     88        if (_useJavaLibs) {
     89            try {
     90                rv = altVerifySigSHA1(signature, signedData, verifyingKey);
     91                if ((!rv) && _log.shouldLog(Log.WARN))
     92                    _log.warn("Lib Verify Fail, sig =\n" + signature + "\npubkey =\n" + verifyingKey);
     93                return rv;
     94            } catch (GeneralSecurityException gse) {
     95                if (_log.shouldLog(Log.WARN))
     96                    _log.warn("Lib Verify Fail, sig =\n" + signature + "\npubkey =\n" + verifyingKey, gse);
     97                // now try TheCrypto
     98            }
     99        }
     100        rv = verifySignature(signature, signedData, 0, signedData.length, verifyingKey);
     101        if ((!rv) && _log.shouldLog(Log.WARN))
     102            _log.warn("TheCrypto Verify Fail, sig =\n" + signature + "\npubkey =\n" + verifyingKey);
     103        return rv;
     104    }
     105
     106    /**
     107     *  Verify using DSA-SHA1
     108     */
    64109    public boolean verifySignature(Signature signature, byte signedData[], int offset, int size, SigningPublicKey verifyingKey) {
    65110        return verifySignature(signature, calculateHash(signedData, offset, size), verifyingKey);
    66111    }
     112
     113    /**
     114     *  Verify using DSA-SHA1
     115     */
    67116    public boolean verifySignature(Signature signature, InputStream in, SigningPublicKey verifyingKey) {
    68117        return verifySignature(signature, calculateHash(in), verifyingKey);
     
    93142            byte rbytes[] = new byte[20];
    94143            byte sbytes[] = new byte[20];
     144            //System.arraycopy(sigbytes, 0, rbytes, 0, 20);
     145            //System.arraycopy(sigbytes, 20, sbytes, 0, 20);
    95146            for (int x = 0; x < 40; x++) {
    96147                if (x < 20) {
     
    100151                }
    101152            }
     153
    102154            BigInteger s = new NativeBigInteger(1, sbytes);
    103155            BigInteger r = new NativeBigInteger(1, rbytes);
     
    107159                w = s.modInverse(CryptoConstants.dsaq);
    108160            } catch (ArithmeticException ae) {
     161                _log.warn("modInverse() error", ae);
    109162                return false;
    110163            }
     
    131184    }
    132185
     186    /**
     187     *  Sign using DSA-SHA1.
     188     *  Uses TheCrypto code unless configured to use the java.security libraries.
     189     */
    133190    public Signature sign(byte data[], SigningPrivateKey signingKey) {
     191        if (_useJavaLibs) {
     192            try {
     193                return altSignSHA1(data, signingKey);
     194            } catch (GeneralSecurityException gse) {
     195                if (_log.shouldLog(Log.WARN))
     196                    _log.warn("Lib Sign Fail, privkey = " + signingKey, gse);
     197                // now try TheCrypto
     198            }
     199        }
    134200        return sign(data, 0, data.length, signingKey);
    135201    }
     202
     203    /**
     204     *  Sign using DSA-SHA1
     205     */
    136206    public Signature sign(byte data[], int offset, int length, SigningPrivateKey signingKey) {
    137207        if ((signingKey == null) || (data == null) || (data.length <= 0)) return null;
     
    140210    }
    141211   
     212    /**
     213     *  Sign using DSA-SHA1.
     214     *  Reads the stream until EOF. Does not close the stream.
     215     */
    142216    public Signature sign(InputStream in, SigningPrivateKey signingKey) {
    143217        if ((signingKey == null) || (in == null) ) return null;
     
    193267       
    194268        if (rbytes.length == 20) {
     269            //System.arraycopy(rbytes, 0, out, 0, 20);
    195270            for (int i = 0; i < 20; i++) {
    196271                out[i] = rbytes[i];
    197272            }
    198273        } else if (rbytes.length == 21) {
     274            //System.arraycopy(rbytes, 1, out, 0, 20);
    199275            for (int i = 0; i < 20; i++) {
    200276                out[i] = rbytes[i + 1];
     
    202278        } else {
    203279            if (_log.shouldLog(Log.DEBUG)) _log.debug("Using short rbytes.length [" + rbytes.length + "]");
     280            //System.arraycopy(rbytes, 0, out, 20 - rbytes.length, rbytes.length);
    204281            for (int i = 0; i < rbytes.length; i++)
    205282                out[i + 20 - rbytes.length] = rbytes[i];
    206283        }
    207284        if (sbytes.length == 20) {
     285            //System.arraycopy(sbytes, 0, out, 20, 20);
    208286            for (int i = 0; i < 20; i++) {
    209287                out[i + 20] = sbytes[i];
    210288            }
    211289        } else if (sbytes.length == 21) {
     290            //System.arraycopy(sbytes, 1, out, 20, 20);
    212291            for (int i = 0; i < 20; i++) {
    213292                out[i + 20] = sbytes[i + 1];
     
    215294        } else {
    216295            if (_log.shouldLog(Log.DEBUG)) _log.debug("Using short sbytes.length [" + sbytes.length + "]");
     296            //System.arraycopy(sbytes, 0, out, 40 - sbytes.length, sbytes.length);
    217297            for (int i = 0; i < sbytes.length; i++)
    218298                out[i + 20 + 20 - sbytes.length] = sbytes[i];
     
    228308    }
    229309   
    230     /** @return hash SHA-1 hash, NOT a SHA-256 hash */
     310    /**
     311     *  Reads the stream until EOF. Does not close the stream.
     312     *
     313     *  @return hash SHA-1 hash, NOT a SHA-256 hash
     314     */
    231315    public SHA1Hash calculateHash(InputStream in) {
    232316        MessageDigest digest = SHA1.getInstance();
     
    253337    }
    254338
     339    /**
     340     *  Alternate to verifySignature() using java.security libraries.
     341     *  @throws GeneralSecurityException if algorithm unvailable or on other errors
     342     *  @since 0.8.7
     343     */
     344    private boolean altVerifySigSHA1(Signature signature, byte[] data, SigningPublicKey verifyingKey) throws GeneralSecurityException {
     345        java.security.Signature jsig = java.security.Signature.getInstance("SHA1withDSA");
     346        KeyFactory keyFact = KeyFactory.getInstance("DSA");
     347        // y p q g
     348        KeySpec spec = new DSAPublicKeySpec(new NativeBigInteger(1, verifyingKey.getData()),
     349                                            CryptoConstants.dsap,
     350                                            CryptoConstants.dsaq,
     351                                            CryptoConstants.dsag);
     352        PublicKey pubKey = keyFact.generatePublic(spec);
     353        jsig.initVerify(pubKey);
     354        jsig.update(data);
     355        boolean rv = jsig.verify(sigBytesToASN1(signature.getData()));
     356        //if (!rv) {
     357        //    System.out.println("BAD SIG\n" + net.i2p.util.HexDump.dump(signature.getData()));
     358        //    System.out.println("BAD SIG\n" + net.i2p.util.HexDump.dump(sigBytesToASN1(signature.getData())));
     359        //}
     360        return rv;
     361    }
     362
     363    /**
     364     *  Alternate to sign() using java.security libraries.
     365     *  @throws GeneralSecurityException if algorithm unvailable or on other errors
     366     *  @since 0.8.7
     367     */
     368    private Signature altSignSHA1(byte[] data, SigningPrivateKey privateKey) throws GeneralSecurityException {
     369        java.security.Signature jsig = java.security.Signature.getInstance("SHA1withDSA");
     370        KeyFactory keyFact = KeyFactory.getInstance("DSA");
     371        // y p q g
     372        KeySpec spec = new DSAPrivateKeySpec(new NativeBigInteger(1, privateKey.getData()),
     373                                            CryptoConstants.dsap,
     374                                            CryptoConstants.dsaq,
     375                                            CryptoConstants.dsag);
     376        PrivateKey privKey = keyFact.generatePrivate(spec);
     377        jsig.initSign(privKey, _context.random());
     378        jsig.update(data);
     379        return new Signature(aSN1ToSigBytes(jsig.sign()));
     380    }
     381
     382    /**
     383     *  http://download.oracle.com/javase/1.5.0/docs/guide/security/CryptoSpec.html
     384     *  Signature Format        ASN.1 sequence of two INTEGER values: r and s, in that order:
     385     *                                SEQUENCE ::= { r INTEGER, s INTEGER }
     386     *
     387     *  http://en.wikipedia.org/wiki/Abstract_Syntax_Notation_One
     388     *  30 -- tag indicating SEQUENCE
     389     *  xx - length in octets
     390     *
     391     *  02 -- tag indicating INTEGER
     392     *  xx - length in octets
     393     *  xxxxxx - value
     394     *
     395     *  Convert to BigInteger and back so we have the minimum length representation, as required.
     396     *  r and s are always non-negative.
     397     *
     398     *  @since 0.8.7
     399     */
     400    private static byte[] sigBytesToASN1(byte[] sig) {
     401        //System.out.println("pre TO asn1\n" + net.i2p.util.HexDump.dump(sig));
     402        ByteArrayOutputStream baos = new ByteArrayOutputStream(48);
     403        baos.write(0x30);
     404        baos.write(0);  // length to be filled in below
     405
     406        byte[] tmp = new byte[20];
     407        baos.write(2);
     408        System.arraycopy(sig, 0, tmp, 0, 20);
     409        BigInteger r = new BigInteger(1, tmp);
     410        byte[] b = r.toByteArray();
     411        baos.write(b.length);
     412        baos.write(b, 0, b.length);
     413
     414        baos.write(2);
     415        System.arraycopy(sig, 20, tmp, 0, 20);
     416        BigInteger s = new BigInteger(1, tmp);
     417        b = s.toByteArray();
     418        baos.write(b.length);
     419        baos.write(b, 0, b.length);
     420        byte[] rv = baos.toByteArray();
     421        rv[1] = (byte) (rv.length - 2);
     422        //System.out.println("post TO asn1\n" + net.i2p.util.HexDump.dump(rv));
     423        return rv;
     424    }
     425
     426    /**
     427     *  See above.
     428     *  @since 0.8.7
     429     */
     430    private static byte[] aSN1ToSigBytes(byte[] asn) {
     431        //System.out.println("pre from asn1\n" + net.i2p.util.HexDump.dump(asn));
     432        byte[] rv = new byte[40];
     433        int rlen = asn[3];
     434        if ((asn[4] & 0x80) != 0)
     435            throw new IllegalArgumentException("R is negative");
     436        if (rlen > 21)
     437            throw new IllegalArgumentException("R too big " + rlen);
     438        else if (rlen == 21) {
     439            System.arraycopy(asn, 5, rv, 0, 20);
     440        } else
     441            System.arraycopy(asn, 4, rv, 20 - rlen, rlen);
     442        int slenloc = 25 + rlen - 20;
     443        int slen = asn[slenloc];
     444        if ((asn[slenloc + 1] & 0x80) != 0)
     445            throw new IllegalArgumentException("S is negative");
     446        if (slen > 21)
     447            throw new IllegalArgumentException("S too big " + slen);
     448        else if (slen == 21) {
     449            System.arraycopy(asn, slenloc + 2, rv, 20, 20);
     450        } else
     451            System.arraycopy(asn, slenloc + 1, rv, 40 - slen, slen);
     452        //System.out.println("post from asn1\n" + net.i2p.util.HexDump.dump(rv));
     453        return rv;
     454    }
     455
     456    private static final int RUNS = 1000;
     457
     458    /**
     459     *  Run consistency and speed tests with both TheCrypto and java.security libraries.
     460     *
     461     *  TheCrypto is about 5-15% faster than java.security.
     462     */
    255463    public static void main(String args[]) {
    256464        I2PAppContext ctx = I2PAppContext.getGlobalContext();
    257         byte data[] = new byte[4096];
     465        byte data[] = new byte[1024];
     466        // warmump
    258467        ctx.random().nextBytes(data);
    259         Object keys[] = ctx.keyGenerator().generateSigningKeypair();
    260468        try {
    261             for (int i = 0; i < 10; i++) {
    262                 Signature sig = ctx.dsa().sign(data, (SigningPrivateKey)keys[1]);
    263                 boolean ok = ctx.dsa().verifySignature(sig, data, (SigningPublicKey)keys[0]);
    264                 System.out.println("OK: " + ok);
    265             }
    266         } catch (Exception e) { e.printStackTrace(); }
    267         ctx.random().saveSeed();
    268     }
     469            Thread.sleep(1000);
     470        } catch (InterruptedException ie) {}
     471        SimpleDataStructure keys[] = null;
     472
     473        System.err.println("100 runs with new data and keys each time");
     474        for (int i = 0; i < 100; i++) {
     475            ctx.random().nextBytes(data);
     476            keys = ctx.keyGenerator().generateSigningKeys();
     477            Signature sig = ctx.dsa().sign(data, (SigningPrivateKey)keys[1]);
     478            Signature jsig = null;
     479            try {
     480                 jsig = ctx.dsa().altSignSHA1(data, (SigningPrivateKey)keys[1]);
     481            } catch (GeneralSecurityException gse) {
     482                gse.printStackTrace();
     483            }
     484            boolean ok = ctx.dsa().verifySignature(jsig, data, (SigningPublicKey)keys[0]);
     485            boolean usok = ctx.dsa().verifySignature(sig, data, (SigningPublicKey)keys[0]);
     486            boolean jok = false;
     487            try {
     488                jok = ctx.dsa().altVerifySigSHA1(sig, data, (SigningPublicKey)keys[0]);
     489            } catch (GeneralSecurityException gse) {
     490                gse.printStackTrace();
     491            }
     492            boolean jjok = false;;
     493            try {
     494                jjok = ctx.dsa().altVerifySigSHA1(jsig, data, (SigningPublicKey)keys[0]);
     495            } catch (GeneralSecurityException gse) {
     496                gse.printStackTrace();
     497            }
     498            System.err.println("TC->TC OK: " + usok + "  JL->TC OK: " + ok + "  TC->JK OK: " + jok + "  JL->JL OK: " + jjok);
     499            if (!(ok && usok && jok && jjok)) {
     500                System.out.println("privkey\n" + net.i2p.util.HexDump.dump(keys[1].getData()));
     501                return;
     502            }
     503        }
     504
     505        System.err.println("Starting speed test");
     506        long start = System.currentTimeMillis();
     507        for (int i = 0; i < RUNS; i++) {
     508            Signature sig = ctx.dsa().sign(data, (SigningPrivateKey)keys[1]);
     509            boolean ok = ctx.dsa().verifySignature(sig, data, (SigningPublicKey)keys[0]);
     510            if (!ok) {
     511                System.err.println("TheCrypto FAIL");
     512                return;
     513            }
     514        }
     515        long time = System.currentTimeMillis() - start;
     516        System.err.println("Time for " + RUNS + " DSA sign/verifies:");
     517        System.err.println("TheCrypto time (ms): " + time);
     518
     519        start = System.currentTimeMillis();
     520        for (int i = 0; i < RUNS; i++) {
     521            boolean ok = false;
     522            try {
     523                Signature jsig = ctx.dsa().altSignSHA1(data, (SigningPrivateKey)keys[1]);
     524                ok = ctx.dsa().altVerifySigSHA1(jsig, data, (SigningPublicKey)keys[0]);
     525            } catch (GeneralSecurityException gse) {
     526                gse.printStackTrace();
     527            }
     528            if (!ok) {
     529                System.err.println("JavaLib FAIL");
     530                return;
     531            }
     532        }
     533        time = System.currentTimeMillis() - start;
     534        System.err.println("JavaLib time (ms): " + time);
     535
     536/****  yes, arraycopy is slower for 20 bytes
     537        start = System.currentTimeMillis();
     538        byte b[] = new byte[20];
     539        for (int i = 0; i < 10000000; i++) {
     540            data[0] = data[i % 256];
     541            System.arraycopy(data, 0, b, 0, 20);
     542        }
     543        time = System.currentTimeMillis() - start;
     544        System.err.println("arraycopy time (ms): " + time);
     545
     546        start = System.currentTimeMillis();
     547        for (int i = 0; i < 10000000; i++) {
     548            data[0] = data[i % 256];
     549            for (int j = 0; j < 20; j++) {
     550                 b[j] = data[j];
     551            }
     552        }
     553        time = System.currentTimeMillis() - start;
     554        System.err.println("loop time (ms): " + time);
     555****/
     556     }
    269557}
  • core/java/src/net/i2p/data/LeaseSet.java

    r6110957 rd834c80  
    189189    @Override
    190190    public boolean verifySignature() {
    191         if (_signature == null) return false;
    192         if (_destination == null) return false;
    193         byte data[] = getBytes();
    194         if (data == null) return false;
    195         boolean signedByDest = DSAEngine.getInstance().verifySignature(_signature, data,
    196                                                                        _destination.getSigningPublicKey());
    197         boolean signedByRevoker = false;
    198         if (!signedByDest) {
    199             signedByRevoker = DSAEngine.getInstance().verifySignature(_signature, data, _signingKey);
    200         }
    201         return signedByDest || signedByRevoker;
     191        if (super.verifySignature())
     192            return true;
     193
     194        // Revocation unused (see above)
     195        boolean signedByRevoker = DSAEngine.getInstance().verifySignature(_signature, getBytes(), _signingKey);
     196        return signedByRevoker;
    202197    }
    203198
     
    206201     * OR the specified revocation key.
    207202     *
     203     * @deprecated revocation unused
    208204     * @return true only if the signature matches
    209205     */
    210206    public boolean verifySignature(SigningPublicKey signingKey) {
    211         if (getSignature() == null) return false;
    212         if (getDestination() == null) return false;
    213         byte data[] = getBytes();
    214         if (data == null) return false;
    215         boolean signedByDest = DSAEngine.getInstance().verifySignature(_signature, data,
    216                                                                        _destination.getSigningPublicKey());
    217         boolean signedByRevoker = false;
    218         if (!signedByDest) {
    219             signedByRevoker = DSAEngine.getInstance().verifySignature(_signature, data, signingKey);
    220         }
    221         return signedByDest || signedByRevoker;
     207        if (super.verifySignature())
     208            return true;
     209
     210        // Revocation unused (see above)
     211        boolean signedByRevoker = DSAEngine.getInstance().verifySignature(_signature, getBytes(), signingKey);
     212        return signedByRevoker;
    222213    }
    223214
     
    264255    }
    265256   
     257    /**
     258     *  This does NOT validate the signature
     259     */
    266260    public void readBytes(InputStream in) throws DataFormatException, IOException {
    267261        _destination = new Destination();
     
    283277    }
    284278   
     279    /**
     280     *  This does NOT validate the signature
     281     */
    285282    public void writeBytes(OutputStream out) throws DataFormatException, IOException {
    286283        if ((_destination == null) || (_encryptionKey == null) || (_signingKey == null) || (_leases == null)
  • core/java/src/net/i2p/data/RouterInfo.java

    r6110957 rd834c80  
    2424import java.util.Vector;
    2525
    26 import net.i2p.crypto.DSAEngine;
    2726import net.i2p.crypto.SHA256Generator;
    2827import net.i2p.util.Clock;
     
    216215    /**
    217216     * Configure a set of options or statistics that the router can expose
    218      *
     217     * @param options if null, clears current options
    219218     */
    220219    public void setOptions(Properties options) {
    221220        synchronized (_options) {
    222221            _options.clear();
    223             if (options != null) {
    224                 for (Iterator iter = options.keySet().iterator(); iter.hasNext();) {
    225                     String name = (String) iter.next();
    226                     if (name == null) continue;
    227                     String val = options.getProperty(name);
    228                     if (val == null) continue;
    229                     _options.setProperty(name, val);
    230                 }
    231             }
     222            if (options != null)
     223                _options.putAll(options);
    232224        }
    233225        resetCache();
     
    308300     * which network is this routerInfo a part of.  configured through the property
    309301     * PROP_NETWORK_ID
     302     * @return -1 if unknown
    310303     */
    311304    public int getNetworkId() {
     
    446439    private synchronized void doValidate() {
    447440        _validated = true;
    448         if (getSignature() == null) {
    449             _log.error("Signature is null");
    450             _isValid = false;
    451             return;
    452         }
    453         byte data[] = null;
    454         try {
    455             data = getBytes();
    456         } catch (DataFormatException dfe) {
    457             _log.error("Error validating", dfe);
    458             _isValid = false;
    459             return;
    460         }
    461         if (data == null) {
    462             _log.error("Data could not be loaded");
    463             _isValid = false;
    464             return;
    465         }
    466         _isValid = DSAEngine.getInstance().verifySignature(_signature, data, _identity.getSigningPublicKey());
     441        _isValid = super.verifySignature();
     442
    467443        if (!_isValid) {
     444            byte data[] = null;
     445            try {
     446                data = getBytes();
     447            } catch (DataFormatException dfe) {
     448                _log.error("Error validating", dfe);
     449                return;
     450            }
    468451            if (_log.shouldLog(Log.ERROR))
    469452                _log.error("Invalid [" + SHA256Generator.getInstance().calculateHash(data).toBase64()
    470                            + "] w/ signing key: " + _identity.getSigningPublicKey(),
     453                           + (_log.shouldLog(Log.WARN) ? ("]\n" + toString()) : ""),
    471454                           new Exception("Signature failed"));
    472             if (_log.shouldLog(Log.DEBUG)) {
    473                 _log.debug("Failed data: \n" + Base64.encode(data));
    474                 _log.debug("Signature: " + getSignature());
    475             }
    476         }
    477     }
    478    
     455        }
     456    }
     457   
     458    /**
     459     *  This does NOT validate the signature
     460     */
    479461    public synchronized void readBytes(InputStream in) throws DataFormatException, IOException {
    480462        _identity = new RouterIdentity();
     
    511493    }
    512494   
     495    /**
     496     *  This does NOT validate the signature
     497     */
    513498    public synchronized void writeBytes(OutputStream out) throws DataFormatException, IOException {
    514499        if (_identity == null) throw new DataFormatException("Missing identity");
  • core/java/src/net/i2p/data/Signature.java

    r6110957 rd834c80  
    1212/**
    1313 * Defines the signature as defined by the I2P data structure spec.
    14  * A signature is a 40byte Integer verifying the authenticity of some data
    15  * using the algorithm defined in the crypto spec.
     14 * A signature is a 40-byte array verifying the authenticity of some data
     15 * using the DSA-SHA1 algorithm.
     16 *
     17 * The signature is the 20-byte R followed by the 20-byte S,
     18 * both are unsigned integers.
    1619 *
    1720 * @author jrandom
     
    1922public class Signature extends SimpleDataStructure {
    2023    public final static int SIGNATURE_BYTES = 40;
     24    /** all zeros */
    2125    public final static byte[] FAKE_SIGNATURE = new byte[SIGNATURE_BYTES];
    22     static {
    23         for (int i = 0; i < SIGNATURE_BYTES; i++)
    24             FAKE_SIGNATURE[i] = 0x00;
    25     }
    2626
    2727    public Signature() {
  • core/java/src/net/i2p/util/NativeBigInteger.java

    r6110957 rd834c80  
    181181                // log?
    182182            }
    183             if (_isFreebsd)
    184                 // athlon64 not available for freebsd
    185                 return JBIGI_OPTIMIZATION_ATHLON;
    186183            return JBIGI_OPTIMIZATION_ATHLON64;
    187184        }
     
    615612            if (primary.equals(JBIGI_OPTIMIZATION_ATOM))
    616613                rv.add(_libPrefix + getMiddleName1() + JBIGI_OPTIMIZATION_PENTIUM3 + _libSuffix);
     614            // athlon is always a fallback for 64 bit, we have it for all architectures
     615            // and it should be much better than "none"
     616            if (_is64)
     617                rv.add(_libPrefix + getMiddleName1() + JBIGI_OPTIMIZATION_ATHLON + _libSuffix);
    617618
    618619        } else {
  • installer/lib/jbigi/README.txt

    r6110957 rd834c80  
     1NOTE: This file may not be maintained.
     2See history.txt, checkin comments, javadoc, and code in
     3NativeBigInteger.java and CPUID.java for additional information.
     4See NativeBigInteger.java for naming rules and algorithms for
     5generating an ordered list of names to load.
     6
     7================================
     8
    19jbigi.jar was built by jrandom on Aug 21, 2004 with the jbigi and jcpuid
    210native libraries compiled on linux, winXP (w/ MinGW), and freebsd (4.8). 
     
    2432as it should offer amd64 users better performance than jbigi-win-none.dll
    2533until we get a full amd64 build.
     34
     35================================
     36
     37Updates May/June 2011:
     38  jcpuid:
     39   - jcpuid.c updated to be compatible with -fPIC
     40   - 32 bit libjcpuid-linux-x86.so updated, compiled with -fPIC.
     41   - 64 bit libjcpuid-linux-x86_64.so added, compiled with -fPIC.
     42   - See also javadoc and code in CPUID.java
     43  jbigi:
     44   - k62 and k63 are identical for all except windows; exception added to
     45     NativeBigInteger to use k62 for k63. k63 files deleted.
     46   - All 32 bit linux files updated with GMP 4.3.2, compiled with -fPIC,
     47     except for athlon64 and pentium4, which use GMP 5.0.2.
     48   - All 64 bit linux files updated with GMP 5.0.2.
     49   - libjbigi-windows-athlon64.dll deleted, it was a duplicate of
     50     libjbigi-windows-athlon.dll. NativeBigInteger now uses athlon as
     51     a fallback for all 64-bit processors.
     52   - Note that all new 64 bit files will use the _64 suffix. For example,
     53     the old libjbigi-linux-athlon64.so file was 64 bit; now it is 32 bit
     54     and the 64 bit file is libjbigi-linux-athlon64_64.so.
     55   - The 4.3.2 files are half the size of the 5.0.2 files, and there was
     56     little or no performance difference for 32 bit, so we are using
     57     4.3.2 for 32 bit. For 64-bit processors, both performance testing and
     58     the GMP changelog led us to use 5.0.2 for both the 32- and 64-bit versions.
     59   - See also checkin comments, javadoc and code in NativeBigInteger.java
  • router/java/src/net/i2p/router/Router.java

    r6110957 rd834c80  
    14221422    }
    14231423   
     1424    /**
     1425     *  Mark a string for extraction by xgettext and translation.
     1426     *  Use this only in static initializers.
     1427     *  It does not translate!
     1428     *  @return s
     1429     *  @since 0.8.7
     1430     */
     1431    private static final String _x(String s) {
     1432        return s;
     1433    }
     1434
    14241435/* following classes are now private static inner classes, didn't bother to reindent */
    14251436
     
    14361447    public CoalesceStatsEvent(RouterContext ctx) {
    14371448        _ctx = ctx;
    1438         ctx.statManager().createRequiredRateStat("bw.receiveBps", "Message receive rate (Bytes/sec)", "Bandwidth", new long[] { 60*1000, 5*60*1000, 60*60*1000 });
    1439         // used in the router watchdog
    1440         ctx.statManager().createRequiredRateStat("bw.sendBps", "Message send rate (Bytes/sec)", "Bandwidth", new long[] { 60*1000, 5*60*1000, 60*60*1000 });
    1441         ctx.statManager().createRequiredRateStat("bw.sendRate", "Low-level send rate (Bytes/sec)", "Bandwidth", new long[] { 60*1000l, 5*60*1000l, 10*60*1000l, 60*60*1000l });
    1442         ctx.statManager().createRequiredRateStat("bw.recvRate", "Low-level receive rate (Bytes/sec)", "Bandwidth", new long[] { 60*1000l, 5*60*1000l, 10*60*1000l, 60*60*1000l });
    1443         ctx.statManager().createRequiredRateStat("router.activePeers", "How many peers we are actively talking with", "Throttle", new long[] { 60*1000, 5*60*1000, 60*60*1000 });
     1449        // NOTE TO TRANSLATORS - each of these phrases is a description for a statistic
     1450        // to be displayed on /stats.jsp and in the graphs on /graphs.jsp.
     1451        // Please keep relatively short so it will fit on the graphs.
     1452        ctx.statManager().createRequiredRateStat("bw.receiveBps", _x("Message receive rate (bytes/sec)"), "Bandwidth", new long[] { 60*1000, 5*60*1000, 60*60*1000 });
     1453        ctx.statManager().createRequiredRateStat("bw.sendBps", _x("Message send rate (bytes/sec)"), "Bandwidth", new long[] { 60*1000, 5*60*1000, 60*60*1000 });
     1454        ctx.statManager().createRequiredRateStat("bw.sendRate", _x("Low-level send rate (bytes/sec)"), "Bandwidth", new long[] { 60*1000l, 5*60*1000l, 10*60*1000l, 60*60*1000l });
     1455        ctx.statManager().createRequiredRateStat("bw.recvRate", _x("Low-level receive rate (bytes/sec)"), "Bandwidth", new long[] { 60*1000l, 5*60*1000l, 10*60*1000l, 60*60*1000l });
     1456        ctx.statManager().createRequiredRateStat("router.activePeers", _x("How many peers we are actively talking with"), "Throttle", new long[] { 60*1000, 5*60*1000, 60*60*1000 });
    14441457        ctx.statManager().createRateStat("router.activeSendPeers", "How many peers we've sent to this minute", "Throttle", new long[] { 60*1000, 5*60*1000, 60*60*1000 });
    14451458        ctx.statManager().createRateStat("router.highCapacityPeers", "How many high capacity peers we know", "Throttle", new long[] { 5*60*1000, 60*60*1000 });
    1446         ctx.statManager().createRequiredRateStat("router.fastPeers", "Known fast peers", "Throttle", new long[] { 5*60*1000, 60*60*1000 });
     1459        ctx.statManager().createRequiredRateStat("router.fastPeers", _x("Known fast peers"), "Throttle", new long[] { 5*60*1000, 60*60*1000 });
    14471460        _maxMemory = Runtime.getRuntime().maxMemory();
    14481461        String legend = "(Bytes)";
    14491462        if (_maxMemory < Long.MAX_VALUE)
    14501463            legend += " Max is " + DataHelper.formatSize(_maxMemory) + 'B';
     1464        // router.memoryUsed currently has the max size in the description so it can't be tagged
    14511465        ctx.statManager().createRequiredRateStat("router.memoryUsed", legend, "Router", new long[] { 60*1000 });
    14521466    }
Note: See TracChangeset for help on using the changeset viewer.