I2P_Developers/i2p.android.base
3
0
Fork 2
Code Issues 39 Pull Requests Actions 1 Packages Projects Releases Wiki Activity

* Data: Remove duplicate signature verification code

Browse Source 
in RouterInfo and LeaseSet
This commit is contained in:
zzz
2011-06-05 11:18:35 +00:00
parent 8d42ebc2f0
commit 4d34078678
2 changed files with 39 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
core/java/src/net/i2p/data/LeaseSet.java
View File

@ -188,37 +188,28 @@ public class LeaseSet extends DatabaseEntry {
*/ */
@Override @Override
public boolean verifySignature() { public boolean verifySignature() {
if (_signature == null) return false; if (super.verifySignature())
if (_destination == null) return false; return true;
byte data[] = getBytes();
if (data == null) return false; // Revocation unused (see above)
boolean signedByDest = DSAEngine.getInstance().verifySignature(_signature, data, boolean signedByRevoker = DSAEngine.getInstance().verifySignature(_signature, getBytes(), _signingKey);
_destination.getSigningPublicKey()); return signedByRevoker;
boolean signedByRevoker = false;
if (!signedByDest) {
signedByRevoker = DSAEngine.getInstance().verifySignature(_signature, data, _signingKey);
}
return signedByDest || signedByRevoker;
} }
/** /**
* Verify that the signature matches the lease set's destination's signing public key. * Verify that the signature matches the lease set's destination's signing public key.
* OR the specified revocation key. * OR the specified revocation key.
* *
* @deprecated revocation unused
* @return true only if the signature matches * @return true only if the signature matches
*/ */
public boolean verifySignature(SigningPublicKey signingKey) { public boolean verifySignature(SigningPublicKey signingKey) {
if (getSignature() == null) return false; if (super.verifySignature())
if (getDestination() == null) return false; return true;
byte data[] = getBytes();
if (data == null) return false; // Revocation unused (see above)
boolean signedByDest = DSAEngine.getInstance().verifySignature(_signature, data, boolean signedByRevoker = DSAEngine.getInstance().verifySignature(_signature, getBytes(), signingKey);
_destination.getSigningPublicKey()); return signedByRevoker;
boolean signedByRevoker = false;
if (!signedByDest) {
signedByRevoker = DSAEngine.getInstance().verifySignature(_signature, data, signingKey);
}
return signedByDest || signedByRevoker;
} }
/** /**
@ -263,6 +254,9 @@ public class LeaseSet extends DatabaseEntry {
return rv; return rv;
} }
/**
* This does NOT validate the signature
*/
public void readBytes(InputStream in) throws DataFormatException, IOException { public void readBytes(InputStream in) throws DataFormatException, IOException {
_destination = new Destination(); _destination = new Destination();
_destination.readBytes(in); _destination.readBytes(in);
@ -282,6 +276,9 @@ public class LeaseSet extends DatabaseEntry {
_signature.readBytes(in); _signature.readBytes(in);
} }
/**
* This does NOT validate the signature
*/
public void writeBytes(OutputStream out) throws DataFormatException, IOException { public void writeBytes(OutputStream out) throws DataFormatException, IOException {
if ((_destination == null) || (_encryptionKey == null) || (_signingKey == null) || (_leases == null) if ((_destination == null) || (_encryptionKey == null) || (_signingKey == null) || (_leases == null)
|| (_signature == null)) throw new DataFormatException("Not enough data to write out a LeaseSet"); || (_signature == null)) throw new DataFormatException("Not enough data to write out a LeaseSet");

43
core/java/src/net/i2p/data/RouterInfo.java
View File

@ -23,7 +23,6 @@ import java.util.Properties;
import java.util.Set; import java.util.Set;
import java.util.Vector; import java.util.Vector;
import net.i2p.crypto.DSAEngine;
import net.i2p.crypto.SHA256Generator; import net.i2p.crypto.SHA256Generator;
import net.i2p.util.Clock; import net.i2p.util.Clock;
import net.i2p.util.Log; import net.i2p.util.Log;
@ -215,20 +214,13 @@ public class RouterInfo extends DatabaseEntry {
/** /**
* Configure a set of options or statistics that the router can expose * Configure a set of options or statistics that the router can expose
* * @param options if null, clears current options
*/ */
public void setOptions(Properties options) { public void setOptions(Properties options) {
synchronized (_options) { synchronized (_options) {
_options.clear(); _options.clear();
if (options != null) { if (options != null)
for (Iterator iter = options.keySet().iterator(); iter.hasNext();) { _options.putAll(options);
String name = (String) iter.next();
if (name == null) continue;
String val = options.getProperty(name);
if (val == null) continue;
_options.setProperty(name, val);
}
}
} }
resetCache(); resetCache();
} }
@ -307,6 +299,7 @@ public class RouterInfo extends DatabaseEntry {
/** /**
* which network is this routerInfo a part of. configured through the property * which network is this routerInfo a part of. configured through the property
* PROP_NETWORK_ID * PROP_NETWORK_ID
* @return -1 if unknown
*/ */
public int getNetworkId() { public int getNetworkId() {
if (_options == null) return -1; if (_options == null) return -1;
@ -445,37 +438,26 @@ public class RouterInfo extends DatabaseEntry {
*/ */
private synchronized void doValidate() { private synchronized void doValidate() {
_validated = true; _validated = true;
if (getSignature() == null) { _isValid = super.verifySignature();
_log.error("Signature is null");
_isValid = false; if (!_isValid) {
return;
}
byte data[] = null; byte data[] = null;
try { try {
data = getBytes(); data = getBytes();
} catch (DataFormatException dfe) { } catch (DataFormatException dfe) {
_log.error("Error validating", dfe); _log.error("Error validating", dfe);
_isValid = false;
return; return;
} }
if (data == null) {
_log.error("Data could not be loaded");
_isValid = false;
return;
}
_isValid = DSAEngine.getInstance().verifySignature(_signature, data, _identity.getSigningPublicKey());
if (!_isValid) {
if (_log.shouldLog(Log.ERROR)) if (_log.shouldLog(Log.ERROR))
_log.error("Invalid [" + SHA256Generator.getInstance().calculateHash(data).toBase64() _log.error("Invalid [" + SHA256Generator.getInstance().calculateHash(data).toBase64()
+ "] w/ signing key: " + _identity.getSigningPublicKey(), + (_log.shouldLog(Log.WARN) ? ("]\n" + toString()) : ""),
new Exception("Signature failed")); new Exception("Signature failed"));
if (_log.shouldLog(Log.DEBUG)) {
_log.debug("Failed data: \n" + Base64.encode(data));
_log.debug("Signature: " + getSignature());
}
} }
} }
/**
* This does NOT validate the signature
*/
public synchronized void readBytes(InputStream in) throws DataFormatException, IOException { public synchronized void readBytes(InputStream in) throws DataFormatException, IOException {
_identity = new RouterIdentity(); _identity = new RouterIdentity();
_identity.readBytes(in); _identity.readBytes(in);
@ -510,6 +492,9 @@ public class RouterInfo extends DatabaseEntry {
//_log.debug("Read routerInfo: " + toString()); //_log.debug("Read routerInfo: " + toString());
} }
/**
* This does NOT validate the signature
*/
public synchronized void writeBytes(OutputStream out) throws DataFormatException, IOException { public synchronized void writeBytes(OutputStream out) throws DataFormatException, IOException {
if (_identity == null) throw new DataFormatException("Missing identity"); if (_identity == null) throw new DataFormatException("Missing identity");
if (_published < 0) throw new DataFormatException("Invalid published date: " + _published); if (_published < 0) throw new DataFormatException("Invalid published date: " + _published);