Resolve conflict in certificate.go

lib/common/certificate/certificate.go

@@ -3,6 +3,7 @@
 package certificate
 
 import (
+	"encoding/binary"
 	"errors"
 	"fmt"
 
@@ -281,3 +282,14 @@ func NewCertificateWithType(certType uint8, payload []byte) (*Certificate, error
 
 	return cert, nil
 }
+
+func GetSignatureTypeFromCertificate(cert Certificate) (int, error) {
+	if cert.Type() != CERT_KEY {
+		return 0, fmt.Errorf("unexpected certificate type: %d", cert.Type)
+	}
+	if len(cert.payload) < 2 {
+		return 0, fmt.Errorf("certificate payload too short to contain signature type")
+	}
+	sigType := int(binary.BigEndian.Uint16(cert.payload[0:2]))
+	return sigType, nil
+}

lib/common/data/string.go

@@ -134,6 +134,11 @@ func ToI2PString(data string) (str I2PString, err error) {
 // The remaining bytes after the specified length are also returned.
 // Returns a list of errors that occurred during parsing.
 func ReadI2PString(data []byte) (str I2PString, remainder []byte, err error) {
+	if len(data) == 0 {
+		err = errors.New("data slice is empty")
+		log.WithError(err).Error("Passed data with len == 0")
+		return
+	}
 	log.WithFields(logrus.Fields{
 		"input_length": len(data),
 	}).Debug("Reading I2PString from bytes")
@@ -143,6 +148,11 @@ func ReadI2PString(data []byte) (str I2PString, remainder []byte, err error) {
 		return
 	}
 	data_len := length.Int() + 1
+	if data_len > len(data) {
+		err = fmt.Errorf("I2PString length %d exceeds available data %d", data_len-1, len(data)-1)
+		log.WithError(err).Error("Failed to read I2PString")
+		return
+	}
 	str = data[:data_len]
 	remainder = data[data_len:]
 	l, err := str.Length()

lib/common/keys_and_cert/keys_and_cert.go

@@ -85,10 +85,10 @@ type KeysAndCert struct {
 
 // Bytes returns the entire keyCertificate in []byte form, trims payload to specified length.
 func (keys_and_cert KeysAndCert) Bytes() []byte {
-	bytes := keys_and_cert.keyCertificate.Bytes()
-	bytes = append(bytes, keys_and_cert.publicKey.Bytes()...)
+	bytes := keys_and_cert.publicKey.Bytes()
 	bytes = append(bytes, keys_and_cert.Padding...)
 	bytes = append(bytes, keys_and_cert.signingPublicKey.Bytes()...)
+	bytes = append(bytes, keys_and_cert.keyCertificate.Bytes()...)
 	log.WithFields(logrus.Fields{
 		"bytes_length":         len(bytes),
 		"pk_bytes_length":      len(keys_and_cert.publicKey.Bytes()),

lib/common/router_address/router_address.go

@@ -154,14 +154,7 @@ func (router_address RouterAddress) Bytes() []byte {
 	bytes := make([]byte, 0)
 	bytes = append(bytes, router_address.TransportCost.Bytes()...)
 	bytes = append(bytes, router_address.ExpirationDate.Bytes()...)
-	strData, err := router_address.TransportType.Data()
-	if err != nil {
-		log.WithFields(logrus.Fields{
-			"error": err,
-		}).Error("RouterAddress.Bytes: error getting transport_style bytes")
-	} else {
-		bytes = append(bytes, strData...)
-	}
+	bytes = append(bytes, router_address.TransportType...)
 	bytes = append(bytes, router_address.TransportOptions.Data()...)
 	log.WithField("bytes_length", len(bytes)).Debug("Converted RouterAddress to bytes")
 	return bytes

lib/common/router_info/router_info.go

@@ -4,6 +4,7 @@ package router_info
 import (
 	"encoding/binary"
 	"errors"
+	"github.com/go-i2p/go-i2p/lib/common/certificate"
 	"strconv"
 	"strings"
 	"time"
@@ -291,7 +292,11 @@ func ReadRouterInfo(bytes []byte) (info RouterInfo, remainder []byte, err error)
 		}
 		err = errors.New("error parsing router info: " + estring)
 	}
-	info.signature, remainder, err = NewSignature(remainder)
+	sigType, err := certificate.GetSignatureTypeFromCertificate(info.router_identity.Certificate())
+	log.WithFields(logrus.Fields{
+		"sigType": sigType,
+	}).Debug("Got sigType")
+	info.signature, remainder, err = NewSignature(remainder, sigType)
 	if err != nil {
 		log.WithFields(logrus.Fields{
 			"at":       "(RouterInfo) ReadRouterInfo",
@@ -344,6 +349,7 @@ func NewRouterInfo(
 	addresses []*RouterAddress,
 	options map[string]string,
 	signingPrivateKey crypto.SigningPrivateKey,
+	sigType int,
 ) (*RouterInfo, error) {
 	log.Debug("Creating new RouterInfo")
 
@@ -404,7 +410,7 @@ func NewRouterInfo(
 	}
 
 	// 8. Create Signature struct from signatureBytes
-	sig, _, err := ReadSignature(signatureBytes)
+	sig, _, err := ReadSignature(signatureBytes, sigType)
 	if err != nil {
 		log.WithError(err).Error("Failed to create Signature from signature bytes")
 		return nil, err

lib/common/router_info/router_info2_test.go

@@ -4,6 +4,7 @@ import (
 	"bytes"
 	"crypto/rand"
 	"encoding/binary"
+	"github.com/go-i2p/go-i2p/lib/common/signature"
 	"testing"
 	"time"
 
@@ -85,13 +86,14 @@ func TestCreateRouterInfo(t *testing.T) {
 		t.Fatalf("Failed to create router identity: %v\n", err)
 	}
 	// create some dummy addresses
-	routerAddress, err := router_address.NewRouterAddress(3, <-time.After(1*time.Second), "NTCP2", nil)
+	options := map[string]string{}
+	routerAddress, err := router_address.NewRouterAddress(3, <-time.After(1*time.Second), "NTCP2", options)
 	if err != nil {
 		t.Fatalf("Failed to create router address: %v\n", err)
 	}
 	routerAddresses := []*router_address.RouterAddress{routerAddress}
 	// create router info
-	routerInfo, err := NewRouterInfo(routerIdentity, time.Now(), routerAddresses, nil, &ed25519_privkey)
+	routerInfo, err := NewRouterInfo(routerIdentity, time.Now(), routerAddresses, nil, &ed25519_privkey, signature.SIGNATURE_TYPE_EDDSA_SHA512_ED25519)
 	if err != nil {
 		t.Fatalf("Failed to create router info: %v\n", err)
 	}

lib/common/signature/signature.go

@@ -24,6 +24,19 @@ const (
 	RedDSA_SHA512_Ed25519_SIZE  = 64
 )
 
+const (
+	SIGNATURE_TYPE_DSA_SHA1               = 0
+	SIGNATURE_TYPE_ECDSA_SHA256_P256      = 1
+	SIGNATURE_TYPE_ECDSA_SHA384_P384      = 2
+	SIGNATURE_TYPE_ECDSA_SHA512_P521      = 3
+	SIGNATURE_TYPE_RSA_SHA256_2048        = 4
+	SIGNATURE_TYPE_RSA_SHA384_3072        = 5
+	SIGNATURE_TYPE_RSA_SHA512_4096        = 6
+	SIGNATURE_TYPE_EDDSA_SHA512_ED25519   = 7
+	SIGNATURE_TYPE_EDDSA_SHA512_ED25519PH = 8
+	SIGNATURE_TYPE_REDDSA_SHA512_ED25519  = 11
+)
+
 /*
 [Signature]
 Accurate for version 0.9.49
@@ -51,9 +64,18 @@ type Signature []byte
 //
 // If a different signature type is expected based on context, this function should be
 // modified accordingly to handle the correct signature length.
-func ReadSignature(data []byte) (sig Signature, remainder []byte, err error) {
-	// Assume the default signature type DSA_SHA1 with length 40 bytes
-	sigLength := DSA_SHA1_SIZE
+func ReadSignature(data []byte, sigType int) (sig Signature, remainder []byte, err error) {
+	var sigLength int
+	switch sigType {
+	case SIGNATURE_TYPE_DSA_SHA1:
+		sigLength = DSA_SHA1_SIZE
+	case SIGNATURE_TYPE_EDDSA_SHA512_ED25519:
+		sigLength = EdDSA_SHA512_Ed25519_SIZE
+	default:
+		err = fmt.Errorf("unsupported signature type: %d", sigType)
+		return
+	}
+
 	if len(data) < sigLength {
 		err = fmt.Errorf("insufficient data to read signature: need %d bytes, have %d", sigLength, len(data))
 		log.WithError(err).Error("Failed to read Signature")
@@ -66,9 +88,9 @@ func ReadSignature(data []byte) (sig Signature, remainder []byte, err error) {
 
 // NewSignature creates a new *Signature from []byte using ReadSignature.
 // Returns a pointer to Signature unlike ReadSignature.
-func NewSignature(data []byte) (signature *Signature, remainder []byte, err error) {
+func NewSignature(data []byte, sigType int) (signature *Signature, remainder []byte, err error) {
 	log.WithField("input_length", len(data)).Debug("Creating new Signature")
-	sig, remainder, err := ReadSignature(data)
+	sig, remainder, err := ReadSignature(data, sigType)
 	if err != nil {
 		log.WithError(err).Error("Failed to read Signature")
 		return nil, remainder, err