Package net.i2p.data
Class EncryptedLeaseSet
java.lang.Object
net.i2p.data.DataStructureImpl
net.i2p.data.DatabaseEntry
net.i2p.data.LeaseSet
net.i2p.data.LeaseSet2
net.i2p.data.EncryptedLeaseSet
- All Implemented Interfaces:
Serializable
,DataStructure
Use getSigningKey() / setSigningKey() (revocation key in super) for the blinded key.
PRELIMINARY - Subject to change - see proposal 123
- Since:
- 0.9.38
- See Also:
-
Field Summary
Fields inherited from class net.i2p.data.LeaseSet2
_expires, _flags, _offlineSignature, _options, _published, _transientExpires, _transientSigningPublicKey
Fields inherited from class net.i2p.data.LeaseSet
_byteified, _checked, _destination, _encryptionKey, _lastExpiration, _leases, _receivedAsPublished, _signingKey, MAX_LEASES
Fields inherited from class net.i2p.data.DatabaseEntry
_signature, KEY_TYPE_ENCRYPTED_LS2, KEY_TYPE_LEASESET, KEY_TYPE_LS2, KEY_TYPE_META_LS2, KEY_TYPE_ROUTERINFO, KEY_TYPE_SERVICE_LIST, KEY_TYPE_SERVICE_RECORD
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
encrypt
(int authType, List<? extends SimpleDataStructure> clientKeys) Throws IllegalStateException if not initialized.void
encrypt
(SessionKey skey) Throws IllegalStateException if not initialized.boolean
getEncryptionKey
(Set<EncType> supported) If more than one key, return the first supported one.This returns all the keys.getHash()
This must be used instead of getDestination().getHash().getLease
(int index) int
protected SigningPublicKey
Overridden to return the blinded key so super.verifySignature() will work.int
getType()
Get the type of the data structure.int
hashCode()
the destination has enough randomness in it to use it by itself for speedvoid
readBytes
(InputStream in) This does NOT validate the signatureprotected void
Overridden because we have a blinded key, not a destprotected void
Overridden because we have a blinded key, not a destvoid
setClientPrivateKey
(PrivateKey privKey) Must be set before verify for per-client auth.void
setDestination
(Destination dest) Overridden to set the blinded key.void
Must be set before sign or verify.void
Overridden to set the blinded key.void
sign
(SigningPrivateKey key) Sign the structure using the supplied signing key.void
sign
(SigningPrivateKey key, int authType, List<? extends SimpleDataStructure> clientKeys) Sign the structure using the supplied signing key.int
size()
Number of bytes, NOT including signaturetoString()
boolean
Overridden because we have a blinded key, not a destboolean
Overridden to decrypt if possible, and verify inner sig also.boolean
verifySignature
(PrivateKey clientKey) Decrypt if possible, and verify inner sig also.protected void
Before encrypt() is called, the inner leaseset.protected void
writeHeader
(OutputStream out) Overridden because we have a blinded key, not a destprotected void
Overridden because we have a blinded key, not a destMethods inherited from class net.i2p.data.LeaseSet2
addEncryptionKey, addLease, getBlindedHash, getBytes, getEncryptionKey, getExpires, getOption, getPublished, getReceivedAsPublished, getTransientExpiration, getTransientSigningKey, isBlindedWhenPublished, isCurrent, isOffline, isUnpublished, offlineSign, setBlindedHash, setBlindedWhenPublished, setOfflineSignature, setOptions, setUnpublished, verifyOfflineSignature, writeBody, writeBytes
Methods inherited from class net.i2p.data.LeaseSet
getDate, getDestination, getEarliestLeaseDate, getKeysAndCert, getLatestLeaseDate, getReceivedAsReply, getReceivedBy, getSigningKey, setEncryptionKey, setReceivedAsPublished, setReceivedAsReply, setReceivedBy, verifySignature
Methods inherited from class net.i2p.data.DatabaseEntry
getRoutingKey, getSignature, isLeaseSet, isLeaseSet, setSignature, validateRoutingKey
Methods inherited from class net.i2p.data.DataStructureImpl
calculateHash, fromBase64, fromByteArray, read, toBase64, toByteArray
-
Constructor Details
-
EncryptedLeaseSet
public EncryptedLeaseSet()
-
-
Method Details
-
getDecryptedLeaseSet
- Returns:
- leaseset or null if not decrypted.
- Since:
- 0.9.39
-
setSecret
Must be set before sign or verify. Must be called before setDestination() or setSigningKey(), or alpha will be wrong.- Parameters:
secret
- null or "" for none (default)- Since:
- 0.9.39
-
setClientPrivateKey
Must be set before verify for per-client auth.- Parameters:
privKey
- non-null- Since:
- 0.9.41
-
getType
public int getType()Description copied from class:DatabaseEntry
Get the type of the data structure. This should be faster than instanceof. -
getLeaseCount
public int getLeaseCount()- Overrides:
getLeaseCount
in classLeaseSet
- Returns:
- 0-16, or 0 if not decrypted.
-
getLease
-
getEncryptionKeys
Description copied from class:LeaseSet2
This returns all the keys. getEncryptionKey() returns the first one. Encryption keys should be in order of server preference, most-preferred first. Client behavior should be to select the first key with a supported encryption type. Clients may use other selection algorithms based on encryption support, relative performance, and other factors.- Overrides:
getEncryptionKeys
in classLeaseSet2
- Returns:
- null if not decrypted.
- Since:
- 0.9.39
-
getEncryptionKey
If more than one key, return the first supported one. If none supported, return null.- Overrides:
getEncryptionKey
in classLeaseSet2
- Parameters:
supported
- what return types are allowed- Returns:
- first supported key or null
- Since:
- 0.9.44
-
setDestination
Overridden to set the blinded key. setSecret() MUST be called before this for non-null secret, or alpha will be wrong.- Overrides:
setDestination
in classLeaseSet
- Parameters:
dest
- non-null, must be EdDSA_SHA512_Ed25519 or RedDSA_SHA512_Ed25519- Throws:
IllegalStateException
- if already signedIllegalArgumentException
- if not EdDSA
-
setSigningKey
Overridden to set the blinded key. setSecret() MUST be called before this for non-null secret, or alpha will be wrong.- Overrides:
setSigningKey
in classLeaseSet2
- Parameters:
spk
- unblinded key non-null, must be EdDSA_SHA512_Ed25519 or RedDSA_SHA512_Ed25519- Throws:
IllegalStateException
- if already signedIllegalArgumentException
- if not EdDSA- Since:
- 0.9.40
-
getSigningPublicKey
Overridden to return the blinded key so super.verifySignature() will work.- Overrides:
getSigningPublicKey
in classDatabaseEntry
- Returns:
- SPK or null
-
readBytes
This does NOT validate the signature- Specified by:
readBytes
in interfaceDataStructure
- Overrides:
readBytes
in classLeaseSet2
- Parameters:
in
- stream to read from- Throws:
IllegalStateException
- if called more than once or Destination already setDataFormatException
- if the data is improperly formattedIOException
- if there was a problem reading the stream
-
writeBytesWithoutSig
Before encrypt() is called, the inner leaseset. After encrypt() is called, the encrypted data. Without sig. This does NOT validate the signature- Overrides:
writeBytesWithoutSig
in classLeaseSet2
- Throws:
DataFormatException
IOException
-
verifyOfflineSignature
public boolean verifyOfflineSignature()Overridden because we have a blinded key, not a dest- Overrides:
verifyOfflineSignature
in classLeaseSet2
-
readHeader
Overridden because we have a blinded key, not a dest- Overrides:
readHeader
in classLeaseSet2
- Throws:
DataFormatException
IOException
-
writeHeader
Overridden because we have a blinded key, not a dest- Overrides:
writeHeader
in classLeaseSet2
- Throws:
DataFormatException
IOException
-
readOfflineBytes
Overridden because we have a blinded key, not a dest- Overrides:
readOfflineBytes
in classLeaseSet2
- Throws:
DataFormatException
IOException
-
writeOfflineBytes
Overridden because we have a blinded key, not a dest- Overrides:
writeOfflineBytes
in classLeaseSet2
- Throws:
DataFormatException
IOException
-
size
public int size()Number of bytes, NOT including signature -
getHash
This must be used instead of getDestination().getHash(). Overridden because we have a blinded key, not a dest. This is the hash of the signing public key type and the signing public key. Throws IllegalStateException if not initialized.- Overrides:
getHash
in classDatabaseEntry
- Returns:
- Hash or null
- Throws:
IllegalStateException
-
encrypt
Throws IllegalStateException if not initialized.- Overrides:
encrypt
in classLeaseSet2
- Parameters:
skey
- ignored- Throws:
IllegalStateException
-
encrypt
Throws IllegalStateException if not initialized. Ref: proposal 123- Parameters:
authType
- 0, 1, or 3, see BlindDataclientKeys
- The client's X25519 public or private keys, null if unused- Throws:
IllegalStateException
-
sign
Sign the structure using the supplied signing key. Overridden because we sign the inner, then blind and encrypt and sign the outer.- Overrides:
sign
in classLeaseSet2
- Throws:
IllegalStateException
- if already signedDataFormatException
-
sign
public void sign(SigningPrivateKey key, int authType, List<? extends SimpleDataStructure> clientKeys) throws DataFormatException Sign the structure using the supplied signing key. Overridden because we sign the inner, then blind and encrypt and sign the outer.- Parameters:
authType
- 0, 1, or 3, see BlindDataclientKeys
- X25519 public keys for DH, private keys for PSK- Throws:
IllegalStateException
- if already signedDataFormatException
- Since:
- 0.9.41
-
verifySignature
public boolean verifySignature()Overridden to decrypt if possible, and verify inner sig also. Must call setDestination() prior to this if attempting decryption. Must call setClientKey() prior to this if attempting decryption.- Overrides:
verifySignature
in classLeaseSet2
- Returns:
- valid
-
verifySignature
Decrypt if possible, and verify inner sig also. Must call setDestination() prior to this if attempting decryption.- Parameters:
clientKey
- PrivateKey for DH or PSK, or null if none- Returns:
- valid
- Since:
- 0.9.41
-
equals
-
hashCode
public int hashCode()the destination has enough randomness in it to use it by itself for speed -
toString
-