Package net.i2p.data
Class LeaseSet
java.lang.Object
net.i2p.data.DataStructureImpl
net.i2p.data.DatabaseEntry
net.i2p.data.LeaseSet
- All Implemented Interfaces:
Serializable
,DataStructure
- Direct Known Subclasses:
LeaseSet2
Defines the set of leases a destination currently has.
Support encryption and decryption with a supplied key.
Only the gateways and tunnel IDs in the individual
leases are encrypted.
WARNING:
Encryption is poorly designed and probably insecure.
Not recommended.
Encrypted leases are not indicated as such.
The only way to tell a lease is encrypted is to
determine that the listed gateways do not exist.
Routers wishing to decrypt a leaseset must have the
desthash and key in their keyring.
This is required for the local router as well, since
the encryption is done on the client side of I2CP, the
router must decrypt it back again for local usage
(but not for transmission to the floodfills)
Decrypted leases are only available through the getLease()
method, so that storage and network transmission via
writeBytes() will output the original encrypted
leases and the original leaseset signature.
Revocation (zero leases) isn't used anywhere. In addition:
- A revoked leaseset has an EarliestLeaseDate of -1, so it will
never be stored successfully.
- Revocation of an encrypted leaseset will explode.
- So having an included signature at all is pointless?
- Author:
- jrandom
- See Also:
-
Field Summary
Modifier and TypeFieldDescriptionprotected byte[]
protected boolean
protected Destination
protected PublicKey
protected long
protected boolean
protected SigningPublicKey
static final int
Unlimited before 0.6.3; 6 as of 0.6.3; Increased in version 0.9.Fields inherited from class net.i2p.data.DatabaseEntry
_signature, KEY_TYPE_ENCRYPTED_LS2, KEY_TYPE_LEASESET, KEY_TYPE_LS2, KEY_TYPE_META_LS2, KEY_TYPE_ROUTERINFO, KEY_TYPE_SERVICE_LIST, KEY_TYPE_SERVICE_RECORD
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
void
encrypt
(SessionKey key) Encrypt the gateway and tunnel ID of each lease, leaving the expire dates unchanged.boolean
protected byte[]
getBytes()
without sig!long
getDate()
Same as getEarliestLeaseDate()Warning - will be null for LS2 EncryptedLeaseSets if not decryptedlong
Retrieve the end date of the earliest lease included in this leaseSet.getEncryptionKey
(Set<EncType> supported) If more than one key, return the first supported one.Get the keys and the cert Identical to getDestination() in LeaseSet, and getIdentity() in RouterInfo.long
Retrieve the end date of the latest lease included in this leaseSet.getLease
(int index) int
boolean
If true, we received this LeaseSet by a remote peer publishing it to us, rather than by searching for it ourselves or locally creating it.boolean
If true, we received this LeaseSet by searching for it Default false.The Hash of the local client that received this LS, null if the router or unknown.The revocation key.int
getType()
Get the type of the data structure.int
hashCode()
the destination has enough randomness in it to use it by itself for speedboolean
isCurrent
(long fudge) Determine whether ANY lease is currently valid, at least within a given fudge factorvoid
readBytes
(InputStream in) This does NOT validate the signaturevoid
setDestination
(Destination dest) void
setEncryptionKey
(PublicKey encryptionKey) void
setReceivedAsPublished
(boolean received) Default falsevoid
set to truevoid
setReceivedBy
(Hash localClient) Also sets receivedAsReply to truevoid
The revocation key.int
size()
Number of bytes, NOT including signaturetoString()
boolean
Verify that the signature matches the lease set's destination's signing public key.boolean
verifySignature
(SigningPublicKey signingKey) Deprecated.revocation unusedvoid
writeBytes
(OutputStream out) This does NOT validate the signatureMethods inherited from class net.i2p.data.DatabaseEntry
getHash, getRoutingKey, getSignature, getSigningPublicKey, isLeaseSet, isLeaseSet, setSignature, sign, validateRoutingKey
Methods inherited from class net.i2p.data.DataStructureImpl
calculateHash, fromBase64, fromByteArray, read, toBase64, toByteArray
-
Field Details
-
_destination
-
_encryptionKey
-
_signingKey
-
_leases
-
_receivedAsPublished
protected boolean _receivedAsPublished -
_lastExpiration
protected long _lastExpiration -
_checked
protected boolean _checked -
_byteified
protected volatile byte[] _byteified -
MAX_LEASES
public static final int MAX_LEASESUnlimited before 0.6.3; 6 as of 0.6.3; Increased in version 0.9. Leasesets larger than 6 should be used with caution, as each lease adds 44 bytes, and routers older than version 0.9 will not be able to connect as they will throw an exception in readBytes(). Also, the churn will be quite rapid, leading to frequent netdb stores and transmission on existing connections. However we increase it now in case some hugely popular eepsite arrives. Strategies elsewhere in the router to efficiently handle large leasesets are TBD.- See Also:
-
-
Constructor Details
-
LeaseSet
public LeaseSet()
-
-
Method Details
-
getDate
public long getDate()Same as getEarliestLeaseDate()- Specified by:
getDate
in classDatabaseEntry
-
getKeysAndCert
Description copied from class:DatabaseEntry
Get the keys and the cert Identical to getDestination() in LeaseSet, and getIdentity() in RouterInfo.- Specified by:
getKeysAndCert
in classDatabaseEntry
- Returns:
- KAC or null
-
getType
public int getType()Description copied from class:DatabaseEntry
Get the type of the data structure. This should be faster than instanceof.- Specified by:
getType
in classDatabaseEntry
- Returns:
- KEY_TYPE_ROUTERINFO or KEY_TYPE_LEASESET or LS2 types
-
getDestination
Warning - will be null for LS2 EncryptedLeaseSets if not decrypted- Returns:
- Destination or null
-
setDestination
- Throws:
IllegalStateException
- if already signed
-
getEncryptionKey
-
getEncryptionKey
If more than one key, return the first supported one. If none supported, return null.- Parameters:
supported
- what return types are allowed- Returns:
- ElGamal key or null if ElGamal not in supported
- Since:
- 0.9.44
-
setEncryptionKey
- Throws:
IllegalStateException
- if already signed
-
getSigningKey
The revocation key. Undeprecated as of 0.9.38, used for the blinded key in EncryptedLeaseSet.- Returns:
- the revocation key for LS1, null for LS2 except blinded key for encrypted LS2
-
setSigningKey
The revocation key. Unused except for encrypted LS2. Must be the same type as the Destination's SigningPublicKey.- Throws:
IllegalArgumentException
- if different type
-
getReceivedAsPublished
public boolean getReceivedAsPublished()If true, we received this LeaseSet by a remote peer publishing it to us, rather than by searching for it ourselves or locally creating it. Default false. -
setReceivedAsPublished
public void setReceivedAsPublished(boolean received) Default false -
getReceivedAsReply
public boolean getReceivedAsReply()If true, we received this LeaseSet by searching for it Default false.- Since:
- 0.7.14
-
setReceivedAsReply
public void setReceivedAsReply()set to true- Since:
- 0.7.14
-
getReceivedBy
The Hash of the local client that received this LS, null if the router or unknown.- Since:
- 0.9.47
-
setReceivedBy
Also sets receivedAsReply to true- Parameters:
localClient
- may be null- Since:
- 0.9.47
-
addLease
- Throws:
IllegalStateException
- if already signed
-
getLeaseCount
public int getLeaseCount()- Returns:
- 0-16 A LeaseSet with no leases is revoked.
-
getLease
-
getEarliestLeaseDate
public long getEarliestLeaseDate()Retrieve the end date of the earliest lease included in this leaseSet. This is the date that should be used in comparisons for leaseSet age - to determine which LeaseSet was published more recently (later earliestLeaseSetDate means it was published later)- Returns:
- earliest end date of any lease in the set, or -1 if there are no leases
-
getLatestLeaseDate
public long getLatestLeaseDate()Retrieve the end date of the latest lease included in this leaseSet. This is the date used in isCurrent().- Returns:
- latest end date of any lease in the set, or 0 if there are no leases
- Since:
- 0.9.7
-
verifySignature
public boolean verifySignature()Verify that the signature matches the lease set's destination's signing public key. As of 0.9.47, revocation is not checked.- Overrides:
verifySignature
in classDatabaseEntry
- Returns:
- true only if the signature matches
-
verifySignature
Deprecated.revocation unusedVerify that the signature matches the lease set's destination's signing public key. As of 0.9.47, revocation is not checked.- Returns:
- true only if the signature matches
-
isCurrent
public boolean isCurrent(long fudge) Determine whether ANY lease is currently valid, at least within a given fudge factor- Parameters:
fudge
- milliseconds fudge factor to allow between the current time- Returns:
- true if there are current leases, false otherwise
-
getBytes
protected byte[] getBytes()without sig!- Specified by:
getBytes
in classDatabaseEntry
- Returns:
- null on error ???????????????????????
-
readBytes
This does NOT validate the signature- Parameters:
in
- stream to read from- Throws:
IllegalStateException
- if called more than once or Destination already setDataFormatException
- if the data is improperly formattedIOException
- if there was a problem reading the stream
-
writeBytes
This does NOT validate the signature- Parameters:
out
- stream to write to- Throws:
DataFormatException
- if the data was incomplete or not yet ready to be writtenIOException
- if there was a problem writing to the stream
-
size
public int size()Number of bytes, NOT including signature -
equals
-
hashCode
public int hashCode()the destination has enough randomness in it to use it by itself for speed -
toString
-
encrypt
Encrypt the gateway and tunnel ID of each lease, leaving the expire dates unchanged. This adds an extra dummy lease, because AES data must be padded to 16 bytes. The fact that it is encrypted is not stored anywhere. Must be called after all the leases are in place, but before sign().
-