Package net.i2p.router.crypto
Class FamilyKeyCrypto
java.lang.Object
net.i2p.router.crypto.FamilyKeyCrypto
Utilities for creating, storing, retrieving the signing keys for
the netdb family feature
- Since:
- 0.9.24
-
Nested Class Summary
Modifier and TypeClassDescriptionstatic enum
Only STORED_KEY is fully trusted. -
Field Summary
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionGet verified members of our family.Get our family name.boolean
Do we have a valid family?static void
void
shutdown()
Clears the cachesCaller must add family to RI also.verify
(RouterInfo ri) Verify the family signature in a RouterInfo.boolean
Verify the family in a RouterInfo matches ours and the signature is good.
-
Field Details
-
PROP_KEYSTORE_PASSWORD
- See Also:
-
PROP_FAMILY_NAME
- See Also:
-
PROP_KEY_PASSWORD
- See Also:
-
CERT_SUFFIX
- See Also:
-
CRL_SUFFIX
- See Also:
-
KEYSTORE_PREFIX
- See Also:
-
KEYSTORE_SUFFIX
- See Also:
-
CN_SUFFIX
- See Also:
-
OPT_NAME
- See Also:
-
OPT_SIG
- See Also:
-
OPT_KEY
- See Also:
-
-
Constructor Details
-
FamilyKeyCrypto
For signing and verification. If the context property netdb.family.name is set, this can be used for signing, else only for verification.- Throws:
GeneralSecurityException
-
-
Method Details
-
shutdown
public void shutdown()Clears the caches -
sign
Caller must add family to RI also. throws on all errors- Parameters:
family
- non-null, must match that we were initialized with or will throw GSEh
- non-null- Returns:
- non-null options to be added to the RI
- Throws:
GeneralSecurityException
- on null hash, null or changed family, or signing error
-
hasFamily
public boolean hasFamily()Do we have a valid family?- Since:
- 0.9.28
-
getOurFamily
Get verified members of our family. Will not contain ourselves.- Returns:
- non-null, not a copy, do not modify
- Since:
- 0.9.28
-
getOurFamilyName
Get our family name.- Returns:
- name or null
- Since:
- 0.9.28
-
verify
Verify the family signature in a RouterInfo. This requires a family key in the RI, or a certificate file for the family in certificates/family.- Returns:
- Result
-
verifyOurFamily
Verify the family in a RouterInfo matches ours and the signature is good. Returns false if we don't have a family and sig, or they don't. Returns false for ourselves.- Returns:
- true if family matches with good sig
- Since:
- 0.9.28
-
main
- Since:
- 0.9.36
-