Examples with SessionKey net.i2p.data.SessionKey used on opensource projects

Example 66 with SessionKey

use of net.i2p.data.SessionKey in project i2p.i2p by i2p.

the class MessageWrapper method wrap.

/**
 *  Garlic wrap a message from a client or this router, destined for a router,
 *  to hide the contents from the OBEP.
 *  Caller must call acked() or fail() on the returned object.
 *
 *  @param from must be a local client with a session key manager,
 *              or null to use the router's session key manager
 *  @return null on encrypt failure
 */
static WrappedMessage wrap(RouterContext ctx, I2NPMessage m, Hash from, RouterInfo to) {
    PayloadGarlicConfig payload = new PayloadGarlicConfig();
    payload.setCertificate(Certificate.NULL_CERT);
    payload.setId(ctx.random().nextLong(I2NPMessage.MAX_ID_VALUE));
    payload.setPayload(m);
    payload.setRecipient(to);
    payload.setDeliveryInstructions(DeliveryInstructions.LOCAL);
    payload.setExpiration(m.getMessageExpiration());
    SessionKeyManager skm;
    if (from != null)
        skm = ctx.clientManager().getClientSessionKeyManager(from);
    else
        skm = ctx.sessionKeyManager();
    if (skm == null)
        return null;
    SessionKey sentKey = new SessionKey();
    Set<SessionTag> sentTags = new HashSet<SessionTag>();
    GarlicMessage msg = GarlicMessageBuilder.buildMessage(ctx, payload, sentKey, sentTags, NETDB_TAGS_TO_DELIVER, NETDB_LOW_THRESHOLD, skm);
    if (msg == null)
        return null;
    TagSetHandle tsh = null;
    PublicKey sentTo = to.getIdentity().getPublicKey();
    if (!sentTags.isEmpty())
        tsh = skm.tagsDelivered(sentTo, sentKey, sentTags);
    // _log.debug("Sent to: " + to.getIdentity().getHash() + " with key: " + sentKey + " and tags: " + sentTags.size());
    return new WrappedMessage(msg, skm, sentTo, sentKey, tsh);
}

Example 67 with SessionKey

use of net.i2p.data.SessionKey in project i2p.i2p by i2p.

the class MessageWrapper method generateSession.

/**
 *  Create a single key and tag, for receiving a single encrypted message,
 *  and register it with the given session key manager, to expire in two minutes.
 *  The recipient can then send us an AES-encrypted message,
 *  avoiding ElGamal.
 *
 *  @return non-null
 *  @since 0.9.9
 */
public static OneTimeSession generateSession(RouterContext ctx, SessionKeyManager skm) {
    SessionKey key = ctx.keyGenerator().generateSessionKey();
    SessionTag tag = new SessionTag(true);
    Set<SessionTag> tags = new RemovableSingletonSet<SessionTag>(tag);
    skm.tagsReceived(key, tags, 2 * 60 * 1000);
    return new OneTimeSession(key, tag);
}

Example 68 with SessionKey

use of net.i2p.data.SessionKey in project i2p.i2p by i2p.

the class GarlicMessageBuilder method buildMessage.

/**
 * Unused and probably a bad idea.
 *
 * Used below only on a recursive call if the garlic message contains a garlic message.
 * We don't need the SessionKey or SesssionTags returned
 * This uses the router's SKM, which is probably not what you want.
 * This isn't fully implemented, because the key and tags aren't saved - maybe
 * it should force elGamal?
 *
 * @param ctx scope
 * @param config how/what to wrap
 * @throws IllegalArgumentException on error
 */
private static GarlicMessage buildMessage(RouterContext ctx, GarlicConfig config) {
    Log log = ctx.logManager().getLog(GarlicMessageBuilder.class);
    log.error("buildMessage 2 args, using router SKM", new Exception("who did it"));
    return buildMessage(ctx, config, new SessionKey(), new HashSet<SessionTag>(), ctx.sessionKeyManager());
}

Example 69 with SessionKey

use of net.i2p.data.SessionKey in project i2p.i2p-bote by i2p.

the class EncryptedInputStream method readInputStream.

/**
 * If <code>cachedKey</code> is not <code>null</code>, this method assumes the
 * key has been generated from a valid password.
 * @param inputStream
 * @param password
 * @param cachedKey
 * @return the decrypted data
 * @throws IOException
 * @throws GeneralSecurityException
 * @throws PasswordException
 */
// for net.i2p.crypto.AESEngine
@SuppressWarnings("deprecation")
private byte[] readInputStream(InputStream inputStream, byte[] password, DerivedKey cachedKey) throws IOException, GeneralSecurityException, PasswordException {
    byte[] startOfFile = new byte[START_OF_FILE.length];
    inputStream.read(startOfFile);
    if (!Arrays.equals(START_OF_FILE, startOfFile))
        throw new IOException("Invalid header bytes: " + Arrays.toString(startOfFile) + ", expected: " + Arrays.toString(START_OF_FILE));
    int format = inputStream.read();
    if (format != FORMAT_VERSION)
        throw new IOException("Invalid file format identifier: " + format + ", expected: " + FORMAT_VERSION);
    SCryptParameters scryptParams = new SCryptParameters(inputStream);
    byte[] salt = new byte[SALT_LENGTH];
    inputStream.read(salt);
    // use the cached key if it is suitable, otherwise compute the key
    byte[] keyBytes;
    if (cachedKey != null && Arrays.equals(salt, cachedKey.salt) && scryptParams.equals(cachedKey.scryptParams))
        keyBytes = cachedKey.key;
    else
        keyBytes = FileEncryptionUtil.getEncryptionKey(password, salt, scryptParams);
    byte[] iv = new byte[BLOCK_SIZE];
    inputStream.read(iv);
    byte[] encryptedData = Util.readBytes(inputStream);
    SessionKey key = new SessionKey(keyBytes);
    I2PAppContext appContext = I2PAppContext.getGlobalContext();
    byte[] decryptedData = appContext.aes().safeDecrypt(encryptedData, key, iv);
    // null from safeDecrypt() means failure
    if (decryptedData == null)
        if (cachedKey == null)
            throw new PasswordException();
        else
            // we're assuming password and key are correct.
            throw new GeneralSecurityException("Can't decrypt using cached key.");
    return decryptedData;
}