Example 11 with SigningPublicKey
use of net.i2p.data.SigningPublicKey in project i2p.i2p by i2p.
the class SigUtil method fromJavaKey.
/**
*/
public static SigningPublicKey fromJavaKey(RSAPublicKey pk, SigType type) throws GeneralSecurityException {
BigInteger n = pk.getModulus();
int len = type.getPubkeyLen();
byte[] bn = rectify(n, len);
return new SigningPublicKey(type, bn);
}
Also used :
SigningPublicKey(net.i2p.data.SigningPublicKey)
BigInteger(java.math.BigInteger)
NativeBigInteger(net.i2p.util.NativeBigInteger)
ECPoint(java.security.spec.ECPoint)
Example 12 with SigningPublicKey
use of net.i2p.data.SigningPublicKey in project i2p.i2p by i2p.
the class TrustedUpdate method verify.
/**
* Verifies the DSA signature of a signed update file.
*
* @param signedFile The signed update file to check.
* @param publicKeyFile A file containing the public key to use for
* verification.
*
* @return <code>true</code> if the file has a valid signature, otherwise
* <code>false</code>.
*/
public boolean verify(String signedFile, String publicKeyFile) {
SigningPublicKey signingPublicKey = new SigningPublicKey();
FileInputStream fileInputStream = null;
try {
fileInputStream = new FileInputStream(signedFile);
signingPublicKey.readBytes(fileInputStream);
} catch (IOException ioe) {
if (_log.shouldLog(Log.WARN))
_log.warn("Unable to load the signature", ioe);
return false;
} catch (DataFormatException dfe) {
if (_log.shouldLog(Log.WARN))
_log.warn("Unable to load the signature", dfe);
return false;
} finally {
if (fileInputStream != null)
try {
fileInputStream.close();
} catch (IOException ioe) {
}
}
return verify(new File(signedFile), signingPublicKey);
}
Also used :
SigningPublicKey(net.i2p.data.SigningPublicKey)
DataFormatException(net.i2p.data.DataFormatException)
IOException(java.io.IOException)
File(java.io.File)
FileInputStream(java.io.FileInputStream)
Example 13 with SigningPublicKey
use of net.i2p.data.SigningPublicKey in project i2p.i2p by i2p.
the class TrustedUpdate method addKey.
/**
* Duplicate keys or names rejected,
* except that duplicate empty names are allowed
* @param key 172 character base64 string
* @param name non-null but "" ok
* @since 0.7.12
* @return true if successful
*/
public boolean addKey(String key, String name) {
if (_log.shouldLog(Log.DEBUG))
_log.debug("Adding " + name + ": " + key);
SigningPublicKey signingPublicKey = new SigningPublicKey();
try {
// fromBase64() will throw a DFE if length is not right
signingPublicKey.fromBase64(key);
} catch (DataFormatException dfe) {
_log.error("Invalid signing key for " + name + " : " + key, dfe);
return false;
}
String oldName = _trustedKeys.get(signingPublicKey);
// already there?
if (name.equals(oldName))
return true;
if (oldName != null && !oldName.equals("")) {
_log.error("Key for " + name + " already stored for different name " + oldName + " : " + key);
return false;
}
if ((!name.equals("")) && _trustedKeys.containsValue(name)) {
_log.error("Key mismatch for " + name + ", spoof attempt? : " + key);
return false;
}
_trustedKeys.put(signingPublicKey, name);
return true;
}
Also used :
SigningPublicKey(net.i2p.data.SigningPublicKey)
DataFormatException(net.i2p.data.DataFormatException)
Example 14 with SigningPublicKey
use of net.i2p.data.SigningPublicKey in project i2p.i2p by i2p.
the class RouterIdentityTest method testNullCert.
@Test
public void testNullCert() throws Exception {
RouterIdentity ident = new RouterIdentity();
ident.setCertificate(null);
PublicKey pk = (PublicKey) (new PublicKeyTest()).createDataStructure();
ident.setPublicKey(pk);
SigningPublicKey k = (SigningPublicKey) (new SigningPublicKeyTest()).createDataStructure();
ident.setSigningPublicKey(k);
exception.expect(DataFormatException.class);
exception.expectMessage("Not enough data to format the router identity");
ident.writeBytes(new ByteArrayOutputStream());
}
Also used :
SigningPublicKey(net.i2p.data.SigningPublicKey)
SigningPublicKeyTest(net.i2p.data.SigningPublicKeyTest)
SigningPublicKey(net.i2p.data.SigningPublicKey)
PublicKey(net.i2p.data.PublicKey)
PublicKeyTest(net.i2p.data.PublicKeyTest)
SigningPublicKeyTest(net.i2p.data.SigningPublicKeyTest)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
StructureTest(net.i2p.data.StructureTest)
CertificateTest(net.i2p.data.CertificateTest)
Test(org.junit.Test)
PublicKeyTest(net.i2p.data.PublicKeyTest)
SigningPublicKeyTest(net.i2p.data.SigningPublicKeyTest)
Example 15 with SigningPublicKey
use of net.i2p.data.SigningPublicKey in project i2p.i2p by i2p.
the class CreateRouterInfoJob method createRouterInfo.
/**
* Writes 6 files: router.info (standard RI format),
* router.keys.dat, and 4 individual key files under keyBackup/
*
* router.keys.dat file format: This is the
* same "eepPriv.dat" format used by the client code,
* as documented in PrivateKeyFile.
*
* Old router.keys file format: Note that this is NOT the
* same "eepPriv.dat" format used by the client code.
*<pre>
* - Private key (256 bytes)
* - Signing Private key (20 bytes)
* - Public key (256 bytes)
* - Signing Public key (128 bytes)
* Total 660 bytes
*</pre>
*
* Caller must hold Router.routerInfoFileLock.
*/
RouterInfo createRouterInfo() {
SigType type = getSigTypeConfig(getContext());
RouterInfo info = new RouterInfo();
OutputStream fos1 = null;
try {
info.setAddresses(getContext().commSystem().createAddresses());
// not necessary, in constructor
// info.setPeers(new HashSet());
info.setPublished(getCurrentPublishDate(getContext()));
Object[] keypair = getContext().keyGenerator().generatePKIKeypair();
PublicKey pubkey = (PublicKey) keypair[0];
PrivateKey privkey = (PrivateKey) keypair[1];
SimpleDataStructure[] signingKeypair = getContext().keyGenerator().generateSigningKeys(type);
SigningPublicKey signingPubKey = (SigningPublicKey) signingKeypair[0];
SigningPrivateKey signingPrivKey = (SigningPrivateKey) signingKeypair[1];
RouterIdentity ident = new RouterIdentity();
Certificate cert = createCertificate(getContext(), signingPubKey);
ident.setCertificate(cert);
ident.setPublicKey(pubkey);
ident.setSigningPublicKey(signingPubKey);
byte[] padding;
int padLen = SigningPublicKey.KEYSIZE_BYTES - signingPubKey.length();
if (padLen > 0) {
padding = new byte[padLen];
getContext().random().nextBytes(padding);
ident.setPadding(padding);
} else {
padding = null;
}
info.setIdentity(ident);
Properties stats = getContext().statPublisher().publishStatistics(ident.getHash());
info.setOptions(stats);
info.sign(signingPrivKey);
if (!info.isValid())
throw new DataFormatException("RouterInfo we just built is invalid: " + info);
// remove router.keys
(new File(getContext().getRouterDir(), KEYS_FILENAME)).delete();
// write router.info
File ifile = new File(getContext().getRouterDir(), INFO_FILENAME);
fos1 = new BufferedOutputStream(new SecureFileOutputStream(ifile));
info.writeBytes(fos1);
// write router.keys.dat
File kfile = new File(getContext().getRouterDir(), KEYS2_FILENAME);
PrivateKeyFile pkf = new PrivateKeyFile(kfile, pubkey, signingPubKey, cert, privkey, signingPrivKey, padding);
pkf.write();
// set or overwrite old random keys
Map<String, String> map = new HashMap<String, String>(2);
byte[] rk = new byte[32];
getContext().random().nextBytes(rk);
map.put(Router.PROP_IB_RANDOM_KEY, Base64.encode(rk));
getContext().random().nextBytes(rk);
map.put(Router.PROP_OB_RANDOM_KEY, Base64.encode(rk));
getContext().router().saveConfig(map, null);
getContext().keyManager().setKeys(pubkey, privkey, signingPubKey, signingPrivKey);
if (_log.shouldLog(Log.INFO))
_log.info("Router info created and stored at " + ifile.getAbsolutePath() + " with private keys stored at " + kfile.getAbsolutePath() + " [" + info + "]");
getContext().router().eventLog().addEvent(EventLog.REKEYED, ident.calculateHash().toBase64());
} catch (GeneralSecurityException gse) {
_log.log(Log.CRIT, "Error building the new router information", gse);
} catch (DataFormatException dfe) {
_log.log(Log.CRIT, "Error building the new router information", dfe);
} catch (IOException ioe) {
_log.log(Log.CRIT, "Error writing out the new router information", ioe);
} finally {
if (fos1 != null)
try {
fos1.close();
} catch (IOException ioe) {
}
}
return info;
}
Also used :
PrivateKey(net.i2p.data.PrivateKey)
SigningPrivateKey(net.i2p.data.SigningPrivateKey)
HashMap(java.util.HashMap)
RouterInfo(net.i2p.data.router.RouterInfo)
SecureFileOutputStream(net.i2p.util.SecureFileOutputStream)
BufferedOutputStream(java.io.BufferedOutputStream)
OutputStream(java.io.OutputStream)
Properties(java.util.Properties)
SimpleDataStructure(net.i2p.data.SimpleDataStructure)
BufferedOutputStream(java.io.BufferedOutputStream)
SigningPublicKey(net.i2p.data.SigningPublicKey)
SigningPublicKey(net.i2p.data.SigningPublicKey)
PublicKey(net.i2p.data.PublicKey)
RouterIdentity(net.i2p.data.router.RouterIdentity)
GeneralSecurityException(java.security.GeneralSecurityException)
PrivateKeyFile(net.i2p.data.PrivateKeyFile)
IOException(java.io.IOException)
SigType(net.i2p.crypto.SigType)
SigningPrivateKey(net.i2p.data.SigningPrivateKey)
DataFormatException(net.i2p.data.DataFormatException)
SecureFileOutputStream(net.i2p.util.SecureFileOutputStream)
PrivateKeyFile(net.i2p.data.PrivateKeyFile)
File(java.io.File)
Certificate(net.i2p.data.Certificate)
KeyCertificate(net.i2p.data.KeyCertificate)
Aggregations
SigningPublicKey (net.i2p.data.SigningPublicKey)36
SigningPrivateKey (net.i2p.data.SigningPrivateKey)13
IOException (java.io.IOException)12
DataFormatException (net.i2p.data.DataFormatException)11
SigType (net.i2p.crypto.SigType)10
Signature (net.i2p.data.Signature)10
PublicKey (net.i2p.data.PublicKey)9
File (java.io.File)8
GeneralSecurityException (java.security.GeneralSecurityException)8
PublicKey (java.security.PublicKey)7
PrivateKey (net.i2p.data.PrivateKey)6
SimpleDataStructure (net.i2p.data.SimpleDataStructure)6
BigInteger (java.math.BigInteger)5
ECPoint (java.security.spec.ECPoint)5
Certificate (net.i2p.data.Certificate)5
Destination (net.i2p.data.Destination)5
NativeBigInteger (net.i2p.util.NativeBigInteger)5
FileInputStream (java.io.FileInputStream)3
StringWriter (java.io.StringWriter)3
CertificateTest (net.i2p.data.CertificateTest)3
