use of net.i2p.util.Log in project i2p.i2p by i2p.
the class KeyStoreUtil method logCertExpiration.
/**
* Validate expiration for all private key certs in a key store.
* Use this for keystores containing selfsigned certs where the
* user will be expected to renew an expiring cert.
* Use this for keystores we are feeding to an SSLContext and ServerSocketFactory.
*
* We added support for self-signed certs in 0.8.3 2011-01, with a 10-year expiration.
* We still don't generate them by default. We don't expect anybody's
* certs to expire until 2021.
*
* @param location the path or other identifying info, for logging only
* @param expiresWithin ms if cert expires within this long, we will log a warning, e.g. 180*24*60*60*1000L
* @return true if all are good, false if we logged something
* @since 0.9.34
*/
public static boolean logCertExpiration(KeyStore ks, String location, long expiresWithin) {
boolean rv = true;
try {
int count = 0;
for (Enumeration<String> e = ks.aliases(); e.hasMoreElements(); ) {
String alias = e.nextElement();
if (ks.isKeyEntry(alias)) {
Certificate[] cs;
try {
cs = ks.getCertificateChain(alias);
} catch (KeyStoreException kse) {
error("Unable to check certificates for \"" + alias + "\" in key store " + location, kse);
rv = false;
continue;
}
for (Certificate c : cs) {
if (c != null && (c instanceof X509Certificate)) {
count++;
X509Certificate cert = (X509Certificate) c;
try {
// System.out.println("checking " + alias + " in " + location);
cert.checkValidity();
long expiresIn = cert.getNotAfter().getTime() - System.currentTimeMillis();
// System.out.println("expiration of " + alias + " is in " + DataHelper.formatDuration(expiresIn));
if (expiresIn < expiresWithin) {
Log l = I2PAppContext.getGlobalContext().logManager().getLog(KeyStoreUtil.class);
String subj = cert.getIssuerX500Principal().toString();
l.logAlways(Log.WARN, "Certificate \"" + subj + "\" in key store " + location + " will expire in " + DataHelper.formatDuration2(expiresIn).replace(" ", " ") + "\nYou should renew the certificate soon." + // TODO better help or tools, or autorenew
"\nFor a local self-signed certificate, you may delete the keystore and restart," + " or ask for help on how to renew.");
}
} catch (CertificateExpiredException cee) {
String subj = cert.getIssuerX500Principal().toString();
error("Expired certificate \"" + subj + "\" in key store " + location + "\nYou must renew the certificate." + // TODO better help or tools, or autorenew
"\nFor a local self-signed certificate, you may simply delete the keystore and restart," + "\nor ask for help on how to renew.", null);
rv = false;
} catch (CertificateNotYetValidException cnyve) {
String subj = cert.getIssuerX500Principal().toString();
error("Not yet valid certificate \"" + subj + "\" in key store " + location, null);
rv = false;
}
}
}
}
}
if (count == 0)
error("No certificates found in key store " + location, null);
} catch (GeneralSecurityException e) {
error("Unable to check certificates in key store " + location, e);
rv = false;
}
return rv;
}
use of net.i2p.util.Log in project i2p.i2p by i2p.
the class I2PDatagramMaker method makeI2PDatagram.
/**
* Make a repliable I2P datagram containing the specified payload.
*
* Format is:
* <ol>
* <li>Destination (387+ bytes)
* <li>Signature (40+ bytes, type and length as implied by signing key type in the Destination)
* <li>Payload
* </ol>
*
* Maximum datagram size is 32768, so maximum payload size is 32341, or less for
* non-DSA_SHA1 destinations. Practical maximum is a few KB less due to
* ElGamal/AES overhead. 10 KB or less is recommended for best results.
*
* For DSA_SHA1 Destinations, the signature is of the SHA-256 Hash of the payload.
*
* As of 0.9.14, for non-DSA_SHA1 Destinations, the signature is of the payload itself.
*
* @param payload non-null Bytes to be contained in the I2P datagram.
* @return null on error
* @throws IllegalArgumentException if payload is too big
* @throws IllegalStateException if Destination signature type unsupported
*/
public byte[] makeI2PDatagram(byte[] payload) {
sxDGram.reset();
try {
sxDGram.write(sxDestBytes);
SigType type = sxPrivKey.getType();
if (type == null)
throw new IllegalStateException("Unsupported sig type");
Signature sig;
if (type == SigType.DSA_SHA1) {
byte[] hash = SimpleByteCache.acquire(Hash.HASH_LENGTH);
// non-caching
hashGen.calculateHash(payload, 0, payload.length, hash, 0);
sig = dsaEng.sign(hash, sxPrivKey);
SimpleByteCache.release(hash);
} else {
sig = dsaEng.sign(payload, sxPrivKey);
}
sig.writeBytes(sxDGram);
sxDGram.write(payload);
if (sxDGram.size() > DGRAM_BUFSIZE)
throw new IllegalArgumentException("Too big");
return sxDGram.toByteArray();
} catch (IOException e) {
Log log = I2PAppContext.getGlobalContext().logManager().getLog(I2PDatagramMaker.class);
log.error("Caught IOException", e);
return null;
} catch (DataFormatException e) {
Log log = I2PAppContext.getGlobalContext().logManager().getLog(I2PDatagramMaker.class);
log.error("Caught DataFormatException", e);
return null;
}
}
use of net.i2p.util.Log in project i2p.i2p by i2p.
the class DataStructureImpl method toByteArray.
public byte[] toByteArray() {
try {
ByteArrayOutputStream baos = new ByteArrayOutputStream(512);
writeBytes(baos);
return baos.toByteArray();
} catch (IOException ioe) {
Log log = I2PAppContext.getGlobalContext().logManager().getLog(getClass());
log.error("Error writing out the byte array", ioe);
return null;
} catch (DataFormatException dfe) {
Log log = I2PAppContext.getGlobalContext().logManager().getLog(getClass());
log.error("Error writing out the byte array", dfe);
return null;
}
}
use of net.i2p.util.Log in project i2p.i2p by i2p.
the class RequestWrapper method log.
/**
* @since 0.9.33
*/
private static void log(Exception e) {
Log log = I2PAppContext.getGlobalContext().logManager().getLog(RequestWrapper.class);
log.error("Multipart form error", e);
}
use of net.i2p.util.Log in project i2p.i2p by i2p.
the class UDPSource method run.
public void run() {
// create packet
byte[] buf = new byte[MAX_SIZE];
DatagramPacket pack = new DatagramPacket(buf, buf.length);
while (true) {
try {
// receive...
this.sock.receive(pack);
// create new data array
byte[] nbuf = new byte[pack.getLength()];
// copy over
System.arraycopy(pack.getData(), 0, nbuf, 0, nbuf.length);
// transfer to sink
this.sink.send(null, nbuf);
// System.out.print("i");
} catch (Exception e) {
Log log = I2PAppContext.getGlobalContext().logManager().getLog(getClass());
if (log.shouldWarn())
log.warn("error sending", e);
break;
}
}
}
Aggregations