Class EncryptedLeaseSet

Method Details

• getDecryptedLeaseSet

  public LeaseSet2 getDecryptedLeaseSet()

  Returns:

  leaseset or null if not decrypted.

  Since:

  0.9.39

• setSecret

  public void setSecret​(String secret)

  Must be set before sign or verify. Must be called before setDestination() or setSigningKey(), or alpha will be wrong.

  Parameters:

  secret - null or "" for none (default)

  Since:

  0.9.39

• setClientPrivateKey

  public void setClientPrivateKey​(PrivateKey privKey)

  Must be set before verify for per-client auth.

  Parameters:

  privKey - non-null

  Since:

  0.9.41

• getType

  public int getType()

  Description copied from class: DatabaseEntry

  Get the type of the data structure. This should be faster than instanceof.

  Overrides:

  getType in class LeaseSet2

  Returns:

  KEY_TYPE_ROUTERINFO or KEY_TYPE_LEASESET or LS2 types

• getLeaseCount

  public int getLeaseCount()

  Overrides:

  getLeaseCount in class LeaseSet

  Returns:

  0-16, or 0 if not decrypted.

• getLease

  public Lease getLease​(int index)

  Overrides:

  getLease in class LeaseSet

  Returns:

  null if not decrypted.

• getEncryptionKeys

  public List<PublicKey> getEncryptionKeys()

  Description copied from class: LeaseSet2

  This returns all the keys. getEncryptionKey() returns the first one. Encryption keys should be in order of server preference, most-preferred first. Client behavior should be to select the first key with a supported encryption type. Clients may use other selection algorithms based on encryption support, relative performance, and other factors.

  Overrides:

  getEncryptionKeys in class LeaseSet2

  Returns:

  null if not decrypted.

  Since:

  0.9.39

• getEncryptionKey

  public PublicKey getEncryptionKey​(Set<EncType> supported)

  If more than one key, return the first supported one. If none supported, return null.

  Overrides:

  getEncryptionKey in class LeaseSet2

  Parameters:

  supported - what return types are allowed

  Returns:

  first supported key or null

  Since:

  0.9.44

• setDestination

  public void setDestination​(Destination dest)

  Overridden to set the blinded key. setSecret() MUST be called before this for non-null secret, or alpha will be wrong.

  Overrides:

  setDestination in class LeaseSet

  Parameters:

  dest - non-null, must be EdDSA_SHA512_Ed25519 or RedDSA_SHA512_Ed25519

  Throws:

  IllegalStateException - if already signed

  IllegalArgumentException - if not EdDSA

• setSigningKey

  public void setSigningKey​(SigningPublicKey spk)

  Overridden to set the blinded key. setSecret() MUST be called before this for non-null secret, or alpha will be wrong.

  Overrides:

  setSigningKey in class LeaseSet2

  Parameters:

  spk - unblinded key non-null, must be EdDSA_SHA512_Ed25519 or RedDSA_SHA512_Ed25519

  Throws:

  IllegalStateException - if already signed

  IllegalArgumentException - if not EdDSA

  Since:

  0.9.40

• getSigningPublicKey

  protected SigningPublicKey getSigningPublicKey()

  Overridden to return the blinded key so super.verifySignature() will work.

  Overrides:

  getSigningPublicKey in class DatabaseEntry

  Returns:

  SPK or null

• readBytes

  public void readBytes​(InputStream in) throws DataFormatException, IOException

  This does NOT validate the signature

  Specified by:

  readBytes in interface DataStructure

  Overrides:

  readBytes in class LeaseSet2

  Parameters:

  in - stream to read from

  Throws:

  IllegalStateException - if called more than once or Destination already set

  DataFormatException - if the data is improperly formatted

  IOException - if there was a problem reading the stream

• writeBytesWithoutSig

  protected void writeBytesWithoutSig​(OutputStream out) throws DataFormatException, IOException

  Before encrypt() is called, the inner leaseset. After encrypt() is called, the encrypted data. Without sig. This does NOT validate the signature

  Overrides:

  writeBytesWithoutSig in class LeaseSet2

  Throws:

  DataFormatException

  IOException

• verifyOfflineSignature

  public boolean verifyOfflineSignature()

  Overridden because we have a blinded key, not a dest

  Overrides:

  verifyOfflineSignature in class LeaseSet2

• readHeader

  protected void readHeader​(InputStream in) throws DataFormatException, IOException

  Overridden because we have a blinded key, not a dest

  Overrides:

  readHeader in class LeaseSet2

  Throws:

  DataFormatException

  IOException

• writeHeader

  protected void writeHeader​(OutputStream out) throws DataFormatException, IOException

  Overridden because we have a blinded key, not a dest

  Overrides:

  writeHeader in class LeaseSet2

  Throws:

  DataFormatException

  IOException

• readOfflineBytes

  protected void readOfflineBytes​(InputStream in) throws DataFormatException, IOException

  Overridden because we have a blinded key, not a dest

  Overrides:

  readOfflineBytes in class LeaseSet2

  Throws:

  DataFormatException

  IOException

• writeOfflineBytes

  protected void writeOfflineBytes​(OutputStream out) throws DataFormatException, IOException

  Overridden because we have a blinded key, not a dest

  Overrides:

  writeOfflineBytes in class LeaseSet2

  Throws:

  DataFormatException

  IOException

• size

  public int size()

  Number of bytes, NOT including signature

  Overrides:

  size in class LeaseSet2

• getHash

  public Hash getHash()

  This must be used instead of getDestination().getHash(). Overridden because we have a blinded key, not a dest. This is the hash of the signing public key type and the signing public key. Throws IllegalStateException if not initialized.

  Overrides:

  getHash in class DatabaseEntry

  Returns:

  Hash or null

  Throws:

  IllegalStateException

• encrypt

  public void encrypt​(SessionKey skey)

  Throws IllegalStateException if not initialized.

  Overrides:

  encrypt in class LeaseSet2

  Parameters:

  skey - ignored

  Throws:

  IllegalStateException

• encrypt

  public void encrypt​(int authType, List<? extends SimpleDataStructure> clientKeys)

  Throws IllegalStateException if not initialized. Ref: proposal 123

  Parameters:

  authType - 0, 1, or 3, see BlindData

  clientKeys - The client's X25519 public or private keys, null if unused

  Throws:

  IllegalStateException

• sign

  public void sign​(SigningPrivateKey key) throws DataFormatException

  Sign the structure using the supplied signing key. Overridden because we sign the inner, then blind and encrypt and sign the outer.

  Overrides:

  sign in class LeaseSet2

  Throws:

  IllegalStateException - if already signed

  DataFormatException

• sign

  public void sign​(SigningPrivateKey key, int authType, List<? extends SimpleDataStructure> clientKeys) throws DataFormatException

  Sign the structure using the supplied signing key. Overridden because we sign the inner, then blind and encrypt and sign the outer.

  Parameters:

  authType - 0, 1, or 3, see BlindData

  clientKeys - X25519 public keys for DH, private keys for PSK

  Throws:

  IllegalStateException - if already signed

  DataFormatException

  Since:

  0.9.41

• verifySignature

  public boolean verifySignature()

  Overridden to decrypt if possible, and verify inner sig also. Must call setDestination() prior to this if attempting decryption. Must call setClientKey() prior to this if attempting decryption.

  Overrides:

  verifySignature in class LeaseSet2

  Returns:

  valid

• verifySignature

  public boolean verifySignature​(PrivateKey clientKey)

  Decrypt if possible, and verify inner sig also. Must call setDestination() prior to this if attempting decryption.

  Parameters:

  clientKey - PrivateKey for DH or PSK, or null if none

  Returns:

  valid

  Since:

  0.9.41

• equals

  public boolean equals​(Object object)

  Overrides:

  equals in class LeaseSet2

• hashCode

  public int hashCode()

  the destination has enough randomness in it to use it by itself for speed

  Overrides:

  hashCode in class LeaseSet2

• toString

  public String toString()

  Overrides:

  toString in class LeaseSet2