/**
* Verify: Alice's IP + Alice's port + Bob's IP + Bob's port + Alice's new relay tag + Bob's
* signed on time Caller must synch on this.
*/
private boolean verifySessionCreated() {
byte signed[] =
new byte
[256
+ 256 // X + Y
+ _aliceIP.length
+ 2
+ _bobIP.length
+ 2
+ 4 // sent relay tag
+ 4 // signed on time
];
int off = 0;
System.arraycopy(_sentX, 0, signed, off, _sentX.length);
off += _sentX.length;
System.arraycopy(_receivedY, 0, signed, off, _receivedY.length);
off += _receivedY.length;
System.arraycopy(_aliceIP, 0, signed, off, _aliceIP.length);
off += _aliceIP.length;
DataHelper.toLong(signed, off, 2, _alicePort);
off += 2;
System.arraycopy(_bobIP, 0, signed, off, _bobIP.length);
off += _bobIP.length;
DataHelper.toLong(signed, off, 2, _bobPort);
off += 2;
DataHelper.toLong(signed, off, 4, _receivedRelayTag);
off += 4;
DataHelper.toLong(signed, off, 4, _receivedSignedOnTime);
boolean valid =
_context
.dsa()
.verifySignature(_receivedSignature, signed, _remotePeer.getSigningPublicKey());
if (_log.shouldLog(Log.DEBUG) || (_log.shouldLog(Log.WARN) && !valid)) {
StringBuilder buf = new StringBuilder(128);
buf.append("Signed sessionCreated:");
buf.append(" Alice: ").append(Addresses.toString(_aliceIP, _alicePort));
buf.append(" Bob: ").append(Addresses.toString(_bobIP, _bobPort));
buf.append(" RelayTag: ").append(_receivedRelayTag);
buf.append(" SignedOn: ").append(_receivedSignedOnTime);
buf.append(" signature: ").append(Base64.encode(_receivedSignature.getData()));
if (valid) _log.debug(buf.toString());
else if (_log.shouldLog(Log.WARN)) _log.warn("INVALID: " + buf.toString());
}
return valid;
}
/**
* Let's sign everything so we can fragment properly.
*
* <p>Note that while a SessionConfirmed could in theory be fragmented, in practice a
* RouterIdentity is 387 bytes and a single fragment is 512 bytes max, so it will never be
* fragmented.
*/
public synchronized void prepareSessionConfirmed() {
if (_sentSignedOnTime > 0) return;
byte signed[] =
new byte
[256
+ 256 // X + Y
+ _aliceIP.length
+ 2
+ _bobIP.length
+ 2
+ 4 // Alice's relay key
+ 4 // signed on time
];
_sentSignedOnTime = _context.clock().now() / 1000;
int off = 0;
System.arraycopy(_sentX, 0, signed, off, _sentX.length);
off += _sentX.length;
System.arraycopy(_receivedY, 0, signed, off, _receivedY.length);
off += _receivedY.length;
System.arraycopy(_aliceIP, 0, signed, off, _aliceIP.length);
off += _aliceIP.length;
DataHelper.toLong(signed, off, 2, _alicePort);
off += 2;
System.arraycopy(_bobIP, 0, signed, off, _bobIP.length);
off += _bobIP.length;
DataHelper.toLong(signed, off, 2, _bobPort);
off += 2;
DataHelper.toLong(signed, off, 4, _receivedRelayTag);
off += 4;
DataHelper.toLong(signed, off, 4, _sentSignedOnTime);
// BUG - if SigningPrivateKey is null, _sentSignature will be null, leading to NPE later
// should we throw something from here?
_sentSignature = _context.dsa().sign(signed, _context.keyManager().getSigningPrivateKey());
}