Browse Source

reject routers with RSA signatures

pull/999/head
orignal 7 years ago
parent
commit
0c34bd440b
  1. 8
      libi2pd/RouterInfo.cpp

8
libi2pd/RouterInfo.cpp

@ -132,6 +132,14 @@ namespace data
} }
if (verifySignature) if (verifySignature)
{ {
// reject RSA signatures
auto sigType = m_RouterIdentity->GetSigningKeyType ();
if (sigType <= SIGNING_KEY_TYPE_RSA_SHA512_4096 && sigType >= SIGNING_KEY_TYPE_RSA_SHA256_2048)
{
LogPrint (eLogError, "RouterInfo: RSA signature type ", sigType, " is not allowed");
m_IsUnreachable = true;
return;
}
// verify signature // verify signature
int l = m_BufferLen - m_RouterIdentity->GetSignatureLen (); int l = m_BufferLen - m_RouterIdentity->GetSignatureLen ();
if (l < 0 || !m_RouterIdentity->Verify ((uint8_t *)m_Buffer, l, (uint8_t *)m_Buffer + l)) if (l < 0 || !m_RouterIdentity->Verify ((uint8_t *)m_Buffer, l, (uint8_t *)m_Buffer + l))

Loading…
Cancel
Save