|
|
@ -131,6 +131,9 @@ namespace data
|
|
|
|
s.read (signerID, signerIDLength); // signerID
|
|
|
|
s.read (signerID, signerIDLength); // signerID
|
|
|
|
signerID[signerIDLength] = 0;
|
|
|
|
signerID[signerIDLength] = 0;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
bool verify; i2p::config::GetOption("reseed.verify", verify);
|
|
|
|
|
|
|
|
if (verify)
|
|
|
|
|
|
|
|
{
|
|
|
|
//try to verify signature
|
|
|
|
//try to verify signature
|
|
|
|
auto it = m_SigningKeys.find (signerID);
|
|
|
|
auto it = m_SigningKeys.find (signerID);
|
|
|
|
if (it != m_SigningKeys.end ())
|
|
|
|
if (it != m_SigningKeys.end ())
|
|
|
@ -162,6 +165,8 @@ namespace data
|
|
|
|
// we can't use RSA_verify due wrong padding in SU3
|
|
|
|
// we can't use RSA_verify due wrong padding in SU3
|
|
|
|
if (memcmp (enSigBuf + (signatureLength - 64), digest, 64))
|
|
|
|
if (memcmp (enSigBuf + (signatureLength - 64), digest, 64))
|
|
|
|
LogPrint (eLogWarning, "Reseed: SU3 signature verification failed");
|
|
|
|
LogPrint (eLogWarning, "Reseed: SU3 signature verification failed");
|
|
|
|
|
|
|
|
else
|
|
|
|
|
|
|
|
verify = false; // verified
|
|
|
|
delete[] enSigBuf;
|
|
|
|
delete[] enSigBuf;
|
|
|
|
BN_free (s); BN_free (n);
|
|
|
|
BN_free (s); BN_free (n);
|
|
|
|
BN_CTX_free (bnctx);
|
|
|
|
BN_CTX_free (bnctx);
|
|
|
@ -176,6 +181,13 @@ namespace data
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else
|
|
|
|
else
|
|
|
|
LogPrint (eLogWarning, "Reseed: Certificate for ", signerID, " not loaded");
|
|
|
|
LogPrint (eLogWarning, "Reseed: Certificate for ", signerID, " not loaded");
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (verify) // not verified
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
LogPrint (eLogError, "Reseed: SU3 verification failed");
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// handle content
|
|
|
|
// handle content
|
|
|
|
int numFiles = 0;
|
|
|
|
int numFiles = 0;
|
|
|
|