net.i2p.data.i2np
Class BuildRequestRecord

java.lang.Object
  extended by net.i2p.data.i2np.BuildRequestRecord

public class BuildRequestRecord
extends Object

Holds the unencrypted 222-byte tunnel request record, with a constructor for ElGamal decryption and a method for ElGamal encryption. Iterative AES encryption/decryption is done elsewhere. Cleartext:

   bytes     0-3: tunnel ID to receive messages as
   bytes    4-35: local router identity hash
   bytes   36-39: next tunnel ID
   bytes   40-71: next router identity hash
   bytes  72-103: AES-256 tunnel layer key
   bytes 104-135: AES-256 tunnel IV key
   bytes 136-167: AES-256 reply key
   bytes 168-183: reply IV
   byte      184: flags
   bytes 185-188: request time (in hours since the epoch)
   bytes 189-192: next message ID
   bytes 193-221: uninterpreted / random padding
 
Encrypted:
   bytes    0-15: First 16 bytes of router hash
   bytes  16-527: ElGamal encrypted block (discarding zero bytes at elg[0] and elg[257])
 


Field Summary
static int IV_SIZE
           
static int PEER_SIZE
          we show 16 bytes of the peer hash outside the elGamal block
 
Constructor Summary
BuildRequestRecord(I2PAppContext ctx, long receiveTunnelId, Hash peer, long nextTunnelId, Hash nextHop, long nextMsgId, SessionKey layerKey, SessionKey ivKey, SessionKey replyKey, byte[] iv, boolean isInGateway, boolean isOutEndpoint)
          Populate this instance with data.
BuildRequestRecord(I2PAppContext ctx, PrivateKey ourKey, EncryptedBuildRecord encryptedRecord)
          Decrypt the data from the specified record, writing the decrypted record into this instance's data buffer Caller MUST check that first 16 bytes of our hash matches first 16 bytes of encryptedRecord before calling this.
 
Method Summary
 EncryptedBuildRecord encryptRecord(I2PAppContext ctx, PublicKey toKey, Hash toPeer)
          Encrypt the record to the specified peer.
 byte[] getData()
           
 boolean readIsInboundGateway()
          The current hop is the inbound gateway.
 boolean readIsOutboundEndpoint()
          The current hop is the outbound endpoint.
 SessionKey readIVKey()
          Tunnel IV encryption key that the current hop should use
 SessionKey readLayerKey()
          Tunnel layer encryption key that the current hop should use
 Hash readNextIdentity()
          Read the next hop from the record.
 long readNextTunnelId()
          What tunnel ID the next hop receives messages on.
 long readReceiveTunnelId()
          what tunnel ID should this receive messages on
 byte[] readReplyIV()
          IV that should be used to encrypt the reply
 SessionKey readReplyKey()
          Session key that should be used to encrypt the reply
 long readReplyMessageId()
          What message ID should we send the request to the next hop with.
 long readRequestTime()
          Time that the request was sent (ms), truncated to the nearest hour
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

IV_SIZE

public static final int IV_SIZE
See Also:
Constant Field Values

PEER_SIZE

public static final int PEER_SIZE
we show 16 bytes of the peer hash outside the elGamal block

See Also:
Constant Field Values
Constructor Detail

BuildRequestRecord

public BuildRequestRecord(I2PAppContext ctx,
                          PrivateKey ourKey,
                          EncryptedBuildRecord encryptedRecord)
                   throws DataFormatException
Decrypt the data from the specified record, writing the decrypted record into this instance's data buffer Caller MUST check that first 16 bytes of our hash matches first 16 bytes of encryptedRecord before calling this. Not checked here.

Throws:
DataFormatException - on decrypt fail
Since:
0.9.18, was decryptRecord()

BuildRequestRecord

public BuildRequestRecord(I2PAppContext ctx,
                          long receiveTunnelId,
                          Hash peer,
                          long nextTunnelId,
                          Hash nextHop,
                          long nextMsgId,
                          SessionKey layerKey,
                          SessionKey ivKey,
                          SessionKey replyKey,
                          byte[] iv,
                          boolean isInGateway,
                          boolean isOutEndpoint)
Populate this instance with data. A new buffer is created to contain the data, with the necessary randomized padding.

Parameters:
receiveTunnelId - tunnel the current hop will receive messages on
peer - current hop's identity
nextTunnelId - id for the next hop, or where we send the reply (if we are the outbound endpoint)
nextHop - next hop's identity, or where we send the reply (if we are the outbound endpoint)
nextMsgId - message ID to use when sending on to the next hop (or for the reply)
layerKey - tunnel layer key to be used by the peer
ivKey - tunnel IV key to be used by the peer
replyKey - key to be used when encrypting the reply to this build request
iv - iv to be used when encrypting the reply to this build request
isInGateway - are we the gateway of an inbound tunnel?
isOutEndpoint - are we the endpoint of an outbound tunnel?
Since:
0.9.18, was createRecord()
Method Detail

getData

public byte[] getData()
Returns:
222 bytes, non-null

readReceiveTunnelId

public long readReceiveTunnelId()
what tunnel ID should this receive messages on


readNextTunnelId

public long readNextTunnelId()
What tunnel ID the next hop receives messages on. If this is the outbound tunnel endpoint, this specifies the tunnel ID to which the reply should be sent.


readNextIdentity

public Hash readNextIdentity()
Read the next hop from the record. If this is the outbound tunnel endpoint, this specifies the gateway to which the reply should be sent.


readLayerKey

public SessionKey readLayerKey()
Tunnel layer encryption key that the current hop should use


readIVKey

public SessionKey readIVKey()
Tunnel IV encryption key that the current hop should use


readReplyKey

public SessionKey readReplyKey()
Session key that should be used to encrypt the reply


readReplyIV

public byte[] readReplyIV()
IV that should be used to encrypt the reply


readIsInboundGateway

public boolean readIsInboundGateway()
The current hop is the inbound gateway. If this is true, it means anyone can send messages to this tunnel, but if it is false, only the current predecessor can.


readIsOutboundEndpoint

public boolean readIsOutboundEndpoint()
The current hop is the outbound endpoint. If this is true, the next identity and next tunnel fields refer to where the reply should be sent.


readRequestTime

public long readRequestTime()
Time that the request was sent (ms), truncated to the nearest hour


readReplyMessageId

public long readReplyMessageId()
What message ID should we send the request to the next hop with. If this is the outbound tunnel endpoint, this specifies the message ID with which the reply should be sent.


encryptRecord

public EncryptedBuildRecord encryptRecord(I2PAppContext ctx,
                                          PublicKey toKey,
                                          Hash toPeer)
Encrypt the record to the specified peer. The result is formatted as:
   bytes 0-15: truncated SHA-256 of the current hop's identity (the toPeer parameter)
 bytes 15-527: ElGamal-2048 encrypted block
 

Returns:
non-null