Router: Change default encryption type to ECIES-X25519 (proposal 156)

As of 0.9.49. 0.9.48-x dev builds will not rekey. New installs only. Existing install rekey probability: 1 in 128 To be increased in later releases, see proposal 156 for details.
2021-01-14 08:54:17 -05:00
parent 5f3c41244b
commit aa2ba92db8
2 changed files with 10 additions and 5 deletions
--- a/router/java/src/net/i2p/router/startup/CreateRouterInfoJob.java
+++ b/router/java/src/net/i2p/router/startup/CreateRouterInfoJob.java
@@ -17,6 +17,7 @@ import java.util.HashMap;
 import java.util.Map;
 import java.util.Properties;

+import net.i2p.CoreVersion;
 import net.i2p.crypto.EncType;
 import net.i2p.crypto.KeyPair;
 import net.i2p.crypto.SigType;
@@ -41,6 +42,7 @@ import net.i2p.router.util.EventLog;
 import net.i2p.util.Log;
 import net.i2p.util.SecureFileOutputStream;
 import net.i2p.util.SystemVersion;
+import net.i2p.util.VersionComparator;

 /**
 *  Warning - misnamed. This creates a new RouterIdentity, i.e.
@@ -59,7 +61,9 @@ public class CreateRouterInfoJob extends JobImpl {
    /** @since 0.9.48 */
    static final String PROP_ROUTER_ENCTYPE = "router.encType";
    private static final SigType DEFAULT_SIGTYPE = SigType.EdDSA_SHA512_Ed25519;
-    private static final EncType DEFAULT_ENCTYPE = EncType.ELGAMAL_2048;
+    private static final EncType DEFAULT_ENCTYPE = (VersionComparator.comp(CoreVersion.VERSION, "0.9.49") >= 0) ?
+                                                   EncType.ECIES_X25519 :
+                                                   EncType.ELGAMAL_2048;

    CreateRouterInfoJob(RouterContext ctx, Job next) {
        super(ctx);
--- a/router/java/src/net/i2p/router/startup/LoadRouterInfoJob.java
+++ b/router/java/src/net/i2p/router/startup/LoadRouterInfoJob.java
@@ -44,6 +44,8 @@ class LoadRouterInfoJob extends JobImpl {
    private final Log _log;
    private RouterInfo _us;
    private static final AtomicBoolean _keyLengthChecked = new AtomicBoolean();
+    // 1 chance in this many to rekey if the defaults changed
+    private static final int REKEY_PROBABILITY = 128;
    
    public LoadRouterInfoJob(RouterContext ctx) {
        super(ctx);
@@ -126,13 +128,12 @@ class LoadRouterInfoJob extends JobImpl {
                if ((sigTypeChanged && getContext().getProperty(CreateRouterInfoJob.PROP_ROUTER_SIGTYPE) == null) ||
                    (encTypeChanged && getContext().getProperty(CreateRouterInfoJob.PROP_ROUTER_ENCTYPE) == null)) {
                    // Not explicitly configured, and default has changed
-                    // Give a 25% chance of rekeying for each restart
-                    // TODO reduce to ~3 (i.e. increase probability) in future release
-                    if (getContext().random().nextInt(16) > 0) {
+                    // Give a chance of rekeying for each restart
+                    if (getContext().random().nextInt(REKEY_PROBABILITY) > 0) {
                        sigTypeChanged = false;
                        encTypeChanged = false;
                        if (_log.shouldWarn())
-                            _log.warn("Deferring RI rekey from " + stype + " to " + cstype);
+                            _log.warn("Deferring RI rekey from " + stype + '/' + etype + " to " + cstype + '/' + cetype);
                    }
                }