From aa2ba92db801b9f98af3f934ba0a0ab4cc4c4a52 Mon Sep 17 00:00:00 2001
From: zzz <zzz@i2pmail.org>
Date: Thu, 14 Jan 2021 08:54:17 -0500
Subject: [PATCH] Router: Change default encryption type to ECIES-X25519
 (proposal 156)

As of 0.9.49. 0.9.48-x dev builds will not rekey.
New installs only.
Existing install rekey probability: 1 in 128
To be increased in later releases, see proposal 156 for details.
---
 .../src/net/i2p/router/startup/CreateRouterInfoJob.java  | 6 +++++-
 .../src/net/i2p/router/startup/LoadRouterInfoJob.java    | 9 +++++----
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/router/java/src/net/i2p/router/startup/CreateRouterInfoJob.java b/router/java/src/net/i2p/router/startup/CreateRouterInfoJob.java
index 61bfdfa2c9..c6892c7db7 100644
--- a/router/java/src/net/i2p/router/startup/CreateRouterInfoJob.java
+++ b/router/java/src/net/i2p/router/startup/CreateRouterInfoJob.java
@@ -17,6 +17,7 @@ import java.util.HashMap;
 import java.util.Map;
 import java.util.Properties;
 
+import net.i2p.CoreVersion;
 import net.i2p.crypto.EncType;
 import net.i2p.crypto.KeyPair;
 import net.i2p.crypto.SigType;
@@ -41,6 +42,7 @@ import net.i2p.router.util.EventLog;
 import net.i2p.util.Log;
 import net.i2p.util.SecureFileOutputStream;
 import net.i2p.util.SystemVersion;
+import net.i2p.util.VersionComparator;
 
 /**
  *  Warning - misnamed. This creates a new RouterIdentity, i.e.
@@ -59,7 +61,9 @@ public class CreateRouterInfoJob extends JobImpl {
     /** @since 0.9.48 */
     static final String PROP_ROUTER_ENCTYPE = "router.encType";
     private static final SigType DEFAULT_SIGTYPE = SigType.EdDSA_SHA512_Ed25519;
-    private static final EncType DEFAULT_ENCTYPE = EncType.ELGAMAL_2048;
+    private static final EncType DEFAULT_ENCTYPE = (VersionComparator.comp(CoreVersion.VERSION, "0.9.49") >= 0) ?
+                                                   EncType.ECIES_X25519 :
+                                                   EncType.ELGAMAL_2048;
 
     CreateRouterInfoJob(RouterContext ctx, Job next) {
         super(ctx);
diff --git a/router/java/src/net/i2p/router/startup/LoadRouterInfoJob.java b/router/java/src/net/i2p/router/startup/LoadRouterInfoJob.java
index c2adebc12c..4d932f3a03 100644
--- a/router/java/src/net/i2p/router/startup/LoadRouterInfoJob.java
+++ b/router/java/src/net/i2p/router/startup/LoadRouterInfoJob.java
@@ -44,6 +44,8 @@ class LoadRouterInfoJob extends JobImpl {
     private final Log _log;
     private RouterInfo _us;
     private static final AtomicBoolean _keyLengthChecked = new AtomicBoolean();
+    // 1 chance in this many to rekey if the defaults changed
+    private static final int REKEY_PROBABILITY = 128;
     
     public LoadRouterInfoJob(RouterContext ctx) {
         super(ctx);
@@ -126,13 +128,12 @@ class LoadRouterInfoJob extends JobImpl {
                 if ((sigTypeChanged && getContext().getProperty(CreateRouterInfoJob.PROP_ROUTER_SIGTYPE) == null) ||
                     (encTypeChanged && getContext().getProperty(CreateRouterInfoJob.PROP_ROUTER_ENCTYPE) == null)) {
                     // Not explicitly configured, and default has changed
-                    // Give a 25% chance of rekeying for each restart
-                    // TODO reduce to ~3 (i.e. increase probability) in future release
-                    if (getContext().random().nextInt(16) > 0) {
+                    // Give a chance of rekeying for each restart
+                    if (getContext().random().nextInt(REKEY_PROBABILITY) > 0) {
                         sigTypeChanged = false;
                         encTypeChanged = false;
                         if (_log.shouldWarn())
-                            _log.warn("Deferring RI rekey from " + stype + " to " + cstype);
+                            _log.warn("Deferring RI rekey from " + stype + '/' + etype + " to " + cstype + '/' + cetype);
                     }
                 }
 
-- 
GitLab