Crypto: Check for error return from sign()

apps/streaming/java/src/net/i2p/client/streaming/impl/PacketLocal.java

@@ -216,6 +216,8 @@ class PacketLocal extends Packet implements MessageOutputStream.WriteStatus {
         SigningPrivateKey key = _session.getPrivateKey();
         int size = writePacket(buffer, offset, key.getType().getSigLen());
         _optionSignature = _context.dsa().sign(buffer, offset, size, key);
+        if (_optionSignature == null)
+            throw new IllegalStateException("Signature failed");
         //if (false) {
         //    Log l = ctx.logManager().getLog(Packet.class);
         //    l.error("Signing: " + toString());

core/java/src/net/i2p/crypto/DSAEngine.java

@@ -285,8 +285,8 @@ public class DSAEngine {
             try {
                 return altSign(data, offset, length, signingKey);
             } catch (GeneralSecurityException gse) {
-                if (_log.shouldLog(Log.WARN))
-                    _log.warn(type + " Sign Fail", gse);
+                if (_log.shouldLog(Log.ERROR))
+                    _log.error(type + " Sign Fail", gse);
                 return null;
             }
         }

core/java/src/net/i2p/crypto/KeyGenerator.java

@@ -417,6 +417,8 @@ public class KeyGenerator {
             RandomSource.getInstance().nextBytes(src);
             long start = System.nanoTime();
             Signature sig = DSAEngine.getInstance().sign(src, privkey);
+            if (sig == null)
+                throw new GeneralSecurityException("signature generation failed");
             long mid = System.nanoTime();
             boolean ok = DSAEngine.getInstance().verifySignature(sig, src, pubkey);
             long end = System.nanoTime();

core/java/src/net/i2p/data/DatabaseEntry.java

@@ -171,8 +171,12 @@ public abstract class DatabaseEntry extends DataStructureImpl {
             throw new IllegalStateException();
         byte[] bytes = getBytes();
         if (bytes == null) throw new DataFormatException("Not enough data to sign");
+        if (key == null)
+            throw new DataFormatException("No signing key");
         // now sign with the key 
         _signature = DSAEngine.getInstance().sign(bytes, key);
+        if (_signature == null)
+            throw new DataFormatException("Signature failed with " + key.getType() + " key");
     }
 
     /**

core/java/src/net/i2p/data/PrivateKeyFile.java

@@ -405,7 +405,10 @@ public class PrivateKeyFile {
         System.arraycopy(this.dest.getPublicKey().getData(), 0, data, 0, PublicKey.KEYSIZE_BYTES);
         System.arraycopy(this.dest.getSigningPublicKey().getData(), 0, data, PublicKey.KEYSIZE_BYTES, SigningPublicKey.KEYSIZE_BYTES);
         byte[] payload = new byte[Hash.HASH_LENGTH + Signature.SIGNATURE_BYTES];
-        byte[] sig = DSAEngine.getInstance().sign(new ByteArrayInputStream(data), spk2).getData();
+        Signature sign = DSAEngine.getInstance().sign(new ByteArrayInputStream(data), spk2);
+        if (sign == null)
+            return null;
+        byte[] sig = sign.getData();
         System.arraycopy(sig, 0, payload, 0, Signature.SIGNATURE_BYTES);
         // Add dest2's Hash for reference
         byte[] h2 = d2.calculateHash().getData();

core/java/src/net/i2p/data/i2cp/SessionConfig.java

@@ -121,7 +121,11 @@ public class SessionConfig extends DataStructureImpl {
     public void signSessionConfig(SigningPrivateKey signingKey) throws DataFormatException {
         byte data[] = getBytes();
         if (data == null) throw new DataFormatException("Unable to retrieve bytes for signing");
+        if (signingKey == null)
+            throw new DataFormatException("No signing key");
         _signature = DSAEngine.getInstance().sign(data, signingKey);
+        if (_signature == null)
+            throw new DataFormatException("Signature failed with " + signingKey.getType() + " key");
     }
 
     /**