* Crypto: Don't use "short exponent" on faster platforms.

Rebuild router identity if key length doesn't match setting. This affects RI and LS encryption keys, and DH and YK. Faster = 64 bit with working jbigi, non-ARM, non-GNU (for now) Override default with crypto.elGamal.useLongKey=true/false LS key is built at client startup (Dest key unused) This will churn most of the RIs at the release. * SystemVersion: Add isARM()
2013-09-07 13:43:28 +00:00
parent f4039b085a
commit 78a426e9ac
8 changed files with 84 additions and 9 deletions
--- a/core/java/src/net/i2p/crypto/KeyGenerator.java
+++ b/core/java/src/net/i2p/crypto/KeyGenerator.java
@@ -20,6 +20,7 @@ import net.i2p.data.SigningPrivateKey;
 import net.i2p.data.SigningPublicKey;
 import net.i2p.data.SimpleDataStructure;
 import net.i2p.util.NativeBigInteger;
+import net.i2p.util.SystemVersion;

 /** Define a way of generating asymmetrical key pairs as well as symmetrical keys
 * @author jrandom
@@ -79,7 +80,35 @@ public class KeyGenerator {
     * (damn commercial access to http://www.springerlink.com/(xrkdvv45w0cmnur4aimsxx55)/app/home/contribution.asp?referrer=parent&backto=issue,13,31;journal,893,3280;linkingpublicationresults,1:105633,1 )
     */
    private static final int PUBKEY_EXPONENT_SIZE_SHORT = 226;
-    public static final int PUBKEY_EXPONENT_SIZE = PUBKEY_EXPONENT_SIZE_SHORT;
+
+    /** @since 0.9.8 */
+    private static final boolean DEFAULT_USE_LONG_EXPONENT =
+                                                   NativeBigInteger.isNative() &&
+                                                   SystemVersion.is64Bit() &&
+                                                   !SystemVersion.isGNU() &&
+                                                   !SystemVersion.isApache() &&
+                                                   !SystemVersion.isARM();
+
+    /**
+     *  @deprecated use getElGamalExponentSize() which allows override in the properties
+     */
+    public static final int PUBKEY_EXPONENT_SIZE = DEFAULT_USE_LONG_EXPONENT ?
+                                                   PUBKEY_EXPONENT_SIZE_FULL :
+                                                   PUBKEY_EXPONENT_SIZE_SHORT;
+
+    private static final String PROP_LONG_EXPONENT = "crypto.elGamal.useLongKey";
+
+    /** @since 0.9.8 */
+    public boolean useLongElGamalExponent() {
+        return _context.getProperty(PROP_LONG_EXPONENT, DEFAULT_USE_LONG_EXPONENT);
+    }
+
+    /** @since 0.9.8 */
+    public int getElGamalExponentSize() {
+        return useLongElGamalExponent() ?
+               PUBKEY_EXPONENT_SIZE_FULL :
+               PUBKEY_EXPONENT_SIZE_SHORT;
+    }

    /** Generate a pair of keys, where index 0 is a PublicKey, and
     * index 1 is a PrivateKey
@@ -94,7 +123,7 @@ public class KeyGenerator {
     *  @since 0.8.7
     */
    public SimpleDataStructure[] generatePKIKeys() {
-        BigInteger a = new NativeBigInteger(PUBKEY_EXPONENT_SIZE, _context.random());
+        BigInteger a = new NativeBigInteger(getElGamalExponentSize(), _context.random());
        BigInteger aalpha = CryptoConstants.elgg.modPow(a, CryptoConstants.elgp);

        SimpleDataStructure[] keys = new SimpleDataStructure[2];
--- a/core/java/src/net/i2p/crypto/YKGenerator.java
+++ b/core/java/src/net/i2p/crypto/YKGenerator.java
@@ -119,7 +119,7 @@ class YKGenerator {
        //long t1 = 0;
        while (k == null) {
            //t0 = Clock.getInstance().now();
-            k = new NativeBigInteger(KeyGenerator.PUBKEY_EXPONENT_SIZE, ctx.random());
+            k = new NativeBigInteger(ctx.keyGenerator().getElGamalExponentSize(), ctx.random());
            //t1 = Clock.getInstance().now();
            if (BigInteger.ZERO.compareTo(k) == 0) {
                k = null;
--- a/core/java/src/net/i2p/util/NativeBigInteger.java
+++ b/core/java/src/net/i2p/util/NativeBigInteger.java
@@ -184,7 +184,7 @@ public class NativeBigInteger extends BigInteger {
    private static final boolean _isX86 = System.getProperty("os.arch").contains("86") ||
 	                                 System.getProperty("os.arch").equals("amd64");

-    private static final boolean _isArm = System.getProperty("os.arch").startsWith("arm");
+    private static final boolean _isArm = SystemVersion.isARM();

    private static final boolean _isPPC = System.getProperty("os.arch").contains("ppc");

--- a/core/java/src/net/i2p/util/SystemVersion.java
+++ b/core/java/src/net/i2p/util/SystemVersion.java
@@ -15,6 +15,7 @@ public abstract class SystemVersion {

    private static final boolean _isWin = System.getProperty("os.name").startsWith("Win");
    private static final boolean _isMac = System.getProperty("os.name").startsWith("Mac");
+    private static final boolean _isArm = System.getProperty("os.arch").startsWith("arm");
    private static final boolean _isAndroid;
    private static final boolean _isApache;
    private static final boolean _isGNU;
@@ -86,6 +87,13 @@ public abstract class SystemVersion {
        return _isGNU;
    }

+    /**
+     *  @since 0.9.8
+     */
+    public static boolean isARM() {
+        return _isArm;
+    }
+
    /**
     *  Better than (new VersionComparator()).compare(System.getProperty("java.version"), "1.6") >= 0
     *  as it handles Android also, where java.version = "0".