diff --git a/i2p2www/spec/common-structures.rst b/i2p2www/spec/common-structures.rst index 4abd4e80..e99078b4 100644 --- a/i2p2www/spec/common-structures.rst +++ b/i2p2www/spec/common-structures.rst @@ -1391,20 +1391,16 @@ Description Contained in a I2NP DatabaseStore message of type 5. Supported as of 0.9.38; see proposal 123 for more information. -Contains all of the currently authorized MetaLease_ for a particular Destination_, -the PublicKey_ to which garlic messages can be encrypted, and then the -SigningPublicKey_ that can be used to revoke this particular version of the -structure. The LeaseSet is one of the two structures stored in the network -database (the other being RouterInfo_), and is keyed under the SHA256 of the -contained Destination_. - +Only the blinded key and expiration are visible in cleartext. +The actual lease set is encrypted. Contents ```````` -LeaseSet2Header_, followed by a options, -Integer_ specifying how many Lease2_ structures are in the set, followed by the -actual Lease2_ structures and finally a Signature_ of the previous bytes signed -by the Destination_'s SigningPrivateKey_ or the transient key. +A two byte signature type, the blinded SigningPrivateKey_, +published time, expiration, and flags. +Then, a two byte length followed by encrypted data. +Finally, a Signature_ of the previous bytes signed +by the blinded SigningPrivateKey_ or the transient key. .. raw:: html @@ -1475,8 +1471,8 @@ by the Destination_'s SigningPrivateKey_ or the transient key. length -> len bytes signature :: `Signature` - length -> 40 bytes or as specified in destination's key - certificate, or by the sigtype of the transient public key, + length -> As specified by the sigtype of the blinded pubic key, + or by the sigtype of the transient public key, if present in the header {% endhighlight %} @@ -1497,8 +1493,11 @@ Notes * This structure does not use the LeaseSet2Header_. -* Maximum actual expires time is TBD, may be about 11 minutes, unless - we will support encrypted MetaLeaseSet_. +* Maximum actual expires time is about 11 minutes, unless + it is an encrypted MetaLeaseSet_. + +* TODO probably don't want the offline block in cleartext; + may not be able to make offline signatures work with encrypted leasesets at all. JavaDoc: http://{{ i2pconv('echelon.i2p/javadoc') }}/net/i2p/data/EncryptedLeaseSet.html diff --git a/i2p2www/spec/i2np.rst b/i2p2www/spec/i2np.rst index a10e122b..c38367ac 100644 --- a/i2p2www/spec/i2np.rst +++ b/i2p2www/spec/i2np.rst @@ -3,8 +3,8 @@ I2NP Specification ================== .. meta:: :category: Protocols - :lastupdated: January 2019 - :accuratefor: 0.9.38 + :lastupdated: February 2019 + :accuratefor: 0.9.39 .. contents:: @@ -580,7 +580,7 @@ An unsolicited database store, or the response to a successful DatabaseLookup_ M Contents ```````` -An uncompressed LeaseSet or a compressed RouterInfo +An uncompressed LeaseSet, LeaseSet2, MetaLeaseSet, or EncryptedLeaseset, or a compressed RouterInfo .. raw:: html