lbt/I2P_Website
1
0
Fork 0
forked from I2P_Developers/i2p.www
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

prop. 123 updates

Browse Source
This commit is contained in:
zzz
2019-03-09 16:52:31 +00:00
parent 669e7338e9
commit 5d9eb5439b
5 changed files with 156 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
i2p2www/pages/site/docs/index.html
View File

@@ -1,7 +1,7 @@
{% extends "global/layout.html" %}
{% block title %}{% trans %}Index to Technical Documentation{% endtrans %}{% endblock %}
{% block lastupdated %}{% trans %}June 2018{% endtrans %}{% endblock %}
{% block accuratefor %}0.9.36{% endblock %}
{% block lastupdated %}{% trans %}March 2019{% endtrans %}{% endblock %}
{% block accuratefor %}0.9.39{% endblock %}
{% block content %}
<p>{% trans -%}
Following is an index to the technical documentation for I2P.
@@ -139,6 +139,8 @@ Traditionally used only by Java applications and higher-level APIs.
</li><li>
<a href="{{ spec_url('common-structures') }}">{{ _('Common data structures specification') }}</a>
</li><li>
<a href="{{ spec_url('encryptedleaseset') }}">{{ _('Encrypted Leaseset specification') }}</a>
</li><li>
<a href="http://{{ i2pconv('echelon.i2p/javadoc') }}/net/i2p/data/package-summary.html">{{ _('Data Structures Javadoc') }}</a>
</li></ul>

84
i2p2www/pages/site/docs/protocol/i2cp.html
View File

@@ -1,7 +1,7 @@
{% extends "global/layout.html" %}
{% block title %}I2CP{% endblock %}
{% block lastupdated %}{% trans %}January 2019{% endtrans %}{% endblock %}
{% block accuratefor %}0.9.38{% endblock %}
{% block lastupdated %}{% trans %}March 2019{% endtrans %}{% endblock %}
{% block accuratefor %}0.9.39{% endblock %}
{% block content %}
<p>{% trans -%}
The I2P Client Protocol (I2CP) exposes a strong separation of concerns between
@@ -174,6 +174,21 @@ of sending a MessageStatus and awaiting a ReceiveMessageBegin.
{%- endtrans %}</td>
</tr>
<tr>
<td>i2cp.leaseSetAuthType
<td>0.9.39</td>
<td>0
<td>0-2
<td>0
<td>
The type of authentication for encrypted LS2.
0 for no per-client authentication (the default);
1 for DH per-client authentication;
2 for PSK per-client authentication.
See proposal 123.
</td>
</tr>
<tr>
<td>i2cp.leaseSetEncType
<td>0.9.38</td>
@@ -215,6 +230,31 @@ See proposal 123.
</td>
</tr>
<tr>
<td>i2cp.leaseSetPrivKey
<td>0.9.39</td>
<td>&nbsp;
<td>&nbsp;
<td>&nbsp;
<td>
A base 64 private key for the router to use to decrypt the encrypted leaseset,
only if per-client authentication is enabled
See proposal 123.
</td>
</tr>
<tr>
<td>i2cp.leaseSetSecret
<td>0.9.39</td>
<td>&nbsp;
<td>&nbsp;
<td>""
<td>
The secret used to blind the leaseset.
See proposal 123.
</td>
</tr>
<tr>
<td>i2cp.leaseSetTransientPublicKey
<td>0.9.38</td>
@@ -606,6 +646,34 @@ of sending a MessageStatus and awaiting a ReceiveMessageBegin.
<td>{% trans %}Gzip outbound data{% endtrans %}</td>
</tr>
<tr>
<td>i2cp.leaseSetBlindedType
<td>0.9.39</td>
<td>&nbsp;
<td>0-65535
<td>See prop. 123
<td>
The sig type of the blinded key for encrypted LS2.
Default depends on the destination sig type.
See proposal 123.
</td>
</tr>
<tr>
<td>i2cp.leaseSetAuthType
<td>0.9.39</td>
<td>0
<td>0-2
<td>0
<td>
The type of authentication for encrypted LS2.
0 for no per-client authentication (the default);
1 for DH per-client authentication;
2 for PSK per-client authentication.
See proposal 123.
</td>
</tr>
<tr>
<td>i2cp.leaseSetEncType
<td>0.9.38</td>
@@ -646,6 +714,18 @@ Use for persistent leaseset keys across restarts.
{%- endtrans %}</td>
</tr>
<tr>
<td>i2cp.leaseSetSecret
<td>0.9.39</td>
<td>&nbsp;
<td>&nbsp;
<td>""
<td>
The secret used to blind the leaseset.
See proposal 123.
</td>
</tr>
<tr>
<td>i2cp.leaseSetSigningPrivateKey
<td>0.9.18</td>

8
i2p2www/spec/common-structures.rst
View File

@@ -163,7 +163,7 @@ RSA_SHA384_3072 384 0.9.12 Offline signing, never used for
RSA_SHA512_4096 512 0.9.12 Offline signing, never used for Router Identities or Destinations
EdDSA_SHA512_Ed25519 32 0.9.15 Recent Router Identities and Destinations
EdDSA_SHA512_Ed25519ph 32 0.9.25 Offline signing, never used for Router Identities or Destinations
RedDSA_SHA512_Ed25519 32 0.9.39 For encrypted leasesets only, never used for Router Identities or Destinations
RedDSA_SHA512_Ed25519 32 0.9.39 For Destinations and encrypted leasesets only, never used for Router Identities
====================== ============== ====== =====
Notes
@@ -203,7 +203,7 @@ RSA_SHA384_3072 768 0.9.12 Offline signing, never used for
RSA_SHA512_4096 1024 0.9.12 Offline signing, never used for Router Identities or Destinations
EdDSA_SHA512_Ed25519 32 0.9.15 Recent Router Identities and Destinations
EdDSA_SHA512_Ed25519ph 32 0.9.25 Offline signing, never used for Router Identities or Destinations
RedDSA_SHA512_Ed25519 32 0.9.39 For encrypted leasesets only, never used for Router Identities or Destinations
RedDSA_SHA512_Ed25519 32 0.9.39 For Destinations and encrypted leasesets only, never used for Router Identities
====================== ============== ====== =====
Notes
@@ -244,7 +244,7 @@ RSA_SHA384_3072 384 0.9.12 Offline signing, never used for
RSA_SHA512_4096 512 0.9.12 Offline signing, never used for Router Identities or Destinations
EdDSA_SHA512_Ed25519 64 0.9.15 Recent Router Identities and Destinations
EdDSA_SHA512_Ed25519ph 64 0.9.25 Offline signing, never used for Router Identities or Destinations
RedDSA_SHA512_Ed25519 32 0.9.39 For encrypted leasesets only, never used for Router Identities or Destinations
RedDSA_SHA512_Ed25519 64 0.9.39 For Destinations and encrypted leasesets only, never used for Router Identities
====================== ============== ====== =====
Notes
@@ -423,7 +423,7 @@ EdDSA_SHA512_Ed25519 7 32 0.9.15 Recent Rou
EdDSA_SHA512_Ed25519ph 8 32 0.9.25 Offline only; never used in Key Certificates for Router Identities or Destinations
reserved (GOST) 9 64 Reserved, see proposal 134
reserved (GOST) 10 128 Reserved, see proposal 134
RedDSA_SHA512_Ed25519 11 32 For encrypted leasesets only; never used in Key Certificates for Router Identities or Destinations
RedDSA_SHA512_Ed25519 11 32 0.9.39 For Destinations and encrypted leasesets only; never used for Router Identities
reserved 65280-65534 Reserved for experimental use
reserved 65535 Reserved for future expansion
====================== =========== ======================= ====== =====

26
i2p2www/spec/encryptedleaseset.rst
View File

@@ -372,9 +372,10 @@ The secret alpha and the blinded keys are calculated as follows:
.. raw:: html
{% highlight lang='text' %}
GENERATE_ALPHA(destination, date, secret), for all parties:
// secret is optional, else zero-length
{% highlight lang='text' %}
// secret is optional, else zero-length
A = destination's signing public key
stA = signature type of A, 2 bytes big endian (0x0007 or 0x000b)
stA' = signature type of blinded public key A', 2 bytes big endian (0x000b)
@@ -383,23 +384,32 @@ GENERATE_ALPHA(destination, date, secret), for all parties:
seed = HKDF(H("I2PGenerateAlpha", keydata), datestring || secret, "i2pblinding1", 64)
// treat seed as a 64 byte little-endian value
alpha = seed mod l
{% endhighlight %}
// BLIND_PRIVKEY(), for the owner publishing the leaseset:
alpha = GENERATE_ALPHA(destination, date, secret)
.. raw:: html
BLIND_PRIVKEY(), for the owner publishing the leaseset:
{% highlight lang='text' %}
alpha = GENERATE_ALPHA(destination, date, secret)
a = destination's signing private key
// Addition using scalar arithmentic
blinded signing private key = a' = BLIND_PRIVKEY(a, alpha) = (a + alpha) mod l
blinded signing public key = A' = DERIVE_PUBLIC(a')
{% endhighlight %}
// BLIND_PUBKEY(), for the clients retrieving the leaseset:
alpha = GENERATE_ALPHA(destination, date, secret)
.. raw:: html
BLIND_PUBKEY(), for the clients retrieving the leaseset:
{% highlight lang='text' %}
alpha = GENERATE_ALPHA(destination, date, secret)
A = destination's signing public key
// Addition using group elements (points on the curve)
blinded public key = A' = BLIND_PUBKEY(A, alpha) = A + DERIVE_PUBLIC(alpha)
//Both methods of calculating A' yield the same result, as required.
{% endhighlight %}
Both methods of calculating A' yield the same result, as required.
Signing

58
i2p2www/spec/proposals/123-new-netdb-entries.rst
View File

@@ -5,7 +5,7 @@ New netDB Entries
:author: zzz, str4d, orignal
:created: 2016-01-16
:thread: http://zzz.i2p/topics/2051
:lastupdated: 2019-03-05
:lastupdated: 2019-03-09
:status: Open
:supercedes: 110, 120, 121, 122
@@ -15,7 +15,7 @@ New netDB Entries
Status
======
Portions of this proposal are complete, and implemented in 0.9.38.
Portions of this proposal are complete, and implemented in 0.9.38 and 0.9.39.
The Common Structures, I2CP, I2NP, and other specifications
are now updated to reflect the changes that are supported now.
@@ -805,10 +805,12 @@ A new secret alpha and blinded keys must be generated each day (UTC).
The secret alpha and the blinded keys are calculated as follows:
GENERATE_ALPHA(destination, date, secret), for all parties:
.. raw:: html
{% highlight lang='text' %}
GENERATE_ALPHA(destination, date, secret), for all parties:
// GENERATE_ALPHA(destination, date, secret):
// secret is optional, else zero-length
A = destination's signing public key
stA = signature type of A, 2 bytes big endian (0x0007 or 0x000b)
@@ -819,22 +821,33 @@ GENERATE_ALPHA(destination, date, secret), for all parties:
// treat seed as a 64 byte little-endian value
alpha = seed mod l
// BLIND_PRIVKEY(), for the owner publishing the leaseset:
BLIND_PRIVKEY(), for the owner publishing the leaseset:
.. raw:: html
{% highlight lang='text' %}
// BLIND_PRIVKEY():
alpha = GENERATE_ALPHA(destination, date, secret)
a = destination's signing private key
// Addition using scalar arithmentic
blinded signing private key = a' = BLIND_PRIVKEY(a, alpha) = (a + alpha) mod l
blinded signing public key = A' = DERIVE_PUBLIC(a')
{% endhighlight %}
// BLIND_PUBKEY(), for the clients retrieving the leaseset:
BLIND_PUBKEY(), for the clients retrieving the leaseset:
.. raw:: html
{% highlight lang='text' %}
// BLIND_PUBKEY():
alpha = GENERATE_ALPHA(destination, date, secret)
A = destination's signing public key
// Addition using group elements (points on the curve)
blinded public key = A' = BLIND_PUBKEY(A, alpha) = A + DERIVE_PUBLIC(alpha)
//Both methods of calculating A' yield the same result, as required.
{% endhighlight %}
Both methods of calculating A' yield the same result, as required.
Signing
@@ -1202,6 +1215,8 @@ a base32 address. This format must also contain the signature type of the
public key, and the signature type of the blinding scheme.
The total requirements are 32 + 2 + 2 = 36 bytes, requiring 58 characters in base 32.
.. raw:: html
{% highlight lang='text' %}
data = 32 byte pubkey || 2 byte unblinded sigtype || 2 byte blinded sigtype
address = Base32Encode(data) || ".b32.i2p"
@@ -1650,6 +1665,16 @@ New options interpreted router-side, sent in SessionConfig Mapping:
Length as inferred from the destination
signing public key type
i2cp.leaseSetSecret=xxxx A secret used to encrypt/decrypt the leaseset, default ""
i2cp.leaseSetAuthType=nnn The type of authentication for encrypted LS2.
0 for no per-client authentication (the default)
1 for DH per-client authentication
2 for PSK per-client authentication
i2cp.leaseSetPrivKey=b64 A base 64 private key for the router to use to
decrypt the encrypted LS2,
only if per-client authentication is enabled
New options interpreted client-side:
@@ -1666,6 +1691,17 @@ New options interpreted client-side:
the SessionConfig, to declare intent and check support.
See proposals 144 and 145.
i2cp.leaseSetSecret=xxxx A secret used to encrypt/decrypt the leaseset, default ""
i2cp.leaseSetAuthType=nnn The type of authentication for encrypted LS2.
0 for no per-client authentication (the default)
1 for DH per-client authentication
2 for PSK per-client authentication
i2cp.leaseSetBlindedType=nnn The sig type of the blinded key for encrypted LS2.
Default depends on the destination sig type.
See proposal 123.
Session Config
--------------
@@ -1785,11 +1821,13 @@ Changes
::
Add request type 3: Host name lookup and request Lease Set lookup.
Same contents as type 1, what follows is a host name string.
Notes
`````
- Minimum router and client version is 0.9.39 for request type 3.
- Minimum router and client version is 0.9.40 for request type 3.
@@ -1821,7 +1859,7 @@ Changes
::
If the client version is 0.9.39 or higher, and the result code is 0,
If the client version is 0.9.40 or higher, and the result code is 0,
the following extended results are included after the Destination.
These are included no matter what the request type.
@@ -1859,7 +1897,7 @@ Changes
Notes
`````
- Minimum router and client version is 0.9.39 for the extended results.
- Minimum router and client version is 0.9.40 for the extended results.