Skip to content

I2P: Change encryption type #29197

New issue
New issue
Closed
#29200
Closed
I2P: Change encryption type#29197
#29200
Labels
P2P
@zzzi2p

Description

@zzzi2p
zzzi2p
opened on Jan 7, 2024

Is there an existing issue for this?

  • I have searched the existing issues

Current behaviour

Similar to signature types, I2P supports multiple encryption types.
SAM defaults to the oldest type for both, for backward compatibility.
Unfortunately I forgot about this for encryption types.

The qbittorrent / libtorrent projects just discovered encryption types
in this issue:
qbittorrent/qBittorrent#19625

The encryption type is a property of the session, not the destination.
Sessions may support multiple types.
You may only connect to a destination if both sides have sessions
with a common encryption type.

As you are not setting the encryption type, you are using ElGamal (type 0).
You should change that to use both ElGamal and ECIES-X25519 (types 0 and 4).
The newer, faster type will be preferred.

Expected behaviour

To fix, in i2p.cpp, add the config in two places (SESSION CREATE for both transient and fixed):

i2cp.leaseSetEncType=4,0

as in this patch for libtorrent:

qbittorrent/qBittorrent#19625 (comment)

This will allow you to connect to clients with either type.
At some point a year in the future, after everybody has upgraded, you can
change it to i2cp.leaseSetEncType=4 if you like.

Note that i2pd has a bug where they do not report immediate failure
if trying to connect to an incompatible destination;
that issue is PurpleI2P/i2pd#2004
but you will not hit this issue because your old clients (0) can talk to new ones (4,0).

I have updated our SAM doc with these recommendations: https://geti2p.net/en/docs/api/samv3

Steps to reproduce

In the java i2p console,
you can verify the leaseset types on the client leasesets netdb tab
if you have routerconsole.advanced=true in router.config.

In the i2pd console, it reports the actual encryption type used,
under LeaseSets for a particular destination.
For example:

5xeoyfvtddmo5k3kxzv7b3d5risil6333ntqrr3yvx3yubz5tk3a ✘ 3 4

the last number 4 is the encryption type selected.
If you have any questions on where to look in the i2pd console please ask @orignal.

Recommended testing: Test with both i2pd and Java I2P, and confirm that you can connect
between all combinations of new (4,0) and old (0) clients.

Relevant log output

No response

How did you obtain Bitcoin Core

Compiled from source

What version of Bitcoin Core are you using?

v26

Operating system and version

all

Machine specifications

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    P2P

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions