IRCaBot 2.1.0
GPLv3 © acetone, 2021-2022
#i2p-dev
/2024/10/08
eyedeekay Ok everybody release day, I'll be starting shortly and expect to have the core release, Maven, and possibly Android/GPlay by this evening
orignal where can I get a family cerificate with EdDSA?
zzz same place as last time you asked )) stats.i2p/docs/i2p-dev-eddsa.crt
orignal do you have it in the package?
dr|z3d why is this starting to sound like a shady backstreet drug deal? :)
orignal I want to test how my code recignizes such ceritifcates
orignal and routers
zzz what package
orignal release package
zzz it was a 2016 experiment
orignal do users still have to create EcDSA certs for family?
zzz and it works, since 2016
dr|z3d family cert creation is automated, users just have to click a button.
orignal yes but what do new users use? like stormy
orignal but what's behind this button? EcDSA?
orignal basically with new version of openssl I can handle signtures of any type
zzz we still generate EC only, I never switched our code over. If you want to see what stormy or anybody uses, look at the RIs
dr|z3d private static final String DEFAULT_KEY_ALGORITHM = SigType.ECDSA_SHA256_P256.isAvailable() ? "EC" : "DSA";
dr|z3d private static final int DEFAULT_KEY_SIZE = SigType.ECDSA_SHA256_P256.isAvailable() ? 256 : 1024;
orignal any particular reason you still use ECDSA by deafult?
dr|z3d // Note that we can't use RSA here, as the b64 sig would exceed the 255 char limit for a Mapping
dr|z3d // Note that we can't use EdDSA here, as keystore doesn't know how, and encoding/decoding is unimplemented
orignal yes, but I believe keystore knows now
dr|z3d what zzz said, "... I never switched our code over..."
zzz yeah Ed is a little messy to store privkeys in a keystore because it's not natively supported by java. It's doable, and I did it, but didn't get around to making it solid
zzz FYI the IETF changed the OID after I made that cert in 2016; we support both the old and the new ones
orignal yes openssl if not able to read your cert but able to read new one
orignal maybe you should re-create the cert
orignal since nobody uses it anyway