Mirrors/i2pd
2
0
Fork 0
mirror of https://github.com/PurpleI2P/i2pd.git synced 2025-04-23 17:36:37 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

create and handle ML-DSA identities and signatures
Some checks are pending
Build Debian packages / bookworm (push) Waiting to run
Details
Build Debian packages / bullseye (push) Waiting to run
Details
Build Debian packages / buster (push) Waiting to run
Details
Build on FreeBSD / with UPnP (push) Waiting to run
Details
Build on OSX / With USE_UPNP=no (push) Waiting to run
Details
Build on OSX / With USE_UPNP=yes (push) Waiting to run
Details
Build on Windows / clang-x86_64 (push) Waiting to run
Details
Build on Windows / i686 (push) Waiting to run
Details
Build on Windows / ucrt-x86_64 (push) Waiting to run
Details
Build on Windows / x86_64 (push) Waiting to run
Details
Build on Windows / CMake clang-x86_64 (push) Waiting to run
Details
Build on Windows / CMake i686 (push) Waiting to run
Details
Build on Windows / CMake ucrt-x86_64 (push) Waiting to run
Details
Build on Windows / CMake x86_64 (push) Waiting to run
Details
Build on Windows / XP (push) Waiting to run
Details
Build on Ubuntu / Make with USE_UPNP=no (push) Waiting to run
Details
Build on Ubuntu / Make with USE_UPNP=yes (push) Waiting to run
Details
Build on Ubuntu / CMake with -DWITH_UPNP=OFF (push) Waiting to run
Details
Build on Ubuntu / CMake with -DWITH_UPNP=ON (push) Waiting to run
Details
Build containers / Building container for linux/amd64 (push) Waiting to run
Details
Build containers / Building container for linux/arm64 (push) Waiting to run
Details
Build containers / Building container for linux/arm/v7 (push) Waiting to run
Details
Build containers / Building container for linux/386 (push) Waiting to run
Details
Build containers / Pushing merged manifest (push) Blocked by required conditions
Details

Browse source
This commit is contained in:
orignal 2025-04-20 18:53:21 -04:00
parent 2afdd5b723
commit 9bd2b8df76
3 changed files with 88 additions and 33 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

99
libi2pd/Identity.cpp
View file

@ -127,6 +127,7 @@ namespace data
excessLen = i2p::crypto::MLDSA44_PUBLIC_KEY_LENGTH - 384; excessLen = i2p::crypto::MLDSA44_PUBLIC_KEY_LENGTH - 384;
excessBuf = new uint8_t[excessLen]; excessBuf = new uint8_t[excessLen];
memcpy (excessBuf, signingKey + 384, excessLen); memcpy (excessBuf, signingKey + 384, excessLen);
cryptoType = 0xFF; // crypto key is not used
break; break;
} }
#endif #endif
@ -142,11 +143,14 @@ namespace data
htobe16buf (m_ExtendedBuffer + 2, cryptoType); htobe16buf (m_ExtendedBuffer + 2, cryptoType);
if (excessLen && excessBuf) if (excessLen && excessBuf)
{ {
if (excessLen > MAX_EXTENDED_BUFFER_SIZE - 4) if (m_ExtendedLen > MAX_EXTENDED_BUFFER_SIZE)
{ {
LogPrint (eLogError, "Identity: Unexpected excessive signing key len ", excessLen); auto newBuf = new uint8_t[m_ExtendedLen];
excessLen = MAX_EXTENDED_BUFFER_SIZE - 4; memcpy (newBuf, m_ExtendedBuffer, 4);
memcpy (newBuf + 4, excessBuf, excessLen);
m_ExtendedBufferPtr = newBuf;
} }
else
memcpy (m_ExtendedBuffer + 4, excessBuf, excessLen); memcpy (m_ExtendedBuffer + 4, excessBuf, excessLen);
delete[] excessBuf; delete[] excessBuf;
} }
@ -195,6 +199,8 @@ namespace data
IdentityEx::~IdentityEx () IdentityEx::~IdentityEx ()
{ {
if (m_ExtendedLen > MAX_EXTENDED_BUFFER_SIZE)
delete[] m_ExtendedBufferPtr;
} }
IdentityEx& IdentityEx::operator=(const IdentityEx& other) IdentityEx& IdentityEx::operator=(const IdentityEx& other)
@ -202,12 +208,30 @@ namespace data
memcpy (&m_StandardIdentity, &other.m_StandardIdentity, DEFAULT_IDENTITY_SIZE); memcpy (&m_StandardIdentity, &other.m_StandardIdentity, DEFAULT_IDENTITY_SIZE);
m_IdentHash = other.m_IdentHash; m_IdentHash = other.m_IdentHash;
size_t oldLen = m_ExtendedLen;
m_ExtendedLen = other.m_ExtendedLen; m_ExtendedLen = other.m_ExtendedLen;
if (m_ExtendedLen > 0) if (m_ExtendedLen > 0)
{ {
if (m_ExtendedLen > MAX_EXTENDED_BUFFER_SIZE) m_ExtendedLen = MAX_EXTENDED_BUFFER_SIZE; if (m_ExtendedLen > MAX_EXTENDED_BUFFER_SIZE)
{
if (oldLen > MAX_EXTENDED_BUFFER_SIZE)
{
if (m_ExtendedLen > oldLen)
{
delete[] m_ExtendedBufferPtr;
m_ExtendedBufferPtr = new uint8_t[m_ExtendedLen];
}
}
else
m_ExtendedBufferPtr = new uint8_t[m_ExtendedLen];
memcpy (m_ExtendedBufferPtr, other.m_ExtendedBufferPtr, m_ExtendedLen);
}
else
{
if (oldLen > MAX_EXTENDED_BUFFER_SIZE) delete[] m_ExtendedBufferPtr;
memcpy (m_ExtendedBuffer, other.m_ExtendedBuffer, m_ExtendedLen); memcpy (m_ExtendedBuffer, other.m_ExtendedBuffer, m_ExtendedLen);
} }
}
m_Verifier = nullptr; m_Verifier = nullptr;
CreateVerifier (); CreateVerifier ();
@ -235,12 +259,27 @@ namespace data
} }
memcpy (&m_StandardIdentity, buf, DEFAULT_IDENTITY_SIZE); memcpy (&m_StandardIdentity, buf, DEFAULT_IDENTITY_SIZE);
size_t oldLen = m_ExtendedLen;
m_ExtendedLen = bufbe16toh (m_StandardIdentity.certificate + 1); m_ExtendedLen = bufbe16toh (m_StandardIdentity.certificate + 1);
if (m_ExtendedLen) if (m_ExtendedLen)
{ {
if (m_ExtendedLen + DEFAULT_IDENTITY_SIZE <= len) if (m_ExtendedLen + DEFAULT_IDENTITY_SIZE <= len)
{ {
if (m_ExtendedLen > MAX_EXTENDED_BUFFER_SIZE) m_ExtendedLen = MAX_EXTENDED_BUFFER_SIZE; if (m_ExtendedLen > MAX_EXTENDED_BUFFER_SIZE)
{
if (oldLen > MAX_EXTENDED_BUFFER_SIZE)
{
if (m_ExtendedLen > oldLen)
{
delete[] m_ExtendedBufferPtr;
m_ExtendedBufferPtr = new uint8_t[m_ExtendedLen];
}
}
else
m_ExtendedBufferPtr = new uint8_t[m_ExtendedLen];
memcpy (m_ExtendedBufferPtr, buf + DEFAULT_IDENTITY_SIZE, m_ExtendedLen);
}
else
memcpy (m_ExtendedBuffer, buf + DEFAULT_IDENTITY_SIZE, m_ExtendedLen); memcpy (m_ExtendedBuffer, buf + DEFAULT_IDENTITY_SIZE, m_ExtendedLen);
} }
else else
@ -266,7 +305,12 @@ namespace data
if (fullLen > len) return 0; // buffer is too small and may overflow somewhere else if (fullLen > len) return 0; // buffer is too small and may overflow somewhere else
memcpy (buf, &m_StandardIdentity, DEFAULT_IDENTITY_SIZE); memcpy (buf, &m_StandardIdentity, DEFAULT_IDENTITY_SIZE);
if (m_ExtendedLen > 0) if (m_ExtendedLen > 0)
{
if (m_ExtendedLen > MAX_EXTENDED_BUFFER_SIZE)
memcpy (buf + DEFAULT_IDENTITY_SIZE, m_ExtendedBufferPtr, m_ExtendedLen);
else
memcpy (buf + DEFAULT_IDENTITY_SIZE, m_ExtendedBuffer, m_ExtendedLen); memcpy (buf + DEFAULT_IDENTITY_SIZE, m_ExtendedBuffer, m_ExtendedLen);
}
return fullLen; return fullLen;
} }
@ -295,7 +339,7 @@ namespace data
const uint8_t * IdentityEx::GetSigningPublicKeyBuffer () const const uint8_t * IdentityEx::GetSigningPublicKeyBuffer () const
{ {
auto keyLen = GetSigningPublicKeyLen (); auto keyLen = GetSigningPublicKeyLen ();
if (keyLen > 128) return nullptr; // P521 if (keyLen > 128) return nullptr; // P521 or PQ
return m_StandardIdentity.signingKey + 128 - keyLen; return m_StandardIdentity.signingKey + 128 - keyLen;
} }
@ -322,7 +366,7 @@ namespace data
SigningKeyType IdentityEx::GetSigningKeyType () const SigningKeyType IdentityEx::GetSigningKeyType () const
{ {
if (m_StandardIdentity.certificate[0] == CERTIFICATE_TYPE_KEY && m_ExtendedLen >= 2) if (m_StandardIdentity.certificate[0] == CERTIFICATE_TYPE_KEY && m_ExtendedLen >= 2)
return bufbe16toh (m_ExtendedBuffer); // signing key return bufbe16toh (m_ExtendedLen <= MAX_EXTENDED_BUFFER_SIZE ? m_ExtendedBuffer : m_ExtendedBufferPtr); // signing key
return SIGNING_KEY_TYPE_DSA_SHA1; return SIGNING_KEY_TYPE_DSA_SHA1;
} }
@ -335,7 +379,7 @@ namespace data
CryptoKeyType IdentityEx::GetCryptoKeyType () const CryptoKeyType IdentityEx::GetCryptoKeyType () const
{ {
if (m_StandardIdentity.certificate[0] == CERTIFICATE_TYPE_KEY && m_ExtendedLen >= 4) if (m_StandardIdentity.certificate[0] == CERTIFICATE_TYPE_KEY && m_ExtendedLen >= 4)
return bufbe16toh (m_ExtendedBuffer + 2); // crypto key return bufbe16toh (m_ExtendedLen <= MAX_EXTENDED_BUFFER_SIZE ? m_ExtendedBuffer + 2 : m_ExtendedBufferPtr + 2); // crypto key
return CRYPTO_KEY_TYPE_ELGAMAL; return CRYPTO_KEY_TYPE_ELGAMAL;
} }
@ -391,7 +435,7 @@ namespace data
uint8_t * signingKey = new uint8_t[keyLen]; uint8_t * signingKey = new uint8_t[keyLen];
memcpy (signingKey, m_StandardIdentity.signingKey, 384); memcpy (signingKey, m_StandardIdentity.signingKey, 384);
size_t excessLen = keyLen - 384; size_t excessLen = keyLen - 384;
memcpy (signingKey + 384, m_ExtendedBuffer + 4, excessLen); // right after signing and crypto key types memcpy (signingKey + 384, m_ExtendedBufferPtr + 4, excessLen); // right after signing and crypto key types
verifier->SetPublicKey (signingKey); verifier->SetPublicKey (signingKey);
delete[] signingKey; delete[] signingKey;
} }
@ -451,7 +495,9 @@ namespace data
{ {
m_Public = std::make_shared<IdentityEx>(Identity (keys)); m_Public = std::make_shared<IdentityEx>(Identity (keys));
memcpy (m_PrivateKey, keys.privateKey, 256); // 256 memcpy (m_PrivateKey, keys.privateKey, 256); // 256
memcpy (m_SigningPrivateKey, keys.signingPrivateKey, m_Public->GetSigningPrivateKeyLen ()); size_t keyLen = m_Public->GetSigningPrivateKeyLen ();
if (keyLen > 128) m_SigningPrivateKey.resize (keyLen);
memcpy (m_SigningPrivateKey.data (), keys.signingPrivateKey, keyLen);
m_OfflineSignature.resize (0); m_OfflineSignature.resize (0);
m_TransientSignatureLen = 0; m_TransientSignatureLen = 0;
m_TransientSigningPrivateKeyLen = 0; m_TransientSigningPrivateKeyLen = 0;
@ -467,7 +513,7 @@ namespace data
m_OfflineSignature = other.m_OfflineSignature; m_OfflineSignature = other.m_OfflineSignature;
m_TransientSignatureLen = other.m_TransientSignatureLen; m_TransientSignatureLen = other.m_TransientSignatureLen;
m_TransientSigningPrivateKeyLen = other.m_TransientSigningPrivateKeyLen; m_TransientSigningPrivateKeyLen = other.m_TransientSigningPrivateKeyLen;
memcpy (m_SigningPrivateKey, other.m_SigningPrivateKey, m_TransientSigningPrivateKeyLen > 0 ? m_TransientSigningPrivateKeyLen : m_Public->GetSigningPrivateKeyLen ()); m_SigningPrivateKey = other.m_SigningPrivateKey;
m_Signer = nullptr; m_Signer = nullptr;
CreateSigner (); CreateSigner ();
return *this; return *this;
@ -490,8 +536,9 @@ namespace data
memcpy (m_PrivateKey, buf + ret, cryptoKeyLen); memcpy (m_PrivateKey, buf + ret, cryptoKeyLen);
ret += cryptoKeyLen; ret += cryptoKeyLen;
size_t signingPrivateKeySize = m_Public->GetSigningPrivateKeyLen (); size_t signingPrivateKeySize = m_Public->GetSigningPrivateKeyLen ();
if(signingPrivateKeySize + ret > len || signingPrivateKeySize > 128) return 0; // overflow if (signingPrivateKeySize + ret > len) return 0; // overflow
memcpy (m_SigningPrivateKey, buf + ret, signingPrivateKeySize); m_SigningPrivateKey.resize (signingPrivateKeySize);
memcpy (m_SigningPrivateKey.data (), buf + ret, signingPrivateKeySize);
ret += signingPrivateKeySize; ret += signingPrivateKeySize;
m_Signer = nullptr; m_Signer = nullptr;
// check if signing private key is all zeros // check if signing private key is all zeros
@ -532,8 +579,9 @@ namespace data
memcpy (m_OfflineSignature.data (), offlineInfo, offlineInfoLen); memcpy (m_OfflineSignature.data (), offlineInfo, offlineInfoLen);
// override signing private key // override signing private key
m_TransientSigningPrivateKeyLen = transientVerifier->GetPrivateKeyLen (); m_TransientSigningPrivateKeyLen = transientVerifier->GetPrivateKeyLen ();
if (m_TransientSigningPrivateKeyLen + ret > len || m_TransientSigningPrivateKeyLen > 128) return 0; if (m_TransientSigningPrivateKeyLen + ret > len) return 0;
memcpy (m_SigningPrivateKey, buf + ret, m_TransientSigningPrivateKeyLen); if (m_TransientSigningPrivateKeyLen > 128) m_SigningPrivateKey.resize (m_TransientSigningPrivateKeyLen);
memcpy (m_SigningPrivateKey.data (), buf + ret, m_TransientSigningPrivateKeyLen);
ret += m_TransientSigningPrivateKeyLen; ret += m_TransientSigningPrivateKeyLen;
CreateSigner (keyType); CreateSigner (keyType);
} }
@ -553,7 +601,7 @@ namespace data
if (IsOfflineSignature ()) if (IsOfflineSignature ())
memset (buf + ret, 0, signingPrivateKeySize); memset (buf + ret, 0, signingPrivateKeySize);
else else
memcpy (buf + ret, m_SigningPrivateKey, signingPrivateKeySize); memcpy (buf + ret, m_SigningPrivateKey.data (), signingPrivateKeySize);
ret += signingPrivateKeySize; ret += signingPrivateKeySize;
if (IsOfflineSignature ()) if (IsOfflineSignature ())
{ {
@ -564,7 +612,7 @@ namespace data
ret += offlineSignatureLen; ret += offlineSignatureLen;
// transient private key // transient private key
if (ret + m_TransientSigningPrivateKeyLen > len) return 0; if (ret + m_TransientSigningPrivateKeyLen > len) return 0;
memcpy (buf + ret, m_SigningPrivateKey, m_TransientSigningPrivateKeyLen); memcpy (buf + ret, m_SigningPrivateKey.data (), m_TransientSigningPrivateKeyLen);
ret += m_TransientSigningPrivateKeyLen; ret += m_TransientSigningPrivateKeyLen;
} }
return ret; return ret;
@ -603,13 +651,13 @@ namespace data
{ {
if (m_Signer) return; if (m_Signer) return;
if (keyType == SIGNING_KEY_TYPE_DSA_SHA1) if (keyType == SIGNING_KEY_TYPE_DSA_SHA1)
m_Signer.reset (new i2p::crypto::DSASigner (m_SigningPrivateKey, m_Public->GetStandardIdentity ().signingKey)); m_Signer.reset (new i2p::crypto::DSASigner (m_SigningPrivateKey.data (), m_Public->GetStandardIdentity ().signingKey));
else if (keyType == SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519 && !IsOfflineSignature ()) else if (keyType == SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519 && !IsOfflineSignature ())
m_Signer.reset (new i2p::crypto::EDDSA25519Signer (m_SigningPrivateKey, m_Public->GetStandardIdentity ().signingKey + (sizeof(Identity::signingKey) - i2p::crypto::EDDSA25519_PUBLIC_KEY_LENGTH))); // TODO: remove public key check m_Signer.reset (new i2p::crypto::EDDSA25519Signer (m_SigningPrivateKey.data (), m_Public->GetStandardIdentity ().signingKey + (sizeof(Identity::signingKey) - i2p::crypto::EDDSA25519_PUBLIC_KEY_LENGTH))); // TODO: remove public key check
else else
{ {
// public key is not required // public key is not required
auto signer = CreateSigner (keyType, m_SigningPrivateKey); auto signer = CreateSigner (keyType, m_SigningPrivateKey.data ());
if (signer) m_Signer.reset (signer); if (signer) m_Signer.reset (signer);
} }
} }
@ -708,8 +756,10 @@ namespace data
{ {
PrivateKeys keys; PrivateKeys keys;
// signature // signature
uint8_t signingPublicKey[512]; // signing public key is 512 bytes max std::unique_ptr<i2p::crypto::Verifier> verifier (IdentityEx::CreateVerifier (type));
GenerateSigningKeyPair (type, keys.m_SigningPrivateKey, signingPublicKey); std::vector<uint8_t> signingPublicKey(verifier->GetPublicKeyLen ());
keys.m_SigningPrivateKey.resize (verifier->GetPrivateKeyLen ());
GenerateSigningKeyPair (type, keys.m_SigningPrivateKey.data (), signingPublicKey.data ());
// encryption // encryption
uint8_t publicKey[256]; uint8_t publicKey[256];
if (isDestination) if (isDestination)
@ -717,7 +767,7 @@ namespace data
else else
GenerateCryptoKeyPair (cryptoType, keys.m_PrivateKey, publicKey); GenerateCryptoKeyPair (cryptoType, keys.m_PrivateKey, publicKey);
// identity // identity
keys.m_Public = std::make_shared<IdentityEx> (isDestination ? nullptr : publicKey, signingPublicKey, type, cryptoType); keys.m_Public = std::make_shared<IdentityEx> (isDestination ? nullptr : publicKey, signingPublicKey.data (), type, cryptoType);
keys.CreateSigner (); keys.CreateSigner ();
return keys; return keys;
@ -798,9 +848,10 @@ namespace data
keys.m_TransientSigningPrivateKeyLen = verifier->GetPrivateKeyLen (); keys.m_TransientSigningPrivateKeyLen = verifier->GetPrivateKeyLen ();
keys.m_TransientSignatureLen = verifier->GetSignatureLen (); keys.m_TransientSignatureLen = verifier->GetSignatureLen ();
keys.m_OfflineSignature.resize (pubKeyLen + m_Public->GetSignatureLen () + 6); keys.m_OfflineSignature.resize (pubKeyLen + m_Public->GetSignatureLen () + 6);
keys.m_SigningPrivateKey.resize (verifier->GetPrivateKeyLen ());
htobe32buf (keys.m_OfflineSignature.data (), expires); // expires htobe32buf (keys.m_OfflineSignature.data (), expires); // expires
htobe16buf (keys.m_OfflineSignature.data () + 4, type); // type htobe16buf (keys.m_OfflineSignature.data () + 4, type); // type
GenerateSigningKeyPair (type, keys.m_SigningPrivateKey, keys.m_OfflineSignature.data () + 6); // public key GenerateSigningKeyPair (type, keys.m_SigningPrivateKey.data (), keys.m_OfflineSignature.data () + 6); // public key
Sign (keys.m_OfflineSignature.data (), pubKeyLen + 6, keys.m_OfflineSignature.data () + 6 + pubKeyLen); // signature Sign (keys.m_OfflineSignature.data (), pubKeyLen + 6, keys.m_OfflineSignature.data () + 6 + pubKeyLen); // signature
// recreate signer // recreate signer
keys.m_Signer = nullptr; keys.m_Signer = nullptr;

10
libi2pd/Identity.h
View file

@ -142,7 +142,11 @@ namespace data
IdentHash m_IdentHash; IdentHash m_IdentHash;
std::unique_ptr<i2p::crypto::Verifier> m_Verifier; std::unique_ptr<i2p::crypto::Verifier> m_Verifier;
size_t m_ExtendedLen; size_t m_ExtendedLen;
uint8_t m_ExtendedBuffer[MAX_EXTENDED_BUFFER_SIZE]; // TODO: support PQ keys union
{
uint8_t m_ExtendedBuffer[MAX_EXTENDED_BUFFER_SIZE];
uint8_t * m_ExtendedBufferPtr;
};
}; };
size_t GetIdentityBufferLen (const uint8_t * buf, size_t len); // return actual identity length in buffer size_t GetIdentityBufferLen (const uint8_t * buf, size_t len); // return actual identity length in buffer
@ -160,7 +164,7 @@ namespace data
std::shared_ptr<const IdentityEx> GetPublic () const { return m_Public; }; std::shared_ptr<const IdentityEx> GetPublic () const { return m_Public; };
const uint8_t * GetPrivateKey () const { return m_PrivateKey; }; const uint8_t * GetPrivateKey () const { return m_PrivateKey; };
const uint8_t * GetSigningPrivateKey () const { return m_SigningPrivateKey; }; const uint8_t * GetSigningPrivateKey () const { return m_SigningPrivateKey.data (); };
size_t GetSignatureLen () const; // might not match identity size_t GetSignatureLen () const; // might not match identity
bool IsOfflineSignature () const { return m_TransientSignatureLen > 0; }; bool IsOfflineSignature () const { return m_TransientSignatureLen > 0; };
uint8_t * GetPadding(); uint8_t * GetPadding();
@ -196,7 +200,7 @@ namespace data
std::shared_ptr<IdentityEx> m_Public; std::shared_ptr<IdentityEx> m_Public;
uint8_t m_PrivateKey[256]; uint8_t m_PrivateKey[256];
uint8_t m_SigningPrivateKey[128]; // assume private key doesn't exceed 128 bytes std::vector<uint8_t> m_SigningPrivateKey;
mutable std::unique_ptr<i2p::crypto::Signer> m_Signer; mutable std::unique_ptr<i2p::crypto::Signer> m_Signer;
std::vector<uint8_t> m_OfflineSignature; // non zero length, if applicable std::vector<uint8_t> m_OfflineSignature; // non zero length, if applicable
size_t m_TransientSignatureLen = 0; size_t m_TransientSignatureLen = 0;

2
libi2pd/LeaseSet.h
View file

@ -60,7 +60,7 @@ namespace data
typedef std::function<bool(const Lease & l)> LeaseInspectFunc; typedef std::function<bool(const Lease & l)> LeaseInspectFunc;
const size_t MAX_LS_BUFFER_SIZE = 3072; const size_t MAX_LS_BUFFER_SIZE = 4096;
const size_t LEASE_SIZE = 44; // 32 + 4 + 8 const size_t LEASE_SIZE = 44; // 32 + 4 + 8
const size_t LEASE2_SIZE = 40; // 32 + 4 + 4 const size_t LEASE2_SIZE = 40; // 32 + 4 + 4
const uint8_t MAX_NUM_LEASES = 16; const uint8_t MAX_NUM_LEASES = 16;