diff --git a/core/java/src/net/i2p/crypto/DirKeyRing.java b/core/java/src/net/i2p/crypto/DirKeyRing.java new file mode 100644 index 000000000..00ac5d098 --- /dev/null +++ b/core/java/src/net/i2p/crypto/DirKeyRing.java @@ -0,0 +1,41 @@ +package net.i2p.crypto; + +/* + * free (adj.): unencumbered; not under the control of others + * No warranty of any kind, either expressed or implied. + */ + +import java.io.File; +import java.io.IOException; +import java.security.GeneralSecurityException; +import java.security.PublicKey; + +import net.i2p.data.SigningPublicKey; + +/** + * Dumb storage in a directory for testing. + * No sanitization of filenames, unsafe. + * + * @since 0.9.9 + */ +class DirKeyRing implements KeyRing { + + private final File _base; + + public DirKeyRing(File baseDir) { + _base = baseDir; + } + + public SigningPublicKey getKey(String keyName, String scope, SigType type) + throws GeneralSecurityException, IOException { + File sd = new File(_base, scope); + File td = new File(sd, Integer.toString(type.getCode())); + File kd = new File(td, keyName + ".key"); + if (!kd.exists()) + return null; + PublicKey pk = SigUtil.importJavaPublicKey(kd, type); + return SigUtil.fromJavaKey(pk, type); + } + + public void setKey(String keyName, String scope, SigningPublicKey key) {} +} diff --git a/core/java/src/net/i2p/crypto/SU3File.java b/core/java/src/net/i2p/crypto/SU3File.java index dfb88ee6c..00f3905ca 100644 --- a/core/java/src/net/i2p/crypto/SU3File.java +++ b/core/java/src/net/i2p/crypto/SU3File.java @@ -27,6 +27,7 @@ import net.i2p.data.Signature; import net.i2p.data.SigningPrivateKey; import net.i2p.data.SigningPublicKey; import net.i2p.data.SimpleDataStructure; +import net.i2p.util.HexDump; import net.i2p.util.SecureFileOutputStream; /** @@ -76,7 +77,8 @@ public class SU3File { * Uses TrustedUpdate's default keys for verification. */ public SU3File(File file) { - this(file, (new TrustedUpdate()).getKeys()); + //this(file, (new TrustedUpdate()).getKeys()); + this(file, null); } /** @@ -190,9 +192,19 @@ public class SU3File { break; } } - if (_signerPubkey == null) - throw new IOException("unknown signer: " + _signer); + } else { + // testing + KeyRing ring = new DirKeyRing(new File("su3keyring")); + try { + _signerPubkey = ring.getKey(_signer, "default", _sigType); + } catch (GeneralSecurityException gse) { + IOException ioe = new IOException("keystore error"); + ioe.initCause(gse); + throw ioe; + } } + if (_signerPubkey == null) + throw new IOException("unknown signer: " + _signer); _headerVerified = true; } @@ -268,6 +280,8 @@ public class SU3File { signature.readBytes(in); SimpleDataStructure hash = _sigType.getHashInstance(); hash.setData(sha); + //System.out.println("hash\n" + HexDump.dump(sha)); + //System.out.println("sig\n" + HexDump.dump(signature.getData())); rv = _context.dsa().verifySignature(signature, hash, _signerPubkey); } catch (DataFormatException dfe) { IOException ioe = new IOException("foo"); @@ -350,6 +364,8 @@ public class SU3File { SimpleDataStructure hash = sigType.getHashInstance(); hash.setData(sha); Signature signature = _context.dsa().sign(hash, privkey); + //System.out.println("hash\n" + HexDump.dump(sha)); + //System.out.println("sig\n" + HexDump.dump(signature.getData())); signature.writeBytes(out); ok = true; } catch (DataFormatException dfe) { @@ -513,9 +529,9 @@ public class SU3File { //// fixme boolean isValidSignature = file.verifyAndMigrate(new File("/dev/null")); if (isValidSignature) - System.out.println("Signature VALID (signed by " + file.getSignerString() + ')'); + System.out.println("Signature VALID (signed by " + file.getSignerString() + ' ' + file._sigType + ')'); else - System.out.println("Signature INVALID (signed by " + file.getSignerString() + ')'); + System.out.println("Signature INVALID (signed by " + file.getSignerString() + ' ' + file._sigType +')'); return isValidSignature; } catch (IOException ioe) { System.out.println("Error verifying input file '" + signedFile + "'");