From a1fb5ef6edd2dcd7ec1ff6f826bd218b96473ae9 Mon Sep 17 00:00:00 2001
From: zzz <zzz@mail.i2p>
Date: Mon, 15 Feb 2010 16:12:49 +0000
Subject: [PATCH] verify that signing key name matches
---
.../net/i2p/router/web/PluginUpdateHandler.java | 8 ++++++--
.../net/i2p/router/web/WebAppConfiguration.java | 4 ++--
core/java/src/net/i2p/crypto/TrustedUpdate.java | 17 +++++++++++++++++
3 files changed, 25 insertions(+), 4 deletions(-)
diff --git a/apps/routerconsole/java/src/net/i2p/router/web/PluginUpdateHandler.java b/apps/routerconsole/java/src/net/i2p/router/web/PluginUpdateHandler.java
index 46ff441cb3..fb54235e4f 100644
--- a/apps/routerconsole/java/src/net/i2p/router/web/PluginUpdateHandler.java
+++ b/apps/routerconsole/java/src/net/i2p/router/web/PluginUpdateHandler.java
@@ -193,7 +193,9 @@ public class PluginUpdateHandler extends UpdateHandler {
if (up.haveKey(pubkey)) {
// the key is already in the TrustedUpdate keyring
- if (!up.verify(f)) {
+ // verify the sig and verify that it is signed by the keyName in the plugin.config file
+ String signingKeyName = up.verifyAndGetSigner(f);
+ if (!keyName.equals(signingKeyName)) {
f.delete();
to.delete();
updateStatus("<b>" + _("Plugin signature verification of {0} failed", url) + "</b>");
@@ -209,7 +211,9 @@ public class PluginUpdateHandler extends UpdateHandler {
return;
}
// ...and try the verify again
- if (!up.verify(f)) {
+ // verify the sig and verify that it is signed by the keyName in the plugin.config file
+ String signingKeyName = up.verifyAndGetSigner(f);
+ if (!keyName.equals(signingKeyName)) {
f.delete();
to.delete();
updateStatus("<b>" + _("Plugin signature verification of {0} failed", url) + "</b>");
diff --git a/apps/routerconsole/java/src/net/i2p/router/web/WebAppConfiguration.java b/apps/routerconsole/java/src/net/i2p/router/web/WebAppConfiguration.java
index 121145bf3c..c3fcc334aa 100644
--- a/apps/routerconsole/java/src/net/i2p/router/web/WebAppConfiguration.java
+++ b/apps/routerconsole/java/src/net/i2p/router/web/WebAppConfiguration.java
@@ -81,9 +81,9 @@ public class WebAppConfiguration implements WebApplicationContext.Configuration
String elem = tok.nextToken().trim();
String path;
if (elem.startsWith("$I2P"))
- path = i2pContext.getBaseDir().getAbsolutePath() + '/' + elem.substring(4);
+ path = i2pContext.getBaseDir().getAbsolutePath() + elem.substring(4);
else if (elem.startsWith("$PLUGIN"))
- path = dir.getAbsolutePath() + '/' + elem.substring(7);
+ path = dir.getAbsolutePath() + elem.substring(7);
else
path = dir.getAbsolutePath() + '/' + elem;
System.err.println("Adding " + path + " to classpath for " + appName);
diff --git a/core/java/src/net/i2p/crypto/TrustedUpdate.java b/core/java/src/net/i2p/crypto/TrustedUpdate.java
index c567fcb310..054d15358c 100644
--- a/core/java/src/net/i2p/crypto/TrustedUpdate.java
+++ b/core/java/src/net/i2p/crypto/TrustedUpdate.java
@@ -682,6 +682,23 @@ D8usM7Dxp5yrDrCYZ5AIijc=
return false;
}
+ /**
+ * Verifies the DSA signature of a signed update file.
+ *
+ * @param signedFile The signed update file to check.
+ *
+ * @return signer (could be empty string) or null if invalid
+ * @since 0.7.12
+ */
+ public String verifyAndGetSigner(File signedFile) {
+ for (SigningPublicKey signingPublicKey : _trustedKeys.keySet()) {
+ boolean isValidSignature = verify(signedFile, signingPublicKey);
+ if (isValidSignature)
+ return _trustedKeys.get(signingPublicKey);
+ }
+ return null;
+ }
+
/**
* Verifies the DSA signature of a signed update file.
*
--
GitLab