2005-04-08 smeghead

* Security improvements to TrustedUpdate: signing and verification of the version string along with the data payload for signed update files (consequently the positions of the DSA signature and version string fields have been swapped in the spec for the update file's header); router will no longer perform a trusted update if the signed update's version is lower than or equal to the currently running router's version. * Added two new CLI commands to TrustedUpdate: showversion, verifyupdate. * Extended TrustedUpdate public API for use by third party applications.
2005-04-08 12:39:20 +00:00
parent 5a6a3a5e8d
commit b36def1f72
4 changed files with 531 additions and 307 deletions
--- a/apps/routerconsole/java/src/net/i2p/router/web/NewsFetcher.java
+++ b/apps/routerconsole/java/src/net/i2p/router/web/NewsFetcher.java
@ -7,6 +7,7 @@ import java.util.List;
 import java.util.StringTokenizer;

 import net.i2p.I2PAppContext;
+import net.i2p.crypto.TrustedUpdate;
 import net.i2p.data.DataHelper;
 import net.i2p.router.RouterContext;
 import net.i2p.router.RouterVersion;
@ -136,7 +137,7 @@ public class NewsFetcher implements Runnable, EepGet.StatusListener {
                        String ver = buf.substring(index+VERSION_PREFIX.length(), end);
                        if (_log.shouldLog(Log.DEBUG))
                            _log.debug("Found version: [" + ver + "]");
-                        if (needsUpdate(ver)) {
+                        if (TrustedUpdate.needsUpdate(RouterVersion.VERSION, ver)) {
                            if (_log.shouldLog(Log.DEBUG))
                                _log.debug("Our version is out of date, update!");
                            break;
@ -191,54 +192,6 @@ public class NewsFetcher implements Runnable, EepGet.StatusListener {
        }
    }
    
-    private boolean needsUpdate(String version) {
-        StringTokenizer newTok = new StringTokenizer(sanitize(version), ".");
-        StringTokenizer ourTok = new StringTokenizer(sanitize(RouterVersion.VERSION), ".");
-        
-        while (newTok.hasMoreTokens() && ourTok.hasMoreTokens()) {
-            String newVer = newTok.nextToken();
-            String oldVer = ourTok.nextToken();
-            switch (compare(newVer, oldVer)) {
-                case -1: // newVer is smaller
-                    return false;
-                case 0: // eq
-                    break;
-                case 1: // newVer is larger
-                    return true;
-            }
-        }
-        if (newTok.hasMoreTokens() && !ourTok.hasMoreTokens())
-            return true;
-        return false;
-    }
-    
-    private static final String VALID = "0123456789.";
-    private static final String sanitize(String str) {
-        StringBuffer buf = new StringBuffer(str);
-        for (int i = 0; i < buf.length(); i++) {
-            if (VALID.indexOf(buf.charAt(i)) == -1) {
-                buf.deleteCharAt(i);
-                i--;
-            }
-        }
-        return buf.toString();
-    }
-    
-    private static final int compare(String lhs, String rhs) {
-        try {
-            int left = Integer.parseInt(lhs);
-            int right = Integer.parseInt(rhs);
-            if (left < right) 
-                return -1;
-            else if (left == right)
-                return 0;
-            else
-                return 1;
-        } catch (NumberFormatException nfe) {
-            return 0;
-        }
-    }
-    
    public void attemptFailed(String url, long bytesTransferred, long bytesRemaining, int currentAttempt, int numRetries, Exception cause) {
        // ignore
    }