echelon/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

* Plugins: Enforce signing key matches that in plugin.config

Browse Source
This commit is contained in:
zzz
2014-08-05 21:23:48 +00:00
parent bd566f52cf
commit fe3059f0ab
2 changed files with 16 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
apps/routerconsole/java/src/net/i2p/router/update/PluginUpdateRunner.java
View File

@ -10,7 +10,9 @@ import java.util.Properties;
import net.i2p.CoreVersion; import net.i2p.CoreVersion;
import net.i2p.crypto.TrustedUpdate; import net.i2p.crypto.TrustedUpdate;
import net.i2p.data.DataFormatException;
import net.i2p.data.DataHelper; import net.i2p.data.DataHelper;
import net.i2p.data.SigningPublicKey;
import net.i2p.router.RouterContext; import net.i2p.router.RouterContext;
import net.i2p.router.web.ConfigClientsHelper; import net.i2p.router.web.ConfigClientsHelper;
import net.i2p.router.web.ConfigUpdateHandler; import net.i2p.router.web.ConfigUpdateHandler;
@ -171,6 +173,15 @@ class PluginUpdateRunner extends UpdateRunner {
statusDone("<b>" + _("Plugin from {0} contains an invalid key", url) + "</b>"); statusDone("<b>" + _("Plugin from {0} contains an invalid key", url) + "</b>");
return; return;
} }
SigningPublicKey spk;
try {
spk = new SigningPublicKey(pubkey);
} catch (DataFormatException dfe) {
f.delete();
to.delete();
statusDone("<b>" + _("Plugin from {0} contains an invalid key", url) + "</b>");
return;
}
// add all existing plugin keys, so any conflicts with existing keys // add all existing plugin keys, so any conflicts with existing keys
// will be discovered and rejected // will be discovered and rejected
@ -192,8 +203,9 @@ class PluginUpdateRunner extends UpdateRunner {
// the key is already in the TrustedUpdate keyring // the key is already in the TrustedUpdate keyring
// verify the sig and verify that it is signed by the signer in the plugin.config file // verify the sig and verify that it is signed by the signer in the plugin.config file
// Allow "" as the previously-known signer // Allow "" as the previously-known signer
String signingKeyName = up.verifyAndGetSigner(f); boolean ok = up.verify(f, spk);
if (!(signer.equals(signingKeyName) || "".equals(signingKeyName))) { String signingKeyName = up.getKeys().get(spk);
if ((!ok) || !(signer.equals(signingKeyName) || "".equals(signingKeyName))) {
f.delete(); f.delete();
to.delete(); to.delete();
if (signingKeyName == null) if (signingKeyName == null)

4
core/java/src/net/i2p/crypto/TrustedUpdate.java
View File

@ -212,9 +212,9 @@ riCe6OlAEiNpcc6mMyIYYWFICbrDFTrDR3wXqwc/Jkcx6L5VVWoagpSzbo3yGhc=
} }
/** /**
* @since 0.9.8 * @since 0.9.8, public since 0.9.14.1
*/ */
Map<SigningPublicKey, String> getKeys() { public Map<SigningPublicKey, String> getKeys() {
return Collections.unmodifiableMap(_trustedKeys); return Collections.unmodifiableMap(_trustedKeys);
} }