Changeset fe3059f


Ignore:
Timestamp:
Aug 5, 2014 9:23:48 PM (6 years ago)
Author:
zzz <zzz@…>
Branches:
master
Children:
0e9ceba
Parents:
bd566f5
Message:
  • Plugins: Enforce signing key matches that in plugin.config
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • apps/routerconsole/java/src/net/i2p/router/update/PluginUpdateRunner.java

    rbd566f5 rfe3059f  
    1111import net.i2p.CoreVersion;
    1212import net.i2p.crypto.TrustedUpdate;
     13import net.i2p.data.DataFormatException;
    1314import net.i2p.data.DataHelper;
     15import net.i2p.data.SigningPublicKey;
    1416import net.i2p.router.RouterContext;
    1517import net.i2p.router.web.ConfigClientsHelper;
     
    172174                return;
    173175            }
     176            SigningPublicKey spk;
     177            try {
     178                spk = new SigningPublicKey(pubkey);
     179            } catch (DataFormatException dfe) {
     180                f.delete();
     181                to.delete();
     182                statusDone("<b>" + _("Plugin from {0} contains an invalid key", url) + "</b>");
     183                return;
     184            }
    174185
    175186            // add all existing plugin keys, so any conflicts with existing keys
     
    193204                // verify the sig and verify that it is signed by the signer in the plugin.config file
    194205                // Allow "" as the previously-known signer
    195                 String signingKeyName = up.verifyAndGetSigner(f);
    196                 if (!(signer.equals(signingKeyName) || "".equals(signingKeyName))) {
     206                boolean ok = up.verify(f, spk);
     207                String signingKeyName = up.getKeys().get(spk);
     208                if ((!ok) || !(signer.equals(signingKeyName) || "".equals(signingKeyName))) {
    197209                    f.delete();
    198210                    to.delete();
  • core/java/src/net/i2p/crypto/TrustedUpdate.java

    rbd566f5 rfe3059f  
    213213
    214214    /**
    215      *  @since 0.9.8
    216      */
    217     Map<SigningPublicKey, String> getKeys() {
     215     *  @since 0.9.8, public since 0.9.14.1
     216     */
     217    public Map<SigningPublicKey, String> getKeys() {
    218218        return Collections.unmodifiableMap(_trustedKeys);
    219219    }
Note: See TracChangeset for help on using the changeset viewer.