Package net.i2p.crypto
Class TrustedUpdate
java.lang.Object
net.i2p.crypto.TrustedUpdate
Handles DSA signing and verification of update files.
For convenience this class also makes certain operations available via the command line. These can be invoked as follows:
java net.i2p.crypto.TrustedUpdate keygen publicKeyFile privateKeyFile java net.i2p.crypto.TrustedUpdate showversion signedFile java net.i2p.crypto.TrustedUpdate sign inputFile signedFile privateKeyFile version java net.i2p.crypto.TrustedUpdate verifysig signedFile java net.i2p.crypto.TrustedUpdate verifyupdate signedFile java net.i2p.crypto.TrustedUpdate verifyversion signedFile
- Author:
- jrandom and smeghead
-
Field Summary
-
Constructor Summary
ConstructorDescriptionConstructs a newTrustedUpdate
with the default global context.TrustedUpdate
(I2PAppContext context) Constructs a newTrustedUpdate
with the givenI2PAppContext
. -
Method Summary
Modifier and TypeMethodDescriptionboolean
Duplicate keys or names rejected, except that duplicate empty names are allowedgetKeys()
Fetches the trusted keys for the current instance.static String
getVersionString
(File signedFile) Reads the version string from a signed update file.static String
getVersionString
(InputStream inputStream) Reads the version string from an input streamboolean
Do we know about the following key?boolean
isUpdatedVersion
(String currentVersion, File signedFile) Verifies that the version of the given signed update file is newer thancurrentVersion
.static void
Parses command line arguments when this class is used from the command line.migrateFile
(File signedFile, File outputFile) Extract the file.migrateVerified
(String currentVersion, File signedFile, File outputFile) Verifies the signature of a signed update file, and if it's valid and the file's version is newer than the given current version, migrates the data out ofsignedFile
and intooutputFile
.static final boolean
needsUpdate
(String currentVersion, String newVersion) Checks if the given version is newer than the given current version.version in the .sud file, valid only after calling migrateVerified()Uses the given private key to sign the given input file along with its version string using DSA.sign
(String inputFile, String signedFile, SigningPrivateKey signingPrivateKey, String version) Uses the givenSigningPrivateKey
to sign the given input file along with its version string using DSA.boolean
Verifies the DSA signature of a signed update file.boolean
verify
(File signedFile, SigningPublicKey signingPublicKey) Verifies the DSA signature of a signed update file.boolean
Verifies the DSA signature of a signed update file.verifyAndGetSigner
(File signedFile) Verifies the DSA signature of a signed update file.
-
Field Details
-
HEADER_BYTES
public static final int HEADER_BYTES
-
-
Constructor Details
-
TrustedUpdate
public TrustedUpdate()Constructs a newTrustedUpdate
with the default global context. -
TrustedUpdate
Constructs a newTrustedUpdate
with the givenI2PAppContext
.- Parameters:
context
- An instance ofI2PAppContext
.
-
-
Method Details
-
getKeys
- Since:
- 0.9.8, public since 0.9.14.1
-
addKey
Duplicate keys or names rejected, except that duplicate empty names are allowed- Parameters:
key
- 172 character base64 stringname
- non-null but "" ok- Returns:
- true if successful
- Since:
- 0.7.12
-
haveKey
Do we know about the following key?- Since:
- 0.7.12
-
main
Parses command line arguments when this class is used from the command line. Exits 1 on failure so this can be used in scripts.- Parameters:
args
- Command line parameters.
-
needsUpdate
Checks if the given version is newer than the given current version.- Parameters:
currentVersion
- The current version.newVersion
- The version to test.- Returns:
true
if the given version is newer than the current version, otherwisefalse
.
-
getTrustedKeysString
Fetches the trusted keys for the current instance. We could sort it but don't bother.- Returns:
- A
String
containing the trusted keys, delimited by CR LF line breaks.
-
getVersionString
Reads the version string from a signed update file.- Parameters:
signedFile
- A signed update file.- Returns:
- The version string read, or an empty string if no version string is present.
-
getVersionString
Reads the version string from an input stream- Parameters:
inputStream
- containing at least 56 bytes- Returns:
- The version string read, or an empty string if no version string is present.
- Since:
- 0.7.12
-
newVersion
version in the .sud file, valid only after calling migrateVerified() -
isUpdatedVersion
Verifies that the version of the given signed update file is newer thancurrentVersion
.- Parameters:
currentVersion
- The current version to check against.signedFile
- The signed update file.- Returns:
true
if the signed update file's version is newer than the current version, otherwisefalse
.
-
migrateVerified
Verifies the signature of a signed update file, and if it's valid and the file's version is newer than the given current version, migrates the data out ofsignedFile
and intooutputFile
. As of 0.8.8, the embedded file must be a zip file with a standard zip header and a UTF-8 zip file comment matching the version in the sud header. This prevents spoofing the version, since the sud signature does NOT cover the version in the header. (We do this for sud/su2 files but not plugin xpi2p files - don't use this method for plugin files)- Parameters:
currentVersion
- The current version to check against.signedFile
- A signed update file.outputFile
- The file to write the verified data to.- Returns:
null
if the signature and version were valid and the data was moved, and an errorString
otherwise.
-
migrateFile
Extract the file. Skips and ignores the signature and version. No verification.- Parameters:
signedFile
- A signed update file.outputFile
- The file to write the verified data to.- Returns:
null
if the data was moved, and an errorString
otherwise.- Since:
- 0.7.12
-
sign
Uses the given private key to sign the given input file along with its version string using DSA. The output will be a signed update file where the first 40 bytes are the resulting DSA signature, the next 16 bytes are the input file's version string encoded in UTF-8 (padded with trailing0h
characters if necessary), and the remaining bytes are the raw bytes of the input file.- Parameters:
inputFile
- The file to be signed.signedFile
- The signed update file to write.privateKeyFile
- The name of the file containing the private key to signinputFile
with.version
- The version string of the input file. If this is longer than 16 characters it will be truncated.- Returns:
- An instance of
Signature
, ornull
if there was an error.
-
sign
public Signature sign(String inputFile, String signedFile, SigningPrivateKey signingPrivateKey, String version) Uses the givenSigningPrivateKey
to sign the given input file along with its version string using DSA. The output will be a signed update file where the first 40 bytes are the resulting DSA signature, the next 16 bytes are the input file's version string encoded in UTF-8 (padded with trailing0h
characters if necessary), and the remaining bytes are the raw bytes of the input file.- Parameters:
inputFile
- The file to be signed.signedFile
- The signed update file to write.signingPrivateKey
- An instance ofSigningPrivateKey
to signinputFile
with.version
- The version string of the input file. If this is longer than 16 characters it will be truncated.- Returns:
- An instance of
Signature
, ornull
if there was an error.
-
verify
Verifies the DSA signature of a signed update file.- Parameters:
signedFile
- The signed update file to check.- Returns:
true
if the file has a valid signature, otherwisefalse
.
-
verifyAndGetSigner
Verifies the DSA signature of a signed update file.- Parameters:
signedFile
- The signed update file to check.- Returns:
- signer (could be empty string) or null if invalid
- Since:
- 0.7.12
-
verify
Verifies the DSA signature of a signed update file.- Parameters:
signedFile
- The signed update file to check.publicKeyFile
- A file containing the public key to use for verification.- Returns:
true
if the file has a valid signature, otherwisefalse
.
-
verify
Verifies the DSA signature of a signed update file.- Parameters:
signedFile
- The signed update file to check.signingPublicKey
- An instance ofSigningPublicKey
to use for verification.- Returns:
true
if the file has a valid signature, otherwisefalse
.
-