public class TrustedUpdate extends Object
Handles DSA signing and verification of update files.
For convenience this class also makes certain operations available via the command line. These can be invoked as follows:
java net.i2p.crypto.TrustedUpdate keygen publicKeyFile privateKeyFile java net.i2p.crypto.TrustedUpdate showversion signedFile java net.i2p.crypto.TrustedUpdate sign inputFile signedFile privateKeyFile version java net.i2p.crypto.TrustedUpdate verifysig signedFile java net.i2p.crypto.TrustedUpdate verifyupdate signedFile java net.i2p.crypto.TrustedUpdate verifyversion signedFile
Modifier and Type | Field and Description |
---|---|
static int |
HEADER_BYTES |
Constructor and Description |
---|
TrustedUpdate()
Constructs a new
TrustedUpdate with the default global
context. |
TrustedUpdate(I2PAppContext context)
Constructs a new
TrustedUpdate with the given
I2PAppContext . |
Modifier and Type | Method and Description |
---|---|
boolean |
addKey(String key,
String name)
Duplicate keys or names rejected,
except that duplicate empty names are allowed
|
Map<SigningPublicKey,String> |
getKeys() |
String |
getTrustedKeysString()
Fetches the trusted keys for the current instance.
|
static String |
getVersionString(File signedFile)
Reads the version string from a signed update file.
|
static String |
getVersionString(InputStream inputStream)
Reads the version string from an input stream
|
boolean |
haveKey(String key)
Do we know about the following key?
|
boolean |
isUpdatedVersion(String currentVersion,
File signedFile)
Verifies that the version of the given signed update file is newer than
currentVersion . |
static void |
main(String[] args)
Parses command line arguments when this class is used from the command
line.
|
String |
migrateFile(File signedFile,
File outputFile)
Extract the file.
|
String |
migrateVerified(String currentVersion,
File signedFile,
File outputFile)
Verifies the signature of a signed update file, and if it's valid and the
file's version is newer than the given current version, migrates the data
out of
signedFile and into outputFile . |
static boolean |
needsUpdate(String currentVersion,
String newVersion)
Checks if the given version is newer than the given current version.
|
String |
newVersion()
version in the .sud file, valid only after calling migrateVerified()
|
Signature |
sign(String inputFile,
String signedFile,
SigningPrivateKey signingPrivateKey,
String version)
Uses the given
SigningPrivateKey to sign the given
input file along with its version string using DSA. |
Signature |
sign(String inputFile,
String signedFile,
String privateKeyFile,
String version)
Uses the given private key to sign the given input file along with its
version string using DSA.
|
boolean |
verify(File signedFile)
Verifies the DSA signature of a signed update file.
|
boolean |
verify(File signedFile,
SigningPublicKey signingPublicKey)
Verifies the DSA signature of a signed update file.
|
boolean |
verify(String signedFile,
String publicKeyFile)
Verifies the DSA signature of a signed update file.
|
String |
verifyAndGetSigner(File signedFile)
Verifies the DSA signature of a signed update file.
|
public TrustedUpdate()
TrustedUpdate
with the default global
context.public TrustedUpdate(I2PAppContext context)
TrustedUpdate
with the given
I2PAppContext
.context
- An instance of I2PAppContext
.public Map<SigningPublicKey,String> getKeys()
public boolean addKey(String key, String name)
key
- 172 character base64 stringname
- non-null but "" okpublic boolean haveKey(String key)
public static void main(String[] args)
args
- Command line parameters.public static final boolean needsUpdate(String currentVersion, String newVersion)
currentVersion
- The current version.newVersion
- The version to test.true
if the given version is newer than the current
version, otherwise false
.public String getTrustedKeysString()
String
containing the trusted keys,
delimited by CR LF line breaks.public static String getVersionString(File signedFile)
signedFile
- A signed update file.public static String getVersionString(InputStream inputStream)
inputStream
- containing at least 56 bytespublic String newVersion()
public boolean isUpdatedVersion(String currentVersion, File signedFile)
currentVersion
.currentVersion
- The current version to check against.signedFile
- The signed update file.true
if the signed update file's version is newer
than the current version, otherwise false
.public String migrateVerified(String currentVersion, File signedFile, File outputFile)
signedFile
and into outputFile
.
As of 0.8.8, the embedded file must be a zip file with
a standard zip header and a UTF-8 zip file comment
matching the version in the sud header. This prevents spoofing the version,
since the sud signature does NOT cover the version in the header.
(We do this for sud/su2 files but not plugin xpi2p files -
don't use this method for plugin files)currentVersion
- The current version to check against.signedFile
- A signed update file.outputFile
- The file to write the verified data to.null
if the signature and version were valid and the
data was moved, and an error String
otherwise.public String migrateFile(File signedFile, File outputFile)
signedFile
- A signed update file.outputFile
- The file to write the verified data to.null
if the
data was moved, and an error String
otherwise.public Signature sign(String inputFile, String signedFile, String privateKeyFile, String version)
0h
characters if necessary), and the remaining bytes are the
raw bytes of the input file.inputFile
- The file to be signed.signedFile
- The signed update file to write.privateKeyFile
- The name of the file containing the private key to
sign inputFile
with.version
- The version string of the input file. If this is
longer than 16 characters it will be truncated.Signature
, or
null
if there was an error.public Signature sign(String inputFile, String signedFile, SigningPrivateKey signingPrivateKey, String version)
SigningPrivateKey
to sign the given
input file along with its version string using DSA. The output will be a
signed update file where the first 40 bytes are the resulting DSA
signature, the next 16 bytes are the input file's version string encoded
in UTF-8 (padded with trailing 0h
characters if necessary),
and the remaining bytes are the raw bytes of the input file.inputFile
- The file to be signed.signedFile
- The signed update file to write.signingPrivateKey
- An instance of SigningPrivateKey
to sign inputFile
with.version
- The version string of the input file. If this is
longer than 16 characters it will be truncated.Signature
, or
null
if there was an error.public boolean verify(File signedFile)
signedFile
- The signed update file to check.true
if the file has a valid signature, otherwise
false
.public String verifyAndGetSigner(File signedFile)
signedFile
- The signed update file to check.public boolean verify(String signedFile, String publicKeyFile)
signedFile
- The signed update file to check.publicKeyFile
- A file containing the public key to use for
verification.true
if the file has a valid signature, otherwise
false
.public boolean verify(File signedFile, SigningPublicKey signingPublicKey)
signedFile
- The signed update file to check.signingPublicKey
- An instance of
SigningPublicKey
to use for
verification.true
if the file has a valid signature, otherwise
false
.