|
|
|
|
@ -7,6 +7,17 @@
|
|
|
|
|
# zzz 2010-02
|
|
|
|
|
# zzz 2014-08 added support for su3 files
|
|
|
|
|
#
|
|
|
|
|
|
|
|
|
|
if [ -z "$I2P" -a -d "$PWD/../i2p/pkg-temp" ]; then
|
|
|
|
|
export I2P=$PWD/../i2p/pkg-temp
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
if [ ! -d "$I2P" ]; then
|
|
|
|
|
echo "Can't locate your I2P installation. Please add a environment variable named I2P with the path to the folder as value"
|
|
|
|
|
echo "On OSX this solved with running: export I2P=/Applications/i2p if default install directory is used."
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
CPATH=$I2P/lib/i2p.jar:/usr/share/java/gnu-getopt.jar
|
|
|
|
|
PUBKEYDIR=$HOME/.i2p-plugin-keys
|
|
|
|
|
PUBKEYFILE=$PUBKEYDIR/plugin-public-signing.key
|
|
|
|
|
@ -22,53 +33,53 @@ PLUGINDIR=${1:-plugin}
|
|
|
|
|
PC=plugin.config
|
|
|
|
|
PCT=${PC}.tmp
|
|
|
|
|
|
|
|
|
|
if [ ! -d $PLUGINDIR ]
|
|
|
|
|
if [ ! -d "$PLUGINDIR" ]
|
|
|
|
|
then
|
|
|
|
|
echo "You must have a $PLUGINDIR directory"
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
if [ ! -f $PLUGINDIR/$PC ]
|
|
|
|
|
if [ ! -f "$PLUGINDIR/$PC" ]
|
|
|
|
|
then
|
|
|
|
|
echo "You must have a $PLUGINDIR/$PC file"
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
SIGNER=`grep '^signer=' $PLUGINDIR/$PC`
|
|
|
|
|
SIGNER=`grep '^signer=' "$PLUGINDIR/$PC"`
|
|
|
|
|
if [ "$?" -ne "0" ]
|
|
|
|
|
then
|
|
|
|
|
echo "You must have a signer name in $PC"
|
|
|
|
|
echo 'For example name=foo'
|
|
|
|
|
echo 'For example signer=foo'
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
SIGNER=`echo $SIGNER | cut -f 2 -d '='`
|
|
|
|
|
|
|
|
|
|
if [ ! -f $PRIVKEYFILE ]
|
|
|
|
|
if [ ! -f "$PRIVKEYFILE" ]
|
|
|
|
|
then
|
|
|
|
|
echo "Creating new XPI2P DSA keys"
|
|
|
|
|
mkdir -p $PUBKEYDIR || exit 1
|
|
|
|
|
java -cp $CPATH net.i2p.crypto.TrustedUpdate keygen $PUBKEYFILE $PRIVKEYFILE || exit 1
|
|
|
|
|
java -cp $CPATH net.i2p.data.Base64 encode $PUBKEYFILE $B64KEYFILE || exit 1
|
|
|
|
|
mkdir -p "$PUBKEYDIR" || exit 1
|
|
|
|
|
java -cp "$CPATH" net.i2p.crypto.TrustedUpdate keygen "$PUBKEYFILE" "$PRIVKEYFILE" || exit 1
|
|
|
|
|
java -cp "$CPATH" net.i2p.data.Base64 encode "$PUBKEYFILE" "$B64KEYFILE" || exit 1
|
|
|
|
|
rm -rf logs/
|
|
|
|
|
chmod 444 $PUBKEYFILE $B64KEYFILE
|
|
|
|
|
chmod 400 $PRIVKEYFILE
|
|
|
|
|
chmod 444 "$PUBKEYFILE" "$B64KEYFILE"
|
|
|
|
|
chmod 400 "$PRIVKEYFILE"
|
|
|
|
|
echo "Created new XPI2P keys: $PUBKEYFILE $PRIVKEYFILE"
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
if [ ! -f $PRIVKEYSTORE ]
|
|
|
|
|
if [ ! -f "$PRIVKEYSTORE" ]
|
|
|
|
|
then
|
|
|
|
|
echo "Creating new SU3 $KEYTYPE keys for $SIGNER"
|
|
|
|
|
java -cp $CPATH net.i2p.crypto.SU3File keygen -t $KEYTYPE $PUBKEYSTORE $PRIVKEYSTORE $SIGNER || exit 1
|
|
|
|
|
java -cp "$CPATH" net.i2p.crypto.SU3File keygen -t $KEYTYPE "$PUBKEYSTORE" "$PRIVKEYSTORE" $SIGNER || exit 1
|
|
|
|
|
echo '*** Save your password in a safe place!!! ***'
|
|
|
|
|
rm -rf logs/
|
|
|
|
|
# copy to the router dir so verify will work
|
|
|
|
|
CDIR=$I2P/certificates/plugin
|
|
|
|
|
mkdir -p $CDIR || exit 1
|
|
|
|
|
mkdir -p "$CDIR" || exit 1
|
|
|
|
|
CFILE=$CDIR/`echo $SIGNER | sed s/@/_at_/`.crt
|
|
|
|
|
cp $PUBKEYSTORE $CFILE
|
|
|
|
|
chmod 444 $PUBKEYSTORE
|
|
|
|
|
chmod 400 $PRIVKEYSTORE
|
|
|
|
|
chmod 644 $CFILE
|
|
|
|
|
cp "$PUBKEYSTORE" "$CFILE"
|
|
|
|
|
chmod 444 "$PUBKEYSTORE"
|
|
|
|
|
chmod 400 "$PRIVKEYSTORE"
|
|
|
|
|
chmod 644 "$CFILE"
|
|
|
|
|
echo "Created new SU3 keys: $PUBKEYSTORE $PRIVKEYSTORE"
|
|
|
|
|
echo "Copied public key to $CFILE for testing"
|
|
|
|
|
fi
|
|
|
|
|
@ -76,7 +87,7 @@ fi
|
|
|
|
|
rm -f plugin.zip
|
|
|
|
|
|
|
|
|
|
OPWD=$PWD
|
|
|
|
|
cd $PLUGINDIR
|
|
|
|
|
cd "$PLUGINDIR"
|
|
|
|
|
|
|
|
|
|
grep -q '^name=' $PC
|
|
|
|
|
if [ "$?" -ne "0" ]
|
|
|
|
|
@ -102,12 +113,12 @@ mv $PCT $PC || exit 1
|
|
|
|
|
|
|
|
|
|
# add our Base64 key
|
|
|
|
|
grep -v '^key=' $PC > $PCT
|
|
|
|
|
B64KEY=`cat $B64KEYFILE`
|
|
|
|
|
B64KEY=`cat "$B64KEYFILE"`
|
|
|
|
|
echo "key=$B64KEY" >> $PCT || exit 1
|
|
|
|
|
mv $PCT $PC || exit 1
|
|
|
|
|
|
|
|
|
|
# zip it
|
|
|
|
|
zip -r $OPWD/plugin.zip * || exit 1
|
|
|
|
|
zip -r "$OPWD/plugin.zip" * || exit 1
|
|
|
|
|
|
|
|
|
|
# get the version and use it for the sud header
|
|
|
|
|
VERSION=`grep '^version=' $PC | cut -f 2 -d '='`
|
|
|
|
|
@ -115,24 +126,24 @@ VERSION=`grep '^version=' $PC | cut -f 2 -d '='`
|
|
|
|
|
NAME=`grep '^name=' $PC | cut -f 2 -d '='`
|
|
|
|
|
XPI2P=${NAME}.xpi2p
|
|
|
|
|
SU3=${NAME}.su3
|
|
|
|
|
cd $OPWD
|
|
|
|
|
cd "$OPWD"
|
|
|
|
|
|
|
|
|
|
# sign it
|
|
|
|
|
echo 'Signing. ...'
|
|
|
|
|
java -cp $CPATH net.i2p.crypto.TrustedUpdate sign plugin.zip $XPI2P $PRIVKEYFILE $VERSION || exit 1
|
|
|
|
|
java -cp $CPATH net.i2p.crypto.SU3File sign -c PLUGIN -t $KEYTYPE plugin.zip $SU3 $PRIVKEYSTORE $VERSION $SIGNER || exit 1
|
|
|
|
|
java -cp "$CPATH" net.i2p.crypto.TrustedUpdate sign plugin.zip "$XPI2P" "$PRIVKEYFILE" "$VERSION" || exit 1
|
|
|
|
|
java -cp "$CPATH" net.i2p.crypto.SU3File sign -c PLUGIN -t $KEYTYPE plugin.zip "$SU3" "$PRIVKEYSTORE" "$VERSION" "$SIGNER" || exit 1
|
|
|
|
|
rm -f plugin.zip
|
|
|
|
|
|
|
|
|
|
# verify
|
|
|
|
|
echo 'Verifying. ...'
|
|
|
|
|
java -cp $CPATH net.i2p.crypto.TrustedUpdate showversion $XPI2P || exit 1
|
|
|
|
|
java -cp $CPATH -Drouter.trustedUpdateKeys=$B64KEY net.i2p.crypto.TrustedUpdate verifysig $XPI2P || exit 1
|
|
|
|
|
java -cp $CPATH net.i2p.crypto.SU3File showversion $SU3 || exit 1
|
|
|
|
|
java -cp $CPATH net.i2p.crypto.SU3File verifysig -k $PUBKEYSTORE $SU3 || exit 1
|
|
|
|
|
java -cp "$CPATH" net.i2p.crypto.TrustedUpdate showversion "$XPI2P" || exit 1
|
|
|
|
|
java -cp "$CPATH" -Drouter.trustedUpdateKeys=$B64KEY net.i2p.crypto.TrustedUpdate verifysig "$XPI2P" || exit 1
|
|
|
|
|
java -cp "$CPATH" net.i2p.crypto.SU3File showversion "$SU3" || exit 1
|
|
|
|
|
java -cp "$CPATH" net.i2p.crypto.SU3File verifysig -k "$PUBKEYSTORE" "$SU3" || exit 1
|
|
|
|
|
rm -rf logs/
|
|
|
|
|
|
|
|
|
|
echo 'Plugin files created: '
|
|
|
|
|
wc -c $XPI2P
|
|
|
|
|
wc -c $SU3
|
|
|
|
|
wc -c "$XPI2P"
|
|
|
|
|
wc -c "$SU3"
|
|
|
|
|
|
|
|
|
|
exit 0
|
|
|
|
|
|
