From 55318cf14bc6d3125e87a573abdd09d672b8e438 Mon Sep 17 00:00:00 2001 From: zzz Date: Sun, 8 Sep 2013 11:57:15 +0000 Subject: [PATCH] Crypto: Set file modes on written keys; don't overwrite existing files --- core/java/src/net/i2p/crypto/SU3File.java | 15 +++++++++++++-- core/java/src/net/i2p/crypto/TrustedUpdate.java | 16 +++++++++++++--- 2 files changed, 26 insertions(+), 5 deletions(-) diff --git a/core/java/src/net/i2p/crypto/SU3File.java b/core/java/src/net/i2p/crypto/SU3File.java index 227d01fbb..7cc23552b 100644 --- a/core/java/src/net/i2p/crypto/SU3File.java +++ b/core/java/src/net/i2p/crypto/SU3File.java @@ -24,6 +24,7 @@ import net.i2p.data.Signature; import net.i2p.data.SigningPrivateKey; import net.i2p.data.SigningPublicKey; import net.i2p.data.SimpleDataStructure; +import net.i2p.util.SecureFileOutputStream; /** * Succesor to the ".sud" format used in TrustedUpdate. @@ -550,6 +551,16 @@ public class SU3File { * @since 0.9.9 */ private static final boolean genKeysCLI(SigType type, String publicKeyFile, String privateKeyFile) { + File pubFile = new File(publicKeyFile); + File privFile = new File(privateKeyFile); + if (pubFile.exists()) { + System.out.println("Error: Not overwriting file " + publicKeyFile); + return false; + } + if (privFile.exists()) { + System.out.println("Error: Not overwriting file " + privateKeyFile); + return false; + } FileOutputStream fileOutputStream = null; I2PAppContext context = I2PAppContext.getGlobalContext(); try { @@ -557,12 +568,12 @@ public class SU3File { SigningPublicKey signingPublicKey = (SigningPublicKey) signingKeypair[0]; SigningPrivateKey signingPrivateKey = (SigningPrivateKey) signingKeypair[1]; - fileOutputStream = new FileOutputStream(publicKeyFile); + fileOutputStream = new SecureFileOutputStream(pubFile); signingPublicKey.writeBytes(fileOutputStream); fileOutputStream.close(); fileOutputStream = null; - fileOutputStream = new FileOutputStream(privateKeyFile); + fileOutputStream = new SecureFileOutputStream(privFile); signingPrivateKey.writeBytes(fileOutputStream); System.out.println("\r\n" + type + " Private key written to: " + privateKeyFile); diff --git a/core/java/src/net/i2p/crypto/TrustedUpdate.java b/core/java/src/net/i2p/crypto/TrustedUpdate.java index 51c19e4ea..a9892b171 100644 --- a/core/java/src/net/i2p/crypto/TrustedUpdate.java +++ b/core/java/src/net/i2p/crypto/TrustedUpdate.java @@ -21,6 +21,7 @@ import net.i2p.data.Signature; import net.i2p.data.SigningPrivateKey; import net.i2p.data.SigningPublicKey; import net.i2p.util.Log; +import net.i2p.util.SecureFileOutputStream; import net.i2p.util.VersionComparator; import net.i2p.util.ZipFileComment; @@ -315,20 +316,29 @@ riCe6OlAEiNpcc6mMyIYYWFICbrDFTrDR3wXqwc/Jkcx6L5VVWoagpSzbo3yGhc= /** @return success */ private static final boolean genKeysCLI(String publicKeyFile, String privateKeyFile) { + File pubFile = new File(publicKeyFile); + File privFile = new File(privateKeyFile); + if (pubFile.exists()) { + System.out.println("Error: Not overwriting file " + publicKeyFile); + return false; + } + if (privFile.exists()) { + System.out.println("Error: Not overwriting file " + privateKeyFile); + return false; + } FileOutputStream fileOutputStream = null; - I2PAppContext context = I2PAppContext.getGlobalContext(); try { Object signingKeypair[] = context.keyGenerator().generateSigningKeypair(); SigningPublicKey signingPublicKey = (SigningPublicKey) signingKeypair[0]; SigningPrivateKey signingPrivateKey = (SigningPrivateKey) signingKeypair[1]; - fileOutputStream = new FileOutputStream(publicKeyFile); + fileOutputStream = new SecureFileOutputStream(pubFile); signingPublicKey.writeBytes(fileOutputStream); fileOutputStream.close(); fileOutputStream = null; - fileOutputStream = new FileOutputStream(privateKeyFile); + fileOutputStream = new SecureFileOutputStream(privFile); signingPrivateKey.writeBytes(fileOutputStream); System.out.println("\r\nPrivate key written to: " + privateKeyFile);