zzz/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Crypto: Set file modes on written keys; don't overwrite existing files

Browse Source
This commit is contained in:
zzz
2013-09-08 11:57:15 +00:00
parent 83ead0c304
commit 55318cf14b
2 changed files with 26 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
core/java/src/net/i2p/crypto/SU3File.java
View File

@@ -24,6 +24,7 @@ import net.i2p.data.Signature;
import net.i2p.data.SigningPrivateKey; import net.i2p.data.SigningPrivateKey;
import net.i2p.data.SigningPublicKey; import net.i2p.data.SigningPublicKey;
import net.i2p.data.SimpleDataStructure; import net.i2p.data.SimpleDataStructure;
import net.i2p.util.SecureFileOutputStream;
/** /**
* Succesor to the ".sud" format used in TrustedUpdate. * Succesor to the ".sud" format used in TrustedUpdate.
@@ -550,6 +551,16 @@ public class SU3File {
* @since 0.9.9 * @since 0.9.9
*/ */
private static final boolean genKeysCLI(SigType type, String publicKeyFile, String privateKeyFile) { private static final boolean genKeysCLI(SigType type, String publicKeyFile, String privateKeyFile) {
File pubFile = new File(publicKeyFile);
File privFile = new File(privateKeyFile);
if (pubFile.exists()) {
System.out.println("Error: Not overwriting file " + publicKeyFile);
return false;
}
if (privFile.exists()) {
System.out.println("Error: Not overwriting file " + privateKeyFile);
return false;
}
FileOutputStream fileOutputStream = null; FileOutputStream fileOutputStream = null;
I2PAppContext context = I2PAppContext.getGlobalContext(); I2PAppContext context = I2PAppContext.getGlobalContext();
try { try {
@@ -557,12 +568,12 @@ public class SU3File {
SigningPublicKey signingPublicKey = (SigningPublicKey) signingKeypair[0]; SigningPublicKey signingPublicKey = (SigningPublicKey) signingKeypair[0];
SigningPrivateKey signingPrivateKey = (SigningPrivateKey) signingKeypair[1]; SigningPrivateKey signingPrivateKey = (SigningPrivateKey) signingKeypair[1];
fileOutputStream = new FileOutputStream(publicKeyFile); fileOutputStream = new SecureFileOutputStream(pubFile);
signingPublicKey.writeBytes(fileOutputStream); signingPublicKey.writeBytes(fileOutputStream);
fileOutputStream.close(); fileOutputStream.close();
fileOutputStream = null; fileOutputStream = null;
fileOutputStream = new FileOutputStream(privateKeyFile); fileOutputStream = new SecureFileOutputStream(privFile);
signingPrivateKey.writeBytes(fileOutputStream); signingPrivateKey.writeBytes(fileOutputStream);
System.out.println("\r\n" + type + " Private key written to: " + privateKeyFile); System.out.println("\r\n" + type + " Private key written to: " + privateKeyFile);

16
core/java/src/net/i2p/crypto/TrustedUpdate.java
View File

@@ -21,6 +21,7 @@ import net.i2p.data.Signature;
import net.i2p.data.SigningPrivateKey; import net.i2p.data.SigningPrivateKey;
import net.i2p.data.SigningPublicKey; import net.i2p.data.SigningPublicKey;
import net.i2p.util.Log; import net.i2p.util.Log;
import net.i2p.util.SecureFileOutputStream;
import net.i2p.util.VersionComparator; import net.i2p.util.VersionComparator;
import net.i2p.util.ZipFileComment; import net.i2p.util.ZipFileComment;
@@ -315,20 +316,29 @@ riCe6OlAEiNpcc6mMyIYYWFICbrDFTrDR3wXqwc/Jkcx6L5VVWoagpSzbo3yGhc=
/** @return success */ /** @return success */
private static final boolean genKeysCLI(String publicKeyFile, String privateKeyFile) { private static final boolean genKeysCLI(String publicKeyFile, String privateKeyFile) {
File pubFile = new File(publicKeyFile);
File privFile = new File(privateKeyFile);
if (pubFile.exists()) {
System.out.println("Error: Not overwriting file " + publicKeyFile);
return false;
}
if (privFile.exists()) {
System.out.println("Error: Not overwriting file " + privateKeyFile);
return false;
}
FileOutputStream fileOutputStream = null; FileOutputStream fileOutputStream = null;
I2PAppContext context = I2PAppContext.getGlobalContext(); I2PAppContext context = I2PAppContext.getGlobalContext();
try { try {
Object signingKeypair[] = context.keyGenerator().generateSigningKeypair(); Object signingKeypair[] = context.keyGenerator().generateSigningKeypair();
SigningPublicKey signingPublicKey = (SigningPublicKey) signingKeypair[0]; SigningPublicKey signingPublicKey = (SigningPublicKey) signingKeypair[0];
SigningPrivateKey signingPrivateKey = (SigningPrivateKey) signingKeypair[1]; SigningPrivateKey signingPrivateKey = (SigningPrivateKey) signingKeypair[1];
fileOutputStream = new FileOutputStream(publicKeyFile); fileOutputStream = new SecureFileOutputStream(pubFile);
signingPublicKey.writeBytes(fileOutputStream); signingPublicKey.writeBytes(fileOutputStream);
fileOutputStream.close(); fileOutputStream.close();
fileOutputStream = null; fileOutputStream = null;
fileOutputStream = new FileOutputStream(privateKeyFile); fileOutputStream = new SecureFileOutputStream(privFile);
signingPrivateKey.writeBytes(fileOutputStream); signingPrivateKey.writeBytes(fileOutputStream);
System.out.println("\r\nPrivate key written to: " + privateKeyFile); System.out.println("\r\nPrivate key written to: " + privateKeyFile);