Skip to content

Commit

Permalink
Use of signature URLs
Browse files Browse the repository at this point in the history
  • Loading branch information
Stanislas Polu authored and Stanislas Polu committed May 28, 2014
1 parent a2582af commit 9f0d342
Show file tree
Hide file tree
Showing 3 changed files with 54 additions and 54 deletions.
104 changes: 52 additions & 52 deletions lib/auto_updater.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
* @author: spolu
*
* @log:
* - 2014-06-27 deian Use signature for update verification [fix #32]
* - 2014-05-19 spolu TMPDIR & https: check (thanks deian)
* - 2014-05-14 spolu Creation
*/
Expand Down Expand Up @@ -254,6 +255,10 @@ var auto_updater = function(spec, my) {
function(cb_) {
/* Testing */ //return cb_();
fs.remove(p + '.tar.gz', cb_);
},
function(cb_) {
/* Testing */ //return cb_();
fs.remove(p + '.tar.gz.sha1sum.asc', cb_);
}
], cb_);
}
Expand Down Expand Up @@ -339,6 +344,7 @@ var auto_updater = function(spec, my) {
});
},
function(cb_) {
console.log(update);
/* Testing */ //return cb_();
common.log.out('[auto_updater] Downloading: ' + tmp + '.tar.gz... [' +
update.url + ']');
Expand All @@ -356,7 +362,7 @@ var auto_updater = function(spec, my) {
'.tar.gz.sha1sum.asc... [' + update.url + ']');
var out = fs.createWriteStream(tmp + '.tar.gz.sha1sum.asc');
request({
url: update.url
url: update.signature
}).on('error', cb_)
.on('end', cb_)
.pipe(out)
Expand All @@ -368,9 +374,8 @@ var auto_updater = function(spec, my) {
function(cb_) {
common.log.out('[auto_updater] Verifying: ' + tmp + '.tar.gz...');

// Get keys from keyring
// The keyring is stored in openpgp.store/openpgp-public-keys

/* Get keys from keyring */
/* The keyring is stored in openpgp.store/openpgp-public-keys */
var keyring = new pgp.Keyring(),
keys = keyring.getAllKeys();

Expand All @@ -379,21 +384,21 @@ var auto_updater = function(spec, my) {
'auto_updater:invalid_keyring'));
}

// Make sure that all the keys in the keyring are valid.
// At a later point we may want to allow invalid keys so long as the
// update is not signed with these.

keys.forEach(function (key) {
if( key.verifyPrimaryKey() !== pgp.enums.keyStatus.valid ) {
/* Make sure that all the keys in the keyring are valid. At a later */
/* point we may want to allow invalid keys so long as the update is */
/* not signed with these. */
keys.forEach(function(key) {
if(key.verifyPrimaryKey() !== pgp.enums.keyStatus.valid) {
return cb_(common.err('Failed to verify key '+
key.primaryKey.fingerprint,
'auto_updater:invalid_key'));
}
common.log.out('[auto_updater] Verified '+key.primaryKey.fingerprint
+' ['+key.users[0].userId.userid+']');
common.log.out('[auto_updater] Verified ' +
key.primaryKey.fingerprint +
' [' + key.users[0].userId.userid + ']');
});

// Verify the SHA1 of file
/* Verify the SHA1 of file */
function verify_sha1sum(filename, sha1sum, cb_) {
var hash = crypto.createHash('sha1');
var inp = fs.createReadStream(filename);
Expand All @@ -403,53 +408,48 @@ var auto_updater = function(spec, my) {
.on('end', function() {
hash.end();
if(hash.read() !== sha1sum) {
common.log.out('[auto_updater] Verifying SHA1 of \''+
filename+'\': FAILED!');
common.log.out('[auto_updater] Verifying SHA1 of `'+
filename + '`: FAILED!');
return cb_(common.err('Invalid sha1sum. Expected: '+
sha1sum+', got: '+hash.read(),
sha1sum + ', got: ' + hash.read(),
'auto_updater:invalid_sha1sum'));
} else {
common.log.out('[auto_updater] Verifying SHA1 of \''+
filename+'\': OK!');
common.log.out('[auto_updater] Verifying SHA1 of `'+
filename + '`: OK!');
return cb_();
}
});
inp.pipe(hash);
}

// Each update tarball should have an accompaning cleartext signed
// sha1sum file. This file is created as:
//
// sha1sum $update > $update.sha1sum
// gpg --armor --clearsign $update.sha1sum
//
// Where $update is the filename of the update tarball.
// This function first verifies the signature with the supplied keys
// and then the actual sha1 of the file.
//
// Note: this function assues that the supplied keys are valid.
function verify_update(filename, keys, cb_) {
var sig_name = filename+'.sha1sum.asc';
common.log.out('[auto_updater] Reading signature file \''+
sig_name+'\'');
fs.readFile(filename+'.sha1sum.asc', 'utf8', function(err, data) {
if (err) { return cb_(err); }

var sig = pgp.cleartext.readArmored(data);
var verified = sig.verify(keys);
if (!verified || verified.length <= 0 || !verified[0].valid) {
common.log.out('[auto_updater] Verifying signature: FAILED!');
return cb_(common.err('Invalid signature.',
'auto_updater:invalid_signature'));
}
common.log.out('[auto_updater] Verifying signature: OK!');
return verify_sha1sum(filename, sig.text.split(' ')[0], cb_);
});
}
};

verify_update(tmp+'.tar.gz', keys, function(err, result) {
if (err) return cb_(err);
return cb_();
/* Each update tarball should have an accompaning cleartext signed */
/* sha1sum file. This file is created as: */
/* */
/* sha1sum $update > $update.sha1sum */
/* gpg --armor --clearsign $update.sha1sum */
/* */
/* Where $update is the filename of the update tarball. */
/* This function first verifies the signature with the supplied keys */
/* and then the actual sha1 of the file. */
/* */
/* Note: this function assues that the supplied keys are valid. */
var sig_path = tmp + 'tar.gz' + '.sha1sum.asc';
var tar_path = tmp + 'tar.gz';
common.log.out('[auto_updater] Reading signature file `'+
sig_path + '`');
fs.readFile(sig_path, 'utf8', function(err, data) {
if (err) {
return cb_(err);
}
var sig = pgp.cleartext.readArmored(data);
var verified = sig.verify(keys);
if (!verified || verified.length <= 0 || !verified[0].valid) {
common.log.out('[auto_updater] Verifying signature: FAILED!');
return cb_(common.err('Invalid signature.',
'auto_updater:invalid_signature'));
}
common.log.out('[auto_updater] Verifying signature: OK!');
return verify_sha1sum(tar_path, sig.text.split(' ')[0], cb_);
});
},
function(cb_) {
Expand Down
Loading

0 comments on commit 9f0d342

Please sign in to comment.