fdroidcl/jar.go

// Copyright (c) 2015, Daniel Martí <mvdan@mvdan.cc>
// See LICENSE for licensing information

package fdroidcl

import (
	"archive/zip"
	//"crypto/x509"
	"errors"
	"io"
	//"io/ioutil"
	"regexp"
)

const indexPath = "index.xml"

var (
	sigRegex = regexp.MustCompile(`^META-INF/.*\.(DSA|EC|RSA)$`)

	ErrNoIndex     = errors.New("no xml index found inside jar")
	ErrNoSigs      = errors.New("no jar signatures found")
	ErrTooManySigs = errors.New("multiple jar signatures found")
)

func verifySignature(pubkey []byte, sig io.Reader) error {
	/*
		sigBytes, err := ioutil.ReadAll(sig)
		if err != nil {
			return err
		}
		cert, err := x509.ParseCertificate(pubkey)
		if err != nil {
			return err
		}
		return cert.CheckSignature(x509.MD5WithRSA, ...)
	*/
	return nil // MD5WithRSA is currently unimplemented
}

func LoadIndexJar(r io.ReaderAt, size int64, pubkey []byte) (*Index, error) {
	reader, err := zip.NewReader(r, size)
	if err != nil {
		return nil, err
	}
	var index io.ReadCloser
	var sig io.ReadCloser
	for _, f := range reader.File {
		if f.Name == indexPath {
			index, err = f.Open()
			if err != nil {
				return nil, err
			}
		} else if sigRegex.MatchString(f.Name) {
			if sig != nil {
				return nil, ErrTooManySigs
			}
			sig, err = f.Open()
			if err != nil {
				return nil, err
			}
		}
	}
	if index == nil {
		return nil, ErrNoIndex
	}
	defer index.Close()
	if sig == nil {
		return nil, ErrNoSigs
	}
	defer sig.Close()
	if err := verifySignature(pubkey, sig); err != nil {
		return nil, err
	}
	return LoadIndexXml(index)
}
Use // for the license headers 11 years ago			`// Copyright (c) 2015, Daniel Martí <mvdan@mvdan.cc>`
			`// See LICENSE for licensing information`
Move jar code into jar.go 11 years ago
			`package fdroidcl`

			`import (`
			`"archive/zip"`
MD5WithRSA is not implemented yet 11 years ago			`//"crypto/x509"`
Start signature verification support for jar indexes 11 years ago			`"errors"`
Move jar code into jar.go 11 years ago			`"io"`
MD5WithRSA is not implemented yet 11 years ago			`//"io/ioutil"`
Start signature verification support for jar indexes 11 years ago			`"regexp"`
Move jar code into jar.go 11 years ago			`)`

Start signature verification support for jar indexes 11 years ago			`const indexPath = "index.xml"`

			`var (`
			sigRegex = regexp.MustCompile(`^META-INF/.*\.(DSA\|EC\|RSA)$`)

			`ErrNoIndex = errors.New("no xml index found inside jar")`
			`ErrNoSigs = errors.New("no jar signatures found")`
			`ErrTooManySigs = errors.New("multiple jar signatures found")`
			`)`

MD5WithRSA is not implemented yet 11 years ago			`func verifySignature(pubkey []byte, sig io.Reader) error {`
			`/*`
Run go fmt 11 years ago			`sigBytes, err := ioutil.ReadAll(sig)`
			`if err != nil {`
			`return err`
			`}`
			`cert, err := x509.ParseCertificate(pubkey)`
			`if err != nil {`
			`return err`
			`}`
			`return cert.CheckSignature(x509.MD5WithRSA, ...)`
MD5WithRSA is not implemented yet 11 years ago			`*/`
			`return nil // MD5WithRSA is currently unimplemented`
Start signature verification support for jar indexes 11 years ago			`}`

MD5WithRSA is not implemented yet 11 years ago			`func LoadIndexJar(r io.ReaderAt, size int64, pubkey []byte) (*Index, error) {`
Move jar code into jar.go 11 years ago			`reader, err := zip.NewReader(r, size)`
			`if err != nil {`
			`return nil, err`
			`}`
Start signature verification support for jar indexes 11 years ago			`var index io.ReadCloser`
			`var sig io.ReadCloser`
Move jar code into jar.go 11 years ago			`for _, f := range reader.File {`
Start signature verification support for jar indexes 11 years ago			`if f.Name == indexPath {`
			`index, err = f.Open()`
			`if err != nil {`
			`return nil, err`
			`}`
			`} else if sigRegex.MatchString(f.Name) {`
			`if sig != nil {`
			`return nil, ErrTooManySigs`
			`}`
			`sig, err = f.Open()`
			`if err != nil {`
			`return nil, err`
			`}`
Move jar code into jar.go 11 years ago			`}`
			`}`
Start signature verification support for jar indexes 11 years ago			`if index == nil {`
			`return nil, ErrNoIndex`
			`}`
			`defer index.Close()`
			`if sig == nil {`
			`return nil, ErrNoSigs`
			`}`
			`defer sig.Close()`
MD5WithRSA is not implemented yet 11 years ago			`if err := verifySignature(pubkey, sig); err != nil {`
Start signature verification support for jar indexes 11 years ago			`return nil, err`
			`}`
			`return LoadIndexXml(index)`
Move jar code into jar.go 11 years ago			`}`