#21: Add signature validation during installations [partial]
This commit is contained in:
Scott E. Graves
@@ -3,7 +3,7 @@
|
|||||||
"version": "1.0.3",
|
"version": "1.0.3",
|
||||||
"private": true,
|
"private": true,
|
||||||
"author": "scott.e.graves@gmail.com",
|
"author": "scott.e.graves@gmail.com",
|
||||||
"description": "GUI for Repertory - Repertory allows you to mount Hyperspace, Sia and/or SiaPrime blockchain storage solutions via FUSE on Linux/OS X or via WinFSP on Windows.",
|
"description": "GUI for Repertory - Repertory allows you to mount Sia and/or SiaPrime blockchain storage solutions via FUSE on Linux/OS X or via WinFSP on Windows.",
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"@fortawesome/fontawesome-svg-core": "^1.2.17",
|
"@fortawesome/fontawesome-svg-core": "^1.2.17",
|
||||||
"@fortawesome/free-solid-svg-icons": "^5.8.1",
|
"@fortawesome/free-solid-svg-icons": "^5.8.1",
|
||||||
|
|||||||
@@ -692,21 +692,6 @@ ipcMain.on(Constants.IPC_Install_Dependency, (event, data) => {
|
|||||||
ipcMain.on(Constants.IPC_Install_Upgrade, (event, data) => {
|
ipcMain.on(Constants.IPC_Install_Upgrade, (event, data) => {
|
||||||
let tempSig;
|
let tempSig;
|
||||||
let tempPub;
|
let tempPub;
|
||||||
const hasSignature = data.Signature && (data.Signature.length > 0);
|
|
||||||
const hasHash = data.Sha256 && (data.Sha256.length > 0);
|
|
||||||
if (hasSignature) {
|
|
||||||
try {
|
|
||||||
const files = helpers.createSignatureFiles(data.Signature, publicKey);
|
|
||||||
tempPub = files.PublicKeyFile;
|
|
||||||
tempSig = files.SignatureFile;
|
|
||||||
} catch (e) {
|
|
||||||
standardIPCReply(event, Constants.IPC_Install_Upgrade_Reply, {
|
|
||||||
Source: data.Source,
|
|
||||||
}, e);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
const cleanupFiles = () => {
|
const cleanupFiles = () => {
|
||||||
try {
|
try {
|
||||||
if (tempSig) {
|
if (tempSig) {
|
||||||
@@ -719,6 +704,26 @@ ipcMain.on(Constants.IPC_Install_Upgrade, (event, data) => {
|
|||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
const errorHandler = err => {
|
||||||
|
cleanupFiles();
|
||||||
|
standardIPCReply(event, Constants.IPC_Install_Upgrade_Reply, {
|
||||||
|
Source: data.Source,
|
||||||
|
}, err);
|
||||||
|
};
|
||||||
|
|
||||||
|
const hasSignature = data.Signature && (data.Signature.length > 0);
|
||||||
|
const hasHash = data.Sha256 && (data.Sha256.length > 0);
|
||||||
|
if (hasSignature) {
|
||||||
|
try {
|
||||||
|
const files = helpers.createSignatureFiles(data.Signature, publicKey);
|
||||||
|
tempPub = files.PublicKeyFile;
|
||||||
|
tempSig = files.SignatureFile;
|
||||||
|
} catch (e) {
|
||||||
|
errorHandler(e);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
let command;
|
let command;
|
||||||
let args;
|
let args;
|
||||||
const platform = os.platform();
|
const platform = os.platform();
|
||||||
@@ -735,16 +740,10 @@ ipcMain.on(Constants.IPC_Install_Upgrade, (event, data) => {
|
|||||||
command = execPath;
|
command = execPath;
|
||||||
args = [data.Source];
|
args = [data.Source];
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
cleanupFiles();
|
errorHandler(e);
|
||||||
standardIPCReply(event, Constants.IPC_Install_Upgrade_Reply, {
|
|
||||||
Source: data.Source,
|
|
||||||
}, e);
|
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
cleanupFiles();
|
errorHandler(Error('Platform not supported: ' + os.platform()));
|
||||||
standardIPCReply(event, Constants.IPC_Install_Upgrade_Reply, {
|
|
||||||
Source: data.Source,
|
|
||||||
}, Error('Platform not supported: ' + os.platform()));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (command) {
|
if (command) {
|
||||||
@@ -756,10 +755,7 @@ ipcMain.on(Constants.IPC_Install_Upgrade, (event, data) => {
|
|||||||
closeApplication();
|
closeApplication();
|
||||||
})
|
})
|
||||||
.catch(error => {
|
.catch(error => {
|
||||||
cleanupFiles();
|
errorHandler(error);
|
||||||
standardIPCReply(event, Constants.IPC_Install_Upgrade_Reply, {
|
|
||||||
Source: data.Source,
|
|
||||||
}, error);
|
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
|
||||||
@@ -770,10 +766,7 @@ ipcMain.on(Constants.IPC_Install_Upgrade, (event, data) => {
|
|||||||
executeInstall();
|
executeInstall();
|
||||||
})
|
})
|
||||||
.catch(() => {
|
.catch(() => {
|
||||||
cleanupFiles();
|
errorHandler(Error('Failed to verify installation package signature'));
|
||||||
standardIPCReply(event, Constants.IPC_Install_Upgrade_Reply, {
|
|
||||||
Source: data.Source,
|
|
||||||
}, 'Failed to verify installation package signature');
|
|
||||||
});
|
});
|
||||||
} else if (hasHash) {
|
} else if (hasHash) {
|
||||||
helpers
|
helpers
|
||||||
@@ -782,19 +775,13 @@ ipcMain.on(Constants.IPC_Install_Upgrade, (event, data) => {
|
|||||||
executeInstall();
|
executeInstall();
|
||||||
})
|
})
|
||||||
.catch(() => {
|
.catch(() => {
|
||||||
cleanupFiles();
|
errorHandler(Error('Failed to verify installation package hash'));
|
||||||
standardIPCReply(event, Constants.IPC_Install_Upgrade_Reply, {
|
|
||||||
Source: data.Source,
|
|
||||||
}, 'Failed to verify installation package hash');
|
|
||||||
});
|
});
|
||||||
} else {
|
} else {
|
||||||
executeInstall();
|
executeInstall();
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
cleanupFiles();
|
errorHandler(Error('Unsupported upgrade: ' + data.Source));
|
||||||
standardIPCReply(event, Constants.IPC_Install_Upgrade_Reply, {
|
|
||||||
Source: data.Source,
|
|
||||||
}, Error('Unsupported upgrade: ' + data.Source));
|
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user