BlockStorage/repertory-ui
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

[#21: Add signature validation during installations [partial]] [Updated packages] [Removed Hyperspace] [Updated README]

Browse Source
This commit is contained in:
Scott E. Graves
2019-04-17 13:17:29 -05:00
parent 89fd3d5a84
commit 77094630b2
8 changed files with 213 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

109
public/electron.js
View File

@@ -11,10 +11,37 @@ const helpers = require('../src/helpers');
const fs = require('fs');
const unzip = require('unzipper');
const AutoLaunch = require('auto-launch');
require.extensions['.sh'] = function (module, filename) {
module.exports = fs.readFileSync(filename, 'utf8');
};
const detectScript = require('./detect_linux.sh');
const publicKey =
'-----BEGIN PUBLIC KEY-----\n' +
'MIIEIjANBgkqhkiG9w0BAQEFAAOCBA8AMIIECgKCBAEKfZmq5mMAtD4kSt2Gc/5J\n' +
'H+HHTYtUZE6YYvsvz8TNG/bNL67ZtNRyaoMyhLTfIN4rPBNLUfD+owNS+u5Yk+lS\n' +
'ZLYyOuhoCZIFefayYqKLr42G8EeuRbx0IMzXmJtN0a4rqxlWhkYufJubpdQ+V4DF\n' +
'oeupcPdIATaadCKVeZC7A0G0uaSwoiAVMG5dZqjQW7F2LoQm3PhNkPvAybIJ6vBy\n' +
'LqdBegS1JrDn43x/pvQHzLO+l+FIG23D1F7iF+yZm3DkzBdcmi/mOMYs/rXZpBym\n' +
'2/kTuSGh5buuJCeyOwR8N3WdvXw6+KHMU/wWU8qTCTT87mYbzH4YR8HgkjkLHxAO\n' +
'5waHK6vMu0TxugCdJmVV6BSbiarJsh66VRosn7+6hlq6AdgksxqCeNELZBS+LBki\n' +
'tb5hKyL+jNZnaHiR0U7USWtmnqZG6FVVRzlCnxP7tZo5O5Ex9AAFGz5JzOzsFNbv\n' +
'xwQ0zqaTQOze+MJbkda7JfRoC6TncD0+3hoXsiaF4mCn8PqUCn0DwhglcRucZlST\n' +
'ZvDNDo1WAtxPJebb3aS6uymNhBIquQbVAWxVO4eTrOYEgutxwkHE3yO3is+ogp8d\n' +
'xot7f/+vzlbsbIDyuZBDe0fFkbTIMTU48QuUUVZpRKmKZTHQloz4EHqminbfX1sh\n' +
'M7wvDkpJEtqbc0VnG/BukUzP6e7Skvgc7eF1sI3+8jH8du2rivZeZAl7Q2f+L9JA\n' +
'BY9pjaxttxsud7V5jeFi4tKuDHi21/XhSjlJK2c2C4AiUEK5/WhtGbQ5JjmcOjRq\n' +
'yXFRqLlerzOcop2kbtU3Ar230wOx3Dj23Wg8++lV3LU4U9vMR/t0qnSbCSGJys7m\n' +
'ax2JpFlTwj/0wYuTlVFoNQHZJ1cdfyRiRBY4Ou7XO0W5hcBBKiYsC+neEeMMHdCe\n' +
'iTDIW/ojcVTdFovl+sq3n1u4SBknE90JC/3H+TPE1s2iB+fwORVg0KPosQSNDS0A\n' +
'7iK6AZCDC3YooFo+OzHkYMt9uLkXiXMSLx70az+qlIwOzVHKxCo7W/QpeKCXUCRZ\n' +
'MMdlYEUs1PC8x2qIRUEVHuJ0XMTKNyOHmzVLuLK93wUWbToh+rdDxnbhX+emuESn\n' +
'XH6aKiUwX4olEVKSylRUQw8nVckZGVWXzLDlgpzDrLHC8J8qHzFt7eCqOdiqsxhZ\n' +
'x1U5LtugxwSWncTZ7vlKl0DuC/AWB7SuDi7bGRMSVp2n+MnD1VLKlsCclHXjIciE\n' +
'W29n3G3lJ/sOta2sxqLd0j1XBQddrFXl5b609sIY81ocHqu8P2hRu5CpqJ/sGZC5\n' +
'mMH3segHBkRj0xJcfOxceRLj1a+ULIIR3xL/3f8s5Id25TDo/nqBoCvu5PeCpo6L\n' +
'9wIDAQAB\n' +
'-----END PUBLIC KEY-----';
// Keep a global reference of the window object, if you don't, the window will
// be closed automatically when the JavaScript object is garbage collected.
@@ -582,9 +609,10 @@ ipcMain.on(Constants.IPC_Get_Config_Template, (event, data) => {
ipcMain.on(Constants.IPC_Get_Platform, (event) => {
let platform = os.platform();
if (platform === 'linux') {
fs.writeFileSync('/tmp/repertory_detect_linux.sh', detectScript);
const scriptFile = path.join(os.tmpdir(), 'repertory_detect_linux.sh');
fs.writeFileSync(scriptFile, detectScript);
helpers
.executeScript('/tmp/repertory_detect_linux.sh')
.executeScript(scriptFile)
.then(data => {
platform = data.replace(/(\r\n|\n|\r)/gm,"");
event.sender.send(Constants.IPC_Get_Platform_Reply, {
@@ -661,29 +689,101 @@ ipcMain.on(Constants.IPC_Install_Dependency, (event, data) => {
});
ipcMain.on(Constants.IPC_Install_Upgrade, (event, data) => {
let tempSig;
let tempPub;
const hasSignature = data.Signature && (data.Signature.length > 0);
const hasHash = data.Sha256 && (data.Sha256.length > 0);
if (hasSignature) {
try {
const files = helpers.createSignatureFiles(data.Signature, publicKey);
tempPub = files.PublicKeyFile;
tempSig = files.SignatureFile;
} catch (e) {
standardIPCReply(event, Constants.IPC_Install_Upgrade_Reply, {
Source: data.Source,
}, e);
return;
}
}
const cleanupFiles = () => {
try {
if (tempSig) {
fs.unlinkSync(tempSig);
}
if (tempPub) {
fs.unlinkSync(tempPub);
}
} catch (e) {
}
};
if (os.platform() === 'win32') {
helpers
const executeInstall = () => {
helpers
.executeAsync(data.Source)
.then(() => {
cleanupFiles();
closeApplication();
})
.catch(error => {
cleanupFiles();
standardIPCReply(event, Constants.IPC_Install_Upgrade_Reply, {
Source: data.Source,
}, error);
});
};
if (hasSignature) {
helpers
.verifySignature(data.Source, tempSig, tempPub)
.then(() => {
executeInstall();
})
.catch(() => {
cleanupFiles();
standardIPCReply(event, Constants.IPC_Install_Upgrade_Reply, {
Source: data.Source,
}, 'Failed to verify installation package signature');
});
} else { // TODO Check Sha256
executeInstall();
}
} else if (data.Source.toLocaleLowerCase().endsWith('.dmg')) {
helpers
const executeInstall = () => {
helpers
.executeAsync('open', ['-a', 'Finder', data.Source])
.then(() => {
cleanupFiles();
closeApplication();
})
.catch(error => {
cleanupFiles();
standardIPCReply(event, Constants.IPC_Install_Upgrade_Reply, {
Source: data.Source,
}, error);
});
};
if (hasHash) {
helpers
.verifyHash(data.Source, data.Sha256)
.then(()=> {
executeInstall();
})
.catch(() => {
cleanupFiles();
standardIPCReply(event, Constants.IPC_Install_Upgrade_Reply, {
Source: data.Source,
}, 'Failed to verify installation package hash');
});
} else {
executeInstall();
}
} else if (data.Source.toLocaleLowerCase().endsWith('.appimage')) {
cleanupFiles();
standardIPCReply(event, Constants.IPC_Install_Upgrade_Reply, {
Source: data.Source,
}, Error('Not implemented upgrade: ' + data.Source));
// TODO Generate and execute script with delay
/*helpers
.executeAsync(data.Source)
@@ -696,6 +796,7 @@ ipcMain.on(Constants.IPC_Install_Upgrade, (event, data) => {
}, error);
});*/
} else {
cleanupFiles();
standardIPCReply(event, Constants.IPC_Install_Upgrade_Reply, {
Source: data.Source,
}, Error('Unsupported upgrade: ' + data.Source));