From f8daccffc061e2f05f6605913c19d4aa807eaddb Mon Sep 17 00:00:00 2001 From: cyBerta Date: Mon, 9 Nov 2020 15:37:31 +0100 Subject: initial auto-update implementation: introducing fatweb flavor, pgpverify go library and bitmask core library, basic update mechanism --- go/android_build_core.sh | 22 ++++++ go/android_build_shapeshifter_lib.sh | 21 ------ go/android_build_web_core.sh | 22 ++++++ .../se.leap.bitmaskclient/pgpverify/pgpverify.go | 82 ++++++++++++++++++++++ 4 files changed, 126 insertions(+), 21 deletions(-) create mode 100755 go/android_build_core.sh delete mode 100755 go/android_build_shapeshifter_lib.sh create mode 100755 go/android_build_web_core.sh create mode 100644 go/src/se.leap.bitmaskclient/pgpverify/pgpverify.go (limited to 'go') diff --git a/go/android_build_core.sh b/go/android_build_core.sh new file mode 100755 index 00000000..1a6af5b7 --- /dev/null +++ b/go/android_build_core.sh @@ -0,0 +1,22 @@ +#!/bin/bash + +export GOPATH=`pwd` +export GO_LANG=`pwd`/golang/go/bin +export GO_COMPILED=`pwd`/bin +PATH="${GO_LANG}:${GO_COMPILED}:${PATH}" + +if [ -z $ANDROID_NDK_HOME ]; then + echo "Android NDK path not specified!" + echo "Please set \$ANDROID_NDK_HOME before starting this script!" + exit 1; +fi + +./golang/go/bin/go env +echo "getting gomobile..." +./golang/go/bin/go get golang.org/x/mobile/cmd/gomobile +echo "initiating gomobile..." +./bin/gomobile init +if [ ! -d ./lib ]; then mkdir ./lib; fi +echo "cross compiling bitmask core lib (shapeshifter)..." +./bin/gomobile bind -target=android -o ./lib/bitmask-core.aar se.leap.bitmaskclient/shapeshifter/ +cp lib/bitmask-core* ../bitmask-core/. \ No newline at end of file diff --git a/go/android_build_shapeshifter_lib.sh b/go/android_build_shapeshifter_lib.sh deleted file mode 100755 index bbe3c84a..00000000 --- a/go/android_build_shapeshifter_lib.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash - -export GOPATH=`pwd` -export GO_LANG=`pwd`/golang/go/bin -export GO_COMPILED=`pwd`/bin -PATH="${GO_LANG}:${GO_COMPILED}:${PATH}" - -if [ -z $ANDROID_NDK_HOME ]; then - echo "Android NDK path not specified!" - echo "Please set \$ANDROID_NDK_HOME before starting this script!" - exit 1; -fi - -./golang/go/bin/go env -echo "getting gomobile..." -./golang/go/bin/go get golang.org/x/mobile/cmd/gomobile -echo "initiating gomobile..." -./bin/gomobile init -echo "cross compiling shapeshifter lib..." -./bin/gomobile bind -target=android -o ./lib/shapeshifter.aar se.leap.bitmaskclient/shapeshifter/ -cp lib/shapeshifter* ../shapeshifter/. \ No newline at end of file diff --git a/go/android_build_web_core.sh b/go/android_build_web_core.sh new file mode 100755 index 00000000..762d4dad --- /dev/null +++ b/go/android_build_web_core.sh @@ -0,0 +1,22 @@ +#!/bin/bash + +export GOPATH=`pwd` +export GO_LANG=`pwd`/golang/go/bin +export GO_COMPILED=`pwd`/bin +PATH="${GO_LANG}:${GO_COMPILED}:${PATH}" + +if [ -z $ANDROID_NDK_HOME ]; then + echo "Android NDK path not specified!" + echo "Please set \$ANDROID_NDK_HOME before starting this script!" + exit 1; +fi + +./golang/go/bin/go env +echo "getting gomobile..." +./golang/go/bin/go get golang.org/x/mobile/cmd/gomobile +echo "initiating gomobile..." +./bin/gomobile init +if [ ! -d ./lib ]; then mkdir ./lib; fi +echo "cross compiling bitmask web apk core lib (shapeshifter, pgpverify)..." +./bin/gomobile bind -target=android -o ./lib/bitmask-web-core.aar se.leap.bitmaskclient/shapeshifter/ se.leap.bitmaskclient/pgpverify +cp lib/bitmask-web-core* ../bitmask-web-core/. \ No newline at end of file diff --git a/go/src/se.leap.bitmaskclient/pgpverify/pgpverify.go b/go/src/se.leap.bitmaskclient/pgpverify/pgpverify.go new file mode 100644 index 00000000..653ea695 --- /dev/null +++ b/go/src/se.leap.bitmaskclient/pgpverify/pgpverify.go @@ -0,0 +1,82 @@ +package pgpverify + +import ( + "os" + "strings" + + "golang.org/x/crypto/openpgp" +) + +// PgpVerifier - exported struct used for file verification +type PgpVerifier struct { + //Signature string + //Target string + //PublicKey string + Logger Logger +} + +// Logger - logging interface +type Logger interface { + Log(msg string) +} + +// Verify checks if a file was signed with the correct pgp key +// using a PEM formatted signature and a corresponding public key +func (pgpv *PgpVerifier) Verify(signature string, publicKey string, targetPath string) bool { + keyRingReader := strings.NewReader(publicKey) + signatureReader := strings.NewReader(signature) + + verificationTarget, err := os.Open(targetPath) + if err != nil { + pgpv.Logger.Log("Open verification target: " + err.Error()) + return false + } + + keyring, err := openpgp.ReadArmoredKeyRing(keyRingReader) + if err != nil { + pgpv.Logger.Log("Read Armored Key Ring: " + err.Error()) + return false + } + _, err = openpgp.CheckArmoredDetachedSignature(keyring, verificationTarget, signatureReader) + if err != nil { + pgpv.Logger.Log("Verification failed: " + err.Error()) + return false + } + pgpv.Logger.Log("Successfully verified: entity.Identities") + return true +} + +/*func main() { + keyRingReader, err := os.Open("public_leap.asc") + if err != nil { + fmt.Println(err) + return + } + + signature, err := os.Open("RiseupVPN_release_1.0.5.apk.sig") + if err != nil { + fmt.Println(err) + return + } + + verificationTarget, err := os.Open("RiseupVPN_release_1.0.5.apk") + if err != nil { + fmt.Println(err) + return + } + + keyring, err := openpgp.ReadArmoredKeyRing(keyRingReader) + if err != nil { + fmt.Println("Read Armored Key Ring: " + err.Error()) + return + } + entity, err := openpgp.CheckArmoredDetachedSignature(keyring, verificationTarget, signature) + if err != nil { + fmt.Println("Check Detached Signature: " + err.Error()) + return + } else { + fmt.Println("successfully verified") + } + + fmt.Println(entity.Identities) +}*/ -- cgit v1.2.3