* add class to handle keys and signatures

* fix bug in serverCharBuffer * add build-target to sign tar.gz (run ant dist sign) git-svn-id: https://svn.berlios.de/svnroot/repos/yacy/trunk@5665 6c8d7289-2bf4-0310-a012-ef5d649a1542
16 years ago · c545fcb9fa
parent aa44d9bad9
commit c545fcb9fa
4 changed files with 212 additions and 2 deletions
--- a/build.properties
+++ b/build.properties
@ -10,6 +10,7 @@ proReleaseFile=yacy_pro_v${releaseVersion}_${DSTAMP}_${releaseNr}.tar.gz
 sourceReleaseFile=yacy_src_v${releaseVersion}_${DSTAMP}_${releaseNr}.tar.gz
 releaseFileParentDir=yacy
 releaseNr=$Revision$
+privateKeyFile=private.key

 # defining some file/directory access rights
 accessRightsDir=755
--- a/build.xml
+++ b/build.xml
@ -1078,4 +1078,13 @@
                  match="yacy \(.*\) unstable; urgency=low"
                  replace="yacy (*auto-svn-version*) unstable; urgency=low" />
  </target>
+
+  <target name="sign" depends="readBuildProperties" description="sign all files in RELEASE/ with $privateKey">
+    <java classname="de.anomic.tools.CryptoLib" failonerror="true">
+      <classpath>
+        <pathelement location="${build}"/>
+      </classpath>
+      <arg line="--sign ${privateKeyFile} ${release}/${stdReleaseFile}"/>
+    </java>
+  </target>
 </project>
--- a/source/de/anomic/server/serverCharBuffer.java
+++ b/source/de/anomic/server/serverCharBuffer.java
@ -90,8 +90,8 @@ public final class serverCharBuffer extends Writer {
        // initially fill the buffer with the content of a file
        if (f.length() > Integer.MAX_VALUE) throw new IOException("file is too large for buffering");

-        length = (int) f.length();
-        buffer = new char[length*2];
+        length = 0;
+        buffer = new char[(int) f.length()*2];
        offset = 0;

        FileReader fr = null;
--- a/source/de/anomic/tools/CryptoLib.java
+++ b/source/de/anomic/tools/CryptoLib.java
@ -0,0 +1,200 @@
+// CryptoLib.java
+// (C) 2009 by Florian Richter; f1ori@users.berlios.de
+// first published 2.3.2009 on http://yacy.net
+//
+// This is a part of YaCy, a peer-to-peer based web search engine
+//
+// $LastChangedDate: 2008-03-14 01:16:04 +0100 (Fr, 14 Mrz 2008) $
+// $LastChangedRevision: 4558 $
+// $LastChangedBy: orbiter $
+//
+// LICENSE
+//
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; either version 2 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with this program; if not, write to the Free Software
+// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+//
+package de.anomic.tools;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.FileWriter;
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.InvalidKeyException;
+import java.security.KeyFactory;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.Signature;
+import java.security.SignatureException;
+import java.security.spec.EncodedKeySpec;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.spec.X509EncodedKeySpec;
+
+import de.anomic.kelondro.order.Base64Order;
+import de.anomic.server.serverCharBuffer;
+
+/**
+ * Tool functions to sign and verify files and generate keys
+ * 
+ * Start with "java -cp classes de.anomic.tools.CryptoLib --help"
+ * from main folder
+ * 
+ * @author flori
+ *
+ */
+public class CryptoLib {
+    
+    private static final String HELP =
+	"Tool to sign files and verify the signature.\n" +
+	"Usage:\n" +
+	" --help  Print this help\n" +
+	" --sign privatekey file\n" +
+	"         Sign file with key and save signature as file.sig\n" +
+	" --verify publickey file file.sig\n" +
+	"         Verify signatur\n" +
+	" --gen-key privatekey publickey\n";
+    
+    private static final String algorithm = "DSA";
+    private static final int bitkey       = 1024;
+    
+    private KeyFactory keyFact;
+    private Signature sign;
+    
+    public CryptoLib() throws NoSuchAlgorithmException {
+	keyFact = KeyFactory.getInstance(algorithm);
+	sign = Signature.getInstance("SHA1with"+algorithm);
+    }
+    
+    public PrivateKey getPrivateKeyFromBytes(byte[] keyBuffer) throws IOException, InvalidKeySpecException {
+	return keyFact.generatePrivate(new PKCS8EncodedKeySpec(keyBuffer));
+    }
+    
+    public PublicKey getPublicKeyFromBytes(byte[] keyBuffer) throws IOException, InvalidKeySpecException {
+	return keyFact.generatePublic(new X509EncodedKeySpec(keyBuffer));	
+    }
+    
+    public byte[] getBytesOfPrivateKey(PrivateKey privKey) throws InvalidKeySpecException {	
+	EncodedKeySpec keySpec =
+	    keyFact.getKeySpec(privKey, PKCS8EncodedKeySpec.class);
+	return keySpec.getEncoded();
+    }
+    
+    public byte[] getBytesOfPublicKey(PublicKey pubKey) throws InvalidKeySpecException {	
+	EncodedKeySpec keySpec =
+	    keyFact.getKeySpec(pubKey, X509EncodedKeySpec.class);
+	return keySpec.getEncoded();
+    }
+    
+    public byte[] getSignature(PrivateKey privKey, InputStream dataStream) throws InvalidKeyException, SignatureException, IOException {
+	sign.initSign(privKey);
+	byte[] buffer = new byte[1024];
+	while(dataStream.read(buffer) != -1) {
+	    sign.update(buffer);
+	}
+	dataStream.close();
+	return sign.sign();
+    }
+    
+    public boolean verifySignature(PublicKey pubKey, InputStream dataStream, byte[] signBuffer) throws InvalidKeyException, SignatureException, IOException {
+	sign.initVerify(pubKey);
+	
+	byte[] buffer = new byte[1024];
+	while(dataStream.read(buffer) != -1) {
+	    sign.update(buffer);
+	}
+	dataStream.close();
+	
+	return sign.verify(signBuffer);
+    }
+    
+    public KeyPair genKeyPair() throws NoSuchAlgorithmException {
+	KeyPairGenerator kpg = KeyPairGenerator.getInstance(algorithm);
+	kpg.initialize(bitkey);
+	return kpg.generateKeyPair();	
+    }
+
+    
+    public static void main(String[] args) {
+	try {
+	    if(args.length < 1 || args[0].contains("help")) {
+		System.out.println(HELP);
+
+	    } else if(args[0].equals("--sign") && args.length==3) {
+		CryptoLib cl = new CryptoLib();
+		serverCharBuffer privKeyBuffer = new serverCharBuffer(new File(args[1]));
+		byte[] privKeyByteBuffer = Base64Order.standardCoder.decode(
+			privKeyBuffer.toString(), "Private Key");
+		PrivateKey privKey = cl.getPrivateKeyFromBytes(privKeyByteBuffer);
+
+		FileInputStream dataStream = new FileInputStream(args[2]);
+
+		byte[] signBuffer = cl.getSignature(privKey, dataStream);
+		FileWriter signFile = new FileWriter(args[2] + ".sig");
+		signFile.write(Base64Order.standardCoder.encode(signBuffer));
+		signFile.close();
+	    } else if(args[0].equals("--verify") && args.length==3) {
+		CryptoLib cl = new CryptoLib();
+		serverCharBuffer pubKeyBuffer = new serverCharBuffer(new File(args[1]));
+		byte[] pubKeyByteBuffer = Base64Order.standardCoder.decode(
+			pubKeyBuffer.toString(), "Private Key");
+		PublicKey pubKey = cl.getPublicKeyFromBytes(pubKeyByteBuffer);
+
+		FileInputStream dataStream = new FileInputStream(args[2]);
+
+		serverCharBuffer signBuffer = new serverCharBuffer(new File(args[2] + ".sig"));
+		byte[] signByteBuffer = Base64Order.standardCoder.decode(
+			signBuffer.toString(), "Signature");
+		if(cl.verifySignature(pubKey, dataStream, signByteBuffer)) {
+		    System.out.println("Signature OK!");
+		} else {
+		    System.out.println("Signature FALSE!!!!!!!!!!!");
+		    System.exit(1);
+		}
+
+	    } else if(args[0].equals("--gen-key") && args.length==3) {
+		CryptoLib cl = new CryptoLib();
+
+		KeyPair kp = cl.genKeyPair();
+
+		FileWriter privFile = new FileWriter(args[1]);
+		privFile.write(Base64Order.standardCoder.encode(
+			cl.getBytesOfPrivateKey(kp.getPrivate())));
+		privFile.close();
+
+		FileWriter pubFile = new FileWriter(args[2]);
+		pubFile.write(Base64Order.standardCoder.encode(
+			cl.getBytesOfPublicKey(kp.getPublic())));
+		pubFile.close();
+	    }
+
+	} catch (FileNotFoundException e) {
+	    System.out.println("File not found: " + e.getMessage());
+	} catch (IOException e) {
+	    System.out.println("IO-Error: " + e.getMessage());
+	} catch (NoSuchAlgorithmException e) {
+	    System.out.println("No such Algorithm: " + e.getMessage());
+	} catch (InvalidKeySpecException e) {
+	    System.out.println("Key has invalid format: " + e.getMessage());
+	} catch (InvalidKeyException e) {
+	    System.out.println("Invalid Key: " + e.getMessage());
+	} catch (SignatureException e) {
+	    System.out.println("Error while signing: " + e.getMessage());
+	}
+    }
+}