Skip to content
Snippets Groups Projects
Commit df918256 authored by Xavier Jouslin de Noray's avatar Xavier Jouslin de Noray Committed by Sébastien Blin
Browse files

Plugin Update: verify public key if the plugin already install

Change-Id: Ia3b3ec41994117af228a1ef595208fee165b0d3b
parent dea87f57
No related branches found
No related tags found
No related merge requests found
......@@ -126,6 +126,30 @@ JamiPluginManager::getInstalledPlugins()
return pluginsPaths;
}
bool
JamiPluginManager::checkPluginCertificatePublicKey(const std::string& oldJplPath, const std::string& newJplPath)
{
std::map<std::string, std::string> oldDetails = PluginUtils::parseManifestFile(PluginUtils::manifestPath(oldJplPath), oldJplPath);
if (
oldDetails.empty() ||
!std::filesystem::is_regular_file(oldJplPath + DIR_SEPARATOR_CH + oldDetails["id"] + ".crt") ||
!std::filesystem::is_regular_file(newJplPath)
)
return false;
try {
auto oldCert = PluginUtils::readPluginCertificate(oldJplPath, oldDetails["id"]);
auto newCert = PluginUtils::readPluginCertificateFromArchive(newJplPath);
if (!oldCert || !newCert) {
return false;
}
return oldCert->getPublicKey() == newCert->getPublicKey();
} catch (const std::exception& e) {
JAMI_ERR() << e.what();
return false;
}
return true;
}
bool
JamiPluginManager::checkPluginCertificateValidity(dht::crypto::Certificate* cert)
{
......@@ -256,6 +280,8 @@ JamiPluginManager::installPlugin(const std::string& jplPath, bool force)
} else {
std::string installedVersion = alreadyInstalledManifestMap.at("version");
if (version > installedVersion) {
if(!checkPluginCertificatePublicKey(destinationDir, jplPath))
return CERTIFICATE_VERIFICATION_FAILED;
r = uninstallPlugin(destinationDir);
if (r == SUCCESS) {
archiver::uncompressArchive(jplPath,
......
......@@ -79,6 +79,13 @@ public:
*/
bool checkPluginCertificateValidity(dht::crypto::Certificate* cert);
/**
* @brief check if the if the public key of the certificate is the same as the public key in the new plugin
* @param oldJplPath, newJplPath
* return true if valid
*/
bool checkPluginCertificatePublicKey(const std::string& oldJplPath, const std::string& newJplPath);
/**
* @brief check if all file are present in the signature file
* @param jplPath
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment