|
42 | 42 |
|
43 | 43 | import org.apache.commons.compress.utils.IOUtils; |
44 | 44 |
|
| 45 | +import cc.arduino.contributions.SignatureVerifier; |
| 46 | +import cc.arduino.utils.FileHash; |
45 | 47 | import processing.app.legacy.PApplet; |
46 | 48 |
|
47 | 49 |
|
@@ -125,27 +127,48 @@ public void run() { |
125 | 127 | //System.err.println("Error while trying to check for an update."); |
126 | 128 | } |
127 | 129 |
|
| 130 | + File tmp = null; |
128 | 131 | try { |
| 132 | + tmp = File.createTempFile("arduino_splash_update", ".txt.asc"); |
129 | 133 | // Check for updates of the splash screen |
130 | | - List<String> lines = readFileFromURL("https://go.bug.st/latest_splash.txt"); |
131 | | - if (lines.size() > 0) { |
132 | | - // if the splash image has been changed download the new file |
133 | | - String newSplashUrl = lines.get(0); |
134 | | - String oldSplashUrl = PreferencesData.get("splash.imageurl"); |
135 | | - if (!newSplashUrl.equals(oldSplashUrl)) { |
136 | | - File tmpFile = BaseNoGui.getSettingsFile("splash.png.tmp"); |
137 | | - downloadFileFromURL(newSplashUrl, tmpFile); |
138 | | - File destFile = BaseNoGui.getSettingsFile("splash.png"); |
139 | | - Files.move(tmpFile.toPath(), destFile.toPath(), |
140 | | - StandardCopyOption.REPLACE_EXISTING); |
141 | | - PreferencesData.set("splash.imageurl", newSplashUrl); |
| 134 | + downloadFileFromURL("https://go.bug.st/latest_splash.txt.asc", tmp); |
| 135 | + SignatureVerifier verifier = new SignatureVerifier(); |
| 136 | + if (!verifier.verifyCleartextSignature(tmp)) { |
| 137 | + throw new Exception("Invalid signature"); |
| 138 | + } |
| 139 | + String[] lines = verifier.extractTextFromCleartextSignature(tmp); |
| 140 | + if (lines.length < 2) { |
| 141 | + throw new Exception("Invalid splash image update"); |
| 142 | + } |
| 143 | + String newSplashUrl = lines[0]; |
| 144 | + String checksum = lines[1]; |
| 145 | + |
| 146 | + // if the splash image has been changed download the new file |
| 147 | + String oldSplashUrl = PreferencesData.get("splash.imageurl"); |
| 148 | + if (!newSplashUrl.equals(oldSplashUrl)) { |
| 149 | + File tmpFile = BaseNoGui.getSettingsFile("splash.png.tmp"); |
| 150 | + downloadFileFromURL(newSplashUrl, tmpFile); |
| 151 | + |
| 152 | + String algo = checksum.split(":")[0]; |
| 153 | + String crc = FileHash.hash(tmpFile, algo); |
| 154 | + if (!crc.equalsIgnoreCase(checksum)) { |
| 155 | + throw new Exception("Invalid splash image checksum"); |
142 | 156 | } |
143 | 157 |
|
144 | | - // extend expiration by 24h |
145 | | - PreferencesData.setLong("splash.expire", now + ONE_DAY); |
| 158 | + File destFile = BaseNoGui.getSettingsFile("splash.png"); |
| 159 | + Files.move(tmpFile.toPath(), destFile.toPath(), |
| 160 | + StandardCopyOption.REPLACE_EXISTING); |
| 161 | + PreferencesData.set("splash.imageurl", newSplashUrl); |
146 | 162 | } |
| 163 | + |
| 164 | + // extend expiration by 24h |
| 165 | + PreferencesData.setLong("splash.expire", now + ONE_DAY); |
147 | 166 | } catch (Exception e) { |
148 | 167 | // e.printStackTrace(); |
| 168 | + } finally { |
| 169 | + if (tmp != null) { |
| 170 | + tmp.delete(); |
| 171 | + } |
149 | 172 | } |
150 | 173 | } |
151 | 174 |
|
|
0 commit comments