#! /usr/bin/env sh FILETYPE=ZIP THISBIN="$0" if [ -z "$I2P" ]; then if [ -d "$PWD/../i2p/pkg-temp" ]; then export I2P=$PWD/../i2p/pkg-temp fi if [ ! -d "$I2P" ]; then export I2P=$HOME/i2p fi if [ ! -d "$I2P" ]; then export I2P=/usr/share/i2p fi fi if [ ! -d "$I2P" ]; then echo "Can't locate your I2P installation. Please add a environment variable named I2P" 1>&2; echo "with the path to the folder as value. On OSX this solved with running:" 1>&2; echo "export I2P=/Applications/i2p if default install" "directory is used. On Linux, this" 1>&2; echo "is usually under \$HOME/i2p, or, if running as a service under Debian or Ubuntu," 1>&2; echo "/usr/share/i2p." 1>&2; exit 1 else echo "$I2P" | sed "s|$HOME|~|g" 1>&2; fi KEYTYPE=RSA_SHA512_4096 VERSION=0.0.1 usage() { echo "# Generating I2P Plugin Signing Keys" 1>&2 echo "" 1>&2; echo "This is a shell script that makes it easier to generate signing keys for I2P" 1>&2; echo "plugins." 1>&2; echo "" 1>&2; echo "## Usage: $0" 1>&2; echo "" 1>&2; echo "### Options" 1>&2; echo "" 1>&2; echo " -h : this message." 1>&2; echo " -d : show local defaults." 1>&2; echo " -l : List keys." 1>&2; echo " -p [path] : Path to generate the keystore, usually \$I2P/i2p-plugin-dev-keys." 1>&2; echo " -c [certtype] : Type of certificate to install, plugin, router, news etc" 1>&2; echo " -s [signer] : Signer's e-mail address." 1>&2; echo " -f [filetype] : Type of file to bundle." 1>&2; echo " -t [keytype] : Key type to use. default: $KEYTYPE" 1>&2; echo " -v [version] : Version to use. default: $VERSION" 1>&2; echo " -n [name] : Name to use for the key" 1>&2; echo "" 1>&2; echo "### Commands:" 1>&2; echo "" 1>&2; echo " > generate_keys : If the keys do not already exist then." 1>&2; echo " > create_keys : create them." 1>&2; echo " > copy_keys : copy them to the local I2P plugin certificates directory." 1>&2; echo " > sign [plugin .zip file] : sign a .zip file and output an .su3 file." 1>&2; echo " > verify [plugin .su3 file] : verify an .su3 file and show the result." 1>&2; echo " > install : install the script to the \$I2P path." 1>&2; echo " > usage : same as -h but use stderr instead of stdout." 1>&2; echo "" 1>&2; exit 1; } while getopts "p:s:n:t:v:c:f:lhd" o; do case "${o}" in p) PUBKEYDIR=${OPTARG} ;; s) SIGNER=${OPTARG} ;; n) NAME=${OPTARG} ;; t) KEYTYPE=${OPTARG} ;; v) VERSION=${OPTARG} ;; c) CERTTYPE=${OPTARG} ;; f) FILETYPE=${OPTARG} ;; l) LS=true ;; d) DSHOW=true ;; h) usage 2>&1 ;; *) usage ;; esac done shift $((OPTIND-1)) if [ -z "${SIGNER}" ]; then SIGNER=user@mail.i2p fi if [ -z "${NAME}" ]; then NAME=user fi if [ -z "${PUBKEYDIR}" ]; then PUBKEYDIR="$I2P/i2p-plugin-dev-keys" fi CPATH=$I2P/lib/i2p.jar:/usr/share/java/gnu-getopt.jar PUBKEYFILE=$PUBKEYDIR/$NAME-public-signing.key PRIVKEYFILE=$PUBKEYDIR/$NAME-private-signing.key B64KEYFILE=$PUBKEYDIR/$NAME-public-signing.txt PUBKEYSTORE=$PUBKEYDIR/$NAME-su3-public-signing.crt PRIVKEYSTORE=$PUBKEYDIR/$NAME-su3-keystore.ks if [ $LS ]; then if [ -d ${PUBKEYDIR} ]; then echo "Keys found in key directory:" ls $PUBKEYDIR else echo "No keys have been generated for" $(echo $PUBKEYDIR | sed "s|$HOME|~|g") "yet" fi exit fi if [ $DSHOW ]; then echo "Generating keys in this directory:" $(echo $PUBKEYDIR | sed "s|$HOME|~|g") echo "Signer is $SIGNER" | sed "s|$HOME|~|g" echo "Version is $VERSION" | sed "s|$HOME|~|g" echo " CPATH=$CPATH" | sed "s|$HOME|~|g" echo " PUBKEYFILE=$PUBKEYFILE" | sed "s|$HOME|~|g" echo " PRIVKEYFILE=$PRIVKEYFILE" | sed "s|$HOME|~|g" echo " B64KEYFILE=$B64KEYFILE" | sed "s|$HOME|~|g" echo " PUBKEYSTORE=$PUBKEYSTORE" | sed "s|$HOME|~|g" echo " PRIVKEYSTORE=$PRIVKEYSTORE" | sed "s|$HOME|~|g" echo " KEYTYPE=$KEYTYPE" | sed "s|$HOME|~|g" exit fi create_keys(){ echo "Creating new SU3 $KEYTYPE keys for $SIGNER" java -cp "$CPATH" net.i2p.crypto.SU3File keygen -t $KEYTYPE "$PUBKEYSTORE" "$PRIVKEYSTORE" $SIGNER || exit 1 echo '*** Save your password in a safe place!!! ***' rm -rf logs/ chmod 444 "$PUBKEYSTORE" chmod 400 "$PRIVKEYSTORE" } copy_keys(){ # copy to the router dir so verify will work CDIR=$I2P/certificates/$CERTTYPE mkdir -p "$CDIR" || exit 1 CFILE=$CDIR/`echo $SIGNER | sed s/@/_at_/`.crt cp "$PUBKEYSTORE" "$CFILE" chmod 644 "$CFILE" echo "Created new SU3 keys:" $(echo "$PUBKEYSTORE $PRIVKEYSTORE" | sed "s|$HOME|~|g" ) echo "Copied public key to" $(echo "$CFILE" | sed "s|$HOME|~|g") "for testing" } generate_keys(){ if [ ! -f "$PRIVKEYSTORE" ]; then echo "Generating keys in this directory:" $(echo $PUBKEYDIR | sed "s|$HOME|~|g") echo "Using I2P libraries from" $(echo $I2P/lib | sed "s|$HOME|~|g") create_keys copy_keys fi } sign(){ export PLUGIN=$(echo $1 | sed "s|.zip||g") echo "Signing. $1 => $PLUGIN ..." CERTYPE=$(echo $CERTTYPE | tr '[:lower:]' '[:upper:]') java -cp "$CPATH" net.i2p.crypto.SU3File sign -f "$FILETYPE" -c "$CERTYPE" -t "$KEYTYPE" "$1" "$PLUGIN.su3" "$PRIVKEYSTORE" "$VERSION" "$SIGNER" || exit 1 rm -rf logs/ } verify(){ echo "Verifying. $1 ..." java -cp "$CPATH" net.i2p.crypto.SU3File showversion "$1" || exit 1 java -cp "$CPATH" net.i2p.crypto.SU3File verifysig -k "$PUBKEYSTORE" "$1" || exit 1 rm -rf logs/ } install(){ cp -v $THISBIN $I2P/$THISBIN chmod +x $I2P/$THISBIN } $1 $2