verify that signing key name matches

2010-02-15 16:12:49 +00:00
parent f265db4037
commit a1fb5ef6ed
3 changed files with 25 additions and 4 deletions
--- a/core/java/src/net/i2p/crypto/TrustedUpdate.java
+++ b/core/java/src/net/i2p/crypto/TrustedUpdate.java
@ -682,6 +682,23 @@ D8usM7Dxp5yrDrCYZ5AIijc=
        return false;
    }

+    /**
+     * Verifies the DSA signature of a signed update file.
+     * 
+     * @param signedFile The signed update file to check.
+     * 
+     * @return signer (could be empty string) or null if invalid
+     * @since 0.7.12
+     */
+    public String verifyAndGetSigner(File signedFile) {
+        for (SigningPublicKey signingPublicKey : _trustedKeys.keySet()) {
+            boolean isValidSignature = verify(signedFile, signingPublicKey);
+            if (isValidSignature)
+                return _trustedKeys.get(signingPublicKey);
+        }
+        return null;
+    }
+
    /**
     * Verifies the DSA signature of a signed update file.
     *