Use cache path and signer name from the config file

Signed-off-by: Graham <gpe@openrs2.dev>
Graham 5 years ago
parent 3aaea52eac
commit ed052c783b
  1. 1
      bundler/build.gradle.kts
  2. 29
      bundler/src/main/java/dev/openrs2/bundler/Bundler.kt
  3. 2
      bundler/src/main/java/dev/openrs2/bundler/BundlerModule.kt
  4. 10
      bundler/src/main/java/dev/openrs2/bundler/transform/CachePathTransformer.kt
  5. 26
      crypto/src/main/java/dev/openrs2/crypto/Pkcs12KeyStore.kt

@ -13,6 +13,7 @@ dependencies {
api("com.github.ajalt:clikt:${Versions.clikt}") api("com.github.ajalt:clikt:${Versions.clikt}")
api("com.google.inject:guice:${Versions.guice}") api("com.google.inject:guice:${Versions.guice}")
implementation(project(":conf"))
implementation(project(":crypto")) implementation(project(":crypto"))
implementation("dev.openrs2:openrs2-natives-all:${Versions.openrs2Natives}") implementation("dev.openrs2:openrs2-natives-all:${Versions.openrs2Natives}")
} }

@ -5,6 +5,7 @@ import dev.openrs2.asm.classpath.ClassPath
import dev.openrs2.asm.classpath.Library import dev.openrs2.asm.classpath.Library
import dev.openrs2.asm.transform.Transformer import dev.openrs2.asm.transform.Transformer
import dev.openrs2.bundler.transform.ResourceTransformer import dev.openrs2.bundler.transform.ResourceTransformer
import dev.openrs2.conf.Config
import dev.openrs2.crypto.Pkcs12KeyStore import dev.openrs2.crypto.Pkcs12KeyStore
import java.nio.file.Path import java.nio.file.Path
import java.util.jar.Attributes import java.util.jar.Attributes
@ -15,8 +16,21 @@ import javax.inject.Singleton
@Singleton @Singleton
class Bundler @Inject constructor( class Bundler @Inject constructor(
@BundlerQualifier private val transformers: Set<@JvmSuppressWildcards Transformer> @BundlerQualifier private val transformers: Set<@JvmSuppressWildcards Transformer>,
private val config: Config
) { ) {
private val unsignedManifest = Manifest().apply {
mainAttributes[MANIFEST_VERSION] = "1.0"
mainAttributes[APPLICATION_NAME] = config.game
mainAttributes[PERMISSIONS] = "sandbox"
}
private val signedManifest = Manifest().apply {
mainAttributes[MANIFEST_VERSION] = "1.0"
mainAttributes[APPLICATION_NAME] = config.game
mainAttributes[PERMISSIONS] = "all-permissions"
}
fun run(input: Path, output: Path, keyStorePath: Path) { fun run(input: Path, output: Path, keyStorePath: Path) {
// read input jars/packs // read input jars/packs
logger.info { "Reading input jars" } logger.info { "Reading input jars" }
@ -103,7 +117,7 @@ class Bundler @Inject constructor(
// write unsigned client and loaders // write unsigned client and loaders
client.writeJar(classPath, output.resolve("runescape.jar"), unsignedManifest) client.writeJar(classPath, output.resolve("runescape.jar"), unsignedManifest)
val keyStore = Pkcs12KeyStore.open(keyStorePath) val keyStore = Pkcs12KeyStore.open(keyStorePath, config.game)
loader.writeSignedJar(classPath, output.resolve("loader.jar"), keyStore, signedManifest) loader.writeSignedJar(classPath, output.resolve("loader.jar"), keyStore, signedManifest)
glLoader.writeSignedJar(glClassPath, output.resolve("loader_gl.jar"), keyStore, signedManifest) glLoader.writeSignedJar(glClassPath, output.resolve("loader_gl.jar"), keyStore, signedManifest)
} }
@ -111,18 +125,7 @@ class Bundler @Inject constructor(
companion object { companion object {
private val logger = InlineLogger() private val logger = InlineLogger()
private val unsignedManifest = Manifest()
private val signedManifest: Manifest
private val APPLICATION_NAME = Attributes.Name("Application-Name") private val APPLICATION_NAME = Attributes.Name("Application-Name")
private val PERMISSIONS = Attributes.Name("Permissions") private val PERMISSIONS = Attributes.Name("Permissions")
init {
unsignedManifest.mainAttributes[MANIFEST_VERSION] = "1.0"
unsignedManifest.mainAttributes[APPLICATION_NAME] = "OpenRS2"
unsignedManifest.mainAttributes[PERMISSIONS] = "sandbox"
signedManifest = Manifest(unsignedManifest)
signedManifest.mainAttributes[PERMISSIONS] = "all-permissions"
}
} }
} }

@ -12,10 +12,12 @@ import dev.openrs2.bundler.transform.PlatformDetectionTransformer
import dev.openrs2.bundler.transform.PublicKeyTransformer import dev.openrs2.bundler.transform.PublicKeyTransformer
import dev.openrs2.bundler.transform.RightClickTransformer import dev.openrs2.bundler.transform.RightClickTransformer
import dev.openrs2.bundler.transform.TypoTransformer import dev.openrs2.bundler.transform.TypoTransformer
import dev.openrs2.conf.ConfigModule
import dev.openrs2.crypto.CryptoModule import dev.openrs2.crypto.CryptoModule
object BundlerModule : AbstractModule() { object BundlerModule : AbstractModule() {
override fun configure() { override fun configure() {
install(ConfigModule)
install(CryptoModule) install(CryptoModule)
val binder = Multibinder.newSetBinder(binder(), Transformer::class.java, BundlerQualifier::class.java) val binder = Multibinder.newSetBinder(binder(), Transformer::class.java, BundlerQualifier::class.java)

@ -4,13 +4,17 @@ import com.github.michaelbull.logging.InlineLogger
import dev.openrs2.asm.classpath.ClassPath import dev.openrs2.asm.classpath.ClassPath
import dev.openrs2.asm.classpath.Library import dev.openrs2.asm.classpath.Library
import dev.openrs2.asm.transform.Transformer import dev.openrs2.asm.transform.Transformer
import dev.openrs2.conf.Config
import org.objectweb.asm.tree.ClassNode import org.objectweb.asm.tree.ClassNode
import org.objectweb.asm.tree.LdcInsnNode import org.objectweb.asm.tree.LdcInsnNode
import org.objectweb.asm.tree.MethodNode import org.objectweb.asm.tree.MethodNode
import javax.inject.Inject
import javax.inject.Singleton import javax.inject.Singleton
@Singleton @Singleton
class CachePathTransformer : Transformer() { class CachePathTransformer @Inject constructor(
private val config: Config
) : Transformer() {
private var paths = 0 private var paths = 0
override fun preTransform(classPath: ClassPath) { override fun preTransform(classPath: ClassPath) {
@ -25,11 +29,11 @@ class CachePathTransformer : Transformer() {
when (insn.cst) { when (insn.cst) {
".jagex_cache_", ".file_store_" -> { ".jagex_cache_", ".file_store_" -> {
insn.cst = ".openrs2_cache_" insn.cst = ".${config.internalOperator}_cache_"
paths++ paths++
} }
"jagex_" -> { "jagex_" -> {
insn.cst = ".openrs2_" insn.cst = ".${config.internalOperator}_"
paths++ paths++
} }
} }

@ -21,11 +21,11 @@ import java.time.ZoneOffset
import java.util.Date import java.util.Date
import java.util.jar.JarFile import java.util.jar.JarFile
class Pkcs12KeyStore private constructor(privateKeyEntry: KeyStore.PrivateKeyEntry) { class Pkcs12KeyStore private constructor(privateKeyEntry: KeyStore.PrivateKeyEntry, signerName: String) {
private val signer = JarSigner.Builder(privateKeyEntry) private val signer = JarSigner.Builder(privateKeyEntry)
.signatureAlgorithm("SHA256withRSA") .signatureAlgorithm("SHA256withRSA")
.digestAlgorithm("SHA-256") .digestAlgorithm("SHA-256")
.signerName(SIGNER_NAME) .signerName(signerName)
.build() .build()
fun signJar(input: Path, output: Path) { fun signJar(input: Path, output: Path) {
@ -45,19 +45,13 @@ class Pkcs12KeyStore private constructor(privateKeyEntry: KeyStore.PrivateKeyEnt
private const val SERIAL_LENGTH = 128 private const val SERIAL_LENGTH = 128
// TODO(gpe): add support for overriding this
private const val SIGNER_NAME = "OpenRS2"
private val DNAME = X500NameBuilder()
.addRDN(BCStyle.CN, SIGNER_NAME)
.build()
private val MAX_CLOCK_SKEW = Period.ofDays(1) private val MAX_CLOCK_SKEW = Period.ofDays(1)
private val VALIDITY_PERIOD = Period.ofYears(10) private val VALIDITY_PERIOD = Period.ofYears(10)
private val SHA256_WITH_RSA = AlgorithmIdentifier(PKCSObjectIdentifiers.sha256WithRSAEncryption) private val SHA256_WITH_RSA = AlgorithmIdentifier(PKCSObjectIdentifiers.sha256WithRSAEncryption)
private val SHA256 = AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256) private val SHA256 = AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256)
fun open(path: Path): Pkcs12KeyStore { fun open(path: Path, signerName: String): Pkcs12KeyStore {
val keyStore = KeyStore.getInstance("PKCS12") val keyStore = KeyStore.getInstance("PKCS12")
if (Files.exists(path)) { if (Files.exists(path)) {
Files.newInputStream(path).use { input -> Files.newInputStream(path).use { input ->
@ -70,7 +64,7 @@ class Pkcs12KeyStore private constructor(privateKeyEntry: KeyStore.PrivateKeyEnt
val privateKeyEntry = if (keyStore.containsAlias(ALIAS)) { val privateKeyEntry = if (keyStore.containsAlias(ALIAS)) {
keyStore.getEntry(ALIAS, PASSWORD_PARAMETER) as KeyStore.PrivateKeyEntry keyStore.getEntry(ALIAS, PASSWORD_PARAMETER) as KeyStore.PrivateKeyEntry
} else { } else {
val entry = createPrivateKeyEntry() val entry = createPrivateKeyEntry(signerName)
keyStore.setEntry(ALIAS, entry, PASSWORD_PARAMETER) keyStore.setEntry(ALIAS, entry, PASSWORD_PARAMETER)
Files.newOutputStream(path).use { output -> Files.newOutputStream(path).use { output ->
@ -80,12 +74,16 @@ class Pkcs12KeyStore private constructor(privateKeyEntry: KeyStore.PrivateKeyEnt
entry entry
} }
return Pkcs12KeyStore(privateKeyEntry) return Pkcs12KeyStore(privateKeyEntry, signerName)
} }
private fun createPrivateKeyEntry(): KeyStore.PrivateKeyEntry { private fun createPrivateKeyEntry(signerName: String): KeyStore.PrivateKeyEntry {
val (public, private) = Rsa.generateKeyPair(Rsa.JAR_KEY_LENGTH) val (public, private) = Rsa.generateKeyPair(Rsa.JAR_KEY_LENGTH)
val dname = X500NameBuilder()
.addRDN(BCStyle.CN, signerName)
.build()
val serial = BigIntegers.createRandomBigInteger(SERIAL_LENGTH, secureRandom) val serial = BigIntegers.createRandomBigInteger(SERIAL_LENGTH, secureRandom)
val start = OffsetDateTime.now(ZoneOffset.UTC).minus(MAX_CLOCK_SKEW) val start = OffsetDateTime.now(ZoneOffset.UTC).minus(MAX_CLOCK_SKEW)
@ -95,11 +93,11 @@ class Pkcs12KeyStore private constructor(privateKeyEntry: KeyStore.PrivateKeyEnt
val signer = BcRSAContentSignerBuilder(SHA256_WITH_RSA, SHA256).build(private) val signer = BcRSAContentSignerBuilder(SHA256_WITH_RSA, SHA256).build(private)
val certificate = X509v3CertificateBuilder( val certificate = X509v3CertificateBuilder(
DNAME, dname,
serial, serial,
Date.from(start.toInstant()), Date.from(start.toInstant()),
Date.from(end.toInstant()), Date.from(end.toInstant()),
DNAME, dname,
spki spki
).build(signer) ).build(signer)

Loading…
Cancel
Save