From 480affca1ed78c674b9dfb5547b5bb2ba442f65c Mon Sep 17 00:00:00 2001 From: ATATC Date: Fri, 19 May 2023 18:54:08 -0400 Subject: [PATCH] Annotated. --- .../com/atatctech/hsps/ClassLoaderUtils.java | 5 ++++ src/main/java/com/atatctech/hsps/Plugin.java | 29 ++++++++++++++++++- .../hsps/verification/Signature.java | 18 +++++++++++- .../atatctech/hsps/verification/Signed.java | 6 ++++ .../hsps/verification/Verification.java | 5 ++++ 5 files changed, 61 insertions(+), 2 deletions(-) diff --git a/src/main/java/com/atatctech/hsps/ClassLoaderUtils.java b/src/main/java/com/atatctech/hsps/ClassLoaderUtils.java index 99c932f..25fee0f 100644 --- a/src/main/java/com/atatctech/hsps/ClassLoaderUtils.java +++ b/src/main/java/com/atatctech/hsps/ClassLoaderUtils.java @@ -9,6 +9,11 @@ import java.net.URLClassLoader; public final class ClassLoaderUtils { + /** + * Get a URLClassLoader from a file. + * @param file target file + * @return a classloader + */ public static @Nullable ClassLoader getClassLoader(@NotNull File file) { try { return new URLClassLoader(new URL[]{file.toURI().toURL()}, ClassLoader.getSystemClassLoader()); diff --git a/src/main/java/com/atatctech/hsps/Plugin.java b/src/main/java/com/atatctech/hsps/Plugin.java index 89117fd..4153379 100644 --- a/src/main/java/com/atatctech/hsps/Plugin.java +++ b/src/main/java/com/atatctech/hsps/Plugin.java @@ -10,20 +10,40 @@ import java.io.File; +/** + * Plugin loader. + */ public class Plugin { protected final @NotNull File file; protected final @NotNull String mainClass; + /** + * Create a plugin loader. + * @param file target file + * @param mainClass the entry class, such as `com.example.plugin.Plugin` + */ public Plugin(@NotNull File file, @NotNull String mainClass) { this.file = file; this.mainClass = mainClass; } + /** + * Create a plugin loader. + * @param path path to target file + * @param mainClass the entry class, such as `com.example.plugin.Plugin` + */ public Plugin(@NotNull String path, @NotNull String mainClass) { this.file = new File(path); this.mainClass = mainClass; } + /** + * Load plugin. + * @param verification verification method, set to null to disable verification + * @return the main class + * @throws ClassNotFoundException main class not found + * @throws VerificationError verification failed + */ public @Nullable Class load(@Nullable Verification verification) throws ClassNotFoundException, VerificationError { ClassLoader classLoader = ClassLoaderUtils.getClassLoader(file); if (classLoader == null) return null; @@ -33,7 +53,14 @@ public Plugin(@NotNull String path, @NotNull String mainClass) { return clz; } - public @Nullable Class load(@NotNull ARSA.APublicKey publicKey) throws VerificationError, ClassNotFoundException { + /** + * Load plugin with default verification method, which is RSA signature. + * @param publicKey RSA public key + * @return the main class + * @throws ClassNotFoundException main class not found + * @throws VerificationError verification failed + */ + public @Nullable Class load(@NotNull ARSA.APublicKey publicKey) throws ClassNotFoundException, VerificationError { return load(clz -> { Signed signed = clz.getAnnotation(Signed.class); return signed != null && Signature.verify(clz, signed.value(), publicKey); diff --git a/src/main/java/com/atatctech/hsps/verification/Signature.java b/src/main/java/com/atatctech/hsps/verification/Signature.java index b1920e5..f099321 100644 --- a/src/main/java/com/atatctech/hsps/verification/Signature.java +++ b/src/main/java/com/atatctech/hsps/verification/Signature.java @@ -7,7 +7,17 @@ import java.security.NoSuchAlgorithmException; import java.security.SignatureException; -public class Signature { +/** + * Signature utils. + */ +public final class Signature { + /** + * Verify a class's signature. + * @param clz target class + * @param signature signature to be verified + * @param publicKey RSA public key + * @return true if verified; false if failed + */ public static boolean verify(@NotNull Class clz, @NotNull String signature, @NotNull ARSA.APublicKey publicKey) { try { return ARSA.verify(clz.getName(), signature, publicKey); @@ -16,6 +26,12 @@ public static boolean verify(@NotNull Class clz, @NotNull String signature, @ } } + /** + * Generate a signature. + * @param clz target class + * @param privateKey RSA private key + * @return generated signature + */ public static @NotNull String sign(@NotNull Class clz, @NotNull ARSA.APrivateKey privateKey) throws NoSuchAlgorithmException, SignatureException, InvalidKeyException { return ARSA.sign(clz.getName(), privateKey); } diff --git a/src/main/java/com/atatctech/hsps/verification/Signed.java b/src/main/java/com/atatctech/hsps/verification/Signed.java index a2be2e0..76b550b 100644 --- a/src/main/java/com/atatctech/hsps/verification/Signed.java +++ b/src/main/java/com/atatctech/hsps/verification/Signed.java @@ -7,8 +7,14 @@ import java.lang.annotation.RetentionPolicy; import java.lang.annotation.Target; +/** + * Use this annotation to state that the main class is signed. + */ @Target(ElementType.TYPE) @Retention(RetentionPolicy.RUNTIME) public @interface Signed { + /** + * @return signature + */ @NotNull String value(); } diff --git a/src/main/java/com/atatctech/hsps/verification/Verification.java b/src/main/java/com/atatctech/hsps/verification/Verification.java index b99b62a..65d4a19 100644 --- a/src/main/java/com/atatctech/hsps/verification/Verification.java +++ b/src/main/java/com/atatctech/hsps/verification/Verification.java @@ -4,5 +4,10 @@ @FunctionalInterface public interface Verification { + /** + * Verify the main class. + * @param clz the main class + * @return true if verified; false if failed + */ boolean verify(@NotNull Class clz); }