Do not fail abruptly if signature verification fails

If the package_index.json signature is not valid, a dialog box asking the user to "update" the index is shown. Previously a java-exception was printed if running from terminal or the IDE would not start at all (with no apparent reason) if lanched from GUI.
carnifexx · Aug 20, 2019 · 5bb9f87 · 5bb9f87
1 parent 842c35b
commit 5bb9f87
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 57 deletions.
diff --git a/arduino-core/src/cc/arduino/contributions/SignatureVerificationFailedException.java b/arduino-core/src/cc/arduino/contributions/SignatureVerificationFailedException.java
diff --git a/arduino-core/src/cc/arduino/contributions/packages/ContributionsIndexer.java b/arduino-core/src/cc/arduino/contributions/packages/ContributionsIndexer.java
@@ -31,13 +31,14 @@
 
 import cc.arduino.Constants;
 import cc.arduino.contributions.DownloadableContribution;
-import cc.arduino.contributions.SignatureVerificationFailedException;
 import cc.arduino.contributions.SignatureVerifier;
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.DeserializationFeature;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.module.mrbean.MrBeanModule;
 import org.apache.commons.compress.utils.IOUtils;
+
+import processing.app.BaseNoGui;
 import processing.app.Platform;
 import processing.app.PreferencesData;
 import processing.app.debug.TargetPackage;
@@ -86,15 +87,21 @@ public void parseIndex() throws Exception {
     File defaultIndexFile = getIndexFile(Constants.DEFAULT_INDEX_FILE_NAME);
     if (defaultIndexFile.exists()) {
       // Check main index signature
-      if (!signatureVerifier.isSigned(defaultIndexFile)) {
-        if (PreferencesData.areInsecurePackagesAllowed()) {
-          System.err.println(format(tr("Warning: forced trusting untrusted contributions")));
-        } else {
-          throw new SignatureVerificationFailedException(Constants.DEFAULT_INDEX_FILE_NAME);
-        }
+      if (signatureVerifier.isSigned(defaultIndexFile)) {
+        mergeContributions(defaultIndexFile);
+      } else if (PreferencesData.areInsecurePackagesAllowed()) {
+        System.err.println(format(tr("Warning: forced trusting untrusted contributions")));
+        mergeContributions(defaultIndexFile);
+      } else {
+        BaseNoGui
+            .showWarning(Constants.DEFAULT_INDEX_FILE_NAME,
+                              tr("A package index has an invalid signature and needs to be updated.\n"
+                                 + "Please open the Board Manager from the menu\n"
+                                 + "\n" //
+                                 + "      Tools -> Board -> Board Manager\n"
+                                 + "\nto update it"),
+                              null);
       }
-
-      mergeContributions(defaultIndexFile);
     }
 
     // Set main and bundled indexes as trusted

diff --git a/arduino-core/src/processing/app/BaseNoGui.java b/arduino-core/src/processing/app/BaseNoGui.java
@@ -2,7 +2,6 @@
 
 import cc.arduino.Constants;
 import cc.arduino.contributions.GPGDetachedSignatureVerifier;
-import cc.arduino.contributions.SignatureVerificationFailedException;
 import cc.arduino.contributions.VersionComparator;
 import cc.arduino.contributions.libraries.LibrariesIndexer;
 import cc.arduino.contributions.packages.ContributedPlatform;
@@ -482,7 +481,7 @@ static public void initPackages() throws Exception {
 
     try {
       indexer.parseIndex();
-    } catch (JsonProcessingException | SignatureVerificationFailedException e) {
+    } catch (JsonProcessingException e) {
       File indexFile = indexer.getIndexFile(Constants.DEFAULT_INDEX_FILE_NAME);
       File indexSignatureFile = indexer.getIndexFile(Constants.DEFAULT_INDEX_FILE_NAME + ".sig");
       indexFile.delete();