Navigation

← Previous Changeset
Next Changeset →

Changeset 11922961a781bb840c7e06b0ca32054ae0e65645

Timestamp:

18/05/08 01:39:45 (7 months ago)

Author:

Rafaël Carré <funman@videolan.org>

git-committer:

Rafaël Carré <funman@videolan.org> 1211067585 +0200

git-parent:

[96250779f78d93eb59cc49388cbb519c14c27307]

git-author:

Rafaël Carré <funman@videolan.org> 1211067568 +0200

Message:

Update: supports file v4 signatures

Note: public key v3 signatures are not supported
Fix various bugs and potentials buffer overflows

Files:

doc/release-howto.txt (modified) (3 diffs)
include/vlc_pgpkey.h (modified) (2 diffs)
include/vlc_update.h (modified) (5 diffs)
src/misc/update.c (modified) (32 diffs)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

doc/release-howto.txt

r79b9d34	r1192296
24	24	/opt/ftp/pub/videolan/testing/vlc-X.X.X/
25	25	- generate md5 hashes and gpg signature of these files
26		(use gpg --sign --detach --armor ~~--force-v3-sigs~~)
	26	(use gpg --sign --detach --armor)
27	27
28	28	* Contribs
…	…
37	37	# add the .zip files to /opt/ftp/pub/videolan/testing/vlc-X.X.X/beos/
38	38	generate md5 hashes and gpg signature of these files
39		(use gpg --sign --detach --armor ~~--force-v3-sigs~~)
	39	(use gpg --sign --detach --armor)
40	40
41	41	* Win32 Packages
…	…
45	45	add the .zip and .exe files to /opt/ftp/pub/videolan/testing/vlc-X.X.X/win32/
46	46	generate md5 hashes and gpg signature of these files
47		(use gpg --sign --detach --armor ~~--force-v3-sigs~~)
	47	(use gpg --sign --detach --armor)
48	48
49	49	* OS X packages
50	50	configure with --enable-update-check
51	51	generate md5 hashes and gpg signature of these files
52		(use gpg --sign --detach --armor ~~--force-v3-sigs~~)
	52	(use gpg --sign --detach --armor)
53	53
54	54	* Commit changes ... it never works the first time

include/vlc_pgpkey.h

r0635a37	r1192296
33	33	};
34	34
	35	/* gpg --export --armor "VideoLAN Release"\|sed -e s/^/\"/ -e s/\$/\\\\n\"/ */
35	36	static uint8_t videolan_public_key[] = {
36	37	"-----BEGIN PGP PUBLIC KEY BLOCK-----\n"
…	…
79	80	"-----END PGP PUBLIC KEY BLOCK-----\n"
80	81	};
81

include/vlc_update.h

rc64426b	r1192296
34	34	#include <vlc/vlc.h>
35	35
36		~~#include <vlc_stream.h> /* key & signature downloading */~~
37		~~#include <vlc_strings.h> /* b64 decoding */~~
38		~~#include <vlc_charset.h> /* utf8_fopen() */~~
39		~~#include <gcrypt.h> /* cryptography and digest algorithms */~~
40
41	36	/**
42	37	* \defgroup update Update
43	38	*
44	39	* @{
	40	*/
	41
	42	/* Go reading the rfc 4880 ! NOW !! */
	43
	44	/*
	45	* XXX
	46	* When PGP-signing a file, we only sign a SHA-1 hash of this file
	47	*
	48	* As soon as SHA-1 is broken, this method is not secure anymore, because an
	49	* attacker could generate a file with the same SHA-1 hash.
	50	*
	51	* Whenever this happens, we need to use another algorithm / type of key.
	52	* XXX
45	53	*/
46	54
…	…
76	84	};
77	85
78
79	86	enum /* Signature subpacket types */
80	87	{
81	88	ISSUER_SUBPACKET = 0x10
82	89	};
83
84
85	90
86	91	struct public_key_packet_t
…	…
97	102	};
98	103
99		/* used for public key signatures */
100		struct signature_packet_~~v4_~~t
101		{ ~~/* hashed_data or unhashed_data can be empty, so the signature packet is~~
102		* theorically at least 54 bytes long, but always more than that. */
	104	/* used for public key and file signatures */
	105	struct signature_packet_t
	106	{
	107	uint8_t version; /* 3 or 4 */
103	108
104		~~uint8_t version;~~
105	109	uint8_t type;
106		uint8_t public_key_algo;
107		uint8_t digest_algo;
108		uint8_t hashed_data_len[2];
109		uint8_t *hashed_data;
110		uint8_t unhashed_data_len[2];
111		uint8_t *unhashed_data;
	110	uint8_t public_key_algo; /* DSA only */
	111	uint8_t digest_algo; /* SHA-1 only */
	112
112	113	uint8_t hash_verification[2];
	114	uint8_t issuer_longid[8];
	115
	116	union /* version specific data */
	117	{
	118	struct
	119	{
	120	uint8_t hashed_data_len[2]; /* scalar number */
	121	uint8_t hashed_data; / hashed_data_len bytes */
	122	uint8_t unhashed_data_len[2]; /* scalar number */
	123	uint8_t unhashed_data; / unhashed_data_len bytes */
	124	} v4;
	125	struct
	126	{
	127	uint8_t hashed_data_len; /* MUST be 5 */
	128	uint8_t timestamp[4]; /* 4 bytes scalar number */
	129	} v3;
	130	} specific;
113	131
114	132	/* The part below is made of consecutive MPIs, their number and size being
115	133	* public-key-algorithm dependant.
116		* But since we use DSA signatures only, we fix it. */
117		uint8_t r[2+20];
118		uint8_t s[2+20];
119		};
120
121		/* Used for binary document signatures (to be compatible with older software)
122		* DSA/SHA-1 is always 65 bytes */
123		struct signature_packet_v3_t
124		{
125		uint8_t header[2];
126		uint8_t version; /* 3 */
127		uint8_t hashed_data_len; /* MUST be 5 */
128		uint8_t type;
129		uint8_t timestamp[4]; /* 4 bytes scalar number */
130		uint8_t issuer_longid[8]; /* The key which signed the document */
131		uint8_t public_key_algo; /* we only know about DSA */
132		uint8_t digest_algo; /* and his little sister SHA-1 */
133		uint8_t hash_verification[2];/* the 2 1st bytes of the SHA-1 hash */
134
135		/* The part below is made of consecutive MPIs, their number and size being
136		* public-key-algorithm dependant.
137		* But since we use DSA signatures only, we fix it. */
	134	*
	135	* Since we use DSA signatures only, there is 2 integers, r & s, made of:
	136	* 2 bytes for the integer length (scalar number)
	137	* 160 bits (20 bytes) for the integer itself
	138	*
	139	* Note: the integers may be less than 160 significant bits
	140	*/
138	141	uint8_t r[2+20];
139	142	uint8_t s[2+20];
…	…
141	144
142	145	typedef struct public_key_packet_t public_key_packet_t;
143		typedef struct signature_packet_v4_t signature_packet_v4_t;
144		typedef struct signature_packet_v3_t signature_packet_v3_t;
	146	typedef struct signature_packet_t signature_packet_t;
145	147
146	148	struct public_key_t
…	…
151	153	public_key_packet_t key; /* Public key packet */
152	154
153		signature_packet_~~v4_~~t sig; /* Signature packet, by the embedded key */
	155	signature_packet_t sig; /* Signature packet, by the embedded key */
154	156	};
155	157

src/misc/update.c

r99ba054	r1192296
23	23	* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.
24	24	*****************************************************************************/
25		/*
26		* XXX: should use v4 signatures for binary files (already used for public key)
27		*/
	25
28	26	/**
29	27	* \file
…	…
48	46	#include <vlc_pgpkey.h>
49	47	#include <vlc_stream.h>
	48	#include <vlc_strings.h>
	49	#include <vlc_charset.h>
50	50	#include <vlc_interface.h>
	51
	52	#include <gcrypt.h>
51	53	#include <vlc_gcrypt.h>
52	54
…	…
102	104	static inline int scalar_number( uint8_t *p, int header_len )
103	105	{
	106	assert( header_len == 1 \|\| header_len == 2 \|\| header_len == 4 );
	107
104	108	if( header_len == 1 )
105	109	return( p[0] );
…	…
108	112	else if( header_len == 4 )
109	113	return( (p[0] << 24) + (p[1] << 16) + (p[2] << 8) + p[3] );
110		else
111		~~abort();~~
	114
	115	abort(); /* to shut up GCC warning */
112	116	}
113	117
…	…
122	126	size_t i_packet_len )
123	127	{
124		if( i_packet_len > 418 )
125		return VLC_EGENERIC;
126
127		p_key->version = *p_buf++;
	128
	129	if( i_packet_len > 418 \|\| i_packet_len < 6 )
	130	return VLC_EGENERIC;
	131
	132	size_t i_read = 0;
	133
	134	p_key->version = *p_buf++; i_read++;
128	135	if( p_key->version != 4 )
129	136	return VLC_EGENERIC;
130	137
131		/* warn when timestamp is > date ? */
132		memcpy( p_key->timestamp, p_buf, 4 ); p_buf += 4;
133
134		p_key->algo = *p_buf++;
	138	/* XXX: warn when timestamp is > date ? */
	139	memcpy( p_key->timestamp, p_buf, 4 ); p_buf += 4; i_read += 4;
	140
	141	p_key->algo = *p_buf++; i_read++;
135	142	if( p_key->algo != PUBLIC_KEY_ALGO_DSA )
136	143	return VLC_EGENERIC;
137	144
	145	/* read p */
	146	if( i_read + 2 > i_packet_len )
	147	return VLC_EGENERIC;
	148
138	149	int i_p_len = mpi_len( p_buf );
139		if( i_p_len > 128 )
140		return VLC_EGENERIC;
141		else
142		{
143		memcpy( p_key->p, p_buf, 2+i_p_len ); p_buf += 2+i_p_len;
144		if( i_p_len < 128 )
145		memmove( p_key->q, p_key->p + 2+i_p_len, 2+20 + 2+128 + 2+128 );
146		}
	150
	151	if( i_p_len > 128 \|\| i_read + 2 + i_p_len > i_packet_len )
	152	return VLC_EGENERIC;
	153
	154	memcpy( p_key->p, p_buf, 2+i_p_len );
	155	p_buf += 2+i_p_len; i_read += 2+i_p_len;
	156
	157	/* read q */
	158	if( i_read + 2 > i_packet_len )
	159	return VLC_EGENERIC;
147	160
148	161	int i_q_len = mpi_len( p_buf );
149		if( i_q_len > 20 )
150		return VLC_EGENERIC;
151		else
152		{
153		memcpy( p_key->q, p_buf, 2+i_q_len ); p_buf += 2+i_q_len;
154		if( i_p_len < 20 )
155		memmove( p_key->g, p_key->q + 2+i_q_len, 2+128 + 2+128 );
156		}
	162
	163	if( i_q_len > 20 \|\| i_read+2+i_q_len > i_packet_len )
	164	return VLC_EGENERIC;
	165
	166	memcpy( p_key->q, p_buf, 2+i_q_len );
	167	p_buf += 2+i_q_len; i_read += 2+i_q_len;
	168
	169	/* read g */
	170	if( i_read + 2 > i_packet_len )
	171	return VLC_EGENERIC;
157	172
158	173	int i_g_len = mpi_len( p_buf );
159		if( i_g_len > 128 )
160		return VLC_EGENERIC;
161		else
162		{
163		memcpy( p_key->g, p_buf, 2+i_g_len ); p_buf += 2+i_g_len;
164		if( i_g_len < 128 )
165		memmove( p_key->y, p_key->g + 2+i_g_len, 2+128 );
166		}
	174
	175	if( i_g_len > 128 \|\| i_read+2+i_g_len > i_packet_len )
	176	return VLC_EGENERIC;
	177
	178	memcpy( p_key->g, p_buf, 2+i_g_len );
	179	p_buf += 2+i_g_len; i_read += 2+i_g_len;
	180
	181	/* read y */
	182	if( i_read + 2 > i_packet_len )
	183	return VLC_EGENERIC;
167	184
168	185	int i_y_len = mpi_len( p_buf );
169		if( i_y_len > 128 )
170		return VLC_EGENERIC;
171		else
172		memcpy( p_key->y, p_buf, 2+i_y_len );
	186
	187
	188	if( i_y_len > 128 \|\| i_read+2+i_y_len > i_packet_len )
	189	return VLC_EGENERIC;
	190
	191	memcpy( p_key->y, p_buf, 2+i_y_len );
	192	i_read += 2+i_y_len;
	193
	194	if( i_read != i_packet_len ) /* some extra data eh ? */
	195	return VLC_EGENERIC;
173	196
174	197	return VLC_SUCCESS;
	198	}
	199
	200	static size_t parse_signature_v3_packet( signature_packet_t *p_sig,
	201	uint8_t *p_buf, size_t i_sig_len )
	202	{
	203	size_t i_read = 1; /* we already read the version byte */
	204
	205	if( i_sig_len < 19 ) /* signature is at least 19 bytes + the 2 MPIs */
	206	return 0;
	207
	208	p_sig->specific.v3.hashed_data_len = *p_buf++; i_read++;
	209	if( p_sig->specific.v3.hashed_data_len != 5 )
	210	return 0;
	211
	212	p_sig->type = *p_buf++; i_read++;
	213
	214	memcpy( p_sig->specific.v3.timestamp, p_buf, 4 );
	215	p_buf += 4; i_read += 4;
	216
	217	memcpy( p_sig->issuer_longid, p_buf, 8 );
	218	p_buf += 8; i_read += 8;
	219
	220	p_sig->public_key_algo = *p_buf++; i_read++;
	221
	222	p_sig->digest_algo = *p_buf++; i_read++;
	223
	224	p_sig->hash_verification[0] = *p_buf++; i_read++;
	225	p_sig->hash_verification[1] = *p_buf++; i_read++;
	226
	227	assert( i_read == 19 );
	228
	229	return i_read;
175	230	}
176	231
…	…
179	234	* verify that it was used with a DSA public key, using SHA-1 digest
180	235	*/
181		static ~~int parse_signature_v4_packet( signature_packet_v4~~_t *p_sig,
	236	static size_t parse_signature_v4_packet( signature_packet_t *p_sig,
182	237	uint8_t *p_buf, size_t i_sig_len )
183	238	{
184		if( i_sig_len < 54 )
	239	size_t i_read = 1; /* we already read the version byte */
	240
	241	if( i_sig_len < 10 ) /* signature is at least 10 bytes + the 2 MPIs */
	242	return 0;
	243
	244	p_sig->type = *p_buf++; i_read++;
	245
	246	p_sig->public_key_algo = *p_buf++; i_read++;
	247
	248	p_sig->digest_algo = *p_buf++; i_read++;
	249
	250	memcpy( p_sig->specific.v4.hashed_data_len, p_buf, 2 );
	251	p_buf += 2; i_read += 2;
	252
	253	size_t i_hashed_data_len =
	254	scalar_number( p_sig->specific.v4.hashed_data_len, 2 );
	255	i_read += i_hashed_data_len;
	256	if( i_read + 4 > i_sig_len )
	257	return 0;
	258
	259	p_sig->specific.v4.hashed_data = (uint8_t*) malloc( i_hashed_data_len );
	260	if( !p_sig->specific.v4.hashed_data )
	261	return 0;
	262	memcpy( p_sig->specific.v4.hashed_data, p_buf, i_hashed_data_len );
	263	p_buf += i_hashed_data_len;
	264
	265	memcpy( p_sig->specific.v4.unhashed_data_len, p_buf, 2 );
	266	p_buf += 2; i_read += 2;
	267
	268	size_t i_unhashed_data_len =
	269	scalar_number( p_sig->specific.v4.unhashed_data_len, 2 );
	270	i_read += i_unhashed_data_len;
	271	if( i_read + 2 > i_sig_len )
	272	return 0;
	273
	274	p_sig->specific.v4.unhashed_data = (uint8_t*) malloc( i_unhashed_data_len );
	275	if( !p_sig->specific.v4.unhashed_data )
	276	return 0;
	277
	278	memcpy( p_sig->specific.v4.unhashed_data, p_buf, i_unhashed_data_len );
	279	p_buf += i_unhashed_data_len;
	280
	281	memcpy( p_sig->hash_verification, p_buf, 2 );
	282	p_buf += 2; i_read += 2;
	283
	284	uint8_t p, max_pos;
	285	p = p_sig->specific.v4.unhashed_data;
	286	max_pos = p + scalar_number( p_sig->specific.v4.unhashed_data_len, 2 );
	287
	288	for( ;; )
	289	{
	290	if( p > max_pos )
	291	return 0;
	292
	293	size_t i_subpacket_len;
	294	if( *p < 192 )
	295	{
	296	if( p + 1 > max_pos )
	297	return 0;
	298	i_subpacket_len = *p++;
	299	}
	300	else if( *p < 255 )
	301	{
	302	if( p + 2 > max_pos )
	303	return 0;
	304	i_subpacket_len = (*p++ - 192) << 8;
	305	i_subpacket_len += *p++ + 192;
	306	}
	307	else
	308	{
	309	if( p + 4 > max_pos )
	310	return 0;
	311	i_subpacket_len = *++p << 24;
	312	i_subpacket_len += *++p << 16;
	313	i_subpacket_len += *++p << 8;
	314	i_subpacket_len += *++p;
	315	}
	316
	317	if( *p == ISSUER_SUBPACKET )
	318	{
	319	if( p + 9 > max_pos )
	320	return 0;
	321
	322	memcpy( &p_sig->issuer_longid, p+1, 8 );
	323
	324	return i_read;
	325	}
	326
	327	p += i_subpacket_len;
	328	}
	329	}
	330
	331	static int parse_signature_packet( signature_packet_t *p_sig,
	332	uint8_t *p_buf, size_t i_sig_len )
	333	{
	334	if( !i_sig_len ) /* 1st sanity check, we need at least the version */
185	335	return VLC_EGENERIC;
186	336
187	337	p_sig->version = *p_buf++;
188		if( p_sig->version != 4 )
189		return VLC_EGENERIC;
190
191		p_sig->type = *p_buf++;
192		if( p_sig->type < GENERIC_KEY_SIGNATURE \|\|
193		p_sig->type > POSITIVE_KEY_SIGNATURE )
194		return VLC_EGENERIC;
195
196		p_sig->public_key_algo = *p_buf++;
	338
	339	size_t i_read;
	340	switch( p_sig->version )
	341	{
	342	case 3:
	343	i_read = parse_signature_v3_packet( p_sig, p_buf, i_sig_len );
	344	break;
	345	case 4:
	346	p_sig->specific.v4.hashed_data = NULL;
	347	p_sig->specific.v4.unhashed_data = NULL;
	348	i_read = parse_signature_v4_packet( p_sig, p_buf, i_sig_len );
	349	break;
	350	default:
	351	return VLC_EGENERIC;
	352	}
	353
	354	if( i_read == 0 ) /* signature packet parsing has failed */
	355	goto error;
	356
197	357	if( p_sig->public_key_algo != PUBLIC_KEY_ALGO_DSA )
198		return VLC_EGENERIC;
199
200		p_sig->digest_algo = *p_buf++;
	358	goto error;
	359
201	360	if( p_sig->digest_algo != DIGEST_ALGO_SHA1 )
202		return VLC_EGENERIC;
203
204		memcpy( p_sig->hashed_data_len, p_buf, 2 ); p_buf += 2;
205
206		size_t i_pos = 6;
207		size_t i_hashed_data_len = scalar_number( p_sig->hashed_data_len, 2 );
208		i_pos += i_hashed_data_len;
209		if( i_pos > i_sig_len - 48 ) /* r & s are 44 bytes in total,
210		* + the unhashed data length (2 bytes)
211		* + the hash verification (2 bytes) */
212		return VLC_EGENERIC;
213
214		p_sig->hashed_data = (uint8_t*) malloc( i_hashed_data_len );
215		if( !p_sig->hashed_data )
216		return VLC_ENOMEM;
217		memcpy( p_sig->hashed_data, p_buf, i_hashed_data_len );
218		p_buf += i_hashed_data_len;
219
220		memcpy( p_sig->unhashed_data_len, p_buf, 2 ); p_buf += 2;
221
222		size_t i_unhashed_data_len = scalar_number( p_sig->unhashed_data_len, 2 );
223		i_pos += 2 + i_unhashed_data_len;
224		if( i_pos != i_sig_len - 46 )
225		{
226		free( p_sig->hashed_data );
227		return VLC_EGENERIC;
228		}
229
230		p_sig->unhashed_data = (uint8_t*) malloc( i_unhashed_data_len );
231		if( !p_sig->unhashed_data )
232		{
233		free( p_sig->hashed_data );
234		return VLC_ENOMEM;
235		}
236		memcpy( p_sig->unhashed_data, p_buf, i_unhashed_data_len );
237		p_buf += i_unhashed_data_len;
238
239		memcpy( p_sig->hash_verification, p_buf, 2 ); p_buf += 2;
240
241		int i_r_len = mpi_len( p_buf );
242		if( i_r_len > 20 )
243		{
244		free( p_sig->hashed_data );
245		free( p_sig->unhashed_data );
246		return VLC_EGENERIC;
247		}
248		else
249		{
250		memcpy( p_sig->r, p_buf, 2 + i_r_len );
251		p_buf += 2 + i_r_len;
252		}
253
254		int i_s_len = mpi_len( p_buf );
255		if( i_s_len > 20 )
256		{
257		free( p_sig->hashed_data );
258		free( p_sig->unhashed_data );
259		return VLC_EGENERIC;
260		}
261		else
262		{
263		memcpy( p_sig->s, p_buf, 2 + i_s_len );
264		p_buf += 2 + i_s_len;
265		}
	361	goto error;
	362
	363	switch( p_sig->type )
	364	{
	365	case BINARY_SIGNATURE:
	366	case TEXT_SIGNATURE:
	367	case GENERIC_KEY_SIGNATURE:
	368	case PERSONA_KEY_SIGNATURE:
	369	case CASUAL_KEY_SIGNATURE:
	370	case POSITIVE_KEY_SIGNATURE:
	371	break;
	372	default:
	373	goto error;
	374	}
	375
	376	p_buf--; /* rewind to the version byte */
	377	p_buf += i_read;
	378
	379	if( i_read + 2 > i_sig_len )
	380	goto error;
	381
	382	size_t i_r_len = mpi_len( p_buf ); i_read += 2;
	383	if( i_read + i_r_len > i_sig_len \|\| i_r_len > 20 )
	384	goto error;
	385
	386	memcpy( p_sig->r, p_buf, 2 + i_r_len );
	387	p_buf += 2 + i_r_len;
	388	i_read += i_r_len;
	389
	390	if( i_read + 2 > i_sig_len )
	391	goto error;
	392
	393	size_t i_s_len = mpi_len( p_buf ); i_read += 2;
	394	if( i_read + i_s_len > i_sig_len \|\| i_s_len > 20 )
	395	goto error;
	396
	397	memcpy( p_sig->s, p_buf, 2 + i_s_len );
	398	p_buf += 2 + i_s_len;
	399	i_read += i_s_len;
	400
	401	assert( i_read == i_sig_len );
	402	if( i_read < i_sig_len ) /* some extra data, hm ? */
	403	goto error;
266	404
267	405	return VLC_SUCCESS;
	406
	407	error:
	408
	409	if( p_sig->version == 4 )
	410	{
	411	free( p_sig->specific.v4.hashed_data );
	412	free( p_sig->specific.v4.unhashed_data );
	413	}
	414
	415	return VLC_EGENERIC;
268	416	}
269	417
…	…
363	511	*/
364	512	static int download_signature( vlc_object_t *p_this,
365		signature_packet_~~v3_~~t *p_sig,
	513	signature_packet_t *p_sig,
366	514	const char *psz_url )
367	515	{
…	…
380	528
381	529	int64_t i_size = stream_Size( p_stream );
382		if( i_size <= 65 ) /* binary format signature */
383		{
384		msg_Dbg( p_this, "Downloading unarmored signature" );
385		int i_read = stream_Read( p_stream, p_sig, (int)i_size );
386		stream_Delete( p_stream );
387		if( i_read != i_size )
388		{
389		msg_Dbg( p_this, "Couldn't read full signature" );
390		return VLC_EGENERIC;
391		}
392		else
393		return VLC_SUCCESS;
394		}
395
396		msg_Dbg( p_this, "Downloading armored signature" );
397		char p_buf = (char)malloc( i_size );
	530
	531	msg_Dbg( p_this, "Downloading signature (%"PRId64" bytes)", i_size );
	532	uint8_t p_buf = (uint8_t)malloc( i_size );
398	533	if( !p_buf )
399	534	{
…	…
406	541	stream_Delete( p_stream );
407	542
408		if( i_read != i_size )
409		{
410		msg_Dbg( p_this, "Couldn't read full signature" );
	543	if( i_read != (int)i_size )
	544	{
	545	msg_Dbg( p_this,
	546	"Couldn't download full signature (only %d bytes)", i_read );
411	547	free( p_buf );
412	548	return VLC_EGENERIC;
413	549	}
414	550
415		int i_bytes = pgp_unarmor( p_buf, i_size, (uint8_t*)p_sig, 65 );
	551	if( (uint8_t)p_buf < 0x80 ) / ASCII */
	552	{
	553	msg_Dbg( p_this, "Unarmoring signature" );
	554
	555	uint8_t* p_unarmored = (uint8_t) malloc( ( i_size 3 ) / 4 + 1 );
	556	if( !p_unarmored )
	557	{
	558	free( p_buf );
	559	return VLC_EGENERIC;
	560	}
	561
	562	int i_bytes = pgp_unarmor( (char*)p_buf, i_size, p_unarmored, i_size );
	563	free( p_buf );
	564
	565	p_buf = p_unarmored;
	566	i_size = i_bytes;
	567
	568	if( i_bytes < 2 )
	569	{
	570	free( p_buf );
	571	msg_Dbg( p_this, "Unarmoring failed : corrupted signature ?" );
	572	return VLC_EGENERIC;
	573	}
	574	}
	575
	576	if( packet_type( *p_buf ) != SIGNATURE_PACKET )
	577	{
	578	free( p_buf );
	579	msg_Dbg( p_this, "Not a signature: %d", *p_buf );
	580	return VLC_EGENERIC;
	581	}
	582
	583	size_t i_header_len = packet_header_len( *p_buf );
	584	if( ( i_header_len != 1 && i_header_len != 2 && i_header_len != 4 ) \|\|
	585	i_header_len + 1 > (size_t)i_size )
	586	{
	587	free( p_buf );
	588	msg_Dbg( p_this, "Invalid signature packet header" );
	589	return VLC_EGENERIC;
	590	}
	591
	592	size_t i_len = scalar_number( p_buf+1, i_header_len );
	593	if( i_len + i_header_len + 1 != (size_t)i_size )
	594	{
	595	free( p_buf );
	596	msg_Dbg( p_this, "Invalid signature packet" );
	597	return VLC_EGENERIC;
	598	}
	599
	600	int i_ret = parse_signature_packet( p_sig, p_buf+1+i_header_len, i_len );
416	601	free( p_buf );
417
418		if( i_bytes == 0 )
419		{
420		msg_Dbg( p_this, "Unarmoring failed" );
421		return VLC_EGENERIC;
422		}
423		else if( i_bytes > 65 )
424		{
425		msg_Dbg( p_this, "Signature is too big: %d bytes", i_bytes );
426		return VLC_EGENERIC;
427		}
428		else
429		{
430		int i_r_len = mpi_len( p_sig->r );
431		if( i_r_len > 20 )
432		{
433		msg_Dbg( p_this, "Invalid signature, r number too big: %d bytes",
434		i_r_len );
435		return VLC_EGENERIC;
436		}
437		else if( i_r_len < 20 )
438		/* move s to the right place if r is less than 20 bytes */
439		memmove( p_sig->s, p_sig->r + 2 + i_r_len, 20 + 2 );
440
441		return VLC_SUCCESS;
442		}
	602	if( i_ret != VLC_SUCCESS )
	603	{
	604	msg_Dbg( p_this, "Couldn't parse signature" );
	605	return i_ret;
	606	}
	607
	608	if( p_sig->type != BINARY_SIGNATURE && p_sig->type != TEXT_SIGNATURE )
	609	{
	610	msg_Dbg( p_this, "Invalid signature type: %d", p_sig->type );
	611	if( p_sig->version == 4 )
	612	{
	613	free( p_sig->specific.v4.hashed_data );
	614	free( p_sig->specific.v4.unhashed_data );
	615	}
	616	return VLC_EGENERIC;
	617	}
	618
	619	return VLC_SUCCESS;
443	620	}
444	621
…	…
505	682
506	683	/*
507		* Return the long id (8 bytes) of the public key used to generate a signature
508		*/
509		~~static uint8_t get_issuer_from_signature_v4( signature_packet_v4_t p_sig )~~
510		{
511		~~uint8_t *p = p_sig->unhashed_data;~~
512		~~uint8_t *max_pos = p + scalar_number( p_sig->unhashed_data_len, 2 );~~
513
514		~~while( p < max_pos )~~
515		{
516		~~int i_subpacket_len = p < 192 ? p++ :~~
517		p < 255 ? ((p++ - 192) << 8) + *p++ + 192 :
518		~~((++p) << 24) + (++p << 16) + (++p << 8) + ++p;~~
519
520		~~if( p >= max_pos - 1 )~~
521		~~return NULL;~~
522
523		~~if( *p == ISSUER_SUBPACKET )~~
524		~~return p+1;~~
525		~~else~~
526		~~p += i_subpacket_len;~~
527		}
528		~~return NULL;~~
529		}
530
531		/*
532	684	* fill a public_key_t with public key data, including:
533	685	* * public key packet
…	…
535	687	* * user id packet
536	688	*/
537		static int parse_public_key( const uint8_t p_key_data, size_t i_key_len, public_key_t p_key, const uint8_t *p_sig_issuer )
	689	static int parse_public_key( const uint8_t *p_key_data, size_t i_key_len,
	690	public_key_t p_key, const uint8_t p_sig_issuer )
538	691	{
539	692	uint8_t pos = (uint8_t) p_key_data;
…	…
547	700	uint8_t *p_key_unarmored = NULL;
548	701
549		~~signature_packet_v4_t sig;~~
550
551	702	p_key->psz_username = NULL;
552		p_key->sig.hashed_data = p_key->sig.unhashed_data = NULL;
	703	p_key->sig.specific.v4.hashed_data = NULL;
	704	p_key->sig.specific.v4.unhashed_data = NULL;
553	705
554	706	if( !( *pos & 0x80 ) )
…	…
575	727
576	728	int i_header_len = packet_header_len( *pos++ );
577		if( pos + i_header_len > max_pos )
	729	if( pos + i_header_len > max_pos \|\|
	730	( i_header_len != 1 && i_header_len != 2 && i_header_len != 4 ) )
578	731	goto error;
579	732
…	…
586	739	switch( i_type )
587	740	{
588		~~uint8_t *p_issuer;~~
589
590	741	case PUBLIC_KEY_PACKET:
591	742	i_status \|= PUBLIC_KEY_FOUND;
…	…
594	745	break;
595	746
596		case SIGNATURE_PACKET:
597		if( !p_sig_issuer \|\| i_status & SIGNATURE_FOUND \|\|
598		parse_signature_v4_packet( &sig, pos, i_packet_len ) != VLC_SUCCESS )
	747	case SIGNATURE_PACKET: /* we accept only v4 signatures here */
	748	if( i_status & SIGNATURE_FOUND \|\| !p_sig_issuer )
599	749	break;
600		p_issuer = get_issuer_from_signature_v4( &sig );
601		if( memcmp( p_issuer, p_sig_issuer, 8 ) == 0 )
	750	int i_ret = parse_signature_packet( &p_key->sig, pos,
	751	i_packet_len );
	752	if( i_ret == VLC_SUCCESS )
602	753	{
603		memcpy( &p_key->sig, &sig, sizeof( signature_packet_v4_t ) );
	754	if( p_key->sig.version != 4 )
	755	break;
	756	if( memcmp( p_key->sig.issuer_longid, p_sig_issuer, 8 ) )
	757	{
	758	free( p_key->sig.specific.v4.hashed_data );
	759	free( p_key->sig.specific.v4.unhashed_data );
	760	p_key->sig.specific.v4.hashed_data = NULL;
	761	p_key->sig.specific.v4.unhashed_data = NULL;
	762	break;
	763	}
604	764	i_status \|= SIGNATURE_FOUND;
605		}
606		~~else~~
607		{
608		~~free( sig.hashed_data );~~
609		~~free( sig.unhashed_data );~~
610	765	}
611	766	break;
…	…
630	785	free( p_key_unarmored );
631	786
632		if( !( i_status & ( PUBLIC_KEY_FOUND + USER_ID_FOUND ) ) )
	787	if( !( i_status & ( PUBLIC_KEY_FOUND \| USER_ID_FOUND ) ) )
633	788	return VLC_EGENERIC;
634	789
…	…
639	794
640	795	error:
641		free( p_key->sig.hashed_data );
642		free( p_key->sig.unhashed_data );
	796	if( p_key->sig.version == 4 )
	797	{
	798	free( p_key->sig.specific.v4.hashed_data );
	799	free( p_key->sig.specific.v4.unhashed_data );
	800	}
643	801	free( p_key->psz_username );
644	802	free( p_key_unarmored );
…	…
650	808	*/
651	809	static uint8_t hash_sha1_from_file( const char psz_file,
652		signature_packet_v3_t *p_sig )
653		{
	810	signature_packet_t *p_sig )
	811	{
	812	if( p_sig->type != BINARY_SIGNATURE && p_sig->type != TEXT_SIGNATURE )
	813	return NULL;
	814
654	815	FILE *f = utf8_fopen( psz_file, "r" );
655	816	if( !f )
…	…
669	830	gcry_md_write( hd, buffer, i_read );
670	831
671		gcry_md_putc( hd, p_sig->type );
672		gcry_md_write( hd, &p_sig->timestamp, 4 );
	832	if( p_sig->version == 3 )
	833	{
	834	gcry_md_putc( hd, p_sig->type );
	835	gcry_md_write( hd, &p_sig->specific.v3.timestamp, 4 );
	836	}
	837	else if( p_sig->version == 4 )
	838	{
	839	gcry_md_putc( hd, p_sig->version );
	840	gcry_md_putc( hd, p_sig->type );
	841	gcry_md_putc( hd, p_sig->public_key_algo );
	842	gcry_md_putc( hd, p_sig->digest_algo );
	843	gcry_md_write( hd, p_sig->specific.v4.hashed_data_len, 2 );
	844	size_t i_len = scalar_number( p_sig->specific.v4.hashed_data_len, 2 );
	845	gcry_md_write( hd, p_sig->specific.v4.hashed_data, i_len );
	846	}
	847	else
	848	{ /* RFC 4880 only tells about versions 3 and 4 */
	849	gcry_md_close( hd );
	850	return NULL;
	851	}
673	852
674	853	fclose( f );
…	…
686	865	* download a public key (the last one) from videolan server, and parse it
687	866	*/
688		static public_key_t download_key( vlc_object_t p_this, const uint8_t p_longid, const uint8_t p_signature_issuer )
	867	static public_key_t download_key( vlc_object_t p_this,
	868	const uint8_t p_longid, const uint8_t p_signature_issuer )
689	869	{
690	870	char *psz_url;
…	…
730	910	}
731	911
	912	memcpy( p_pkey->longid, p_longid, 8 );
	913
732	914	int i_error = parse_public_key( p_buf, i_read, p_pkey, p_signature_issuer );
733	915	free( p_buf );
…	…
744	926
745	927	/*
746		* Generate a SHA-1 hash on a public key, to verify a signature made on that hash
747		* Note that we need the signature to compute the hash
	928	* Generate a SHA1 hash on a public key, to verify a signature made on that hash
	929	* Note that we need the signature (v4) to compute the hash
748	930	*/
749	931	static uint8_t key_sign_hash( public_key_t p_pkey )
750	932	{
	933	if( p_pkey->sig.version != 4 )
	934	return NULL;
	935
	936	if( p_pkey->sig.type < GENERIC_KEY_SIGNATURE \|\|
	937	p_pkey->sig.type > POSITIVE_KEY_SIGNATURE )
	938	return NULL;
	939
751	940	gcry_error_t error = 0;
752	941	gcry_md_hd_t hd;
…	…
758	947	gcry_md_putc( hd, 0x99 );
759	948
760		gcry_md_putc( hd, (418 >> 8) & 0xff );
761		gcry_md_putc( hd, 418 & 0xff );
762
763		gcry_md_write( hd, (uint8_t)&p_pkey->key, 6 ); / version,timestamp,algo */
764
765		int i_p_len = mpi_len( p_pkey->key.p );
	949	size_t i_p_len = mpi_len( p_pkey->key.p );
	950	size_t i_g_len = mpi_len( p_pkey->key.g );
	951	size_t i_q_len = mpi_len( p_pkey->key.q );
	952	size_t i_y_len = mpi_len( p_pkey->key.y );
	953
	954	size_t i_size = 6 + 2*4 + i_p_len + i_g_len + i_q_len + i_y_len;
	955
	956	gcry_md_putc( hd, (i_size >> 8) & 0xff );
	957	gcry_md_putc( hd, i_size & 0xff );
	958
	959	gcry_md_putc( hd, p_pkey->key.version );
	960	gcry_md_write( hd, p_pkey->key.timestamp, 4 );
	961	gcry_md_putc( hd, p_pkey->key.algo );
	962
766	963	gcry_md_write( hd, (uint8_t*)&p_pkey->key.p, 2 );
767	964	gcry_md_write( hd, (uint8_t*)&p_pkey->key.p + 2, i_p_len );
768	965
769		int i_g_len = mpi_len( p_pkey->key.g );
	966	gcry_md_write( hd, (uint8_t*)&p_pkey->key.q, 2 );
	967	gcry_md_write( hd, (uint8_t*)&p_pkey->key.q + 2, i_q_len );
	968
770	969	gcry_md_write( hd, (uint8_t*)&p_pkey->key.g, 2 );
771	970	gcry_md_write( hd, (uint8_t*)&p_pkey->key.g + 2, i_g_len );
772	971
773		~~int i_q_len = mpi_len( p_pkey->key.q );~~
774		~~gcry_md_write( hd, (uint8_t*)&p_pkey->key.q, 2 );~~
775		~~gcry_md_write( hd, (uint8_t*)&p_pkey->key.q + 2, i_q_len );~~
776
777		~~int i_y_len = mpi_len( p_pkey->key.y );~~
778	972	gcry_md_write( hd, (uint8_t*)&p_pkey->key.y, 2 );
779	973	gcry_md_write( hd, (uint8_t*)&p_pkey->key.y + 2, i_y_len );
…	…
781	975	gcry_md_putc( hd, 0xb4 );
782	976
783		int i_len = strlen((char*)p_pkey->psz_username);
	977	size_t i_len = strlen((char*)p_pkey->psz_username);
784	978
785	979	gcry_md_putc( hd, (i_len << 24) & 0xff );
…	…
790	984	gcry_md_write( hd, p_pkey->psz_username, i_len );
791	985
792		size_t i_hashed_data_len = scalar_number( p_pkey->sig.hashed_data_len, 2 );
	986	size_t i_hashed_data_len =
	987	scalar_number( p_pkey->sig.specific.v4.hashed_data_len, 2 );
793	988
794	989	gcry_md_putc( hd, p_pkey->sig.version );
…	…
796	991	gcry_md_putc( hd, p_pkey->sig.public_key_algo );
797	992	gcry_md_putc( hd, p_pkey->sig.digest_algo );
798		gcry_md_write( hd, p_pkey->sig.hashed_data_len, 2 );
799		gcry_md_write( hd, p_pkey->sig.hashed_data, i_hashed_data_len );
	993	gcry_md_write( hd, p_pkey->sig.specific.v4.hashed_data_len, 2 );
	994	gcry_md_write( hd, p_pkey->sig.specific.v4.hashed_data, i_hashed_data_len );
800	995
801	996	gcry_md_putc( hd, 0x04 );
…	…
969	1164	/* Now that we know the status is valid, we must download its signature
970	1165	* to authenticate it */
971		signature_packet_~~v3_~~t sign;
	1166	signature_packet_t sign;
972	1167	if( download_signature( VLC_OBJECT( p_update->p_libvlc ), &sign,
973	1168	UPDATE_VLC_STATUS_URL ) != VLC_SUCCESS )
…	…
995	1190	}
996	1191
997		if( memcmp( sign.issuer_longid, videolan_public_key_longid , 8 ) != 0 )
	1192	memcpy( p_update->p_pkey->longid, videolan_public_key_longid, 8 );
	1193
	1194	if( memcmp( sign.issuer_longid, p_update->p_pkey->longid , 8 ) != 0 )
998	1195	{
999	1196	msg_Dbg( p_update->p_libvlc, "Need to download the GPG key" );
…	…
1053	1250	gcry_md_putc( hd, '\n' );
1054	1251
1055		gcry_md_putc( hd, sign.type );
1056		gcry_md_write( hd, &sign.timestamp, 4 );
	1252
	1253	if( sign.version == 3 )
	1254	{
	1255	gcry_md_putc( hd, sign.type );
	1256	gcry_md_write( hd, &sign.specific.v3.timestamp, 4 );
	1257	}
	1258	else if( sign.version == 4 )
	1259	{
	1260	gcry_md_putc( hd, sign.version );
	1261	gcry_md_putc( hd, sign.type );
	1262	gcry_md_putc( hd, sign.public_key_algo );
	1263	gcry_md_putc( hd, sign.digest_algo );
	1264	gcry_md_write( hd, sign.specific.v4.hashed_data_len, 2 );
	1265	size_t i_len = scalar_number( sign.specific.v4.hashed_data_l