mirror of https://code.videolan.org/videolan/vlc
update: put pgp key in its own header (and update the key to 2008), put a FIXME for some bug discovered (some signatures are smaller than 65 bytes), be more verbose when a problem happens.
This commit is contained in:
Rafaël Carré
parent
9125e6e740
commit
0635a37ba8
|
|
@ -0,0 +1,81 @@
|
|||
/*****************************************************************************
|
||||
* vlc_pgpkey.h: VideoLAN PGP Public Key used to sign releases
|
||||
*****************************************************************************
|
||||
* Copyright © 2008 the VideoLAN team
|
||||
* $Id$
|
||||
*
|
||||
* Authors: Rafaël Carré <funman@videolanorg>
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either release 2 of the License, or
|
||||
* (at your option) any later release.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.
|
||||
*****************************************************************************/
|
||||
|
||||
/* We trust this public key, and by extension, also keys signed by it. */
|
||||
|
||||
/*
|
||||
* VideoLAN Release Signing Key (2008)
|
||||
* expirates on 2009-01-01
|
||||
*/
|
||||
|
||||
static uint8_t videolan_public_key_longid[8] = {
|
||||
0x8B, 0x08, 0x52, 0x31, 0xD0, 0x38, 0x35, 0x37
|
||||
};
|
||||
|
||||
static uint8_t videolan_public_key[] = {
|
||||
"-----BEGIN PGP PUBLIC KEY BLOCK-----\n"
|
||||
"Version: GnuPG v2.0.4 (FreeBSD)\n"
|
||||
"\n"
|
||||
"mQGiBEd7jcYRBAD4NRNnzqPIq6QMI6M8nmI7G569zJjy8NQNhqtuTlpqRlNqhDdt\n"
|
||||
"aYcYFSBKW7YXs03BCcDNFfUpB4wexsD9z+aOTzAFs+tVmB0XyKlPc2IaMuwV9tYS\n"
|
||||
"6LG2TITzWgZ5kyEtyVdDr4xvdTD1S/E2sraW/i1CgJkA/5HtgC3LksvirwCg2yQn\n"
|
||||
"d+sA8KQEC66+ELV4hNn4eAsD/0ObYdZEM0B6E0hVAyabKTVYGs7MT6UjbHTaxhzV\n"
|
||||
"PN6Qss1Zmm/oKA5ClNIrvSO6dqzSC+OMQwwHYizOgfObO116LWzMo+YSDyWNonRT\n"
|
||||
"Ex5BtJcvyA18qbNkka79I+VYCsoLlk7pRyEc14HhMCBpR0dVl53w102RmwkXigO3\n"
|
||||
"FL5kBAC4Hvy3FsV7DmwM/QccrfTDzD7SFPXnn+w5HluhCXseoiYkCSjNa8iDpG/e\n"
|
||||
"AKrlwnWwEH50Q/tsD+hysnLd7dk/tGP0a4VkqcZ69pyxAql8vClBpd76udrquMKq\n"
|
||||
"IFN8m2MFzkYdYSezR4yro4NLmgyri4xomjxVjboR2eXnQPUnlrQjVmlkZW9MQU4g\n"
|
||||
"UmVsZWFzZSBTaWduaW5nIEtleSAoMjAwOCmIZgQTEQIAJgUCR3uNxgIbAwUJAeEz\n"
|
||||
"gAYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJEIsIUjHQODU3xtoAoLgtA2m+qmOD\n"
|
||||
"0W07hdZkqtJPW8frAJwOr4Le14j1FB6jKs8FvDsW6EL1bIhGBBARAgAGBQJHe45m\n"
|
||||
"AAoJEGFgnhjAr/EP4F8AoKa8Ip/bUqk/+yASpBuKNqLZgYduAKCKqJfK4Z8zN2We\n"
|
||||
"8NvZLTT66/zGxIhGBBARAgAGBQJHe46fAAoJEJAoF+SqX03m1dEAoOWl4gQsSOQG\n"
|
||||
"fHfke5hAy9O2FdFDAJwOynmqM7ZAlHmvlQsUHuP1gZXGBbkEDQRHe44rEBAAzygZ\n"
|
||||
"HacW1jQCOt9pI1g3ilvQYEOAosXNUV9R7c+tUySFR+t8wIwkYnUZ9WMg94oBn618\n"
|
||||
"7hQHFuRoKxlinH11Elv0PvkBQPbhLq2QFX7ItAkuoVMejoZ+vUHSuJt7UNJ1YOWg\n"
|
||||
"cIxOkVDkgDLl5HVbXVFU/RzKfFDr45o02NnNi8wbyIU65QFnvPNz1lLjcqQ9nTCy\n"
|
||||
"8ntdW1XozQap6IFE07ZmPhNfGeMx2JlauHnZvgxORTrDjDX9o5LjTt0ubmR7Nt0x\n"
|
||||
"ShXcXU+HyIAn8ZD8GmvhiDDTYJjVUnrugzBFtpyGrT8J+x1GHKNNUXfXmzw9i5jK\n"
|
||||
"WWa9XxDKoyi7ktr7ZrmJBHjYinLQs1KfAFHYWw9zdjtTnx3q5kPIPnE2PVR0zkbj\n"
|
||||
"tD2dPrpdbcjZ/XgiJOUVx+wcGGaYSMlPor/Wii8fJLHbp6/ZV2NzXOm0v7+uIRR+\n"
|
||||
"9SfG/Tx0B88ehw8pxmPXmsgawzz3XXz+indGv9SYm/0ZQLEQrIzpsyrQk3BlCnFg\n"
|
||||
"AuyDHbKzsVg+bz8u3vJ3ELls9/A9g0Aka4RoHjstm/mcDsZ7gQ5+mO0kfVydg+Rt\n"
|
||||
"V2Yct3dWwxAU8JxBlkE/iQ46dllrRXGlC+x3Sn8VUZn3WpoRQHwzt+ZNtirl5VOy\n"
|
||||
"jilh44FqHqvAJj+nDRu3pDITDqkpuYO5Z2MqcNsAAwYP/3p4vW/UD4xC6zLwgznx\n"
|
||||
"3wZLa1/ct9BA1OKThV3NE2QswajiIRWzEdk9ZbJwkSBx8TXFYXPcfvbxOvhmdlWY\n"
|
||||
"o/0HuAkShymTcfroEAsznh1qpu3jEdVMMHNCbkPRtWdealXTGzH+MH4EmkoxDxZ4\n"
|
||||
"qqQjMc1YjCEOFUiuzPiJryMepQhRlZ0Vgvvzw/1A6uEFXu28KV+xehgerALNDAWe\n"
|
||||
"JHKSPBoJupykEM+c/Avg83NE5AayKXVPuWlehUfxAcKZwAHxQ+HwCmUoSJiyLYBF\n"
|
||||
"CFfYGiwB7WrbD65AfBDU1sVD58H+MZhbj3lT5h8PPG57PelcVPXSbKD93qIW51TN\n"
|
||||
"iSxGM77hFA0fnNj3FiMRnjM9wCE5FmmK/J0pP5aAekWE4IpaklzKSl7VlDqj097o\n"
|
||||
"gA5nlfEIZjqtRhxtdYHSbXV/+Yy9PxoZAGImFSNf8ZlcMw9ioC8TpXkRcxQr2iBO\n"
|
||||
"YmD3NRNGnSl7lG7fDdtAnZ9BbAYUtxFMaHNrwWHlqJn+X4rZsk5CZs2oF6obkQSI\n"
|
||||
"FO27OgupwFOHIUcc38RTPTZN6wTLGY/j1twBmQdVpSHsRjjtdQ0qEOXe1rZK9Nh9\n"
|
||||
"unX70TDBo1Ig0CGpKqk4I8hloyjrOk6szIfOpJFlT2LTrSWbDtPE0tMdwh9fnZUL\n"
|
||||
"Rt021q8MvoRxyTbTWO7Nurw0iE8EGBECAA8FAkd7jisCGwwFCQHhM4AACgkQiwhS\n"
|
||||
"MdA4NTeFXwCfc0eO+gbbE+aSCMoTTxZ8ivsjlR0An3WCvfP6aTEJnzJbmpqO4AMu\n"
|
||||
"FltR\n"
|
||||
"=Ic/K\n"
|
||||
"-----END PGP PUBLIC KEY BLOCK-----\n"
|
||||
};
|
||||
|
||||
|
|
@ -155,48 +155,6 @@ struct public_key_t
|
|||
|
||||
typedef struct public_key_t public_key_t;
|
||||
|
||||
/* We trust this public key, and by extension, also keys signed by it. */
|
||||
static uint8_t videolan_public_key_longid[8] = {
|
||||
0x90, 0x28, 0x17, 0xE4, 0xAA, 0x5F, 0x4D, 0xE6
|
||||
};
|
||||
|
||||
static uint8_t videolan_public_key[] = {
|
||||
"-----BEGIN PGP PUBLIC KEY BLOCK-----\n"
|
||||
"Version: GnuPG v2.0.4 (FreeBSD)\n"
|
||||
"\n"
|
||||
"mQGiBEWbjf8RBAC+4m2yYYzuA0+D5JQatKmoxG4z3+bat08tMz0YvBUp1UU+95i4\n"
|
||||
"cP9ndklv3yzhtZ4MIx5yy64FXtPi0/NQiikEVYPYn2KMO4LCfZCwYBEizVWzABya\n"
|
||||
"LZcffCP/3VhoR90NUluWyi+zVAn9KNIRlnhnYpDDlI76fCrTTHDCtgpImwCg7VzB\n"
|
||||
"4L6O0JpUJBCZOCAPJNYirUkD/3uCZe4vK4kLW+W3HB+grMCI1uFULmVSKMBQZc+p\n"
|
||||
"dqDq++u3zYGqiMNaVrLg/J4GSH/P0ossXEtmTVjLHF4nJ7HXfIjqkqdkxq7g9odY\n"
|
||||
"/dkA/aC7z4JBgcYfRnDMqfL12C+3b+KSwxQSzPcbvsFYm2KTgteLwG3mRlpL7Dh5\n"
|
||||
"S70nBAC1PkIl7mP4OL7vpQk9dkdQCARJLgyn5pu/pZV7He4fDLHkUr/atnYaIHk1\n"
|
||||
"15xl/ziHcBql2WmF0Uff9SuuNOi/hFCuWZSwPKsgtIhYZ5ut4FrBAVkqHV2CgxFp\n"
|
||||
"aSiA7+FTG91++LDsg2xrHyTRW+fQnPdpf5a4H1fF15azo40h17QjVmlkZW9MQU4g\n"
|
||||
"UmVsZWFzZSBTaWduaW5nIEtleSAoMjAwNymIRgQQEQIABgUCRZ41PgAKCRDDZ9i5\n"
|
||||
"gcrKhPmUAJ49Krgt6ZPZZ2YkW7fWFwTvSgGongCePDjnFh1g4078f7lycT4wFk/c\n"
|
||||
"vPiIRgQQEQIABgUCRZ71NQAKCRD9Ibw7rD4IebztAKCxuyWCjF2JPAe1hdZqNNbE\n"
|
||||
"/gWDRACfaBw6mpHh3+jZuNnRk6NctFMbTzWIRgQTEQIABgUCRZuOiQAKCRDD7G2+\n"
|
||||
"3W0SvRkEAJ9cCPrbfzoTHKUVlGLAKbx5pcoutQCdENlo4nwXbQHaREDqm+ISBU3p\n"
|
||||
"iXeIZgQTEQIAJgUCRZuN/wIbAwUJAeEzgAYLCQgHAwIEFQIIAwQWAgMBAh4BAheA\n"
|
||||
"AAoJEJAoF+SqX03m4ZQAoOSj3JzzUuY+n/oS0Y4/yZ4tThNNAJ4h+9FacWApQdNJ\n"
|
||||
"+PcydRFEEm203LkCDQRFm44DEAgAlNLlnyIkLJ/Uyncsd5nB46LqQpJDLJ3AalfN\n"
|
||||
"44Vy3aOG+aA7JsNL5T5r5WRGnAf41qSOFiuZHwjfrtKb4TWkcfWlpsi8t5uasII9\n"
|
||||
"WAVX2aVIbiPMNWUnhQIn8rjCRLm2t/0Hch0HDbXaI/hvub5qhmSHfmqzlkuEUyVu\n"
|
||||
"H+beivX8pQwxqpcWXrmwuNzhISR1DsWBn5u0WcOSqUDtFG5Me8AuPFR1oxdYTtvC\n"
|
||||
"vqlVnw6ag3QuNqaAgWDU5Ug/U10ZxCZTn5TAcp+1ZDlM/dXIwh8wKXDjiKqHgYg1\n"
|
||||
"VLQ4fOsscTJoUDOaobeaVwTcDaSB4yQ3bhB2q5fLKqj+bNrY9wADBQf/Rw92M9b/\n"
|
||||
"JRs5IpX3fcrgHetVLHPiRuW8btD6EkmlgyRFOwOCzOSlSzFW6DKFrbOvd01EWkaP\n"
|
||||
"4PWJNW7b7OZqzK+UWzlWTgtV/2iUJtHg3+euZRdc5V9gqW17+HIAxjJVE53Syn8u\n"
|
||||
"kiJpk7HebtQo/v/pk3jtxdeJU3fY8ZAKJFl8V9aAj7ATFaAhYohzyKTRYc04F0n6\n"
|
||||
"VJDtwQkobdhq2//+5hSVrJ9wXRRF6XFVxc32NinqDEYrJUvTVayYu28Ivg4CTlts\n"
|
||||
"a+R7x92aDVT2KT+voPIGZxPYjALGa/I2hrlEYD9CiRFNBKAzRiNGAOo67SNI4hDu\n"
|
||||
"rFWRmMNOONWpIIhPBBgRAgAPBQJFm44DAhsMBQkB4TOAAAoJEJAoF+SqX03m57kA\n"
|
||||
"oMPb2o2D9gSwQFKXhamx2YdrykHOAKDqQ1tHH3ULY5cLLAKVaQtsNhVEtQ==\n"
|
||||
"=qrc1\n"
|
||||
"-----END PGP PUBLIC KEY BLOCK-----\n"
|
||||
};
|
||||
|
||||
enum
|
||||
{
|
||||
UpdateReleaseStatusOlder,
|
||||
|
|
|
|||
|
|
@ -39,6 +39,7 @@
|
|||
#include <assert.h>
|
||||
|
||||
#include <vlc_update.h>
|
||||
#include <vlc_pgpkey.h>
|
||||
#include <vlc_stream.h>
|
||||
#include <vlc_interface.h>
|
||||
|
||||
|
|
@ -265,10 +266,9 @@ static int pgp_unarmor( char *p_ibuf, size_t i_ibuf_len,
|
|||
char *p_ipos = p_ibuf;
|
||||
uint8_t *p_opos = p_obuf;
|
||||
int i_end = 0;
|
||||
|
||||
int i_header_skipped = 0;
|
||||
|
||||
while( !i_end && p_ipos < p_ibuf + i_ibuf_len )
|
||||
while( !i_end && p_ipos < p_ibuf + i_ibuf_len && *p_ipos != '=' )
|
||||
{
|
||||
if( *p_ipos == '\r' || *p_ipos == '\n' )
|
||||
{
|
||||
|
|
@ -304,9 +304,7 @@ static int pgp_unarmor( char *p_ibuf, size_t i_ibuf_len,
|
|||
p_ipos[i_line_len] = '\0';
|
||||
|
||||
p_opos += vlc_b64_decode_binary_to_buffer( p_opos,
|
||||
p_obuf - p_opos + i_obuf_len,
|
||||
p_ipos );
|
||||
|
||||
p_obuf - p_opos + i_obuf_len, p_ipos );
|
||||
p_ipos += i_line_len + 1;
|
||||
}
|
||||
|
||||
|
|
@ -346,21 +344,30 @@ static int download_signature( vlc_object_t *p_this,
|
|||
return VLC_ENOMEM;
|
||||
|
||||
int64_t i_size = stream_Size( p_stream );
|
||||
/* FIXME: a signature can be less than 65 bytes, if r & s numbers
|
||||
* do not have 160 significant bits.
|
||||
*/
|
||||
if( i_size < 65 )
|
||||
{
|
||||
stream_Delete( p_stream );
|
||||
msg_Dbg( p_this, "Signature too small" );
|
||||
return VLC_EGENERIC;
|
||||
}
|
||||
else if( i_size == 65 ) /* binary format signature */
|
||||
{
|
||||
msg_Dbg( p_this, "Downloading unarmored signature" );
|
||||
int i_read = stream_Read( p_stream, p_sig, (int)i_size );
|
||||
stream_Delete( p_stream );
|
||||
if( i_read != i_size )
|
||||
{
|
||||
msg_Dbg( p_this, "Couldn't read full signature" );
|
||||
return VLC_EGENERIC;
|
||||
}
|
||||
else
|
||||
return VLC_SUCCESS;
|
||||
}
|
||||
|
||||
msg_Dbg( p_this, "Downloading armored signature" );
|
||||
char *p_buf = (char*)malloc( i_size );
|
||||
if( !p_buf )
|
||||
{
|
||||
|
|
@ -374,6 +381,7 @@ static int download_signature( vlc_object_t *p_this,
|
|||
|
||||
if( i_read != i_size )
|
||||
{
|
||||
msg_Dbg( p_this, "Couldn't read full signature" );
|
||||
free( p_buf );
|
||||
return VLC_EGENERIC;
|
||||
}
|
||||
|
|
@ -382,7 +390,10 @@ static int download_signature( vlc_object_t *p_this,
|
|||
free( p_buf );
|
||||
|
||||
if( i_bytes != 65 )
|
||||
{
|
||||
msg_Dbg( p_this, "Unarmoring failed: signature is %d bytes", i_bytes );
|
||||
return VLC_EGENERIC;
|
||||
}
|
||||
else
|
||||
return VLC_SUCCESS;
|
||||
}
|
||||
|
|
@ -650,6 +661,7 @@ static public_key_t *download_key( vlc_object_t *p_this, const uint8_t *p_longid
|
|||
|
||||
if( i_read != (int)i_size )
|
||||
{
|
||||
msg_Dbg( p_this, "Couldn't read full GPG key" );
|
||||
free( p_buf );
|
||||
return NULL;
|
||||
}
|
||||
|
|
@ -666,6 +678,7 @@ static public_key_t *download_key( vlc_object_t *p_this, const uint8_t *p_longid
|
|||
|
||||
if( i_error != VLC_SUCCESS )
|
||||
{
|
||||
msg_Dbg( p_this, "Couldn't parse GPG key" );
|
||||
free( p_pkey );
|
||||
return NULL;
|
||||
}
|
||||
|
|
@ -1248,7 +1261,7 @@ void update_DownloadReal( update_download_thread_t *p_udt )
|
|||
if( download_signature( VLC_OBJECT( p_udt ), &sign,
|
||||
p_update->release.psz_url ) != VLC_SUCCESS )
|
||||
{
|
||||
msg_Err( p_udt, "Couldn't download signature of status file" );
|
||||
msg_Err( p_udt, "Couldn't download signature of downloaded file" );
|
||||
goto end;
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue