update: put pgp key in its own header (and update the key to 2008), put a...

update: put pgp key in its own header (and update the key to 2008), put a FIXME for some bug discovered (some signatures are smaller than 65 bytes), be more verbose when a problem happens.

update: put pgp key in its own header (and update the key to 2008), put a...
update: put pgp key in its own header (and update the key to 2008), put a FIXME for some bug discovered (some signatures are smaller than 65 bytes), be more verbose when a problem happens.
0635a37b · Rafaël Carré · 9125e6e7 · 0635a37b · 0635a37b · 0635a37b
Commit 0635a37b authored Jan 22, 2008 by Rafaël Carré
Show whitespace changes
Inline Side-by-side

Showing with 100 additions and 48 deletions

include/vlc_pgpkey.h include/vlc_pgpkey.h +81 -0

include/vlc_update.h include/vlc_update.h +0 -42

src/misc/update.c src/misc/update.c +19 -6

No files found.
--- a/include/vlc_pgpkey.h
+++ b/include/vlc_pgpkey.h
+/*****************************************************************************
+ * vlc_pgpkey.h: VideoLAN PGP Public Key used to sign releases
+ *****************************************************************************
+ * Copyright © 2008 the VideoLAN team
+ * $Id$
+ *
+ * Authors: Rafaël Carré <funman@videolanorg>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either release 2 of the License, or
+ * (at your option) any later release.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111, USA.
+ *****************************************************************************/
+/* We trust this public key, and by extension, also keys signed by it. */
+/*
+ * VideoLAN Release Signing Key (2008)
+ * expirates on 2009-01-01
+ */
+static uint8_t videolan_public_key_longid[8] = {
+  0x8B, 0x08, 0x52, 0x31, 0xD0, 0x38, 0x35, 0x37
+};
+static uint8_t videolan_public_key[] = {
+"-----BEGIN PGP PUBLIC KEY BLOCK-----\n"
+"Version: GnuPG v2.0.4 (FreeBSD)\n"
+"\n"
+"mQGiBEd7jcYRBAD4NRNnzqPIq6QMI6M8nmI7G569zJjy8NQNhqtuTlpqRlNqhDdt\n"
+"aYcYFSBKW7YXs03BCcDNFfUpB4wexsD9z+aOTzAFs+tVmB0XyKlPc2IaMuwV9tYS\n"
+"6LG2TITzWgZ5kyEtyVdDr4xvdTD1S/E2sraW/i1CgJkA/5HtgC3LksvirwCg2yQn\n"
+"d+sA8KQEC66+ELV4hNn4eAsD/0ObYdZEM0B6E0hVAyabKTVYGs7MT6UjbHTaxhzV\n"
+"PN6Qss1Zmm/oKA5ClNIrvSO6dqzSC+OMQwwHYizOgfObO116LWzMo+YSDyWNonRT\n"
+"Ex5BtJcvyA18qbNkka79I+VYCsoLlk7pRyEc14HhMCBpR0dVl53w102RmwkXigO3\n"
+"FL5kBAC4Hvy3FsV7DmwM/QccrfTDzD7SFPXnn+w5HluhCXseoiYkCSjNa8iDpG/e\n"
+"AKrlwnWwEH50Q/tsD+hysnLd7dk/tGP0a4VkqcZ69pyxAql8vClBpd76udrquMKq\n"
+"IFN8m2MFzkYdYSezR4yro4NLmgyri4xomjxVjboR2eXnQPUnlrQjVmlkZW9MQU4g\n"
+"UmVsZWFzZSBTaWduaW5nIEtleSAoMjAwOCmIZgQTEQIAJgUCR3uNxgIbAwUJAeEz\n"
+"gAYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJEIsIUjHQODU3xtoAoLgtA2m+qmOD\n"
+"0W07hdZkqtJPW8frAJwOr4Le14j1FB6jKs8FvDsW6EL1bIhGBBARAgAGBQJHe45m\n"
+"AAoJEGFgnhjAr/EP4F8AoKa8Ip/bUqk/+yASpBuKNqLZgYduAKCKqJfK4Z8zN2We\n"
+"8NvZLTT66/zGxIhGBBARAgAGBQJHe46fAAoJEJAoF+SqX03m1dEAoOWl4gQsSOQG\n"
+"fHfke5hAy9O2FdFDAJwOynmqM7ZAlHmvlQsUHuP1gZXGBbkEDQRHe44rEBAAzygZ\n"
+"HacW1jQCOt9pI1g3ilvQYEOAosXNUV9R7c+tUySFR+t8wIwkYnUZ9WMg94oBn618\n"
+"7hQHFuRoKxlinH11Elv0PvkBQPbhLq2QFX7ItAkuoVMejoZ+vUHSuJt7UNJ1YOWg\n"
+"cIxOkVDkgDLl5HVbXVFU/RzKfFDr45o02NnNi8wbyIU65QFnvPNz1lLjcqQ9nTCy\n"
+"8ntdW1XozQap6IFE07ZmPhNfGeMx2JlauHnZvgxORTrDjDX9o5LjTt0ubmR7Nt0x\n"
+"ShXcXU+HyIAn8ZD8GmvhiDDTYJjVUnrugzBFtpyGrT8J+x1GHKNNUXfXmzw9i5jK\n"
+"WWa9XxDKoyi7ktr7ZrmJBHjYinLQs1KfAFHYWw9zdjtTnx3q5kPIPnE2PVR0zkbj\n"
+"tD2dPrpdbcjZ/XgiJOUVx+wcGGaYSMlPor/Wii8fJLHbp6/ZV2NzXOm0v7+uIRR+\n"
+"9SfG/Tx0B88ehw8pxmPXmsgawzz3XXz+indGv9SYm/0ZQLEQrIzpsyrQk3BlCnFg\n"
+"AuyDHbKzsVg+bz8u3vJ3ELls9/A9g0Aka4RoHjstm/mcDsZ7gQ5+mO0kfVydg+Rt\n"
+"V2Yct3dWwxAU8JxBlkE/iQ46dllrRXGlC+x3Sn8VUZn3WpoRQHwzt+ZNtirl5VOy\n"
+"jilh44FqHqvAJj+nDRu3pDITDqkpuYO5Z2MqcNsAAwYP/3p4vW/UD4xC6zLwgznx\n"
+"3wZLa1/ct9BA1OKThV3NE2QswajiIRWzEdk9ZbJwkSBx8TXFYXPcfvbxOvhmdlWY\n"
+"o/0HuAkShymTcfroEAsznh1qpu3jEdVMMHNCbkPRtWdealXTGzH+MH4EmkoxDxZ4\n"
+"qqQjMc1YjCEOFUiuzPiJryMepQhRlZ0Vgvvzw/1A6uEFXu28KV+xehgerALNDAWe\n"
+"JHKSPBoJupykEM+c/Avg83NE5AayKXVPuWlehUfxAcKZwAHxQ+HwCmUoSJiyLYBF\n"
+"CFfYGiwB7WrbD65AfBDU1sVD58H+MZhbj3lT5h8PPG57PelcVPXSbKD93qIW51TN\n"
+"iSxGM77hFA0fnNj3FiMRnjM9wCE5FmmK/J0pP5aAekWE4IpaklzKSl7VlDqj097o\n"
+"gA5nlfEIZjqtRhxtdYHSbXV/+Yy9PxoZAGImFSNf8ZlcMw9ioC8TpXkRcxQr2iBO\n"
+"YmD3NRNGnSl7lG7fDdtAnZ9BbAYUtxFMaHNrwWHlqJn+X4rZsk5CZs2oF6obkQSI\n"
+"FO27OgupwFOHIUcc38RTPTZN6wTLGY/j1twBmQdVpSHsRjjtdQ0qEOXe1rZK9Nh9\n"
+"unX70TDBo1Ig0CGpKqk4I8hloyjrOk6szIfOpJFlT2LTrSWbDtPE0tMdwh9fnZUL\n"
+"Rt021q8MvoRxyTbTWO7Nurw0iE8EGBECAA8FAkd7jisCGwwFCQHhM4AACgkQiwhS\n"
+"MdA4NTeFXwCfc0eO+gbbE+aSCMoTTxZ8ivsjlR0An3WCvfP6aTEJnzJbmpqO4AMu\n"
+"FltR\n"
+"=Ic/K\n"
+"-----END PGP PUBLIC KEY BLOCK-----\n"
+};
--- a/include/vlc_update.h
+++ b/include/vlc_update.h
@@ -155,48 +155,6 @@ struct public_key_t
 typedef struct public_key_t public_key_t;
-/* We trust this public key, and by extension, also keys signed by it. */
-static uint8_t videolan_public_key_longid[8] = {
-  0x90, 0x28, 0x17, 0xE4, 0xAA, 0x5F, 0x4D, 0xE6 
-};
-static uint8_t videolan_public_key[] = {
-"-----BEGIN PGP PUBLIC KEY BLOCK-----\n"
-"Version: GnuPG v2.0.4 (FreeBSD)\n"
-"\n"
-"mQGiBEWbjf8RBAC+4m2yYYzuA0+D5JQatKmoxG4z3+bat08tMz0YvBUp1UU+95i4\n"
-"cP9ndklv3yzhtZ4MIx5yy64FXtPi0/NQiikEVYPYn2KMO4LCfZCwYBEizVWzABya\n"
-"LZcffCP/3VhoR90NUluWyi+zVAn9KNIRlnhnYpDDlI76fCrTTHDCtgpImwCg7VzB\n"
-"4L6O0JpUJBCZOCAPJNYirUkD/3uCZe4vK4kLW+W3HB+grMCI1uFULmVSKMBQZc+p\n"
-"dqDq++u3zYGqiMNaVrLg/J4GSH/P0ossXEtmTVjLHF4nJ7HXfIjqkqdkxq7g9odY\n"
-"/dkA/aC7z4JBgcYfRnDMqfL12C+3b+KSwxQSzPcbvsFYm2KTgteLwG3mRlpL7Dh5\n"
-"S70nBAC1PkIl7mP4OL7vpQk9dkdQCARJLgyn5pu/pZV7He4fDLHkUr/atnYaIHk1\n"
-"15xl/ziHcBql2WmF0Uff9SuuNOi/hFCuWZSwPKsgtIhYZ5ut4FrBAVkqHV2CgxFp\n"
-"aSiA7+FTG91++LDsg2xrHyTRW+fQnPdpf5a4H1fF15azo40h17QjVmlkZW9MQU4g\n"
-"UmVsZWFzZSBTaWduaW5nIEtleSAoMjAwNymIRgQQEQIABgUCRZ41PgAKCRDDZ9i5\n"
-"gcrKhPmUAJ49Krgt6ZPZZ2YkW7fWFwTvSgGongCePDjnFh1g4078f7lycT4wFk/c\n"
-"vPiIRgQQEQIABgUCRZ71NQAKCRD9Ibw7rD4IebztAKCxuyWCjF2JPAe1hdZqNNbE\n"
-"/gWDRACfaBw6mpHh3+jZuNnRk6NctFMbTzWIRgQTEQIABgUCRZuOiQAKCRDD7G2+\n"
-"3W0SvRkEAJ9cCPrbfzoTHKUVlGLAKbx5pcoutQCdENlo4nwXbQHaREDqm+ISBU3p\n"
-"iXeIZgQTEQIAJgUCRZuN/wIbAwUJAeEzgAYLCQgHAwIEFQIIAwQWAgMBAh4BAheA\n"
-"AAoJEJAoF+SqX03m4ZQAoOSj3JzzUuY+n/oS0Y4/yZ4tThNNAJ4h+9FacWApQdNJ\n"
-"+PcydRFEEm203LkCDQRFm44DEAgAlNLlnyIkLJ/Uyncsd5nB46LqQpJDLJ3AalfN\n"
-"44Vy3aOG+aA7JsNL5T5r5WRGnAf41qSOFiuZHwjfrtKb4TWkcfWlpsi8t5uasII9\n"
-"WAVX2aVIbiPMNWUnhQIn8rjCRLm2t/0Hch0HDbXaI/hvub5qhmSHfmqzlkuEUyVu\n"
-"H+beivX8pQwxqpcWXrmwuNzhISR1DsWBn5u0WcOSqUDtFG5Me8AuPFR1oxdYTtvC\n"
-"vqlVnw6ag3QuNqaAgWDU5Ug/U10ZxCZTn5TAcp+1ZDlM/dXIwh8wKXDjiKqHgYg1\n"
-"VLQ4fOsscTJoUDOaobeaVwTcDaSB4yQ3bhB2q5fLKqj+bNrY9wADBQf/Rw92M9b/\n"
-"JRs5IpX3fcrgHetVLHPiRuW8btD6EkmlgyRFOwOCzOSlSzFW6DKFrbOvd01EWkaP\n"
-"4PWJNW7b7OZqzK+UWzlWTgtV/2iUJtHg3+euZRdc5V9gqW17+HIAxjJVE53Syn8u\n"
-"kiJpk7HebtQo/v/pk3jtxdeJU3fY8ZAKJFl8V9aAj7ATFaAhYohzyKTRYc04F0n6\n"
-"VJDtwQkobdhq2//+5hSVrJ9wXRRF6XFVxc32NinqDEYrJUvTVayYu28Ivg4CTlts\n"
-"a+R7x92aDVT2KT+voPIGZxPYjALGa/I2hrlEYD9CiRFNBKAzRiNGAOo67SNI4hDu\n"
-"rFWRmMNOONWpIIhPBBgRAgAPBQJFm44DAhsMBQkB4TOAAAoJEJAoF+SqX03m57kA\n"
-"oMPb2o2D9gSwQFKXhamx2YdrykHOAKDqQ1tHH3ULY5cLLAKVaQtsNhVEtQ==\n"
-"=qrc1\n"
-"-----END PGP PUBLIC KEY BLOCK-----\n"
-};
 enum
 {
    UpdateReleaseStatusOlder,

--- a/src/misc/update.c
+++ b/src/misc/update.c
@@ -39,6 +39,7 @@
 #include <assert.h>
 #include <vlc_update.h>
+#include <vlc_pgpkey.h>
 #include <vlc_stream.h>
 #include <vlc_interface.h>
@@ -265,10 +266,9 @@ static int pgp_unarmor( char *p_ibuf, size_t i_ibuf_len,
    char *p_ipos = p_ibuf;
    uint8_t *p_opos = p_obuf;
    int i_end = 0;
    int i_header_skipped = 0;
-    while( !i_end && p_ipos < p_ibuf + i_ibuf_len )
+    while( !i_end && p_ipos < p_ibuf + i_ibuf_len && *p_ipos != '=' )
    {
        if( *p_ipos == '\r' || *p_ipos == '\n' )
        {
@@ -304,9 +304,7 @@ static int pgp_unarmor( char *p_ibuf, size_t i_ibuf_len,
            p_ipos[i_line_len] = '\0';
        p_opos += vlc_b64_decode_binary_to_buffer(  p_opos,
-                                                    p_obuf - p_opos + i_obuf_len,
+                        p_obuf - p_opos + i_obuf_len, p_ipos );
-                                                    p_ipos );
        p_ipos += i_line_len + 1;
    }
@@ -346,21 +344,30 @@ static int download_signature(  vlc_object_t *p_this,
        return VLC_ENOMEM;
    int64_t i_size = stream_Size( p_stream );
+    /* FIXME: a signature can be less than 65 bytes, if r & s numbers
+     * do not have 160 significant bits.
+     */
    if( i_size < 65 )
    {
        stream_Delete( p_stream );
+        msg_Dbg( p_this, "Signature too small" );
        return VLC_EGENERIC;
    }
    else if( i_size == 65 ) /* binary format signature */
    {
+        msg_Dbg( p_this, "Downloading unarmored signature" );
        int i_read = stream_Read( p_stream, p_sig, (int)i_size );
        stream_Delete( p_stream );
        if( i_read != i_size )
+        {
+            msg_Dbg( p_this, "Couldn't read full signature" );
            return VLC_EGENERIC;
+        }
        else
            return VLC_SUCCESS;
    }
+    msg_Dbg( p_this, "Downloading armored signature" );
    char *p_buf = (char*)malloc( i_size );
    if( !p_buf )
    {
@@ -374,6 +381,7 @@ static int download_signature(  vlc_object_t *p_this,
    if( i_read != i_size )
    {
+        msg_Dbg( p_this, "Couldn't read full signature" );
        free( p_buf );
        return VLC_EGENERIC;
    }
@@ -382,7 +390,10 @@ static int download_signature(  vlc_object_t *p_this,
    free( p_buf );
    if( i_bytes != 65 )
+    {
+        msg_Dbg( p_this, "Unarmoring failed: signature is %d bytes", i_bytes );
        return VLC_EGENERIC;
+    }
    else
        return VLC_SUCCESS;
 }
@@ -650,6 +661,7 @@ static public_key_t *download_key( vlc_object_t *p_this, const uint8_t *p_longid
    if( i_read != (int)i_size )
    {
+        msg_Dbg( p_this, "Couldn't read full GPG key" );
        free( p_buf );
        return NULL;
    }
@@ -666,6 +678,7 @@ static public_key_t *download_key( vlc_object_t *p_this, const uint8_t *p_longid
    if( i_error != VLC_SUCCESS )
    {
+        msg_Dbg( p_this, "Couldn't parse GPG key" );
        free( p_pkey );
        return NULL;
    }
@@ -1248,7 +1261,7 @@ void update_DownloadReal( update_download_thread_t *p_udt )
    if( download_signature( VLC_OBJECT( p_udt ), &sign,
            p_update->release.psz_url ) != VLC_SUCCESS )
    {
-        msg_Err( p_udt, "Couldn't download signature of status file" );
+        msg_Err( p_udt, "Couldn't download signature of downloaded file" );
        goto end;
    }