Commit 9a3c9527 authored by Rafaël Carré's avatar Rafaël Carré

Test RSA 4k signatures

parent 61f7f3dc
......@@ -20,6 +20,7 @@ check_PROGRAMS = \
test_libvlc_media_player \
test_src_config_chain \
test_src_misc_variables \
test_src_crypto_update \
$(NULL)
check_SCRIPTS = \
......@@ -76,6 +77,8 @@ test_src_misc_variables_SOURCES = src/misc/variables.c
test_src_misc_variables_LDADD = $(LIBVLCCORE) $(LIBVLC)
test_src_config_chain_SOURCES = src/config/chain.c
test_src_config_chain_LDADD = $(LIBVLCCORE)
test_src_crypto_update_SOURCES = src/crypto/update.c
test_src_crypto_update_LDADD = $(LIBVLCCORE) $(GCRYPT_LIBS)
checkall:
$(MAKE) check_PROGRAMS="$(check_PROGRAMS) $(EXTRA_PROGRAMS)" check
......
/*****************************************************************************
* update.c: test VLC updating engine
*****************************************************************************
* Copyright (C) 2014 Rafaël Carré
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301, USA.
*****************************************************************************/
#ifdef HAVE_CONFIG_H
# include "config.h"
#endif
#ifndef UPDATE_CHECK
int main(void)
{
fprintf(stderr, "Update checking disabled, not testing.\n");
return 0;
}
#else
#include <vlc_common.h>
#include "../src/misc/update_crypto.c"
static const uint8_t key_longid[] = {
0x9F, 0x8A, 0xB1, 0x13, 0x9F, 0x39, 0x9B, 0xEE
};
/* RSA 4096 */
static const uint8_t public_key[] = {
"-----BEGIN PGP PUBLIC KEY BLOCK-----\n"
"Version: GnuPG v2\n"
"\n"
"mQINBFR5uMsBEADBIrQB0ga41UbPkeJzrnUKQiEcOJtdJ1MS4wqRW9Bc4S8N4995\n"
"CDnHRjQ6VIVqvMuU6ceAKKjjFH911bbmpJiXagsifm+G/WUbYcmDhF8bXpC0u2Ky\n"
"1A0N7FsQ4QK0U8qvqdYDf3Uu8d7ANjoe50CkaQP0KhWm1i6P4rzHaNYNhg6/J5s+\n"
"wRwSVg9eej9O3jjK+enYC/2gqt0U43qYBhHegZkMEKtKfQd18l2+5vWghjlOlP3w\n"
"VsWBcMl7MRujMEoCtyCUpnJFO9rnGdbQLPAUPnuG5LFapROUfcQFe8EzJmlDx+jR\n"
"3gBoJ8hv3pRLo7iuxBtFnbZY/nZRwyQ6G7qxtGsBwJEjjMjXBG+bcjtLQVamwgbI\n"
"ElRTB98BWTAKY82TH5+76q4UNMjZM6Zn2zp7zuHNatrl2CCYbP0uCtZgh8PFaA6E\n"
"saN2L4A2A4ZS6jnIIRGZXHpqcLrZESuWiWGtu0TdkOJ5kG9L9LySCoK/RteAkyno\n"
"g3aiMtF4t97zEiULU9ioTGA57fHPJM2qm+44//nxtrVZIV4eQ69dFzd7XZ+z8PPx\n"
"AtnRbraKLwvg8uqIkWKSdFdt8GEtuw80J8uBu1D8Ea8YhdeBiCcWs9C6bGIFo7Uy\n"
"NqbK6xyCfG7c8W5xdnMW6nShuI7w5c5kjrMr3o87MifvgoHPPrt5HeJ4EQARAQAB\n"
"tCVWaWRlb0xBTiB0ZXN0IDx2aWRlb2xhbkB2aWRlb2xhbi5vcmc+iQI3BBMBCAAh\n"
"BQJUebjLAhsDBQsJCAcCBhUICQoLAgQWAgMBAh4BAheAAAoJEJ+KsROfOZvuCVIQ\n"
"AK4F+niVQ8LUzSV4Hj5Bc9o6uzC6OYLRH43PJNfeHv2jzc5lyPff906CTp+W/Evn\n"
"+VLZUz7AqRIz/U59PQgTbSEUGpDSt09cjYESqglV8dQEi81y93EIPnQPF3+jv+H0\n"
"1/r9bRUef9D8eGS5Vrnu+WDJAlQUMfLJgdxAL7XLPIXNlSAqBRUguRK8Y6kmlAwC\n"
"apODSog+u7TH5845bjeuVedqRyGsl1SoKIChSMq+zCubWsrKoyaKExNm4bYs7pOi\n"
"8y3VESbCb6t3rHRMzmuEjV3SyHtpZrGXPN0OROm8hSNGEPtcu08IO8VgXlp6D3Cc\n"
"TX2tLZs+4VN+x4iakScO3vdlyqMzsVL5OrV6cijSPE0GBNALmwowkWeVwEcykUYx\n"
"MOSLJtuHJL2fTWRZ0rfPSemxyCT+74YslkbLkl1/cg4YKkkREBHOhXjgFAxiGlJF\n"
"E43DIR0kaeqXOFkBsk/T7SHqWnBq8aWa7BrQNlM/b3FVhE/JgYsFoTWS5Yh0aYJE\n"
"nmc9U66Ym/BaOkuIIoqHq+9xH90ho0crjBDTBm+9XkY+BviwcFDYVS+dpWj5i3X+\n"
"2UfwMqMRJRXjYUK50z9Ap4r0ekafGmm0+ox0xn0bxLZOh7zrAzE/+TSG/h8HIPKZ\n"
"qzcDd/n/EiFF23kBktC3ljzJoBxxUEGEE8YwzRWraAdV\n"
"=6eGQ\n"
"-----END PGP PUBLIC KEY BLOCK-----\n"
};
static const uint8_t key_longid2[] = {
0xD3, 0x78, 0x31, 0xFD, 0x2D, 0xCD, 0xEC, 0x0F
};
/* RSA 4096, signed by public_key */
static const uint8_t public_key2[] = {
"-----BEGIN PGP PUBLIC KEY BLOCK-----\n"
"Version: GnuPG v2\n"
"\n"
"mQINBFR5uMsBEADBIrQB0ga41UbPkeJzrnUKQiEcOJtdJ1MS4wqRW9Bc4S8N4995\n"
"CDnHRjQ6VIVqvMuU6ceAKKjjFH911bbmpJiXagsifm+G/WUbYcmDhF8bXpC0u2Ky\n"
"1A0N7FsQ4QK0U8qvqdYDf3Uu8d7ANjoe50CkaQP0KhWm1i6P4rzHaNYNhg6/J5s+\n"
"wRwSVg9eej9O3jjK+enYC/2gqt0U43qYBhHegZkMEKtKfQd18l2+5vWghjlOlP3w\n"
"VsWBcMl7MRujMEoCtyCUpnJFO9rnGdbQLPAUPnuG5LFapROUfcQFe8EzJmlDx+jR\n"
"3gBoJ8hv3pRLo7iuxBtFnbZY/nZRwyQ6G7qxtGsBwJEjjMjXBG+bcjtLQVamwgbI\n"
"ElRTB98BWTAKY82TH5+76q4UNMjZM6Zn2zp7zuHNatrl2CCYbP0uCtZgh8PFaA6E\n"
"saN2L4A2A4ZS6jnIIRGZXHpqcLrZESuWiWGtu0TdkOJ5kG9L9LySCoK/RteAkyno\n"
"g3aiMtF4t97zEiULU9ioTGA57fHPJM2qm+44//nxtrVZIV4eQ69dFzd7XZ+z8PPx\n"
"AtnRbraKLwvg8uqIkWKSdFdt8GEtuw80J8uBu1D8Ea8YhdeBiCcWs9C6bGIFo7Uy\n"
"NqbK6xyCfG7c8W5xdnMW6nShuI7w5c5kjrMr3o87MifvgoHPPrt5HeJ4EQARAQAB\n"
"tCVWaWRlb0xBTiB0ZXN0IDx2aWRlb2xhbkB2aWRlb2xhbi5vcmc+iQI3BBMBCAAh\n"
"BQJUebjLAhsDBQsJCAcCBhUICQoLAgQWAgMBAh4BAheAAAoJEJ+KsROfOZvuCVIQ\n"
"AK4F+niVQ8LUzSV4Hj5Bc9o6uzC6OYLRH43PJNfeHv2jzc5lyPff906CTp+W/Evn\n"
"+VLZUz7AqRIz/U59PQgTbSEUGpDSt09cjYESqglV8dQEi81y93EIPnQPF3+jv+H0\n"
"1/r9bRUef9D8eGS5Vrnu+WDJAlQUMfLJgdxAL7XLPIXNlSAqBRUguRK8Y6kmlAwC\n"
"apODSog+u7TH5845bjeuVedqRyGsl1SoKIChSMq+zCubWsrKoyaKExNm4bYs7pOi\n"
"8y3VESbCb6t3rHRMzmuEjV3SyHtpZrGXPN0OROm8hSNGEPtcu08IO8VgXlp6D3Cc\n"
"TX2tLZs+4VN+x4iakScO3vdlyqMzsVL5OrV6cijSPE0GBNALmwowkWeVwEcykUYx\n"
"MOSLJtuHJL2fTWRZ0rfPSemxyCT+74YslkbLkl1/cg4YKkkREBHOhXjgFAxiGlJF\n"
"E43DIR0kaeqXOFkBsk/T7SHqWnBq8aWa7BrQNlM/b3FVhE/JgYsFoTWS5Yh0aYJE\n"
"nmc9U66Ym/BaOkuIIoqHq+9xH90ho0crjBDTBm+9XkY+BviwcFDYVS+dpWj5i3X+\n"
"2UfwMqMRJRXjYUK50z9Ap4r0ekafGmm0+ox0xn0bxLZOh7zrAzE/+TSG/h8HIPKZ\n"
"qzcDd/n/EiFF23kBktC3ljzJoBxxUEGEE8YwzRWraAdVmQINBFR50lMBEACXlte9\n"
"f48AK3Qb95o0BPCO3uxAtrguFQF+Uph2RGWY3dklo60X0dZ485Dd6apdN+3wEyVD\n"
"ZngZcUMbvJvUqstLD3k+59S+vI5G4JyYuqPaqd0d0WUueW2iV2pmBb4mzXXrsfeC\n"
"PG/mRYE/wYPXpAmApzNUuYhg5n2aW4QUGC0Aq1DN7yAXjxPChDxlMul9bbiSZSxd\n"
"g2EhnYQX8BBMfGuLw5roQFvFPgHs6HqesXPsEGOaNF2HaAKvDlvr+He2K8yms7up\n"
"VBbsEiEOO3I938AdhGiwZQWhpUy4kskTDrDWDmIkjKB0/w/psoLGZd+mJnjeWHNL\n"
"E2j5eOZ1hkrEf/ujGUxEIVTkryaISHmkSQE12mQ0I9CML/FXgdNapD03gdPpem1L\n"
"BGlB6Si2SPyp5BfbaJWdZ2d3wInnwuwL95PT55LZCwsnwO6WwMCbxRtuFXDqeJCs\n"
"eDndBpjzgrEyZlhFrhxzZQebB24q0UgPnwrk2hCs2iq17aVMA7HXFq9FWgbP4xUn\n"
"gSOTevLzbIv8S8UCfFhj+8lMRyN+lHW3uUs4y2zR5dPajSRAN0AuZ0N20lTbgnVL\n"
"ZFnM1asWOO58J8qVgta/mBtEQryqb/iGl+yhRnDfjTzI/6tw8KUOvlWA3zUC3FAB\n"
"hXpH4mw8EYTI3pr6w8gE3/84tU07Z44e/xPdAQARAQABtClWaWRlb0xBTiB0ZXN0\n"
"IG5ldyA8dmlkZW9sYW5AdmlkZW9sYW4ub3JnPokCNwQTAQgAIQUCVHnSUwIbAwUL\n"
"CQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRDTeDH9Lc3sDz7lD/wJQeOMjItNTWfu\n"
"al96XM9Z7mkbyIrFBfszAl9+xEtUUFYTWyyPk81GXAXhyCgBL1OrFSNhJCfTKF1Q\n"
"gcxd4kQcjlcpueozFxz1obVakBvMhb2RB88PWLTPt/LXo3tF+yIaqpGjpmB0AOhm\n"
"yA3q8Nl7MBx4wHLX+IXDXeRnf09wIQfKC3jAaJz4SVQdZ2PPBef5mEMEAkDZyIHD\n"
"zoptMBy5JIOvmzt2jRrvWGg3VWAzG5aE87nv19ENUA6WKopB44ho1aJ5D3ccaDxo\n"
"hUfNV2Ley8i6+Xl/BePZ1eZeCC74rz1rt680+2IBqMYwQ0oaCkeMD16FBAlQNgnH\n"
"dAAxSRa2h86IZmOItH6zXrBXA34IREx3DAVf2pHRNCyLHMPdrNhNcSpRXJMZVrke\n"
"oiU4ZsWfjLJ+p72esnzbmFc2EMBGjfuz0FQJrkl70QWfOuIK6HGUdl4Sxp850qrN\n"
"zt1oeY4fvHSJ7OzlHLCNCbGrvnMUNC6gSy8W3/CtV+N9CNIOUAKc8GELHZIcmr4S\n"
"HENTFqWLpQ/mKqBIGsSDm+F6NePCHhcBbdN9GDPckRpRI+0XCEy0vwt+UJCNtk9u\n"
"DIPV4l6DCTV0xaHtbd832PvtZENl/X8DutVUycg0mbLfhkhHx6hoW8YZXLZmsLvY\n"
"t1gZz12csye02AsQuXTnVvPZJ1fsGIkCHAQQAQgABgUCVHncVQAKCRCfirETnzmb\n"
"7h9NEACk/hzRViy4DoLMrUPed04ZDSutVU6kYkQ/b1I/Z5CV/kqp2htgEWPU0vje\n"
"Ay6ni/Q9EGlGBwRCU/DugeTie2H/nMzIgEMtTEorL7YTIa9kQLYlG6jfv54dyKbL\n"
"HWM85qOns6RolKNwpjQtFuxnDN6EzpoM2IeJc8utjEnhMK2uG6ILazqLutDAXSF3\n"
"hNGJY/wC+m7X9nYdFhum5tFNCzrYgwDODU9rMUlvBxONy1HQjwQZ8CPRNaTd/uXK\n"
"C2gi5TRISTgV2bs7/AsygENXNZgXoa/tmihYxeXss0Q+kQQ+/eDOkcRSFhxDxg3F\n"
"twa1tUIsruMCxbtagx5TU7xVvKjfZ2Mze8TpgnLcRDkoNTNXGJ6g87lOS6MJqMgy\n"
"mJkHAVJ7omngBIr6xB1K5kWNnQhrltuFILqEO5zFi77puhYUhu68dAfAI/0uj+2y\n"
"rDYJV1GcAxeXfuqePZ/yTsaNI16BtwKNUPQl01dbx8c8MAtiabh48DzzP2KRBe64\n"
"bX6YkbPaOXdPjusEpJ9r7ZT/+YaLhmTHRrM2mjh52gXy0dLJKFrvXJLsVJvMlmLx\n"
"HhycSFRkGQrsZCmdmjucGMXBDWowyzfdp8wpSHkaY6Y/Mrw9PboGQx6e0pg9OfxO\n"
"nq99E4FH7ShZ7XzQs2Df9uPuSgWY6VOL2U1ZUiWO7ubtEY3asQ==\n"
"=oMbP\n"
"-----END PGP PUBLIC KEY BLOCK-----\n"
};
/* data to verify */
static const char status[] = {
"42.0.19.1\n"
"http://get.videolan.org/vlc/foo/bar.xz\n"
"Bla bla bla.\n"
"Foo bar.\n"
};
/* signature of status[] verifiable using public_key2[] */
static const uint8_t status_sign2[] = {
"-----BEGIN PGP SIGNATURE-----\n"
"Version: GnuPG v2\n"
"\n"
"iQIcBAABCAAGBQJUedMOAAoJENN4Mf0tzewPeCEQAIpkDYdJ+fLT7fG6MOOTAx8v\n"
"cMHU2avRax9ttQ+10ZJXFRIlP52mtRMKjZ1hG47f3F4leccaKfTBOXsO20TjrsDk\n"
"BByy+8TYK5IFk4AFQVEB4XuFw6almuf2ham0W5UaK7qdmUXHp3gU37ZKHkrmfF9C\n"
"CDUsiogWMyUI8tL0sCmx8HXEAXxT9mDszLR3DcNxgKbmxUrxYuY3pifsmyZ4dDYZ\n"
"g60INP3pcGm781lsS+D7Mc7GxvpqbZpZqzDNU1JMrCosm4hK81N50MLZDLc6N28T\n"
"jYAC3I2VqctNOm4mIDSrdCTYWVhQHNe1d3FXkalj/x+kWz59qYdkRR6JkMbIvL2U\n"
"m7tHalN9URiIX6jXDg/0K9WjEfFfYxnbTzn2opMasgPLzqvsryFgzkGliRitnGGV\n"
"0HAiRMOw80HiA5I0T5z2lUX68k1gR0+jgOemYXua3ZBusxPXxKYMWELL7QoHUTjH\n"
"q3urZlp5eaVP17I0H0yS+H3bX9h285AolTENbe05fh/gYjEUzRodLnejbCmlFcj2\n"
"IeeZpQPjU2GozPzw7zc3tTkAfPb3pMu5RsYZH81PeohXMjUoATQH4BCHrV7s6kmt\n"
"BttU9zAm4SCZJyTHR2PPUeQw3hNNrellyK+J/GJdeC6IFssIMF9I9rHpKf5YA2gL\n"
"WvTgfHRwPJQCso4eMOJV\n"
"=LwcX\n"
"-----END PGP SIGNATURE-----\n"
};
/* signature of status[] verifiable using public_key[] */
static const uint8_t status_sign[] = {
"-----BEGIN PGP SIGNATURE-----\n"
"Version: GnuPG v2\n"
"\n"
"iQIcBAABCAAGBQJUechbAAoJEJ+KsROfOZvuFdsP/0SZ2rmOTz/ILWJgZOfyNhZU\n"
"p8zAfcqrQdpTnuyrP8M4oEm4Kv1l/C/yGvOadHjmnqoJVCtE5kHmUV3rnBbaHZom\n"
"BKKlY9i4UY4mhb+jIYW+jlxMs8FdZwnKYxCdxhk1kfPXtrR1uQ/q3XRiumlR3BJJ\n"
"xbh2rjFZikqRnB/zZJyss/Q1cIn+tosqynAwgM/0uA5seWaKGafXr38dnBYN0bgx\n"
"khNy89SMxpgx2K/TOGPRimVP+u+RBTtm86jzQJGLF4MqWdxkWPUyfd58KMegdJ6N\n"
"sTVlfoRAjS2+H+fYDycqjU0oKt8bSeuu6qi//nrwn8U1F4qLHxxig5t0uChSUod0\n"
"MxknIHUh+lqO0zaLGU7/gFfprIWGqYOsbqNVJA78NkUIbiJT2SX5WpTjNP+Iqn2v\n"
"/ig+sWDUQkmTbpRSN62rP9DvxXNoPhT9Oe8kQjUW+T2oLFHd2xwhAO3aKx/9N7p7\n"
"0qnUX/5wo5i1hqTBDU6VFqYT5N2fE6KQYRIIgvlpxCA7IQFGSlwCSM4Kh6gn3CfZ\n"
"D7G7sG2fLsN1qc7WuucgIWf1yAUYxLI4vpw0d048SOJ2SRxbEpy6M6uQRPnMgQIU\n"
"fp1b1Mv2SMYfMx/bPDUYoApjef4hM3Tw8tPFLdfLXfNW4wCjH/BkF8LK2uMorDpi\n"
"aOCVn5XsqzeePNV82Pm0\n"
"=jMLi\n"
"-----END PGP SIGNATURE-----\n"
};
/* */
static void parse_sig(signature_packet_t *s, const uint8_t *sig)
{
size_t sig_size = strlen((char*)sig);
uint8_t *unarmored_sig = malloc((sig_size * 3) / 4 + 1);
assert(sig[0] < 0x80); // ASCII
int bytes = pgp_unarmor((char*)sig, sig_size, unarmored_sig, sig_size);
assert(packet_type(unarmored_sig[0]) == SIGNATURE_PACKET);
int header_len = packet_header_len(unarmored_sig[0]);
assert(header_len == 1 || header_len == 2 || header_len == 4);
assert(header_len < bytes);
int len = scalar_number(&unarmored_sig[1], header_len);
assert(len + header_len + 1 == bytes);
assert(!parse_signature_packet(s, &unarmored_sig[1+header_len], len));
assert(s->type == BINARY_SIGNATURE || s->type == TEXT_SIGNATURE);
}
static void check(public_key_t *key, public_key_t *key2, const char *data,
signature_packet_t *sig, const uint8_t *key_longid, const uint8_t *key_longid2)
{
uint8_t *hash;
const char *type;
if (data) {
hash = hash_from_text(data, sig);
type = "text";
} else {
hash = hash_from_public_key(key);
type = "public key";
}
assert(hash);
// TODO : binary file
assert(!memcmp(hash, sig->hash_verification, 2));
if (memcmp(sig->issuer_longid, key_longid, 8)) {
assert(key2 && key_longid2);
check(key, NULL, NULL, &key->sig, key_longid, NULL);
key = key2;
}
assert(!verify_signature(sig, &key->key, hash));
fprintf(stderr, "Good %s %s signature from %s (%.2X%.2X%.2X%.2X%.2X%.2X%.2X%.2X)\n",
type, gcry_md_algo_name(sig->digest_algo), key->psz_username,
key->longid[0], key->longid[1], key->longid[2], key->longid[3],
key->longid[4], key->longid[5], key->longid[6], key->longid[7]
);
}
static void print_key(public_key_t *key)
{
uint8_t *mpi;
switch (key->key.algo) {
case GCRY_PK_DSA: mpi = key->key.sig.dsa.p; break;
case GCRY_PK_RSA: mpi = key->key.sig.rsa.n; break;
default: abort();
}
fprintf(stderr, "Key %.2X%.2X%.2X%.2X%.2X%.2X%.2X%.2X %s %d bits\n",
key->longid[0], key->longid[1], key->longid[2], key->longid[3],
key->longid[4], key->longid[5], key->longid[6], key->longid[7],
gcry_pk_algo_name(key->key.algo), scalar_number(mpi, 2));
}
int main(void)
{
signature_packet_t sig;
public_key_t key;
assert(!parse_public_key(public_key, sizeof(public_key),
&key, key_longid));
memcpy(key.longid, key_longid, 8);
print_key(&key);
parse_sig(&sig, status_sign);
check(&key, NULL, status, &sig, key_longid, NULL);
/* */
public_key_t key2;
assert(!parse_public_key(public_key2, sizeof(public_key2),
&key2, key_longid2));
memcpy(key2.longid, key_longid2, 8);
print_key(&key2);
parse_sig(&sig, status_sign2);
check(&key, &key2, status, &sig, key_longid, key_longid2);
}
#endif
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment