[vlc-commits] update: do not hardcode sha1 hash length
Rafaël Carré
git at videolan.org
Sat May 10 14:02:55 CEST 2014
vlc | branch: master | Rafaël Carré <funman at videolan.org> | Sat May 10 13:40:08 2014 +0200| [435a44a809896c13fdc522af6b864494d7fbd0a2] | committer: Rafaël Carré
update: do not hardcode sha1 hash length
> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=435a44a809896c13fdc522af6b864494d7fbd0a2
---
src/misc/update.c | 6 +++---
src/misc/update.h | 3 +--
src/misc/update_crypto.c | 11 +++++++----
3 files changed, 11 insertions(+), 9 deletions(-)
diff --git a/src/misc/update.c b/src/misc/update.c
index 9379552..cefb6e3 100644
--- a/src/misc/update.c
+++ b/src/misc/update.c
@@ -316,7 +316,7 @@ static bool GetUpdateFile( update_t *p_update )
goto error;
}
- if( verify_signature( p_new_pkey->sig.r, p_new_pkey->sig.s,
+ if( verify_signature( &p_new_pkey->sig,
&p_update->p_pkey->key, p_hash ) == VLC_SUCCESS )
{
free( p_hash );
@@ -347,7 +347,7 @@ static bool GetUpdateFile( update_t *p_update )
goto error;
}
- else if( verify_signature( sign.r, sign.s, &p_update->p_pkey->key, p_hash )
+ else if( verify_signature( &sign, &p_update->p_pkey->key, p_hash )
!= VLC_SUCCESS )
{
msg_Err( p_update->p_libvlc, "BAD SIGNATURE for status file" );
@@ -696,7 +696,7 @@ static void* update_DownloadReal( void *obj )
goto end;
}
- if( verify_signature( sign.r, sign.s, &p_update->p_pkey->key, p_hash )
+ if( verify_signature( &sign, &p_update->p_pkey->key, p_hash )
!= VLC_SUCCESS )
{
vlc_unlink( psz_destfile );
diff --git a/src/misc/update.h b/src/misc/update.h
index a586bc6..ed9f71a 100644
--- a/src/misc/update.h
+++ b/src/misc/update.h
@@ -194,8 +194,7 @@ parse_public_key(
* Verify an OpenPGP signature made on some SHA-1 hash, with some DSA public key
*/
int
-verify_signature(
- uint8_t *p_r, uint8_t *p_s, public_key_packet_t *p_key,
+verify_signature(signature_packet_t *sign, public_key_packet_t *p_key,
uint8_t *p_hash );
/*
diff --git a/src/misc/update_crypto.c b/src/misc/update_crypto.c
index d0d4f7f..6c576fd 100644
--- a/src/misc/update_crypto.c
+++ b/src/misc/update_crypto.c
@@ -417,7 +417,7 @@ static int pgp_unarmor( const char *p_ibuf, size_t i_ibuf_len,
/*
* Verify an OpenPGP signature made on some SHA-1 hash, with some DSA public key
*/
-int verify_signature( uint8_t *p_r, uint8_t *p_s, public_key_packet_t *p_key,
+int verify_signature( signature_packet_t *sign, public_key_packet_t *p_key,
uint8_t *p_hash )
{
/* the data to be verified (a SHA-1 hash) */
@@ -444,6 +444,8 @@ int verify_signature( uint8_t *p_r, uint8_t *p_s, public_key_packet_t *p_key,
gcry_sexp_build( &key_sexp, &erroff, key_sexp_s, p, q, g, y ) )
goto problem;
+ uint8_t *p_r = sign->r;
+ uint8_t *p_s = sign->s;
int i_r_len = mpi_len( p_r );
int i_s_len = mpi_len( p_s );
if( gcry_mpi_scan( &r, GCRYMPI_FMT_USG, p_r + 2, i_r_len, NULL ) ||
@@ -451,7 +453,7 @@ int verify_signature( uint8_t *p_r, uint8_t *p_s, public_key_packet_t *p_key,
gcry_sexp_build( &sig_sexp, &erroff, sig_sexp_s, r, s ) )
goto problem;
- int i_hash_len = 20;
+ int i_hash_len = gcry_md_get_algo_dlen (sign->digest_algo);
if( gcry_mpi_scan( &hash, GCRYMPI_FMT_USG, p_hash, i_hash_len, NULL ) ||
gcry_sexp_build( &hash_sexp, &erroff, hash_sexp_s, hash ) )
goto problem;
@@ -655,9 +657,10 @@ static uint8_t *hash_finish( gcry_md_hd_t hd, signature_packet_t *p_sig )
gcry_md_final( hd );
uint8_t *p_tmp = (uint8_t*) gcry_md_read( hd, p_sig->digest_algo) ;
- uint8_t *p_hash = malloc( 20 );
+ unsigned int hash_len = gcry_md_get_algo_dlen (p_sig->digest_algo);
+ uint8_t *p_hash = malloc(hash_len);
if( p_hash )
- memcpy( p_hash, p_tmp, 20 );
+ memcpy(p_hash, p_tmp, hash_len);
gcry_md_close( hd );
return p_hash;
}
More information about the vlc-commits
mailing list