--- /dev/null
+/*****************************************************************************
+ * vlc_pgpkey.h: VideoLAN PGP Public Key used to sign releases
+ *****************************************************************************
+ * Copyright © 2008 the VideoLAN team
+ * $Id$
+ *
+ * Authors: Rafaël Carré <funman@videolanorg>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either release 2 of the License, or
+ * (at your option) any later release.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.
+ *****************************************************************************/
+
+/* We trust this public key, and by extension, also keys signed by it. */
+
+/*
+ * VideoLAN Release Signing Key (2008)
+ * expirates on 2009-01-01
+ */
+
+static uint8_t videolan_public_key_longid[8] = {
+ 0x8B, 0x08, 0x52, 0x31, 0xD0, 0x38, 0x35, 0x37
+};
+
+static uint8_t videolan_public_key[] = {
+"-----BEGIN PGP PUBLIC KEY BLOCK-----\n"
+"Version: GnuPG v2.0.4 (FreeBSD)\n"
+"\n"
+"mQGiBEd7jcYRBAD4NRNnzqPIq6QMI6M8nmI7G569zJjy8NQNhqtuTlpqRlNqhDdt\n"
+"aYcYFSBKW7YXs03BCcDNFfUpB4wexsD9z+aOTzAFs+tVmB0XyKlPc2IaMuwV9tYS\n"
+"6LG2TITzWgZ5kyEtyVdDr4xvdTD1S/E2sraW/i1CgJkA/5HtgC3LksvirwCg2yQn\n"
+"d+sA8KQEC66+ELV4hNn4eAsD/0ObYdZEM0B6E0hVAyabKTVYGs7MT6UjbHTaxhzV\n"
+"PN6Qss1Zmm/oKA5ClNIrvSO6dqzSC+OMQwwHYizOgfObO116LWzMo+YSDyWNonRT\n"
+"Ex5BtJcvyA18qbNkka79I+VYCsoLlk7pRyEc14HhMCBpR0dVl53w102RmwkXigO3\n"
+"FL5kBAC4Hvy3FsV7DmwM/QccrfTDzD7SFPXnn+w5HluhCXseoiYkCSjNa8iDpG/e\n"
+"AKrlwnWwEH50Q/tsD+hysnLd7dk/tGP0a4VkqcZ69pyxAql8vClBpd76udrquMKq\n"
+"IFN8m2MFzkYdYSezR4yro4NLmgyri4xomjxVjboR2eXnQPUnlrQjVmlkZW9MQU4g\n"
+"UmVsZWFzZSBTaWduaW5nIEtleSAoMjAwOCmIZgQTEQIAJgUCR3uNxgIbAwUJAeEz\n"
+"gAYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJEIsIUjHQODU3xtoAoLgtA2m+qmOD\n"
+"0W07hdZkqtJPW8frAJwOr4Le14j1FB6jKs8FvDsW6EL1bIhGBBARAgAGBQJHe45m\n"
+"AAoJEGFgnhjAr/EP4F8AoKa8Ip/bUqk/+yASpBuKNqLZgYduAKCKqJfK4Z8zN2We\n"
+"8NvZLTT66/zGxIhGBBARAgAGBQJHe46fAAoJEJAoF+SqX03m1dEAoOWl4gQsSOQG\n"
+"fHfke5hAy9O2FdFDAJwOynmqM7ZAlHmvlQsUHuP1gZXGBbkEDQRHe44rEBAAzygZ\n"
+"HacW1jQCOt9pI1g3ilvQYEOAosXNUV9R7c+tUySFR+t8wIwkYnUZ9WMg94oBn618\n"
+"7hQHFuRoKxlinH11Elv0PvkBQPbhLq2QFX7ItAkuoVMejoZ+vUHSuJt7UNJ1YOWg\n"
+"cIxOkVDkgDLl5HVbXVFU/RzKfFDr45o02NnNi8wbyIU65QFnvPNz1lLjcqQ9nTCy\n"
+"8ntdW1XozQap6IFE07ZmPhNfGeMx2JlauHnZvgxORTrDjDX9o5LjTt0ubmR7Nt0x\n"
+"ShXcXU+HyIAn8ZD8GmvhiDDTYJjVUnrugzBFtpyGrT8J+x1GHKNNUXfXmzw9i5jK\n"
+"WWa9XxDKoyi7ktr7ZrmJBHjYinLQs1KfAFHYWw9zdjtTnx3q5kPIPnE2PVR0zkbj\n"
+"tD2dPrpdbcjZ/XgiJOUVx+wcGGaYSMlPor/Wii8fJLHbp6/ZV2NzXOm0v7+uIRR+\n"
+"9SfG/Tx0B88ehw8pxmPXmsgawzz3XXz+indGv9SYm/0ZQLEQrIzpsyrQk3BlCnFg\n"
+"AuyDHbKzsVg+bz8u3vJ3ELls9/A9g0Aka4RoHjstm/mcDsZ7gQ5+mO0kfVydg+Rt\n"
+"V2Yct3dWwxAU8JxBlkE/iQ46dllrRXGlC+x3Sn8VUZn3WpoRQHwzt+ZNtirl5VOy\n"
+"jilh44FqHqvAJj+nDRu3pDITDqkpuYO5Z2MqcNsAAwYP/3p4vW/UD4xC6zLwgznx\n"
+"3wZLa1/ct9BA1OKThV3NE2QswajiIRWzEdk9ZbJwkSBx8TXFYXPcfvbxOvhmdlWY\n"
+"o/0HuAkShymTcfroEAsznh1qpu3jEdVMMHNCbkPRtWdealXTGzH+MH4EmkoxDxZ4\n"
+"qqQjMc1YjCEOFUiuzPiJryMepQhRlZ0Vgvvzw/1A6uEFXu28KV+xehgerALNDAWe\n"
+"JHKSPBoJupykEM+c/Avg83NE5AayKXVPuWlehUfxAcKZwAHxQ+HwCmUoSJiyLYBF\n"
+"CFfYGiwB7WrbD65AfBDU1sVD58H+MZhbj3lT5h8PPG57PelcVPXSbKD93qIW51TN\n"
+"iSxGM77hFA0fnNj3FiMRnjM9wCE5FmmK/J0pP5aAekWE4IpaklzKSl7VlDqj097o\n"
+"gA5nlfEIZjqtRhxtdYHSbXV/+Yy9PxoZAGImFSNf8ZlcMw9ioC8TpXkRcxQr2iBO\n"
+"YmD3NRNGnSl7lG7fDdtAnZ9BbAYUtxFMaHNrwWHlqJn+X4rZsk5CZs2oF6obkQSI\n"
+"FO27OgupwFOHIUcc38RTPTZN6wTLGY/j1twBmQdVpSHsRjjtdQ0qEOXe1rZK9Nh9\n"
+"unX70TDBo1Ig0CGpKqk4I8hloyjrOk6szIfOpJFlT2LTrSWbDtPE0tMdwh9fnZUL\n"
+"Rt021q8MvoRxyTbTWO7Nurw0iE8EGBECAA8FAkd7jisCGwwFCQHhM4AACgkQiwhS\n"
+"MdA4NTeFXwCfc0eO+gbbE+aSCMoTTxZ8ivsjlR0An3WCvfP6aTEJnzJbmpqO4AMu\n"
+"FltR\n"
+"=Ic/K\n"
+"-----END PGP PUBLIC KEY BLOCK-----\n"
+};
+
typedef struct public_key_t public_key_t;
-/* We trust this public key, and by extension, also keys signed by it. */
-static uint8_t videolan_public_key_longid[8] = {
- 0x90, 0x28, 0x17, 0xE4, 0xAA, 0x5F, 0x4D, 0xE6
-};
-
-static uint8_t videolan_public_key[] = {
-"-----BEGIN PGP PUBLIC KEY BLOCK-----\n"
-"Version: GnuPG v2.0.4 (FreeBSD)\n"
-"\n"
-"mQGiBEWbjf8RBAC+4m2yYYzuA0+D5JQatKmoxG4z3+bat08tMz0YvBUp1UU+95i4\n"
-"cP9ndklv3yzhtZ4MIx5yy64FXtPi0/NQiikEVYPYn2KMO4LCfZCwYBEizVWzABya\n"
-"LZcffCP/3VhoR90NUluWyi+zVAn9KNIRlnhnYpDDlI76fCrTTHDCtgpImwCg7VzB\n"
-"4L6O0JpUJBCZOCAPJNYirUkD/3uCZe4vK4kLW+W3HB+grMCI1uFULmVSKMBQZc+p\n"
-"dqDq++u3zYGqiMNaVrLg/J4GSH/P0ossXEtmTVjLHF4nJ7HXfIjqkqdkxq7g9odY\n"
-"/dkA/aC7z4JBgcYfRnDMqfL12C+3b+KSwxQSzPcbvsFYm2KTgteLwG3mRlpL7Dh5\n"
-"S70nBAC1PkIl7mP4OL7vpQk9dkdQCARJLgyn5pu/pZV7He4fDLHkUr/atnYaIHk1\n"
-"15xl/ziHcBql2WmF0Uff9SuuNOi/hFCuWZSwPKsgtIhYZ5ut4FrBAVkqHV2CgxFp\n"
-"aSiA7+FTG91++LDsg2xrHyTRW+fQnPdpf5a4H1fF15azo40h17QjVmlkZW9MQU4g\n"
-"UmVsZWFzZSBTaWduaW5nIEtleSAoMjAwNymIRgQQEQIABgUCRZ41PgAKCRDDZ9i5\n"
-"gcrKhPmUAJ49Krgt6ZPZZ2YkW7fWFwTvSgGongCePDjnFh1g4078f7lycT4wFk/c\n"
-"vPiIRgQQEQIABgUCRZ71NQAKCRD9Ibw7rD4IebztAKCxuyWCjF2JPAe1hdZqNNbE\n"
-"/gWDRACfaBw6mpHh3+jZuNnRk6NctFMbTzWIRgQTEQIABgUCRZuOiQAKCRDD7G2+\n"
-"3W0SvRkEAJ9cCPrbfzoTHKUVlGLAKbx5pcoutQCdENlo4nwXbQHaREDqm+ISBU3p\n"
-"iXeIZgQTEQIAJgUCRZuN/wIbAwUJAeEzgAYLCQgHAwIEFQIIAwQWAgMBAh4BAheA\n"
-"AAoJEJAoF+SqX03m4ZQAoOSj3JzzUuY+n/oS0Y4/yZ4tThNNAJ4h+9FacWApQdNJ\n"
-"+PcydRFEEm203LkCDQRFm44DEAgAlNLlnyIkLJ/Uyncsd5nB46LqQpJDLJ3AalfN\n"
-"44Vy3aOG+aA7JsNL5T5r5WRGnAf41qSOFiuZHwjfrtKb4TWkcfWlpsi8t5uasII9\n"
-"WAVX2aVIbiPMNWUnhQIn8rjCRLm2t/0Hch0HDbXaI/hvub5qhmSHfmqzlkuEUyVu\n"
-"H+beivX8pQwxqpcWXrmwuNzhISR1DsWBn5u0WcOSqUDtFG5Me8AuPFR1oxdYTtvC\n"
-"vqlVnw6ag3QuNqaAgWDU5Ug/U10ZxCZTn5TAcp+1ZDlM/dXIwh8wKXDjiKqHgYg1\n"
-"VLQ4fOsscTJoUDOaobeaVwTcDaSB4yQ3bhB2q5fLKqj+bNrY9wADBQf/Rw92M9b/\n"
-"JRs5IpX3fcrgHetVLHPiRuW8btD6EkmlgyRFOwOCzOSlSzFW6DKFrbOvd01EWkaP\n"
-"4PWJNW7b7OZqzK+UWzlWTgtV/2iUJtHg3+euZRdc5V9gqW17+HIAxjJVE53Syn8u\n"
-"kiJpk7HebtQo/v/pk3jtxdeJU3fY8ZAKJFl8V9aAj7ATFaAhYohzyKTRYc04F0n6\n"
-"VJDtwQkobdhq2//+5hSVrJ9wXRRF6XFVxc32NinqDEYrJUvTVayYu28Ivg4CTlts\n"
-"a+R7x92aDVT2KT+voPIGZxPYjALGa/I2hrlEYD9CiRFNBKAzRiNGAOo67SNI4hDu\n"
-"rFWRmMNOONWpIIhPBBgRAgAPBQJFm44DAhsMBQkB4TOAAAoJEJAoF+SqX03m57kA\n"
-"oMPb2o2D9gSwQFKXhamx2YdrykHOAKDqQ1tHH3ULY5cLLAKVaQtsNhVEtQ==\n"
-"=qrc1\n"
-"-----END PGP PUBLIC KEY BLOCK-----\n"
-};
-
enum
{
UpdateReleaseStatusOlder,
#include <assert.h>
#include <vlc_update.h>
+#include <vlc_pgpkey.h>
#include <vlc_stream.h>
#include <vlc_interface.h>
char *p_ipos = p_ibuf;
uint8_t *p_opos = p_obuf;
int i_end = 0;
-
int i_header_skipped = 0;
- while( !i_end && p_ipos < p_ibuf + i_ibuf_len )
+ while( !i_end && p_ipos < p_ibuf + i_ibuf_len && *p_ipos != '=' )
{
if( *p_ipos == '\r' || *p_ipos == '\n' )
{
p_ipos[i_line_len] = '\0';
p_opos += vlc_b64_decode_binary_to_buffer( p_opos,
- p_obuf - p_opos + i_obuf_len,
- p_ipos );
-
+ p_obuf - p_opos + i_obuf_len, p_ipos );
p_ipos += i_line_len + 1;
}
return VLC_ENOMEM;
int64_t i_size = stream_Size( p_stream );
+ /* FIXME: a signature can be less than 65 bytes, if r & s numbers
+ * do not have 160 significant bits.
+ */
if( i_size < 65 )
{
stream_Delete( p_stream );
+ msg_Dbg( p_this, "Signature too small" );
return VLC_EGENERIC;
}
else if( i_size == 65 ) /* binary format signature */
{
+ msg_Dbg( p_this, "Downloading unarmored signature" );
int i_read = stream_Read( p_stream, p_sig, (int)i_size );
stream_Delete( p_stream );
if( i_read != i_size )
+ {
+ msg_Dbg( p_this, "Couldn't read full signature" );
return VLC_EGENERIC;
+ }
else
return VLC_SUCCESS;
}
+ msg_Dbg( p_this, "Downloading armored signature" );
char *p_buf = (char*)malloc( i_size );
if( !p_buf )
{
if( i_read != i_size )
{
+ msg_Dbg( p_this, "Couldn't read full signature" );
free( p_buf );
return VLC_EGENERIC;
}
free( p_buf );
if( i_bytes != 65 )
+ {
+ msg_Dbg( p_this, "Unarmoring failed: signature is %d bytes", i_bytes );
return VLC_EGENERIC;
+ }
else
return VLC_SUCCESS;
}
if( i_read != (int)i_size )
{
+ msg_Dbg( p_this, "Couldn't read full GPG key" );
free( p_buf );
return NULL;
}
if( i_error != VLC_SUCCESS )
{
+ msg_Dbg( p_this, "Couldn't parse GPG key" );
free( p_pkey );
return NULL;
}
if( download_signature( VLC_OBJECT( p_udt ), &sign,
p_update->release.psz_url ) != VLC_SUCCESS )
{
- msg_Err( p_udt, "Couldn't download signature of status file" );
+ msg_Err( p_udt, "Couldn't download signature of downloaded file" );
goto end;
}