vlc | branch: master | Rafaël Carré <[email protected]> | Sun May 11 13:12:30 2014 +0200| [db8f517649bb57eefd71076fb60735bd136c7dee] | committer: Rafaël Carré
update: sha1 is not mandatory anymore > http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=db8f517649bb57eefd71076fb60735bd136c7dee --- src/misc/update.c | 12 ++++++------ src/misc/update.h | 35 +++++++++-------------------------- src/misc/update_crypto.c | 20 ++++++++++---------- 3 files changed, 25 insertions(+), 42 deletions(-) diff --git a/src/misc/update.c b/src/misc/update.c index cefb6e3..b00eb27 100644 --- a/src/misc/update.c +++ b/src/misc/update.c @@ -307,7 +307,7 @@ static bool GetUpdateFile( update_t *p_update ) goto error; } - uint8_t *p_hash = hash_sha1_from_public_key( p_new_pkey ); + uint8_t *p_hash = hash_from_public_key( p_new_pkey ); if( !p_hash ) { msg_Err( p_update->p_libvlc, "Failed to hash signature" ); @@ -332,17 +332,17 @@ static bool GetUpdateFile( update_t *p_update ) } } - uint8_t *p_hash = hash_sha1_from_text( psz_update_data, &sign ); + uint8_t *p_hash = hash_from_text( psz_update_data, &sign ); if( !p_hash ) { - msg_Warn( p_update->p_libvlc, "Can't compute SHA1 hash for status file" ); + msg_Warn( p_update->p_libvlc, "Can't compute hash for status file" ); goto error; } else if( p_hash[0] != sign.hash_verification[0] || p_hash[1] != sign.hash_verification[1] ) { - msg_Warn( p_update->p_libvlc, "Bad SHA1 hash for status file" ); + msg_Warn( p_update->p_libvlc, "Bad hash for status file" ); free( p_hash ); goto error; } @@ -671,7 +671,7 @@ static void* update_DownloadReal( void *obj ) goto end; } - uint8_t *p_hash = hash_sha1_from_file( psz_destfile, &sign ); + uint8_t *p_hash = hash_from_file( psz_destfile, &sign ); if( !p_hash ) { msg_Err( p_udt, "Unable to hash %s", psz_destfile ); @@ -691,7 +691,7 @@ static void* update_DownloadReal( void *obj ) dialog_FatalWait( p_udt, _("File corrupted"), _("Downloaded file \"%s\" was corrupted. Thus, it was deleted."), psz_destfile ); - msg_Err( p_udt, "Bad SHA1 hash for %s", psz_destfile ); + msg_Err( p_udt, "Bad hash for %s", psz_destfile ); free( p_hash ); goto end; } diff --git a/src/misc/update.h b/src/misc/update.h index ed9f71a..906b056 100644 --- a/src/misc/update.h +++ b/src/misc/update.h @@ -20,23 +20,6 @@ * Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301, USA. *****************************************************************************/ -/* Go reading the rfc 4880 ! NOW !! */ - -/* - * XXX - * When PGP-signing a file, we only sign a SHA-1 hash of this file - * The DSA key size requires that we use an algorithm which produce - * a 160 bits long hash - * An alternative is RIPEMD160 , which you can use by giving the option - * --digest-algo RIPEMD160 to GnuPG - * - * As soon as SHA-1 is broken, this method is not secure anymore, because an - * attacker could generate a file with the same SHA-1 hash. - * - * Whenever this happens, we need to use another algorithm / type of key. - * XXX - */ - #include <vlc_update.h> #include <vlc_atomic.h> @@ -65,7 +48,7 @@ enum /* Signature subpacket types */ }; struct public_key_packet_t -{ /* a public key packet (DSA/SHA-1) is 418 bytes */ +{ /* a public key packet (DSA) is 418 bytes */ uint8_t version; /* we use only version 4 */ uint8_t timestamp[4]; /* creation time of the key */ @@ -84,7 +67,7 @@ struct signature_packet_t uint8_t type; uint8_t public_key_algo; /* DSA only */ - uint8_t digest_algo; /* SHA-1 only */ + uint8_t digest_algo; uint8_t hash_verification[2]; uint8_t issuer_longid[8]; @@ -191,7 +174,7 @@ parse_public_key( const uint8_t *p_sig_issuer ); /* - * Verify an OpenPGP signature made on some SHA-1 hash, with some DSA public key + * Verify an OpenPGP signature made on some hash, with some DSA public key */ int verify_signature(signature_packet_t *sign, public_key_packet_t *p_key, @@ -206,21 +189,21 @@ download_signature( vlc_object_t *p_this, signature_packet_t *p_sig, const char *psz_url ); /* - * return a sha1 hash of a text + * return a hash of a text */ uint8_t * -hash_sha1_from_text( +hash_from_text( const char *psz_text, signature_packet_t *p_sig ); /* - * return a sha1 hash of a file + * return a hash of a file */ uint8_t * -hash_sha1_from_file( +hash_from_file( const char *psz_file, signature_packet_t *p_sig ); /* - * return a sha1 hash of a public key + * return a hash of a public key */ uint8_t * -hash_sha1_from_public_key( public_key_t *p_pkey ); +hash_from_public_key( public_key_t *p_pkey ); diff --git a/src/misc/update_crypto.c b/src/misc/update_crypto.c index 3555f4f..97b55c6 100644 --- a/src/misc/update_crypto.c +++ b/src/misc/update_crypto.c @@ -1,5 +1,5 @@ /***************************************************************************** - * update_crypto.c: DSA/SHA1 related functions used for updating + * update_crypto.c: DSA related functions used for updating ***************************************************************************** * Copyright © 2008-2009 VLC authors and VideoLAN * $Id$ @@ -158,7 +158,7 @@ static size_t parse_signature_v3_packet( signature_packet_t *p_sig, /* * fill a signature_packet_v4_t from signature packet data - * verify that it was used with a DSA public key, using SHA-1 digest + * verify that it was used with a DSA public key */ static size_t parse_signature_v4_packet( signature_packet_t *p_sig, const uint8_t *p_buf, size_t i_sig_len ) @@ -412,12 +412,12 @@ static int pgp_unarmor( const char *p_ibuf, size_t i_ibuf_len, /* - * Verify an OpenPGP signature made on some SHA-1 hash, with some DSA public key + * Verify an OpenPGP signature made with some DSA public key */ int verify_signature( signature_packet_t *sign, public_key_packet_t *p_key, uint8_t *p_hash ) { - /* the data to be verified (a SHA-1 hash) */ + /* the data to be verified (a hash) */ const char *hash_sexp_s = "(data(flags raw)(value %m))"; /* the public key */ const char *key_sexp_s = "(public-key(dsa(p %m)(q %m)(g %m)(y %m)))"; @@ -668,9 +668,9 @@ static uint8_t *hash_finish( gcry_md_hd_t hd, signature_packet_t *p_sig ) /* - * return a sha1 hash of a text + * return a hash of a text */ -uint8_t *hash_sha1_from_text( const char *psz_string, +uint8_t *hash_from_text( const char *psz_string, signature_packet_t *p_sig ) { gcry_md_hd_t hd; @@ -703,9 +703,9 @@ uint8_t *hash_sha1_from_text( const char *psz_string, /* - * return a sha1 hash of a file + * return a hash of a file */ -uint8_t *hash_sha1_from_file( const char *psz_file, signature_packet_t *p_sig ) +uint8_t *hash_from_file( const char *psz_file, signature_packet_t *p_sig ) { gcry_md_hd_t hd; if( gcry_md_open( &hd, p_sig->digest_algo, 0 ) ) @@ -722,10 +722,10 @@ uint8_t *hash_sha1_from_file( const char *psz_file, signature_packet_t *p_sig ) /* - * Generate a SHA1 hash on a public key, to verify a signature made on that hash + * Generate a hash on a public key, to verify a signature made on that hash * Note that we need the signature (v4) to compute the hash */ -uint8_t *hash_sha1_from_public_key( public_key_t *p_pkey ) +uint8_t *hash_from_public_key( public_key_t *p_pkey ) { if( p_pkey->sig.version != 4 ) return NULL; _______________________________________________ vlc-commits mailing list [email protected] https://mailman.videolan.org/listinfo/vlc-commits
