comparison ui/createinstallerdialog.cpp @ 1390:f3e2df6b49ba

(issue181) Fix hardcoded values for RSA codesigning key size.
author Andre Heinecke <andre.heinecke@intevation.de>
date Mon, 19 Jan 2015 15:42:20 +0100
parents c8a6a3e6bdeb
children
comparison
equal deleted inserted replaced
1387:c64b6c56ce96 1390:f3e2df6b49ba
5 * and comes with ABSOLUTELY NO WARRANTY! 5 * and comes with ABSOLUTELY NO WARRANTY!
6 * See LICENSE.txt for details. 6 * See LICENSE.txt for details.
7 */ 7 */
8 #include "createinstallerdialog.h" 8 #include "createinstallerdialog.h"
9 #include "sslhelp.h" 9 #include "sslhelp.h"
10 #include "pubkey.h"
10 11
11 #include <QDebug> 12 #include <QDebug>
12 #include <QTextEdit> 13 #include <QTextEdit>
13 #include <QDir> 14 #include <QDir>
14 #include <QPushButton> 15 #include <QPushButton>
522 .arg(getPolarSSLErrorMsg(ret))); 523 .arg(getPolarSSLErrorMsg(ret)));
523 pk_free(&pk); 524 pk_free(&pk);
524 return false; 525 return false;
525 } 526 }
526 527
527 /* Check that it is a 3072 bit RSA key as specified */ 528 /* Check that it is an RSA key that matches the size */
528 if (!pk.pk_info || pk_get_size(&pk) != 3072 || 529 if (!pk.pk_info || pk_get_size(&pk) != TRUSTBRIDGE_RSA_CODESIGN_SIZE ||
529 pk.pk_info->type != POLARSSL_PK_RSA) { 530 pk.pk_info->type != POLARSSL_PK_RSA) {
530 if (pk.pk_info) { 531 if (pk.pk_info) {
531 qDebug() << pk.pk_info->type << "type"; 532 qDebug() << pk.pk_info->type << "type";
532 } 533 }
533 qDebug() << POLARSSL_PK_RSA << "rsa"; 534 qDebug() << POLARSSL_PK_RSA << "rsa";
534 qDebug() << "size " << pk_get_size(&pk); 535 qDebug() << "size " << pk_get_size(&pk);
535 showErrorMessage(tr("Only 3072 bit RSA keys are supported by the current format.")); 536 showErrorMessage(tr("Only %1 bit RSA keys are supported by the current format.").arg(
537 TRUSTBRIDGE_RSA_CODESIGN_SIZE));
536 pk_free(&pk); 538 pk_free(&pk);
537 return false; 539 return false;
538 } 540 }
539 541
540 if (!inFile.open(QIODevice::ReadOnly)) { 542 if (!inFile.open(QIODevice::ReadOnly)) {
561 } 563 }
562 564
563 const QByteArray signature = rsaSignSHA256Hash(sha256sum(inputContent), &pk); 565 const QByteArray signature = rsaSignSHA256Hash(sha256sum(inputContent), &pk);
564 566
565 pk_free(&pk); 567 pk_free(&pk);
566 if (signature.size() != 3072 / 8) { 568 if (signature.size() != TRUSTBRIDGE_RSA_CODESIGN_SIZE / 8) {
567 qDebug() << "Signature creation returned signature of invalid size."; 569 qDebug() << "Signature creation returned signature of invalid size.";
568 return false; 570 return false;
569 } 571 }
570 572
571 QSaveFile outFile(output); 573 QSaveFile outFile(output);

http://wald.intevation.org/projects/trustbridge/