changeset 1395:a2574a029322

Fix Base 64 signature size calculation. If the signature byte size is not equally dividable by three the base 64 encoding needs three additional bytes. The value is now fixed to avoid such errors in the future.
author Andre Heinecke <andre.heinecke@intevation.de>
date Mon, 26 Jan 2015 13:17:32 +0100
parents 8d27c6d226cd
children 05c62ad0c74f
files common/binverify.c common/listutil.c common/pubkey-release.h common/pubkey-test.h
diffstat 4 files changed, 15 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/common/binverify.c	Fri Jan 23 15:25:50 2015 +0100
+++ b/common/binverify.c	Mon Jan 26 13:17:32 2015 +0100
@@ -413,7 +413,7 @@
 verify_binary_linux(const char *filename, size_t name_len)
 {
   int ret = -1;
-  const size_t sig_b64_size = TRUSTBRIDGE_RSA_CODESIGN_SIZE / 8 * 4 / 3;
+  const size_t sig_b64_size = TRUSTBRIDGE_RSA_CODESIGN_B64_SIZE;
   char *data = NULL,
         signature_b64[sig_b64_size + 1];
   size_t data_size = 0,
--- a/common/listutil.c	Fri Jan 23 15:25:50 2015 +0100
+++ b/common/listutil.c	Mon Jan 26 13:17:32 2015 +0100
@@ -125,7 +125,7 @@
 #ifndef TRUSTBRIDGE_RSA_KEY_SIZE
 # error "Key size undefined"
 #endif
-  const size_t sig_b64_size = TRUSTBRIDGE_RSA_KEY_SIZE / 8 * 4 / 3;
+  const size_t sig_b64_size = TRUSTBRIDGE_RSA_B64_SIZE;
   size_t sig_size = TRUSTBRIDGE_RSA_KEY_SIZE / 8;
 
   char signature_b64[sig_b64_size + 1];
@@ -144,7 +144,7 @@
   if (p == 0 || (unsigned int)(p - (data + 2)) != sig_b64_size)
     {
       DEBUGPRINTF("Invalid data. Signature might be too long.\n");
-      DEBUGPRINTF("Should: %u is: %u\n", sig_b64_size, (unsigned int)(p - (data + 2)));
+      DEBUGPRINTF("Should: %u is: %u\n", (unsigned int) sig_b64_size, (unsigned int)(p - (data + 2)));
       return -1;
     }
   strncpy(signature_b64, data + 2, sig_b64_size);
--- a/common/pubkey-release.h	Fri Jan 23 15:25:50 2015 +0100
+++ b/common/pubkey-release.h	Mon Jan 26 13:17:32 2015 +0100
@@ -12,6 +12,12 @@
 #define TRUSTBRIDGE_RSA_KEY_SIZE 3072
 #define TRUSTBRIDGE_RSA_CODESIGN_SIZE 2048
 
+/** @def the size of the base 64 encoded signature.
+ * The formula for this is modulus / 8 * 4 / 3
+ * +3 if this is not equaly devidable by 3. */
+#define TRUSTBRIDGE_RSA_CODESIGN_B64_SIZE 344
+#define TRUSTBRIDGE_RSA_B64_SIZE 512
+
 static const unsigned char public_key_pem[] =
 "-----BEGIN PUBLIC KEY-----\n"
 "MIIDITANBgkqhkiG9w0BAQEFAAOCAw4AMIIDCQKCAYEArRkubwwOjaXo80+J1P6s\n"
--- a/common/pubkey-test.h	Fri Jan 23 15:25:50 2015 +0100
+++ b/common/pubkey-test.h	Mon Jan 26 13:17:32 2015 +0100
@@ -12,6 +12,12 @@
 #define TRUSTBRIDGE_RSA_KEY_SIZE 3072
 #define TRUSTBRIDGE_RSA_CODESIGN_SIZE 2048
 
+/** @def the size of the base 64 encoded signature.
+ * The formula for this is modulus / 8 * 4 / 3
+ * +3 if this is not equaly devidable by 3. */
+#define TRUSTBRIDGE_RSA_CODESIGN_B64_SIZE 344
+#define TRUSTBRIDGE_RSA_B64_SIZE 512
+
 /* PEM encoded public key */
 static const unsigned char public_key_pem[] =
 "-----BEGIN PUBLIC KEY-----\n"

http://wald.intevation.org/projects/trustbridge/