Mercurial > trustbridge > trustbridge

comparison ui/createcertlistdialog.cpp @ 1390:f3e2df6b49ba

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
(issue181) Fix hardcoded values for RSA codesigning key size.
author Andre Heinecke <andre.heinecke@intevation.de>
date Mon, 19 Jan 2015 15:42:20 +0100
parents d009da9cfa10
children
comparison
equal deleted inserted replaced
1387:c64b6c56ce96 1390:f3e2df6b49ba
6 * See LICENSE.txt for details. 6 * See LICENSE.txt for details.
7 */ 7 */
8 #include "createcertlistdialog.h" 8 #include "createcertlistdialog.h"
9 #include "sslhelp.h" 9 #include "sslhelp.h"
10 #include "administratorwindow.h" 10 #include "administratorwindow.h"
11
12 #include "pubkey.h"
11 13
12 #include <QDebug> 14 #include <QDebug>
13 #include <QMessageBox> 15 #include <QMessageBox>
14 #include <QDir> 16 #include <QDir>
15 #include <QPushButton> 17 #include <QPushButton>
140 delete mPk; 142 delete mPk;
141 mPk = NULL; 143 mPk = NULL;
142 return; 144 return;
143 } 145 }
144 146
145 /* Check that it is a 3072 bit RSA key as specified */ 147 /* Check that it is a RSA key of the specified size */
146 if (!mPk->pk_info || pk_get_size(mPk) != 3072 || 148 if (!mPk->pk_info || pk_get_size(mPk) != TRUSTBRIDGE_RSA_KEY_SIZE ||
147 mPk->pk_info->type != POLARSSL_PK_RSA) { 149 mPk->pk_info->type != POLARSSL_PK_RSA) {
148 showErrorMessage(tr("Only 3072 bit RSA keys are supported by the current format.")); 150 showErrorMessage(tr("Only %1 bit RSA keys are supported by the current format.").arg(
151 TRUSTBRIDGE_RSA_KEY_SIZE));
149 pk_free(mPk); 152 pk_free(mPk);
150 delete mPk; 153 delete mPk;
151 mPk = NULL; 154 mPk = NULL;
152 return; 155 return;
153 } 156 }
196 foreach (const Certificate& cert, certs) { 199 foreach (const Certificate& cert, certs) {
197 listData.append(cert.base64Line() + "\r\n"); 200 listData.append(cert.base64Line() + "\r\n");
198 } 201 }
199 202
200 QByteArray signature = rsaSignSHA256Hash(sha256sum(listData), pk); 203 QByteArray signature = rsaSignSHA256Hash(sha256sum(listData), pk);
201 if (signature.size() != 3072 / 8) { 204 if (signature.size() != TRUSTBRIDGE_RSA_KEY_SIZE / 8) {
202 qDebug() << "Signature creation returned signature of invalid size."; 205 qDebug() << "Signature creation returned signature of invalid size.";
203 return false; 206 return false;
204 } 207 }
205 listData.prepend("\r\n"); 208 listData.prepend("\r\n");
206 listData.prepend(signature.toBase64()); 209 listData.prepend(signature.toBase64());
http://wald.intevation.org/projects/trustbridge/