Mercurial > trustbridge > trustbridge

diff ui/createinstallerdialog.cpp @ 1390:f3e2df6b49ba

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
(issue181) Fix hardcoded values for RSA codesigning key size.
author Andre Heinecke <andre.heinecke@intevation.de>
date Mon, 19 Jan 2015 15:42:20 +0100
parents c8a6a3e6bdeb
children
line wrap: on
line diff
--- a/ui/createinstallerdialog.cpp	Thu Jan 15 16:46:36 2015 +0100
+++ b/ui/createinstallerdialog.cpp	Mon Jan 19 15:42:20 2015 +0100
@@ -7,6 +7,7 @@
  */
 #include "createinstallerdialog.h"
 #include "sslhelp.h"
+#include "pubkey.h"
 
 #include <QDebug>
 #include <QTextEdit>
@@ -524,15 +525,16 @@
         return false;
     }
 
-    /* Check that it is a 3072 bit RSA key as specified */
-    if (!pk.pk_info || pk_get_size(&pk) != 3072 ||
+    /* Check that it is an RSA key that matches the size */
+    if (!pk.pk_info || pk_get_size(&pk) != TRUSTBRIDGE_RSA_CODESIGN_SIZE ||
             pk.pk_info->type != POLARSSL_PK_RSA) {
         if (pk.pk_info) {
             qDebug() << pk.pk_info->type << "type";
         }
         qDebug() << POLARSSL_PK_RSA << "rsa";
         qDebug() << "size " << pk_get_size(&pk);
-        showErrorMessage(tr("Only 3072 bit RSA keys are supported by the current format."));
+        showErrorMessage(tr("Only %1 bit RSA keys are supported by the current format.").arg(
+                    TRUSTBRIDGE_RSA_CODESIGN_SIZE));
         pk_free(&pk);
         return false;
     }
@@ -563,7 +565,7 @@
     const QByteArray signature = rsaSignSHA256Hash(sha256sum(inputContent), &pk);
 
     pk_free(&pk);
-    if (signature.size() != 3072 / 8) {
+    if (signature.size() != TRUSTBRIDGE_RSA_CODESIGN_SIZE / 8) {
         qDebug() << "Signature creation returned signature of invalid size.";
         return false;
     }
http://wald.intevation.org/projects/trustbridge/