VLC  2.1.0-git
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
update.h
Go to the documentation of this file.
1 /*****************************************************************************
2  * update.h: VLC PGP update private API
3  *****************************************************************************
4  * Copyright © 2007-2008 VLC authors and VideoLAN
5  *
6  * Authors: Rafaël Carré <funman@videolanorg>
7  *
8  * This program is free software; you can redistribute it and/or modify it
9  * under the terms of the GNU Lesser General Public License as published by
10  * the Free Software Foundation; either release 2 of the License, or
11  * (at your option) any later release.
12  *
13  * This program is distributed in the hope that it will be useful,
14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16  * GNU Lesser General Public License for more details.
17  *
18  * You should have received a copy of the GNU Lesser General Public License
19  * along with this program; if not, write to the Free Software Foundation,
20  * Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301, USA.
21  *****************************************************************************/
22 
23 /* Go reading the rfc 4880 ! NOW !! */
24 
25 /*
26  * XXX
27  * When PGP-signing a file, we only sign a SHA-1 hash of this file
28  * The DSA key size requires that we use an algorithm which produce
29  * a 160 bits long hash
30  * An alternative is RIPEMD160 , which you can use by giving the option
31  * --digest-algo RIPEMD160 to GnuPG
32  *
33  * As soon as SHA-1 is broken, this method is not secure anymore, because an
34  * attacker could generate a file with the same SHA-1 hash.
35  *
36  * Whenever this happens, we need to use another algorithm / type of key.
37  * XXX
38  */
39 
40 #include <vlc_update.h>
41 #include <vlc_atomic.h>
42 
43 enum /* Public key algorithms */
44 {
45  /* we will only use DSA public keys */
46  PUBLIC_KEY_ALGO_DSA = 0x11
47 };
48 
49 enum /* Digest algorithms */
50 {
51  /* and DSA use SHA-1 digest */
52  DIGEST_ALGO_SHA1 = 0x02
53 };
54 
55 enum /* Packet types */
56 {
57  SIGNATURE_PACKET = 0x02,
58  PUBLIC_KEY_PACKET = 0x06,
59  USER_ID_PACKET = 0x0d
60 };
61 
62 enum /* Signature types */
63 {
64  BINARY_SIGNATURE = 0x00,
65  TEXT_SIGNATURE = 0x01,
66 
67  /* Public keys signatures */
68  GENERIC_KEY_SIGNATURE = 0x10, /* No assumption of verification */
69  PERSONA_KEY_SIGNATURE = 0x11, /* No verification has been made */
70  CASUAL_KEY_SIGNATURE = 0x12, /* Some casual verification */
71  POSITIVE_KEY_SIGNATURE = 0x13 /* Substantial verification */
72 };
73 
74 enum /* Signature subpacket types */
75 {
76  ISSUER_SUBPACKET = 0x10
77 };
78 
79 struct public_key_packet_t
80 { /* a public key packet (DSA/SHA-1) is 418 bytes */
81 
82  uint8_t version; /* we use only version 4 */
83  uint8_t timestamp[4]; /* creation time of the key */
84  uint8_t algo; /* we only use DSA */
85  /* the multi precision integers, with their 2 bytes length header */
86  uint8_t p[2+128];
87  uint8_t q[2+20];
88  uint8_t g[2+128];
89  uint8_t y[2+128];
90 };
91 
92 /* used for public key and file signatures */
93 struct signature_packet_t
94 {
95  uint8_t version; /* 3 or 4 */
96 
97  uint8_t type;
98  uint8_t public_key_algo; /* DSA only */
99  uint8_t digest_algo; /* SHA-1 only */
100 
101  uint8_t hash_verification[2];
102  uint8_t issuer_longid[8];
103 
104  union /* version specific data */
105  {
106  struct
107  {
108  uint8_t hashed_data_len[2]; /* scalar number */
109  uint8_t *hashed_data; /* hashed_data_len bytes */
110  uint8_t unhashed_data_len[2]; /* scalar number */
111  uint8_t *unhashed_data; /* unhashed_data_len bytes */
112  } v4;
113  struct
114  {
115  uint8_t hashed_data_len; /* MUST be 5 */
116  uint8_t timestamp[4]; /* 4 bytes scalar number */
117  } v3;
118  } specific;
119 
120 /* The part below is made of consecutive MPIs, their number and size being
121  * public-key-algorithm dependent.
122  *
123  * Since we use DSA signatures only, there is 2 integers, r & s, made of:
124  * 2 bytes for the integer length (scalar number)
125  * 160 bits (20 bytes) for the integer itself
126  *
127  * Note: the integers may be less than 160 significant bits
128  */
129  uint8_t r[2+20];
130  uint8_t s[2+20];
131 };
132 
133 typedef struct public_key_packet_t public_key_packet_t;
134 typedef struct signature_packet_t signature_packet_t;
135 
136 struct public_key_t
137 {
138  uint8_t longid[8]; /* Long id */
139  uint8_t *psz_username; /* USER ID */
140 
141  public_key_packet_t key; /* Public key packet */
142 
143  signature_packet_t sig; /* Signature packet, by the embedded key */
144 };
145 
146 typedef struct public_key_t public_key_t;
147 
148 /**
149  * Non blocking binary download
150  */
151 typedef struct
152 {
153  VLC_COMMON_MEMBERS
154 
155  vlc_thread_t thread;
156  vlc_atomic_t aborted;
157  update_t *p_update;
158  char *psz_destdir;
159 } update_download_thread_t;
160 
161 /**
162  * Non blocking update availability verification
163  */
164 typedef struct
165 {
166  vlc_thread_t thread;
167 
168  update_t *p_update;
169  void (*pf_callback)( void *, bool );
170  void *p_data;
171 } update_check_thread_t;
172 
173 /**
174  * The update object. Stores (and caches) all information relative to updates
175  */
176 struct update_t
177 {
178  libvlc_int_t *p_libvlc;
179  vlc_mutex_t lock;
180  struct update_release_t release; ///< Release (version)
181  public_key_t *p_pkey;
182  update_download_thread_t *p_download;
183  update_check_thread_t *p_check;
184 };
185 
186 /*
187  * download a public key (the last one) from videolan server, and parse it
188  */
189 public_key_t *
190 download_key(
191  vlc_object_t *p_this, const uint8_t *p_longid,
192  const uint8_t *p_signature_issuer );
193 
194 /*
195  * fill a public_key_t with public key data, including:
196  * * public key packet
197  * * signature packet issued by key which long id is p_sig_issuer
198  * * user id packet
199  */
200 int
201 parse_public_key(
202  const uint8_t *p_key_data, size_t i_key_len, public_key_t *p_key,
203  const uint8_t *p_sig_issuer );
204 
205 /*
206  * Verify an OpenPGP signature made on some SHA-1 hash, with some DSA public key
207  */
208 int
209 verify_signature(
210  uint8_t *p_r, uint8_t *p_s, public_key_packet_t *p_key,
211  uint8_t *p_hash );
212 
213 /*
214  * Download the signature associated to a document or a binary file.
215  * We're given the file's url, we just append ".asc" to it and download
216  */
217 int
218 download_signature(
219  vlc_object_t *p_this, signature_packet_t *p_sig, const char *psz_url );
220 
221 /*
222  * return a sha1 hash of a text
223  */
224 uint8_t *
225 hash_sha1_from_text(
226  const char *psz_text, signature_packet_t *p_sig );
227 
228 /*
229  * return a sha1 hash of a file
230  */
231 uint8_t *
232 hash_sha1_from_file(
233  const char *psz_file, signature_packet_t *p_sig );
234 
235 /*
236  * return a sha1 hash of a public key
237  */
238 uint8_t *
239 hash_sha1_from_public_key( public_key_t *p_pkey );
240 
Generated by   doxygen 1.8.1.2