VLC: src/misc/update.h Source File

Go to the documentation of this file.
00001 /*****************************************************************************
00002  * update.h: VLC PGP update private API
00003  *****************************************************************************
00004  * Copyright © 2007-2008 VLC authors and VideoLAN
00005  *
00006  * Authors: Rafaël Carré <funman@videolanorg>
00007  *
00008  * This program is free software; you can redistribute it and/or modify it
00009  * under the terms of the GNU Lesser General Public License as published by
00010  * the Free Software Foundation; either release 2 of the License, or
00011  * (at your option) any later release.
00012  *
00013  * This program is distributed in the hope that it will be useful,
00014  * but WITHOUT ANY WARRANTY; without even the implied warranty of
00015  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
00016  * GNU Lesser General Public License for more details.
00017  *
00018  * You should have received a copy of the GNU Lesser General Public License
00019  * along with this program; if not, write to the Free Software Foundation,
00020  * Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301, USA.
00021  *****************************************************************************/
00022 
00023 /* Go reading the rfc 4880 ! NOW !! */
00024 
00025 /*
00026  * XXX
00027  *  When PGP-signing a file, we only sign a SHA-1 hash of this file
00028  *  The DSA key size requires that we use an algorithm which produce
00029  *  a 160 bits long hash
00030  *  An alternative is RIPEMD160 , which you can use by giving the option
00031  *      --digest-algo RIPEMD160 to GnuPG
00032  *
00033  *  As soon as SHA-1 is broken, this method is not secure anymore, because an
00034  *  attacker could generate a file with the same SHA-1 hash.
00035  *
00036  *  Whenever this happens, we need to use another algorithm / type of key.
00037  * XXX
00038  */
00039 
00040 #include <vlc_update.h>
00041 
00042 enum    /* Public key algorithms */
00043 {
00044     /* we will only use DSA public keys */
00045     PUBLIC_KEY_ALGO_DSA = 0x11
00046 };
00047 
00048 enum    /* Digest algorithms */
00049 {
00050     /* and DSA use SHA-1 digest */
00051     DIGEST_ALGO_SHA1    = 0x02
00052 };
00053 
00054 enum    /* Packet types */
00055 {
00056     SIGNATURE_PACKET    = 0x02,
00057     PUBLIC_KEY_PACKET   = 0x06,
00058     USER_ID_PACKET      = 0x0d
00059 };
00060 
00061 enum    /* Signature types */
00062 {
00063     BINARY_SIGNATURE        = 0x00,
00064     TEXT_SIGNATURE          = 0x01,
00065 
00066     /* Public keys signatures */
00067     GENERIC_KEY_SIGNATURE   = 0x10, /* No assumption of verification */
00068     PERSONA_KEY_SIGNATURE   = 0x11, /* No verification has been made */
00069     CASUAL_KEY_SIGNATURE    = 0x12, /* Some casual verification */
00070     POSITIVE_KEY_SIGNATURE  = 0x13  /* Substantial verification */
00071 };
00072 
00073 enum    /* Signature subpacket types */
00074 {
00075     ISSUER_SUBPACKET    = 0x10
00076 };
00077 
00078 struct public_key_packet_t
00079 { /* a public key packet (DSA/SHA-1) is 418 bytes */
00080 
00081     uint8_t version;      /* we use only version 4 */
00082     uint8_t timestamp[4]; /* creation time of the key */
00083     uint8_t algo;         /* we only use DSA */
00084     /* the multi precision integers, with their 2 bytes length header */
00085     uint8_t p[2+128];
00086     uint8_t q[2+20];
00087     uint8_t g[2+128];
00088     uint8_t y[2+128];
00089 };
00090 
00091 /* used for public key and file signatures */
00092 struct signature_packet_t
00093 {
00094     uint8_t version; /* 3 or 4 */
00095 
00096     uint8_t type;
00097     uint8_t public_key_algo;    /* DSA only */
00098     uint8_t digest_algo;        /* SHA-1 only */
00099 
00100     uint8_t hash_verification[2];
00101     uint8_t issuer_longid[8];
00102 
00103     union   /* version specific data */
00104     {
00105         struct
00106         {
00107             uint8_t hashed_data_len[2];     /* scalar number */
00108             uint8_t *hashed_data;           /* hashed_data_len bytes */
00109             uint8_t unhashed_data_len[2];   /* scalar number */
00110             uint8_t *unhashed_data;         /* unhashed_data_len bytes */
00111         } v4;
00112         struct
00113         {
00114             uint8_t hashed_data_len;    /* MUST be 5 */
00115             uint8_t timestamp[4];       /* 4 bytes scalar number */
00116         } v3;
00117     } specific;
00118 
00119 /* The part below is made of consecutive MPIs, their number and size being
00120  * public-key-algorithm dependent.
00121  *
00122  * Since we use DSA signatures only, there is 2 integers, r & s, made of:
00123  *      2 bytes for the integer length (scalar number)
00124  *      160 bits (20 bytes) for the integer itself
00125  *
00126  * Note: the integers may be less than 160 significant bits
00127  */
00128     uint8_t r[2+20];
00129     uint8_t s[2+20];
00130 };
00131 
00132 typedef struct public_key_packet_t public_key_packet_t;
00133 typedef struct signature_packet_t signature_packet_t;
00134 
00135 struct public_key_t
00136 {
00137     uint8_t longid[8];       /* Long id */
00138     uint8_t *psz_username;    /* USER ID */
00139 
00140     public_key_packet_t key;       /* Public key packet */
00141 
00142     signature_packet_t sig;     /* Signature packet, by the embedded key */
00143 };
00144 
00145 typedef struct public_key_t public_key_t;
00146 
00147 /**
00148  * Non blocking binary download
00149  */
00150 typedef struct
00151 {
00152     VLC_COMMON_MEMBERS
00153 
00154     vlc_thread_t thread;
00155     update_t *p_update;
00156     char *psz_destdir;
00157 } update_download_thread_t;
00158 
00159 /**
00160  * Non blocking update availability verification
00161  */
00162 typedef struct
00163 {
00164     vlc_thread_t thread;
00165 
00166     update_t *p_update;
00167     void (*pf_callback)( void *, bool );
00168     void *p_data;
00169 } update_check_thread_t;
00170 
00171 /**
00172  * The update object. Stores (and caches) all information relative to updates
00173  */
00174 struct update_t
00175 {
00176     libvlc_int_t *p_libvlc;
00177     vlc_mutex_t lock;
00178     struct update_release_t release;    ///< Release (version)
00179     public_key_t *p_pkey;
00180     update_download_thread_t *p_download;
00181     update_check_thread_t *p_check;
00182 };
00183 
00184 /*
00185  * download a public key (the last one) from videolan server, and parse it
00186  */
00187 public_key_t *
00188 download_key(
00189         vlc_object_t *p_this, const uint8_t *p_longid,
00190         const uint8_t *p_signature_issuer );
00191 
00192 /*
00193  * fill a public_key_t with public key data, including:
00194  *   * public key packet
00195  *   * signature packet issued by key which long id is p_sig_issuer
00196  *   * user id packet
00197  */
00198 int
00199 parse_public_key(
00200         const uint8_t *p_key_data, size_t i_key_len, public_key_t *p_key,
00201         const uint8_t *p_sig_issuer );
00202 
00203 /*
00204  * Verify an OpenPGP signature made on some SHA-1 hash, with some DSA public key
00205  */
00206 int
00207 verify_signature(
00208         uint8_t *p_r, uint8_t *p_s, public_key_packet_t *p_key,
00209         uint8_t *p_hash );
00210 
00211 /*
00212  * Download the signature associated to a document or a binary file.
00213  * We're given the file's url, we just append ".asc" to it and download
00214  */
00215 int
00216 download_signature(
00217         vlc_object_t *p_this, signature_packet_t *p_sig, const char *psz_url );
00218 
00219 /*
00220  * return a sha1 hash of a text
00221  */
00222 uint8_t *
00223 hash_sha1_from_text(
00224         const char *psz_text, signature_packet_t *p_sig );
00225 
00226 /*
00227  * return a sha1 hash of a file
00228  */
00229 uint8_t *
00230 hash_sha1_from_file(
00231         const char *psz_file, signature_packet_t *p_sig );
00232 
00233 /*
00234  * return a sha1 hash of a public key
00235  */
00236 uint8_t *
00237 hash_sha1_from_public_key( public_key_t *p_pkey );
00238