[PATCH] Fix Base 64 signature size calculation

Wald Commits scm-commit at wald.intevation.org
Mon Jan 26 13:17:38 CET 2015


# HG changeset patch
# User Andre Heinecke <andre.heinecke at intevation.de>
# Date 1422274652 -3600
# Node ID a2574a0293222414469ac6fd4daa564559c147f6
# Parent  8d27c6d226cd3a9ab49c010c963c9e3faf2f3cfc
Fix Base 64 signature size calculation.

    If the signature byte size is not equally dividable
    by three the base 64 encoding needs three additional bytes.

    The value is now fixed to avoid such errors in the future.

diff -r 8d27c6d226cd -r a2574a029322 common/binverify.c
--- a/common/binverify.c	Fri Jan 23 15:25:50 2015 +0100
+++ b/common/binverify.c	Mon Jan 26 13:17:32 2015 +0100
@@ -413,7 +413,7 @@
 verify_binary_linux(const char *filename, size_t name_len)
 {
   int ret = -1;
-  const size_t sig_b64_size = TRUSTBRIDGE_RSA_CODESIGN_SIZE / 8 * 4 / 3;
+  const size_t sig_b64_size = TRUSTBRIDGE_RSA_CODESIGN_B64_SIZE;
   char *data = NULL,
         signature_b64[sig_b64_size + 1];
   size_t data_size = 0,
diff -r 8d27c6d226cd -r a2574a029322 common/listutil.c
--- a/common/listutil.c	Fri Jan 23 15:25:50 2015 +0100
+++ b/common/listutil.c	Mon Jan 26 13:17:32 2015 +0100
@@ -125,7 +125,7 @@
 #ifndef TRUSTBRIDGE_RSA_KEY_SIZE
 # error "Key size undefined"
 #endif
-  const size_t sig_b64_size = TRUSTBRIDGE_RSA_KEY_SIZE / 8 * 4 / 3;
+  const size_t sig_b64_size = TRUSTBRIDGE_RSA_B64_SIZE;
   size_t sig_size = TRUSTBRIDGE_RSA_KEY_SIZE / 8;
 
   char signature_b64[sig_b64_size + 1];
@@ -144,7 +144,7 @@
   if (p == 0 || (unsigned int)(p - (data + 2)) != sig_b64_size)
     {
       DEBUGPRINTF("Invalid data. Signature might be too long.\n");
-      DEBUGPRINTF("Should: %u is: %u\n", sig_b64_size, (unsigned int)(p - (data + 2)));
+      DEBUGPRINTF("Should: %u is: %u\n", (unsigned int) sig_b64_size, (unsigned int)(p - (data + 2)));
       return -1;
     }
   strncpy(signature_b64, data + 2, sig_b64_size);
diff -r 8d27c6d226cd -r a2574a029322 common/pubkey-release.h
--- a/common/pubkey-release.h	Fri Jan 23 15:25:50 2015 +0100
+++ b/common/pubkey-release.h	Mon Jan 26 13:17:32 2015 +0100
@@ -12,6 +12,12 @@
 #define TRUSTBRIDGE_RSA_KEY_SIZE 3072
 #define TRUSTBRIDGE_RSA_CODESIGN_SIZE 2048
 
+/** @def the size of the base 64 encoded signature.
+ * The formula for this is modulus / 8 * 4 / 3
+ * +3 if this is not equaly devidable by 3. */
+#define TRUSTBRIDGE_RSA_CODESIGN_B64_SIZE 344
+#define TRUSTBRIDGE_RSA_B64_SIZE 512
+
 static const unsigned char public_key_pem[] =
 "-----BEGIN PUBLIC KEY-----\n"
 "MIIDITANBgkqhkiG9w0BAQEFAAOCAw4AMIIDCQKCAYEArRkubwwOjaXo80+J1P6s\n"
diff -r 8d27c6d226cd -r a2574a029322 common/pubkey-test.h
--- a/common/pubkey-test.h	Fri Jan 23 15:25:50 2015 +0100
+++ b/common/pubkey-test.h	Mon Jan 26 13:17:32 2015 +0100
@@ -12,6 +12,12 @@
 #define TRUSTBRIDGE_RSA_KEY_SIZE 3072
 #define TRUSTBRIDGE_RSA_CODESIGN_SIZE 2048
 
+/** @def the size of the base 64 encoded signature.
+ * The formula for this is modulus / 8 * 4 / 3
+ * +3 if this is not equaly devidable by 3. */
+#define TRUSTBRIDGE_RSA_CODESIGN_B64_SIZE 344
+#define TRUSTBRIDGE_RSA_B64_SIZE 512
+
 /* PEM encoded public key */
 static const unsigned char public_key_pem[] =
 "-----BEGIN PUBLIC KEY-----\n"


More information about the Trustbridge-commits mailing list