aboutsummaryrefslogtreecommitdiff
path: root/src/plugin/pluginloader.cpp
diff options
context:
space:
mode:
authorAqua-sama <aqua@iserlohn-fortress.net>2019-04-19 17:27:39 +0300
committerAqua-sama <aqua@iserlohn-fortress.net>2019-04-19 17:27:39 +0300
commitc5576c85c92c464ff3aa53f680ce18d8b51f60ab (patch)
tree042c50df8fc1b9bb9a08656ca7200fa3af5b1086 /src/plugin/pluginloader.cpp
parentUse scdoc to generate manpages (diff)
downloadsmolbote-c5576c85c92c464ff3aa53f680ce18d8b51f60ab.tar.xz
Add plugin signature verification policies
Diffstat (limited to 'src/plugin/pluginloader.cpp')
-rw-r--r--src/plugin/pluginloader.cpp77
1 files changed, 0 insertions, 77 deletions
diff --git a/src/plugin/pluginloader.cpp b/src/plugin/pluginloader.cpp
deleted file mode 100644
index d1626f2..0000000
--- a/src/plugin/pluginloader.cpp
+++ /dev/null
@@ -1,77 +0,0 @@
-#include "pluginloader.h"
-#include <QFile>
-#include <openssl/evp.h>
-#include <openssl/pem.h>
-#include "publicKey.h"
-#include <spdlog/spdlog.h>
-
-PluginLoader::PluginLoader(const QString &fileName, QObject *parent)
- : QPluginLoader(fileName, parent)
-{
-}
-
-bool PluginLoader::verify(const char *hashName) const
-{
- const QString sigName = this->fileName() + ".sig";
- if(!QFile::exists(sigName)) {
- spdlog::error("Signature does not exist: {}", qUtf8Printable(sigName));
- return false;
- }
-
- auto *bio = BIO_new_mem_buf(publicKey_pem, publicKey_pem_len);
- Q_CHECK_PTR(bio);
-
- auto *key = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
- Q_CHECK_PTR(key);
-
- auto *ctx = EVP_MD_CTX_new();
- Q_CHECK_PTR(ctx);
-
- const auto *md = EVP_get_digestbyname(hashName);
- Q_CHECK_PTR(md);
-
- int rc = EVP_DigestVerifyInit(ctx, NULL, md, NULL, key);
- if(rc != 1) {
- spdlog::error("DigestVerifyInit failed: %i", rc);
- return false;
- }
-
- // read plugin into DigestVerifyUpdate
- QFile plugin(this->fileName());
- plugin.open(QIODevice::ReadOnly);
- int len = plugin.size();
- int read = 0;
- auto *buf = new unsigned char[1024];
- while(len > 0) {
- read = plugin.read((char*) buf, 1024);
- len -= read;
-
- rc = EVP_DigestVerifyUpdate(ctx, buf, read);
- if(rc != 1)
- spdlog::error("DigestVerifyUpdate failed: %i", rc);
- }
- delete buf;
- plugin.close();
-
- // read signature into DigestVerifyFinal
- QFile sigFile(sigName);
- sigFile.open(QIODevice::ReadOnly);
- const int sig_len = sigFile.size();
- const auto* sig = [&sigFile, sig_len]() {
- auto* buf = new unsigned char[sig_len];
- sigFile.read((char*) buf, sig_len);
- return buf;
- }();
- sigFile.close();
-
- rc = EVP_DigestVerifyFinal(ctx, sig, sig_len);
- delete sig;
-
- if(rc == 1)
- return true;
- else {
- spdlog::error("DigestVerifyFinal failed: %i", rc);
- return false;
- }
-}
-