From c5576c85c92c464ff3aa53f680ce18d8b51f60ab Mon Sep 17 00:00:00 2001
From: Aqua-sama <aqua@iserlohn-fortress.net>
Date: Fri, 19 Apr 2019 17:27:39 +0300
Subject: Add plugin signature verification policies

---
 src/plugin/pluginloader.cpp | 77 ---------------------------------------------
 src/plugin/pluginloader.h   | 13 --------
 2 files changed, 90 deletions(-)
 delete mode 100644 src/plugin/pluginloader.cpp
 delete mode 100644 src/plugin/pluginloader.h

(limited to 'src/plugin')

diff --git a/src/plugin/pluginloader.cpp b/src/plugin/pluginloader.cpp
deleted file mode 100644
index d1626f2..0000000
--- a/src/plugin/pluginloader.cpp
+++ /dev/null
@@ -1,77 +0,0 @@
-#include "pluginloader.h"
-#include <QFile>
-#include <openssl/evp.h>
-#include <openssl/pem.h>
-#include "publicKey.h"
-#include <spdlog/spdlog.h>
-
-PluginLoader::PluginLoader(const QString &fileName, QObject *parent)
-    : QPluginLoader(fileName, parent)
-{
-}
-
-bool PluginLoader::verify(const char *hashName) const
-{
-    const QString sigName = this->fileName() + ".sig";
-    if(!QFile::exists(sigName)) {
-        spdlog::error("Signature does not exist: {}", qUtf8Printable(sigName));
-        return false;
-    }
-
-    auto *bio = BIO_new_mem_buf(publicKey_pem, publicKey_pem_len);
-    Q_CHECK_PTR(bio);
-
-    auto *key = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
-    Q_CHECK_PTR(key);
-
-    auto *ctx = EVP_MD_CTX_new();
-    Q_CHECK_PTR(ctx);
-
-    const auto *md = EVP_get_digestbyname(hashName);
-    Q_CHECK_PTR(md);
-
-    int rc = EVP_DigestVerifyInit(ctx, NULL, md, NULL, key);
-    if(rc != 1) {
-        spdlog::error("DigestVerifyInit failed: %i", rc);
-        return false;
-    }
-
-    // read plugin into DigestVerifyUpdate
-    QFile plugin(this->fileName());
-    plugin.open(QIODevice::ReadOnly);
-    int len = plugin.size();
-    int read = 0;
-    auto *buf = new unsigned char[1024];
-    while(len > 0) {
-        read = plugin.read((char*) buf, 1024);
-        len -= read;
-
-        rc = EVP_DigestVerifyUpdate(ctx, buf, read);
-        if(rc != 1)
-            spdlog::error("DigestVerifyUpdate failed: %i", rc);
-    }
-    delete buf;
-    plugin.close();
-
-    // read signature into DigestVerifyFinal
-    QFile sigFile(sigName);
-    sigFile.open(QIODevice::ReadOnly);
-    const int sig_len = sigFile.size();
-    const auto* sig = [&sigFile, sig_len]() {
-        auto* buf = new unsigned char[sig_len];
-        sigFile.read((char*) buf, sig_len);
-        return buf;
-    }();
-    sigFile.close();
-
-    rc = EVP_DigestVerifyFinal(ctx, sig, sig_len);
-    delete sig;
-
-    if(rc == 1)
-        return true;
-    else {
-        spdlog::error("DigestVerifyFinal failed: %i", rc);
-        return false;
-    }
-}
-
diff --git a/src/plugin/pluginloader.h b/src/plugin/pluginloader.h
deleted file mode 100644
index 8d186aa..0000000
--- a/src/plugin/pluginloader.h
+++ /dev/null
@@ -1,13 +0,0 @@
-#include <QPluginLoader>
-
-class PluginLoader : public QPluginLoader
-{
-    Q_OBJECT
-
-public:
-    PluginLoader(const QString &fileName, QObject *parent = nullptr);
-    ~PluginLoader() = default;
-
-    bool verify(const char *hashName = "SHA256") const;
-};
-
-- 
cgit v1.2.1