diff options
| author | Carl Hetherington <cth@carlh.net> | 2025-10-28 23:10:45 +0100 |
|---|---|---|
| committer | Carl Hetherington <cth@carlh.net> | 2025-10-28 23:13:32 +0100 |
| commit | e134af0bdfcd5197ea236f835dece0521ebf6b2e (patch) | |
| tree | 2b33de7f034bcf669a568d84bf97a646041ef1b2 | |
| parent | 27b1be571e188b0f5f2d006f5d7cf1349695a9fa (diff) | |
Fix decryption import code to work with PKCS1 and PKCS8 formats.
PKCS1 uses
BEGIN RSA PRIVATE KEY
but PKCS8 has only
BEGIN PRIVATE KEY
| -rw-r--r-- | src/lib/export_decryption_settings.cc | 4 | ||||
| m--------- | test/data | 0 | ||||
| -rw-r--r-- | test/export_decryption_settings_test.cc | 41 | ||||
| -rw-r--r-- | test/wscript | 1 |
4 files changed, 44 insertions, 2 deletions
diff --git a/src/lib/export_decryption_settings.cc b/src/lib/export_decryption_settings.cc index 1ba791251..13c6bda28 100644 --- a/src/lib/export_decryption_settings.cc +++ b/src/lib/export_decryption_settings.cc @@ -65,10 +65,10 @@ import_decryption_chain_and_key(boost::filesystem::path const& path) } current += buffer; - if (strncmp(buffer, "-----END CERTIFICATE-----", 25) == 0) { + if (current.find("-----END CERTIFICATE-----") != string::npos) { new_chain->add(dcp::Certificate(current)); current = ""; - } else if (strncmp(buffer, "-----END RSA PRIVATE KEY-----", 29) == 0) { + } else if (current.find("-----END") != string::npos && current.find("PRIVATE KEY-----", 29) != string::npos) { new_chain->set_key(current); current = ""; } diff --git a/test/data b/test/data -Subproject 67e713cb1b06dede9cd0e972c6e1a0202b6a835 +Subproject 024cb24f49525e0cc172d4e91d75e0c4d81ef6e diff --git a/test/export_decryption_settings_test.cc b/test/export_decryption_settings_test.cc new file mode 100644 index 000000000..b7b685827 --- /dev/null +++ b/test/export_decryption_settings_test.cc @@ -0,0 +1,41 @@ +/* + Copyright (C) 2025 Carl Hetherington <cth@carlh.net> + + This file is part of DCP-o-matic. + + DCP-o-matic is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + DCP-o-matic is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with DCP-o-matic. If not, see <http://www.gnu.org/licenses/>. + +*/ + + +#include "lib/config.h" +#include "lib/export_decryption_settings.h" +#include <boost/test/unit_test.hpp> + + +BOOST_AUTO_TEST_CASE(test_export_decryption_settings) +{ + export_decryption_chain_and_key(Config::instance()->decryption_chain(), "build/test/foo.dom"); + auto test = import_decryption_chain_and_key("build/test/foo.dom"); + + BOOST_REQUIRE(Config::instance()->decryption_chain()->root_to_leaf() == test->root_to_leaf()); + BOOST_REQUIRE(Config::instance()->decryption_chain()->key() == test->key()); +} + + +BOOST_AUTO_TEST_CASE(test_import_pkcs8_settings) +{ + BOOST_CHECK(import_decryption_chain_and_key("test/data/pkcs8_state.dom")); +} + diff --git a/test/wscript b/test/wscript index 50c86751f..1390beebb 100644 --- a/test/wscript +++ b/test/wscript @@ -90,6 +90,7 @@ def build(bld): empty_test.cc encode_cli_test.cc encryption_test.cc + export_decryption_settings_test.cc file_extension_test.cc ffmpeg_audio_only_test.cc ffmpeg_audio_test.cc |