Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/crypto/external/bsd/netpgp/dist Changes to 1.99.16/20100205



details:   https://anonhg.NetBSD.org/src/rev/143edd8d0ce0
branches:  trunk
changeset: 751503:143edd8d0ce0
user:      agc <agc%NetBSD.org@localhost>
date:      Sat Feb 06 02:24:33 2010 +0000

description:
Changes to 1.99.16/20100205

+ minor simplifications to netpgp(1) internally
+ fix a bug in netpgp_verify_file where a non-existent file while listing
  packets would cause a SIGSEGV
+ add duration arg to netpgp(1), and check for validity when verifying
  signatures
+ add birthtime arg to netpgp(1), and check for validity when verifying
  signatures
+ add netpgp commands to print pubkey, if desired
+ allow the passphrase for the signature to be taken from --pass-fd
+ get rid of static indent value when printing packet contents
+ print signature validity times when verifying a file's signature

diffstat:

 crypto/external/bsd/netpgp/dist/TODO                        |   11 +-
 crypto/external/bsd/netpgp/dist/configure                   |   22 +-
 crypto/external/bsd/netpgp/dist/configure.ac                |    6 +-
 crypto/external/bsd/netpgp/dist/include/netpgp.h            |    7 +-
 crypto/external/bsd/netpgp/dist/src/lib/crypto.h            |    2 +-
 crypto/external/bsd/netpgp/dist/src/lib/keyring.c           |   47 +-
 crypto/external/bsd/netpgp/dist/src/lib/keyring.h           |    9 +-
 crypto/external/bsd/netpgp/dist/src/lib/netpgp.c            |  280 +++++-
 crypto/external/bsd/netpgp/dist/src/lib/netpgpsdk.h         |    2 +
 crypto/external/bsd/netpgp/dist/src/lib/openssl_crypto.c    |    8 +-
 crypto/external/bsd/netpgp/dist/src/lib/packet-parse.c      |   23 +-
 crypto/external/bsd/netpgp/dist/src/lib/packet-print.c      |  529 ++++++-----
 crypto/external/bsd/netpgp/dist/src/lib/packet.h            |    8 +-
 crypto/external/bsd/netpgp/dist/src/lib/reader.c            |    4 +-
 crypto/external/bsd/netpgp/dist/src/lib/signature.c         |   62 +-
 crypto/external/bsd/netpgp/dist/src/lib/signature.h         |    9 +-
 crypto/external/bsd/netpgp/dist/src/lib/ssh2pgp.c           |    4 +-
 crypto/external/bsd/netpgp/dist/src/lib/validate.c          |  225 +++-
 crypto/external/bsd/netpgp/dist/src/lib/validate.h          |    5 +
 crypto/external/bsd/netpgp/dist/src/lib/version.h           |    2 +-
 crypto/external/bsd/netpgp/dist/src/netpgp/Makefile         |    8 +-
 crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.1         |   22 +-
 crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.c         |   64 +-
 crypto/external/bsd/netpgp/dist/src/netpgpkeys/netpgpkeys.1 |   11 +-
 crypto/external/bsd/netpgp/dist/src/netpgpkeys/netpgpkeys.c |   11 +-
 crypto/external/bsd/netpgp/dist/src/netpgpverify/Makefile   |    8 +-
 crypto/external/bsd/netpgp/dist/tst                         |   13 +-
 27 files changed, 966 insertions(+), 436 deletions(-)

diffs (truncated from 3060 to 300 lines):

diff -r eca20267fbbd -r 143edd8d0ce0 crypto/external/bsd/netpgp/dist/TODO
--- a/crypto/external/bsd/netpgp/dist/TODO      Sat Feb 06 00:23:30 2010 +0000
+++ b/crypto/external/bsd/netpgp/dist/TODO      Sat Feb 06 02:24:33 2010 +0000
@@ -1,8 +1,12 @@
 To Do
 =====
+calc v4_hashlen
+unarmoured static in packet-print.c and skipping in crypto.c
+display expiry properly
+netpgpagent
 convert to and from ascii armored sigs
 gpgme compat lib
---list-sigs
+--list-sigs - these come out in __ops_check_subkey_sig()
 make netpgpkeys work - add, import, commit, update, sign, passphrase
 return userids from successful verify, and then print id out if required
 is get_passphrase_cb needed?
@@ -75,6 +79,9 @@
 make it work with ssh host keys
 regex matching for names and signatures
 in memory encryption and decryption
-netpgpagent
 ssss
 make netpgp work from stdin/to stdout
+signature duration and expiry
+multisign
+settable from time
+unarmoured static in packet-print.c and skipping in crypto.c
diff -r eca20267fbbd -r 143edd8d0ce0 crypto/external/bsd/netpgp/dist/configure
--- a/crypto/external/bsd/netpgp/dist/configure Sat Feb 06 00:23:30 2010 +0000
+++ b/crypto/external/bsd/netpgp/dist/configure Sat Feb 06 02:24:33 2010 +0000
@@ -1,7 +1,7 @@
 #! /bin/sh
-# From configure.ac Revision: 1.19 .
+# From configure.ac Revision: 1.20 .
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.63 for netpgp 20091221.
+# Generated by GNU Autoconf 2.63 for netpgp 20100205.
 #
 # Report bugs to <Alistair Crooks <agc%netbsd.org@localhost> c0596823>.
 #
@@ -751,8 +751,8 @@
 # Identity of this package.
 PACKAGE_NAME='netpgp'
 PACKAGE_TARNAME='netpgp'
-PACKAGE_VERSION='20091221'
-PACKAGE_STRING='netpgp 20091221'
+PACKAGE_VERSION='20100205'
+PACKAGE_STRING='netpgp 20100205'
 PACKAGE_BUGREPORT='Alistair Crooks <agc%netbsd.org@localhost> c0596823'
 
 ac_unique_file="src/netpgp/netpgp.c"
@@ -1483,7 +1483,7 @@
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures netpgp 20091221 to adapt to many kinds of systems.
+\`configure' configures netpgp 20100205 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1553,7 +1553,7 @@
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of netpgp 20091221:";;
+     short | recursive ) echo "Configuration of netpgp 20100205:";;
    esac
   cat <<\_ACEOF
 
@@ -1660,7 +1660,7 @@
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-netpgp configure 20091221
+netpgp configure 20100205
 generated by GNU Autoconf 2.63
 
 Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
@@ -1674,7 +1674,7 @@
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by netpgp $as_me 20091221, which was
+It was created by netpgp $as_me 20100205, which was
 generated by GNU Autoconf 2.63.  Invocation command line was
 
   $ $0 $@
@@ -2561,7 +2561,7 @@
 
 # Define the identity of the package.
  PACKAGE='netpgp'
- VERSION='20091221'
+ VERSION='20100205'
 
 
 cat >>confdefs.h <<_ACEOF
@@ -22306,7 +22306,7 @@
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by netpgp $as_me 20091221, which was
+This file was extended by netpgp $as_me 20100205, which was
 generated by GNU Autoconf 2.63.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -22369,7 +22369,7 @@
 _ACEOF
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_version="\\
-netpgp config.status 20091221
+netpgp config.status 20100205
 configured by $0, generated by GNU Autoconf 2.63,
   with options \\"`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\"
 
diff -r eca20267fbbd -r 143edd8d0ce0 crypto/external/bsd/netpgp/dist/configure.ac
--- a/crypto/external/bsd/netpgp/dist/configure.ac      Sat Feb 06 00:23:30 2010 +0000
+++ b/crypto/external/bsd/netpgp/dist/configure.ac      Sat Feb 06 02:24:33 2010 +0000
@@ -1,10 +1,10 @@
-# $NetBSD: configure.ac,v 1.20 2009/12/22 06:03:24 agc Exp $
+# $NetBSD: configure.ac,v 1.21 2010/02/06 02:24:33 agc Exp $
 #
 # Process this file with autoconf to produce a configure script.
 
-AC_INIT([netpgp],[20091221],[Alistair Crooks <agc%netbsd.org@localhost> c0596823])
+AC_INIT([netpgp],[20100205],[Alistair Crooks <agc%netbsd.org@localhost> c0596823])
 AC_PREREQ(2.63)
-AC_REVISION([$Revision: 1.20 $])
+AC_REVISION([$Revision: 1.21 $])
 
 AS_SHELL_SANITIZE
 
diff -r eca20267fbbd -r 143edd8d0ce0 crypto/external/bsd/netpgp/dist/include/netpgp.h
--- a/crypto/external/bsd/netpgp/dist/include/netpgp.h  Sat Feb 06 00:23:30 2010 +0000
+++ b/crypto/external/bsd/netpgp/dist/include/netpgp.h  Sat Feb 06 02:24:33 2010 +0000
@@ -73,7 +73,6 @@
 
 /* key management */
 int netpgp_list_keys(netpgp_t *);
-int netpgp_match_list_keys(netpgp_t *, char *);
 int netpgp_find_key(netpgp_t *, char *);
 char *netpgp_get_key(netpgp_t *, const char *);
 int netpgp_export_key(netpgp_t *, char *);
@@ -92,6 +91,12 @@
 int netpgp_encrypt_memory(netpgp_t *, const char *, void *, const size_t, char *, size_t, int);
 int netpgp_decrypt_memory(netpgp_t *, const void *, const size_t, char *, size_t, const int);
 
+/* match and hkp-related functions */
+int netpgp_match_keys(netpgp_t *, char *, const char *, void *);
+int netpgp_match_pubkeys(netpgp_t *, char *, void *);
+
+int netpgp_validate_sigs(netpgp_t *);
+
 __END_DECLS
 
 #endif /* !NETPGP_H_ */
diff -r eca20267fbbd -r 143edd8d0ce0 crypto/external/bsd/netpgp/dist/src/lib/crypto.h
--- a/crypto/external/bsd/netpgp/dist/src/lib/crypto.h  Sat Feb 06 00:23:30 2010 +0000
+++ b/crypto/external/bsd/netpgp/dist/src/lib/crypto.h  Sat Feb 06 02:24:33 2010 +0000
@@ -216,7 +216,7 @@
                                const __ops_dsa_seckey_t *,
                                const __ops_dsa_pubkey_t *);
 
-int openssl_read_pem_seckey(const char *, __ops_key_t *, const char *);
+int openssl_read_pem_seckey(const char *, __ops_key_t *, const char *, int);
 
 /** __ops_reader_t */
 struct __ops_reader_t {
diff -r eca20267fbbd -r 143edd8d0ce0 crypto/external/bsd/netpgp/dist/src/lib/keyring.c
--- a/crypto/external/bsd/netpgp/dist/src/lib/keyring.c Sat Feb 06 00:23:30 2010 +0000
+++ b/crypto/external/bsd/netpgp/dist/src/lib/keyring.c Sat Feb 06 02:24:33 2010 +0000
@@ -57,7 +57,7 @@
 
 #if defined(__NetBSD__)
 __COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: keyring.c,v 1.26 2009/12/14 23:29:56 agc Exp $");
+__RCSID("$NetBSD: keyring.c,v 1.27 2010/02/06 02:24:33 agc Exp $");
 #endif
 
 #ifdef HAVE_FCNTL_H
@@ -219,6 +219,7 @@
 }
 
 typedef struct {
+       FILE                    *passfp;
        const __ops_key_t       *key;
        char                    *passphrase;
        __ops_seckey_t          *seckey;
@@ -242,8 +243,9 @@
                break;
 
        case OPS_GET_PASSPHRASE:
-               (void) __ops_getpassphrase(NULL, pass, sizeof(pass));
+               (void) __ops_getpassphrase(decrypt->passfp, pass, sizeof(pass));
                *content->skey_passphrase.passphrase = strdup(pass);
+               __ops_forget(pass, sizeof(pass));
                return OPS_KEEP_MEMORY;
 
        case OPS_PARSER_ERRCODE:
@@ -297,7 +299,7 @@
 \return secret key
 */
 __ops_seckey_t *
-__ops_decrypt_seckey(const __ops_key_t *key)
+__ops_decrypt_seckey(const __ops_key_t *key, void *passfp)
 {
        __ops_stream_t  *stream;
        const int        printerrors = 1;
@@ -305,6 +307,7 @@
 
        (void) memset(&decrypt, 0x0, sizeof(decrypt));
        decrypt.key = key;
+       decrypt.passfp = passfp;
        stream = __ops_new(sizeof(*stream));
        __ops_keydata_reader_set(stream, key);
        __ops_set_callback(stream, decrypt_cb, &decrypt);
@@ -749,6 +752,17 @@
        keyring->keyc = keyring->keyvsize = 0;
 }
 
+/* simple function to print out a binary keyid */
+void
+__ops_pkeyid(FILE *fp, const unsigned char *keyid, size_t size)
+{
+       size_t  i;
+
+       for (i = 0 ; i < size ; i++) {
+               (void) fprintf(fp, "%02x", keyid[i]);
+       }
+}
+
 /**
    \ingroup HighLevel_KeyringFind
 
@@ -769,18 +783,12 @@
 {
        for ( ; keyring && *from < keyring->keyc; *from += 1) {
                if (__ops_get_debug_level(__FILE__)) {
-                       int     i;
-
                        (void) fprintf(io->errs,
                                "__ops_getkeybyid: keyring keyid ");
-                       for (i = 0 ; i < OPS_KEY_ID_SIZE ; i++) {
-                               (void) fprintf(io->errs, "%02x",
-                                       keyring->keys[*from].key_id[i]);
-                       }
+                       __ops_pkeyid(io->errs, keyring->keys[*from].key_id,
+                               OPS_KEY_ID_SIZE);
                        (void) fprintf(io->errs, ", keyid ");
-                       for (i = 0 ; i < OPS_KEY_ID_SIZE ; i++) {
-                               (void) fprintf(io->errs, "%02x", keyid[i]);
-                       }
+                       __ops_pkeyid(io->errs, keyid, OPS_KEY_ID_SIZE);
                        (void) fprintf(io->errs, "\n");
                }
                if (memcmp(keyring->keys[*from].key_id, keyid,
@@ -1009,3 +1017,18 @@
        key->key.seckey = *seckey;
        return 1;
 }
+
+/* append one keyring to another */
+int
+__ops_append_keyring(__ops_keyring_t *keyring, __ops_keyring_t *newring)
+{
+       unsigned        i;
+
+       for (i = 0 ; i < newring->keyc ; i++) {
+               EXPAND_ARRAY(keyring, key);
+               (void) memcpy(&keyring->keys[keyring->keyc], &newring->keys[i],
+                               sizeof(newring->keys[i]));
+               keyring->keyc += 1;
+       }
+       return 1;
+}
diff -r eca20267fbbd -r 143edd8d0ce0 crypto/external/bsd/netpgp/dist/src/lib/keyring.h
--- a/crypto/external/bsd/netpgp/dist/src/lib/keyring.h Sat Feb 06 00:23:30 2010 +0000
+++ b/crypto/external/bsd/netpgp/dist/src/lib/keyring.h Sat Feb 06 02:24:33 2010 +0000
@@ -88,7 +88,7 @@
 unsigned   __ops_is_key_secret(const __ops_key_t *);
 const __ops_seckey_t *__ops_get_seckey(const __ops_key_t *);
 __ops_seckey_t *__ops_get_writable_seckey(__ops_key_t *);
-__ops_seckey_t *__ops_decrypt_seckey(const __ops_key_t *);
+__ops_seckey_t *__ops_decrypt_seckey(const __ops_key_t *, void *);
 
 unsigned   __ops_keyring_fileread(__ops_keyring_t *, const unsigned,
                                        const char *);
@@ -117,11 +117,16 @@
 
 int __ops_parse_and_accumulate(__ops_keyring_t *, __ops_stream_t *);
 
+void __ops_pkeyid(FILE *, const unsigned char *, size_t);
+
 int __ops_sprint_keydata(const __ops_key_t *, char **, const char *,
                        const __ops_pubkey_t *);
+int __ops_hkp_sprint_keydata(const __ops_key_t *, char **,
+                       const __ops_pubkey_t *);
 void __ops_print_keydata(__ops_io_t *, const __ops_key_t *,
                        const char *, const __ops_pubkey_t *);
 void __ops_print_pubkey(const __ops_pubkey_t *);



Home | Main Index | Thread Index | Old Index