Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

CHANGES 1.99.6 -> 1.99.7

Browse Source 
+ added to the regression tests
+ get rid of some magic constants, replace with more obvious names
+ zero out the memory used for a passphrase before freeing it in one place
This commit is contained in:
agc 2009-05-28 01:52:42 +00:00
parent 2ae31d0241
commit 393ecd9217
11 changed files with 72 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
crypto/external/bsd/netpgp/dist/TODO vendored
View File

@ -1,6 +1,7 @@
To Do
=====
separate verify program
separate key management program
separate from libcrypto?
64-bit offsets
default compression when signing?

5
crypto/external/bsd/netpgp/dist/src/lib/compress.c vendored
View File

@ -57,7 +57,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
__RCSID("$NetBSD: compress.c,v 1.9 2009/05/16 06:30:38 agc Exp $");
__RCSID("$NetBSD: compress.c,v 1.10 2009/05/28 01:52:43 agc Exp $");
#endif
#ifdef HAVE_ZLIB_H
@ -300,6 +300,7 @@ __ops_decompress(__ops_region_t *region, __ops_parseinfo_t *parse_info,
{
z_decompress_t z;
bz_decompress_t bz;
const int printerrors = 1;
int ret;
switch (type) {
@ -394,7 +395,7 @@ __ops_decompress(__ops_region_t *region, __ops_parseinfo_t *parse_info,
return 0;
}
ret = __ops_parse(parse_info, 0);
ret = __ops_parse(parse_info, !printerrors);
__ops_reader_pop(parse_info);

5
crypto/external/bsd/netpgp/dist/src/lib/crypto.c vendored
View File

@ -54,7 +54,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
__RCSID("$NetBSD: crypto.c,v 1.13 2009/05/25 06:43:32 agc Exp $");
__RCSID("$NetBSD: crypto.c,v 1.14 2009/05/28 01:52:43 agc Exp $");
#endif
#include <sys/types.h>
@ -290,6 +290,7 @@ __ops_decrypt_file(const char *infile,
__ops_cbfunc_t *cb_get_passphrase)
{
__ops_parseinfo_t *parse = NULL;
const int printerrors = 1;
char *filename = NULL;
int fd_in = 0;
int fd_out = 0;
@ -353,7 +354,7 @@ __ops_decrypt_file(const char *infile,
}
/* Do it */
__ops_parse(parse, 1);
__ops_parse(parse, printerrors);
/* Unsetup */
if (use_armour) {

86
crypto/external/bsd/netpgp/dist/src/lib/keyring.c vendored
View File

@ -57,7 +57,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
__RCSID("$NetBSD: keyring.c,v 1.13 2009/05/27 00:38:27 agc Exp $");
__RCSID("$NetBSD: keyring.c,v 1.14 2009/05/28 01:52:43 agc Exp $");
#endif
#ifdef HAVE_FCNTL_H
@ -218,7 +218,7 @@ __ops_seckey_forget(__ops_seckey_t *seckey)
typedef struct {
const __ops_keydata_t *key;
char *pphrase;
char *passphrase;
__ops_seckey_t *seckey;
} decrypt_t;
@ -229,7 +229,6 @@ decrypt_cb(const __ops_packet_t *pkt, __ops_callback_data_t *cbinfo)
decrypt_t *decrypt;
decrypt = __ops_parse_cb_get_arg(cbinfo);
switch (pkt->tag) {
case OPS_PARSER_PTAG:
case OPS_PTAG_CT_USER_ID:
@ -240,7 +239,7 @@ decrypt_cb(const __ops_packet_t *pkt, __ops_callback_data_t *cbinfo)
break;
case OPS_GET_PASSPHRASE:
*content->skey_passphrase.passphrase = decrypt->pphrase;
*content->skey_passphrase.passphrase = decrypt->passphrase;
return OPS_KEEP_MEMORY;
case OPS_PARSER_ERRCODE:
@ -287,27 +286,26 @@ decrypt_cb(const __ops_packet_t *pkt, __ops_callback_data_t *cbinfo)
\ingroup Core_Keys
\brief Decrypts secret key from given keydata with given passphrase
\param key Key from which to get secret key
\param pphrase Passphrase to use to decrypt secret key
\param passphrase Passphrase to use to decrypt secret key
\return secret key
*/
__ops_seckey_t *
__ops_decrypt_seckey(const __ops_keydata_t *key, const char *pphrase)
__ops_decrypt_seckey(const __ops_keydata_t *key, const char *passphrase)
{
__ops_parseinfo_t *pinfo;
decrypt_t decrypt;
__ops_parseinfo_t *parse;
const int printerrors = 1;
decrypt_t decrypt;
(void) memset(&decrypt, 0x0, sizeof(decrypt));
decrypt.key = key;
decrypt.pphrase = strdup(pphrase);
pinfo = __ops_parseinfo_new();
__ops_keydata_reader_set(pinfo, key);
__ops_set_callback(pinfo, decrypt_cb, &decrypt);
pinfo->readinfo.accumulate = 1;
__ops_parse(pinfo, 0);
decrypt.passphrase = strdup(passphrase);
parse = __ops_parseinfo_new();
__ops_keydata_reader_set(parse, key);
__ops_set_callback(parse, decrypt_cb, &decrypt);
parse->readinfo.accumulate = 1;
__ops_parse(parse, !printerrors);
(void) memset(decrypt.passphrase, 0x0, strlen(decrypt.passphrase));
(void) free(decrypt.passphrase);
return decrypt.seckey;
}
@ -632,11 +630,11 @@ __ops_keyring_fileread(__ops_keyring_t *keyring,
const unsigned armour,
const char *filename)
{
__ops_parseinfo_t *pinfo;
__ops_parseinfo_t *parse;
unsigned res = 1;
int fd;
pinfo = __ops_parseinfo_new();
parse = __ops_parseinfo_new();
/* add this for the moment, */
/*
@ -644,8 +642,8 @@ __ops_keyring_fileread(__ops_keyring_t *keyring,
* later
*/
/* __ops_parse_options(pinfo,OPS_PTAG_SS_ALL,OPS_PARSE_RAW); */
__ops_parse_options(pinfo, OPS_PTAG_SS_ALL, OPS_PARSE_PARSED);
/* __ops_parse_options(parse,OPS_PTAG_SS_ALL,OPS_PARSE_RAW); */
__ops_parse_options(parse, OPS_PTAG_SS_ALL, OPS_PARSE_PARSED);
#ifdef O_BINARY
fd = open(filename, O_RDONLY | O_BINARY);
@ -653,34 +651,34 @@ __ops_keyring_fileread(__ops_keyring_t *keyring,
fd = open(filename, O_RDONLY);
#endif
if (fd < 0) {
__ops_parseinfo_delete(pinfo);
__ops_parseinfo_delete(parse);
perror(filename);
return 0;
}
#ifdef USE_MMAP_FOR_FILES
__ops_reader_set_mmap(pinfo, fd);
__ops_reader_set_mmap(parse, fd);
#else
__ops_reader_set_fd(pinfo, fd);
__ops_reader_set_fd(parse, fd);
#endif
__ops_set_callback(pinfo, cb_keyring_read, NULL);
__ops_set_callback(parse, cb_keyring_read, NULL);
if (armour) {
__ops_reader_push_dearmour(pinfo);
__ops_reader_push_dearmour(parse);
}
if (__ops_parse_and_accumulate(keyring, pinfo) == 0) {
if (__ops_parse_and_accumulate(keyring, parse) == 0) {
res = 0;
} else {
res = 1;
}
__ops_print_errors(__ops_parseinfo_get_errors(pinfo));
__ops_print_errors(__ops_parseinfo_get_errors(parse));
if (armour)
__ops_reader_pop_dearmour(pinfo);
__ops_reader_pop_dearmour(parse);
close(fd);
__ops_parseinfo_delete(pinfo);
__ops_parseinfo_delete(parse);
return res;
}
@ -713,27 +711,23 @@ __ops_keyring_read_from_mem(__ops_keyring_t *keyring,
const unsigned armour,
__ops_memory_t *mem)
{
__ops_parseinfo_t *pinfo = NULL;
__ops_parseinfo_t *parse = NULL;
const unsigned noaccum = 0;
unsigned res = 1;
pinfo = __ops_parseinfo_new();
__ops_parse_options(pinfo, OPS_PTAG_SS_ALL, OPS_PARSE_PARSED);
__ops_setup_memory_read(&pinfo, mem, NULL, cb_keyring_read, 0);
parse = __ops_parseinfo_new();
__ops_parse_options(parse, OPS_PTAG_SS_ALL, OPS_PARSE_PARSED);
__ops_setup_memory_read(&parse, mem, NULL, cb_keyring_read, noaccum);
if (armour) {
__ops_reader_push_dearmour(pinfo);
__ops_reader_push_dearmour(parse);
}
res = __ops_parse_and_accumulate(keyring, pinfo);
__ops_print_errors(__ops_parseinfo_get_errors(pinfo));
res = __ops_parse_and_accumulate(keyring, parse);
__ops_print_errors(__ops_parseinfo_get_errors(parse));
if (armour) {
__ops_reader_pop_dearmour(pinfo);
__ops_reader_pop_dearmour(parse);
}
/* don't call teardown_memory_read because memory was passed in */
__ops_parseinfo_delete(pinfo);
__ops_parseinfo_delete(parse);
return res;
}
@ -749,7 +743,7 @@ __ops_keyring_read_from_mem(__ops_keyring_t *keyring,
void
__ops_keyring_free(__ops_keyring_t *keyring)
{
free(keyring->keys);
(void)free(keyring->keys);
keyring->keys = NULL;
keyring->nkeys = 0;
keyring->nkeys_allocated = 0;

5
crypto/external/bsd/netpgp/dist/src/lib/misc.c vendored
View File

@ -57,7 +57,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
__RCSID("$NetBSD: misc.c,v 1.13 2009/05/27 00:38:27 agc Exp $");
__RCSID("$NetBSD: misc.c,v 1.14 2009/05/28 01:52:43 agc Exp $");
#endif
#include <sys/types.h>
@ -194,6 +194,7 @@ int
__ops_parse_and_accumulate(__ops_keyring_t *keyring, __ops_parseinfo_t *parse)
{
accumulate_t accumulate;
const int printerrors = 1;
int ret;
if (parse->readinfo.accumulate) {
@ -210,7 +211,7 @@ __ops_parse_and_accumulate(__ops_keyring_t *keyring, __ops_parseinfo_t *parse)
__ops_parse_cb_push(parse, accumulate_cb, &accumulate);
parse->readinfo.accumulate = 1;
ret = __ops_parse(parse, 0);
ret = __ops_parse(parse, !printerrors);
keyring->nkeys += 1;

8
crypto/external/bsd/netpgp/dist/src/lib/packet-parse.c vendored
View File

@ -58,7 +58,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
__RCSID("$NetBSD: packet-parse.c,v 1.16 2009/05/27 00:38:27 agc Exp $");
__RCSID("$NetBSD: packet-parse.c,v 1.17 2009/05/28 01:52:43 agc Exp $");
#endif
#ifdef HAVE_OPENSSL_CAST_H
@ -2930,6 +2930,7 @@ __ops_decrypt_se_data(__ops_content_tag_t tag, __ops_region_t *region,
__ops_parseinfo_t *pinfo)
{
__ops_crypt_t *decrypt = __ops_parse_get_decrypt(pinfo);
const int printerrors = 1;
int r = 1;
if (decrypt) {
@ -2960,7 +2961,7 @@ __ops_decrypt_se_data(__ops_content_tag_t tag, __ops_region_t *region,
decrypt->block_encrypt(decrypt, decrypt->civ,
decrypt->civ);
}
r = __ops_parse(pinfo, 0);
r = __ops_parse(pinfo, !printerrors);
__ops_reader_pop_decrypt(pinfo);
} else {
@ -2990,13 +2991,14 @@ __ops_decrypt_se_ip_data(__ops_content_tag_t tag, __ops_region_t *region,
__ops_parseinfo_t *pinfo)
{
__ops_crypt_t *decrypt = __ops_parse_get_decrypt(pinfo);
const int printerrors = 1;
int r = 1;
if (decrypt) {
__ops_reader_push_decrypt(pinfo, decrypt, region);
__ops_reader_push_se_ip_data(pinfo, decrypt, region);
r = __ops_parse(pinfo, 0);
r = __ops_parse(pinfo, !printerrors);
__ops_reader_pop_se_ip_data(pinfo);
__ops_reader_pop_decrypt(pinfo);

5
crypto/external/bsd/netpgp/dist/src/lib/packet-print.c vendored
View File

@ -58,7 +58,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
__RCSID("$NetBSD: packet-print.c,v 1.14 2009/05/27 00:38:27 agc Exp $");
__RCSID("$NetBSD: packet-print.c,v 1.15 2009/05/28 01:52:43 agc Exp $");
#endif
#include <string.h>
@ -1191,6 +1191,7 @@ __ops_list_packets(char *filename,
{
__ops_parseinfo_t *pinfo = NULL;
const unsigned accumulate = 1;
const int printerrors = 1;
int fd = 0;
fd = __ops_setup_file_read(&pinfo, filename, NULL, cb_list_packets,
@ -1201,7 +1202,7 @@ __ops_list_packets(char *filename,
if (armour) {
__ops_reader_push_dearmour(pinfo);
}
__ops_parse(pinfo, 1);
__ops_parse(pinfo, printerrors);
__ops_teardown_file_read(pinfo, fd);
return 1;
}

6
crypto/external/bsd/netpgp/dist/src/lib/reader.c vendored
View File

@ -54,7 +54,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
__RCSID("$NetBSD: reader.c,v 1.15 2009/05/27 00:38:27 agc Exp $");
__RCSID("$NetBSD: reader.c,v 1.16 2009/05/28 01:52:43 agc Exp $");
#endif
#include <sys/types.h>
@ -1607,9 +1607,9 @@ se_ip_data_reader(void *dest_, size_t len, __ops_error_t **errors,
fprintf(stderr, "\n");
}
__ops_calc_mdc_hash(preamble, sz_preamble, plaintext,
sz_plaintext, &hashed[0]);
sz_plaintext, hashed);
if (memcmp(mdc_hash, hashed, OPS_SHA1_HASH_SIZE)) {
if (memcmp(mdc_hash, hashed, OPS_SHA1_HASH_SIZE) != 0) {
OPS_ERROR(errors, OPS_E_V_BAD_HASH,
"Bad hash in MDC packet");
(void) free(buf);

5
crypto/external/bsd/netpgp/dist/src/lib/signature.c vendored
View File

@ -57,7 +57,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
__RCSID("$NetBSD: signature.c,v 1.16 2009/05/27 00:38:27 agc Exp $");
__RCSID("$NetBSD: signature.c,v 1.17 2009/05/28 01:52:43 agc Exp $");
#endif
#include <sys/types.h>
@ -363,9 +363,10 @@ static void
hash_add_key(__ops_hash_t *hash, const __ops_pubkey_t *key)
{
__ops_memory_t *mem = __ops_memory_new();
const unsigned dontmakepacket = 0;
size_t len;
__ops_build_pubkey(mem, key, 0);
__ops_build_pubkey(mem, key, dontmakepacket);
len = __ops_mem_len(mem);
__ops_hash_add_int(hash, 0x99, 1);
__ops_hash_add_int(hash, len, 2);

11
crypto/external/bsd/netpgp/dist/src/lib/validate.c vendored
View File

@ -54,7 +54,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
__RCSID("$NetBSD: validate.c,v 1.15 2009/05/27 00:38:27 agc Exp $");
__RCSID("$NetBSD: validate.c,v 1.16 2009/05/28 01:52:43 agc Exp $");
#endif
#include <sys/types.h>
@ -542,6 +542,7 @@ __ops_validate_key_sigs(__ops_validation_t *result,
{
__ops_parseinfo_t *pinfo;
validate_key_cb_t keysigs;
const int printerrors = 1;
(void) memset(&keysigs, 0x0, sizeof(keysigs));
keysigs.result = result;
@ -560,7 +561,7 @@ __ops_validate_key_sigs(__ops_validation_t *result,
/* is never used. */
keysigs.reader = pinfo->readinfo.arg;
__ops_parse(pinfo, 0);
__ops_parse(pinfo, !printerrors);
__ops_pubkey_free(&keysigs.pubkey);
if (keysigs.subkey.version) {
@ -646,6 +647,7 @@ __ops_validate_file(__ops_validation_t *result,
validate_data_cb_t validation;
__ops_parseinfo_t *parse = NULL;
struct stat st;
const int printerrors = 1;
unsigned ret;
int64_t sigsize;
char origfile[MAXPATHLEN];
@ -695,7 +697,7 @@ __ops_validate_file(__ops_validation_t *result,
}
/* Do the verification */
__ops_parse(parse, 0);
__ops_parse(parse, !printerrors);
/* Tidy up */
if (armoured) {
@ -765,6 +767,7 @@ __ops_validate_mem(__ops_validation_t *result,
{
validate_data_cb_t validation;
__ops_parseinfo_t *pinfo = NULL;
const int printerrors = 1;
__ops_setup_memory_read(&pinfo, mem, &validation, validate_data_cb, 1);
@ -783,7 +786,7 @@ __ops_validate_mem(__ops_validation_t *result,
}
/* Do the verification */
__ops_parse(pinfo, 0);
__ops_parse(pinfo, !printerrors);
/* Tidy up */
if (armoured) {

2
crypto/external/bsd/netpgp/dist/src/lib/version.h vendored
View File

@ -58,7 +58,7 @@
#endif
/* development versions have .99 suffix */
#define NETPGP_BASE_VERSION "1.99.6"
#define NETPGP_BASE_VERSION "1.99.7"
#define NETPGP_VERSION_CAT(a, b) "NetPGP portable " a "/[" b "]"
#define NETPGP_VERSION_STRING \