Sync the src version of netpgpverify with the version in pkgsrc
> ---------------------------- > revision 1.10 > date: 2015-02-04 16:58:02 -0800; author: agc; state: Exp; lines: +1 -0; commitid: 0v3HoBPFTnhDSK8y; > appease compiler warning police - initialise a variable in case it's otherwise > "used uninitialised". ride previous version bump. > ---------------------------- > revision 1.9 > date: 2015-02-04 16:21:57 -0800; author: agc; state: Exp; lines: +48 -21; commitid: ElUADrlljB46GK8y; > Update netpgpverify (and libnetpgpverify) to version 20150205 > > + recognise signatures made by subkeys as well as by primary keys > > + print out the relevant key which signed the file, even if it's > a subkey and not the primary key itself. > > + keep the same API as before > > with many thanks to Jonathan Perkin > ---------------------------- > revision 1.8 > date: 2015-02-03 13:34:57 -0800; author: agc; state: Exp; lines: +1 -3; commitid: 6qTclEbv7hmZMB8y; > Update netpgpverify, and libnetpgpverify, to 20150204 > > + dump the huge output in testing script to /dev/null so that we can > see what's happening with the other tests in testit.sh > > + fix from jperkin@, don't try to be clever when selecting the only > key id in a keyring > > + add a test for single key (non-ssh) pubring > ---------------------------- > revision 1.7 > date: 2015-02-03 13:13:17 -0800; author: agc; state: Exp; lines: +3 -0; commitid: ztXbqAi9ocXGFB8y; > Update netpgpverify, and libnetpgpverify, to 20150203 > > + portability fixes to make netpgpverify build on freebsd 10.1 with WARNS=5 > > + fixed an oversight in the testit.sh script
This commit is contained in:
parent
a203ea21a9
commit
530ddfcba7
BIN
crypto/external/bsd/netpgp/dist/src/netpgpverify/1keypubring.gpg
vendored
Normal file
BIN
crypto/external/bsd/netpgp/dist/src/netpgpverify/1keypubring.gpg
vendored
Normal file
Binary file not shown.
BIN
crypto/external/bsd/netpgp/dist/src/netpgpverify/1keysecring.gpg
vendored
Normal file
BIN
crypto/external/bsd/netpgp/dist/src/netpgpverify/1keysecring.gpg
vendored
Normal file
Binary file not shown.
86
crypto/external/bsd/netpgp/dist/src/netpgpverify/1keytest.gpg.uu
vendored
Normal file
86
crypto/external/bsd/netpgp/dist/src/netpgpverify/1keytest.gpg.uu
vendored
Normal file
@ -0,0 +1,86 @@
|
||||
begin 644 1keytest.gpg
|
||||
MQ`T#``@!;&)E`*V%)+`!R\N08@``````+RH@)$YE=$)31#H@9&5F<RYH+'8@
|
||||
M,2XQ(#(P,30O,#(O,#0@,#(Z,3$Z,3@@86=C($5X<"`D("HO"@HO*BT*("H@
|
||||
M0V]P>7)I9VAT("AC*2`R,#`Y(%1H92!.971"4T0@1F]U;F1A=&EO;BP@26YC
|
||||
M+@H@*B!!;&P@<FEG:'1S(')E<V5R=F5D+@H@*@H@*B!4:&ES(&-O9&4@:7,@
|
||||
M9&5R:79E9"!F<F]M('-O9G1W87)E(&-O;G1R:6)U=&5D('1O(%1H92!.971"
|
||||
M4T0@1F]U;F1A=&EO;@H@*B!B>2!!;&ES=&%I<B!#<F]O:W,@*&%G8T!.971"
|
||||
M4T0N;W)G*0H@*@H@*B!2961I<W1R:6)U=&EO;B!A;F0@=7-E(&EN('-O=7)C
|
||||
M92!A;F0@8FEN87)Y(&9O<FUS+"!W:71H(&]R('=I=&AO=70*("H@;6]D:69I
|
||||
M8V%T:6]N+"!A<F4@<&5R;6ET=&5D('!R;W9I9&5D('1H870@=&AE(&9O;&QO
|
||||
M=VEN9R!C;VYD:71I;VYS"B`J(&%R92!M970Z"B`J(#$N(%)E9&ES=')I8G5T
|
||||
M:6]N<R!O9B!S;W5R8V4@8V]D92!M=7-T(')E=&%I;B!T:&4@86)O=F4@8V]P
|
||||
M>7)I9VAT"B`J("`@(&YO=&EC92P@=&AI<R!L:7-T(&]F(&-O;F1I=&EO;G,@
|
||||
M86YD('1H92!F;VQL;W=I;F<@9&ES8VQA:6UE<BX*("H@,BX@4F5D:7-T<FEB
|
||||
M=71I;VYS(&EN(&)I;F%R>2!F;W)M(&UU<W0@<F5P<F]D=6-E('1H92!A8F]V
|
||||
M92!C;W!Y<FEG:'0*("H@("`@;F]T:6-E+"!T:&ES(&QI<W0@;V8@8V]N9&ET
|
||||
M:6]N<R!A;F0@=&AE(&9O;&QO=VEN9R!D:7-C;&%I;65R(&EN('1H90H@*B`@
|
||||
M("!D;V-U;65N=&%T:6]N(&%N9"]O<B!O=&AE<B!M871E<FEA;',@<')O=FED
|
||||
M960@=VET:"!T:&4@9&ES=')I8G5T:6]N+@H@*@H@*B!42$E3(%-/1E1705)%
|
||||
M($E3(%!23U9)1$5$($)9(%1(12!.151"4T0@1D]53D1!5$E/3BP@24Y#+B!!
|
||||
M3D0@0T].5%))0E543U)3"B`J(&!@05,@25,G)R!!3D0@04Y9($584%)%4U,@
|
||||
M3U(@24U03$E%1"!705)204Y42453+"!)3D-,541)3D<L($)55"!.3U0@3$E-
|
||||
M251%1`H@*B!43RP@5$A%($E-4$Q)140@5T%24D%.5$E%4R!/1B!-15)#2$%.
|
||||
M5$%"24Q)5%D@04Y$($9)5$Y%4U,@1D]2($$@4$%25$E#54Q!4@H@*B!055)0
|
||||
M3U-%($%212!$25-#3$%)345$+B`@24X@3D\@159%3E0@4TA!3$P@5$A%($9/
|
||||
M54Y$051)3TX@3U(@0T].5%))0E543U)3"B`J($)%($Q)04),12!&3U(@04Y9
|
||||
M($1)4D5#5"P@24Y$25)%0U0L($E.0TE$14Y404PL(%-014-)04PL($5814U0
|
||||
M3$%262P@3U(*("H@0T].4T51545.5$E!3"!$04U!1T53("A)3D-,541)3D<L
|
||||
M($)55"!.3U0@3$E-251%1"!43RP@4%)/0U5214U%3E0@3T8*("H@4U5"4U1)
|
||||
M5%5412!'3T]$4R!/4B!315)624-%4SL@3$]34R!/1B!54T4L($1!5$$L($]2
|
||||
M(%!23T9)5%,[($]2($)54TE.15-3"B`J($E.5$524E505$E/3BD@2$]7159%
|
||||
M4B!#0553140@04Y$($].($%.62!42$5/4ED@3T8@3$E!0DE,2519+"!72$54
|
||||
M2$52($E."B`J($-/3E1204-4+"!35%))0U0@3$E!0DE,2519+"!/4B!43U)4
|
||||
M("A)3D-,541)3D<@3D5'3$E'14Y#12!/4B!/5$A%4E=)4T4I"B`J($%225-)
|
||||
M3D<@24X@04Y9(%=!62!/550@3T8@5$A%(%5312!/1B!42$E3(%-/1E1705)%
|
||||
M+"!%5D5.($E&($%$5DE3140@3T8@5$A%"B`J(%!/4U-)0DE,2519($]&(%-5
|
||||
M0T@@1$%-04=%+@H@*B\*(VEF;F1E9B!$14937TA?"B-D969I;F4@1$5&4U](
|
||||
M7PH*(VEN8VQU9&4@/'-Y<R]T>7!E<RYH/@HC:6YC;'5D92`\<WES+W!A<F%M
|
||||
M+F@^"@HC:69D968@2$%615])3E1465!%4U]("B-I;F-L=61E(#QI;G1T>7!E
|
||||
M<RYH/@HC96YD:68*"B-I9F1E9B!(059%7U-41$E.5%]("B-I;F-L=61E(#QS
|
||||
M=&1I;G0N:#X*(V5N9&EF"@HC:6YC;'5D92`\<W1D:6\N:#X*(VEN8VQU9&4@
|
||||
M/'-T9&QI8BYH/@HC:6YC;'5D92`\<W1R:6YG+F@^"@HC9&5F:6YE($Y%5T%2
|
||||
M4D%9*'1Y<&4L<'1R+'-I>F4L=VAE<F4L86-T:6]N*2!D;R!["0D)7`H):68@
|
||||
M*"AP='(@/2!C86QL;V,H<VEZ96]F*'1Y<&4I+"`H=6YS:6=N960I*'-I>F4I
|
||||
M*2D@/3T@3E5,3"D@>PE<"@D)*'9O:60I(&9P<FEN=&8H<W1D97)R+"`B)7,Z
|
||||
M(&-A;B=T(&%L;&]C871E("5L=2!B>71E<UQN(BP@7`H)"0EW:&5R92P@*'5N
|
||||
M<VEG;F5D(&QO;F<I*'-I>F4@*B!S:7IE;V8H='EP92DI*3L)7`H)"6%C=&EO
|
||||
M;CL)"0D)"0D)7`H)?0D)"0D)"0D)7`I]('=H:6QE*"`O*B!#3TY35$-/3D0@
|
||||
M*B\@,"D*"B-D969I;F4@4D5.15<H='EP92QP='(L<VEZ92QW:&5R92QA8W1I
|
||||
M;VXI(&1O('L)"0D)7`H)='EP92`J7VYE=W!T<CL)"0D)"0D)7`H)7VYE=W!T
|
||||
M<B`](')E86QL;V,H<'1R+"`H<VEZ95]T*2AS:7IE;V8H='EP92D@*B`H<VEZ
|
||||
M92DI*3L)7`H):68@*%]N97=P='(@/3T@3E5,3"D@>PD)"0D)"5P*"0DH=F]I
|
||||
M9"D@9G!R:6YT9BAS=&1E<G(L("(E<SH@8V%N)W0@<F5A;&QO8R`E;'4@8GET
|
||||
M97-<;B(L"5P*"0D)=VAE<F4L("AU;G-I9VYE9"!L;VYG*2AS:7IE("H@<VEZ
|
||||
M96]F*'1Y<&4I*2D["5P*"0EA8W1I;VX["0D)"0D)"5P*"7T@96QS92!["0D)
|
||||
M"0D)"5P*"0EP='(@/2!?;F5W<'1R.PD)"0D)"5P*"7T)"0D)"0D)"5P*?2!W
|
||||
M:&EL92@@+RH@0T].4U1#3TY$("HO(#`I"@HC9&5F:6YE($Y%5RAT>7!E+"!P
|
||||
M='(L('=H97)E+"!A8W1I;VXI"4Y%5T%24D%9*'1Y<&4L('!T<BP@,2P@=VAE
|
||||
M<F4L(&%C=&EO;BD*"B-D969I;F4@1E)%12AP='(I"2AV;VED*2!F<F5E*'!T
|
||||
M<BD*"B-D969I;F4@04Q,3T,H='EP92P@=BP@<VEZ92P@8RP@:6YI="P@:6YC
|
||||
M<BP@=VAE<F4L(&%C=&EO;BD@9&\@>PD)7`H)=6EN=#,R7W0)7VYE=W-I>F4@
|
||||
M/2!S:7IE.PD)"0E<"@EI9B`H<VEZ92`]/2`P*2!["0D)"0D)7`H)"5]N97=S
|
||||
M:7IE(#T@:6YI=#L)"0D)"5P*"0E.15=!4E)!62AT>7!E+"!V+"!?;F5W<VEZ
|
||||
M92P@=VAE<F4@(CH@;F5W(BP@86-T:6]N*3L)7`H)?2!E;'-E(&EF("AC(#T]
|
||||
M('-I>F4I('L)"0D)"0E<"@D)7VYE=W-I>F4@/2!S:7IE("L@:6YC<CL)"0D)
|
||||
M"5P*"0E214Y%5RAT>7!E+"!V+"!?;F5W<VEZ92P@=VAE<F4@(CH@<F5N97<B
|
||||
M+"!A8W1I;VXI.PE<"@E]"0D)"0D)"0E<"@ES:7IE(#T@7VYE=W-I>F4["0D)
|
||||
M"0D)7`I]('=H:6QE*"`O*B!#3TY35$-/3D0@*B\@,"D*"B-D969I;F4@1$5&
|
||||
M24Y%7T%24D%9*&YA;64L('1Y<&4I"0D)"0E<"G1Y<&5D968@<W1R=6-T(&YA
|
||||
M;64@>PD)"0D)"0E<"@EU:6YT,S)?=`EC.PD)"0D)"5P*"75I;G0S,E]T"7-I
|
||||
M>F4["0D)"0D)7`H)='EP90D@("`@("`@*G8["0D)"0D)7`I](&YA;64*"B-E
|
||||
M;F1I9B`O*B`A1$5&4U](7R`J+PK"P6($``$(`!8%`E31?2X%`P`````)$&QB
|
||||
M90"MA22P``",=!``R2^C8"/Z(.]^N&Z\EI0D7OD:'ZCU!'UF5Y]7&[DR)G\'
|
||||
M0()`BLY[_^^=IL!XDWJV27+@.J_O)C#?OX5?C/=,6ERU)E-Z6879??U_%57[
|
||||
M#GZGRW)HO4D"'RF&XC`1_WM?]SHB'%S'^.%!W=SF.K\^+,P@%I<T\OEXC6L&
|
||||
M*>$9,ZZ)7&ZPS0'*9LS>BW"FH5EMYA!ZW8]*D%:F$J`6VR`>$Z</'`_C7KR>
|
||||
MH-$^_G+1].)F[.VWN2P=?1*GT_TG<'22PV'8X>M>'".JW)BZ"'!&0-/1=CZE
|
||||
M`[T@-*0@IZ";+?LQ8UOG"/8MHG:MO"+/$&H)Z,7/P\B9Y(BGO:>:EKK-<L)\
|
||||
M;^-D&1Q])%-><1,L?H6R(._?U3U88B-3)Y]<KK?9I![G*NN)@V62IISM8=:R
|
||||
MFI5Y\[_DPS40H$4RR"$6>*P?MQ&`+)S1YA)^/#5Q`/'2Z[4WP<MM"<E'0@3<
|
||||
M?@)S`Y@Y+HZ"=8M5!M1X/=E61^8#76UVD./*N#KN%+K\@F``YD)39=KU%_`T
|
||||
M*;<#>_BBN\8O-O@?D/!-B]3!5H;2%:.Q;\OTKC;3TWYL:L:T,_]@1`HL1#[F
|
||||
ML#H/G5N<Z&(QE4&.C(1"`:6PZC[F-?+BC,.3!9J+/X(9O&;>0SN#?.`)5Y_]
|
||||
=*CT.Q56883<>]E&=6=.!4%:1H5]1;`SHG5#'WD.+
|
||||
`
|
||||
end
|
@ -1,4 +1,4 @@
|
||||
# $NetBSD: Makefile.bsd,v 1.3 2015/01/30 18:58:59 agc Exp $
|
||||
# $NetBSD: Makefile.bsd,v 1.4 2015/02/05 01:26:54 agc Exp $
|
||||
|
||||
PROG=netpgpverify
|
||||
|
||||
@ -34,6 +34,12 @@ tst:
|
||||
@echo "expected failure, no valid key for verification"
|
||||
-./${PROG} -k /dev/null NetBSD-6.0_RC1_hashes.gpg
|
||||
@echo "dumping now"
|
||||
./${PROG} -c dump -k pubring.gpg NetBSD-6.0_RC1_hashes.asc
|
||||
./${PROG} -c dump -k pubring.gpg NetBSD-6.0_RC1_hashes.asc > /dev/null
|
||||
@echo "dumping ssh now"
|
||||
./${PROG} -c dump -S sshtest-20140202.pub data.gpg
|
||||
@echo "testing pubring with one key"
|
||||
uudecode 1keytest.gpg.uu
|
||||
./${PROG} -k 1keypubring.gpg 1keytest.gpg
|
||||
rm -f 1keytest.gpg
|
||||
@echo "testing signing with a subkey"
|
||||
./chk.sh -k joyent-pubring.gpg digest-20121220.tgz
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: bzlib.c,v 1.2 2014/03/09 07:01:42 christos Exp $ */
|
||||
/* $NetBSD: bzlib.c,v 1.3 2015/02/05 01:26:54 agc Exp $ */
|
||||
|
||||
|
||||
/*-------------------------------------------------------------*/
|
||||
@ -35,7 +35,7 @@
|
||||
#include "bzlib_private.h"
|
||||
|
||||
|
||||
/* $NetBSD: bzlib.c,v 1.2 2014/03/09 07:01:42 christos Exp $ */
|
||||
/* $NetBSD: bzlib.c,v 1.3 2015/02/05 01:26:54 agc Exp $ */
|
||||
|
||||
|
||||
/*-------------------------------------------------------------*/
|
||||
@ -930,7 +930,7 @@ BZFILE * bzopen_or_bzdopen
|
||||
int smallMode = 0;
|
||||
int nUnused = 0;
|
||||
|
||||
__USE(blockSize100k);
|
||||
USE_ARG(blockSize100k);
|
||||
|
||||
if (mode == NULL) return NULL;
|
||||
while (*mode) {
|
||||
@ -1082,7 +1082,7 @@ const char * BZ_API(BZ2_bzerror) (BZFILE *b, int *errnum)
|
||||
/*-------------------------------------------------------------*/
|
||||
/*--- end bzlib.c ---*/
|
||||
/*-------------------------------------------------------------*/
|
||||
/* $NetBSD: bzlib.c,v 1.2 2014/03/09 07:01:42 christos Exp $ */
|
||||
/* $NetBSD: bzlib.c,v 1.3 2015/02/05 01:26:54 agc Exp $ */
|
||||
|
||||
|
||||
/*-------------------------------------------------------------*/
|
||||
@ -1728,7 +1728,7 @@ Int32 BZ2_decompress ( DState* s )
|
||||
/*-------------------------------------------------------------*/
|
||||
/*--- end decompress.c ---*/
|
||||
/*-------------------------------------------------------------*/
|
||||
/* $NetBSD: bzlib.c,v 1.2 2014/03/09 07:01:42 christos Exp $ */
|
||||
/* $NetBSD: bzlib.c,v 1.3 2015/02/05 01:26:54 agc Exp $ */
|
||||
|
||||
|
||||
/*-------------------------------------------------------------*/
|
||||
@ -1832,7 +1832,7 @@ UInt32 BZ2_crc32Table[256] = {
|
||||
/*-------------------------------------------------------------*/
|
||||
/*--- end crctable.c ---*/
|
||||
/*-------------------------------------------------------------*/
|
||||
/* $NetBSD: bzlib.c,v 1.2 2014/03/09 07:01:42 christos Exp $ */
|
||||
/* $NetBSD: bzlib.c,v 1.3 2015/02/05 01:26:54 agc Exp $ */
|
||||
|
||||
|
||||
/*-------------------------------------------------------------*/
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: bzlib_private.h,v 1.2 2014/03/11 17:20:23 joerg Exp $ */
|
||||
/* $NetBSD: bzlib_private.h,v 1.3 2015/02/05 01:26:54 agc Exp $ */
|
||||
|
||||
|
||||
/*-------------------------------------------------------------*/
|
||||
@ -57,6 +57,10 @@ typedef unsigned short UInt16;
|
||||
|
||||
#ifndef BZ_NO_STDIO
|
||||
|
||||
#ifndef __dead
|
||||
#define __dead
|
||||
#endif
|
||||
|
||||
void BZ2_bz__AssertH__fail ( int errcode ) __dead;
|
||||
#define AssertH(cond,errcode) \
|
||||
{ if (!(cond)) BZ2_bz__AssertH__fail ( errcode ); }
|
||||
|
@ -1,6 +1,6 @@
|
||||
#! /bin/sh
|
||||
|
||||
# $NetBSD: chk.sh,v 1.2 2015/01/30 18:58:59 agc Exp $
|
||||
# $NetBSD: chk.sh,v 1.3 2015/02/05 01:26:54 agc Exp $
|
||||
|
||||
# Copyright (c) 2013,2014,2015 Alistair Crooks <agc@NetBSD.org>
|
||||
# All rights reserved.
|
||||
@ -35,9 +35,11 @@ os=EdgeBSD
|
||||
osrev=6
|
||||
arch=amd64
|
||||
pkgsrc=pkgsrc-2013Q1
|
||||
keyring=pubring.gpg
|
||||
while [ $# -gt 0 ]; do
|
||||
case "$1" in
|
||||
--arch|-a) arch=$2; shift ;;
|
||||
--keyring|-k) keyring=$2; shift ;;
|
||||
--os|-o) os=$2; shift ;;
|
||||
--pkgsrc) pkgsrc=$2; shift ;;
|
||||
-v) set -x ;;
|
||||
@ -95,13 +97,13 @@ diff ${dir}/+PKG_HASH ${dir}/calc || die "Bad hashes generated"
|
||||
if [ -x /usr/bin/netpgpverify -o -x /usr/pkg/bin/netpgpverify ]; then
|
||||
echo "=== Using netpgpverify to verify the package signature ==="
|
||||
# check the signature in +PKG_GPG_SIGNATURE
|
||||
cp ${here}/pubring.pub ${dir}/pubring.gpg
|
||||
cp ${keyring} ${dir}/pubring.gpg
|
||||
# calculate the sig file we want to verify
|
||||
echo "-----BEGIN PGP SIGNED MESSAGE-----" > ${dir}/${name}.sig
|
||||
echo "Hash: ${digest}" >> ${dir}/${name}.sig
|
||||
echo "" >> ${dir}/${name}.sig
|
||||
cat ${dir}/+PKG_HASH ${dir}/+PKG_GPG_SIGNATURE >> ${dir}/${name}.sig
|
||||
(cd ${dir} && netpgpverify -k pubring.gpg ${name}.sig) || die "Bad signature"
|
||||
(cd ${dir} && ${here}/netpgpverify -k pubring.gpg ${name}.sig) || die "Bad signature"
|
||||
else
|
||||
echo "=== Using gpg to verify the package signature ==="
|
||||
gpg --recv --keyserver pgp.mit.edu 0x6F3AF5E2
|
||||
|
BIN
crypto/external/bsd/netpgp/dist/src/netpgpverify/digest-20121220.tgz
vendored
Normal file
BIN
crypto/external/bsd/netpgp/dist/src/netpgpverify/digest-20121220.tgz
vendored
Normal file
Binary file not shown.
BIN
crypto/external/bsd/netpgp/dist/src/netpgpverify/joyent-pubring.gpg
vendored
Normal file
BIN
crypto/external/bsd/netpgp/dist/src/netpgpverify/joyent-pubring.gpg
vendored
Normal file
Binary file not shown.
@ -1,4 +1,4 @@
|
||||
.\" $NetBSD: libnetpgpverify.3,v 1.2 2014/12/05 04:42:36 agc Exp $
|
||||
.\" $NetBSD: libnetpgpverify.3,v 1.3 2015/02/05 01:26:54 agc Exp $
|
||||
.\"
|
||||
.\" Copyright (c) 2014 Alistair Crooks <agc@NetBSD.org>
|
||||
.\" All rights reserved.
|
||||
@ -23,7 +23,7 @@
|
||||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.Dd December 4, 2014
|
||||
.Dd January 15, 2015
|
||||
.Dt LIBNETPGPVERIFY 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -54,6 +54,10 @@
|
||||
.Fa "pgpv_cursor_t *cursor" "size_t element"
|
||||
.Fc
|
||||
.Ft size_t
|
||||
.Fo pgpv_dump
|
||||
.Fa "pgpv_t *pgp" "char **data"
|
||||
.Fc
|
||||
.Ft size_t
|
||||
.Fo pgpv_get_entry
|
||||
.Fa "pgpv_t *pgp" "unsigned ent" "char **ret" "const char *modifiers"
|
||||
.Fc
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2012 Alistair Crooks <agc@NetBSD.org>
|
||||
* Copyright (c) 2012,2013,2014,2015 Alistair Crooks <agc@NetBSD.org>
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
@ -1473,14 +1473,16 @@ fmt_trust(char *s, size_t size, pgpv_signed_userid_t *userid, uint32_t u)
|
||||
|
||||
/* print a primary key, per RFC 4880 */
|
||||
static size_t
|
||||
fmt_primary(char *s, size_t size, pgpv_primarykey_t *primary, const char *modifiers)
|
||||
fmt_primary(char *s, size_t size, pgpv_primarykey_t *primary, unsigned subkey, const char *modifiers)
|
||||
{
|
||||
pgpv_signed_userid_t *userid;
|
||||
pgpv_pubkey_t *pubkey;
|
||||
unsigned i;
|
||||
unsigned j;
|
||||
size_t cc;
|
||||
|
||||
cc = fmt_pubkey(s, size, &primary->primary, "signature ");
|
||||
pubkey = (subkey == 0) ? &primary->primary : &ARRAY_ELEMENT(primary->signed_subkeys, subkey - 1).subkey;
|
||||
cc = fmt_pubkey(s, size, pubkey, "signature ");
|
||||
cc += fmt_userid(&s[cc], size - cc, primary, primary->primary_userid);
|
||||
for (i = 0 ; i < ARRAY_COUNT(primary->signed_userids) ; i++) {
|
||||
if (i != primary->primary_userid) {
|
||||
@ -2190,6 +2192,7 @@ getbignum(pgpv_bignum_t *bignum, bufgap_t *bg, char *buf, const char *header)
|
||||
{
|
||||
uint32_t len;
|
||||
|
||||
USE_ARG(header);
|
||||
(void) bufgap_getbin(bg, &len, sizeof(len));
|
||||
len = pgp_ntoh32(len);
|
||||
(void) bufgap_seek(bg, sizeof(len), BGFromHere, BGByte);
|
||||
@ -2248,6 +2251,7 @@ read_ssh_file(pgpv_t *pgp, pgpv_primarykey_t *primary, const char *fmt, ...)
|
||||
int ok;
|
||||
int cc;
|
||||
|
||||
USE_ARG(pgp);
|
||||
memset(primary, 0x0, sizeof(*primary));
|
||||
(void) memset(&bg, 0x0, sizeof(bg));
|
||||
va_start(args, fmt);
|
||||
@ -2436,7 +2440,7 @@ fixup_detached(pgpv_cursor_t *cursor, const char *f)
|
||||
return 1;
|
||||
}
|
||||
|
||||
/* match the calculated signature against the oen in the signature packet */
|
||||
/* match the calculated signature against the one in the signature packet */
|
||||
static int
|
||||
match_sig(pgpv_cursor_t *cursor, pgpv_signature_t *signature, pgpv_pubkey_t *pubkey, uint8_t *data, size_t size)
|
||||
{
|
||||
@ -2518,25 +2522,29 @@ pgpv_close(pgpv_t *pgp)
|
||||
|
||||
/* return the formatted entry for the primary key desired */
|
||||
size_t
|
||||
pgpv_get_entry(pgpv_t *pgp, unsigned ent, char **ret, const char *modifiers)
|
||||
pgpv_get_entry(pgpv_t *pgp, unsigned ent, char **s, const char *modifiers)
|
||||
{
|
||||
size_t cc;
|
||||
unsigned subkey;
|
||||
unsigned prim;
|
||||
size_t cc;
|
||||
|
||||
if (ret == NULL || pgp == NULL || ent >= ARRAY_COUNT(pgp->primaries)) {
|
||||
prim = ((ent >> 8) & 0xffffff);
|
||||
subkey = (ent & 0xff);
|
||||
if (s == NULL || pgp == NULL || prim >= ARRAY_COUNT(pgp->primaries)) {
|
||||
return 0;
|
||||
}
|
||||
*ret = NULL;
|
||||
cc = ARRAY_ELEMENT(pgp->primaries, ent).fmtsize;
|
||||
*s = NULL;
|
||||
cc = ARRAY_ELEMENT(pgp->primaries, prim).fmtsize;
|
||||
if (modifiers == NULL || (strcasecmp(modifiers, "trust") != 0 && strcasecmp(modifiers, "subkeys") != 0)) {
|
||||
modifiers = "no-subkeys";
|
||||
}
|
||||
if (strcasecmp(modifiers, "trust") == 0) {
|
||||
cc *= 2048;
|
||||
}
|
||||
if ((*ret = calloc(1, cc)) == NULL) {
|
||||
if ((*s = calloc(1, cc)) == NULL) {
|
||||
return 0;
|
||||
}
|
||||
return fmt_primary(*ret, cc, &ARRAY_ELEMENT(pgp->primaries, ent), modifiers);
|
||||
return fmt_primary(*s, cc, &ARRAY_ELEMENT(pgp->primaries, prim), subkey, modifiers);
|
||||
}
|
||||
|
||||
/* fixup key id, with birth, keyalg and hashalg value from signature */
|
||||
@ -2556,12 +2564,15 @@ fixup_ssh_keyid(pgpv_t *pgp, pgpv_signature_t *signature, const char *hashtype)
|
||||
|
||||
/* find key id */
|
||||
static int
|
||||
find_keyid(pgpv_t *pgp, const char *strkeyid, uint8_t *keyid)
|
||||
find_keyid(pgpv_t *pgp, const char *strkeyid, uint8_t *keyid, unsigned *sub)
|
||||
{
|
||||
unsigned i;
|
||||
uint8_t binkeyid[PGPV_KEYID_LEN];
|
||||
size_t off;
|
||||
size_t cmp;
|
||||
pgpv_signed_subkey_t *subkey;
|
||||
pgpv_primarykey_t *prim;
|
||||
unsigned i;
|
||||
unsigned j;
|
||||
uint8_t binkeyid[PGPV_KEYID_LEN];
|
||||
size_t off;
|
||||
size_t cmp;
|
||||
|
||||
if (strkeyid == NULL && keyid == NULL) {
|
||||
return 0;
|
||||
@ -2573,27 +2584,43 @@ find_keyid(pgpv_t *pgp, const char *strkeyid, uint8_t *keyid)
|
||||
memcpy(binkeyid, keyid, sizeof(binkeyid));
|
||||
cmp = PGPV_KEYID_LEN;
|
||||
}
|
||||
*sub = 0;
|
||||
off = PGPV_KEYID_LEN - cmp;
|
||||
for (i = 0 ; i < ARRAY_COUNT(pgp->primaries) ; i++) {
|
||||
if (memcmp(&ARRAY_ELEMENT(pgp->primaries, i).primary.keyid[off], &binkeyid[off], cmp) == 0) {
|
||||
prim = &ARRAY_ELEMENT(pgp->primaries, i);
|
||||
if (memcmp(&prim->primary.keyid[off], &binkeyid[off], cmp) == 0) {
|
||||
return i;
|
||||
}
|
||||
for (j = 0 ; j < ARRAY_COUNT(prim->signed_subkeys) ; j++) {
|
||||
subkey = &ARRAY_ELEMENT(prim->signed_subkeys, j);
|
||||
if (memcmp(&subkey->subkey.keyid[off], &binkeyid[off], cmp) == 0) {
|
||||
*sub = j + 1;
|
||||
return i;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* match the signature with the id indexed by 'primary' */
|
||||
static int
|
||||
match_sig_id(pgpv_cursor_t *cursor, pgpv_signature_t *signature, pgpv_litdata_t *litdata, unsigned primary)
|
||||
match_sig_id(pgpv_cursor_t *cursor, pgpv_signature_t *signature, pgpv_litdata_t *litdata, unsigned primary, unsigned sub)
|
||||
{
|
||||
pgpv_primarykey_t *prim;
|
||||
pgpv_pubkey_t *pubkey;
|
||||
uint8_t *data;
|
||||
size_t insize;
|
||||
|
||||
pubkey = &ARRAY_ELEMENT(cursor->pgp->primaries, primary).primary;
|
||||
cursor->sigtime = signature->birth;
|
||||
/* calc hash on data packet */
|
||||
data = get_literal_data(cursor, litdata, &insize);
|
||||
if (sub == 0) {
|
||||
pubkey = &ARRAY_ELEMENT(cursor->pgp->primaries, primary).primary;
|
||||
return match_sig(cursor, signature, pubkey, data, insize);
|
||||
}
|
||||
prim = &ARRAY_ELEMENT(cursor->pgp->primaries, primary);
|
||||
pubkey = &ARRAY_ELEMENT(prim->signed_subkeys, sub - 1).subkey;
|
||||
return match_sig(cursor, signature, pubkey, data, insize);
|
||||
}
|
||||
|
||||
@ -2644,6 +2671,7 @@ pgpv_verify(pgpv_cursor_t *cursor, pgpv_t *pgp, const void *p, ssize_t size)
|
||||
pgpv_signature_t *signature;
|
||||
pgpv_onepass_t *onepass;
|
||||
pgpv_litdata_t *litdata;
|
||||
unsigned sub;
|
||||
size_t pkt;
|
||||
char strkeyid[PGPV_STR_KEYID_LEN];
|
||||
int j;
|
||||
@ -2695,17 +2723,17 @@ pgpv_verify(pgpv_cursor_t *cursor, pgpv_t *pgp, const void *p, ssize_t size)
|
||||
if (cursor->pgp->ssh) {
|
||||
fixup_ssh_keyid(cursor->pgp, signature, "sha1");
|
||||
}
|
||||
if (ARRAY_COUNT(cursor->pgp->primaries) == 1) {
|
||||
j = 0;
|
||||
} else if ((j = find_keyid(cursor->pgp, NULL, onepass->keyid)) < 0) {
|
||||
sub = 0;
|
||||
if ((j = find_keyid(cursor->pgp, NULL, onepass->keyid, &sub)) < 0) {
|
||||
fmt_binary(strkeyid, sizeof(strkeyid), onepass->keyid, (unsigned)sizeof(onepass->keyid));
|
||||
snprintf(cursor->why, sizeof(cursor->why), "Signature key id %s not found ", strkeyid);
|
||||
return 0;
|
||||
}
|
||||
if (!match_sig_id(cursor, signature, litdata, (unsigned)j)) {
|
||||
if (!match_sig_id(cursor, signature, litdata, (unsigned)j, sub)) {
|
||||
return 0;
|
||||
}
|
||||
ARRAY_APPEND(cursor->datacookies, pkt);
|
||||
j = ((j & 0xffffff) << 8) | (sub & 0xff);
|
||||
ARRAY_APPEND(cursor->found, j);
|
||||
return pkt + 1;
|
||||
}
|
||||
@ -2731,6 +2759,7 @@ pgpv_read_ssh_pubkeys(pgpv_t *pgp, const void *keyring, ssize_t size)
|
||||
{
|
||||
pgpv_primarykey_t primary;
|
||||
|
||||
USE_ARG(size);
|
||||
if (pgp == NULL) {
|
||||
return 0;
|
||||
}
|
||||
|
11
crypto/external/bsd/netpgp/dist/src/netpgpverify/mkdist
vendored
Executable file
11
crypto/external/bsd/netpgp/dist/src/netpgpverify/mkdist
vendored
Executable file
@ -0,0 +1,11 @@
|
||||
#! /bin/sh
|
||||
|
||||
version=$(awk '/^#define[ \t]+NETPGP_VERIFY_H_/ { print $3 }' verify.h)
|
||||
name=netpgpverify-${version}
|
||||
|
||||
(cd .. &&
|
||||
mv files ${name} &&
|
||||
tar --exclude CVS -cvzf $HOME/${name}.tar.gz ${name} &&
|
||||
ls -al $HOME/${name}.tar.gz &&
|
||||
mv ${name} files)
|
||||
|
21
crypto/external/bsd/netpgp/dist/src/netpgpverify/testit.sh
vendored
Executable file
21
crypto/external/bsd/netpgp/dist/src/netpgpverify/testit.sh
vendored
Executable file
@ -0,0 +1,21 @@
|
||||
#! /bin/sh
|
||||
|
||||
tmp=$(mktemp -d ../netpgpverify-test.XXXXXX)
|
||||
|
||||
pax -rwpp . ${tmp}
|
||||
cat > ${tmp}/config.h <<EOF
|
||||
#ifndef CONFIG_H_
|
||||
#define CONFIG_H_ 20141204
|
||||
|
||||
#ifndef __UNCONST
|
||||
#define __UNCONST(a) ((void *)(unsigned long)(const void *)(a))
|
||||
#endif /* __UNCONST */
|
||||
|
||||
#ifndef USE_ARG
|
||||
#define USE_ARG(x) /*LINTED*/(void)&(x)
|
||||
#endif /* USE_ARG */
|
||||
|
||||
#endif /* CONFIG_H_ */
|
||||
EOF
|
||||
(cd ${tmp} && env USETOOLS=no make -f Makefile.bsd && make -f Makefile.bsd tst)
|
||||
rm -rf ${tmp}
|
@ -23,9 +23,9 @@
|
||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
#ifndef NETPGP_VERIFY_H_
|
||||
#define NETPGP_VERIFY_H_ 20150115
|
||||
#define NETPGP_VERIFY_H_ 20150205
|
||||
|
||||
#define NETPGPVERIFY_VERSION "netpgpverify portable 20150115"
|
||||
#define NETPGPVERIFY_VERSION "netpgpverify portable 20150205"
|
||||
|
||||
#include <sys/types.h>
|
||||
|
||||
@ -263,7 +263,7 @@ typedef struct pgpv_cursor_t {
|
||||
char *op; /* operation we're doing */
|
||||
char *value; /* value we're searching for */
|
||||
void *ptr; /* for regexps etc */
|
||||
PGPV_ARRAY(uint32_t, found); /* array of matched subscripts */
|
||||
PGPV_ARRAY(uint32_t, found); /* array of matched pimary key subscripts */
|
||||
PGPV_ARRAY(size_t, datacookies); /* cookies to retrieve matched data */
|
||||
int64_t sigtime; /* time of signature */
|
||||
char why[PGPV_REASON_LEN]; /* reason for bad signature */
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: zlib.c,v 1.1 2014/03/09 00:15:45 agc Exp $ */
|
||||
/* $NetBSD: zlib.c,v 1.2 2015/02/05 01:26:54 agc Exp $ */
|
||||
|
||||
/* inflate.c -- zlib decompression
|
||||
* Copyright (C) 1995-2005 Mark Adler
|
||||
@ -272,7 +272,7 @@ int ZEXPORT inflateReset(z_streamp strm)
|
||||
struct inflate_state FAR *state;
|
||||
|
||||
if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
|
||||
state = (struct inflate_state FAR *)strm->state;
|
||||
state = (struct inflate_state FAR *)(void *)strm->state;
|
||||
strm->total_in = strm->total_out = state->total = 0;
|
||||
strm->msg = Z_NULL;
|
||||
strm->adler = 1; /* to support ill-conceived Java test suite */
|
||||
@ -296,7 +296,7 @@ int ZEXPORT inflatePrime(z_streamp strm, int bits, int value)
|
||||
struct inflate_state FAR *state;
|
||||
|
||||
if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
|
||||
state = (struct inflate_state FAR *)strm->state;
|
||||
state = (struct inflate_state FAR *)(void *)strm->state;
|
||||
if (bits > 16 || state->bits + bits > 32) return Z_STREAM_ERROR;
|
||||
value &= (1L << bits) - 1;
|
||||
state->hold += value << state->bits;
|
||||
@ -322,7 +322,7 @@ int ZEXPORT inflateInit2_(z_streamp strm, int windowBits, const char *version, i
|
||||
ZALLOC(strm, 1, sizeof(struct inflate_state));
|
||||
if (state == Z_NULL) return Z_MEM_ERROR;
|
||||
Tracev((stderr, "inflate: allocated\n"));
|
||||
strm->state = (struct internal_state FAR *)state;
|
||||
strm->state = (struct internal_state FAR *)(void *)state;
|
||||
if (windowBits < 0) {
|
||||
state->wrap = 0;
|
||||
windowBits = -windowBits;
|
||||
@ -361,7 +361,7 @@ int ZEXPORT inflateInit_( z_streamp strm, const char *version, int stream_size)
|
||||
local void
|
||||
fixedtables(struct inflate_state FAR *state)
|
||||
{
|
||||
/* $NetBSD: zlib.c,v 1.1 2014/03/09 00:15:45 agc Exp $ */
|
||||
/* $NetBSD: zlib.c,v 1.2 2015/02/05 01:26:54 agc Exp $ */
|
||||
|
||||
/* inffixed.h -- table for decoding fixed codes
|
||||
* Generated automatically by makefixed().
|
||||
@ -483,7 +483,7 @@ updatewindow(z_streamp strm, unsigned out)
|
||||
struct inflate_state FAR *state;
|
||||
unsigned copy, dist;
|
||||
|
||||
state = (struct inflate_state FAR *)strm->state;
|
||||
state = (struct inflate_state FAR *)(void *)strm->state;
|
||||
|
||||
/* if it hasn't been done already, allocate space for the window */
|
||||
if (state->window == Z_NULL) {
|
||||
@ -1141,7 +1141,7 @@ inflate_fast(z_streamp strm, unsigned start)
|
||||
unsigned char FAR *from; /* where to copy match from */
|
||||
|
||||
/* copy state to local variables */
|
||||
state = (struct inflate_state FAR *)strm->state;
|
||||
state = (struct inflate_state FAR *)(void *)strm->state;
|
||||
in = strm->next_in - OFF;
|
||||
last = in + (strm->avail_in - 5);
|
||||
out = strm->next_out - OFF;
|
||||
@ -1462,7 +1462,7 @@ inflate(z_streamp strm, int flush)
|
||||
return Z_STREAM_ERROR;
|
||||
#endif
|
||||
|
||||
state = (struct inflate_state FAR *)strm->state;
|
||||
state = (struct inflate_state FAR *)(void *)strm->state;
|
||||
if (state->mode == TYPE) state->mode = TYPEDO; /* skip check */
|
||||
LOAD();
|
||||
in = have;
|
||||
@ -2043,7 +2043,7 @@ inflateEnd(z_streamp strm)
|
||||
struct inflate_state FAR *state;
|
||||
if (strm == Z_NULL || strm->state == Z_NULL || strm->zfree == (free_func)0)
|
||||
return Z_STREAM_ERROR;
|
||||
state = (struct inflate_state FAR *)strm->state;
|
||||
state = (struct inflate_state FAR *)(void *)strm->state;
|
||||
if (state->window != Z_NULL) ZFREE(strm, state->window);
|
||||
ZFREE(strm, strm->state);
|
||||
strm->state = Z_NULL;
|
||||
@ -2059,7 +2059,7 @@ inflateSetDictionary(z_streamp strm, const Bytef *dictionary, uInt dictLength)
|
||||
|
||||
/* check state */
|
||||
if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
|
||||
state = (struct inflate_state FAR *)strm->state;
|
||||
state = (struct inflate_state FAR *)(void *)strm->state;
|
||||
if (state->wrap != 0 && state->mode != DICT)
|
||||
return Z_STREAM_ERROR;
|
||||
|
||||
@ -2098,7 +2098,7 @@ inflateGetHeader(z_streamp strm, gz_headerp head)
|
||||
|
||||
/* check state */
|
||||
if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
|
||||
state = (struct inflate_state FAR *)strm->state;
|
||||
state = (struct inflate_state FAR *)(void *)strm->state;
|
||||
if ((state->wrap & 2) == 0) return Z_STREAM_ERROR;
|
||||
|
||||
/* save header structure */
|
||||
@ -2149,7 +2149,7 @@ inflateSync(z_streamp strm)
|
||||
|
||||
/* check parameters */
|
||||
if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
|
||||
state = (struct inflate_state FAR *)strm->state;
|
||||
state = (struct inflate_state FAR *)(void *)strm->state;
|
||||
if (strm->avail_in == 0 && state->bits < 8) return Z_BUF_ERROR;
|
||||
|
||||
/* if first time, start search in bit buffer */
|
||||
@ -2196,7 +2196,7 @@ inflateSyncPoint(z_streamp strm)
|
||||
struct inflate_state FAR *state;
|
||||
|
||||
if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
|
||||
state = (struct inflate_state FAR *)strm->state;
|
||||
state = (struct inflate_state FAR *)(void *)strm->state;
|
||||
return state->mode == STORED && state->bits == 0;
|
||||
}
|
||||
|
||||
@ -2212,7 +2212,7 @@ inflateCopy(z_streamp dest, z_streamp source)
|
||||
if (dest == Z_NULL || source == Z_NULL || source->state == Z_NULL ||
|
||||
source->zalloc == (alloc_func)0 || source->zfree == (free_func)0)
|
||||
return Z_STREAM_ERROR;
|
||||
state = (struct inflate_state FAR *)source->state;
|
||||
state = (struct inflate_state FAR *)(void *)source->state;
|
||||
|
||||
/* allocate space */
|
||||
copy = (struct inflate_state FAR *)
|
||||
|
Loading…
Reference in New Issue
Block a user