Fix compilation:
kill PGP_ERROR() and make everything use a format.
XXX: Fixme to use __VA_ARGS__ instead of the silly PGP_ERROR_N() macros.

branches: 1.32.6;
Don't prefix function names with "pgp_" if the functions are static.

Changes to help with netpgp key generation and interoperability:

+ use plain SHA1 for session key s2k negotiation
+ don't warn on some conditions when inflating (reading a compressed file)
since the conditions don't hold for partial block lengths
+ prompt for a passphrase when generating a new key - used in the upcoming
secret-sharing functionality for netpgp

Take the internal functions and definitions back out of the implementation
namespace:

:g/\<__ops/s//pgp/g
:g/\<__OPS/s//__PGP/g
:g/\<OPS/s//PGP/g

No functional change, regression tests complete successfully.

allow user-specification of cipher to be used when encrypting packets.

preserve the CAST5 default for now.

at the user level, this is specified using the --cipher=<ciphername>
option.

get rid of more 64-bit lint

fix some more amd64 lint

+ rationalise birthtime/expiration timestamps into a single function

+ clean up some 64-bit (amd64) lint

Changes to 3.99.7/20100701

+ recognise ascii-armoured encrypted messages properly, in memory and
in files
+ print error message and exit for now when trying to encrypt with a DSA key
+ fix bug reported by dyoung when trying to print out the encryption key
fingerprint

Changes to 3.99.5

+ make ssh fingerprints (md5) match netpgp listing
+ use the more functional hexdump function from ssh2pgp in place of the
older hexdump function from openpgpsdk
+ pass hash type down from command line where needed
+ add test for netpgp/ssh key fingerprint matching
+ make netpgpkeys(1) take a --hash= option

With these changes, netpgp can be made to generate the same fingerprint as
openssh (by default, ssh-keygen(1) uses an md5 digest)

% /usr/bin/netpgpkeys --ssh-keys --sshkeyfile=/etc/ssh/ssh_host_rsa_key.pub --list-keys --hash=md5
1 key
pub 1024/RSA (Encrypt or Sign) fcdd1c608bef4c4b 2008-08-11
Key fingerprint: e935 902d ebf1 76ba fcdd 1c60 8bef 4c4b
uid osx-vm1.crowthorne.alistaircrooks.co.uk (/etc/ssh/ssh_host_rsa_key.pub) <root@osx-vm1.crowthorne.alistaircrooks.co.uk>

% ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key.pub
1024 e9:35:90:2d:eb:f1:76:ba:fc:dd:1c:60:8b:ef:4c:4b /etc/ssh/ssh_host_rsa_key.pub (RSA)
%

Simplify and shorten the internals of packet processing by getting rid of
the intermediate pseudo-abstraction layer, which detracted from understanding
and had no benefit whatsoever. Rename some enums and some definitions.

more uses of hexdump() rather than open-coded equivalents

not much point in defining a function to dump in hexadecimal if we don't
use it.

Don't warn about erroneous errors in skey_checksum_finaliser().

Allocate space for the checkhash before attempting to use it - a
long-standing bug from openpgpsdk. Part of the fix for PR 42435 from
Jukka Ruohonen.

Update netpgp to version 1.99.20/20100304 - portability improvements, and bug fixes:

Changes to 1.99.20/20100304

+ move args to some functions around to be consistent
+ use uint*_t where appropriate
+ fix bug in verify memory
+ add documentation to manual pages to show how to do combined
signing/encryption and decryption/verification
+ make verification of ascii-armoured memory work the same as binary
+ eliminate use of strdup(3), strcasecmp(3), and strptime(3). NetBSD/pkgsrc
PR 42922 applies - need to define _XOPEN_SOURCE and _BSD_SOURCE for
newer linux platforms with glibc 2.10.1. solved a bit differently, by
implementing strdup(3) and strcasecmp(3) independently, and using regexps
to avoid calling strptime(3).

Remove vestiges of debugging

When writing an ascii-armoured message, push the linebreak writer onto
the write function stack for the body of the message as well as the
headers.

This means that an ascii-armoured signed file created by netpgp conforms
to RFC 4880 (and 2440, thanks, moof[1]), and can be verified by gpg now, as
well as netpgp.

[1] Are there any other RFCs which are superceded by their double?

Unbreak the creation of ascii-armoured signatures.

Add automatic detection of ascii-armoured signatures.

Add tests for same - with small and large source files.

More checking of allocation return values where not already done.

Revamp hash initialisation to return a success/failure error code.

Document places where we prefer to continue with a NULL buffer,
rather than silently continue with possibly erroneous results.

Clean up some Flexelint (issues pointed out by phk - many thanks!).

Also make sure the return value for each memory allocation is checked - this
is still a WIP.

Don't complain if $HOME/.gnupg does not exist (and using --homedir).

Don't require a userid to be set in the gpg.conf file - it can be set
on the command line when it's needed (for signing and encryption, the
other operations in netpgp(1) will take the userid from the
signed/encrypted file).

Add tests for the lack of a default userid in the config file.

CHANGES 1.99.8 -> 1.99.9

+ make more use of __ops_io_t structure
+ addition of standalone, stripped-down netpgpverify utility
+ addition of test for --list-packets on an empty file
+ bring forward some simplifications from netpgpverify
+ some name changes
+ get rid of the increment and then decrement keycount around
accumulated data ("it's to do with counting")
+ then use unsigned integers for the size and counts for the
dynamic array of keys, and use the common dynamic array macros
for keys in a keyring
+ if it's a union, let's use it as a union, not a struct
+ modified documentation to correct the --list-packets command (sorry, ver)
+ add a new directory structure for both the distribution and the
reachover Makefiles. The autotest framework has been partially overhauled
but more TLC is needed here.
+ add a --pass-fd=n option so that external programs can provide the
passphrase on a file descriptor without going through the callback,
requested by joerg

CHANGES 1.99.4 -> 1.99.5

+ Luke Mewburn completely overhauled the auto tools infrastructure
+ changed signature (hah!) of some netpgp file management prototypes to
use const char * for file names and user ids, not char * - suggested by
christos
+ change some of the openpgpsdk display functions to return integer values,
and send those values back from the netpgp functions - suggested by
christos
+ rather than passing a shedload of variables to netpgp_init(), get rid
of them, and set variables using the netpgp_[gs]etvar() interface
+ replace some magic constants with descriptive names
+ use a netpgp variable to skip userid checks if necessary
+ add ability to allow coredumps via --coredumps if (a) you have taken
leave of your sanity, and (b) you have some magical persistent
storage which doesn't spare sectors, and (c) you know how to remove
a file securely
+ bumped library version on NetBSD to 1.0 for interface changes

CHANGES 1.99.3 -> 1.99.4

+ get rid of some magic constants
+ revamped regression test script to count number of tests passed
+ made checkhash array in ops_seckey_t dynamic, rather than statically
allocated
+ made mdc array dynamic, and added a length field to mdc for future use
+ revamped usage message to match reality
+ made portable version again for the autoconfed package sources
+ add separate netpgpdigest.h file so that separate digest sizes can be
used without having to include "packet.h" in everything

CHANGES 1.0.0 -> 1.99.1

+ released and tagged version 1.0.0; development version now 1.99.1
+ get rid of some fields which are no longer needed
+ minor name changes
+ add mmapped field to ops_data_t struct to denote that the array needs an
munmap(2) and not a free(3)
+ add an __ops_mem_readfile() function, and use it for reading files.
The function does mmap(2), and then falls back to read(2) if that fails.
Retire unused __ops_fileread() which had an unusual interface
+ drop sign_detached() from netpgp.c down into signature.c as
__ops_sign_detached()

+ don't use arrays of length 1 to hold single instances of characters,
unsigned or not - just use a single character itself
+ misc cleanup
+ rename cinfo to "output" and ops_createinfo_t to "ops_output_t" to
be a bit more descriptive
+ shorten some long names
+ get rid of test for libgen.h - it's not needed anymore
+ bump to version 0.99.4, and 20090515 sources, regenerate configure and co
+ numerous name changes to be more consistent and more concise
+ add verbosity level to the variables that can be set and retrieved by
netpgp_setvar() and netpgp_getvar()
+ added --verbose option to netpgp(1)
+ add __RCSID() to all files

+ got rid of "local" header files. These aren't necessary since the openpgpsdk
code was modified to all be in the same directory
+ added netpgp_getvar() and netpgp_setvar(), and use them to get and set the
user id and hash algorithm preference
+ get rid of <stdbool.h> usage - I'm still not sure this is the way we should
be going long term, but the bool changes got integrated with the others,
and are there in cvs history if we want to resurrect them. Correct autoconf
accordingly. Bump netpgp minimus version, and autoconf-based date version.
+ updated documentation to reflect these changes

branches: 1.6.2;
Commit the weekend's changes:

+ minor name changes
+ remove duplicated code (commented out) in packet-print.c
+ original code contained abstraction violations for hash size - fix them
+ get rid of some magic constants related to length of hash arrays
+ allow a choice of hash algorithms for the signature digest (rather
than hardcoding SHA1 - it is looking as though collisions are easier
to manufacture based on recent findings)
+ move default signature RSA hash algorithm to SHA256 (from SHA1). This is
passed as a string parameter from the high-level interface. We'll
revisit this later after a good way to specify the algorithm has been
found.
+ display the size of the keys in --list-packets
+ display the keydata prior to file decryption

More cosmetic changes, no functional differences.

Change some names to something a bit less obscure.

e.g. For some unfathomable reason, I find "__ops_write_mem_from_file" a bit
counterintuitive - replace that by "__ops_fileread"

+ __ops_packet_t -> __ops_subpacket_t
+ __ops_parser_content_t -> __ops_packet_t
+ rename some other long names
51 chars is the record function name length so far
+ preliminary moves to support detached signatures
as yet, incomplete
+ add back command line option to list packets in a signed or encrypted file
+ make __ops_parse() take an argument whether to print errors, and kill the
__ops_parse_and_print_errors() function
+ get rid of some assertions in the code - this is a library - about 100 to go

WARNS=4 changes

branches: 1.1.1;
Initial revision

Import netpgp source into crypto/external - this is a heavily-modified
version of openpgpsdk, and will replace it. Differences between netpgp
and the NetBSD repository version of openpgpsdk are:

+ Wrap source code in GNU autoconf/configure
+ New high-level interface for libnetpgp(3) and netpgp(1)
+ Hide prolifery of local headers in the internal lib directory -
there is now one exported header called netpgp.h
+ Hide all ops_* functions and structs behind __ops_* names
+ Fix long-standing bug - make decryption work with files > 8192 bytes
(fix for signature verification of signed files > 8192 bytes was already
brought forward from the NetBSD repository of openpgpsdk)
+ Use mmap(2) to read files, falls back to read(2) if can't do mmap
+ Compile portable package using libtool
+ Rationalise the number of source files - merge a number of smaller ones
+ Case-insensitive matching of key ids
+ Use PRIsize throughout
+ Use calloc(3) throughout to zero memory
+ Get rid of global symbols which abused a macro
+ Use more descriptive names - remove "_arg_" components, name things for their
purpose, rather than what they are (their type)
+ No more --passphrase= argument to netpgp(1) - this is now always
done through callbacks
+ Report source code date and build date in version number, as well as the
version number itself

This will form the basis of the portable netpgp package.

Sync with HEAD.

Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html

file writer.c was added on branch jym-xensuspend on 2009-05-13 19:16:06 +0000

sync with head