branches: 1.2.2; 1.2.6;
Merge netpgpverify(1) and libnetpgpverify(3) from the
agc-netpgp-standalone branch.

Rewrite the netpgpverify(1) functionality from RFC4880 up. This is a
completely new implementation, and uses its own bignum library derived
from libtommath. Apart from libz and libbz2, it just uses its own
library and is self-contained - this makes it easier to embed, and to
use from scripting languages.

netpgpverify(1) now verifies all the signed files i've thrown at it,
and the added bonus of using no functionality from libcrypto - all of
its bignum functionality comes from its own libnetpgpverify.so.
netpgpverify(1) now verifies not only signatures on binary files, but
also signatures on text documents. This fixes PR/46930. Please don't
start me on the hoops I had to jump through to calculate the digests
on text files; trust me, you will regret it.

% supersize `which netpgpverify`
text data bss dec hex filename
4452 860 72 5384 1508 /usr/bin/netpgpverify
79542 1408 0 80950 13c36 /usr/lib/libz.so.1
43994 984 488 45466 b19a /usr/lib/libgcc_s.so.1
1318116 49644 69272 1437032 15ed68 /usr/lib/libc.so.12
57253 4184 0 61437 effd /usr/lib/libbz2.so.1
108726 1712 0 110438 1af66 /usr/lib/libnetpgpverify.so.4
1612083 58792 69832 1740707 0x1a8fa3 total
%

% make t
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify b.gpg > output16
diff expected16 output16
rm -f output16
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify a.gpg > output17
diff expected17 output17
rm -f output17
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify gpgsigned-a.gpg > output18
diff expected18 output18
rm -f output18
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify NetBSD-6.0_RC2_hashes.asc > output19
diff expected19 output19
rm -f output19
...
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -k dsa-pubring.gpg in2.asc > output45
diff expected45 output45
rm -f output45
env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -k problem-pubring.gpg NetBSD-6.0_hashes.asc > output46
diff expected46 output46
rm -f output46
cd tests/netpgpverify && make && atf-run
atf2kyua: I: Removing stale Kyuafiles from /tmp/.XXXXXX.004966aa
atf2kyua: I: Converting /usr/src/crypto/external/bsd/netpgp-standalone/tests/netpgpverify/Atffile -> /tmp/.XXXXXX.004966aa/Kyuafile
t_netpgpverify:netpgpverify_rsa -> passed [0.221s]
t_netpgpverify:netpgpverify_dsa -> passed [0.117s]

2/2 passed (0 failed)
Committed action 19
%

branches: 1.1.2;
file rand.h was initially added on branch agc-netpgp-standalone.

Add an API-alike equivalent library for openssl BIGNUM functionality.
This is accomplished using the libtommath MPI implementation
internally, without exporting any functions. All of the BIGNUM
functionality to provide working netpgp signatures, verification,
encryption and encryption is provided.

Functions and macros included:

BN_is_negative(x)
BN_is_zero(a)
BN_is_odd(a)
BN_is_even(a)

BIGNUM *BN_new(void);
BIGNUM *BN_dup(const BIGNUM */*a*/);
int BN_copy(BIGNUM */*b*/, const BIGNUM */*a*/);

void BN_init(BIGNUM */*a*/);
void BN_free(BIGNUM */*a*/);
void BN_clear(BIGNUM */*a*/);
void BN_clear_free(BIGNUM */*a*/);

int BN_cmp(BIGNUM */*a*/, BIGNUM */*b*/);

BIGNUM *BN_bin2bn(const uint8_t */*buf*/, int /*size*/, BIGNUM */*bn*/);
int BN_bn2bin(const BIGNUM */*a*/, unsigned char */*b*/);
char *BN_bn2hex(const BIGNUM */*a*/);
char *BN_bn2dec(const BIGNUM */*a*/);
int BN_hex2bn(BIGNUM **/*a*/, const char */*str*/);
int BN_dec2bn(BIGNUM **/*a*/, const char */*str*/);
int BN_print_fp(FILE */*fp*/, const BIGNUM */*a*/);

int BN_add(BIGNUM */*r*/, const BIGNUM */*a*/, const BIGNUM */*b*/);
int BN_sub(BIGNUM */*r*/, const BIGNUM */*a*/, const BIGNUM */*b*/);
int BN_mul(BIGNUM */*r*/, const BIGNUM */*a*/, const BIGNUM */*b*/, BN_CTX */*ctx*/);
int BN_div(BIGNUM */*q*/, BIGNUM */*r*/, const BIGNUM */*a*/, const BIGNUM */*b*/, BN_CTX */*ctx*/);
void BN_swap(BIGNUM */*a*/, BIGNUM */*b*/);
int BN_lshift(BIGNUM */*r*/, const BIGNUM */*a*/, int /*n*/);
int BN_lshift1(BIGNUM */*r*/, BIGNUM */*a*/);
int BN_rshift(BIGNUM */*r*/, const BIGNUM */*a*/, int /*n*/);
int BN_rshift1(BIGNUM */*r*/, BIGNUM */*a*/);
int BN_set_word(BIGNUM */*a*/, BN_ULONG /*w*/);
void BN_set_negative(BIGNUM */*a*/, int /*n*/);

int BN_num_bytes(const BIGNUM */*a*/);
int BN_num_bits(const BIGNUM */*a*/);

int BN_mod_exp(BIGNUM */*r*/, BIGNUM */*a*/, BIGNUM */*p*/, BIGNUM */*m*/, BN_CTX */*ctx*/);
BIGNUM *BN_mod_inverse(BIGNUM */*ret*/, BIGNUM */*a*/, const BIGNUM */*n*/, BN_CTX */*ctx*/);
int BN_mod_mul(BIGNUM */*ret*/, BIGNUM */*a*/, BIGNUM */*b*/, const BIGNUM */*m*/, BN_CTX */*ctx*/);
int BN_mod_sub(BIGNUM */*r*/, BIGNUM */*a*/, BIGNUM */*b*/, const BIGNUM */*m*/, BN_CTX */*ctx*/);

BN_CTX *BN_CTX_new(void);
BIGNUM *BN_CTX_get(BN_CTX */*ctx*/);
void BN_CTX_start(BN_CTX */*ctx*/);
void BN_CTX_end(BN_CTX */*ctx*/);
void BN_CTX_init(BN_CTX */*c*/);
void BN_CTX_free(BN_CTX */*c*/);

int BN_rand(BIGNUM */*rnd*/, int /*bits*/, int /*top*/, int /*bottom*/);
int BN_rand_range(BIGNUM */*rnd*/, BIGNUM */*range*/);

int BN_is_prime(const BIGNUM */*a*/, int /*checks*/, void (*callback)(int, int, void *), BN_CTX */*ctx*/, void */*cb_arg*/);

const BIGNUM *BN_value_one(void);
int BN_is_bit_set(const BIGNUM */*a*/, int /*n*/);

resync with head

file rand.h was added on branch tls-maxphys on 2013-02-25 00:24:04 +0000

sync with (a bit old) head

file rand.h was added on branch yamt-pagecache on 2013-01-16 05:25:56 +0000