#
1.10 |
|
14-May-2020 |
msaitoh |
Remove extra semicolon.
|
Revision tags: phil-wifi-20200421 phil-wifi-20200411 is-mlppp-base phil-wifi-20200406 netbsd-8-2-RELEASE netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 phil-wifi-20191119 netbsd-9-base phil-wifi-20190609 netbsd-8-1-RELEASE netbsd-8-1-RC1 pgoyette-compat-merge-20190127 pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906 netbsd-7-2-RELEASE pgoyette-compat-0728 netbsd-8-0-RELEASE phil-wifi-base pgoyette-compat-0625 netbsd-8-0-RC2 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 netbsd-8-0-RC1 pgoyette-compat-0415 pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 netbsd-7-1-2-RELEASE pgoyette-compat-base netbsd-7-1-1-RELEASE matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 pgoyette-localcount-20170320 netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 bouyer-socketcan-base pgoyette-localcount-20170107 netbsd-7-1-RC1 pgoyette-localcount-20161104 netbsd-7-0-2-RELEASE localcount-20160914 netbsd-7-nhusb-base pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 tls-maxphys-base
|
#
1.9 |
|
04-Mar-2014 |
agc |
check the correct field in the structure in dsa_verify - pointed out by joerg - thanks!
|
#
1.8 |
|
21-Feb-2014 |
agc |
Update to version 20140220
Changes from previous version:
+ portability fixes from xtraeme for his Linux distribution: + add search for ar(1) into autoconf + define __printflike if it's not already defined + fix missing asprintf (I fixed this differently)
|
#
1.7 |
|
06-Jan-2014 |
htodd |
Fix build (cast to const char *).
|
#
1.6 |
|
06-Jan-2014 |
joerg |
Move __printflike to the prototype. Add explicit cast for void * -> char * to make GCC happy.
|
#
1.5 |
|
06-Jan-2014 |
joerg |
Add __printflike.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7
|
#
1.4 |
|
22-Nov-2012 |
martin |
branches: 1.4.2; 1.4.6; Initialize "ok" (and thereby fix the vax build)
|
#
1.3 |
|
20-Nov-2012 |
agc |
fix problem on 32-bit problems - with thanks to Alan Barrett and Jonathan Kollasch
|
#
1.2 |
|
20-Nov-2012 |
agc |
Merge netpgpverify(1) and libnetpgpverify(3) from the agc-netpgp-standalone branch.
Rewrite the netpgpverify(1) functionality from RFC4880 up. This is a completely new implementation, and uses its own bignum library derived from libtommath. Apart from libz and libbz2, it just uses its own library and is self-contained - this makes it easier to embed, and to use from scripting languages.
netpgpverify(1) now verifies all the signed files i've thrown at it, and the added bonus of using no functionality from libcrypto - all of its bignum functionality comes from its own libnetpgpverify.so. netpgpverify(1) now verifies not only signatures on binary files, but also signatures on text documents. This fixes PR/46930. Please don't start me on the hoops I had to jump through to calculate the digests on text files; trust me, you will regret it.
% supersize `which netpgpverify` text data bss dec hex filename 4452 860 72 5384 1508 /usr/bin/netpgpverify 79542 1408 0 80950 13c36 /usr/lib/libz.so.1 43994 984 488 45466 b19a /usr/lib/libgcc_s.so.1 1318116 49644 69272 1437032 15ed68 /usr/lib/libc.so.12 57253 4184 0 61437 effd /usr/lib/libbz2.so.1 108726 1712 0 110438 1af66 /usr/lib/libnetpgpverify.so.4 1612083 58792 69832 1740707 0x1a8fa3 total %
% make t env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify b.gpg > output16 diff expected16 output16 rm -f output16 env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify a.gpg > output17 diff expected17 output17 rm -f output17 env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify gpgsigned-a.gpg > output18 diff expected18 output18 rm -f output18 env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify NetBSD-6.0_RC2_hashes.asc > output19 diff expected19 output19 rm -f output19 ... env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -k dsa-pubring.gpg in2.asc > output45 diff expected45 output45 rm -f output45 env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -k problem-pubring.gpg NetBSD-6.0_hashes.asc > output46 diff expected46 output46 rm -f output46 cd tests/netpgpverify && make && atf-run atf2kyua: I: Removing stale Kyuafiles from /tmp/.XXXXXX.004966aa atf2kyua: I: Converting /usr/src/crypto/external/bsd/netpgp-standalone/tests/netpgpverify/Atffile -> /tmp/.XXXXXX.004966aa/Kyuafile t_netpgpverify:netpgpverify_rsa -> passed [0.221s] t_netpgpverify:netpgpverify_dsa -> passed [0.117s]
2/2 passed (0 failed) Committed action 19 %
|
Revision tags: yamt-pagecache-base6
|
#
1.1 |
|
20-Oct-2012 |
agc |
branches: 1.1.2; file libverify.c was initially added on branch agc-netpgp-standalone.
|
#
1.9 |
|
03-Mar-2014 |
agc |
check the correct field in the structure in dsa_verify - pointed out by joerg - thanks!
|
#
1.8 |
|
20-Feb-2014 |
agc |
Update to version 20140220
Changes from previous version:
+ portability fixes from xtraeme for his Linux distribution: + add search for ar(1) into autoconf + define __printflike if it's not already defined + fix missing asprintf (I fixed this differently)
|
#
1.7 |
|
06-Jan-2014 |
htodd |
Fix build (cast to const char *).
|
#
1.6 |
|
06-Jan-2014 |
joerg |
Move __printflike to the prototype. Add explicit cast for void * -> char * to make GCC happy.
|
#
1.5 |
|
06-Jan-2014 |
joerg |
Add __printflike.
|
#
1.4 |
|
22-Nov-2012 |
martin |
branches: 1.4.2; 1.4.6; Initialize "ok" (and thereby fix the vax build)
|
#
1.3 |
|
20-Nov-2012 |
agc |
fix problem on 32-bit problems - with thanks to Alan Barrett and Jonathan Kollasch
|
#
1.2 |
|
19-Nov-2012 |
agc |
Merge netpgpverify(1) and libnetpgpverify(3) from the agc-netpgp-standalone branch.
Rewrite the netpgpverify(1) functionality from RFC4880 up. This is a completely new implementation, and uses its own bignum library derived from libtommath. Apart from libz and libbz2, it just uses its own library and is self-contained - this makes it easier to embed, and to use from scripting languages.
netpgpverify(1) now verifies all the signed files i've thrown at it, and the added bonus of using no functionality from libcrypto - all of its bignum functionality comes from its own libnetpgpverify.so. netpgpverify(1) now verifies not only signatures on binary files, but also signatures on text documents. This fixes PR/46930. Please don't start me on the hoops I had to jump through to calculate the digests on text files; trust me, you will regret it.
% supersize `which netpgpverify` text data bss dec hex filename 4452 860 72 5384 1508 /usr/bin/netpgpverify 79542 1408 0 80950 13c36 /usr/lib/libz.so.1 43994 984 488 45466 b19a /usr/lib/libgcc_s.so.1 1318116 49644 69272 1437032 15ed68 /usr/lib/libc.so.12 57253 4184 0 61437 effd /usr/lib/libbz2.so.1 108726 1712 0 110438 1af66 /usr/lib/libnetpgpverify.so.4 1612083 58792 69832 1740707 0x1a8fa3 total %
% make t env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify b.gpg > output16 diff expected16 output16 rm -f output16 env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify a.gpg > output17 diff expected17 output17 rm -f output17 env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify gpgsigned-a.gpg > output18 diff expected18 output18 rm -f output18 env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify NetBSD-6.0_RC2_hashes.asc > output19 diff expected19 output19 rm -f output19 ... env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -k dsa-pubring.gpg in2.asc > output45 diff expected45 output45 rm -f output45 env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -k problem-pubring.gpg NetBSD-6.0_hashes.asc > output46 diff expected46 output46 rm -f output46 cd tests/netpgpverify && make && atf-run atf2kyua: I: Removing stale Kyuafiles from /tmp/.XXXXXX.004966aa atf2kyua: I: Converting /usr/src/crypto/external/bsd/netpgp-standalone/tests/netpgpverify/Atffile -> /tmp/.XXXXXX.004966aa/Kyuafile t_netpgpverify:netpgpverify_rsa -> passed [0.221s] t_netpgpverify:netpgpverify_dsa -> passed [0.117s]
2/2 passed (0 failed) Committed action 19 %
|
#
1.1 |
|
19-Oct-2012 |
agc |
branches: 1.1.2; file libverify.c was initially added on branch agc-netpgp-standalone.
|
#
1.1.2.12 |
|
01-Nov-2012 |
agc |
more changes to netpgpverify on agc-netpgp-standalone branch:
+ remove the copy of digest.h from libbn sources, use the one in libdigest, and fix up lib/verify/Makefile to accommodate
+ get rid of header files we don't need, and pick up header files from the correct directory
+ remove the hexdump utility routine from the libbn misc support routines, it's not needed
+ add a comment describing the pubring primary key parser structure
|
#
1.1.2.11 |
|
31-Oct-2012 |
agc |
display revoked userids, and particularly, compromised and revoked userids
|
#
1.1.2.10 |
|
29-Oct-2012 |
agc |
changes to libnetpgpverify:
+ isolate the RSA verification code (the DSA verification code was isolated previously), and include it in our sources, rather than including the source for librsa, (and thus bringing in all the code for signing and encryption/decryption) - no crypto is involved in signature verification, just the digest calculation, and the BIGNUM expmod.
+ check some more arguments
+ order the user ids as expected in public keys (i.e. if there's a primary user id signature sub-packet, honor it), and fix up the regression test results accordingly.
|
#
1.1.2.9 |
|
26-Oct-2012 |
agc |
minor changes to libnetpgpverify(3)
+ allow more signature types in subkey signatures when parsing signatures in the pubring trust entries, which allows more existing, valid pubring.gpg files (constructed by gpg) to be recognised. with thanks to jakallsch for the data.
+ provide a nonnull_getenv() function and use it in the one place getenv(3) was previously used, following a nudge from dsl.
|
#
1.1.2.8 |
|
24-Oct-2012 |
agc |
change the signature (ha!) of the pgpv_read_pubring() function to allow a key to be specified as a string in memory, as well as in a file. as always, the pubring must precede the signature.
|
#
1.1.2.7 |
|
23-Oct-2012 |
agc |
various improvements in netpgpverify:
+ store the revocation code in the signature
+ attempt to be bug compatible with gpg - if a signature on a text document does not match the first time, try again, this time trimming trailing white space (' ' and '\t' characters) from the text document. this makes the verification work the same as gpg. this behavior is not activated for binary documents. i have absolutely no idea why this is done in the first place; christoph badura thinks it may be to do with original pgp compatibility. this and the stripping of the trailing \r\n on text document digest calculation make no sense to me.
+ only compare the leading Q bits (i.e. the length of the DSA Q value) when verifying a DSA signature, per RFC 4880. helps with sha256 digests and smaller keys.
+ calculate the displayed size of DSA keys a bit differently, no functional difference.
|
#
1.1.2.6 |
|
23-Oct-2012 |
agc |
Fix a tyop in the getopt string so that it specifies that -k takes an argument - makes the specification of public keyrings work again.
Make pgpv_verify return a cookie if the signature matches, rather than just a plain pseudo-boolean value. The cookie can be used subsequently to retrieve the verified data
Use the cookie as input to pgp_get_verified()
Add tests for DSA key verification
|
#
1.1.2.5 |
|
22-Oct-2012 |
agc |
fix DSA signature verification so it DTRT
|
#
1.1.2.4 |
|
20-Oct-2012 |
agc |
Get rid of a debugging inclusion which is no longer needed.
|
#
1.1.2.3 |
|
20-Oct-2012 |
agc |
add preliminary support for DSA signatures to libnetpgpverify(3) and netpgpverify(1)
|
#
1.1.2.2 |
|
19-Oct-2012 |
agc |
implement a new pgpv_get_verified() exported function, which returns the data and its size to the caller.
implement pgpv_verify_print() in terms of pgpv_get_verified()
|
#
1.1.2.1 |
|
19-Oct-2012 |
agc |
Replace the netpgpverify command and libnetpgpverify in the agc-netpgp-standalone branch with a completely rewritten "from the RFC up" version designed to be small, standalone, and easy to maintain.
% ldd bin/netpgpverify/netpgpverify bin/netpgpverify/netpgpverify: -lz.1 => /usr/lib/libz.so.1 -lgcc_s.1 => /usr/lib/libgcc_s.so.1 -lc.12 => /usr/lib/libc.so.12 -lbz2.1 => /usr/lib/libbz2.so.1 -lnetpgpverify.4 => /usr/lib/libnetpgpverify.so.4 % ldd lib/verify/libnetpgpverify.so lib/verify/libnetpgpverify.so: -lc.12 => /usr/lib/libc.so.12 % ls -al lib/verify/libnetpgpverify* bin/netpgpverify/netpgpverify -rwxr-xr-x 1 agc agc 10502 Oct 18 20:59 bin/netpgpverify/netpgpverify -rw-r--r-- 1 agc agc 159720 Oct 18 20:59 lib/verify/libnetpgpverify.a -rw-r--r-- 1 agc agc 4822 Oct 18 20:59 lib/verify/libnetpgpverify.html3 lrwxr-xr-x 1 agc agc 22 Oct 18 20:59 lib/verify/libnetpgpverify.so -> libnetpgpverify.so.4.0 lrwxr-xr-x 1 agc agc 22 Oct 18 20:59 lib/verify/libnetpgpverify.so.4 -> libnetpgpverify.so.4.0 -rwxr-xr-x 1 agc agc 123069 Oct 18 20:59 lib/verify/libnetpgpverify.so.4.0 -rw-r--r-- 1 agc agc 169696 Oct 18 20:59 lib/verify/libnetpgpverify_p.a -rw-r--r-- 1 agc agc 149968 Oct 18 20:59 lib/verify/libnetpgpverify_pic.a %
("Small" here includes the full BIGNUM/mpi functionality required to verify signatures).
Instead of using extensive callbacks for input data, which have proved to be fragile and difficult to maintain, as well as precluding uses elsewhere, this uses straight mmaping of input files where possible, and falls back to reading if unavailable.
RFC 4880 makes provision for two types of data to be signed, binary data and text, and text is subject to modification of data before the signature is made, and is usually opaque. The new netpgpverify(1) can handle this, our old version could not. DSA signatures are not yet supported -- watch this space -- but full RSA ones, including those of text documents like the signed NetBSD release hashes (see PR bin/46930) are recognised and are included in the regression tests.
% env LD_LIBRARY_PATH=../../lib/verify ./netpgpverify < NetBSD-6.0_hashes.asc Good signature for [stdin] made Mon Oct 15 09:28:54 2012 signature 4096/RSA (Encrypt or Sign) 064973ac4c4a706e 2009-06-23 fingerprint: ddee 2bdb 9c98 a0d1 d4fb dbf7 0649 73ac 4c4a 706e uid NetBSD Security Officer <security-officer@NetBSD.org> encryption 4096/RSA (Encrypt or Sign) 9ff2c24fdf2ce620 2009-06-23 [Expiry 2019-06-21] fingerprint: 1915 0801 fbd8 f45d 89f2 0205 9ff2 c24f df2c e620
%
Redirection from stdin is also supported, as are multiple files, and detached signatures. Another interesting use is to verify the signatures, and to retrieve the data only if a signature matches - this was the old "--cat" command to netpgpverify(1), and it has been brought forward into the newer version.
% env LD_LIBRARY_PATH=../../lib/verify ./netpgpverify -c cat det.sig | diff det - %
This is implemented as a library and a small program to call so that it is easier to embed verification of signatures in scripting languages, or other source code.
|
#
1.4.6.3 |
|
19-Aug-2014 |
tls |
Rebase to HEAD as of a few days ago.
|
#
1.4.6.2 |
|
24-Feb-2013 |
tls |
resync with head
|
#
1.4.6.1 |
|
22-Nov-2012 |
tls |
file libverify.c was added on branch tls-maxphys on 2013-02-25 00:24:06 +0000
|
#
1.4.2.3 |
|
22-May-2014 |
yamt |
sync with head.
for a reference, the tree before this commit was tagged as yamt-pagecache-tag8.
this commit was splitted into small chunks to avoid a limitation of cvs. ("Protocol error: too many arguments")
|
#
1.4.2.2 |
|
15-Jan-2013 |
yamt |
sync with (a bit old) head
|
#
1.4.2.1 |
|
22-Nov-2012 |
yamt |
file libverify.c was added on branch yamt-pagecache on 2013-01-16 05:25:58 +0000
|