pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/security/netpgpverify
Module Name: pkgsrc
Committed By: agc
Date: Tue Feb 4 02:11:18 UTC 2014
Modified Files:
pkgsrc/security/netpgpverify: Makefile
pkgsrc/security/netpgpverify/files: Makefile.bsd Makefile.in bignum.c
libverify.c main.c netpgpverify.1 pubring.gpg verify.h
Added Files:
pkgsrc/security/netpgpverify/files: bufgap.c bufgap.h chk.sh data
data.gpg data.sig defs.h sshtest-20140202 sshtest-20140202.pub
Log Message:
Update security/netpgpverify to version 20140202
Changes from previous version:
Add the ability for netpgpverify to verify ssh-pub-key-based signatures.
It is much more likely for ssh (rather than pgp) keys to be available,
and used, as a source of authentication data. These changes add the
ability for netpgpverify(1) -- the standalone, zero-prereq utility -
to verify signatures made by netpgp when using ssh keys.
Running the regression tests in WRKDIR gives the following output:
% mk -f *.bsd tst
./netpgpverify -k pubring.gpg NetBSD-6.0_RC1_hashes.asc
Good signature for NetBSD-6.0_RC1_hashes.asc made Thu Aug 23 11:47:50
2012
signature 4096/RSA (Encrypt or Sign) 064973ac4c4a706e 2009-06-23
fingerprint ddee 2bdb 9c98 a0d1 d4fb dbf7 0649 73ac 4c4a 706e
uid NetBSD Security Officer
<security-officer%NetBSD.org@localhost>
./netpgpverify -k pubring.gpg NetBSD-6.0_RC1_hashes.gpg
Good signature for NetBSD-6.0_RC1_hashes.gpg made Thu Mar 14 13:32:59
2013
signature 4096/RSA (Encrypt or Sign) 064973ac4c4a706e 2009-06-23
fingerprint ddee 2bdb 9c98 a0d1 d4fb dbf7 0649 73ac 4c4a 706e
uid NetBSD Security Officer
<security-officer%NetBSD.org@localhost>
./netpgpverify -v
netpgpverify portable 20140202
./netpgpverify -S sshtest-20140202.pub data.gpg
Good signature for data.gpg made Mon Feb 3 17:54:21 2014
signature 4096/RSA (Encrypt or Sign) 4d129225945bbb8f 1970-01-01
fingerprint 874b 75de d6a3 341f 2d5a 2219 4d12 9225 945b bb8f
uid netbsd-001.cupertino.alistaircrooks.com
(sshtest-20140202.pub) <agc%netbsd-001.cupertino.alistaircrooks.com@localhost>
./netpgpverify -S sshtest-20140202.pub data.sig
Good signature for data.sig made Sun Feb 2 21:45:05 2014
signature 4096/RSA (Encrypt or Sign) 4d129225945bbb8f 1970-01-01
fingerprint 874b 75de d6a3 341f 2d5a 2219 4d12 9225 945b bb8f
uid netbsd-001.cupertino.alistaircrooks.com
(sshtest-20140202.pub) <agc%netbsd-001.cupertino.alistaircrooks.com@localhost>
expected failure, to check bad signatures fail to verify
sed -e 's|A|B|' data.gpg | ./netpgpverify -S sshtest-20140202.pub
Signature did not match contents -- Signature on data did not match
*** Error code 1 (ignored)
%
A new HOWTO file is provided in the sources (files/HOWTO) to show how
to sign data using ssh keys and netpgp(1).
To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 pkgsrc/security/netpgpverify/Makefile
cvs rdiff -u -r1.1 -r1.2 pkgsrc/security/netpgpverify/files/Makefile.bsd \
pkgsrc/security/netpgpverify/files/Makefile.in \
pkgsrc/security/netpgpverify/files/libverify.c \
pkgsrc/security/netpgpverify/files/pubring.gpg
cvs rdiff -u -r1.2 -r1.3 pkgsrc/security/netpgpverify/files/bignum.c \
pkgsrc/security/netpgpverify/files/main.c \
pkgsrc/security/netpgpverify/files/netpgpverify.1
cvs rdiff -u -r0 -r1.1 pkgsrc/security/netpgpverify/files/bufgap.c \
pkgsrc/security/netpgpverify/files/bufgap.h \
pkgsrc/security/netpgpverify/files/chk.sh \
pkgsrc/security/netpgpverify/files/data \
pkgsrc/security/netpgpverify/files/data.gpg \
pkgsrc/security/netpgpverify/files/data.sig \
pkgsrc/security/netpgpverify/files/defs.h \
pkgsrc/security/netpgpverify/files/sshtest-20140202 \
pkgsrc/security/netpgpverify/files/sshtest-20140202.pub
cvs rdiff -u -r1.3 -r1.4 pkgsrc/security/netpgpverify/files/verify.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Home |
Main Index |
Thread Index |
Old Index