tech-pkg archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Handling GPG signatures for pkgsrc with netpgp
Hi tech-pkg@,
I would like to mention that I have made good progress in the context of
handling GPG signatures for pkgsrc with netpgp instead of GnuPG, and I
am now able to use netpgp to both generate and verify signed binary
packages from pkgsrc! Some bugs are still lurking, but this is a start.
It currently requires applying the packages attached, and setting the
gpg2netpgp wrapper attached in /etc/pkg_install.conf, e.g.:
GPG=/usr/local/bin/gpg2netpgp
There is a security issue with this setup - without being a regression
though. Long story short, it is possible to fool netpgp into reporting
what looks like a detached signature as being successfully verified,
whereas it will look at content within the signature instead of the file
to verify. I have no patch to fix this yet.
I sent these patches to agc@ and security-officer@ for review back on
October 10th when I had more time to work on this, but I need to carry
on so I am posting it here. As usual clones of my work repositories can
be found there:
https://git.edgebsd.org/gitweb/?p=pkgsrc.git;a=summary
Being cryptography software and not my own code in the first place, I
will appreciate a green light before committing any of these. This is
quite exciting though, as save for a few issues remaining, it is no
longer necessary to bootstrap GnuPG to import keys or support signed
packages :)
Cheers,
-- khorben
On 05/10/2016 01:57, Pierre Pronchery wrote:
I thought you might want to know, I have managed to create GPG-signed
binary packages with pkgsrc, using netpgp alone (and without any
additional patch) thanks to the wrapper attached. It only requires
setting GPG=gpg2netpgp in pkg_install.conf.
By the way, I am writing to you directly assuming you are the official
maintainer for netpgp; please let me know if there is a different
upstream nowadays.
Cheers!
-- khorben
On 08/09/2016 17:57, Pierre Pronchery wrote:
On 09/ 8/16 09:24 AM, Alistair Crooks wrote:
Thanks for your mail and patch.
I'll have a look at this one tomorrow, it's a bit late tonight.
I have found another crash, if netpgpkeys fails to import a key while
the keyring is still empty:
$ netpgpkeys --homedir /tmp/nonexistent --import-key /dev/null
netpgp: warning homedir "/tmp/nonexistent" not found
/tmp/nonexistent/pubring.gpg: No such file or directory
Can't read pubring /tmp/nonexistent/pubring.gpg
Can't read pub keyring
Segmentation fault
The patch attached fixes this issue.
HTH,
-- khorben
On 7 September 2016 at 08:48, Pierre Pronchery <khorben%defora.org@localhost
<mailto:khorben%defora.org@localhost>> wrote:
Hi Alistair,
I hope you are doing good. I have encountered this bug in NetPGP:
$ netpgpkeys --import-key
Segmentation fault
In this case, I would expect netpgpkeys to either bail, or read keys
from the standard input. I have written a patch for the latter,
which I am attaching here.
Let me know what you think.
Cheers,
--
khorben
From c4527d02d0ec4124607e3d883c6ef1aa366e8153 Mon Sep 17 00:00:00 2001
From: Pierre Pronchery <khorben%EdgeBSD.org@localhost>
Date: Thu, 8 Sep 2016 18:04:40 +0200
Subject: [PATCH 01/11] Do not crash when listing keys without a keyring
---
crypto/external/bsd/netpgp/dist/src/lib/keyring.c | 22 ++++++++++++----------
1 file changed, 12 insertions(+), 10 deletions(-)
diff --git a/crypto/external/bsd/netpgp/dist/src/lib/keyring.c b/crypto/external/bsd/netpgp/dist/src/lib/keyring.c
index 712ee90..5c1a1ad 100644
--- a/crypto/external/bsd/netpgp/dist/src/lib/keyring.c
+++ b/crypto/external/bsd/netpgp/dist/src/lib/keyring.c
@@ -994,17 +994,19 @@ pgp_keyring_list(pgp_io_t *io, const pgp_keyring_t *keyring, const int psigs)
pgp_key_t *key;
unsigned n;
- (void) fprintf(io->res, "%u key%s\n", keyring->keyc,
- (keyring->keyc == 1) ? "" : "s");
- for (n = 0, key = keyring->keys; n < keyring->keyc; ++n, ++key) {
- if (pgp_is_key_secret(key)) {
- pgp_print_keydata(io, keyring, key, "sec",
- &key->key.seckey.pubkey, 0);
- } else {
- pgp_print_keydata(io, keyring, key, "signature ", &key->key.pubkey, psigs);
+ (void) fprintf(io->res, "%u key%s\n",
+ (keyring != NULL) ? keyring->keyc : 0,
+ (keyring == NULL || keyring->keyc <= 1) ? "" : "s");
+ if (keyring != NULL)
+ for (n = 0, key = keyring->keys; n < keyring->keyc; ++n, ++key) {
+ if (pgp_is_key_secret(key)) {
+ pgp_print_keydata(io, keyring, key, "sec",
+ &key->key.seckey.pubkey, 0);
+ } else {
+ pgp_print_keydata(io, keyring, key, "signature ", &key->key.pubkey, psigs);
+ }
+ (void) fputc('\n', io->res);
}
- (void) fputc('\n', io->res);
- }
return 1;
}
--
2.7.3
From 6ddae18fce892dc2d247aaf2e43f2dab94ed3812 Mon Sep 17 00:00:00 2001
From: Pierre Pronchery <khorben%EdgeBSD.org@localhost>
Date: Fri, 7 Oct 2016 00:43:57 +0200
Subject: [PATCH 02/11] Do not truncate pass-phrases without a newline
character
This also fixes a crash when the pass-phrase entered is empty.
---
crypto/external/bsd/netpgp/dist/src/lib/reader.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/crypto/external/bsd/netpgp/dist/src/lib/reader.c b/crypto/external/bsd/netpgp/dist/src/lib/reader.c
index be00b09..dc1e379 100644
--- a/crypto/external/bsd/netpgp/dist/src/lib/reader.c
+++ b/crypto/external/bsd/netpgp/dist/src/lib/reader.c
@@ -160,6 +160,7 @@ int
pgp_getpassphrase(void *in, char *phrase, size_t size)
{
char *p;
+ size_t len;
if (in == NULL) {
while ((p = getpass("netpgp passphrase: ")) == NULL) {
@@ -169,7 +170,9 @@ pgp_getpassphrase(void *in, char *phrase, size_t size)
if (fgets(phrase, (int)size, in) == NULL) {
return 0;
}
- phrase[strlen(phrase) - 1] = 0x0;
+ len = strlen(phrase);
+ if (len >= 1 && phrase[len - 1] == '\n')
+ phrase[len - 1] = '\0';
}
return 1;
}
--
2.7.3
From 9906d436a698e2ade079080425a5b9f6c0a86e94 Mon Sep 17 00:00:00 2001
From: Pierre Pronchery <khorben%EdgeBSD.org@localhost>
Date: Fri, 7 Oct 2016 00:52:10 +0200
Subject: [PATCH 03/11] Avoid some type casts
---
crypto/external/bsd/netpgp/dist/src/lib/keyring.c | 4 ++--
crypto/external/bsd/netpgp/dist/src/lib/keyring.h | 2 +-
crypto/external/bsd/netpgp/dist/src/lib/netpgp.c | 4 ++--
3 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/crypto/external/bsd/netpgp/dist/src/lib/keyring.c b/crypto/external/bsd/netpgp/dist/src/lib/keyring.c
index 5c1a1ad..a7a03e6 100644
--- a/crypto/external/bsd/netpgp/dist/src/lib/keyring.c
+++ b/crypto/external/bsd/netpgp/dist/src/lib/keyring.c
@@ -214,7 +214,7 @@ pgp_get_writable_seckey(pgp_key_t *data)
/* utility function to zero out memory */
void
-pgp_forget(void *vp, unsigned size)
+pgp_forget(void *vp, size_t size)
{
(void) memset(vp, 0x0, size);
}
@@ -246,7 +246,7 @@ decrypt_cb(const pgp_packet_t *pkt, pgp_cbdata_t *cbinfo)
case PGP_GET_PASSPHRASE:
(void) pgp_getpassphrase(decrypt->passfp, pass, sizeof(pass));
*content->skey_passphrase.passphrase = netpgp_strdup(pass);
- pgp_forget(pass, (unsigned)sizeof(pass));
+ pgp_forget(pass, sizeof(pass));
return PGP_KEEP_MEMORY;
case PGP_PARSER_ERRCODE:
diff --git a/crypto/external/bsd/netpgp/dist/src/lib/keyring.h b/crypto/external/bsd/netpgp/dist/src/lib/keyring.h
index 920ad0f6..e595e63 100644
--- a/crypto/external/bsd/netpgp/dist/src/lib/keyring.h
+++ b/crypto/external/bsd/netpgp/dist/src/lib/keyring.h
@@ -100,7 +100,7 @@ int pgp_keyring_list(pgp_io_t *, const pgp_keyring_t *, const int);
int pgp_keyring_json(pgp_io_t *, const pgp_keyring_t *, mj_t *, const int);
void pgp_set_seckey(pgp_contents_t *, const pgp_key_t *);
-void pgp_forget(void *, unsigned);
+void pgp_forget(void *, size_t);
const uint8_t *pgp_get_key_id(const pgp_key_t *);
unsigned pgp_get_userid_count(const pgp_key_t *);
diff --git a/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c b/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c
index 14b1a2c..6d499f7 100644
--- a/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c
+++ b/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c
@@ -1458,7 +1458,7 @@ netpgp_sign_file(netpgp_t *netpgp,
(unsigned)armored, (unsigned)cleartext,
overwrite);
}
- pgp_forget(seckey, (unsigned)sizeof(*seckey));
+ pgp_forget(seckey, sizeof(*seckey));
return ret;
}
@@ -1582,7 +1582,7 @@ netpgp_sign_memory(netpgp_t *netpgp,
} else {
ret = 0;
}
- pgp_forget(seckey, (unsigned)sizeof(*seckey));
+ pgp_forget(seckey, sizeof(*seckey));
return ret;
}
--
2.7.3
From fe37ecc94c08abfa738e1965099fd56b1946f230 Mon Sep 17 00:00:00 2001
From: Pierre Pronchery <khorben%EdgeBSD.org@localhost>
Date: Fri, 7 Oct 2016 00:52:38 +0200
Subject: [PATCH 04/11] Do not use random data for pass-phrases on EOF
---
crypto/external/bsd/netpgp/dist/src/lib/keyring.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/crypto/external/bsd/netpgp/dist/src/lib/keyring.c b/crypto/external/bsd/netpgp/dist/src/lib/keyring.c
index a7a03e6..024bfd41 100644
--- a/crypto/external/bsd/netpgp/dist/src/lib/keyring.c
+++ b/crypto/external/bsd/netpgp/dist/src/lib/keyring.c
@@ -244,7 +244,8 @@ decrypt_cb(const pgp_packet_t *pkt, pgp_cbdata_t *cbinfo)
break;
case PGP_GET_PASSPHRASE:
- (void) pgp_getpassphrase(decrypt->passfp, pass, sizeof(pass));
+ if (pgp_getpassphrase(decrypt->passfp, pass, sizeof(pass)) == 0)
+ pass[0] = '\0';
*content->skey_passphrase.passphrase = netpgp_strdup(pass);
pgp_forget(pass, sizeof(pass));
return PGP_KEEP_MEMORY;
--
2.7.3
From 713e2c2f5963b43055f14d657b85a5843a3924ec Mon Sep 17 00:00:00 2001
From: Pierre Pronchery <khorben%EdgeBSD.org@localhost>
Date: Fri, 7 Oct 2016 01:35:04 +0200
Subject: [PATCH 05/11] Expect a FILE * for pgp_decrypt_seckey()
---
crypto/external/bsd/netpgp/dist/src/lib/keyring.c | 2 +-
crypto/external/bsd/netpgp/dist/src/lib/keyring.h | 3 ++-
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/crypto/external/bsd/netpgp/dist/src/lib/keyring.c b/crypto/external/bsd/netpgp/dist/src/lib/keyring.c
index 024bfd41..28bfeb7 100644
--- a/crypto/external/bsd/netpgp/dist/src/lib/keyring.c
+++ b/crypto/external/bsd/netpgp/dist/src/lib/keyring.c
@@ -301,7 +301,7 @@ decrypt_cb(const pgp_packet_t *pkt, pgp_cbdata_t *cbinfo)
\return secret key
*/
pgp_seckey_t *
-pgp_decrypt_seckey(const pgp_key_t *key, void *passfp)
+pgp_decrypt_seckey(const pgp_key_t *key, FILE *passfp)
{
pgp_stream_t *stream;
const int printerrors = 1;
diff --git a/crypto/external/bsd/netpgp/dist/src/lib/keyring.h b/crypto/external/bsd/netpgp/dist/src/lib/keyring.h
index e595e63..60e675b 100644
--- a/crypto/external/bsd/netpgp/dist/src/lib/keyring.h
+++ b/crypto/external/bsd/netpgp/dist/src/lib/keyring.h
@@ -53,6 +53,7 @@
#ifndef KEYRING_H_
#define KEYRING_H_
+#include <stdio.h>
#include "packet.h"
#include "packet-parse.h"
#include "mj.h"
@@ -91,7 +92,7 @@ const pgp_pubkey_t *pgp_get_pubkey(const pgp_key_t *);
unsigned pgp_is_key_secret(const pgp_key_t *);
const pgp_seckey_t *pgp_get_seckey(const pgp_key_t *);
pgp_seckey_t *pgp_get_writable_seckey(pgp_key_t *);
-pgp_seckey_t *pgp_decrypt_seckey(const pgp_key_t *, void *);
+pgp_seckey_t *pgp_decrypt_seckey(const pgp_key_t *, FILE *);
unsigned pgp_keyring_fileread(pgp_keyring_t *, const unsigned,
const char *);
--
2.7.3
From 838158b0906559ae4cdec57fcc247e1291d390b4 Mon Sep 17 00:00:00 2001
From: Pierre Pronchery <khorben%EdgeBSD.org@localhost>
Date: Fri, 7 Oct 2016 01:51:44 +0200
Subject: [PATCH 06/11] Do not ask for a passphrase when empty
---
crypto/external/bsd/netpgp/dist/src/lib/keyring.c | 25 ++++++++++++++++++++++-
1 file changed, 24 insertions(+), 1 deletion(-)
diff --git a/crypto/external/bsd/netpgp/dist/src/lib/keyring.c b/crypto/external/bsd/netpgp/dist/src/lib/keyring.c
index 28bfeb7..6c07192 100644
--- a/crypto/external/bsd/netpgp/dist/src/lib/keyring.c
+++ b/crypto/external/bsd/netpgp/dist/src/lib/keyring.c
@@ -226,7 +226,7 @@ typedef struct {
pgp_seckey_t *seckey;
} decrypt_t;
-static pgp_cb_ret_t
+static pgp_cb_ret_t
decrypt_cb(const pgp_packet_t *pkt, pgp_cbdata_t *cbinfo)
{
const pgp_contents_t *content = &pkt->u;
@@ -293,6 +293,20 @@ decrypt_cb(const pgp_packet_t *pkt, pgp_cbdata_t *cbinfo)
return PGP_RELEASE_MEMORY;
}
+static pgp_cb_ret_t
+decrypt_cb_empty(const pgp_packet_t *pkt, pgp_cbdata_t *cbinfo)
+{
+ const pgp_contents_t *content = &pkt->u;
+
+ switch (pkt->tag) {
+ case PGP_GET_PASSPHRASE:
+ *content->skey_passphrase.passphrase = netpgp_strdup("");
+ return PGP_KEEP_MEMORY;
+ default:
+ return decrypt_cb(pkt, cbinfo);
+ }
+}
+
/**
\ingroup Core_Keys
\brief Decrypts secret key from given keydata with given passphrase
@@ -307,8 +321,17 @@ pgp_decrypt_seckey(const pgp_key_t *key, FILE *passfp)
const int printerrors = 1;
decrypt_t decrypt;
+ /* XXX first try with an empty passphrase */
(void) memset(&decrypt, 0x0, sizeof(decrypt));
decrypt.key = key;
+ stream = pgp_new(sizeof(*stream));
+ pgp_keydata_reader_set(stream, key);
+ pgp_set_callback(stream, decrypt_cb_empty, &decrypt);
+ stream->readinfo.accumulate = 1;
+ pgp_parse(stream, !printerrors);
+ if (decrypt.seckey != NULL)
+ return decrypt.seckey;
+ /* ask for a passphrase */
decrypt.passfp = passfp;
stream = pgp_new(sizeof(*stream));
pgp_keydata_reader_set(stream, key);
--
2.7.3
From 602b423c5ed58863f78e249b9d9a5c6d14b38ddc Mon Sep 17 00:00:00 2001
From: Pierre Pronchery <khorben%EdgeBSD.org@localhost>
Date: Sun, 9 Oct 2016 17:53:44 +0200
Subject: [PATCH 07/11] Correct option "--armor"
---
crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.1 | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.1 b/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.1
index 6843ef9..fee099e 100644
--- a/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.1
+++ b/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.1
@@ -203,7 +203,7 @@ library.
In addition to one of the preceding commands, a number of qualifiers
or options may be given.
.Bl -tag -width Ar
-.It Fl Fl armour , Fl armor
+.It Fl Fl armour , Fl Fl armor
This option, however it is spelled, wraps the signature as an
ASCII-encoded piece of text, for ease of use.
.It Fl Fl cipher Ar ciphername
--
2.7.3
From 1b0f84eeb65cbb80f0ebcdcbb1d2aa68a9096719 Mon Sep 17 00:00:00 2001
From: Pierre Pronchery <khorben%EdgeBSD.org@localhost>
Date: Sun, 9 Oct 2016 19:39:57 +0200
Subject: [PATCH 08/11] Also document alternate option "--detach"
---
crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.1 | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.1 b/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.1
index fee099e..8ca6f0f 100644
--- a/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.1
+++ b/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.1
@@ -216,7 +216,7 @@ access to the cipher used.
The default cipher algorithm is the
.Dq CAST5
algorithm.
-.It Fl Fl detached
+.It Fl Fl detach , Fl Fl detached
When signing a file, place the resulting signature in a separate
file from the one being signed.
.It Fl Fl hash-alg Ar hash-algorithm
--
2.7.3
From b666b35dc039357e49dc5161b57edd9e47a8c83c Mon Sep 17 00:00:00 2001
From: Pierre Pronchery <khorben%EdgeBSD.org@localhost>
Date: Sun, 9 Oct 2016 22:06:53 +0200
Subject: [PATCH 09/11] Output signatures to the standard output for "-"
---
crypto/external/bsd/netpgp/dist/src/lib/signature.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/crypto/external/bsd/netpgp/dist/src/lib/signature.c b/crypto/external/bsd/netpgp/dist/src/lib/signature.c
index 4c16f7d..48d4e39 100644
--- a/crypto/external/bsd/netpgp/dist/src/lib/signature.c
+++ b/crypto/external/bsd/netpgp/dist/src/lib/signature.c
@@ -903,7 +903,10 @@ open_output_file(pgp_output_t **output,
/* setup output file */
if (outname) {
- fd = pgp_setup_file_write(output, outname, overwrite);
+ if (strcmp(outname, "-") == 0)
+ fd = pgp_setup_file_write(output, NULL, overwrite);
+ else
+ fd = pgp_setup_file_write(output, outname, overwrite);
} else {
unsigned flen = (unsigned)(strlen(inname) + 4 + 1);
char *f = NULL;
--
2.7.3
From 7348af4a2606203c0465659a7062f49759b7e08a Mon Sep 17 00:00:00 2001
From: Pierre Pronchery <khorben%EdgeBSD.org@localhost>
Date: Sun, 9 Oct 2016 22:07:39 +0200
Subject: [PATCH 10/11] No longer hard-code the suffix length
---
crypto/external/bsd/netpgp/dist/src/lib/signature.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/crypto/external/bsd/netpgp/dist/src/lib/signature.c b/crypto/external/bsd/netpgp/dist/src/lib/signature.c
index 48d4e39..0cd8d6a 100644
--- a/crypto/external/bsd/netpgp/dist/src/lib/signature.c
+++ b/crypto/external/bsd/netpgp/dist/src/lib/signature.c
@@ -908,7 +908,7 @@ open_output_file(pgp_output_t **output,
else
fd = pgp_setup_file_write(output, outname, overwrite);
} else {
- unsigned flen = (unsigned)(strlen(inname) + 4 + 1);
+ size_t flen = strlen(inname) + 1 + strlen(suffix) + 1;
char *f = NULL;
if ((f = calloc(1, flen)) == NULL) {
--
2.7.3
From ff6fc1a22e53cf935c8b75b071d3def3d87071c4 Mon Sep 17 00:00:00 2001
From: Pierre Pronchery <khorben%EdgeBSD.org@localhost>
Date: Sun, 9 Oct 2016 22:40:06 +0200
Subject: [PATCH 11/11] Support detached signatures for the standard input
---
crypto/external/bsd/netpgp/dist/include/netpgp.h | 2 +-
crypto/external/bsd/netpgp/dist/src/lib/netpgp.c | 5 +++--
crypto/external/bsd/netpgp/dist/src/lib/signature.c | 19 +++++++++++--------
crypto/external/bsd/netpgp/dist/src/lib/signature.h | 1 +
crypto/external/bsd/netpgp/dist/src/libpaa/libpaa.c | 2 +-
crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.c | 3 ++-
6 files changed, 19 insertions(+), 13 deletions(-)
diff --git a/crypto/external/bsd/netpgp/dist/include/netpgp.h b/crypto/external/bsd/netpgp/dist/include/netpgp.h
index 0378697..720d52d 100644
--- a/crypto/external/bsd/netpgp/dist/include/netpgp.h
+++ b/crypto/external/bsd/netpgp/dist/include/netpgp.h
@@ -88,7 +88,7 @@ int netpgp_sign_file(netpgp_t *, const char *, const char *, char *, int, int, i
int netpgp_verify_file(netpgp_t *, const char *, const char *, int);
/* memory signing and encryption */
-int netpgp_sign_memory(netpgp_t *, const char *, char *, size_t, char *, size_t, const unsigned, const unsigned);
+int netpgp_sign_memory(netpgp_t *, const char *, char *, size_t, char *, size_t, const unsigned, const unsigned, const unsigned);
int netpgp_verify_memory(netpgp_t *, const void *, const size_t, void *, size_t, const int);
int netpgp_encrypt_memory(netpgp_t *, const char *, void *, const size_t, char *, size_t, int);
int netpgp_decrypt_memory(netpgp_t *, const void *, const size_t, char *, size_t, const int);
diff --git a/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c b/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c
index 6d499f7..018d60b 100644
--- a/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c
+++ b/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c
@@ -1509,7 +1509,8 @@ netpgp_sign_memory(netpgp_t *netpgp,
char *out,
size_t outsize,
const unsigned armored,
- const unsigned cleartext)
+ const unsigned cleartext,
+ const unsigned detached)
{
const pgp_key_t *keypair;
const pgp_key_t *pubkey;
@@ -1571,7 +1572,7 @@ netpgp_sign_memory(netpgp_t *netpgp,
signedmem = pgp_sign_buf(io, mem, size, seckey,
get_birthtime(netpgp_getvar(netpgp, "birthtime")),
get_duration(netpgp_getvar(netpgp, "duration")),
- hashalg, armored, cleartext);
+ hashalg, armored, cleartext, detached);
if (signedmem) {
size_t m;
diff --git a/crypto/external/bsd/netpgp/dist/src/lib/signature.c b/crypto/external/bsd/netpgp/dist/src/lib/signature.c
index 0cd8d6a..307f327 100644
--- a/crypto/external/bsd/netpgp/dist/src/lib/signature.c
+++ b/crypto/external/bsd/netpgp/dist/src/lib/signature.c
@@ -1097,7 +1097,8 @@ pgp_sign_buf(pgp_io_t *io,
const uint64_t duration,
const char *hashname,
const unsigned armored,
- const unsigned cleartext)
+ const unsigned cleartext,
+ const unsigned detached)
{
pgp_litdata_enum ld_type;
pgp_create_sig_t *sig;
@@ -1171,13 +1172,15 @@ pgp_sign_buf(pgp_io_t *io,
hash = pgp_sig_get_hash(sig);
hash->add(hash, input, (unsigned)insize);
- /* output file contents as Literal Data packet */
- if (pgp_get_debug_level(__FILE__)) {
- (void) fprintf(stderr, "** Writing out data now\n");
- }
- pgp_write_litdata(output, input, (const int)insize, ld_type);
- if (pgp_get_debug_level(__FILE__)) {
- fprintf(stderr, "** After Writing out data now\n");
+ if (!detached) {
+ /* output file contents as Literal Data packet */
+ if (pgp_get_debug_level(__FILE__)) {
+ (void) fprintf(stderr, "** Writing out data now\n");
+ }
+ pgp_write_litdata(output, input, (const int)insize, ld_type);
+ if (pgp_get_debug_level(__FILE__)) {
+ fprintf(stderr, "** After Writing out data now\n");
+ }
}
/* add creation time to signature */
diff --git a/crypto/external/bsd/netpgp/dist/src/lib/signature.h b/crypto/external/bsd/netpgp/dist/src/lib/signature.h
index 9e691dd..5a27f91 100644
--- a/crypto/external/bsd/netpgp/dist/src/lib/signature.h
+++ b/crypto/external/bsd/netpgp/dist/src/lib/signature.h
@@ -161,6 +161,7 @@ pgp_memory_t *pgp_sign_buf(pgp_io_t *,
const uint64_t,
const char *,
const unsigned,
+ const unsigned,
const unsigned);
unsigned pgp_keyring_read_from_mem(pgp_io_t *,
diff --git a/crypto/external/bsd/netpgp/dist/src/libpaa/libpaa.c b/crypto/external/bsd/netpgp/dist/src/libpaa/libpaa.c
index 8ec8daab..909ec30 100644
--- a/crypto/external/bsd/netpgp/dist/src/libpaa/libpaa.c
+++ b/crypto/external/bsd/netpgp/dist/src/libpaa/libpaa.c
@@ -255,7 +255,7 @@ paa_format_response(paa_response_t *response, netpgp_t *netpgp, char *in, char *
(void) memset(sig, 0x0, sizeof(sig));
(void) snprintf(sig, sizeof(sig), "%s;%s;%s;", response->userid, response->realm, challenge);
sigc = netpgp_sign_memory(netpgp, response->userid, challenge,
- (unsigned)challengec, sig, sizeof(sig), 0, 0);
+ (unsigned)challengec, sig, sizeof(sig), 0, 0, 0);
sig64c = b64encode(sig, (const unsigned)sigc, base64_signature,
sizeof(base64_signature), (int)0);
outc += snprintf(&out[outc], outsize - outc, ",\r\n signature=\"%.*s\"", sig64c, base64_signature);
diff --git a/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.c b/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.c
index df0481c..bbc5739 100644
--- a/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.c
+++ b/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.c
@@ -296,7 +296,8 @@ netpgp_cmd(netpgp_t *netpgp, prog_t *p, char *f)
in, cc, out,
maxsize, p->armour,
(p->cmd == CLEARSIGN) ? cleartext :
- !cleartext);
+ !cleartext,
+ p->detached);
ret = show_output(out, ret, "Bad memory signature");
free(in);
free(out);
--
2.7.3
#!/bin/sh
#Copyright (c) 2016 Pierre Pronchery <khorben%edgebsd.org@localhost>
#This file is part of EdgeBSD Infrastructure
#Redistribution and use in source and binary forms, with or without
#modification, are permitted provided that the following conditions are met:
#
# * Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# * Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
#
#THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
#AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
#IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
#DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
#FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
#DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
#SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
#CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
#OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
#OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#variables
PROGNAME="gpg2netpgp"
#executables
CAT="/bin/cat"
MKTEMP="/usr/bin/mktemp"
NETPGP="/usr/bin/netpgp"
NETPGPKEYS="/usr/bin/netpgpkeys"
RM="/bin/rm -f"
#functions
#gpg2netpgp_verify
_gpg2netpgp_verify()
{
ret=0
armored=0
break=0
ext=".sig"
#options
while [ $# -gt 0 ]; do
arg="$1"
case "$arg" in
--armor)
armored=1
;;
--verify)
;;
--)
shift
break=1
;;
*)
break=1
;;
esac
[ $break -eq 0 ] || break
shift
done
#detect armoring
read line < "$1"
case "$line" in
"-----BEGIN PGP MESSAGE-----"*|"-----BEGIN PGP SIGNATURE-----"*|"-----BEGIN PGP SIGNED MESSAGE-----"*)
armored=1
;;
esac
[ $armored -eq 0 ] || ext=".asc"
#verify
if [ $# -eq 2 -a "$2" = "-" ]; then
filename="$($MKTEMP)"
[ $? -eq 0 ] || return 2
#XXX TOCTOU
if [ -e "$filename$ext" ]; then
$RM -- "$filename"
return 2
fi
$CAT -- "$1" > "$filename$ext" || ret=2
$CAT > "$filename" || ret=2
if [ $ret -eq 0 ]; then
$NETPGP --verify --detached -- "$filename$ext"
ret=$?
fi
$RM -- "$filename" "$filename$ext"
elif [ $# -eq 1 ]; then
$NETPGP --verify -- "$1"
ret=$?
else
_usage
ret=$?
fi
return $ret
}
#error
_error()
{
echo "$PROGNAME: $@" 1>&2
return 2
}
#usage
_usage()
{
echo "Usage: $PROGNAME [--homedir dir][--options file][options] command [args]" 1>&2
return 1
}
#main
args=
exec="$NETPGP"
break=0
while [ $# -gt 0 ]; do
arg="$1"
shift
case "$arg" in
--help)
_usage
exit $?
;;
--armor|--decrypt|--encrypt|--homedir|--sign|--verbose|--version)
#pass-through
args="$args $arg"
;;
--export)
exec="$NETPGPKEYS"
args="$args --export-key"
;;
--gen-key)
exec="$NETPGPKEYS"
args="$args --generate-key"
;;
--import)
exec="$NETPGPKEYS"
args="$args --import-key"
;;
--list-keys|--list-sigs)
#pass-through (netpgpkeys)
exec="$NETPGPKEYS"
args="$args $arg"
;;
--keyring|--output)
#pass-through with argument
args="$args $arg=$1"
shift
;;
--no-verbose|-q|--quiet)
#ignore
;;
--verify)
#XXX special case
exec="_gpg2netpgp_verify"
args="$args $arg"
;;
-a)
args="$args --armor"
;;
-b|--detach-sign)
args="$args --sign --detached"
;;
--cipher-algo)
args="$args --cipher=$1"
shift
;;
-d)
args="$args --decrypt"
;;
--digest-algo)
args="$args --hash-alg=$1"
shift
;;
-e)
args="$args --encrypt"
;;
-o)
args="$args --output=$1"
shift
;;
-s)
args="$args --sign"
;;
-u|--local-user)
args="$args --userid=$1"
shift
;;
--)
args="$args $arg"
break=1
;;
-)
;;
-?|--*)
_error "$arg: Unsupported option"
ret=$?
_usage
exit $ret
;;
*)
args="$args $arg"
break=1
;;
esac
[ $break -eq 0 ] || break
done
#run netpgp
$exec $args $@
Home |
Main Index |
Thread Index |
Old Index