NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

PR/46930 CVS commit: [agc-netpgp-standalone] src/crypto/external/bsd/netpgp



The following reply was made to PR bin/46930; it has been noted by GNATS.

From: "Alistair G. Crooks" <agc%netbsd.org@localhost>
To: gnats-bugs%gnats.NetBSD.org@localhost
Cc: 
Subject: PR/46930 CVS commit: [agc-netpgp-standalone] 
src/crypto/external/bsd/netpgp
Date: Sat, 20 Oct 2012 04:59:54 +0000

 Module Name:   src
 Committed By:  agc
 Date:          Sat Oct 20 04:59:54 UTC 2012
 
 Modified Files:
        src/crypto/external/bsd/netpgp/bin/netpgp [agc-netpgp-standalone]:
            Makefile
        src/crypto/external/bsd/netpgp/bin/netpgpverify [agc-netpgp-standalone]:
            Makefile
        src/crypto/external/bsd/netpgp/bin/pgp2ssh [agc-netpgp-standalone]:
            Makefile
        src/crypto/external/bsd/netpgp/dist/include [agc-netpgp-standalone]:
            netpgp.h
        src/crypto/external/bsd/netpgp/dist/src/lib [agc-netpgp-standalone]:
            validate.c
        src/crypto/external/bsd/netpgp/dist/src/librsa [agc-netpgp-standalone]:
            rsa.c rsa.h
        src/crypto/external/bsd/netpgp/dist/src/libverify 
[agc-netpgp-standalone]:
            Makefile libnetpgpverify.3 verify.h
        src/crypto/external/bsd/netpgp/dist/src/netpgpverify 
[agc-netpgp-standalone]:
            netpgpverify.1
        src/crypto/external/bsd/netpgp/lib [agc-netpgp-standalone]: Makefile
        src/crypto/external/bsd/netpgp/lib/bn [agc-netpgp-standalone]: Makefile
            shlib_version
        src/crypto/external/bsd/netpgp/lib/cipher [agc-netpgp-standalone]:
            shlib_version
        src/crypto/external/bsd/netpgp/lib/mj [agc-netpgp-standalone]:
            shlib_version
        src/crypto/external/bsd/netpgp/lib/netpgp [agc-netpgp-standalone]:
            shlib_version
        src/crypto/external/bsd/netpgp/lib/paa [agc-netpgp-standalone]:
            shlib_version
        src/crypto/external/bsd/netpgp/lib/rsa [agc-netpgp-standalone]:
            shlib_version
        src/crypto/external/bsd/netpgp/lib/verify [agc-netpgp-standalone]:
            Makefile shlib_version
 Added Files:
        src/crypto/external/bsd/netpgp/dist/src/libverify 
[agc-netpgp-standalone]:
            array.h b64.c b64.h dump.c libverify.c pgpsum.c pgpsum.h
        src/crypto/external/bsd/netpgp/dist/src/netpgpverify 
[agc-netpgp-standalone]:
            main.c
 Removed Files:
        src/crypto/external/bsd/netpgp/dist/src/netpgpverify 
[agc-netpgp-standalone]:
            verify.c
 
 Log Message:
 Replace the netpgpverify command and libnetpgpverify in the
 agc-netpgp-standalone branch with a completely rewritten "from the RFC
 up" version designed to be small, standalone, and easy to maintain.
 
        % ldd bin/netpgpverify/netpgpverify
        bin/netpgpverify/netpgpverify:
                -lz.1 => /usr/lib/libz.so.1
                -lgcc_s.1 => /usr/lib/libgcc_s.so.1
                -lc.12 => /usr/lib/libc.so.12
                -lbz2.1 => /usr/lib/libbz2.so.1
                -lnetpgpverify.4 => /usr/lib/libnetpgpverify.so.4
        % ldd lib/verify/libnetpgpverify.so
        lib/verify/libnetpgpverify.so:
                -lc.12 => /usr/lib/libc.so.12
        % ls -al lib/verify/libnetpgpverify* bin/netpgpverify/netpgpverify
        -rwxr-xr-x  1 agc  agc   10502 Oct 18 20:59 
bin/netpgpverify/netpgpverify
        -rw-r--r--  1 agc  agc  159720 Oct 18 20:59 lib/verify/libnetpgpverify.a
        -rw-r--r--  1 agc  agc    4822 Oct 18 20:59 
lib/verify/libnetpgpverify.html3
        lrwxr-xr-x  1 agc  agc      22 Oct 18 20:59 
lib/verify/libnetpgpverify.so -> libnetpgpverify.so.4.0
        lrwxr-xr-x  1 agc  agc      22 Oct 18 20:59 
lib/verify/libnetpgpverify.so.4 -> libnetpgpverify.so.4.0
        -rwxr-xr-x  1 agc  agc  123069 Oct 18 20:59 
lib/verify/libnetpgpverify.so.4.0
        -rw-r--r--  1 agc  agc  169696 Oct 18 20:59 
lib/verify/libnetpgpverify_p.a
        -rw-r--r--  1 agc  agc  149968 Oct 18 20:59 
lib/verify/libnetpgpverify_pic.a
        %
 
 ("Small" here includes the full BIGNUM/mpi functionality required to
 verify signatures).
 
 Instead of using extensive callbacks for input data, which have proved
 to be fragile and difficult to maintain, as well as precluding uses
 elsewhere, this uses straight mmaping of input files where possible,
 and falls back to reading if unavailable.
 
 RFC 4880 makes provision for two types of data to be signed, binary
 data and text, and text is subject to modification of data before the
 signature is made, and is usually opaque.  The new netpgpverify(1) can
 handle this, our old version could not.  DSA signatures are not yet
 supported -- watch this space -- but full RSA ones, including those of
 text documents like the signed NetBSD release hashes (see PR
 bin/46930) are recognised and are included in the regression tests.
 
        % env LD_LIBRARY_PATH=../../lib/verify ./netpgpverify < 
NetBSD-6.0_hashes.asc
        Good signature for [stdin] made Mon Oct 15 09:28:54 2012
        signature  4096/RSA (Encrypt or Sign) 064973ac4c4a706e 2009-06-23
        fingerprint:  ddee 2bdb 9c98 a0d1 d4fb dbf7 0649 73ac 4c4a 706e
        uid              NetBSD Security Officer 
<security-officer%NetBSD.org@localhost>
        encryption 4096/RSA (Encrypt or Sign) 9ff2c24fdf2ce620 2009-06-23 
[Expiry 2019-06-21]
        fingerprint:  1915 0801 fbd8 f45d 89f2 0205 9ff2 c24f df2c e620
 
        %
 
 Redirection from stdin is also supported, as are multiple files, and
 detached signatures.  Another interesting use is to verify the
 signatures, and to retrieve the data only if a signature matches -
 this was the old "--cat" command to netpgpverify(1), and it has been
 brought forward into the newer version.
 
        % env LD_LIBRARY_PATH=../../lib/verify ./netpgpverify -c cat det.sig | 
diff det -
        %
 
 This is implemented as a library and a small program to call so
 that it is easier to embed verification of signatures in scripting
 languages, or other source code.
 
 
 To generate a diff of this commit:
 cvs rdiff -u -r1.1.2.1 -r1.1.2.2 \
     src/crypto/external/bsd/netpgp/bin/netpgp/Makefile
 cvs rdiff -u -r1.1.2.1 -r1.1.2.2 \
     src/crypto/external/bsd/netpgp/bin/netpgpverify/Makefile
 cvs rdiff -u -r1.1.2.1 -r1.1.2.2 \
     src/crypto/external/bsd/netpgp/bin/pgp2ssh/Makefile
 cvs rdiff -u -r1.21 -r1.21.10.1 \
     src/crypto/external/bsd/netpgp/dist/include/netpgp.h
 cvs rdiff -u -r1.44 -r1.44.2.1 \
     src/crypto/external/bsd/netpgp/dist/src/lib/validate.c
 cvs rdiff -u -r1.1.2.1 -r1.1.2.2 \
     src/crypto/external/bsd/netpgp/dist/src/librsa/rsa.c \
     src/crypto/external/bsd/netpgp/dist/src/librsa/rsa.h
 cvs rdiff -u -r1.1.2.1 -r1.1.2.2 \
     src/crypto/external/bsd/netpgp/dist/src/libverify/Makefile \
     src/crypto/external/bsd/netpgp/dist/src/libverify/libnetpgpverify.3 \
     src/crypto/external/bsd/netpgp/dist/src/libverify/verify.h
 cvs rdiff -u -r0 -r1.1.2.1 \
     src/crypto/external/bsd/netpgp/dist/src/libverify/array.h \
     src/crypto/external/bsd/netpgp/dist/src/libverify/b64.c \
     src/crypto/external/bsd/netpgp/dist/src/libverify/b64.h \
     src/crypto/external/bsd/netpgp/dist/src/libverify/dump.c \
     src/crypto/external/bsd/netpgp/dist/src/libverify/libverify.c \
     src/crypto/external/bsd/netpgp/dist/src/libverify/pgpsum.c \
     src/crypto/external/bsd/netpgp/dist/src/libverify/pgpsum.h
 cvs rdiff -u -r0 -r1.1.2.1 \
     src/crypto/external/bsd/netpgp/dist/src/netpgpverify/main.c
 cvs rdiff -u -r1.5 -r1.5.10.1 \
     src/crypto/external/bsd/netpgp/dist/src/netpgpverify/netpgpverify.1
 cvs rdiff -u -r1.15 -r0 \
     src/crypto/external/bsd/netpgp/dist/src/netpgpverify/verify.c
 cvs rdiff -u -r1.13.6.1 -r1.13.6.2 \
     src/crypto/external/bsd/netpgp/lib/Makefile
 cvs rdiff -u -r1.1.2.1 -r1.1.2.2 \
     src/crypto/external/bsd/netpgp/lib/bn/Makefile \
     src/crypto/external/bsd/netpgp/lib/bn/shlib_version
 cvs rdiff -u -r1.1.2.1 -r1.1.2.2 \
     src/crypto/external/bsd/netpgp/lib/cipher/shlib_version
 cvs rdiff -u -r1.1.2.1 -r1.1.2.2 \
     src/crypto/external/bsd/netpgp/lib/mj/shlib_version
 cvs rdiff -u -r1.1.2.1 -r1.1.2.2 \
     src/crypto/external/bsd/netpgp/lib/netpgp/shlib_version
 cvs rdiff -u -r1.1.2.1 -r1.1.2.2 \
     src/crypto/external/bsd/netpgp/lib/paa/shlib_version
 cvs rdiff -u -r1.1.2.1 -r1.1.2.2 \
     src/crypto/external/bsd/netpgp/lib/rsa/shlib_version
 cvs rdiff -u -r1.1.2.1 -r1.1.2.2 \
     src/crypto/external/bsd/netpgp/lib/verify/Makefile \
     src/crypto/external/bsd/netpgp/lib/verify/shlib_version
 
 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.
 


Home | Main Index | Thread Index | Old Index