Module Name: src Committed By: agc Date: Thu Oct 25 04:03:16 UTC 2012
Modified Files: src/crypto/external/bsd/netpgp/dist/src/libverify [agc-netpgp-standalone]: libnetpgpverify.3 libverify.c verify.h src/crypto/external/bsd/netpgp/dist/src/netpgpverify [agc-netpgp-standalone]: main.c Log Message: change the signature (ha!) of the pgpv_read_pubring() function to allow a key to be specified as a string in memory, as well as in a file. as always, the pubring must precede the signature. To generate a diff of this commit: cvs rdiff -u -r1.1.2.4 -r1.1.2.5 \ src/crypto/external/bsd/netpgp/dist/src/libverify/libnetpgpverify.3 cvs rdiff -u -r1.1.2.7 -r1.1.2.8 \ src/crypto/external/bsd/netpgp/dist/src/libverify/libverify.c cvs rdiff -u -r1.1.2.6 -r1.1.2.7 \ src/crypto/external/bsd/netpgp/dist/src/libverify/verify.h cvs rdiff -u -r1.1.2.3 -r1.1.2.4 \ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/main.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/crypto/external/bsd/netpgp/dist/src/libverify/libnetpgpverify.3 diff -u src/crypto/external/bsd/netpgp/dist/src/libverify/libnetpgpverify.3:1.1.2.4 src/crypto/external/bsd/netpgp/dist/src/libverify/libnetpgpverify.3:1.1.2.5 --- src/crypto/external/bsd/netpgp/dist/src/libverify/libnetpgpverify.3:1.1.2.4 Tue Oct 23 15:00:56 2012 +++ src/crypto/external/bsd/netpgp/dist/src/libverify/libnetpgpverify.3 Thu Oct 25 04:03:16 2012 @@ -1,4 +1,4 @@ -.\" $NetBSD: libnetpgpverify.3,v 1.1.2.4 2012/10/23 15:00:56 agc Exp $ +.\" $NetBSD: libnetpgpverify.3,v 1.1.2.5 2012/10/25 04:03:16 agc Exp $ .\" .\" Copyright (c) 2012 Alistair Crooks <a...@netbsd.org> .\" All rights reserved. @@ -35,7 +35,7 @@ .In netpgp/verify.h .Ft int .Fo pgpv_read_pubring -.Fa "pgpv_t *pgp" "const char *keyring" +.Fa "pgpv_t *pgp" "const void *keyring" "ssize_t size" .Fc .Ft size_t .Fo pgpv_verify @@ -67,6 +67,7 @@ located in a public key ring. This library has enough functionality to parse a pubkey keyring, using .Fn pgpv_read_pubring +to read the public keys of trusted identities, and to read files or memory which has already been signed. The .Fn pgpv_verify @@ -125,6 +126,10 @@ This is handled automatically by .Xr bn 3 , .Xr zlib 3 , .Xr bzlib2 3 +.Sh STANDARDS +The +.Nm +utility is designed to conform to IETF RFC 4880. .Sh HISTORY The .Nm Index: src/crypto/external/bsd/netpgp/dist/src/libverify/libverify.c diff -u src/crypto/external/bsd/netpgp/dist/src/libverify/libverify.c:1.1.2.7 src/crypto/external/bsd/netpgp/dist/src/libverify/libverify.c:1.1.2.8 --- src/crypto/external/bsd/netpgp/dist/src/libverify/libverify.c:1.1.2.7 Wed Oct 24 02:27:25 2012 +++ src/crypto/external/bsd/netpgp/dist/src/libverify/libverify.c Thu Oct 25 04:03:16 2012 @@ -2134,10 +2134,12 @@ pgpv_verify(pgpv_cursor_t *cursor, pgpv_ /* set up the pubkey keyring */ int -pgpv_read_pubring(pgpv_t *pgp, const char *keyring) +pgpv_read_pubring(pgpv_t *pgp, const void *keyring, ssize_t size) { if (keyring) { - return read_binary_file(pgp, "pubring", "%s", keyring); + return (size > 0) ? + read_binary_memory(pgp, "pubring", keyring, (size_t)size) : + read_binary_file(pgp, "pubring", "%s", keyring); } return read_binary_file(pgp, "pubring", "%s/%s", getenv("HOME"), ".gnupg/pubring.gpg"); } Index: src/crypto/external/bsd/netpgp/dist/src/libverify/verify.h diff -u src/crypto/external/bsd/netpgp/dist/src/libverify/verify.h:1.1.2.6 src/crypto/external/bsd/netpgp/dist/src/libverify/verify.h:1.1.2.7 --- src/crypto/external/bsd/netpgp/dist/src/libverify/verify.h:1.1.2.6 Wed Oct 24 02:27:25 2012 +++ src/crypto/external/bsd/netpgp/dist/src/libverify/verify.h Thu Oct 25 04:03:16 2012 @@ -240,6 +240,8 @@ typedef struct pgpv_t { const char *op; /* the operation we're doing */ } pgpv_t; +#define PGPV_REASON_LEN 128 + /* when searching, we define a cursor, and fill in an array of subscripts */ typedef struct pgpv_cursor_t { pgpv_t *pgp; /* pointer to pgp tree */ @@ -250,7 +252,7 @@ typedef struct pgpv_cursor_t { PGPV_ARRAY(uint32_t, found); /* array of matched subscripts */ PGPV_ARRAY(size_t, datacookies); /* cookies to retrieve matched data */ int64_t sigtime; /* time of signature */ - char why[128]; /* reason for bad signature */ + char why[PGPV_REASON_LEN]; /* reason for bad signature */ } pgpv_cursor_t; #ifndef __BEGIN_DECLS @@ -265,7 +267,7 @@ typedef struct pgpv_cursor_t { __BEGIN_DECLS -int pgpv_read_pubring(pgpv_t */*pgp*/, const char */*keyring*/); +int pgpv_read_pubring(pgpv_t */*pgp*/, const void */*keyringfile/mem*/, ssize_t /*size*/); size_t pgpv_verify(pgpv_cursor_t */*cursor*/, pgpv_t */*pgp*/, const void */*mem/file*/, ssize_t /*size*/); size_t pgpv_get_verified(pgpv_cursor_t */*cursor*/, size_t /*cookie*/, char **/*ret*/); Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/main.c diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/main.c:1.1.2.3 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/main.c:1.1.2.4 --- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/main.c:1.1.2.3 Tue Oct 23 15:03:37 2012 +++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/main.c Thu Oct 25 04:03:16 2012 @@ -147,7 +147,7 @@ main(int argc, char **argv) if (cmd == NULL) { cmd = "verify"; } - if (!pgpv_read_pubring(&pgp, keyring)) { + if (!pgpv_read_pubring(&pgp, keyring, -1)) { errx(EXIT_FAILURE, "can't read keyring"); } if (optind == argc) {