Module Name: src Committed By: agc Date: Fri Nov 2 00:35:51 UTC 2012
Modified Files: src/crypto/external/bsd/netpgp/dist/src/libbn [agc-netpgp-standalone]: misc.c misc.h src/crypto/external/bsd/netpgp/dist/src/libverify [agc-netpgp-standalone]: libverify.c pgpsum.c src/crypto/external/bsd/netpgp/lib/verify [agc-netpgp-standalone]: Makefile Removed Files: src/crypto/external/bsd/netpgp/dist/src/libbn [agc-netpgp-standalone]: digest.h Log Message: more changes to netpgpverify on agc-netpgp-standalone branch: + remove the copy of digest.h from libbn sources, use the one in libdigest, and fix up lib/verify/Makefile to accommodate + get rid of header files we don't need, and pick up header files from the correct directory + remove the hexdump utility routine from the libbn misc support routines, it's not needed + add a comment describing the pubring primary key parser structure To generate a diff of this commit: cvs rdiff -u -r1.1.2.1 -r0 \ src/crypto/external/bsd/netpgp/dist/src/libbn/digest.h cvs rdiff -u -r1.1.2.2 -r1.1.2.3 \ src/crypto/external/bsd/netpgp/dist/src/libbn/misc.c cvs rdiff -u -r1.1.2.1 -r1.1.2.2 \ src/crypto/external/bsd/netpgp/dist/src/libbn/misc.h cvs rdiff -u -r1.1.2.11 -r1.1.2.12 \ src/crypto/external/bsd/netpgp/dist/src/libverify/libverify.c cvs rdiff -u -r1.1.2.2 -r1.1.2.3 \ src/crypto/external/bsd/netpgp/dist/src/libverify/pgpsum.c cvs rdiff -u -r1.1.2.3 -r1.1.2.4 \ src/crypto/external/bsd/netpgp/lib/verify/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/crypto/external/bsd/netpgp/dist/src/libbn/misc.c diff -u src/crypto/external/bsd/netpgp/dist/src/libbn/misc.c:1.1.2.2 src/crypto/external/bsd/netpgp/dist/src/libbn/misc.c:1.1.2.3 --- src/crypto/external/bsd/netpgp/dist/src/libbn/misc.c:1.1.2.2 Mon Oct 29 15:46:50 2012 +++ src/crypto/external/bsd/netpgp/dist/src/libbn/misc.c Fri Nov 2 00:35:50 2012 @@ -80,45 +80,3 @@ logmessage(const int level, const char * } } #endif - -#ifndef _KERNEL -#define LINELEN 16 - -#define PRIsize "z" - -/* show hexadecimal/ascii dump */ -void -hexdump(FILE *fp, const char *header, const uint8_t *src, size_t length) -{ - size_t i; - char line[LINELEN + 1]; - - if (src == NULL) { - return; - } - if (fp == NULL) { - fp = stdout; - } - (void) fprintf(fp, "%s%s", (header) ? header : "", (header) ? "\n" : ""); - (void) fprintf(fp, "[%" PRIsize "u char%s]\n", length, (length == 1) ? "" : "s"); - for (i = 0 ; i < length ; i++) { - if (i % LINELEN == 0) { - (void) fprintf(fp, "%.5" PRIsize "u | ", i); - } - (void) fprintf(fp, "%.02x ", (uint8_t)src[i]); - line[i % LINELEN] = (isprint(src[i])) ? src[i] : '.'; - if (i % LINELEN == LINELEN - 1) { - line[LINELEN] = 0x0; - (void) fprintf(fp, " | %s\n", line); - } - } - if (i % LINELEN != 0) { - for ( ; i % LINELEN != 0 ; i++) { - (void) fprintf(fp, " "); - line[i % LINELEN] = ' '; - } - line[LINELEN] = 0x0; - (void) fprintf(fp, " | %s\n", line); - } -} -#endif Index: src/crypto/external/bsd/netpgp/dist/src/libbn/misc.h diff -u src/crypto/external/bsd/netpgp/dist/src/libbn/misc.h:1.1.2.1 src/crypto/external/bsd/netpgp/dist/src/libbn/misc.h:1.1.2.2 --- src/crypto/external/bsd/netpgp/dist/src/libbn/misc.h:1.1.2.1 Sun May 6 17:34:56 2012 +++ src/crypto/external/bsd/netpgp/dist/src/libbn/misc.h Fri Nov 2 00:35:50 2012 @@ -46,7 +46,6 @@ void netpgp_deallocate(void */*ptr*/, si #ifndef _KERNEL void logmessage(const int /*level*/, const char */*fmt*/, ...); -void hexdump(FILE */*fp*/, const char */*header*/, const uint8_t */*src*/, size_t /*length*/); #endif __END_DECLS Index: src/crypto/external/bsd/netpgp/dist/src/libverify/libverify.c diff -u src/crypto/external/bsd/netpgp/dist/src/libverify/libverify.c:1.1.2.11 src/crypto/external/bsd/netpgp/dist/src/libverify/libverify.c:1.1.2.12 --- src/crypto/external/bsd/netpgp/dist/src/libverify/libverify.c:1.1.2.11 Thu Nov 1 01:35:35 2012 +++ src/crypto/external/bsd/netpgp/dist/src/libverify/libverify.c Fri Nov 2 00:35:50 2012 @@ -27,13 +27,9 @@ #include <sys/param.h> #include <sys/mman.h> -#include <netpgp/bn.h> -#include <netpgp/digest.h> - #include <bzlib.h> #include <err.h> #include <inttypes.h> -#include <regex.h> #include <stdarg.h> #include <stdio.h> #include <stdlib.h> @@ -43,7 +39,9 @@ #include <zlib.h> #include "array.h" +#include "bn.h" #include "b64.h" +#include "digest.h" #include "pgpsum.h" #include "rsa.h" #include "verify.h" @@ -356,7 +354,7 @@ fmt_binary_mpi(pgpv_bignum_t *mpi, uint8 bytes = BITS_TO_BYTES(mpi->bits); if ((size_t)bytes + 2 + 1 > size) { - fprintf(stderr, "truncated mpi\n"); + warn("truncated mpi"); return 0; } if (mpi->bn == NULL || BN_is_zero(mpi->bn)) { @@ -1361,7 +1359,6 @@ fmt_pubkey(char *s, size_t size, pgpv_pu if (pubkey->expiry) { cc += fmt_time(&s[cc], size - cc, " [Expiry ", pubkey->birth + pubkey->expiry, "]", 0); } - /* XXX - revoked? */ cc += snprintf(&s[cc], size - cc, "\n"); cc += fmt_fingerprint(&s[cc], size - cc, &pubkey->fingerprint, "fingerprint: "); return cc; @@ -1549,8 +1546,8 @@ rsa_verify(uint8_t *calculated, unsigned unsigned prefixlen; unsigned decryptc; unsigned i; - uint8_t decrypted[8192]; /* XXX */ - uint8_t sigbn[8192]; /* XXX */ + uint8_t decrypted[8192]; + uint8_t sigbn[8192]; uint8_t prefix[64]; size_t keysize; @@ -1901,6 +1898,37 @@ get_literal_data(pgpv_cursor_t *cursor, return litdata->s.data; } +/* +RFC 4880 describes the structure of v4 keys as: + + Primary-Key + [Revocation Self Signature] + [Direct Key Signature...] + User ID [Signature ...] + [User ID [Signature ...] ...] + [User Attribute [Signature ...] ...] + [[Subkey [Binding-Signature-Revocation] + Primary-Key-Binding-Signature] ...] + +and that's implemented below as a recursive descent parser. +It has had to be modified, though: see the comment + + some keys out there have user ids where they shouldn't + +to look like: + + Primary-Key + [Revocation Self Signature] + [Direct Key Signature...] + [User ID [Signature ...] + [User ID [Signature ...] ...] + [User Attribute [Signature ...] ...] + [Subkey [Binding-Signature-Revocation] + Primary-Key-Binding-Signature] ...] + +to accommodate keyrings set up by gpg +*/ + /* recognise a primary key */ static int recog_primary_key(pgpv_t *pgp, pgpv_primarykey_t *primary) @@ -1930,7 +1958,6 @@ recog_primary_key(pgpv_t *pgp, pgpv_prim /* XXX - check it's a good key expiry */ primary->primary.expiry = signature.keyexpiry; } -if (signature.revoked) fprintf(stderr, "agc - revoked1\n"); ARRAY_APPEND(primary->direct_sigs, signature); } /* some keys out there have user ids where they shouldn't */ Index: src/crypto/external/bsd/netpgp/dist/src/libverify/pgpsum.c diff -u src/crypto/external/bsd/netpgp/dist/src/libverify/pgpsum.c:1.1.2.2 src/crypto/external/bsd/netpgp/dist/src/libverify/pgpsum.c:1.1.2.3 --- src/crypto/external/bsd/netpgp/dist/src/libverify/pgpsum.c:1.1.2.2 Wed Oct 24 02:27:25 2012 +++ src/crypto/external/bsd/netpgp/dist/src/libverify/pgpsum.c Fri Nov 2 00:35:50 2012 @@ -33,8 +33,7 @@ #include <string.h> #include <unistd.h> -#include <netpgp/digest.h> - +#include "digest.h" #include "pgpsum.h" /* add the ascii armor line endings (except for last line) */ Index: src/crypto/external/bsd/netpgp/lib/verify/Makefile diff -u src/crypto/external/bsd/netpgp/lib/verify/Makefile:1.1.2.3 src/crypto/external/bsd/netpgp/lib/verify/Makefile:1.1.2.4 --- src/crypto/external/bsd/netpgp/lib/verify/Makefile:1.1.2.3 Tue Oct 30 02:10:42 2012 +++ src/crypto/external/bsd/netpgp/lib/verify/Makefile Fri Nov 2 00:35:51 2012 @@ -1,10 +1,11 @@ -# $NetBSD: Makefile,v 1.1.2.3 2012/10/30 02:10:42 agc Exp $ +# $NetBSD: Makefile,v 1.1.2.4 2012/11/02 00:35:51 agc Exp $ LIB=netpgpverify SRCS=libverify.c b64.c pgpsum.c SRCS+=digest.c tiger.c SRCS+=bignum.c misc.c CPPFLAGS+=-I${EXTDIST}/src/libbn +CPPFLAGS+=-I${EXTDIST}/src/libdigest CPPFLAGS+=-I${EXTDIST}/src/librsa MAN=libnetpgpverify.3 WARNS=5