Module Name: src
Committed By: agc
Date: Wed Sep 8 03:21:23 UTC 2010
Modified Files:
src/crypto/external/bsd/netpgp/dist: TODO
src/crypto/external/bsd/netpgp/dist/src/lib: crypto.c crypto.h netpgp.c
openssl_crypto.c packet-parse.c ssh2pgp.c version.h
src/crypto/external/bsd/netpgp/dist/src/libmj: libmj.3 mj.c mj.h
src/crypto/external/bsd/netpgp/dist/src/netpgp: netpgp.c
src/crypto/external/bsd/netpgp/dist/src/netpgpkeys: netpgpkeys.c
Log Message:
Changes to 3.99.12/20100907
+ add a pretty print function mj_pretty(3) to libmj
+ added netpgp_write_sshkey(3) to libnetpgp
+ added pgp2ssh(1)
+ added preliminary support for ElGamal decryption, needed for DSA keys
as yet untested, unworking, and a WIP
+ add support for using all ssh keys, even those protected by a passphrase,
for decryption and signing. This rounds off ssh key file support in netpgp.
+ add a single character alias [-S file] for [--sshkeyfile file] to
netpgpkeys(1) and netpgp(1)
As far as ssh key file support goes, see the following example:
% cp configure a
% netpgp -S ~/.ssh/id_rsa.pub -e a
% netpgp -S ~/.ssh/id_rsa.pub -d a.gpg
Enter PEM pass phrase:
% ls -al a a.gpg
-rwxr-xr-x 1 agc agc 758398 Sep 7 05:38 a
-rw------- 1 agc agc 156886 Sep 7 05:38 a.gpg
%
To generate a diff of this commit:
cvs rdiff -u -r1.41 -r1.42 src/crypto/external/bsd/netpgp/dist/TODO
cvs rdiff -u -r1.27 -r1.28 \
src/crypto/external/bsd/netpgp/dist/src/lib/crypto.c
cvs rdiff -u -r1.20 -r1.21 \
src/crypto/external/bsd/netpgp/dist/src/lib/crypto.h
cvs rdiff -u -r1.74 -r1.75 \
src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c
cvs rdiff -u -r1.28 -r1.29 \
src/crypto/external/bsd/netpgp/dist/src/lib/openssl_crypto.c
cvs rdiff -u -r1.41 -r1.42 \
src/crypto/external/bsd/netpgp/dist/src/lib/packet-parse.c \
src/crypto/external/bsd/netpgp/dist/src/lib/version.h
cvs rdiff -u -r1.16 -r1.17 \
src/crypto/external/bsd/netpgp/dist/src/lib/ssh2pgp.c
cvs rdiff -u -r1.1 -r1.2 \
src/crypto/external/bsd/netpgp/dist/src/libmj/libmj.3 \
src/crypto/external/bsd/netpgp/dist/src/libmj/mj.h
cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/netpgp/dist/src/libmj/mj.c
cvs rdiff -u -r1.14 -r1.15 \
src/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.c
cvs rdiff -u -r1.18 -r1.19 \
src/crypto/external/bsd/netpgp/dist/src/netpgpkeys/netpgpkeys.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/external/bsd/netpgp/dist/TODO
diff -u src/crypto/external/bsd/netpgp/dist/TODO:1.41 src/crypto/external/bsd/netpgp/dist/TODO:1.42
--- src/crypto/external/bsd/netpgp/dist/TODO:1.41 Sun Aug 15 07:52:26 2010
+++ src/crypto/external/bsd/netpgp/dist/TODO Wed Sep 8 03:21:21 2010
@@ -6,7 +6,6 @@
convert to and from ascii armored sigs
gpgme compat lib
get rid of public key free as part of seckey
-return userids from successful verify, and then print id out if required
is get_passphrase_cb needed?
error logging
separate from libcrypto?
@@ -97,3 +96,6 @@
make netpgpkeys work - add, import, commit, update, sign, passphrase
fix ssh fingerprints not matching netpgp
json/yaml output
+return userids from successful verify, and then print id out if required
+convert between pgp and ssh key formats
+PEM ssh keys and passphrases
Index: src/crypto/external/bsd/netpgp/dist/src/lib/crypto.c
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/crypto.c:1.27 src/crypto/external/bsd/netpgp/dist/src/lib/crypto.c:1.28
--- src/crypto/external/bsd/netpgp/dist/src/lib/crypto.c:1.27 Sun Aug 15 07:52:26 2010
+++ src/crypto/external/bsd/netpgp/dist/src/lib/crypto.c Wed Sep 8 03:21:22 2010
@@ -54,7 +54,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: crypto.c,v 1.27 2010/08/15 07:52:26 agc Exp $");
+__RCSID("$NetBSD: crypto.c,v 1.28 2010/09/08 03:21:22 agc Exp $");
#endif
#include <sys/types.h>
@@ -143,8 +143,43 @@
return n - i;
case OPS_PKA_DSA:
case OPS_PKA_ELGAMAL:
- (void) fprintf(stderr, "XXX - no support for DSA/Elgamal yet\n");
- return 0;
+ (void) fprintf(stderr, "XXX - preliminary support for DSA/Elgamal\n");
+ if (__ops_get_debug_level(__FILE__)) {
+ hexdump(stderr, "encrypted", encmpibuf, 16);
+ }
+ n = __ops_elgamal_private_decrypt(mpibuf, encmpibuf,
+ (unsigned)(BN_num_bits(encmpi) + 7) / 8,
+ &seckey->key.elgamal, &seckey->pubkey.key.elgamal);
+ if (n == -1) {
+ (void) fprintf(stderr, "ops_elgamal_private_decrypt failure\n");
+ return -1;
+ }
+ if (__ops_get_debug_level(__FILE__)) {
+ hexdump(stderr, "decrypted", mpibuf, 16);
+ }
+ if (n <= 0) {
+ return -1;
+ }
+ /* Decode EME-PKCS1_V1_5 (RFC 2437). */
+ if (mpibuf[0] != 0 || mpibuf[1] != 2) {
+ return -1;
+ }
+ /* Skip the random bytes. */
+ for (i = 2; i < n && mpibuf[i]; ++i) {
+ }
+ if (i == n || i < 10) {
+ return -1;
+ }
+ /* Skip the zero */
+ i += 1;
+ /* this is the unencoded m buf */
+ if ((unsigned) (n - i) <= buflen) {
+ (void) memcpy(buf, mpibuf + i, (unsigned)(n - i)); /* XXX - Flexelint */
+ }
+ if (__ops_get_debug_level(__FILE__)) {
+ hexdump(stderr, "decoded m", buf, (size_t)(n - i));
+ }
+ return n - i;
default:
(void) fprintf(stderr, "pubkey algorithm wrong\n");
return -1;
@@ -216,6 +251,10 @@
return __ops_pk_sesskey_cb(pkt, cbinfo);
case OPS_GET_SECKEY:
+ if (cbinfo->sshseckey) {
+ *content->get_seckey.seckey = cbinfo->sshseckey;
+ return OPS_KEEP_MEMORY;
+ }
return __ops_get_seckey_cb(pkt, cbinfo);
case OPS_GET_PASSPHRASE:
@@ -361,6 +400,7 @@
__ops_keyring_t *pubring,
const unsigned use_armour,
const unsigned allow_overwrite,
+ const unsigned sshkeys,
void *passfp,
__ops_cbfunc_t *getpassfunc)
{
@@ -424,6 +464,7 @@
parse->cbinfo.passfp = passfp;
parse->cbinfo.cryptinfo.getpassphrase = getpassfunc;
parse->cbinfo.cryptinfo.pubring = pubring;
+ parse->cbinfo.sshseckey = (sshkeys) ? &secring->keys[0].key.seckey : NULL;
/* Set up armour/passphrase options */
if (use_armour) {
@@ -456,6 +497,7 @@
__ops_keyring_t *secring,
__ops_keyring_t *pubring,
const unsigned use_armour,
+ const unsigned sshkeys,
void *passfp,
__ops_cbfunc_t *getpassfunc)
{
@@ -487,6 +529,7 @@
parse->cbinfo.cryptinfo.pubring = pubring;
parse->cbinfo.passfp = passfp;
parse->cbinfo.cryptinfo.getpassphrase = getpassfunc;
+ parse->cbinfo.sshseckey = (sshkeys) ? &secring->keys[0].key.seckey : NULL;
/* Set up armour/passphrase options */
if (use_armour) {
Index: src/crypto/external/bsd/netpgp/dist/src/lib/crypto.h
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/crypto.h:1.20 src/crypto/external/bsd/netpgp/dist/src/lib/crypto.h:1.21
--- src/crypto/external/bsd/netpgp/dist/src/lib/crypto.h:1.20 Tue May 25 01:05:10 2010
+++ src/crypto/external/bsd/netpgp/dist/src/lib/crypto.h Wed Sep 8 03:21:22 2010
@@ -145,6 +145,9 @@
int __ops_rsa_private_decrypt(uint8_t *, const uint8_t *, size_t,
const __ops_rsa_seckey_t *, const __ops_rsa_pubkey_t *);
+int __ops_elgamal_private_decrypt(uint8_t *, const uint8_t *, size_t,
+ const __ops_elgamal_seckey_t *, const __ops_elgamal_pubkey_t *);
+
unsigned __ops_block_size(__ops_symm_alg_t);
unsigned __ops_key_size(__ops_symm_alg_t);
@@ -189,6 +192,7 @@
__ops_keyring_t *,
const unsigned,
const unsigned,
+ const unsigned,
void *,
__ops_cbfunc_t *);
@@ -205,6 +209,7 @@
__ops_keyring_t *,
__ops_keyring_t *,
const unsigned,
+ const unsigned,
void *,
__ops_cbfunc_t *);
@@ -256,6 +261,7 @@
void *passfp; /* fp for passphrase input */
__ops_cryptinfo_t cryptinfo; /* used when decrypting */
__ops_printstate_t printstate; /* used to keep state when printing */
+ __ops_seckey_t *sshseckey; /* secret key for ssh */
};
/** __ops_hashtype_t */
Index: src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c:1.74 src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c:1.75
--- src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c:1.74 Mon Sep 6 18:19:38 2010
+++ src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c Wed Sep 8 03:21:22 2010
@@ -34,7 +34,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: netpgp.c,v 1.74 2010/09/06 18:19:38 agc Exp $");
+__RCSID("$NetBSD: netpgp.c,v 1.75 2010/09/08 03:21:22 agc Exp $");
#endif
#include <sys/types.h>
@@ -264,6 +264,12 @@
if ((filename = netpgp_getvar(netpgp, "sshkeyfile")) == NULL) {
(void) snprintf(f, sizeof(f), "%s/id_rsa.pub", homedir);
filename = f;
+ } else {
+ /* got ssh keys, check for pub file name */
+ if (strcmp(&filename[strlen(filename) - 4], ".pub") != 0) {
+ (void) fprintf(stderr, "readsshkeys: bad pubkey filename '%s'\n", filename);
+ return 0;
+ }
}
if ((pubring = calloc(1, sizeof(*pubring))) == NULL) {
(void) fprintf(stderr, "readsshkeys: bad alloc\n");
@@ -1185,6 +1191,7 @@
const unsigned overwrite = 1;
__ops_io_t *io;
unsigned realarmor;
+ unsigned sshkeys;
__OPS_USED(armored);
io = netpgp->io;
@@ -1194,9 +1201,10 @@
return 0;
}
realarmor = isarmoured(io, f, NULL, ARMOR_HEAD);
+ sshkeys = (unsigned)(netpgp_getvar(netpgp, "ssh keys") != NULL);
return __ops_decrypt_file(netpgp->io, f, out, netpgp->secring,
netpgp->pubring,
- realarmor, overwrite,
+ realarmor, overwrite, sshkeys,
netpgp->passfp, get_passphrase_cb);
}
@@ -1491,6 +1499,7 @@
__ops_memory_t *mem;
__ops_io_t *io;
unsigned realarmour;
+ unsigned sshkeys;
size_t m;
__OPS_USED(armored);
@@ -1501,9 +1510,11 @@
return 0;
}
realarmour = isarmoured(io, NULL, input, ARMOR_HEAD);
+ sshkeys = (unsigned)(netpgp_getvar(netpgp, "ssh keys") != NULL);
mem = __ops_decrypt_buf(netpgp->io, input, insize, netpgp->secring,
netpgp->pubring,
- realarmour, netpgp->passfp,
+ realarmour, sshkeys,
+ netpgp->passfp,
get_passphrase_cb);
m = MIN(__ops_mem_len(mem), outsize);
(void) memcpy(out, __ops_mem_data(mem), m);
Index: src/crypto/external/bsd/netpgp/dist/src/lib/openssl_crypto.c
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/openssl_crypto.c:1.28 src/crypto/external/bsd/netpgp/dist/src/lib/openssl_crypto.c:1.29
--- src/crypto/external/bsd/netpgp/dist/src/lib/openssl_crypto.c:1.28 Tue Sep 7 00:25:37 2010
+++ src/crypto/external/bsd/netpgp/dist/src/lib/openssl_crypto.c Wed Sep 8 03:21:22 2010
@@ -57,7 +57,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: openssl_crypto.c,v 1.28 2010/09/07 00:25:37 agc Exp $");
+__RCSID("$NetBSD: openssl_crypto.c,v 1.29 2010/09/08 03:21:22 agc Exp $");
#endif
#ifdef HAVE_OPENSSL_DSA_H
@@ -77,7 +77,10 @@
#include <stdlib.h>
#include <string.h>
-/* Hash size for secret key check */
+
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
#include "crypto.h"
#include "keyring.h"
@@ -834,10 +837,13 @@
openssl_read_pem_seckey(const char *f, __ops_key_t *key, const char *type, int verbose)
{
FILE *fp;
+ char prompt[BUFSIZ];
+ char *pass;
DSA *dsa;
RSA *rsa;
int ok;
+ OpenSSL_add_all_algorithms();
if ((fp = fopen(f, "r")) == NULL) {
if (verbose) {
(void) fprintf(stderr, "can't open '%s'\n", f);
@@ -847,13 +853,16 @@
ok = 1;
if (strcmp(type, "ssh-rsa") == 0) {
if ((rsa = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL)) == NULL) {
- ok = 0;
- } else {
- key->key.seckey.key.rsa.d = rsa->d;
- key->key.seckey.key.rsa.p = rsa->p;
- key->key.seckey.key.rsa.q = rsa->q;
- key->key.seckey.key.rsa.d = rsa->d;
+ (void) snprintf(prompt, sizeof(prompt), "netpgp PEM %s passphrase: ", f);
+ do {
+ pass = getpass(prompt);
+ rsa = PEM_read_RSAPrivateKey(fp, NULL, NULL, pass);
+ } while (rsa == NULL);
}
+ key->key.seckey.key.rsa.d = rsa->d;
+ key->key.seckey.key.rsa.p = rsa->p;
+ key->key.seckey.key.rsa.q = rsa->q;
+ key->key.seckey.key.rsa.d = rsa->d;
} else if (strcmp(type, "ssh-dss") == 0) {
if ((dsa = PEM_read_DSAPrivateKey(fp, NULL, NULL, NULL)) == NULL) {
ok = 0;
@@ -866,3 +875,77 @@
(void) fclose(fp);
return ok;
}
+
+int
+__ops_elgamal_private_decrypt(uint8_t *out,
+ const uint8_t *in,
+ size_t length,
+ const __ops_elgamal_seckey_t *seckey,
+ const __ops_elgamal_pubkey_t *pubkey)
+{
+ BIGNUM *bndiv;
+ BIGNUM *c1x;
+ BN_CTX *tmp;
+ BIGNUM *c1;
+ BIGNUM *c2;
+ BIGNUM *p;
+ BIGNUM *x;
+ BIGNUM *m;
+ int ret = 0;
+
+ /* split in byutes into c1 and c2 */
+ c1 = BN_bin2bn(in, (int)(length / 2), NULL);
+ c2 = BN_bin2bn(&in[length / 2], (int)(length / 2), NULL);
+ /* other bits */
+ p = pubkey->p;
+ x = seckey->x;
+ c1x = BN_new();
+ bndiv = BN_new();
+ m = BN_new();
+ tmp = BN_CTX_new();
+ if (!c1 || !c2 || !p || !x || !c1x || !bndiv || !m || !tmp) {
+ goto done;
+ }
+ /*
+ * m = c2 / (c1^x)
+ */
+ if (!BN_mod_exp(c1x, c1, x, p, tmp)) {
+ goto done;
+ }
+ if (!BN_mod_inverse(bndiv, c1x, p, tmp)) {
+ goto done;
+ }
+ if (!BN_mod_mul(m, c2, bndiv, p, tmp)) {
+ goto done;
+ }
+ /* result */
+ if (BN_bn2bin(m, out) > 0) {
+ ret = 1;
+ }
+done:
+ if (tmp) {
+ BN_CTX_free(tmp);
+ }
+ if (m) {
+ BN_clear_free(m);
+ }
+ if (bndiv) {
+ BN_clear_free(bndiv);
+ }
+ if (c1x) {
+ BN_clear_free(c1x);
+ }
+ if (x) {
+ BN_clear_free(x);
+ }
+ if (p) {
+ BN_clear_free(p);
+ }
+ if (c1) {
+ BN_clear_free(c1);
+ }
+ if (c2) {
+ BN_clear_free(c2);
+ }
+ return ret;
+}
Index: src/crypto/external/bsd/netpgp/dist/src/lib/packet-parse.c
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/packet-parse.c:1.41 src/crypto/external/bsd/netpgp/dist/src/lib/packet-parse.c:1.42
--- src/crypto/external/bsd/netpgp/dist/src/lib/packet-parse.c:1.41 Sun Aug 15 16:36:24 2010
+++ src/crypto/external/bsd/netpgp/dist/src/lib/packet-parse.c Wed Sep 8 03:21:22 2010
@@ -58,7 +58,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: packet-parse.c,v 1.41 2010/08/15 16:36:24 agc Exp $");
+__RCSID("$NetBSD: packet-parse.c,v 1.42 2010/09/08 03:21:22 agc Exp $");
#endif
#ifdef HAVE_OPENSSL_CAST_H
@@ -2550,7 +2550,6 @@
break;
case OPS_PKA_ELGAMAL:
-printf("elgamal reading\n");
if (!limread_mpi(&pkt.u.seckey.key.elgamal.x, region, stream)) {
ret = 0;
}
@@ -2652,7 +2651,6 @@
unsigned k;
BIGNUM *enc_m;
int n;
-
/* Can't rely on it being CAST5 */
/* \todo FIXME RW */
/* const size_t sz_unencoded_m_buf=CAST_KEY_LENGTH+1+2; */
Index: src/crypto/external/bsd/netpgp/dist/src/lib/version.h
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/version.h:1.41 src/crypto/external/bsd/netpgp/dist/src/lib/version.h:1.42
--- src/crypto/external/bsd/netpgp/dist/src/lib/version.h:1.41 Thu Sep 2 06:00:12 2010
+++ src/crypto/external/bsd/netpgp/dist/src/lib/version.h Wed Sep 8 03:21:22 2010
@@ -58,7 +58,7 @@
#endif
/* development versions have .99 suffix */
-#define NETPGP_BASE_VERSION "3.99.11"
+#define NETPGP_BASE_VERSION "3.99.12"
#define NETPGP_VERSION_CAT(a, b) "NetPGP portable " a "/[" b "]"
#define NETPGP_VERSION_STRING \
Index: src/crypto/external/bsd/netpgp/dist/src/lib/ssh2pgp.c
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/ssh2pgp.c:1.16 src/crypto/external/bsd/netpgp/dist/src/lib/ssh2pgp.c:1.17
--- src/crypto/external/bsd/netpgp/dist/src/lib/ssh2pgp.c:1.16 Sun Aug 15 07:52:27 2010
+++ src/crypto/external/bsd/netpgp/dist/src/lib/ssh2pgp.c Wed Sep 8 03:21:22 2010
@@ -242,6 +242,13 @@
bufgap_seek(&bg, 1, BGFromHere, BGByte);
off = bufgap_tell(&bg, BGFromBOF, BGByte);
+ if (bufgap_size(&bg, BGByte) - off < 10) {
+ (void) fprintf(stderr, "bad key file '%s'\n", f);
+ (void) free(buf);
+ bufgap_close(&bg);
+ return 0;
+ }
+
/* convert from base64 to binary */
cc = bufgap_getbin(&bg, buf, (size_t)st.st_size);
if ((space = strchr(buf, ' ')) != NULL) {
Index: src/crypto/external/bsd/netpgp/dist/src/libmj/libmj.3
diff -u src/crypto/external/bsd/netpgp/dist/src/libmj/libmj.3:1.1 src/crypto/external/bsd/netpgp/dist/src/libmj/libmj.3:1.2
--- src/crypto/external/bsd/netpgp/dist/src/libmj/libmj.3:1.1 Sat Aug 7 04:13:57 2010
+++ src/crypto/external/bsd/netpgp/dist/src/libmj/libmj.3 Wed Sep 8 03:21:22 2010
@@ -85,6 +85,10 @@
.Fo mj_string_size
.Fa "mj_t *atom"
.Fc
+.Ft int
+.Fo mj_pretty
+.Fa "mj_t *atom" "void *stream" "unsigned depth" "const char *trailer"
+.Fc
.Sh DESCRIPTION
.Nm
is a small library interface to allow JSON text to be created and parsed.
@@ -144,12 +148,28 @@
and the JSON serialised text is copied into it.
This memory can later be de-allocated using
.Xr free 3 .
+For formatted output to a
+.Dv FILE *
+stream, the
+.Fn mj_pretty
+function is used.
+The calling interface gives the ability to indent the
+output to a given
+.Fa depth
+and for the formatted output to be followed by a
+.Fa trailer
+string, which is usually NULL for external calls,
+but can be any valid string.
+Output is sent to the
+.Fa stream
+file stream.
.Pp
The
.Fa type
argument given to the
.Fn mj_create ,
-.Fn mj_append and
+.Fn mj_append ,
+and
.Fn mj_append_field
functions is taken from a list of
.Dq false
@@ -171,9 +191,6 @@
index to access the individual
JSON objects.
The index can also be found using the
-.Fn mj_object_index
-function, and the object using
-the
.Fn mj_object_find
function.
.Pp
Index: src/crypto/external/bsd/netpgp/dist/src/libmj/mj.h
diff -u src/crypto/external/bsd/netpgp/dist/src/libmj/mj.h:1.1 src/crypto/external/bsd/netpgp/dist/src/libmj/mj.h:1.2
--- src/crypto/external/bsd/netpgp/dist/src/libmj/mj.h:1.1 Sat Aug 7 04:13:57 2010
+++ src/crypto/external/bsd/netpgp/dist/src/libmj/mj.h Wed Sep 8 03:21:22 2010
@@ -64,5 +64,6 @@
int mj_snprint(char *, size_t, mj_t *);
int mj_asprint(char **, mj_t *);
int mj_string_size(mj_t *);
+int mj_pretty(mj_t *, void *, unsigned, const char *);
#endif
Index: src/crypto/external/bsd/netpgp/dist/src/libmj/mj.c
diff -u src/crypto/external/bsd/netpgp/dist/src/libmj/mj.c:1.3 src/crypto/external/bsd/netpgp/dist/src/libmj/mj.c:1.4
--- src/crypto/external/bsd/netpgp/dist/src/libmj/mj.c:1.3 Sat Aug 7 04:53:56 2010
+++ src/crypto/external/bsd/netpgp/dist/src/libmj/mj.c Wed Sep 8 03:21:22 2010
@@ -152,6 +152,20 @@
return *tok;
}
+/* minor function used to indent a JSON field */
+static void
+indent(FILE *fp, unsigned depth, const char *trailer)
+{
+ unsigned i;
+
+ for (i = 0 ; i < depth ; i++) {
+ (void) fprintf(fp, " ");
+ }
+ if (trailer) {
+ (void) fprintf(fp, "%s", trailer);
+ }
+}
+
/***************************************************************************/
/* return the number of entries in the array */
@@ -479,6 +493,7 @@
return 1;
}
+/* make sure a JSON object is politically correct */
int
mj_lint(mj_t *obj)
{
@@ -519,3 +534,42 @@
return 0;
}
}
+
+/* pretty-print a JSON struct - can be called recursively */
+int
+mj_pretty(mj_t *mj, void *vp, unsigned depth, const char *trailer)
+{
+ unsigned i;
+ FILE *fp;
+
+ fp = (FILE *)vp;
+ switch(mj->type) {
+ case MJ_NUMBER:
+ case MJ_TRUE:
+ case MJ_FALSE:
+ case MJ_NULL:
+ indent(fp, depth, mj->value.s);
+ break;
+ case MJ_STRING:
+ indent(fp, depth, NULL);
+ (void) fprintf(fp, "\"%s\"", mj->value.s);
+ break;
+ case MJ_ARRAY:
+ indent(fp, depth, "[\n");
+ for (i = 0 ; i < mj->c ; i++) {
+ mj_pretty(&mj->value.v[i], fp, depth + 1, (i < mj->c - 1) ? ",\n" : "\n");
+ }
+ indent(fp, depth, "]");
+ break;
+ case MJ_OBJECT:
+ indent(fp, depth, "{\n");
+ for (i = 0 ; i < mj->c ; i += 2) {
+ mj_pretty(&mj->value.v[i], fp, depth + 1, " : ");
+ mj_pretty(&mj->value.v[i + 1], fp, 0, (i < mj->c - 2) ? ",\n" : "\n");
+ }
+ indent(fp, depth, "}");
+ break;
+ }
+ indent(fp, 0, trailer);
+ return 1;
+}
Index: src/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.c
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.c:1.14 src/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.c:1.15
--- src/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.c:1.14 Wed Sep 1 17:25:57 2010
+++ src/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.c Wed Sep 8 03:21:22 2010
@@ -1,4 +1,4 @@
-/* $NetBSD: netpgp.c,v 1.14 2010/09/01 17:25:57 agc Exp $ */
+/* $NetBSD: netpgp.c,v 1.15 2010/09/08 03:21:22 agc Exp $ */
/*-
* Copyright (c) 2009 The NetBSD Foundation, Inc.
@@ -527,7 +527,7 @@
netpgp_setvar(&netpgp, "max mem alloc", "4194304");
homeset = 0;
optindex = 0;
- while ((ch = getopt_long(argc, argv, "Vdeo:sv", options, &optindex)) != -1) {
+ while ((ch = getopt_long(argc, argv, "S:Vdeo:sv", options, &optindex)) != -1) {
if (ch >= ENCRYPT) {
/* getopt_long returns 0 for long options */
if (!setoption(&netpgp, &p, options[optindex].val, optarg, &homeset)) {
@@ -535,6 +535,10 @@
}
} else {
switch (ch) {
+ case 'S':
+ netpgp_setvar(&netpgp, "ssh keys", "1");
+ netpgp_setvar(&netpgp, "sshkeyfile", optarg);
+ break;
case 'V':
printf(
"%s\nAll bug reports, praise and chocolate, please, to:\n%s\n",
Index: src/crypto/external/bsd/netpgp/dist/src/netpgpkeys/netpgpkeys.c
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpkeys/netpgpkeys.c:1.18 src/crypto/external/bsd/netpgp/dist/src/netpgpkeys/netpgpkeys.c:1.19
--- src/crypto/external/bsd/netpgp/dist/src/netpgpkeys/netpgpkeys.c:1.18 Thu Sep 2 06:00:12 2010
+++ src/crypto/external/bsd/netpgp/dist/src/netpgpkeys/netpgpkeys.c Wed Sep 8 03:21:23 2010
@@ -387,7 +387,7 @@
netpgp_setvar(&netpgp, "res", "<stdout>");
netpgp_setvar(&netpgp, "hash", DEFAULT_HASH_ALG);
optindex = 0;
- while ((ch = getopt_long(argc, argv, "Vglo:s", options, &optindex)) != -1) {
+ while ((ch = getopt_long(argc, argv, "S:Vglo:s", options, &optindex)) != -1) {
if (ch >= LIST_KEYS) {
/* getopt_long returns 0 for long options */
if (!setoption(&netpgp, &p, options[optindex].val, optarg, &homeset)) {
@@ -395,6 +395,10 @@
}
} else {
switch (ch) {
+ case 'S':
+ netpgp_setvar(&netpgp, "ssh keys", "1");
+ netpgp_setvar(&netpgp, "sshkeyfile", optarg);
+ break;
case 'V':
printf(
"%s\nAll bug reports, praise and chocolate, please, to:\n%s\n",
