Module Name: src
Committed By: agc
Date: Mon Nov 29 04:20:13 UTC 2010
Modified Files:
src/crypto/external/bsd/netpgp/dist/src/lib: crypto.c crypto.h netpgp.c
reader.c
src/crypto/external/bsd/netpgp/dist/src/netpgp: netpgp.1 netpgp.c
Log Message:
Fix PR 44075 from Peter Pentchev, but do this by adding a
--numtries=<attempts> option to netpgp(1) to provide the maximum
number of attempts to retrieve the correct passphrase when signing or
decrypting, and use it in libnetpgp(3). The default number of
attempts is 3, and a value of "unlimited" will loop until the correct
passphrase has been entered.
To generate a diff of this commit:
cvs rdiff -u -r1.33 -r1.34 \
src/crypto/external/bsd/netpgp/dist/src/lib/crypto.c
cvs rdiff -u -r1.29 -r1.30 \
src/crypto/external/bsd/netpgp/dist/src/lib/crypto.h
cvs rdiff -u -r1.84 -r1.85 \
src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c
cvs rdiff -u -r1.46 -r1.47 \
src/crypto/external/bsd/netpgp/dist/src/lib/reader.c
cvs rdiff -u -r1.16 -r1.17 \
src/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.1 \
src/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/external/bsd/netpgp/dist/src/lib/crypto.c
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/crypto.c:1.33 src/crypto/external/bsd/netpgp/dist/src/lib/crypto.c:1.34
--- src/crypto/external/bsd/netpgp/dist/src/lib/crypto.c:1.33 Mon Nov 15 08:50:32 2010
+++ src/crypto/external/bsd/netpgp/dist/src/lib/crypto.c Mon Nov 29 04:20:12 2010
@@ -54,7 +54,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: crypto.c,v 1.33 2010/11/15 08:50:32 agc Exp $");
+__RCSID("$NetBSD: crypto.c,v 1.34 2010/11/29 04:20:12 agc Exp $");
#endif
#include <sys/types.h>
@@ -447,13 +447,14 @@
const unsigned allow_overwrite,
const unsigned sshkeys,
void *passfp,
+ int numtries,
pgp_cbfunc_t *getpassfunc)
{
pgp_stream_t *parse = NULL;
- const int printerrors = 1;
- char *filename = NULL;
- int fd_in;
- int fd_out;
+ const int printerrors = 1;
+ char *filename = NULL;
+ int fd_in;
+ int fd_out;
/* setup for reading from given input file */
fd_in = pgp_setup_file_read(io, &parse, infile,
@@ -510,6 +511,7 @@
parse->cbinfo.cryptinfo.getpassphrase = getpassfunc;
parse->cbinfo.cryptinfo.pubring = pubring;
parse->cbinfo.sshseckey = (sshkeys) ? &secring->keys[0].key.seckey : NULL;
+ parse->cbinfo.numtries = numtries;
/* Set up armour/passphrase options */
if (use_armour) {
@@ -524,6 +526,11 @@
pgp_reader_pop_dearmour(parse);
}
+ /* if we didn't get the passphrase, unlink output file */
+ if (!parse->cbinfo.gotpass) {
+ (void) unlink((filename) ? filename : outfile);
+ }
+
if (filename) {
pgp_teardown_file_write(parse->cbinfo.output, fd_out);
free(filename);
@@ -544,6 +551,7 @@
const unsigned use_armour,
const unsigned sshkeys,
void *passfp,
+ int numtries,
pgp_cbfunc_t *getpassfunc)
{
pgp_stream_t *parse = NULL;
@@ -575,6 +583,7 @@
parse->cbinfo.passfp = passfp;
parse->cbinfo.cryptinfo.getpassphrase = getpassfunc;
parse->cbinfo.sshseckey = (sshkeys) ? &secring->keys[0].key.seckey : NULL;
+ parse->cbinfo.numtries = numtries;
/* Set up armour/passphrase options */
if (use_armour) {
@@ -589,6 +598,7 @@
pgp_reader_pop_dearmour(parse);
}
+
/* tidy up */
pgp_teardown_memory_read(parse, inmem);
pgp_memory_release(inmem);
@@ -597,6 +607,6 @@
pgp_writer_close(parse->cbinfo.output);
pgp_output_delete(parse->cbinfo.output);
- return outmem;
+ /* if we didn't get the passphrase, return NULL */
+ return (parse->cbinfo.gotpass) ? outmem : NULL;
}
-
Index: src/crypto/external/bsd/netpgp/dist/src/lib/crypto.h
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/crypto.h:1.29 src/crypto/external/bsd/netpgp/dist/src/lib/crypto.h:1.30
--- src/crypto/external/bsd/netpgp/dist/src/lib/crypto.h:1.29 Mon Nov 15 08:56:30 2010
+++ src/crypto/external/bsd/netpgp/dist/src/lib/crypto.h Mon Nov 29 04:20:12 2010
@@ -64,7 +64,7 @@
/** pgp_hash_t */
struct pgp_hash_t {
- pgp_hash_alg_t alg; /* algorithm */
+ pgp_hash_alg_t alg; /* algorithm */
size_t size; /* size */
const char *name; /* what it's known as */
int (*init)(pgp_hash_t *);
@@ -185,6 +185,7 @@
const unsigned,
const unsigned,
void *,
+ int,
pgp_cbfunc_t *);
pgp_memory_t *
@@ -200,6 +201,7 @@
const unsigned,
const unsigned,
void *,
+ int,
pgp_cbfunc_t *);
/* Keys */
@@ -217,15 +219,15 @@
/** pgp_reader_t */
struct pgp_reader_t {
pgp_reader_func_t *reader; /* reader func to get parse data */
- pgp_reader_destroyer_t *destroyer;
+ pgp_reader_destroyer_t *destroyer;
void *arg; /* args to pass to reader function */
unsigned accumulate:1; /* set to gather packet data */
- uint8_t *accumulated; /* the accumulated data */
+ uint8_t *accumulated; /* the accumulated data */
unsigned asize; /* size of the buffer */
unsigned alength;/* used buffer */
unsigned position; /* reader-specific offset */
pgp_reader_t *next;
- pgp_stream_t *parent;/* parent parse_info structure */
+ pgp_stream_t *parent;/* parent parse_info structure */
};
@@ -235,7 +237,7 @@
struct pgp_cryptinfo_t {
char *passphrase;
pgp_keyring_t *secring;
- const pgp_key_t *keydata;
+ const pgp_key_t *keydata;
pgp_cbfunc_t *getpassphrase;
pgp_keyring_t *pubring;
};
@@ -246,12 +248,14 @@
void *arg; /* args to pass to callback func */
pgp_error_t **errors; /* address of error stack */
pgp_cbdata_t *next;
- pgp_output_t *output;/* used if writing out parsed info */
+ pgp_output_t *output; /* when writing out parsed info */
pgp_io_t *io; /* error/output messages */
void *passfp; /* fp for passphrase input */
- pgp_cryptinfo_t cryptinfo; /* used when decrypting */
- pgp_printstate_t printstate; /* used to keep state when printing */
+ pgp_cryptinfo_t cryptinfo; /* used when decrypting */
+ pgp_printstate_t printstate; /* used to keep printing state */
pgp_seckey_t *sshseckey; /* secret key for ssh */
+ int numtries; /* # of passphrase attempts */
+ int gotpass; /* when passphrase entered */
};
/** pgp_hashtype_t */
@@ -294,9 +298,9 @@
pgp_error_t *errors;
void *io; /* io streams */
pgp_crypt_t decrypt;
- pgp_cryptinfo_t cryptinfo;
+ pgp_cryptinfo_t cryptinfo;
size_t hashc;
- pgp_hashtype_t *hashes;
+ pgp_hashtype_t *hashes;
unsigned reading_v3_secret:1;
unsigned reading_mpi_len:1;
unsigned exact_read:1;
Index: src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c:1.84 src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c:1.85
--- src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c:1.84 Mon Nov 15 08:27:40 2010
+++ src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c Mon Nov 29 04:20:12 2010
@@ -34,7 +34,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: netpgp.c,v 1.84 2010/11/15 08:27:40 agc Exp $");
+__RCSID("$NetBSD: netpgp.c,v 1.85 2010/11/29 04:20:12 agc Exp $");
#endif
#include <sys/types.h>
@@ -707,10 +707,11 @@
}
#define MAX_PASSPHRASE_ATTEMPTS 3
+#define INFINITE_ATTEMPTS -1
/* get the passphrase from the user */
static int
-find_passphrase(FILE *passfp, const char *id, char *passphrase, size_t size)
+find_passphrase(FILE *passfp, const char *id, char *passphrase, size_t size, int attempts)
{
char prompt[BUFSIZ];
char buf[128];
@@ -719,12 +720,12 @@
int i;
if (passfp) {
- if (fgets(passphrase, size, passfp) == NULL) {
+ if (fgets(passphrase, (int)size, passfp) == NULL) {
return 0;
}
return strlen(passphrase);
}
- for (i = 0 ; i < MAX_PASSPHRASE_ATTEMPTS ; i++) {
+ for (i = 0 ; i < attempts ; i++) {
(void) snprintf(prompt, sizeof(prompt), "Enter passphrase for %.16s: ", id);
if ((cp = getpass(prompt)) == NULL) {
break;
@@ -1151,6 +1152,8 @@
char dir[MAXPATHLEN];
char *cp;
char *ringfile;
+ char *numtries;
+ int attempts;
int passc;
int fd;
@@ -1199,8 +1202,14 @@
return 0;
}
/* get the passphrase */
- passc = find_passphrase(netpgp->passfp, &cp[ID_OFFSET], passphrase, sizeof(passphrase));
- if (!pgp_write_xfer_seckey(create, key, (uint8_t *)passphrase, passc, noarmor)) {
+ if ((numtries = netpgp_getvar(netpgp, "numtries")) == NULL ||
+ (attempts = atoi(numtries)) <= 0) {
+ attempts = MAX_PASSPHRASE_ATTEMPTS;
+ } else if (strcmp(numtries, "unlimited") == 0) {
+ attempts = INFINITE_ATTEMPTS;
+ }
+ passc = find_passphrase(netpgp->passfp, &cp[ID_OFFSET], passphrase, sizeof(passphrase), attempts);
+ if (!pgp_write_xfer_seckey(create, key, (uint8_t *)passphrase, (const unsigned)passc, noarmor)) {
(void) fprintf(io->errs, "Cannot write seckey\n");
return 0;
}
@@ -1256,6 +1265,8 @@
pgp_io_t *io;
unsigned realarmor;
unsigned sshkeys;
+ char *numtries;
+ int attempts;
__PGP_USED(armored);
io = netpgp->io;
@@ -1266,10 +1277,16 @@
}
realarmor = isarmoured(io, f, NULL, ARMOR_HEAD);
sshkeys = (unsigned)(netpgp_getvar(netpgp, "ssh keys") != NULL);
+ if ((numtries = netpgp_getvar(netpgp, "numtries")) == NULL ||
+ (attempts = atoi(numtries)) <= 0) {
+ attempts = MAX_PASSPHRASE_ATTEMPTS;
+ } else if (strcmp(numtries, "unlimited") == 0) {
+ attempts = INFINITE_ATTEMPTS;
+ }
return pgp_decrypt_file(netpgp->io, f, out, netpgp->secring,
netpgp->pubring,
realarmor, overwrite, sshkeys,
- netpgp->passfp, get_passphrase_cb);
+ netpgp->passfp, attempts, get_passphrase_cb);
}
/* sign a file */
@@ -1282,13 +1299,16 @@
int cleartext,
int detached)
{
- const pgp_key_t *keypair;
- const pgp_key_t *pubkey;
- pgp_seckey_t *seckey;
+ const pgp_key_t *keypair;
+ const pgp_key_t *pubkey;
const unsigned overwrite = 1;
- pgp_io_t *io;
+ pgp_seckey_t *seckey;
const char *hashalg;
+ pgp_io_t *io;
+ char *numtries;
+ int attempts;
int ret;
+ int i;
io = netpgp->io;
if (f == NULL) {
@@ -1301,7 +1321,13 @@
return 0;
}
ret = 1;
- do {
+ if ((numtries = netpgp_getvar(netpgp, "numtries")) == NULL ||
+ (attempts = atoi(numtries)) <= 0) {
+ attempts = MAX_PASSPHRASE_ATTEMPTS;
+ } else if (strcmp(numtries, "unlimited") == 0) {
+ attempts = INFINITE_ATTEMPTS;
+ }
+ for (i = 0, seckey = NULL ; !seckey && (i < attempts || attempts == INFINITE_ATTEMPTS) ; i++) {
if (netpgp->passfp == NULL) {
/* print out the user id */
pubkey = pgp_getkeybyname(io, netpgp->pubring, userid);
@@ -1327,7 +1353,11 @@
secring = netpgp->secring;
seckey = &secring->keys[0].key.seckey;
}
- } while (seckey == NULL);
+ }
+ if (seckey == NULL) {
+ (void) fprintf(io->errs, "Bad passphrase\n");
+ return 0;
+ }
/* sign file */
hashalg = netpgp_getvar(netpgp, "hash");
if (seckey->pubkey.alg == PGP_PKA_DSA) {
@@ -1399,13 +1429,16 @@
const unsigned armored,
const unsigned cleartext)
{
- const pgp_key_t *keypair;
- const pgp_key_t *pubkey;
+ const pgp_key_t *keypair;
+ const pgp_key_t *pubkey;
pgp_seckey_t *seckey;
pgp_memory_t *signedmem;
- pgp_io_t *io;
const char *hashalg;
+ pgp_io_t *io;
+ char *numtries;
+ int attempts;
int ret;
+ int i;
io = netpgp->io;
if (mem == NULL) {
@@ -1417,7 +1450,13 @@
return 0;
}
ret = 1;
- do {
+ if ((numtries = netpgp_getvar(netpgp, "numtries")) == NULL ||
+ (attempts = atoi(numtries)) <= 0) {
+ attempts = MAX_PASSPHRASE_ATTEMPTS;
+ } else if (strcmp(numtries, "unlimited") == 0) {
+ attempts = INFINITE_ATTEMPTS;
+ }
+ for (i = 0, seckey = NULL ; !seckey && (i < attempts || attempts == INFINITE_ATTEMPTS) ; i++) {
if (netpgp->passfp == NULL) {
/* print out the user id */
pubkey = pgp_getkeybyname(io, netpgp->pubring, userid);
@@ -1436,7 +1475,11 @@
if (seckey == NULL) {
(void) fprintf(io->errs, "Bad passphrase\n");
}
- } while (seckey == NULL);
+ }
+ if (seckey == NULL) {
+ (void) fprintf(io->errs, "Bad passphrase\n");
+ return 0;
+ }
/* sign file */
(void) memset(out, 0x0, outsize);
hashalg = netpgp_getvar(netpgp, "hash");
@@ -1566,6 +1609,8 @@
unsigned realarmour;
unsigned sshkeys;
size_t m;
+ char *numtries;
+ int attempts;
__PGP_USED(armored);
io = netpgp->io;
@@ -1576,11 +1621,21 @@
}
realarmour = isarmoured(io, NULL, input, ARMOR_HEAD);
sshkeys = (unsigned)(netpgp_getvar(netpgp, "ssh keys") != NULL);
+ if ((numtries = netpgp_getvar(netpgp, "numtries")) == NULL ||
+ (attempts = atoi(numtries)) <= 0) {
+ attempts = MAX_PASSPHRASE_ATTEMPTS;
+ } else if (strcmp(numtries, "unlimited") == 0) {
+ attempts = INFINITE_ATTEMPTS;
+ }
mem = pgp_decrypt_buf(netpgp->io, input, insize, netpgp->secring,
netpgp->pubring,
realarmour, sshkeys,
netpgp->passfp,
+ attempts,
get_passphrase_cb);
+ if (mem == NULL) {
+ return -1;
+ }
m = MIN(pgp_mem_len(mem), outsize);
(void) memcpy(out, pgp_mem_data(mem), m);
pgp_memory_free(mem);
Index: src/crypto/external/bsd/netpgp/dist/src/lib/reader.c
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/reader.c:1.46 src/crypto/external/bsd/netpgp/dist/src/lib/reader.c:1.47
--- src/crypto/external/bsd/netpgp/dist/src/lib/reader.c:1.46 Mon Nov 15 08:50:32 2010
+++ src/crypto/external/bsd/netpgp/dist/src/lib/reader.c Mon Nov 29 04:20:12 2010
@@ -54,7 +54,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: reader.c,v 1.46 2010/11/15 08:50:32 agc Exp $");
+__RCSID("$NetBSD: reader.c,v 1.47 2010/11/29 04:20:12 agc Exp $");
#endif
#include <sys/types.h>
@@ -2200,10 +2200,11 @@
{
const pgp_contents_t *content = &pkt->u;
const pgp_seckey_t *secret;
- const pgp_key_t *pubkey;
- const pgp_key_t *keypair;
+ const pgp_key_t *pubkey;
+ const pgp_key_t *keypair;
unsigned from;
pgp_io_t *io;
+ int i;
io = cbinfo->io;
if (pgp_get_debug_level(__FILE__)) {
@@ -2230,16 +2231,24 @@
if (pubkey == NULL) {
pubkey = keypair;
}
- do {
+ secret = NULL;
+ cbinfo->gotpass = 0;
+ for (i = 0 ; cbinfo->numtries == -1 || i < cbinfo->numtries ; i++) {
/* print out the user id */
pgp_print_keydata(io, cbinfo->cryptinfo.pubring, pubkey,
"signature ", &pubkey->key.pubkey, 0);
/* now decrypt key */
secret = pgp_decrypt_seckey(keypair, cbinfo->passfp);
- if (secret == NULL) {
- (void) fprintf(io->errs, "Bad passphrase\n");
+ if (secret != NULL) {
+ break;
}
- } while (secret == NULL);
+ (void) fprintf(io->errs, "Bad passphrase\n");
+ }
+ if (secret == NULL) {
+ (void) fprintf(io->errs, "Exhausted passphrase attempts\n");
+ return (pgp_cb_ret_t)PGP_RELEASE_MEMORY;
+ }
+ cbinfo->gotpass = 1;
*content->get_seckey.seckey = secret;
break;
Index: src/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.1
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.1:1.16 src/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.1:1.17
--- src/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.1:1.16 Thu Nov 4 15:39:08 2010
+++ src/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.1 Mon Nov 29 04:20:12 2010
@@ -1,4 +1,4 @@
-.\" $NetBSD: netpgp.1,v 1.16 2010/11/04 15:39:08 agc Exp $
+.\" $NetBSD: netpgp.1,v 1.17 2010/11/29 04:20:12 agc Exp $
.\"
.\" Copyright (c) 2009 The NetBSD Foundation, Inc.
.\" All rights reserved.
@@ -27,7 +27,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
.\" POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd November 4, 2010
+.Dd November 28, 2010
.Dt NETPGP 1
.Os
.Sh NAME
@@ -43,6 +43,7 @@
.Fl Fl decrypt
.Op Fl Fl output Ns = Ns Ar filename
.Op Fl Fl pass\-fd Ns = Ns Ar fd
+.Op Fl Fl num\-tries Ns = Ns Ar attempts
.Op options
.Ar file ...
.Pp
@@ -54,6 +55,7 @@
.Op Fl Fl output Ns = Ns Ar filename
.Op Fl Fl pass\-fd Ns = Ns Ar fd
.Op Fl Fl from Ns = Ns Ar sig-valid-from
+.Op Fl Fl num\-tries Ns = Ns Ar attempts
.Op Fl Fl duration Ns = Ns Ar sig-valid-duration
.Op options
.Ar file ...
@@ -284,6 +286,14 @@
passed to it in the command line argument, rather than
using its own methods of retrieving the passphrase from
the user.
+.It Fl Fl num-tries Ns = Ns Ar attempts
+This option sets the maximum number of attempts to get the
+correct passphrase from the user.
+A value of
+.Dv unlimited
+means that there is no maximum number of attempts, and the
+utility will loop endlessly until the correct passphrase has been
+entered, or the utility is terminated.
.It Fl Fl from Ns = Ns Ar signature-valid-from
This option allows the signer to specify a time as the
starting point for validity of the signature.
Index: src/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.c
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.c:1.16 src/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.c:1.17
--- src/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.c:1.16 Thu Nov 4 15:39:08 2010
+++ src/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.c Mon Nov 29 04:20:12 2010
@@ -1,4 +1,4 @@
-/* $NetBSD: netpgp.c,v 1.16 2010/11/04 15:39:08 agc Exp $ */
+/* $NetBSD: netpgp.c,v 1.17 2010/11/29 04:20:12 agc Exp $ */
/*-
* Copyright (c) 2009 The NetBSD Foundation, Inc.
@@ -65,6 +65,7 @@
"\t[--coredumps] AND/OR\n"
"\t[--homedir=<homedir>] AND/OR\n"
"\t[--keyring=<keyring>] AND/OR\n"
+ "\t[--numtries=<attempts>] AND/OR\n"
"\t[--userid=<userid>] AND/OR\n"
"\t[--maxmemalloc=<number of bytes>] AND/OR\n"
"\t[--verbose]\n";
@@ -100,6 +101,7 @@
DURATION,
BIRTHTIME,
CIPHER,
+ NUMTRIES,
/* debug */
OPS_DEBUG
@@ -158,6 +160,9 @@
{"duration", required_argument, NULL, DURATION},
{"expiry", required_argument, NULL, DURATION},
{"cipher", required_argument, NULL, CIPHER},
+ {"num-tries", required_argument, NULL, NUMTRIES},
+ {"numtries", required_argument, NULL, NUMTRIES},
+ {"attempts", required_argument, NULL, NUMTRIES},
{ NULL, 0, NULL, 0},
};
@@ -464,6 +469,9 @@
case CIPHER:
netpgp_setvar(netpgp, "cipher", arg);
break;
+ case NUMTRIES:
+ netpgp_setvar(netpgp, "numtries", arg);
+ break;
case OPS_DEBUG:
netpgp_set_debug(arg);
break;
