Module Name: src
Committed By: agc
Date: Thu Oct 25 04:03:16 UTC 2012
Modified Files:
src/crypto/external/bsd/netpgp/dist/src/libverify
[agc-netpgp-standalone]:
libnetpgpverify.3 libverify.c verify.h
src/crypto/external/bsd/netpgp/dist/src/netpgpverify
[agc-netpgp-standalone]:
main.c
Log Message:
change the signature (ha!) of the pgpv_read_pubring() function to allow a
key to be specified as a string in memory, as well as in a file. as always,
the pubring must precede the signature.
To generate a diff of this commit:
cvs rdiff -u -r1.1.2.4 -r1.1.2.5 \
src/crypto/external/bsd/netpgp/dist/src/libverify/libnetpgpverify.3
cvs rdiff -u -r1.1.2.7 -r1.1.2.8 \
src/crypto/external/bsd/netpgp/dist/src/libverify/libverify.c
cvs rdiff -u -r1.1.2.6 -r1.1.2.7 \
src/crypto/external/bsd/netpgp/dist/src/libverify/verify.h
cvs rdiff -u -r1.1.2.3 -r1.1.2.4 \
src/crypto/external/bsd/netpgp/dist/src/netpgpverify/main.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/external/bsd/netpgp/dist/src/libverify/libnetpgpverify.3
diff -u src/crypto/external/bsd/netpgp/dist/src/libverify/libnetpgpverify.3:1.1.2.4 src/crypto/external/bsd/netpgp/dist/src/libverify/libnetpgpverify.3:1.1.2.5
--- src/crypto/external/bsd/netpgp/dist/src/libverify/libnetpgpverify.3:1.1.2.4 Tue Oct 23 15:00:56 2012
+++ src/crypto/external/bsd/netpgp/dist/src/libverify/libnetpgpverify.3 Thu Oct 25 04:03:16 2012
@@ -1,4 +1,4 @@
-.\" $NetBSD: libnetpgpverify.3,v 1.1.2.4 2012/10/23 15:00:56 agc Exp $
+.\" $NetBSD: libnetpgpverify.3,v 1.1.2.5 2012/10/25 04:03:16 agc Exp $
.\"
.\" Copyright (c) 2012 Alistair Crooks <[email protected]>
.\" All rights reserved.
@@ -35,7 +35,7 @@
.In netpgp/verify.h
.Ft int
.Fo pgpv_read_pubring
-.Fa "pgpv_t *pgp" "const char *keyring"
+.Fa "pgpv_t *pgp" "const void *keyring" "ssize_t size"
.Fc
.Ft size_t
.Fo pgpv_verify
@@ -67,6 +67,7 @@ located in a public key ring.
This library has enough functionality to parse a pubkey keyring,
using
.Fn pgpv_read_pubring
+to read the public keys of trusted identities,
and to read files or memory which has already been signed.
The
.Fn pgpv_verify
@@ -125,6 +126,10 @@ This is handled automatically by
.Xr bn 3 ,
.Xr zlib 3 ,
.Xr bzlib2 3
+.Sh STANDARDS
+The
+.Nm
+utility is designed to conform to IETF RFC 4880.
.Sh HISTORY
The
.Nm
Index: src/crypto/external/bsd/netpgp/dist/src/libverify/libverify.c
diff -u src/crypto/external/bsd/netpgp/dist/src/libverify/libverify.c:1.1.2.7 src/crypto/external/bsd/netpgp/dist/src/libverify/libverify.c:1.1.2.8
--- src/crypto/external/bsd/netpgp/dist/src/libverify/libverify.c:1.1.2.7 Wed Oct 24 02:27:25 2012
+++ src/crypto/external/bsd/netpgp/dist/src/libverify/libverify.c Thu Oct 25 04:03:16 2012
@@ -2134,10 +2134,12 @@ pgpv_verify(pgpv_cursor_t *cursor, pgpv_
/* set up the pubkey keyring */
int
-pgpv_read_pubring(pgpv_t *pgp, const char *keyring)
+pgpv_read_pubring(pgpv_t *pgp, const void *keyring, ssize_t size)
{
if (keyring) {
- return read_binary_file(pgp, "pubring", "%s", keyring);
+ return (size > 0) ?
+ read_binary_memory(pgp, "pubring", keyring, (size_t)size) :
+ read_binary_file(pgp, "pubring", "%s", keyring);
}
return read_binary_file(pgp, "pubring", "%s/%s", getenv("HOME"), ".gnupg/pubring.gpg");
}
Index: src/crypto/external/bsd/netpgp/dist/src/libverify/verify.h
diff -u src/crypto/external/bsd/netpgp/dist/src/libverify/verify.h:1.1.2.6 src/crypto/external/bsd/netpgp/dist/src/libverify/verify.h:1.1.2.7
--- src/crypto/external/bsd/netpgp/dist/src/libverify/verify.h:1.1.2.6 Wed Oct 24 02:27:25 2012
+++ src/crypto/external/bsd/netpgp/dist/src/libverify/verify.h Thu Oct 25 04:03:16 2012
@@ -240,6 +240,8 @@ typedef struct pgpv_t {
const char *op; /* the operation we're doing */
} pgpv_t;
+#define PGPV_REASON_LEN 128
+
/* when searching, we define a cursor, and fill in an array of subscripts */
typedef struct pgpv_cursor_t {
pgpv_t *pgp; /* pointer to pgp tree */
@@ -250,7 +252,7 @@ typedef struct pgpv_cursor_t {
PGPV_ARRAY(uint32_t, found); /* array of matched subscripts */
PGPV_ARRAY(size_t, datacookies); /* cookies to retrieve matched data */
int64_t sigtime; /* time of signature */
- char why[128]; /* reason for bad signature */
+ char why[PGPV_REASON_LEN]; /* reason for bad signature */
} pgpv_cursor_t;
#ifndef __BEGIN_DECLS
@@ -265,7 +267,7 @@ typedef struct pgpv_cursor_t {
__BEGIN_DECLS
-int pgpv_read_pubring(pgpv_t */*pgp*/, const char */*keyring*/);
+int pgpv_read_pubring(pgpv_t */*pgp*/, const void */*keyringfile/mem*/, ssize_t /*size*/);
size_t pgpv_verify(pgpv_cursor_t */*cursor*/, pgpv_t */*pgp*/, const void */*mem/file*/, ssize_t /*size*/);
size_t pgpv_get_verified(pgpv_cursor_t */*cursor*/, size_t /*cookie*/, char **/*ret*/);
Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/main.c
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/main.c:1.1.2.3 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/main.c:1.1.2.4
--- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/main.c:1.1.2.3 Tue Oct 23 15:03:37 2012
+++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/main.c Thu Oct 25 04:03:16 2012
@@ -147,7 +147,7 @@ main(int argc, char **argv)
if (cmd == NULL) {
cmd = "verify";
}
- if (!pgpv_read_pubring(&pgp, keyring)) {
+ if (!pgpv_read_pubring(&pgp, keyring, -1)) {
errx(EXIT_FAILURE, "can't read keyring");
}
if (optind == argc) {
