Up to [cvs.NetBSD.org] / src / crypto / external / bsd / netpgp / dist / src / libverify
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.2.6.2 / (download) - annotate - [select for diffs], Mon Feb 25 00:24:05 2013 UTC (11 years, 1 month ago) by tls
Branch: tls-maxphys
Changes since 1.2.6.1: +355 -0
lines
Diff to previous 1.2.6.1 (colored) to branchpoint 1.2 (colored)
resync with head
Revision 1.2.2.2 / (download) - annotate - [select for diffs], Wed Jan 16 05:25:58 2013 UTC (11 years, 2 months ago) by yamt
Branch: yamt-pagecache
CVS Tags: yamt-pagecache-tag8
Changes since 1.2.2.1: +355 -0
lines
Diff to previous 1.2.2.1 (colored) to branchpoint 1.2 (colored)
sync with (a bit old) head
Revision 1.2.6.1, Tue Nov 20 05:26:25 2012 UTC (11 years, 4 months ago) by tls
Branch: tls-maxphys
Changes since 1.2: +0 -355
lines
FILE REMOVED
file b64.c was added on branch tls-maxphys on 2013-02-25 00:24:05 +0000
Revision 1.2.2.1, Tue Nov 20 05:26:25 2012 UTC (11 years, 4 months ago) by yamt
Branch: yamt-pagecache
Changes since 1.2: +0 -355
lines
FILE REMOVED
file b64.c was added on branch yamt-pagecache on 2013-01-16 05:25:58 +0000
Revision 1.2 / (download) - annotate - [select for diffs], Tue Nov 20 05:26:25 2012 UTC (11 years, 4 months ago) by agc
Branch: MAIN
CVS Tags: yamt-pagecache-base9,
yamt-pagecache-base8,
yamt-pagecache-base7,
tls-maxphys-base,
tls-earlyentropy-base,
tls-earlyentropy,
riastradh-xf86-video-intel-2-7-1-pre-2-21-15,
riastradh-drm2-base3,
riastradh-drm2-base2,
riastradh-drm2-base1,
riastradh-drm2-base,
riastradh-drm2,
prg-localcount2-base3,
prg-localcount2-base2,
prg-localcount2-base1,
prg-localcount2-base,
prg-localcount2,
phil-wifi-base,
phil-wifi-20200421,
phil-wifi-20200411,
phil-wifi-20200406,
phil-wifi-20191119,
phil-wifi-20190609,
phil-wifi,
pgoyette-localcount-base,
pgoyette-localcount-20170426,
pgoyette-localcount-20170320,
pgoyette-localcount-20170107,
pgoyette-localcount-20161104,
pgoyette-localcount-20160806,
pgoyette-localcount-20160726,
pgoyette-localcount,
pgoyette-compat-merge-20190127,
pgoyette-compat-base,
pgoyette-compat-20190127,
pgoyette-compat-20190118,
pgoyette-compat-1226,
pgoyette-compat-1126,
pgoyette-compat-1020,
pgoyette-compat-0930,
pgoyette-compat-0906,
pgoyette-compat-0728,
pgoyette-compat-0625,
pgoyette-compat-0521,
pgoyette-compat-0502,
pgoyette-compat-0422,
pgoyette-compat-0415,
pgoyette-compat-0407,
pgoyette-compat-0330,
pgoyette-compat-0322,
pgoyette-compat-0315,
pgoyette-compat,
perseant-stdc-iso10646-base,
perseant-stdc-iso10646,
netbsd-9-base,
netbsd-9-3-RELEASE,
netbsd-9-2-RELEASE,
netbsd-9-1-RELEASE,
netbsd-9-0-RELEASE,
netbsd-9-0-RC2,
netbsd-9-0-RC1,
netbsd-9,
netbsd-8-base,
netbsd-8-2-RELEASE,
netbsd-8-1-RELEASE,
netbsd-8-1-RC1,
netbsd-8-0-RELEASE,
netbsd-8-0-RC2,
netbsd-8-0-RC1,
netbsd-8,
netbsd-7-nhusb-base-20170116,
netbsd-7-nhusb-base,
netbsd-7-nhusb,
netbsd-7-base,
netbsd-7-2-RELEASE,
netbsd-7-1-RELEASE,
netbsd-7-1-RC2,
netbsd-7-1-RC1,
netbsd-7-1-2-RELEASE,
netbsd-7-1-1-RELEASE,
netbsd-7-1,
netbsd-7-0-RELEASE,
netbsd-7-0-RC3,
netbsd-7-0-RC2,
netbsd-7-0-RC1,
netbsd-7-0-2-RELEASE,
netbsd-7-0-1-RELEASE,
netbsd-7-0,
netbsd-7,
netbsd-10-base,
netbsd-10-0-RELEASE,
netbsd-10-0-RC6,
netbsd-10-0-RC5,
netbsd-10-0-RC4,
netbsd-10-0-RC3,
netbsd-10-0-RC2,
netbsd-10-0-RC1,
netbsd-10,
matt-nb8-mediatek-base,
matt-nb8-mediatek,
localcount-20160914,
khorben-n900,
is-mlppp-base,
is-mlppp,
cjep_sun2x-base1,
cjep_sun2x-base,
cjep_sun2x,
cjep_staticlib_x-base1,
cjep_staticlib_x-base,
cjep_staticlib_x,
bouyer-socketcan-base1,
bouyer-socketcan-base,
bouyer-socketcan,
agc-symver-base,
agc-symver,
HEAD
Branch point for: yamt-pagecache,
tls-maxphys
Changes since 1.1: +355 -0
lines
Diff to previous 1.1 (colored)
Merge netpgpverify(1) and libnetpgpverify(3) from the agc-netpgp-standalone branch. Rewrite the netpgpverify(1) functionality from RFC4880 up. This is a completely new implementation, and uses its own bignum library derived from libtommath. Apart from libz and libbz2, it just uses its own library and is self-contained - this makes it easier to embed, and to use from scripting languages. netpgpverify(1) now verifies all the signed files i've thrown at it, and the added bonus of using no functionality from libcrypto - all of its bignum functionality comes from its own libnetpgpverify.so. netpgpverify(1) now verifies not only signatures on binary files, but also signatures on text documents. This fixes PR/46930. Please don't start me on the hoops I had to jump through to calculate the digests on text files; trust me, you will regret it. % supersize `which netpgpverify` text data bss dec hex filename 4452 860 72 5384 1508 /usr/bin/netpgpverify 79542 1408 0 80950 13c36 /usr/lib/libz.so.1 43994 984 488 45466 b19a /usr/lib/libgcc_s.so.1 1318116 49644 69272 1437032 15ed68 /usr/lib/libc.so.12 57253 4184 0 61437 effd /usr/lib/libbz2.so.1 108726 1712 0 110438 1af66 /usr/lib/libnetpgpverify.so.4 1612083 58792 69832 1740707 0x1a8fa3 total % % make t env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify b.gpg > output16 diff expected16 output16 rm -f output16 env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify a.gpg > output17 diff expected17 output17 rm -f output17 env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify gpgsigned-a.gpg > output18 diff expected18 output18 rm -f output18 env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify NetBSD-6.0_RC2_hashes.asc > output19 diff expected19 output19 rm -f output19 ... env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -k dsa-pubring.gpg in2.asc > output45 diff expected45 output45 rm -f output45 env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -k problem-pubring.gpg NetBSD-6.0_hashes.asc > output46 diff expected46 output46 rm -f output46 cd tests/netpgpverify && make && atf-run atf2kyua: I: Removing stale Kyuafiles from /tmp/.XXXXXX.004966aa atf2kyua: I: Converting /usr/src/crypto/external/bsd/netpgp-standalone/tests/netpgpverify/Atffile -> /tmp/.XXXXXX.004966aa/Kyuafile t_netpgpverify:netpgpverify_rsa -> passed [0.221s] t_netpgpverify:netpgpverify_dsa -> passed [0.117s] 2/2 passed (0 failed) Committed action 19 %
Revision 1.1.2.2 / (download) - annotate - [select for diffs], Mon Oct 29 15:46:50 2012 UTC (11 years, 5 months ago) by agc
Branch: agc-netpgp-standalone
Changes since 1.1.2.1: +6 -0
lines
Diff to previous 1.1.2.1 (colored) to branchpoint 1.1 (colored) next main 1.2 (colored)
Do some argument checking in public functions (exported by library interface)
Revision 1.1.2.1 / (download) - annotate - [select for diffs], Sat Oct 20 04:59:53 2012 UTC (11 years, 5 months ago) by agc
Branch: agc-netpgp-standalone
Changes since 1.1: +349 -0
lines
Diff to previous 1.1 (colored)
Replace the netpgpverify command and libnetpgpverify in the agc-netpgp-standalone branch with a completely rewritten "from the RFC up" version designed to be small, standalone, and easy to maintain. % ldd bin/netpgpverify/netpgpverify bin/netpgpverify/netpgpverify: -lz.1 => /usr/lib/libz.so.1 -lgcc_s.1 => /usr/lib/libgcc_s.so.1 -lc.12 => /usr/lib/libc.so.12 -lbz2.1 => /usr/lib/libbz2.so.1 -lnetpgpverify.4 => /usr/lib/libnetpgpverify.so.4 % ldd lib/verify/libnetpgpverify.so lib/verify/libnetpgpverify.so: -lc.12 => /usr/lib/libc.so.12 % ls -al lib/verify/libnetpgpverify* bin/netpgpverify/netpgpverify -rwxr-xr-x 1 agc agc 10502 Oct 18 20:59 bin/netpgpverify/netpgpverify -rw-r--r-- 1 agc agc 159720 Oct 18 20:59 lib/verify/libnetpgpverify.a -rw-r--r-- 1 agc agc 4822 Oct 18 20:59 lib/verify/libnetpgpverify.html3 lrwxr-xr-x 1 agc agc 22 Oct 18 20:59 lib/verify/libnetpgpverify.so -> libnetpgpverify.so.4.0 lrwxr-xr-x 1 agc agc 22 Oct 18 20:59 lib/verify/libnetpgpverify.so.4 -> libnetpgpverify.so.4.0 -rwxr-xr-x 1 agc agc 123069 Oct 18 20:59 lib/verify/libnetpgpverify.so.4.0 -rw-r--r-- 1 agc agc 169696 Oct 18 20:59 lib/verify/libnetpgpverify_p.a -rw-r--r-- 1 agc agc 149968 Oct 18 20:59 lib/verify/libnetpgpverify_pic.a % ("Small" here includes the full BIGNUM/mpi functionality required to verify signatures). Instead of using extensive callbacks for input data, which have proved to be fragile and difficult to maintain, as well as precluding uses elsewhere, this uses straight mmaping of input files where possible, and falls back to reading if unavailable. RFC 4880 makes provision for two types of data to be signed, binary data and text, and text is subject to modification of data before the signature is made, and is usually opaque. The new netpgpverify(1) can handle this, our old version could not. DSA signatures are not yet supported -- watch this space -- but full RSA ones, including those of text documents like the signed NetBSD release hashes (see PR bin/46930) are recognised and are included in the regression tests. % env LD_LIBRARY_PATH=../../lib/verify ./netpgpverify < NetBSD-6.0_hashes.asc Good signature for [stdin] made Mon Oct 15 09:28:54 2012 signature 4096/RSA (Encrypt or Sign) 064973ac4c4a706e 2009-06-23 fingerprint: ddee 2bdb 9c98 a0d1 d4fb dbf7 0649 73ac 4c4a 706e uid NetBSD Security Officer <security-officer@NetBSD.org> encryption 4096/RSA (Encrypt or Sign) 9ff2c24fdf2ce620 2009-06-23 [Expiry 2019-06-21] fingerprint: 1915 0801 fbd8 f45d 89f2 0205 9ff2 c24f df2c e620 % Redirection from stdin is also supported, as are multiple files, and detached signatures. Another interesting use is to verify the signatures, and to retrieve the data only if a signature matches - this was the old "--cat" command to netpgpverify(1), and it has been brought forward into the newer version. % env LD_LIBRARY_PATH=../../lib/verify ./netpgpverify -c cat det.sig | diff det - % This is implemented as a library and a small program to call so that it is easier to embed verification of signatures in scripting languages, or other source code.
Revision 1.1, Sat Oct 20 04:59:53 2012 UTC (11 years, 5 months ago) by agc
Branch: MAIN
CVS Tags: yamt-pagecache-base6
Branch point for: agc-netpgp-standalone
FILE REMOVED
file b64.c was initially added on branch agc-netpgp-standalone.