![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.NetBSD.org] / src / crypto / external / bsd / netpgp / lib / verify
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.2.18.1 / (download) - annotate - [select for diffs], Wed Apr 26 02:52:14 2017 UTC (6 years, 11 months ago) by pgoyette
Branch: pgoyette-localcount
Changes since 1.2: +1 -1
lines
Diff to previous 1.2 (colored) next main 1.3 (colored)
Sync with HEAD
Revision 1.2.22.1 / (download) - annotate - [select for diffs], Fri Apr 21 16:50:56 2017 UTC (6 years, 11 months ago) by bouyer
Branch: bouyer-socketcan
Changes since 1.2: +1 -1
lines
Diff to previous 1.2 (colored) next main 1.3 (colored)
Sync with HEAD
Revision 1.3 / (download) - annotate - [select for diffs], Mon Apr 17 23:38:51 2017 UTC (7 years ago) by agc
Branch: MAIN
CVS Tags: prg-localcount2-base3,
prg-localcount2-base2,
prg-localcount2-base1,
prg-localcount2-base,
prg-localcount2,
phil-wifi-base,
phil-wifi-20200421,
phil-wifi-20200411,
phil-wifi-20200406,
phil-wifi-20191119,
phil-wifi-20190609,
phil-wifi,
pgoyette-localcount-20170426,
pgoyette-compat-merge-20190127,
pgoyette-compat-base,
pgoyette-compat-20190127,
pgoyette-compat-20190118,
pgoyette-compat-1226,
pgoyette-compat-1126,
pgoyette-compat-1020,
pgoyette-compat-0930,
pgoyette-compat-0906,
pgoyette-compat-0728,
pgoyette-compat-0625,
pgoyette-compat-0521,
pgoyette-compat-0502,
pgoyette-compat-0422,
pgoyette-compat-0415,
pgoyette-compat-0407,
pgoyette-compat-0330,
pgoyette-compat-0322,
pgoyette-compat-0315,
pgoyette-compat,
perseant-stdc-iso10646-base,
perseant-stdc-iso10646,
netbsd-9-base,
netbsd-9-3-RELEASE,
netbsd-9-2-RELEASE,
netbsd-9-1-RELEASE,
netbsd-9-0-RELEASE,
netbsd-9-0-RC2,
netbsd-9-0-RC1,
netbsd-9,
netbsd-8-base,
netbsd-8-2-RELEASE,
netbsd-8-1-RELEASE,
netbsd-8-1-RC1,
netbsd-8-0-RELEASE,
netbsd-8-0-RC2,
netbsd-8-0-RC1,
netbsd-8,
netbsd-10-base,
netbsd-10-0-RELEASE,
netbsd-10-0-RC6,
netbsd-10-0-RC5,
netbsd-10-0-RC4,
netbsd-10-0-RC3,
netbsd-10-0-RC2,
netbsd-10-0-RC1,
netbsd-10,
matt-nb8-mediatek-base,
matt-nb8-mediatek,
is-mlppp-base,
is-mlppp,
cjep_sun2x-base1,
cjep_sun2x-base,
cjep_sun2x,
cjep_staticlib_x-base1,
cjep_staticlib_x-base,
cjep_staticlib_x,
bouyer-socketcan-base1,
HEAD
Changes since 1.2: +1 -1
lines
Diff to previous 1.2 (colored)
libnetpgpverify major bump to 5
Revision 1.2.6.2 / (download) - annotate - [select for diffs], Mon Feb 25 00:24:06 2013 UTC (11 years, 1 month ago) by tls
Branch: tls-maxphys
Changes since 1.2.6.1: +2 -0
lines
Diff to previous 1.2.6.1 (colored) to branchpoint 1.2 (colored) next main 1.3 (colored)
resync with head
Revision 1.2.2.2 / (download) - annotate - [select for diffs], Wed Jan 16 05:25:58 2013 UTC (11 years, 3 months ago) by yamt
Branch: yamt-pagecache
CVS Tags: yamt-pagecache-tag8
Changes since 1.2.2.1: +2 -0
lines
Diff to previous 1.2.2.1 (colored) to branchpoint 1.2 (colored) next main 1.3 (colored)
sync with (a bit old) head
Revision 1.2.6.1, Tue Nov 20 05:26:26 2012 UTC (11 years, 4 months ago) by tls
Branch: tls-maxphys
Changes since 1.2: +0 -2
lines
FILE REMOVED
file shlib_version was added on branch tls-maxphys on 2013-02-25 00:24:06 +0000
Revision 1.2.2.1, Tue Nov 20 05:26:26 2012 UTC (11 years, 4 months ago) by yamt
Branch: yamt-pagecache
Changes since 1.2: +0 -2
lines
FILE REMOVED
file shlib_version was added on branch yamt-pagecache on 2013-01-16 05:25:58 +0000
Revision 1.2 / (download) - annotate - [select for diffs], Tue Nov 20 05:26:26 2012 UTC (11 years, 4 months ago) by agc
Branch: MAIN
CVS Tags: yamt-pagecache-base9,
yamt-pagecache-base8,
yamt-pagecache-base7,
tls-maxphys-base,
tls-earlyentropy-base,
tls-earlyentropy,
riastradh-xf86-video-intel-2-7-1-pre-2-21-15,
riastradh-drm2-base3,
riastradh-drm2-base2,
riastradh-drm2-base1,
riastradh-drm2-base,
riastradh-drm2,
pgoyette-localcount-base,
pgoyette-localcount-20170320,
pgoyette-localcount-20170107,
pgoyette-localcount-20161104,
pgoyette-localcount-20160806,
pgoyette-localcount-20160726,
netbsd-7-nhusb-base-20170116,
netbsd-7-nhusb-base,
netbsd-7-nhusb,
netbsd-7-base,
netbsd-7-2-RELEASE,
netbsd-7-1-RELEASE,
netbsd-7-1-RC2,
netbsd-7-1-RC1,
netbsd-7-1-2-RELEASE,
netbsd-7-1-1-RELEASE,
netbsd-7-1,
netbsd-7-0-RELEASE,
netbsd-7-0-RC3,
netbsd-7-0-RC2,
netbsd-7-0-RC1,
netbsd-7-0-2-RELEASE,
netbsd-7-0-1-RELEASE,
netbsd-7-0,
netbsd-7,
localcount-20160914,
khorben-n900,
bouyer-socketcan-base,
agc-symver-base,
agc-symver
Branch point for: yamt-pagecache,
tls-maxphys,
pgoyette-localcount,
bouyer-socketcan
Changes since 1.1: +2 -0
lines
Diff to previous 1.1 (colored)
Merge netpgpverify(1) and libnetpgpverify(3) from the agc-netpgp-standalone branch. Rewrite the netpgpverify(1) functionality from RFC4880 up. This is a completely new implementation, and uses its own bignum library derived from libtommath. Apart from libz and libbz2, it just uses its own library and is self-contained - this makes it easier to embed, and to use from scripting languages. netpgpverify(1) now verifies all the signed files i've thrown at it, and the added bonus of using no functionality from libcrypto - all of its bignum functionality comes from its own libnetpgpverify.so. netpgpverify(1) now verifies not only signatures on binary files, but also signatures on text documents. This fixes PR/46930. Please don't start me on the hoops I had to jump through to calculate the digests on text files; trust me, you will regret it. % supersize `which netpgpverify` text data bss dec hex filename 4452 860 72 5384 1508 /usr/bin/netpgpverify 79542 1408 0 80950 13c36 /usr/lib/libz.so.1 43994 984 488 45466 b19a /usr/lib/libgcc_s.so.1 1318116 49644 69272 1437032 15ed68 /usr/lib/libc.so.12 57253 4184 0 61437 effd /usr/lib/libbz2.so.1 108726 1712 0 110438 1af66 /usr/lib/libnetpgpverify.so.4 1612083 58792 69832 1740707 0x1a8fa3 total % % make t env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify b.gpg > output16 diff expected16 output16 rm -f output16 env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify a.gpg > output17 diff expected17 output17 rm -f output17 env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify gpgsigned-a.gpg > output18 diff expected18 output18 rm -f output18 env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -c verify NetBSD-6.0_RC2_hashes.asc > output19 diff expected19 output19 rm -f output19 ... env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -k dsa-pubring.gpg in2.asc > output45 diff expected45 output45 rm -f output45 env LD_LIBRARY_PATH=/usr/src/crypto/external/bsd/netpgp-standalone/lib/verify ./netpgpverify -k problem-pubring.gpg NetBSD-6.0_hashes.asc > output46 diff expected46 output46 rm -f output46 cd tests/netpgpverify && make && atf-run atf2kyua: I: Removing stale Kyuafiles from /tmp/.XXXXXX.004966aa atf2kyua: I: Converting /usr/src/crypto/external/bsd/netpgp-standalone/tests/netpgpverify/Atffile -> /tmp/.XXXXXX.004966aa/Kyuafile t_netpgpverify:netpgpverify_rsa -> passed [0.221s] t_netpgpverify:netpgpverify_dsa -> passed [0.117s] 2/2 passed (0 failed) Committed action 19 %
Revision 1.1.2.2 / (download) - annotate - [select for diffs], Sat Oct 20 04:59:54 2012 UTC (11 years, 6 months ago) by agc
Branch: agc-netpgp-standalone
Changes since 1.1.2.1: +1 -1
lines
Diff to previous 1.1.2.1 (colored) to branchpoint 1.1 (colored) next main 1.2 (colored)
Replace the netpgpverify command and libnetpgpverify in the
agc-netpgp-standalone branch with a completely rewritten "from the RFC
up" version designed to be small, standalone, and easy to maintain.
% ldd bin/netpgpverify/netpgpverify
bin/netpgpverify/netpgpverify:
-lz.1 => /usr/lib/libz.so.1
-lgcc_s.1 => /usr/lib/libgcc_s.so.1
-lc.12 => /usr/lib/libc.so.12
-lbz2.1 => /usr/lib/libbz2.so.1
-lnetpgpverify.4 => /usr/lib/libnetpgpverify.so.4
% ldd lib/verify/libnetpgpverify.so
lib/verify/libnetpgpverify.so:
-lc.12 => /usr/lib/libc.so.12
% ls -al lib/verify/libnetpgpverify* bin/netpgpverify/netpgpverify
-rwxr-xr-x 1 agc agc 10502 Oct 18 20:59 bin/netpgpverify/netpgpverify
-rw-r--r-- 1 agc agc 159720 Oct 18 20:59 lib/verify/libnetpgpverify.a
-rw-r--r-- 1 agc agc 4822 Oct 18 20:59 lib/verify/libnetpgpverify.html3
lrwxr-xr-x 1 agc agc 22 Oct 18 20:59 lib/verify/libnetpgpverify.so -> libnetpgpverify.so.4.0
lrwxr-xr-x 1 agc agc 22 Oct 18 20:59 lib/verify/libnetpgpverify.so.4 -> libnetpgpverify.so.4.0
-rwxr-xr-x 1 agc agc 123069 Oct 18 20:59 lib/verify/libnetpgpverify.so.4.0
-rw-r--r-- 1 agc agc 169696 Oct 18 20:59 lib/verify/libnetpgpverify_p.a
-rw-r--r-- 1 agc agc 149968 Oct 18 20:59 lib/verify/libnetpgpverify_pic.a
%
("Small" here includes the full BIGNUM/mpi functionality required to
verify signatures).
Instead of using extensive callbacks for input data, which have proved
to be fragile and difficult to maintain, as well as precluding uses
elsewhere, this uses straight mmaping of input files where possible,
and falls back to reading if unavailable.
RFC 4880 makes provision for two types of data to be signed, binary
data and text, and text is subject to modification of data before the
signature is made, and is usually opaque. The new netpgpverify(1) can
handle this, our old version could not. DSA signatures are not yet
supported -- watch this space -- but full RSA ones, including those of
text documents like the signed NetBSD release hashes (see PR
bin/46930) are recognised and are included in the regression tests.
% env LD_LIBRARY_PATH=../../lib/verify ./netpgpverify < NetBSD-6.0_hashes.asc
Good signature for [stdin] made Mon Oct 15 09:28:54 2012
signature 4096/RSA (Encrypt or Sign) 064973ac4c4a706e 2009-06-23
fingerprint: ddee 2bdb 9c98 a0d1 d4fb dbf7 0649 73ac 4c4a 706e
uid NetBSD Security Officer <security-officer@NetBSD.org>
encryption 4096/RSA (Encrypt or Sign) 9ff2c24fdf2ce620 2009-06-23 [Expiry 2019-06-21]
fingerprint: 1915 0801 fbd8 f45d 89f2 0205 9ff2 c24f df2c e620
%
Redirection from stdin is also supported, as are multiple files, and
detached signatures. Another interesting use is to verify the
signatures, and to retrieve the data only if a signature matches -
this was the old "--cat" command to netpgpverify(1), and it has been
brought forward into the newer version.
% env LD_LIBRARY_PATH=../../lib/verify ./netpgpverify -c cat det.sig | diff det -
%
This is implemented as a library and a small program to call so
that it is easier to embed verification of signatures in scripting
languages, or other source code.
Revision 1.1.2.1 / (download) - annotate - [select for diffs], Sun May 6 18:07:02 2012 UTC (11 years, 11 months ago) by agc
Branch: agc-netpgp-standalone
Changes since 1.1: +2 -0
lines
Diff to previous 1.1 (colored)
Add reachover build infrastructure for lib components of netpgp standalone
Revision 1.1, Sun May 6 18:07:02 2012 UTC (11 years, 11 months ago) by agc
Branch: MAIN
CVS Tags: yamt-pagecache-base6,
yamt-pagecache-base5
Branch point for: agc-netpgp-standalone
FILE REMOVED
file shlib_version was initially added on branch agc-netpgp-standalone.