78d868bcc7
Changes from previous version: Add the ability for netpgpverify to verify ssh-pub-key-based signatures. It is much more likely for ssh (rather than pgp) keys to be available, and used, as a source of authentication data. These changes add the ability for netpgpverify(1) -- the standalone, zero-prereq utility - to verify signatures made by netpgp when using ssh keys. Running the regression tests in WRKDIR gives the following output: % mk -f *.bsd tst ./netpgpverify -k pubring.gpg NetBSD-6.0_RC1_hashes.asc Good signature for NetBSD-6.0_RC1_hashes.asc made Thu Aug 23 11:47:50 2012 signature 4096/RSA (Encrypt or Sign) 064973ac4c4a706e 2009-06-23 fingerprint ddee 2bdb 9c98 a0d1 d4fb dbf7 0649 73ac 4c4a 706e uid NetBSD Security Officer <security-officer@NetBSD.org> ./netpgpverify -k pubring.gpg NetBSD-6.0_RC1_hashes.gpg Good signature for NetBSD-6.0_RC1_hashes.gpg made Thu Mar 14 13:32:59 2013 signature 4096/RSA (Encrypt or Sign) 064973ac4c4a706e 2009-06-23 fingerprint ddee 2bdb 9c98 a0d1 d4fb dbf7 0649 73ac 4c4a 706e uid NetBSD Security Officer <security-officer@NetBSD.org> ./netpgpverify -v netpgpverify portable 20140202 ./netpgpverify -S sshtest-20140202.pub data.gpg Good signature for data.gpg made Mon Feb 3 17:54:21 2014 signature 4096/RSA (Encrypt or Sign) 4d129225945bbb8f 1970-01-01 fingerprint 874b 75de d6a3 341f 2d5a 2219 4d12 9225 945b bb8f uid netbsd-001.cupertino.alistaircrooks.com (sshtest-20140202.pub) <agc@netbsd-001.cupertino.alistaircrooks.com> ./netpgpverify -S sshtest-20140202.pub data.sig Good signature for data.sig made Sun Feb 2 21:45:05 2014 signature 4096/RSA (Encrypt or Sign) 4d129225945bbb8f 1970-01-01 fingerprint 874b 75de d6a3 341f 2d5a 2219 4d12 9225 945b bb8f uid netbsd-001.cupertino.alistaircrooks.com (sshtest-20140202.pub) <agc@netbsd-001.cupertino.alistaircrooks.com> expected failure, to check bad signatures fail to verify sed -e 's|A|B|' data.gpg | ./netpgpverify -S sshtest-20140202.pub Signature did not match contents -- Signature on data did not match *** Error code 1 (ignored) % A new HOWTO file is provided in the sources (files/HOWTO) to show how to sign data using ssh keys and netpgp(1).
92 lines
3.1 KiB
C
92 lines
3.1 KiB
C
/* $NetBSD: defs.h,v 1.1 2014/02/04 02:11:18 agc Exp $ */
|
|
|
|
/*-
|
|
* Copyright (c) 2009 The NetBSD Foundation, Inc.
|
|
* All rights reserved.
|
|
*
|
|
* This code is derived from software contributed to The NetBSD Foundation
|
|
* by Alistair Crooks (agc@NetBSD.org)
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
|
|
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
|
|
* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
|
|
* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
|
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
|
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
|
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
|
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
|
* POSSIBILITY OF SUCH DAMAGE.
|
|
*/
|
|
#ifndef DEFS_H_
|
|
#define DEFS_H_
|
|
|
|
#include <sys/types.h>
|
|
#include <sys/param.h>
|
|
|
|
#ifdef HAVE_INTTYPES_H
|
|
#include <inttypes.h>
|
|
#endif
|
|
|
|
#ifdef HAVE_STDINT_H
|
|
#include <stdint.h>
|
|
#endif
|
|
|
|
#include <stdio.h>
|
|
#include <stdlib.h>
|
|
#include <string.h>
|
|
|
|
#define NEWARRAY(type,ptr,size,where,action) do { \
|
|
if ((ptr = calloc(sizeof(type), (unsigned)(size))) == NULL) { \
|
|
(void) fprintf(stderr, "%s: can't allocate %lu bytes\n", \
|
|
where, (unsigned long)(size * sizeof(type))); \
|
|
action; \
|
|
} \
|
|
} while( /* CONSTCOND */ 0)
|
|
|
|
#define RENEW(type,ptr,size,where,action) do { \
|
|
type *_newptr; \
|
|
_newptr = realloc(ptr, (size_t)(sizeof(type) * (size))); \
|
|
if (_newptr == NULL) { \
|
|
(void) fprintf(stderr, "%s: can't realloc %lu bytes\n", \
|
|
where, (unsigned long)(size * sizeof(type))); \
|
|
action; \
|
|
} else { \
|
|
ptr = _newptr; \
|
|
} \
|
|
} while( /* CONSTCOND */ 0)
|
|
|
|
#define NEW(type, ptr, where, action) NEWARRAY(type, ptr, 1, where, action)
|
|
|
|
#define FREE(ptr) (void) free(ptr)
|
|
|
|
#define ALLOC(type, v, size, c, init, incr, where, action) do { \
|
|
uint32_t _newsize = size; \
|
|
if (size == 0) { \
|
|
_newsize = init; \
|
|
NEWARRAY(type, v, _newsize, where ": new", action); \
|
|
} else if (c == size) { \
|
|
_newsize = size + incr; \
|
|
RENEW(type, v, _newsize, where ": renew", action); \
|
|
} \
|
|
size = _newsize; \
|
|
} while( /* CONSTCOND */ 0)
|
|
|
|
#define DEFINE_ARRAY(name, type) \
|
|
typedef struct name { \
|
|
uint32_t c; \
|
|
uint32_t size; \
|
|
type *v; \
|
|
} name
|
|
|
|
#endif /* !DEFS_H_ */
|