#
45a5153a |
| 26-Aug-2022 |
jhigh <jhigh@NetBSD.org> |
adding initial support for ECDSA (19) to netpgp. tested using p256/sha256, p384/sha384, and p521/sha512
|
#
876f2ce5 |
| 18-Apr-2020 |
jhigh <jhigh@NetBSD.org> |
added blowfish symmetric cipher per RFC4880 9.2
|
#
22ddb355 |
| 13-Nov-2018 |
mlelstv <mlelstv@NetBSD.org> |
Fix some error handling, json support, keyring handling.
|
#
3dae3613 |
| 05-Mar-2012 |
christos <christos@NetBSD.org> |
Fix compilation: kill PGP_ERROR() and make everything use a format. XXX: Fixme to use __VA_ARGS__ instead of the silly PGP_ERROR_N() macros.
|
#
fdfbba49 |
| 29-Nov-2010 |
agc <agc@NetBSD.org> |
I forgot that the fastctype.[ch] files were still in this directory, and have no need to be here - remove them, and just use native <ctype.h>
|
#
b0df0a22 |
| 11-Nov-2010 |
agc <agc@NetBSD.org> |
Changes to 3.99.15/20101110
+ add support for partial blocks, defined in rfc 4880, and used fairly extensively by gnupg where the input size may not be known in advance (e.g. for encrypted compresse
Changes to 3.99.15/20101110
+ add support for partial blocks, defined in rfc 4880, and used fairly extensively by gnupg where the input size may not be known in advance (e.g. for encrypted compressed data, as produced by default by gpg -e)
show more ...
|
#
fc1f8641 |
| 07-Nov-2010 |
agc <agc@NetBSD.org> |
Take the internal functions and definitions back out of the implementation namespace:
:g/\<__ops/s//pgp/g :g/\<__OPS/s//__PGP/g :g/\<OPS/s//PGP/g
No functional change, regression tests complete
Take the internal functions and definitions back out of the implementation namespace:
:g/\<__ops/s//pgp/g :g/\<__OPS/s//__PGP/g :g/\<OPS/s//PGP/g
No functional change, regression tests complete successfully.
show more ...
|
#
3dc7aea1 |
| 04-Nov-2010 |
agc <agc@NetBSD.org> |
Update to version 3.99.13:
+ add ability in netpgpkeys(1) to specify the cipher (symmetric algorithm) as specified in RFC 5581 + add the camellia cipher implementation from openssl
|
#
593d671c |
| 15-Aug-2010 |
agc <agc@NetBSD.org> |
get rid of more 64-bit lint
|
#
69d4f30f |
| 15-Aug-2010 |
agc <agc@NetBSD.org> |
+ rationalise birthtime/expiration timestamps into a single function
+ clean up some 64-bit (amd64) lint
|
#
9b987001 |
| 13-Aug-2010 |
agc <agc@NetBSD.org> |
Changes to 3.99.9/20100809
+ add single character options to netpgp(1) and netpgpkeys(1) + add -o long-option(=value)? options to netpgp(1) and netpgpkeys(1) + add some small preparations for using
Changes to 3.99.9/20100809
+ add single character options to netpgp(1) and netpgpkeys(1) + add -o long-option(=value)? options to netpgp(1) and netpgpkeys(1) + add some small preparations for using the first subkey for encryption (much more to follow)
show more ...
|
#
520c968f |
| 09-Jul-2010 |
agc <agc@NetBSD.org> |
Changes to 3.99.7/20100701
+ recognise ascii-armoured encrypted messages properly, in memory and in files + print error message and exit for now when trying to encrypt with a DSA key + fix bug rep
Changes to 3.99.7/20100701
+ recognise ascii-armoured encrypted messages properly, in memory and in files + print error message and exit for now when trying to encrypt with a DSA key + fix bug reported by dyoung when trying to print out the encryption key fingerprint
show more ...
|
#
ad39646b |
| 25-Jun-2010 |
agc <agc@NetBSD.org> |
Fix build problems on LP64 platforms - thanks to Paul Goyette for the nudge.
|
#
47561e26 |
| 25-Jun-2010 |
agc <agc@NetBSD.org> |
Changes to 3.99.5
+ make ssh fingerprints (md5) match netpgp listing + use the more functional hexdump function from ssh2pgp in place of the older hexdump function from openpgpsdk + pass hash type
Changes to 3.99.5
+ make ssh fingerprints (md5) match netpgp listing + use the more functional hexdump function from ssh2pgp in place of the older hexdump function from openpgpsdk + pass hash type down from command line where needed + add test for netpgp/ssh key fingerprint matching + make netpgpkeys(1) take a --hash= option
With these changes, netpgp can be made to generate the same fingerprint as openssh (by default, ssh-keygen(1) uses an md5 digest)
% /usr/bin/netpgpkeys --ssh-keys --sshkeyfile=/etc/ssh/ssh_host_rsa_key.pub --list-keys --hash=md5 1 key pub 1024/RSA (Encrypt or Sign) fcdd1c608bef4c4b 2008-08-11 Key fingerprint: e935 902d ebf1 76ba fcdd 1c60 8bef 4c4b uid osx-vm1.crowthorne.alistaircrooks.co.uk (/etc/ssh/ssh_host_rsa_key.pub) <root@osx-vm1.crowthorne.alistaircrooks.co.uk>
% ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key.pub 1024 e9:35:90:2d:eb:f1:76:ba:fc:dd:1c:60:8b:ef:4c:4b /etc/ssh/ssh_host_rsa_key.pub (RSA) %
show more ...
|
#
d427c17d |
| 25-May-2010 |
agc <agc@NetBSD.org> |
Simplify and shorten the internals of packet processing by getting rid of the intermediate pseudo-abstraction layer, which detracted from understanding and had no benefit whatsoever. Rename some enum
Simplify and shorten the internals of packet processing by getting rid of the intermediate pseudo-abstraction layer, which detracted from understanding and had no benefit whatsoever. Rename some enums and some definitions.
show more ...
|
#
651dd288 |
| 08-May-2010 |
agc <agc@NetBSD.org> |
use hexdump() where possible.
get rid of all traces of dmalloc - it's not used anymore. we can now g/c initialisation functions which do not do anything.
also get rid of the pkeyid() functions, whi
use hexdump() where possible.
get rid of all traces of dmalloc - it's not used anymore. we can now g/c initialisation functions which do not do anything.
also get rid of the pkeyid() functions, which just prints a hexadecimal string
show more ...
|
#
4167ec87 |
| 02-Apr-2010 |
christos <christos@NetBSD.org> |
make it obvious what ctime it is used for.
|
#
b15ec256 |
| 05-Mar-2010 |
agc <agc@NetBSD.org> |
Update netpgp to version 1.99.20/20100304 - portability improvements, and bug fixes:
Changes to 1.99.20/20100304
+ move args to some functions around to be consistent + use uint*_t where appropr
Update netpgp to version 1.99.20/20100304 - portability improvements, and bug fixes:
Changes to 1.99.20/20100304
+ move args to some functions around to be consistent + use uint*_t where appropriate + fix bug in verify memory + add documentation to manual pages to show how to do combined signing/encryption and decryption/verification + make verification of ascii-armoured memory work the same as binary + eliminate use of strdup(3), strcasecmp(3), and strptime(3). NetBSD/pkgsrc PR 42922 applies - need to define _XOPEN_SOURCE and _BSD_SOURCE for newer linux platforms with glibc 2.10.1. solved a bit differently, by implementing strdup(3) and strcasecmp(3) independently, and using regexps to avoid calling strptime(3).
show more ...
|
#
9e63cf3f |
| 14-Dec-2009 |
agc <agc@NetBSD.org> |
Prepare for a new netpgp-20091210 portable release.
Apart from infrastructure changes, there are the following functional ones:
+ Update to version 20091210
+ provide a new netpgp_match_list_keys(
Prepare for a new netpgp-20091210 portable release.
Apart from infrastructure changes, there are the following functional ones:
+ Update to version 20091210
+ provide a new netpgp_match_list_keys(3) function to perform a regular-expression based search of all the keys in the keyring. If no pattern is specified to match, then all keys are returned.
+ provide a new netpgp_set_homedir(3) function, and use it to set the home directory from the library, rather than individually in all the programs which use the library
+ provide a new netpgp_incvar(3) function which will add a constant increment (which may be negative) to the value of an internal variable. This is primarily used for the verbosity level within the library, and is again a movement of the function into the library from the individual programs which use the library
+ move to the specification of an ssh key file by internal variable, rather than the directory holding an ssh key file
+ autoconf infrastructure changes
+ take a hammer to the _GNU_SOURCE definitions problems
+ don't rely on strnlen(3) being present everywhere
show more ...
|
#
91c29c74 |
| 05-Dec-2009 |
agc <agc@NetBSD.org> |
Add the ability to use ssh host keys (on the fly) to provide RSA keys.
These keys can be used in the same way as normal PGP keys - to sign, verify, encrypt and decrypt files and data.
% cp configu
Add the ability to use ssh host keys (on the fly) to provide RSA keys.
These keys can be used in the same way as normal PGP keys - to sign, verify, encrypt and decrypt files and data.
% cp configure a % sudo netpgp --ssh-keys --sign --userid 1e00404a a Password: pub 1024/RSA (Encrypt or Sign) 040180871e00404a 2008-08-11 Key fingerprint: c4aa b385 4796 e6ce 606c f0c2 0401 8087 1e00 404a % sudo chmod 644 a.gpg % netpgp --ssh-keys --verify a.gpg netpgp: default key set to "C0596823" can't open '/etc/ssh/ssh_host_rsa_key' Good signature for a.gpg made Fri Dec 4 23:04:36 2009 using RSA (Encrypt or Sign) key 040180871e00404a pub 1024/RSA (Encrypt or Sign) 040180871e00404a 2008-08-11 Key fingerprint: c4aa b385 4796 e6ce 606c f0c2 0401 8087 1e00 404a uid osx-vm1.crowthorne.alistaircrooks.co.uk (/etc/ssh/ssh_host_rsa_key.pub) <root@osx-vm1.crowthorne.alistaircrooks.co.uk> % uname -a NetBSD osx-vm1.crowthorne.alistaircrooks.co.uk 5.99.20 NetBSD 5.99.20 (ISCSI) #0: Wed Oct 7 17:16:33 PDT 2009 agc@osx-vm1.crowthorne.alistaircrooks.co.uk:/usr/obj/i386/usr/src/sys/arch/i386/compile/ISCSI i386 %
The ssh host keys do not need to be manipulated in any way - the information is read from existing files.
show more ...
|
#
b4d6642e |
| 01-Dec-2009 |
agc <agc@NetBSD.org> |
Recognise the hash algorithm in a case-insensitive manner.
|
#
0aa9bcca |
| 09-Oct-2009 |
agc <agc@NetBSD.org> |
Add some checks for return value from allocation routines
|
#
7affbaca |
| 07-Oct-2009 |
agc <agc@NetBSD.org> |
More checking of allocation return values where not already done.
Revamp hash initialisation to return a success/failure error code.
Document places where we prefer to continue with a NULL buffer,
More checking of allocation return values where not already done.
Revamp hash initialisation to return a success/failure error code.
Document places where we prefer to continue with a NULL buffer, rather than silently continue with possibly erroneous results.
show more ...
|
#
814ccb85 |
| 06-Oct-2009 |
agc <agc@NetBSD.org> |
Clean up Flexelint warnings - from phk, many thanks - just low-hanging fruit for just now.
|
#
9b753456 |
| 11-Jun-2009 |
agc <agc@NetBSD.org> |
CHANGES 1.99.10 -> 1.99.11
+ address keys array from 0 with unsigned indices + print results to io->res stream - default to stderr, and set using netpgp_setvar(..., "results", filename) + __ops_key
CHANGES 1.99.10 -> 1.99.11
+ address keys array from 0 with unsigned indices + print results to io->res stream - default to stderr, and set using netpgp_setvar(..., "results", filename) + __ops_keyid()'s third arg was always the size of the keyid array - no need to pass it + get rid of the excessive type-checking in packet-show-cast.h, which wasn't necessary, and fold all the show routines into packet-show.c + introduce a generic __ops_new() and use it for some structure allocation
show more ...
|