Do not truncate pass-phrases without a newline character

This also fixes a crash when the pass-phrase entered is empty.

Submitted on tech-pkg@ as:
[PATCH 02/11] Do not truncate pass-phrases without

Do not truncate pass-phrases without a newline character

This also fixes a crash when the pass-phrase entered is empty.

Submitted on tech-pkg@ as:
[PATCH 02/11] Do not truncate pass-phrases without a newline character

Only modified for consistency with the coding style.

show more ...

Revert "Remove a useless loop around getpass()"

getpass(3) may return NULL upon failures on Linux, and netpgp should remain
portable to other systems.

Remove a useless loop around getpass()

According to getpass(3), this library function cannot return NULL.
Verified with a source code inspection.

Fix compilation:
kill PGP_ERROR() and make everything use a format.
XXX: Fixme to use __VA_ARGS__ instead of the silly PGP_ERROR_N() macros.

get rid of some lint on amd64 platform

Fix PR 44075 from Peter Pentchev, but do this by adding a
--numtries=<attempts> option to netpgp(1) to provide the maximum
number of attempts to retrieve the correct passphrase when signing or
decryp

Fix PR 44075 from Peter Pentchev, but do this by adding a
--numtries=<attempts> option to netpgp(1) to provide the maximum
number of attempts to retrieve the correct passphrase when signing or
decrypting, and use it in libnetpgp(3). The default number of
attempts is 3, and a value of "unlimited" will loop until the correct
passphrase has been entered.

show more ...

Don't prefix function names with "pgp_" if the functions are static.

Changes to 3.99.15/20101110

+ add support for partial blocks, defined in rfc 4880, and used fairly
extensively by gnupg where the input size may not be known in advance
(e.g. for encrypted compresse

Changes to 3.99.15/20101110

+ add support for partial blocks, defined in rfc 4880, and used fairly
extensively by gnupg where the input size may not be known in advance
(e.g. for encrypted compressed data, as produced by default by gpg -e)

show more ...

Take the internal functions and definitions back out of the implementation
namespace:

:g/\<__ops/s//pgp/g
:g/\<__OPS/s//__PGP/g
:g/\<OPS/s//PGP/g

No functional change, regression tests complete

Take the internal functions and definitions back out of the implementation
namespace:

:g/\<__ops/s//pgp/g
:g/\<__OPS/s//__PGP/g
:g/\<OPS/s//PGP/g

No functional change, regression tests complete successfully.

show more ...

Apply patch from Peter Pentchev in PR 44040

The patch fixes two problems when verifying a clearsigned message:
- a copy/paste error - "litdata" should be "cleartext"
- a use of an uninitialized vari

Apply patch from Peter Pentchev in PR 44040

The patch fixes two problems when verifying a clearsigned message:
- a copy/paste error - "litdata" should be "cleartext"
- a use of an uninitialized variable, resulting in freeing
an uninitialized pointer on the stack... resulting in a segfault

show more ...

get rid of more 64-bit lint

+ rationalise birthtime/expiration timestamps into a single function

+ clean up some 64-bit (amd64) lint

get rid of a debugging statement

Changes to 3.99.9/20100809

+ add single character options to netpgp(1) and netpgpkeys(1)
+ add -o long-option(=value)? options to netpgp(1) and netpgpkeys(1)
+ add some small preparations for using

Changes to 3.99.9/20100809

+ add single character options to netpgp(1) and netpgpkeys(1)
+ add -o long-option(=value)? options to netpgp(1) and netpgpkeys(1)
+ add some small preparations for using the first subkey for encryption
(much more to follow)

show more ...

Changes to 3.99.7/20100701

+ recognise ascii-armoured encrypted messages properly, in memory and
in files
+ print error message and exit for now when trying to encrypt with a DSA key
+ fix bug rep

Changes to 3.99.7/20100701

+ recognise ascii-armoured encrypted messages properly, in memory and
in files
+ print error message and exit for now when trying to encrypt with a DSA key
+ fix bug reported by dyoung when trying to print out the encryption key
fingerprint

show more ...

Changes to 3.99.5

+ make ssh fingerprints (md5) match netpgp listing
+ use the more functional hexdump function from ssh2pgp in place of the
older hexdump function from openpgpsdk
+ pass hash type

Changes to 3.99.5

+ make ssh fingerprints (md5) match netpgp listing
+ use the more functional hexdump function from ssh2pgp in place of the
older hexdump function from openpgpsdk
+ pass hash type down from command line where needed
+ add test for netpgp/ssh key fingerprint matching
+ make netpgpkeys(1) take a --hash= option

With these changes, netpgp can be made to generate the same fingerprint as
openssh (by default, ssh-keygen(1) uses an md5 digest)

% /usr/bin/netpgpkeys --ssh-keys --sshkeyfile=/etc/ssh/ssh_host_rsa_key.pub --list-keys --hash=md5
1 key
pub 1024/RSA (Encrypt or Sign) fcdd1c608bef4c4b 2008-08-11
Key fingerprint: e935 902d ebf1 76ba fcdd 1c60 8bef 4c4b
uid osx-vm1.crowthorne.alistaircrooks.co.uk (/etc/ssh/ssh_host_rsa_key.pub) <root@osx-vm1.crowthorne.alistaircrooks.co.uk>

% ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key.pub
1024 e9:35:90:2d:eb:f1:76:ba:fc:dd:1c:60:8b:ef:4c:4b /etc/ssh/ssh_host_rsa_key.pub (RSA)
%

show more ...

Simplify and shorten the internals of packet processing by getting rid of
the intermediate pseudo-abstraction layer, which detracted from understanding
and had no benefit whatsoever. Rename some enum

Simplify and shorten the internals of packet processing by getting rid of
the intermediate pseudo-abstraction layer, which detracted from understanding
and had no benefit whatsoever. Rename some enums and some definitions.

show more ...

more uses of hexdump() rather than open-coded equivalents

use hexdump() where possible.

get rid of all traces of dmalloc - it's not used anymore. we can now g/c
initialisation functions which do not do anything.

also get rid of the pkeyid() functions, whi

use hexdump() where possible.

get rid of all traces of dmalloc - it's not used anymore. we can now g/c
initialisation functions which do not do anything.

also get rid of the pkeyid() functions, which just prints a
hexadecimal string

show more ...

optimise one function a bit

Changes to 2.99.1/20100313

+ add functionality to parse basic signature subkeys
+ in doing so, add expiration of keys
+ at the same time, add revocation of keys
+ recognise the primary user id, and

Changes to 2.99.1/20100313

+ add functionality to parse basic signature subkeys
+ in doing so, add expiration of keys
+ at the same time, add revocation of keys
+ recognise the primary user id, and use it when displaying user ids
+ recognise self signed keys and subkeys
+ rework the indentation of output
+ add the --list-sigs [userid] option to netpgpkeys(1)
+ use memcmp(3) rather than strcmp(3) when checking binary user ids to
be exported
+ add expiration display to subkey signature output
+ update libnetpgp library version major number to 3

show more ...

Update netpgp to version 1.99.20/20100304 - portability improvements, and bug fixes:

Changes to 1.99.20/20100304

+ move args to some functions around to be consistent
+ use uint*_t where appropr

Update netpgp to version 1.99.20/20100304 - portability improvements, and bug fixes:

Changes to 1.99.20/20100304

+ move args to some functions around to be consistent
+ use uint*_t where appropriate
+ fix bug in verify memory
+ add documentation to manual pages to show how to do combined
signing/encryption and decryption/verification
+ make verification of ascii-armoured memory work the same as binary
+ eliminate use of strdup(3), strcasecmp(3), and strptime(3). NetBSD/pkgsrc
PR 42922 applies - need to define _XOPEN_SOURCE and _BSD_SOURCE for
newer linux platforms with glibc 2.10.1. solved a bit differently, by
implementing strdup(3) and strcasecmp(3) independently, and using regexps
to avoid calling strptime(3).

show more ...

Changes to 1.99.19/20100212

+ plug some memory leaks, from cppcheck via Thomas Klausner (thanks!)
+ make the singular of time units read correctly
+ print decryption key info properly when prompting

Changes to 1.99.19/20100212

+ plug some memory leaks, from cppcheck via Thomas Klausner (thanks!)
+ make the singular of time units read correctly
+ print decryption key info properly when prompting for passphrase

show more ...

Update netpgp to version 1.99.17/20100208

Changes to 1.99.17/20100208

+ get rid of last 2 static variables - use the __ops_printstate_t struct
passed down, and add the indent variable here too
+

Update netpgp to version 1.99.17/20100208

Changes to 1.99.17/20100208

+ get rid of last 2 static variables - use the __ops_printstate_t struct
passed down, and add the indent variable here too
+ get rid of 3 occurrences in reader.c where an automatic buffer was
addressed (as part of a subsequent callback) by a struct field from
a calling scope, and only valid within the callback. Found by
Flexelint and phk - many thanks.
+ print filename/"memory" when time problems occur when validating signatures

show more ...

Changes to 1.99.16/20100205

+ minor simplifications to netpgp(1) internally
+ fix a bug in netpgp_verify_file where a non-existent file while listing
packets would cause a SIGSEGV
+ add duration a

Changes to 1.99.16/20100205

+ minor simplifications to netpgp(1) internally
+ fix a bug in netpgp_verify_file where a non-existent file while listing
packets would cause a SIGSEGV
+ add duration arg to netpgp(1), and check for validity when verifying
signatures
+ add birthtime arg to netpgp(1), and check for validity when verifying
signatures
+ add netpgp commands to print pubkey, if desired
+ allow the passphrase for the signature to be taken from --pass-fd
+ get rid of static indent value when printing packet contents
+ print signature validity times when verifying a file's signature

show more ...