Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK)) by mollari.NetBSD.org (Postfix) with ESMTPS id E01FC7A471 for ; Tue, 5 Jul 2016 20:18:05 +0000 (UTC) Received: by mail.netbsd.org (Postfix, from userid 605) id 84FFB85EAF; Tue, 5 Jul 2016 20:18:05 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 13D2C85E85 for ; Tue, 5 Jul 2016 20:18:05 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Received: from mail.netbsd.org ([IPv6:::1]) by localhost (mail.netbsd.org [IPv6:::1]) (amavisd-new, port 10025) with ESMTP id Q1uglBRoJz-y for ; Tue, 5 Jul 2016 20:18:03 +0000 (UTC) Received: from cvs.NetBSD.org (unknown [IPv6:2001:470:a085:999:28c:faff:fe03:5984]) by mail.netbsd.org (Postfix) with ESMTP id C2D3984CBD for ; Tue, 5 Jul 2016 20:18:03 +0000 (UTC) Received: by cvs.NetBSD.org (Postfix, from userid 500) id BDD8BFBB5; Tue, 5 Jul 2016 20:18:03 +0000 (UTC) Content-Transfer-Encoding: 7bit Content-Type: multipart/mixed; boundary="_----------=_1467749883130800" MIME-Version: 1.0 Date: Tue, 5 Jul 2016 20:18:03 +0000 From: "Alistair G. Crooks" Subject: CVS commit: pkgsrc/security/netpgpverify/files To: pkgsrc-changes@NetBSD.org Reply-To: agc@netbsd.org X-Mailer: log_accum Message-Id: <20160705201803.BDD8BFBB5@cvs.NetBSD.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk This is a multi-part message in MIME format. --_----------=_1467749883130800 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Module Name: pkgsrc Committed By: agc Date: Tue Jul 5 20:18:03 UTC 2016 Modified Files: pkgsrc/security/netpgpverify/files: libnetpgpverify.3 libverify.c main.c verify.h Log Message: Update netpgpverify and libnetpgpverify to 20160626 + make the pgpv_t and pgpv_cursor_t structures opaque + add new accessor functions for fields in the pgpv_cursor_t struct + add new creation functions for the pgpv_t and pgpv_cursor_t structs To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 pkgsrc/security/netpgpverify/files/libnetpgpverify.3 cvs rdiff -u -r1.18 -r1.19 pkgsrc/security/netpgpverify/files/libverify.c cvs rdiff -u -r1.6 -r1.7 pkgsrc/security/netpgpverify/files/main.c cvs rdiff -u -r1.28 -r1.29 pkgsrc/security/netpgpverify/files/verify.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. --_----------=_1467749883130800 Content-Disposition: inline Content-Length: 21187 Content-Transfer-Encoding: binary Content-Type: text/x-diff; charset=us-ascii Modified files: Index: pkgsrc/security/netpgpverify/files/libnetpgpverify.3 diff -u pkgsrc/security/netpgpverify/files/libnetpgpverify.3:1.2 pkgsrc/security/netpgpverify/files/libnetpgpverify.3:1.3 --- pkgsrc/security/netpgpverify/files/libnetpgpverify.3:1.2 Fri Jan 30 18:47:51 2015 +++ pkgsrc/security/netpgpverify/files/libnetpgpverify.3 Tue Jul 5 20:18:03 2016 @@ -1,6 +1,6 @@ -.\" $NetBSD: libnetpgpverify.3,v 1.2 2015/01/30 18:47:51 agc Exp $ +.\" $NetBSD: libnetpgpverify.3,v 1.3 2016/07/05 20:18:03 agc Exp $ .\" -.\" Copyright (c) 2014 Alistair Crooks +.\" Copyright (c) 2014,2015,2016 Alistair Crooks .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without @@ -23,7 +23,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd January 15, 2015 +.Dd June 26, 2016 .Dt LIBNETPGPVERIFY 3 .Os .Sh NAME @@ -34,6 +34,14 @@ .Sh SYNOPSIS .In netpgp/verify.h .Ft int +.Fo pgpv_new +.Fa "void" +.Fc +.Ft int +.Fo pgpv_new_cursor +.Fa "void" +.Fc +.Ft int .Fo pgpv_read_pubring .Fa "pgpv_t *pgp" "const void *keyring" "ssize_t size" .Fc @@ -61,6 +69,14 @@ .Fo pgpv_get_entry .Fa "pgpv_t *pgp" "unsigned ent" "char **ret" "const char *modifiers" .Fc +.Ft int64_t +.Fo pgpv_get_cursor_num +.Fa "pgpv_t *pgp" "const char *field" +.Fc +.Ft char * +.Fo pgpv_get_cursor_str +.Fa "pgpv_t *pgp" "const char *field" +.Fc .Ft int .Fo pgpv_close .Fa "pgpv_t *pgp" Index: pkgsrc/security/netpgpverify/files/libverify.c diff -u pkgsrc/security/netpgpverify/files/libverify.c:1.18 pkgsrc/security/netpgpverify/files/libverify.c:1.19 --- pkgsrc/security/netpgpverify/files/libverify.c:1.18 Thu Jun 30 21:03:51 2016 +++ pkgsrc/security/netpgpverify/files/libverify.c Tue Jul 5 20:18:03 2016 @@ -53,6 +53,243 @@ #include "rsa.h" #include "verify.h" +#ifndef PGPV_ARRAY +/* creates 2 unsigned vars called "name"c and "name"size in current scope */ +/* also creates an array called "name"s in current scope */ +#define PGPV_ARRAY(type, name) \ + unsigned name##c; unsigned name##vsize; type *name##s +#endif + +/* 64bit key ids */ +#define PGPV_KEYID_LEN 8 +#define PGPV_STR_KEYID_LEN (PGPV_KEYID_LEN + PGPV_KEYID_LEN + 1) + +/* bignum structure */ +typedef struct pgpv_bignum_t { + void *bn; /* hide the implementation details */ + uint16_t bits; /* cached number of bits */ +} pgpv_bignum_t; + +/* right now, our max binary digest length is 20 bytes */ +#define PGPV_MAX_HASH_LEN 64 + +/* fingerprint */ +typedef struct pgpv_fingerprint_t { + uint8_t hashalg; /* algorithm for digest */ + uint8_t v[PGPV_MAX_HASH_LEN]; /* the digest */ + uint32_t len; /* its length */ +} pgpv_fingerprint_t; + +/* specify size for array of bignums */ +#define PGPV_MAX_PUBKEY_BN 4 + +/* public key */ +typedef struct pgpv_pubkey_t { + pgpv_fingerprint_t fingerprint; /* key fingerprint i.e. digest */ + uint8_t keyid[PGPV_KEYID_LEN]; /* last 8 bytes of v4 keys */ + int64_t birth; /* creation time */ + int64_t expiry; /* expiry time */ + pgpv_bignum_t bn[PGPV_MAX_PUBKEY_BN]; /* bignums */ + uint8_t keyalg; /* key algorithm */ + uint8_t hashalg; /* hash algorithm */ + uint8_t version; /* key version */ +} pgpv_pubkey_t; + +#define PGPV_MAX_SESSKEY_BN 2 + +/* a (size, byte array) string */ +typedef struct pgpv_string_t { + size_t size; + uint8_t *data; +} pgpv_string_t; + +typedef struct pgpv_ref_t { + void *vp; + size_t offset; + unsigned mem; +} pgpv_ref_t; + +#define PGPV_MAX_SECKEY_BN 4 + +typedef struct pgpv_compress_t { + pgpv_string_t s; + uint8_t compalg; +} pgpv_compress_t; + +/* a packet dealing with trust */ +typedef struct pgpv_trust_t { + uint8_t level; + uint8_t amount; +} pgpv_trust_t; + +/* a signature sub packet */ +typedef struct pgpv_sigsubpkt_t { + pgpv_string_t s; + uint8_t tag; + uint8_t critical; +} pgpv_sigsubpkt_t; + +#define PGPV_MAX_SIG_BN 2 + +typedef struct pgpv_signature_t { + uint8_t *signer; /* key id of signer */ + pgpv_ref_t hashstart; + uint8_t *hash2; + uint8_t *mpi; + int64_t birth; + int64_t keyexpiry; + int64_t expiry; + uint32_t hashlen; + uint8_t version; + uint8_t type; + uint8_t keyalg; + uint8_t hashalg; + uint8_t trustlevel; + uint8_t trustamount; + pgpv_bignum_t bn[PGPV_MAX_SIG_BN]; + char *regexp; + char *pref_key_server; + char *policy; + char *features; + char *why_revoked; + uint8_t *revoke_fingerprint; + uint8_t revoke_alg; + uint8_t revoke_sensitive; + uint8_t trustsig; + uint8_t revocable; + uint8_t pref_symm_alg; + uint8_t pref_hash_alg; + uint8_t pref_compress_alg; + uint8_t key_server_modify; + uint8_t notation; + uint8_t type_key; + uint8_t primary_userid; + uint8_t revoked; /* subtract 1 to get real reason, 0 == not revoked */ +} pgpv_signature_t; + +/* a signature packet */ +typedef struct pgpv_sigpkt_t { + pgpv_signature_t sig; + uint16_t subslen; + uint16_t unhashlen; + PGPV_ARRAY(pgpv_sigsubpkt_t, subpkts); +} pgpv_sigpkt_t; + +/* a one-pass signature packet */ +typedef struct pgpv_onepass_t { + uint8_t keyid[PGPV_KEYID_LEN]; + uint8_t version; + uint8_t type; + uint8_t hashalg; + uint8_t keyalg; + uint8_t nested; +} pgpv_onepass_t; + +/* a literal data packet */ +typedef struct pgpv_litdata_t { + uint8_t *filename; + pgpv_string_t s; + uint32_t secs; + uint8_t namelen; + char format; + unsigned mem; + size_t offset; + size_t len; +} pgpv_litdata_t; + +/* user attributes - images */ +typedef struct pgpv_userattr_t { + size_t len; + PGPV_ARRAY(pgpv_string_t, subattrs); +} pgpv_userattr_t; + +/* a general PGP packet */ +typedef struct pgpv_pkt_t { + uint8_t tag; + uint8_t newfmt; + uint8_t allocated; + uint8_t mement; + size_t offset; + pgpv_string_t s; + union { + pgpv_sigpkt_t sigpkt; + pgpv_onepass_t onepass; + pgpv_litdata_t litdata; + pgpv_compress_t compressed; + pgpv_trust_t trust; + pgpv_pubkey_t pubkey; + pgpv_string_t userid; + pgpv_userattr_t userattr; + } u; +} pgpv_pkt_t; + +/* a memory structure */ +typedef struct pgpv_mem_t { + size_t size; + size_t cc; + uint8_t *mem; + FILE *fp; + uint8_t dealloc; + const char *allowed; /* the types of packet that are allowed */ +} pgpv_mem_t; + +/* packet parser */ + +typedef struct pgpv_signed_userid_t { + pgpv_string_t userid; + PGPV_ARRAY(pgpv_signature_t, sigs); + uint8_t primary_userid; + uint8_t revoked; +} pgpv_signed_userid_t; + +typedef struct pgpv_signed_userattr_t { + pgpv_userattr_t userattr; + PGPV_ARRAY(pgpv_signature_t, sigs); + uint8_t revoked; +} pgpv_signed_userattr_t; + +typedef struct pgpv_signed_subkey_t { + pgpv_pubkey_t subkey; + pgpv_signature_t revoc_self_sig; + PGPV_ARRAY(pgpv_signature_t, sigs); +} pgpv_signed_subkey_t; + +typedef struct pgpv_primarykey_t { + pgpv_pubkey_t primary; + pgpv_signature_t revoc_self_sig; + PGPV_ARRAY(pgpv_signature_t, direct_sigs); + PGPV_ARRAY(pgpv_signed_userid_t, signed_userids); + PGPV_ARRAY(pgpv_signed_userattr_t, signed_userattrs); + PGPV_ARRAY(pgpv_signed_subkey_t, signed_subkeys); + size_t fmtsize; + uint8_t primary_userid; +} pgpv_primarykey_t; + +/* everything stems from this structure */ +typedef struct pgpv_t { + PGPV_ARRAY(pgpv_pkt_t, pkts); /* packet array */ + PGPV_ARRAY(pgpv_primarykey_t, primaries); /* array of primary keys */ + PGPV_ARRAY(pgpv_mem_t, areas); /* areas we read packets from */ + PGPV_ARRAY(size_t, datastarts); /* starts of data packets */ + size_t pkt; /* when parsing, current pkt number */ + const char *op; /* the operation we're doing */ + unsigned ssh; /* using ssh keys */ +} pgpv_t; + +#define PGPV_REASON_LEN 128 + +/* when searching, we define a cursor, and fill in an array of subscripts */ +typedef struct pgpv_cursor_t { + pgpv_t *pgp; /* pointer to pgp tree */ + char *field; /* field we're searching on */ + char *op; /* operation we're doing */ + char *value; /* value we're searching for */ + void *ptr; /* for regexps etc */ + PGPV_ARRAY(uint32_t, found); /* array of matched pimary key subscripts */ + PGPV_ARRAY(size_t, datacookies); /* cookies to retrieve matched data */ + int64_t sigtime; /* time of signature */ + char why[PGPV_REASON_LEN]; /* reason for bad signature */ +} pgpv_cursor_t; #ifndef USE_ARG #define USE_ARG(x) /*LINTED*/(void)&(x) #endif @@ -2748,6 +2985,22 @@ get_packet_type(uint8_t tag) } } +/**************************************************************************/ + +/* make a new pgpv struct */ +pgpv_t * +pgpv_new(void) +{ + return calloc(1, sizeof(pgpv_t)); +} + +/* make a new pgpv_cursor struct */ +pgpv_cursor_t * +pgpv_new_cursor(void) +{ + return calloc(1, sizeof(pgpv_cursor_t)); +} + /* get an element from the found array */ int pgpv_get_cursor_element(pgpv_cursor_t *cursor, size_t element) @@ -2952,3 +3205,27 @@ pgpv_dump(pgpv_t *pgp, char **data) } return cc; } + +/* return cursor field as a number */ +int64_t +pgpv_get_cursor_num(pgpv_cursor_t *cursor, const char *field) +{ + if (cursor && field) { + if (strcmp(field, "sigtime") == 0) { + return cursor->sigtime; + } + } + return 0; +} + +/* return cursor field as a string */ +char * +pgpv_get_cursor_str(pgpv_cursor_t *cursor, const char *field) +{ + if (cursor && field) { + if (strcmp(field, "why") == 0) { + return cursor->why; + } + } + return 0; +} Index: pkgsrc/security/netpgpverify/files/main.c diff -u pkgsrc/security/netpgpverify/files/main.c:1.6 pkgsrc/security/netpgpverify/files/main.c:1.7 --- pkgsrc/security/netpgpverify/files/main.c:1.6 Wed Jun 15 20:28:48 2016 +++ pkgsrc/security/netpgpverify/files/main.c Tue Jul 5 20:18:03 2016 @@ -89,37 +89,38 @@ getstdin(ssize_t *cc, size_t *size) static int verify_data(pgpv_t *pgp, const char *cmd, const char *inname, char *in, ssize_t cc) { - pgpv_cursor_t cursor; + pgpv_cursor_t *cursor; const char *modifiers; size_t size; size_t cookie; char *data; int el; - memset(&cursor, 0x0, sizeof(cursor)); + cursor = pgpv_new_cursor(); if (strcasecmp(cmd, "cat") == 0) { - if ((cookie = pgpv_verify(&cursor, pgp, in, cc)) != 0) { - if ((size = pgpv_get_verified(&cursor, cookie, &data)) > 0) { + if ((cookie = pgpv_verify(cursor, pgp, in, cc)) != 0) { + if ((size = pgpv_get_verified(cursor, cookie, &data)) > 0) { write(STDOUT_FILENO, data, size); } return 1; } } else if (strcasecmp(cmd, "dump") == 0) { - if ((cookie = pgpv_verify(&cursor, pgp, in, cc)) != 0) { + if ((cookie = pgpv_verify(cursor, pgp, in, cc)) != 0) { size = pgpv_dump(pgp, &data); write(STDOUT_FILENO, data, size); return 1; } } else if (strcasecmp(cmd, "verify") == 0 || strcasecmp(cmd, "trust") == 0) { modifiers = (strcasecmp(cmd, "trust") == 0) ? "trust" : NULL; - if (pgpv_verify(&cursor, pgp, in, cc)) { + if (pgpv_verify(cursor, pgp, in, cc)) { printf("Good signature for %s made ", inname); - ptime(cursor.sigtime); - el = pgpv_get_cursor_element(&cursor, 0); + ptime(pgpv_get_cursor_num(cursor, "sigtime")); + el = pgpv_get_cursor_element(cursor, 0); pentry(pgp, el, modifiers); return 1; } - fprintf(stderr, "Signature did not match contents -- %s\n", cursor.why); + fprintf(stderr, "Signature did not match contents -- %s\n", + pgpv_get_cursor_str(cursor, "why")); } else { fprintf(stderr, "unrecognised command \"%s\"\n", cmd); } @@ -133,13 +134,13 @@ main(int argc, char **argv) const char *cmd; ssize_t cc; size_t size; - pgpv_t pgp; + pgpv_t *pgp; char *in; int ssh; int ok; int i; - memset(&pgp, 0x0, sizeof(pgp)); + pgp = pgpv_new(); keyring = NULL; ssh = 0; ok = 1; @@ -164,24 +165,24 @@ main(int argc, char **argv) } } if (ssh) { - if (!pgpv_read_ssh_pubkeys(&pgp, keyring, -1)) { + if (!pgpv_read_ssh_pubkeys(pgp, keyring, -1)) { fprintf(stderr, "can't read ssh keyring\n"); exit(EXIT_FAILURE); } - } else if (!pgpv_read_pubring(&pgp, keyring, -1)) { + } else if (!pgpv_read_pubring(pgp, keyring, -1)) { fprintf(stderr, "can't read keyring\n"); exit(EXIT_FAILURE); } if (optind == argc) { in = getstdin(&cc, &size); - ok = verify_data(&pgp, cmd, "[stdin]", in, cc); + ok = verify_data(pgp, cmd, "[stdin]", in, cc); } else { for (ok = 1, i = optind ; i < argc ; i++) { - if (!verify_data(&pgp, cmd, argv[i], argv[i], -1)) { + if (!verify_data(pgp, cmd, argv[i], argv[i], -1)) { ok = 0; } } } - pgpv_close(&pgp); + pgpv_close(pgp); exit((ok) ? EXIT_SUCCESS : EXIT_FAILURE); } Index: pkgsrc/security/netpgpverify/files/verify.h diff -u pkgsrc/security/netpgpverify/files/verify.h:1.28 pkgsrc/security/netpgpverify/files/verify.h:1.29 --- pkgsrc/security/netpgpverify/files/verify.h:1.28 Thu Jun 30 21:19:59 2016 +++ pkgsrc/security/netpgpverify/files/verify.h Tue Jul 5 20:18:03 2016 @@ -23,251 +23,19 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #ifndef NETPGP_VERIFY_H_ -#define NETPGP_VERIFY_H_ 20160625 +#define NETPGP_VERIFY_H_ 20160626 -#define NETPGPVERIFY_VERSION "netpgpverify portable 20160625" +#define NETPGPVERIFY_VERSION "netpgpverify portable 20160626" #include #include -#ifndef PGPV_ARRAY -/* creates 2 unsigned vars called "name"c and "name"size in current scope */ -/* also creates an array called "name"s in current scope */ -#define PGPV_ARRAY(type, name) \ - unsigned name##c; unsigned name##vsize; type *name##s -#endif +struct pgpv_t; +typedef struct pgpv_t pgpv_t; -/* 64bit key ids */ -#define PGPV_KEYID_LEN 8 -#define PGPV_STR_KEYID_LEN (PGPV_KEYID_LEN + PGPV_KEYID_LEN + 1) - -/* bignum structure */ -typedef struct pgpv_bignum_t { - void *bn; /* hide the implementation details */ - uint16_t bits; /* cached number of bits */ -} pgpv_bignum_t; - -/* right now, our max binary digest length is 20 bytes */ -#define PGPV_MAX_HASH_LEN 64 - -/* fingerprint */ -typedef struct pgpv_fingerprint_t { - uint8_t hashalg; /* algorithm for digest */ - uint8_t v[PGPV_MAX_HASH_LEN]; /* the digest */ - uint32_t len; /* its length */ -} pgpv_fingerprint_t; - -/* specify size for array of bignums */ -#define PGPV_MAX_PUBKEY_BN 4 - -/* public key */ -typedef struct pgpv_pubkey_t { - pgpv_fingerprint_t fingerprint; /* key fingerprint i.e. digest */ - uint8_t keyid[PGPV_KEYID_LEN]; /* last 8 bytes of v4 keys */ - int64_t birth; /* creation time */ - int64_t expiry; /* expiry time */ - pgpv_bignum_t bn[PGPV_MAX_PUBKEY_BN]; /* bignums */ - uint8_t keyalg; /* key algorithm */ - uint8_t hashalg; /* hash algorithm */ - uint8_t version; /* key version */ -} pgpv_pubkey_t; - -#define PGPV_MAX_SESSKEY_BN 2 - -/* a (size, byte array) string */ -typedef struct pgpv_string_t { - size_t size; - uint8_t *data; -} pgpv_string_t; - -typedef struct pgpv_ref_t { - void *vp; - size_t offset; - unsigned mem; -} pgpv_ref_t; - -#define PGPV_MAX_SECKEY_BN 4 - -typedef struct pgpv_compress_t { - pgpv_string_t s; - uint8_t compalg; -} pgpv_compress_t; - -/* a packet dealing with trust */ -typedef struct pgpv_trust_t { - uint8_t level; - uint8_t amount; -} pgpv_trust_t; - -/* a signature sub packet */ -typedef struct pgpv_sigsubpkt_t { - pgpv_string_t s; - uint8_t tag; - uint8_t critical; -} pgpv_sigsubpkt_t; - -#define PGPV_MAX_SIG_BN 2 - -typedef struct pgpv_signature_t { - uint8_t *signer; /* key id of signer */ - pgpv_ref_t hashstart; - uint8_t *hash2; - uint8_t *mpi; - int64_t birth; - int64_t keyexpiry; - int64_t expiry; - uint32_t hashlen; - uint8_t version; - uint8_t type; - uint8_t keyalg; - uint8_t hashalg; - uint8_t trustlevel; - uint8_t trustamount; - pgpv_bignum_t bn[PGPV_MAX_SIG_BN]; - char *regexp; - char *pref_key_server; - char *policy; - char *features; - char *why_revoked; - uint8_t *revoke_fingerprint; - uint8_t revoke_alg; - uint8_t revoke_sensitive; - uint8_t trustsig; - uint8_t revocable; - uint8_t pref_symm_alg; - uint8_t pref_hash_alg; - uint8_t pref_compress_alg; - uint8_t key_server_modify; - uint8_t notation; - uint8_t type_key; - uint8_t primary_userid; - uint8_t revoked; /* subtract 1 to get real reason, 0 == not revoked */ -} pgpv_signature_t; - -/* a signature packet */ -typedef struct pgpv_sigpkt_t { - pgpv_signature_t sig; - uint16_t subslen; - uint16_t unhashlen; - PGPV_ARRAY(pgpv_sigsubpkt_t, subpkts); -} pgpv_sigpkt_t; - -/* a one-pass signature packet */ -typedef struct pgpv_onepass_t { - uint8_t keyid[PGPV_KEYID_LEN]; - uint8_t version; - uint8_t type; - uint8_t hashalg; - uint8_t keyalg; - uint8_t nested; -} pgpv_onepass_t; - -/* a literal data packet */ -typedef struct pgpv_litdata_t { - uint8_t *filename; - pgpv_string_t s; - uint32_t secs; - uint8_t namelen; - char format; - unsigned mem; - size_t offset; - size_t len; -} pgpv_litdata_t; - -/* user attributes - images */ -typedef struct pgpv_userattr_t { - size_t len; - PGPV_ARRAY(pgpv_string_t, subattrs); -} pgpv_userattr_t; - -/* a general PGP packet */ -typedef struct pgpv_pkt_t { - uint8_t tag; - uint8_t newfmt; - uint8_t allocated; - uint8_t mement; - size_t offset; - pgpv_string_t s; - union { - pgpv_sigpkt_t sigpkt; - pgpv_onepass_t onepass; - pgpv_litdata_t litdata; - pgpv_compress_t compressed; - pgpv_trust_t trust; - pgpv_pubkey_t pubkey; - pgpv_string_t userid; - pgpv_userattr_t userattr; - } u; -} pgpv_pkt_t; - -/* a memory structure */ -typedef struct pgpv_mem_t { - size_t size; - size_t cc; - uint8_t *mem; - FILE *fp; - uint8_t dealloc; - const char *allowed; /* the types of packet that are allowed */ -} pgpv_mem_t; - -/* packet parser */ - -typedef struct pgpv_signed_userid_t { - pgpv_string_t userid; - PGPV_ARRAY(pgpv_signature_t, sigs); - uint8_t primary_userid; - uint8_t revoked; -} pgpv_signed_userid_t; - -typedef struct pgpv_signed_userattr_t { - pgpv_userattr_t userattr; - PGPV_ARRAY(pgpv_signature_t, sigs); - uint8_t revoked; -} pgpv_signed_userattr_t; - -typedef struct pgpv_signed_subkey_t { - pgpv_pubkey_t subkey; - pgpv_signature_t revoc_self_sig; - PGPV_ARRAY(pgpv_signature_t, sigs); -} pgpv_signed_subkey_t; - -typedef struct pgpv_primarykey_t { - pgpv_pubkey_t primary; - pgpv_signature_t revoc_self_sig; - PGPV_ARRAY(pgpv_signature_t, direct_sigs); - PGPV_ARRAY(pgpv_signed_userid_t, signed_userids); - PGPV_ARRAY(pgpv_signed_userattr_t, signed_userattrs); - PGPV_ARRAY(pgpv_signed_subkey_t, signed_subkeys); - size_t fmtsize; - uint8_t primary_userid; -} pgpv_primarykey_t; - -/* everything stems from this structure */ -typedef struct pgpv_t { - PGPV_ARRAY(pgpv_pkt_t, pkts); /* packet array */ - PGPV_ARRAY(pgpv_primarykey_t, primaries); /* array of primary keys */ - PGPV_ARRAY(pgpv_mem_t, areas); /* areas we read packets from */ - PGPV_ARRAY(size_t, datastarts); /* starts of data packets */ - size_t pkt; /* when parsing, current pkt number */ - const char *op; /* the operation we're doing */ - unsigned ssh; /* using ssh keys */ -} pgpv_t; - -#define PGPV_REASON_LEN 128 - -/* when searching, we define a cursor, and fill in an array of subscripts */ -typedef struct pgpv_cursor_t { - pgpv_t *pgp; /* pointer to pgp tree */ - char *field; /* field we're searching on */ - char *op; /* operation we're doing */ - char *value; /* value we're searching for */ - void *ptr; /* for regexps etc */ - PGPV_ARRAY(uint32_t, found); /* array of matched pimary key subscripts */ - PGPV_ARRAY(size_t, datacookies); /* cookies to retrieve matched data */ - int64_t sigtime; /* time of signature */ - char why[PGPV_REASON_LEN]; /* reason for bad signature */ -} pgpv_cursor_t; +struct pgpv_cursor_t; +typedef struct pgpv_cursor_t pgpv_cursor_t; #ifndef __BEGIN_DECLS # if defined(__cplusplus) @@ -281,16 +49,22 @@ typedef struct pgpv_cursor_t { __BEGIN_DECLS +pgpv_t *pgpv_new(void); +pgpv_cursor_t *pgpv_new_cursor(void); + int pgpv_read_pubring(pgpv_t */*pgp*/, const void */*keyringfile/mem*/, ssize_t /*size*/); int pgpv_read_ssh_pubkeys(pgpv_t */*pgp*/, const void */*keyring*/, ssize_t /*size*/); size_t pgpv_verify(pgpv_cursor_t */*cursor*/, pgpv_t */*pgp*/, const void */*mem/file*/, ssize_t /*size*/); size_t pgpv_get_verified(pgpv_cursor_t */*cursor*/, size_t /*cookie*/, char **/*ret*/); -int pgpv_get_cursor_element(pgpv_cursor_t */*cursor*/, size_t /*element*/); size_t pgpv_dump(pgpv_t */*pgp*/, char **/*data*/); size_t pgpv_get_entry(pgpv_t */*pgp*/, unsigned /*ent*/, char **/*ret*/, const char */*modifiers*/); +int64_t pgpv_get_cursor_num(pgpv_cursor_t */*cursor*/, const char */*field*/); +char *pgpv_get_cursor_str(pgpv_cursor_t */*cursor*/, const char */*field*/); +int pgpv_get_cursor_element(pgpv_cursor_t */*cursor*/, size_t /*element*/); + int pgpv_close(pgpv_t */*pgp*/); __END_DECLS --_----------=_1467749883130800--