From c1f86bc3033b6f7225147e185d6b1842cf22252d Mon Sep 17 00:00:00 2001 From: Christian Neukirchen Date: Sat, 3 Sep 2016 17:42:37 +0200 Subject: cvs update --- Makefile | 2 +- src/usr.bin/calendar/calendars/calendar.birthday | 4 +- src/usr.bin/calendar/calendars/calendar.openbsd | 4 +- src/usr.bin/calendar/io.c | 7 +- src/usr.bin/jot/jot.1 | 47 ++-- src/usr.bin/jot/jot.c | 278 ++++++++++------------- src/usr.bin/signify/Makefile | 3 +- src/usr.bin/signify/signify.1 | 36 ++- src/usr.bin/signify/signify.c | 266 ++++++++++++++-------- src/usr.bin/vis/vis.c | 7 +- 10 files changed, 376 insertions(+), 278 deletions(-) diff --git a/Makefile b/Makefile index de36f88..bd95f8d 100644 --- a/Makefile +++ b/Makefile @@ -23,7 +23,7 @@ src/bin/md5/md5: src/bin/md5/md5.o src/bin/md5/crc.o src/liboutils/sha512.o src/ src/usr.bin/rs/rs: src/usr.bin/rs/rs.o src/usr.bin/rs/utf8.o src/liboutils/pledge.o src/liboutils/strtonum.o src/liboutils/reallocarray.o -src/usr.bin/signify/signify: src/usr.bin/signify/signify.o src/usr.bin/signify/crypto_api.o src/usr.bin/signify/fe25519.o src/usr.bin/signify/mod_ed25519.o src/usr.bin/signify/mod_ge25519.o src/usr.bin/signify/sc25519.o src/usr.bin/signify/smult_curve25519_ref.o src/liboutils/pledge.o src/liboutils/strlcpy.o src/liboutils/base64.o src/liboutils/explicit_bzero.o src/liboutils/ohash.o src/liboutils/arc4random.o src/liboutils/getentropy_linux.o src/liboutils/readpassphrase.o src/liboutils/sha2.o src/liboutils/sha256hl.o src/liboutils/sha512hl.o src/liboutils/timingsafe_bcmp.o src/liboutils/bcrypt_pbkdf.o src/liboutils/blowfish.o +src/usr.bin/signify/signify: src/usr.bin/signify/signify.o src/usr.bin/signify/crypto_api.o src/usr.bin/signify/fe25519.o src/usr.bin/signify/mod_ed25519.o src/usr.bin/signify/mod_ge25519.o src/usr.bin/signify/sc25519.o src/usr.bin/signify/smult_curve25519_ref.o src/usr.bin/signify/zsig.o src/liboutils/pledge.o src/liboutils/strlcpy.o src/liboutils/base64.o src/liboutils/explicit_bzero.o src/liboutils/ohash.o src/liboutils/arc4random.o src/liboutils/getentropy_linux.o src/liboutils/readpassphrase.o src/liboutils/sha2.o src/liboutils/sha256hl.o src/liboutils/sha384hl.o src/liboutils/sha512hl.o src/liboutils/timingsafe_bcmp.o src/liboutils/bcrypt_pbkdf.o src/liboutils/blowfish.o src/usr.bin/calendar/calendar: src/usr.bin/calendar/calendar.o src/usr.bin/calendar/day.o src/usr.bin/calendar/io.o src/usr.bin/calendar/ostern.o src/usr.bin/calendar/paskha.o src/usr.bin/calendar/pesach.o src/liboutils/arc4random_uniform.o src/liboutils/arc4random.o src/liboutils/getentropy_linux.o src/liboutils/explicit_bzero.o src/liboutils/pledge.o src/liboutils/sha2.o src/liboutils/strtonum.o diff --git a/src/usr.bin/calendar/calendars/calendar.birthday b/src/usr.bin/calendar/calendars/calendar.birthday index 6f05dd7..785d9a9 100644 --- a/src/usr.bin/calendar/calendars/calendar.birthday +++ b/src/usr.bin/calendar/calendars/calendar.birthday @@ -1,7 +1,7 @@ /* * Birthday * - * $OpenBSD: calendar.birthday,v 1.63 2016/04/11 09:03:41 sthen Exp $ + * $OpenBSD: calendar.birthday,v 1.64 2016/08/31 12:33:03 schwarze Exp $ */ #ifndef _calendar_birthday_ @@ -330,6 +330,7 @@ 11/26 Norbert Wiener born, 1894 11/27 Bruce Lee born in San Francisco, 1940 11/28 Friedrich Engels born, 1820 +11/28 Joe Ossanna died, 1977 11/29 John Mayall is born in Cheshire, England, 1933 11/30 Cleopatra died, 30 BC 11/30 Mark Twain (Samuel Clemens) born in Florida, Missouri, 1835 @@ -341,6 +342,7 @@ 12/08 Horace (Quintus Horatius Flaccus) born in Venosa (Italy), 65BC 12/08 James (Grover) Thurber born in Columbus, Ohio, 1894 12/10 Emily Dickinson born, 1830 +12/10 Joe Ossanna born, 1928 12/12 E.G. Robinson born, 1893 12/14 George Washington dies, 1799 12/16 Arthur C. Clarke born in Somerset, England, 1917 diff --git a/src/usr.bin/calendar/calendars/calendar.openbsd b/src/usr.bin/calendar/calendars/calendar.openbsd index 2823e23..208b23b 100644 --- a/src/usr.bin/calendar/calendars/calendar.openbsd +++ b/src/usr.bin/calendar/calendars/calendar.openbsd @@ -1,7 +1,7 @@ /* * OpenBSD-related dates to celebrate * - * $OpenBSD: calendar.openbsd,v 1.37 2016/03/11 20:20:26 jmc Exp $ + * $OpenBSD: calendar.openbsd,v 1.38 2016/09/03 13:37:45 guenther Exp $ */ #ifndef _calendar_openbsd_ @@ -80,6 +80,8 @@ Aug 16 IPX network stack added to OpenBSD, from FreeBSD, 1996 Aug 17 c2k1-2: Sparc64 hackathon, Washington D.C., 12 developers, 2001 Aug 17 OpenBSD/sparc64 port is added, from NetBSD, 2001 Aug 28 k2k6: IPSec hackathon, Schloss Kransberg, Germany, 14 developers, 2006 +Sep 01 Support for the sparc (32bit) architecture removed, 2016 +Sep 03 Support for the zaurus architecture removed, 2016 Sep 16 s2k11: General hackathon, Ljubljana, Slovenia, 25 developers, 2011 Sep 17 n2k12: Network hackathon, Starnberg, Germany, 23 developers, 2012 Sep 19 j2k10: Mini-hackathon, Sakae Mura, Nagano, Japan, 19 developers, 2010 diff --git a/src/usr.bin/calendar/io.c b/src/usr.bin/calendar/io.c index f17cacb..e4cb689 100644 --- a/src/usr.bin/calendar/io.c +++ b/src/usr.bin/calendar/io.c @@ -1,4 +1,4 @@ -/* $OpenBSD: io.c,v 1.43 2015/12/08 19:04:50 mmcc Exp $ */ +/* $OpenBSD: io.c,v 1.44 2016/08/31 09:38:47 jsg Exp $ */ /* * Copyright (c) 1989, 1993, 1994 @@ -335,12 +335,15 @@ opencal(void) } } - if (pipe(pdes) < 0) + if (pipe(pdes) < 0) { + close(fdin); return (NULL); + } switch (vfork()) { case -1: /* error */ (void)close(pdes[0]); (void)close(pdes[1]); + close(fdin); return (NULL); case 0: dup2(fdin, STDIN_FILENO); diff --git a/src/usr.bin/jot/jot.1 b/src/usr.bin/jot/jot.1 index 628b07e..c82553e 100644 --- a/src/usr.bin/jot/jot.1 +++ b/src/usr.bin/jot/jot.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: jot.1,v 1.21 2016/07/17 04:15:25 tb Exp $ +.\" $OpenBSD: jot.1,v 1.23 2016/08/12 21:49:31 tb Exp $ .\" $NetBSD: jot.1,v 1.2 1994/11/14 20:27:36 jtc Exp $ .\" .\" Copyright (c) 1993 @@ -30,7 +30,7 @@ .\" .\" @(#)jot.1 8.1 (Berkeley) 6/6/93 .\" -.Dd $Mdocdate: July 17 2016 $ +.Dd $Mdocdate: August 12 2016 $ .Dt JOT 1 .Os .Sh NAME @@ -101,28 +101,39 @@ conversion specification inside in which case the data is inserted rather than appended. .El .Pp -The last four arguments indicate, respectively, -the maximum number of data, the lower bound, the upper bound, -and the step size. -While at least one of them must appear, -any of the other three may be omitted, and -will be considered as such if given as -.Ql - . -Any three of these arguments determines the fourth. -If four are specified and the given and computed values of +The last four arguments specify the length of the output sequence, +its start and end points, and the step size. +Any three of these arguments determine the fourth. +If the given and computed values for .Ar reps conflict, the lower value is used. -If fewer than three are specified, defaults are assigned -left to right, except for -.Ar s , -which assumes its default unless both +.Pp +Arguments can be omitted by specifying a +.Ql - . +The default values for +.Ar reps , +.Ar begin , +.Ar end , +and +.Ar s +are 100, 1, 100, and 1, respectively. +Omitted values are computed if possible or assume the default. +A special case arises if only .Ar begin and .Ar end -are given. +are specified: +if +.Ar begin +is greater than +.Ar end +then +.Ar s +is set to \(mi1, otherwise it is set to 1; +afterwards +.Ar reps +is computed. .Pp -Defaults for the four arguments are, respectively, -100, 1, 100, and 1. .Ar reps is expected to be an unsigned integer, and if given as zero is taken to be infinite. diff --git a/src/usr.bin/jot/jot.c b/src/usr.bin/jot/jot.c index 08da69f..0de3a51 100644 --- a/src/usr.bin/jot/jot.c +++ b/src/usr.bin/jot/jot.c @@ -1,4 +1,4 @@ -/* $OpenBSD: jot.c,v 1.28 2016/07/17 04:04:46 tb Exp $ */ +/* $OpenBSD: jot.c,v 1.36 2016/09/02 14:23:09 tb Exp $ */ /* $NetBSD: jot.c,v 1.3 1994/12/02 20:29:43 pk Exp $ */ /*- @@ -36,44 +36,45 @@ * Author: John Kunze, Office of Comp. Affairs, UCB */ -#include -#include #include +#include #include #include +#include #include #include #include #include #include -#define REPS_DEF 100 -#define BEGIN_DEF 1 -#define ENDER_DEF 100 -#define STEP_DEF 1 +#define REPS 1 +#define BEGIN 2 +#define ENDER 4 +#define STEP 8 #define is_default(s) (strcmp((s), "-") == 0) -static double begin; -static double ender; -static double s; -static long reps; -static bool randomize; -static bool infinity; -static bool boring; +static long reps = 100; +static double begin = 1; +static double ender = 100; +static double step = 1; + +static char format[BUFSIZ]; +static char sepstring[BUFSIZ] = "\n"; static int prec = -1; +static bool boring; +static bool chardata; +static bool finalnl = true; +static bool infinity; static bool intdata; static bool longdata; -static bool chardata; static bool nosign; -static bool finalnl = true; -static char sepstring[BUFSIZ] = "\n"; -static char format[BUFSIZ]; +static bool randomize; static void getformat(void); static int getprec(char *); static int putdata(double, bool); -static void usage(void); +static void __dead usage(void); int main(int argc, char *argv[]) @@ -89,10 +90,13 @@ main(int argc, char *argv[]) if (pledge("stdio", NULL) == -1) err(1, "pledge"); - while ((ch = getopt(argc, argv, "rb:w:cs:np:")) != -1) + while ((ch = getopt(argc, argv, "b:cnp:rs:w:")) != -1) { switch (ch) { - case 'r': - randomize = true; + case 'b': + boring = true; + if (strlcpy(format, optarg, sizeof(format)) >= + sizeof(format)) + errx(1, "-b word too long"); break; case 'c': chardata = true; @@ -100,40 +104,38 @@ main(int argc, char *argv[]) case 'n': finalnl = false; break; - case 'b': - boring = true; - if (strlcpy(format, optarg, sizeof(format)) >= - sizeof(format)) - errx(1, "-b word too long"); + case 'p': + prec = strtonum(optarg, 0, INT_MAX, &errstr); + if (errstr != NULL) + errx(1, "bad precision value, %s: %s", errstr, + optarg); break; - case 'w': - if (strlcpy(format, optarg, sizeof(format)) >= - sizeof(format)) - errx(1, "-w word too long"); + case 'r': + randomize = true; break; case 's': if (strlcpy(sepstring, optarg, sizeof(sepstring)) >= sizeof(sepstring)) errx(1, "-s string too long"); break; - case 'p': - prec = strtonum(optarg, 0, INT_MAX, &errstr); - if (errstr != NULL) - errx(1, "bad precision value, %s: %s", errstr, - optarg); + case 'w': + if (strlcpy(format, optarg, sizeof(format)) >= + sizeof(format)) + errx(1, "-w word too long"); break; default: usage(); } + } argc -= optind; argv += optind; switch (argc) { /* examine args right to left, falling thru cases */ case 4: if (!is_default(argv[3])) { - if (!sscanf(argv[3], "%lf", &s)) + if (!sscanf(argv[3], "%lf", &step)) errx(1, "Bad s value: %s", argv[3]); - mask |= 01; + mask |= STEP; if (randomize) warnx("random seeding not supported"); } @@ -141,7 +143,7 @@ main(int argc, char *argv[]) if (!is_default(argv[2])) { if (!sscanf(argv[2], "%lf", &ender)) ender = argv[2][strlen(argv[2])-1]; - mask |= 02; + mask |= ENDER; if (prec == -1) n = getprec(argv[2]); } @@ -149,7 +151,7 @@ main(int argc, char *argv[]) if (!is_default(argv[1])) { if (!sscanf(argv[1], "%lf", &begin)) begin = argv[1][strlen(argv[1])-1]; - mask |= 04; + mask |= BEGIN; if (prec == -1) prec = getprec(argv[1]); if (n > prec) /* maximum precision */ @@ -159,7 +161,9 @@ main(int argc, char *argv[]) if (!is_default(argv[0])) { if (!sscanf(argv[0], "%ld", &reps)) errx(1, "Bad reps value: %s", argv[0]); - mask |= 010; + mask |= REPS; + if (reps == 0) + infinity = true; if (prec == -1) prec = 0; } @@ -171,105 +175,80 @@ main(int argc, char *argv[]) errx(1, "Too many arguments. What do you mean by %s?", argv[4]); } + getformat(); - while (mask) /* 4 bit mask has 1's where last 4 args were given */ - switch (mask) { /* fill in the 0's by default or computation */ - case 001: - reps = REPS_DEF; - mask = 011; - break; - case 002: - reps = REPS_DEF; - mask = 012; - break; - case 003: - reps = REPS_DEF; - mask = 013; - break; - case 004: - reps = REPS_DEF; - mask = 014; - break; - case 005: - reps = REPS_DEF; - mask = 015; + + if (!randomize) { + /* + * Consolidate the values of reps, begin, ender, step: + * The formula ender - begin == (reps - 1) * step shows that any + * three determine the fourth (unless reps == 1 or step == 0). + * The manual states the following rules: + * 1. If four are specified, compare the given and the computed + * value of reps and take the smaller of the two. + * 2. If steps was omitted, it takes the default, unless both + * begin and ender were specified. + * 3. Assign defaults to omitted values for reps, begin, ender, + * from left to right. + */ + switch (mask) { /* Four cases involve both begin and ender. */ + case REPS | BEGIN | ENDER | STEP: + if (infinity) + errx(1, + "Can't specify end of infinite sequence"); + if (step != 0.0) { + long t = (ender - begin + step) / step; + if (t <= 0) + errx(1, "Impossible stepsize"); + if (t < reps) + reps = t; + } break; - case 006: - reps = REPS_DEF; - mask = 016; + case REPS | BEGIN | ENDER: + if (infinity) + errx(1, + "Can't specify end of infinite sequence"); + if (reps == 1) + step = 0.0; + else + step = (ender - begin) / (reps - 1); break; - case 007: - if (randomize) { - reps = REPS_DEF; - mask = 0; - break; - } - if (s == 0.0) { + case BEGIN | ENDER: + step = ender > begin ? 1 : -1; /* FreeBSD's behavior. */ + /* FALLTHROUGH */ + case BEGIN | ENDER | STEP: + if (step == 0.0) { reps = 0; - mask = 0; + infinity = true; break; } - reps = (ender - begin + s) / s; + reps = (ender - begin + step) / step; if (reps <= 0) errx(1, "Impossible stepsize"); - mask = 0; - break; - case 010: - begin = BEGIN_DEF; - mask = 014; - break; - case 011: - begin = BEGIN_DEF; - mask = 015; break; - case 012: - s = STEP_DEF; - mask = 013; - break; - case 013: - if (randomize) - begin = BEGIN_DEF; - else if (reps == 0) - errx(1, "Must specify begin if reps == 0"); - begin = ender - reps * s + s; - mask = 0; - break; - case 014: - s = STEP_DEF; - mask = 015; - break; - case 015: - if (randomize) - ender = ENDER_DEF; - else - ender = begin + reps * s - s; - mask = 0; - break; - case 016: - if (reps == 0) - errx(1, "Infinite sequences cannot be bounded"); - else if (reps == 1) - s = 0.0; - else - s = (ender - begin) / (reps - 1); - mask = 0; - break; - case 017: /* if reps given and implied, */ - if (!randomize && s != 0.0) { - long t = (ender - begin + s) / s; - if (t <= 0) - errx(1, "Impossible stepsize"); - if (t < reps) /* take lesser */ - reps = t; - } - mask = 0; + case ENDER: /* Four cases involve only ender. */ + case ENDER | STEP: + case REPS | ENDER: + case REPS | ENDER | STEP: + if (infinity) + errx(1, + "Must specify start of infinite sequence"); + begin = ender - reps * step + step; break; default: - errx(1, "bad mask"); + /* + * The remaining eight cases omit ender. We don't need + * to compute anything because only reps, begin, step + * are used for producing output below. Rules 2. and 3. + * together imply that ender will be set last. + */ + break; } - if (reps == 0) - infinity = true; - if (randomize) { + + for (i = 1, x = begin; i <= reps || infinity; i++, x += step) + if (putdata(x, reps == i && !infinity)) + errx(1, "range error in conversion: %f", x); + } else { /* Random output: use defaults for omitted values. */ bool use_unif; uint32_t pow10 = 1; uint32_t uintx = 0; /* Initialized to make gcc happy. */ @@ -316,13 +295,11 @@ main(int argc, char *argv[]) errx(1, "range error in conversion: %f", v); } } - else - for (i = 1, x = begin; i <= reps || infinity; i++, x += s) - if (putdata(x, reps == i && !infinity)) - errx(1, "range error in conversion: %f", x); + if (finalnl) putchar('\n'); - exit(0); + + return 0; } static int @@ -334,31 +311,31 @@ putdata(double x, bool last) if (x <= (double)ULONG_MAX && x >= 0.0) printf(format, (unsigned long)x); else - return (1); + return 1; } else if (longdata) { if (x <= (double)LONG_MAX && x >= (double)LONG_MIN) printf(format, (long)x); else - return (1); + return 1; } else if (chardata || (intdata && !nosign)) { if (x <= (double)INT_MAX && x >= (double)INT_MIN) printf(format, (int)x); else - return (1); + return 1; } else if (intdata) { if (x <= (double)UINT_MAX && x >= 0.0) printf(format, (unsigned int)x); else - return (1); + return 1; } else printf(format, x); if (!last) fputs(sepstring, stdout); - return (0); + return 0; } -static void +static void __dead usage(void) { (void)fprintf(stderr, "usage: jot [-cnr] [-b word] [-p precision] " @@ -370,18 +347,9 @@ usage(void) static int getprec(char *s) { - char *p; - char *q; - - for (p = s; *p != '\0'; p++) - if (*p == '.') - break; - if (*p == '\0') - return (0); - for (q = ++p; *p != '\0'; p++) - if (!isdigit((unsigned char)*p)) - break; - return (p - q); + if ((s = strchr(s, '.')) == NULL) + return 0; + return strspn(s + 1, "0123456789"); } static void @@ -394,8 +362,11 @@ getformat(void) if (boring) /* no need to bother */ return; for (p = format; *p != '\0'; p++) /* look for '%' */ - if (*p == '%' && *(p+1) != '%') /* leave %% alone */ - break; + if (*p == '%') { + if (*(p+1) != '%') + break; + p++; /* leave %% alone */ + } sz = sizeof(format) - strlen(format) - 1; if (*p == '\0' && !chardata) { int n; @@ -474,7 +445,6 @@ getformat(void) fmt_broken: *++p = '\0'; errx(1, "illegal or unsupported format '%s'", p2); - /* NOTREACHED */ } while (*++p != '\0') if (*p == '%' && *(p+1) != '\0' && *(p+1) != '%') diff --git a/src/usr.bin/signify/Makefile b/src/usr.bin/signify/Makefile index 09c3075..161c43d 100644 --- a/src/usr.bin/signify/Makefile +++ b/src/usr.bin/signify/Makefile @@ -1,6 +1,7 @@ -# $OpenBSD: Makefile,v 1.10 2014/07/22 00:41:19 deraadt Exp $ +# $OpenBSD: Makefile,v 1.11 2016/09/02 16:10:56 espie Exp $ SRCS= signify.c +SRCS+= zsig.c SRCS+= fe25519.c sc25519.c smult_curve25519_ref.c SRCS+= mod_ed25519.c mod_ge25519.c SRCS+= crypto_api.c diff --git a/src/usr.bin/signify/signify.1 b/src/usr.bin/signify/signify.1 index 349c02f..92b13f9 100644 --- a/src/usr.bin/signify/signify.1 +++ b/src/usr.bin/signify/signify.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: signify.1,v 1.34 2016/05/11 18:07:28 deraadt Exp $ +.\" $OpenBSD: signify.1,v 1.38 2016/09/02 21:04:26 tedu Exp $ .\" .\"Copyright (c) 2013 Marc Espie .\"Copyright (c) 2013 Ted Unangst @@ -14,7 +14,7 @@ .\"WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN .\"ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\"OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.Dd $Mdocdate: May 11 2016 $ +.Dd $Mdocdate: September 2 2016 $ .Dt SIGNIFY 1 .Os .Sh NAME @@ -35,15 +35,16 @@ .Fl s Ar seckey .Nm signify .Fl S -.Op Fl e +.Op Fl ez .Op Fl x Ar sigfile .Fl s Ar seckey .Fl m Ar message .Nm signify .Fl V -.Op Fl eq +.Op Fl eqz +.Op Fl p Ar pubkey +.Op Fl t Ar keytype .Op Fl x Ar sigfile -.Fl p Ar pubkey .Fl m Ar message .Sh DESCRIPTION The @@ -104,10 +105,21 @@ Secret (private) key produced by and used by .Fl S to sign a message. +.It Fl t Ar keytype +When deducing the correct key to check a signature, make sure +the actual key matches +.Pa /etc/signify/-keytype.pub . .It Fl x Ar sigfile The signature file to create or verify. The default is .Ar message Ns .sig . +.It Fl z +Sign and verify +.Xr gzip 1 +archives, where the signing data +is embedded in the +.Xr gzip 1 +header. .El .Pp The key and signature files created by @@ -155,8 +167,19 @@ Verify a bsd.rd before an upgrade: .Bd -literal -offset indent -compact $ signify -C -p /etc/signify/openbsd-61-base.pub -x SHA256.sig bsd.rd .Ed +.Pp +Sign a gzip archive: +.Bd -literal -offset indent -compact +$ signify -Sz -s key-arc.sec -m in.tgz -x out.tgz +.Ed +.Pp +Verify a gzip pipeline: +.Bd -literal -offset indent -compact +$ ftp url | signify -Vz -t arc | tar ztf - +.Ed .Sh SEE ALSO .Xr fw_update 1 , +.Xr gzip 1 , .Xr pkg_add 1 , .Xr sha256 1 .Sh HISTORY @@ -165,4 +188,7 @@ The command first appeared in .Ox 5.5 . .Sh AUTHORS +.An -nosplit .An Ted Unangst Aq Mt tedu@openbsd.org +and +.An Marc Espie Aq Mt espie@openbsd.org . diff --git a/src/usr.bin/signify/signify.c b/src/usr.bin/signify/signify.c index a4cb84a..dd9a0dc 100644 --- a/src/usr.bin/signify/signify.c +++ b/src/usr.bin/signify/signify.c @@ -1,4 +1,4 @@ -/* $OpenBSD: signify.c,v 1.105 2015/12/04 11:05:22 tedu Exp $ */ +/* $OpenBSD: signify.c,v 1.117 2016/09/03 12:21:38 espie Exp $ */ /* * Copyright (c) 2013 Ted Unangst * @@ -34,6 +34,7 @@ #include #include "crypto_api.h" +#include "signify.h" #define SIGBYTES crypto_sign_ed25519_BYTES #define SECRETBYTES crypto_sign_ed25519_SECRETKEYBYTES @@ -81,14 +82,14 @@ usage(const char *error) #ifndef VERIFYONLY "\t%1$s -C [-q] -p pubkey -x sigfile [file ...]\n" "\t%1$s -G [-n] [-c comment] -p pubkey -s seckey\n" - "\t%1$s -S [-e] [-x sigfile] -s seckey -m message\n" + "\t%1$s -S [-ez] [-x sigfile] -s seckey -m message\n" #endif - "\t%1$s -V [-eq] [-x sigfile] -p pubkey -m message\n", + "\t%1$s -V [-eqz] [-p pubkey] [-t keytype] [-x sigfile] -m message\n", __progname); exit(1); } -static int +int xopen(const char *fname, int oflags, mode_t mode) { struct stat sb; @@ -112,7 +113,7 @@ xopen(const char *fname, int oflags, mode_t mode) return fd; } -static void * +void * xmalloc(size_t len) { void *p; @@ -190,7 +191,7 @@ readmsg(const char *filename, unsigned long long *msglenp) errx(1, "msg too large in %s", filename); space = msglen; if (!(msg = realloc(msg, msglen + space + 1))) - errx(1, "realloc"); + err(1, "realloc"); } if ((x = read(fd, msg + msglen, space)) == -1) err(1, "read from %s", filename); @@ -207,7 +208,7 @@ readmsg(const char *filename, unsigned long long *msglenp) return msg; } -static void +void writeall(int fd, const void *buf, size_t buflen, const char *filename) { ssize_t x; @@ -221,26 +222,32 @@ writeall(int fd, const void *buf, size_t buflen, const char *filename) } #ifndef VERIFYONLY -static void -writeb64file(const char *filename, const char *comment, const void *buf, - size_t buflen, const void *msg, size_t msglen, int oflags, mode_t mode) +static char * +createheader(const char *comment, const void *buf, size_t buflen) { - char header[1024]; + char *header; char b64[1024]; - int fd, rv, nr; - fd = xopen(filename, O_CREAT|oflags|O_NOFOLLOW|O_WRONLY, mode); - if ((nr = snprintf(header, sizeof(header), "%s%s\n", - COMMENTHDR, comment)) == -1 || nr >= sizeof(header)) - errx(1, "comment too long"); - writeall(fd, header, strlen(header), filename); - if ((rv = b64_ntop(buf, buflen, b64, sizeof(b64))) == -1) + if (b64_ntop(buf, buflen, b64, sizeof(b64)) == -1) errx(1, "base64 encode failed"); - b64[rv++] = '\n'; - writeall(fd, b64, rv, filename); + if (asprintf(&header, "%s%s\n%s\n", COMMENTHDR, comment, b64) == -1) + err(1, "asprintf failed"); explicit_bzero(b64, sizeof(b64)); - if (msg) - writeall(fd, msg, msglen, filename); + return header; +} + +static void +writekeyfile(const char *filename, const char *comment, const void *buf, + size_t buflen, int oflags, mode_t mode) +{ + char *header; + int fd; + + fd = xopen(filename, O_CREAT|oflags|O_NOFOLLOW|O_WRONLY, mode); + header = createheader(comment, buf, buflen); + writeall(fd, header, strlen(header), filename); + explicit_bzero(header, strlen(header)); + free(header); close(fd); } @@ -325,8 +332,8 @@ generate(const char *pubkeyfile, const char *seckeyfile, int rounds, if ((nr = snprintf(commentbuf, sizeof(commentbuf), "%s secret key", comment)) == -1 || nr >= sizeof(commentbuf)) errx(1, "comment too long"); - writeb64file(seckeyfile, commentbuf, &enckey, - sizeof(enckey), NULL, 0, O_EXCL, 0600); + writekeyfile(seckeyfile, commentbuf, &enckey, + sizeof(enckey), O_EXCL, 0600); explicit_bzero(&enckey, sizeof(enckey)); memcpy(pubkey.pkalg, PKALG, 2); @@ -334,27 +341,37 @@ generate(const char *pubkeyfile, const char *seckeyfile, int rounds, if ((nr = snprintf(commentbuf, sizeof(commentbuf), "%s public key", comment)) == -1 || nr >= sizeof(commentbuf)) errx(1, "comment too long"); - writeb64file(pubkeyfile, commentbuf, &pubkey, - sizeof(pubkey), NULL, 0, O_EXCL, 0666); + writekeyfile(pubkeyfile, commentbuf, &pubkey, + sizeof(pubkey), O_EXCL, 0666); } -static void -sign(const char *seckeyfile, const char *msgfile, const char *sigfile, - int embedded) +uint8_t * +createsig(const char *seckeyfile, const char *msgfile, uint8_t *msg, + unsigned long long msglen) { - struct sig sig; - uint8_t digest[SHA512_DIGEST_LENGTH]; struct enckey enckey; uint8_t xorkey[sizeof(enckey.seckey)]; - uint8_t *msg; - char comment[COMMENTMAXLEN], sigcomment[COMMENTMAXLEN]; + struct sig sig; + char *sighdr; char *secname; - unsigned long long msglen; - int i, rounds, nr; + uint8_t digest[SHA512_DIGEST_LENGTH]; + int i, nr, rounds; SHA2_CTX ctx; + char comment[COMMENTMAXLEN], sigcomment[COMMENTMAXLEN]; readb64file(seckeyfile, &enckey, sizeof(enckey), comment); + secname = strstr(seckeyfile, ".sec"); + if (secname && strlen(secname) == 4) { + if ((nr = snprintf(sigcomment, sizeof(sigcomment), VERIFYWITH "%.*s.pub", + (int)strlen(seckeyfile) - 4, seckeyfile)) == -1 || nr >= sizeof(sigcomment)) + errx(1, "comment too long"); + } else { + if ((nr = snprintf(sigcomment, sizeof(sigcomment), "signature from %s", + comment)) == -1 || nr >= sizeof(sigcomment)) + errx(1, "comment too long"); + } + if (memcmp(enckey.kdfalg, KDFALG, 2) != 0) errx(1, "unsupported KDF"); rounds = ntohl(enckey.kdfrounds); @@ -370,29 +387,35 @@ sign(const char *seckeyfile, const char *msgfile, const char *sigfile, errx(1, "incorrect passphrase"); explicit_bzero(digest, sizeof(digest)); - msg = readmsg(msgfile, &msglen); - signmsg(enckey.seckey, msg, msglen, sig.sig); memcpy(sig.keynum, enckey.keynum, KEYNUMLEN); explicit_bzero(&enckey, sizeof(enckey)); memcpy(sig.pkalg, PKALG, 2); - secname = strstr(seckeyfile, ".sec"); - if (secname && strlen(secname) == 4) { - if ((nr = snprintf(sigcomment, sizeof(sigcomment), VERIFYWITH "%.*s.pub", - (int)strlen(seckeyfile) - 4, seckeyfile)) == -1 || nr >= sizeof(sigcomment)) - errx(1, "comment too long"); - } else { - if ((nr = snprintf(sigcomment, sizeof(sigcomment), "signature from %s", - comment)) == -1 || nr >= sizeof(sigcomment)) - errx(1, "comment too long"); - } + + sighdr = createheader(sigcomment, &sig, sizeof(sig)); + return sighdr; +} + +static void +sign(const char *seckeyfile, const char *msgfile, const char *sigfile, + int embedded) +{ + uint8_t *msg; + char *sighdr; + int fd; + unsigned long long msglen; + + msg = readmsg(msgfile, &msglen); + + sighdr = createsig(seckeyfile, msgfile, msg, msglen); + + fd = xopen(sigfile, O_CREAT|O_TRUNC|O_NOFOLLOW|O_WRONLY, 0666); + writeall(fd, sighdr, strlen(sighdr), sigfile); + free(sighdr); if (embedded) - writeb64file(sigfile, sigcomment, &sig, sizeof(sig), msg, - msglen, O_TRUNC, 0666); - else - writeb64file(sigfile, sigcomment, &sig, sizeof(sig), NULL, - 0, O_TRUNC, 0666); + writeall(fd, msg, msglen, sigfile); + close(fd); free(msg); } @@ -422,9 +445,30 @@ verifymsg(struct pubkey *pubkey, uint8_t *msg, unsigned long long msglen, free(dummybuf); } +#ifndef VERIFYONLY +static void +check_keytype(const char *pubkeyfile, const char *keytype) +{ + size_t len; + char *cmp; + int slen; + + len = strlen(pubkeyfile); + slen = asprintf(&cmp, "-%s.pub", keytype); + if (slen < 0) + err(1, "asprintf error"); + if (len < slen) + errx(1, "too short"); + + if (strcmp(pubkeyfile + len - slen, cmp) != 0) + errx(1, "wrong keytype"); + free(cmp); +} +#endif + static void readpubkey(const char *pubkeyfile, struct pubkey *pubkey, - const char *sigcomment) + const char *sigcomment, const char *keytype) { const char *safepath = "/etc/signify/"; @@ -435,6 +479,10 @@ readpubkey(const char *pubkeyfile, struct pubkey *pubkey, if (strncmp(pubkeyfile, safepath, strlen(safepath)) != 0 || strstr(pubkeyfile, "/../") != NULL) errx(1, "untrusted path %s", pubkeyfile); +#ifndef VERIFYONLY + if (keytype) + check_keytype(pubkeyfile, keytype); +#endif } else usage("must specify pubkey"); } @@ -443,7 +491,7 @@ readpubkey(const char *pubkeyfile, struct pubkey *pubkey, static void verifysimple(const char *pubkeyfile, const char *msgfile, const char *sigfile, - int quiet) + int quiet, const char *keytype) { char sigcomment[COMMENTMAXLEN]; struct sig sig; @@ -454,7 +502,7 @@ verifysimple(const char *pubkeyfile, const char *msgfile, const char *sigfile, msg = readmsg(msgfile, &msglen); readb64file(sigfile, &sig, sizeof(sig), sigcomment); - readpubkey(pubkeyfile, &pubkey, sigcomment); + readpubkey(pubkeyfile, &pubkey, sigcomment, keytype); verifymsg(&pubkey, msg, msglen, &sig, quiet); @@ -463,7 +511,7 @@ verifysimple(const char *pubkeyfile, const char *msgfile, const char *sigfile, static uint8_t * verifyembedded(const char *pubkeyfile, const char *sigfile, - int quiet, unsigned long long *msglenp) + int quiet, unsigned long long *msglenp, const char *keytype) { char sigcomment[COMMENTMAXLEN]; struct sig sig; @@ -474,7 +522,7 @@ verifyembedded(const char *pubkeyfile, const char *sigfile, msg = readmsg(sigfile, &msglen); siglen = parseb64file(sigfile, msg, &sig, sizeof(sig), sigcomment); - readpubkey(pubkeyfile, &pubkey, sigcomment); + readpubkey(pubkeyfile, &pubkey, sigcomment, keytype); msglen -= siglen; memmove(msg, msg + siglen, msglen); @@ -488,20 +536,21 @@ verifyembedded(const char *pubkeyfile, const char *sigfile, static void verify(const char *pubkeyfile, const char *msgfile, const char *sigfile, - int embedded, int quiet) + int embedded, int quiet, const char *keytype) { unsigned long long msglen; uint8_t *msg; int fd; if (embedded) { - msg = verifyembedded(pubkeyfile, sigfile, quiet, &msglen); + msg = verifyembedded(pubkeyfile, sigfile, quiet, &msglen, + keytype); fd = xopen(msgfile, O_CREAT|O_TRUNC|O_NOFOLLOW|O_WRONLY, 0666); writeall(fd, msg, msglen, msgfile); free(msg); close(fd); } else { - verifysimple(pubkeyfile, msgfile, sigfile, quiet); + verifysimple(pubkeyfile, msgfile, sigfile, quiet, keytype); } } @@ -637,11 +686,31 @@ check(const char *pubkeyfile, const char *sigfile, int quiet, int argc, unsigned long long msglen; uint8_t *msg; - msg = verifyembedded(pubkeyfile, sigfile, quiet, &msglen); + msg = verifyembedded(pubkeyfile, sigfile, quiet, &msglen, NULL); verifychecksums((char *)msg, argc, argv, quiet); free(msg); } + +void * +verifyzdata(uint8_t *zdata, unsigned long long zdatalen, + const char *filename, const char *pubkeyfile, const char *keytype) +{ + struct sig sig; + char sigcomment[COMMENTMAXLEN]; + unsigned long long siglen; + struct pubkey pubkey; + + if (zdatalen < sizeof(sig)) + errx(1, "signature too short in %s", filename); + siglen = parseb64file(filename, zdata, &sig, sizeof(sig), + sigcomment); + readpubkey(pubkeyfile, &pubkey, sigcomment, keytype); + zdata += siglen; + zdatalen -= siglen; + verifymsg(&pubkey, zdata, zdatalen, &sig, 1); + return zdata; +} #endif int @@ -651,9 +720,11 @@ main(int argc, char **argv) *sigfile = NULL; char sigfilebuf[PATH_MAX]; const char *comment = "signify"; + char *keytype = NULL; int ch, rounds; int embedded = 0; int quiet = 0; + int gzip = 0; enum { NONE, CHECK, @@ -667,7 +738,7 @@ main(int argc, char **argv) rounds = 42; - while ((ch = getopt(argc, argv, "CGSVc:em:np:qs:x:")) != -1) { + while ((ch = getopt(argc, argv, "CGSVzc:em:np:qs:t:x:")) != -1) { switch (ch) { #ifndef VERIFYONLY case 'C': @@ -685,6 +756,9 @@ main(int argc, char **argv) usage(NULL); verb = SIGN; break; + case 'z': + gzip = 1; + break; #endif case 'V': if (verb) @@ -712,6 +786,9 @@ main(int argc, char **argv) case 's': seckeyfile = optarg; break; + case 't': + keytype = optarg; + break; case 'x': sigfile = optarg; break; @@ -723,35 +800,16 @@ main(int argc, char **argv) argc -= optind; argv += optind; + if (embedded && gzip) + errx(1, "can't combine -e and -z options"); + if (setvbuf(stdout, NULL, _IOLBF, 0) != 0) err(1, "setvbuf"); - switch (verb) { - case GENERATE: - case SIGN: - /* keep it all */ - break; - case CHECK: - if (pledge("stdio rpath", NULL) == -1) - err(1, "pledge"); - break; - case VERIFY: - if (embedded && (!msgfile || strcmp(msgfile, "-") != 0)) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) - err(1, "pledge"); - } else { - if (pledge("stdio rpath", NULL) == -1) - err(1, "pledge"); - } - break; - default: - if (pledge("stdio", NULL) == -1) - err(1, "pledge"); - break; - } - #ifndef VERIFYONLY if (verb == CHECK) { + if (pledge("stdio rpath", NULL) == -1) + err(1, "pledge"); if (!sigfile) usage("must specify sigfile"); check(pubkeyfile, sigfile, quiet, argc, argv); @@ -775,22 +833,46 @@ main(int argc, char **argv) switch (verb) { #ifndef VERIFYONLY case GENERATE: + /* no pledge */ if (!pubkeyfile || !seckeyfile) usage("must specify pubkey and seckey"); generate(pubkeyfile, seckeyfile, rounds, comment); break; case SIGN: - if (!msgfile || !seckeyfile) - usage("must specify message and seckey"); - sign(seckeyfile, msgfile, sigfile, embedded); + /* no pledge */ + if (gzip) { + if (!msgfile || !seckeyfile || !sigfile) + usage("must specify message sigfile seckey"); + zsign(seckeyfile, msgfile, sigfile); + } else { + if (!msgfile || !seckeyfile) + usage("must specify message and seckey"); + sign(seckeyfile, msgfile, sigfile, embedded); + } break; #endif case VERIFY: - if (!msgfile) - usage("must specify message"); - verify(pubkeyfile, msgfile, sigfile, embedded, quiet); + if ((embedded || gzip) && + (msgfile && strcmp(msgfile, "-") != 0)) { + /* will need to create output file */ + if (pledge("stdio rpath wpath cpath", NULL) == -1) + err(1, "pledge"); + } else { + if (pledge("stdio rpath", NULL) == -1) + err(1, "pledge"); + } + if (gzip) { + zverify(pubkeyfile, msgfile, sigfile, keytype); + } else { + if (!msgfile) + usage("must specify message"); + verify(pubkeyfile, msgfile, sigfile, embedded, + quiet, keytype); + } break; default: + if (pledge("stdio", NULL) == -1) + err(1, "pledge"); usage(NULL); break; } diff --git a/src/usr.bin/vis/vis.c b/src/usr.bin/vis/vis.c index cf5cd84..38aa9d7 100644 --- a/src/usr.bin/vis/vis.c +++ b/src/usr.bin/vis/vis.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vis.c,v 1.19 2015/10/09 01:37:09 deraadt Exp $ */ +/* $OpenBSD: vis.c,v 1.20 2016/08/31 09:45:00 jsg Exp $ */ /* $NetBSD: vis.c,v 1.4 1994/12/20 16:13:03 jtc Exp $ */ /*- @@ -111,9 +111,10 @@ main(int argc, char *argv[]) if (*argv) while (*argv) { - if ((fp=fopen(*argv, "r")) != NULL) + if ((fp=fopen(*argv, "r")) != NULL) { process(fp); - else + fclose(fp); + } else warn("%s", *argv); argv++; } -- cgit 1.4.1