Update netpgpverify and libnetpgpverify to 20160626

+ make the pgpv_t and pgpv_cursor_t structures opaque + add new accessor functions for fields in the pgpv_cursor_t struct + add new creation functions for the pgpv_t and pgpv_cursor_t structs
author: agc <agc@pkgsrc.org> 2016-07-05 20:18:03 +0000
committer: agc <agc@pkgsrc.org> 2016-07-05 20:18:03 +0000
commit: d9bc980d398155f883b8bee3b74428652e35d46b (patch)
tree: 6eaa31fb739a2046445eead86e5dbd66205d8157 /security/netpgpverify
parent: 65acfb9d256c14f81db926f1a9875c23fd59d2ec (diff)
download: pkgsrc-d9bc980d398155f883b8bee3b74428652e35d46b.tar.gz
4 files changed, 326 insertions, 258 deletions
diff --git a/security/netpgpverify/files/libnetpgpverify.3 b/security/netpgpverify/files/libnetpgpverify.3
index 72c9f1c6de3..b639f4b1be2 100644
--- a/security/netpgpverify/files/libnetpgpverify.3
+++ b/security/netpgpverify/files/libnetpgpverify.3
@@ -1,6 +1,6 @@
-.\" $NetBSD: libnetpgpverify.3,v 1.2 2015/01/30 18:47:51 agc Exp $
+.\" $NetBSD: libnetpgpverify.3,v 1.3 2016/07/05 20:18:03 agc Exp $
 .\"
-.\" Copyright (c) 2014 Alistair Crooks <agc@NetBSD.org>
+.\" Copyright (c) 2014,2015,2016 Alistair Crooks <agc@NetBSD.org>
 .\" All rights reserved.
 .\"
 .\" Redistribution and use in source and binary forms, with or without
@@ -23,7 +23,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd January 15, 2015
+.Dd June 26, 2016
 .Dt LIBNETPGPVERIFY 3
 .Os
 .Sh NAME
@@ -34,6 +34,14 @@
 .Sh SYNOPSIS
 .In netpgp/verify.h
 .Ft int
+.Fo pgpv_new
+.Fa "void"
+.Fc
+.Ft int
+.Fo pgpv_new_cursor
+.Fa "void"
+.Fc
+.Ft int
 .Fo pgpv_read_pubring
 .Fa "pgpv_t *pgp" "const void *keyring" "ssize_t size"
 .Fc
@@ -61,6 +69,14 @@
 .Fo pgpv_get_entry
 .Fa "pgpv_t *pgp" "unsigned ent" "char **ret" "const char *modifiers"
 .Fc
+.Ft int64_t
+.Fo pgpv_get_cursor_num
+.Fa "pgpv_t *pgp" "const char *field"
+.Fc
+.Ft char *
+.Fo pgpv_get_cursor_str
+.Fa "pgpv_t *pgp" "const char *field"
+.Fc
 .Ft int
 .Fo pgpv_close
 .Fa "pgpv_t *pgp"
diff --git a/security/netpgpverify/files/libverify.c b/security/netpgpverify/files/libverify.c
index fb81e06e61a..9d35a4bb931 100644
--- a/security/netpgpverify/files/libverify.c
+++ b/security/netpgpverify/files/libverify.c
@@ -53,6 +53,243 @@
 #include "rsa.h"
 #include "verify.h"
 
+#ifndef PGPV_ARRAY
+/* creates 2 unsigned vars called "name"c and "name"size in current scope */
+/* also creates an array called "name"s in current scope */
+#define PGPV_ARRAY(type, name)						\
+	unsigned name##c; unsigned name##vsize; type *name##s
+#endif
+
+/* 64bit key ids */
+#define PGPV_KEYID_LEN		8
+#define PGPV_STR_KEYID_LEN	(PGPV_KEYID_LEN + PGPV_KEYID_LEN + 1)
+
+/* bignum structure */
+typedef struct pgpv_bignum_t {
+	void			*bn;	/* hide the implementation details */
+	uint16_t		 bits;	/* cached number of bits */
+} pgpv_bignum_t;
+
+/* right now, our max binary digest length is 20 bytes */
+#define PGPV_MAX_HASH_LEN	64
+
+/* fingerprint */
+typedef struct pgpv_fingerprint_t {
+	uint8_t			hashalg;	/* algorithm for digest */
+	uint8_t			v[PGPV_MAX_HASH_LEN];	/* the digest */
+	uint32_t		len;		/* its length */
+} pgpv_fingerprint_t;
+
+/* specify size for array of bignums */
+#define PGPV_MAX_PUBKEY_BN	4
+
+/* public key */
+typedef struct pgpv_pubkey_t {
+	pgpv_fingerprint_t	 fingerprint;	/* key fingerprint i.e. digest */
+	uint8_t			 keyid[PGPV_KEYID_LEN];	/* last 8 bytes of v4 keys */
+	int64_t		 	 birth;		/* creation time */
+	int64_t			 expiry;	/* expiry time */
+	pgpv_bignum_t		 bn[PGPV_MAX_PUBKEY_BN];	/* bignums */
+	uint8_t			 keyalg;	/* key algorithm */
+	uint8_t			 hashalg;	/* hash algorithm */
+	uint8_t			 version;	/* key version */
+} pgpv_pubkey_t;
+
+#define PGPV_MAX_SESSKEY_BN	2
+
+/* a (size, byte array) string */
+typedef struct pgpv_string_t {
+	size_t			 size;
+	uint8_t			*data;
+} pgpv_string_t;
+
+typedef struct pgpv_ref_t {
+	void			*vp;
+	size_t			 offset;
+	unsigned		 mem;
+} pgpv_ref_t;
+
+#define PGPV_MAX_SECKEY_BN	4
+
+typedef struct pgpv_compress_t {
+	pgpv_string_t		 s;
+	uint8_t			 compalg;
+} pgpv_compress_t;
+
+/* a packet dealing with trust */
+typedef struct pgpv_trust_t {
+	uint8_t			level;
+	uint8_t			amount;
+} pgpv_trust_t;
+
+/* a signature sub packet */
+typedef struct pgpv_sigsubpkt_t {
+	pgpv_string_t		 s;
+	uint8_t			 tag;
+	uint8_t			 critical;
+} pgpv_sigsubpkt_t;
+
+#define PGPV_MAX_SIG_BN		2
+
+typedef struct pgpv_signature_t {
+	uint8_t			*signer;		/* key id of signer */
+	pgpv_ref_t		 hashstart;
+	uint8_t			*hash2;
+	uint8_t			*mpi;
+	int64_t			 birth;
+	int64_t			 keyexpiry;
+	int64_t			 expiry;
+	uint32_t		 hashlen;
+	uint8_t			 version;
+	uint8_t			 type;
+	uint8_t			 keyalg;
+	uint8_t			 hashalg;
+	uint8_t			 trustlevel;
+	uint8_t			 trustamount;
+	pgpv_bignum_t		 bn[PGPV_MAX_SIG_BN];
+	char			*regexp;
+	char			*pref_key_server;
+	char			*policy;
+	char			*features;
+	char			*why_revoked;
+	uint8_t			*revoke_fingerprint;
+	uint8_t			 revoke_alg;
+	uint8_t			 revoke_sensitive;
+	uint8_t			 trustsig;
+	uint8_t			 revocable;
+	uint8_t			 pref_symm_alg;
+	uint8_t			 pref_hash_alg;
+	uint8_t			 pref_compress_alg;
+	uint8_t			 key_server_modify;
+	uint8_t			 notation;
+	uint8_t			 type_key;
+	uint8_t			 primary_userid;
+	uint8_t			 revoked;	/* subtract 1 to get real reason, 0 == not revoked */
+} pgpv_signature_t;
+
+/* a signature packet */
+typedef struct pgpv_sigpkt_t {
+	pgpv_signature_t	 sig;
+	uint16_t		 subslen;
+	uint16_t		 unhashlen;
+	PGPV_ARRAY(pgpv_sigsubpkt_t, subpkts);
+} pgpv_sigpkt_t;
+
+/* a one-pass signature packet */
+typedef struct pgpv_onepass_t {
+	uint8_t			 keyid[PGPV_KEYID_LEN];
+	uint8_t			 version;
+	uint8_t			 type;
+	uint8_t			 hashalg;
+	uint8_t			 keyalg;
+	uint8_t			 nested;
+} pgpv_onepass_t;
+
+/* a literal data packet */
+typedef struct pgpv_litdata_t {
+	uint8_t			*filename;
+	pgpv_string_t		 s;
+	uint32_t		 secs;
+	uint8_t			 namelen;
+	char			 format;
+	unsigned		 mem;
+	size_t			 offset;
+	size_t			 len;
+} pgpv_litdata_t;
+
+/* user attributes - images */
+typedef struct pgpv_userattr_t {
+	size_t 			 len;
+	PGPV_ARRAY(pgpv_string_t, subattrs);
+} pgpv_userattr_t;
+
+/* a general PGP packet */
+typedef struct pgpv_pkt_t {
+	uint8_t			 tag;
+	uint8_t			 newfmt;
+	uint8_t			 allocated;
+	uint8_t			 mement;
+	size_t			 offset;
+	pgpv_string_t		 s;
+	union {
+		pgpv_sigpkt_t	sigpkt;
+		pgpv_onepass_t	onepass;
+		pgpv_litdata_t	litdata;
+		pgpv_compress_t	compressed;
+		pgpv_trust_t	trust;
+		pgpv_pubkey_t	pubkey;
+		pgpv_string_t	userid;
+		pgpv_userattr_t	userattr;
+	} u;
+} pgpv_pkt_t;
+
+/* a memory structure */
+typedef struct pgpv_mem_t {
+	size_t			 size;
+	size_t			 cc;
+	uint8_t			*mem;
+	FILE			*fp;
+	uint8_t			 dealloc;
+	const char		*allowed;	/* the types of packet that are allowed */
+} pgpv_mem_t;
+
+/* packet parser */
+
+typedef struct pgpv_signed_userid_t {
+	pgpv_string_t	 	 userid;
+	PGPV_ARRAY(pgpv_signature_t, sigs);
+	uint8_t			 primary_userid;
+	uint8_t			 revoked;
+} pgpv_signed_userid_t;
+
+typedef struct pgpv_signed_userattr_t {
+	pgpv_userattr_t	 	 userattr;
+	PGPV_ARRAY(pgpv_signature_t, sigs);
+	uint8_t			 revoked;
+} pgpv_signed_userattr_t;
+
+typedef struct pgpv_signed_subkey_t {
+	pgpv_pubkey_t	 	 subkey;
+	pgpv_signature_t 	 revoc_self_sig;
+	PGPV_ARRAY(pgpv_signature_t, sigs);
+} pgpv_signed_subkey_t;
+
+typedef struct pgpv_primarykey_t {
+	pgpv_pubkey_t 		 primary;
+	pgpv_signature_t 	 revoc_self_sig;
+	PGPV_ARRAY(pgpv_signature_t, direct_sigs);
+	PGPV_ARRAY(pgpv_signed_userid_t, signed_userids);
+	PGPV_ARRAY(pgpv_signed_userattr_t, signed_userattrs);
+	PGPV_ARRAY(pgpv_signed_subkey_t, signed_subkeys);
+	size_t			 fmtsize;
+	uint8_t			 primary_userid;
+} pgpv_primarykey_t;
+
+/* everything stems from this structure */
+typedef struct pgpv_t {
+	PGPV_ARRAY(pgpv_pkt_t, 	 pkts);		/* packet array */
+	PGPV_ARRAY(pgpv_primarykey_t,	 primaries);	/* array of primary keys */
+	PGPV_ARRAY(pgpv_mem_t,	 areas);	/* areas we read packets from */
+	PGPV_ARRAY(size_t,	 datastarts);	/* starts of data packets */
+	size_t		 	 pkt;		/* when parsing, current pkt number */
+	const char		*op;		/* the operation we're doing */
+	unsigned		 ssh;		/* using ssh keys */
+} pgpv_t;
+
+#define PGPV_REASON_LEN		128
+
+/* when searching, we define a cursor, and fill in an array of subscripts */
+typedef struct pgpv_cursor_t {
+	pgpv_t			*pgp;			/* pointer to pgp tree */
+	char			*field;			/* field we're searching on */
+	char			*op;			/* operation we're doing */
+	char			*value;			/* value we're searching for */
+	void			*ptr;			/* for regexps etc */
+	PGPV_ARRAY(uint32_t,	 found);		/* array of matched pimary key subscripts */
+	PGPV_ARRAY(size_t,	 datacookies);		/* cookies to retrieve matched data */
+	int64_t			 sigtime;		/* time of signature */
+	char			 why[PGPV_REASON_LEN];	/* reason for bad signature */
+} pgpv_cursor_t;
 #ifndef USE_ARG
 #define USE_ARG(x)	/*LINTED*/(void)&(x)
 #endif
@@ -2748,6 +2985,22 @@ get_packet_type(uint8_t tag)
 	}
 }
 
+/**************************************************************************/
+
+/* make a new pgpv struct */
+pgpv_t *
+pgpv_new(void)
+{
+	return calloc(1, sizeof(pgpv_t));
+}
+
+/* make a new pgpv_cursor struct */
+pgpv_cursor_t *
+pgpv_new_cursor(void)
+{
+	return calloc(1, sizeof(pgpv_cursor_t));
+}
+
 /* get an element from the found array */
 int
 pgpv_get_cursor_element(pgpv_cursor_t *cursor, size_t element)
@@ -2952,3 +3205,27 @@ pgpv_dump(pgpv_t *pgp, char **data)
 	}
 	return cc;
 }
+
+/* return cursor field as a number */
+int64_t
+pgpv_get_cursor_num(pgpv_cursor_t *cursor, const char *field)
+{
+	if (cursor && field) {
+		if (strcmp(field, "sigtime") == 0) {
+			return cursor->sigtime;
+		}
+	}
+	return 0;
+}
+
+/* return cursor field as a string */
+char *
+pgpv_get_cursor_str(pgpv_cursor_t *cursor, const char *field)
+{
+	if (cursor && field) {
+		if (strcmp(field, "why") == 0) {
+			return cursor->why;
+		}
+	}
+	return 0;
+}
diff --git a/security/netpgpverify/files/main.c b/security/netpgpverify/files/main.c
index beaf91a3ab4..1dcba753d83 100644
--- a/security/netpgpverify/files/main.c
+++ b/security/netpgpverify/files/main.c
@@ -89,37 +89,38 @@ getstdin(ssize_t *cc, size_t *size)
 static int
 verify_data(pgpv_t *pgp, const char *cmd, const char *inname, char *in, ssize_t cc)
 {
-	pgpv_cursor_t	 cursor;
+	pgpv_cursor_t	*cursor;
 	const char	*modifiers;
 	size_t		 size;
 	size_t		 cookie;
 	char		*data;
 	int		 el;
 
-	memset(&cursor, 0x0, sizeof(cursor));
+	cursor = pgpv_new_cursor();
 	if (strcasecmp(cmd, "cat") == 0) {
-		if ((cookie = pgpv_verify(&cursor, pgp, in, cc)) != 0) {
-			if ((size = pgpv_get_verified(&cursor, cookie, &data)) > 0) {
+		if ((cookie = pgpv_verify(cursor, pgp, in, cc)) != 0) {
+			if ((size = pgpv_get_verified(cursor, cookie, &data)) > 0) {
 				write(STDOUT_FILENO, data, size);
 			}
 			return 1;
 		}
 	} else if (strcasecmp(cmd, "dump") == 0) {
-		if ((cookie = pgpv_verify(&cursor, pgp, in, cc)) != 0) {
+		if ((cookie = pgpv_verify(cursor, pgp, in, cc)) != 0) {
 			size = pgpv_dump(pgp, &data);
 			write(STDOUT_FILENO, data, size);
 			return 1;
 		}
 	} else if (strcasecmp(cmd, "verify") == 0 || strcasecmp(cmd, "trust") == 0) {
 		modifiers = (strcasecmp(cmd, "trust") == 0) ? "trust" : NULL;
-		if (pgpv_verify(&cursor, pgp, in, cc)) {
+		if (pgpv_verify(cursor, pgp, in, cc)) {
 			printf("Good signature for %s made ", inname);
-			ptime(cursor.sigtime);
-			el = pgpv_get_cursor_element(&cursor, 0);
+			ptime(pgpv_get_cursor_num(cursor, "sigtime"));
+			el = pgpv_get_cursor_element(cursor, 0);
 			pentry(pgp, el, modifiers);
 			return 1;
 		}
-		fprintf(stderr, "Signature did not match contents -- %s\n", cursor.why);
+		fprintf(stderr, "Signature did not match contents -- %s\n",
+			pgpv_get_cursor_str(cursor, "why"));
 	} else {
 		fprintf(stderr, "unrecognised command \"%s\"\n", cmd);
 	}
@@ -133,13 +134,13 @@ main(int argc, char **argv)
 	const char	*cmd;
 	ssize_t		 cc;
 	size_t		 size;
-	pgpv_t		 pgp;
+	pgpv_t		*pgp;
 	char		*in;
 	int		 ssh;
 	int		 ok;
 	int		 i;
 
-	memset(&pgp, 0x0, sizeof(pgp));
+	pgp = pgpv_new();
 	keyring = NULL;
 	ssh = 0;
 	ok = 1;
@@ -164,24 +165,24 @@ main(int argc, char **argv)
 		}
 	}
 	if (ssh) {
-		if (!pgpv_read_ssh_pubkeys(&pgp, keyring, -1)) {
+		if (!pgpv_read_ssh_pubkeys(pgp, keyring, -1)) {
 			fprintf(stderr, "can't read ssh keyring\n");
 			exit(EXIT_FAILURE);
 		}
-	} else if (!pgpv_read_pubring(&pgp, keyring, -1)) {
+	} else if (!pgpv_read_pubring(pgp, keyring, -1)) {
 		fprintf(stderr, "can't read keyring\n");
 		exit(EXIT_FAILURE);
 	}
 	if (optind == argc) {
 		in = getstdin(&cc, &size);
-		ok = verify_data(&pgp, cmd, "[stdin]", in, cc);
+		ok = verify_data(pgp, cmd, "[stdin]", in, cc);
 	} else {
 		for (ok = 1, i = optind ; i < argc ; i++) {
-			if (!verify_data(&pgp, cmd, argv[i], argv[i], -1)) {
+			if (!verify_data(pgp, cmd, argv[i], argv[i], -1)) {
 				ok = 0;
 			}
 		}
 	}
-	pgpv_close(&pgp);
+	pgpv_close(pgp);
 	exit((ok) ? EXIT_SUCCESS : EXIT_FAILURE);
 }
diff --git a/security/netpgpverify/files/verify.h b/security/netpgpverify/files/verify.h
index 3de7c1199ac..e5543af79da 100644
--- a/security/netpgpverify/files/verify.h
+++ b/security/netpgpverify/files/verify.h
@@ -23,251 +23,19 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #ifndef NETPGP_VERIFY_H_
-#define NETPGP_VERIFY_H_	20160625
+#define NETPGP_VERIFY_H_	20160626
 
-#define NETPGPVERIFY_VERSION	"netpgpverify portable 20160625"
+#define NETPGPVERIFY_VERSION	"netpgpverify portable 20160626"
 
 #include <sys/types.h>
 
 #include <inttypes.h>
 
-#ifndef PGPV_ARRAY
-/* creates 2 unsigned vars called "name"c and "name"size in current scope */
-/* also creates an array called "name"s in current scope */
-#define PGPV_ARRAY(type, name)						\
-	unsigned name##c; unsigned name##vsize; type *name##s
-#endif
-
-/* 64bit key ids */
-#define PGPV_KEYID_LEN		8
-#define PGPV_STR_KEYID_LEN	(PGPV_KEYID_LEN + PGPV_KEYID_LEN + 1)
-
-/* bignum structure */
-typedef struct pgpv_bignum_t {
-	void			*bn;	/* hide the implementation details */
-	uint16_t		 bits;	/* cached number of bits */
-} pgpv_bignum_t;
-
-/* right now, our max binary digest length is 20 bytes */
-#define PGPV_MAX_HASH_LEN	64
-
-/* fingerprint */
-typedef struct pgpv_fingerprint_t {
-	uint8_t			hashalg;	/* algorithm for digest */
-	uint8_t			v[PGPV_MAX_HASH_LEN];	/* the digest */
-	uint32_t		len;		/* its length */
-} pgpv_fingerprint_t;
-
-/* specify size for array of bignums */
-#define PGPV_MAX_PUBKEY_BN	4
-
-/* public key */
-typedef struct pgpv_pubkey_t {
-	pgpv_fingerprint_t	 fingerprint;	/* key fingerprint i.e. digest */
-	uint8_t			 keyid[PGPV_KEYID_LEN];	/* last 8 bytes of v4 keys */
-	int64_t		 	 birth;		/* creation time */
-	int64_t			 expiry;	/* expiry time */
-	pgpv_bignum_t		 bn[PGPV_MAX_PUBKEY_BN];	/* bignums */
-	uint8_t			 keyalg;	/* key algorithm */
-	uint8_t			 hashalg;	/* hash algorithm */
-	uint8_t			 version;	/* key version */
-} pgpv_pubkey_t;
-
-#define PGPV_MAX_SESSKEY_BN	2
-
-/* a (size, byte array) string */
-typedef struct pgpv_string_t {
-	size_t			 size;
-	uint8_t			*data;
-} pgpv_string_t;
-
-typedef struct pgpv_ref_t {
-	void			*vp;
-	size_t			 offset;
-	unsigned		 mem;
-} pgpv_ref_t;
-
-#define PGPV_MAX_SECKEY_BN	4
-
-typedef struct pgpv_compress_t {
-	pgpv_string_t		 s;
-	uint8_t			 compalg;
-} pgpv_compress_t;
-
-/* a packet dealing with trust */
-typedef struct pgpv_trust_t {
-	uint8_t			level;
-	uint8_t			amount;
-} pgpv_trust_t;
-
-/* a signature sub packet */
-typedef struct pgpv_sigsubpkt_t {
-	pgpv_string_t		 s;
-	uint8_t			 tag;
-	uint8_t			 critical;
-} pgpv_sigsubpkt_t;
-
-#define PGPV_MAX_SIG_BN		2
-
-typedef struct pgpv_signature_t {
-	uint8_t			*signer;		/* key id of signer */
-	pgpv_ref_t		 hashstart;
-	uint8_t			*hash2;
-	uint8_t			*mpi;
-	int64_t			 birth;
-	int64_t			 keyexpiry;
-	int64_t			 expiry;
-	uint32_t		 hashlen;
-	uint8_t			 version;
-	uint8_t			 type;
-	uint8_t			 keyalg;
-	uint8_t			 hashalg;
-	uint8_t			 trustlevel;
-	uint8_t			 trustamount;
-	pgpv_bignum_t		 bn[PGPV_MAX_SIG_BN];
-	char			*regexp;
-	char			*pref_key_server;
-	char			*policy;
-	char			*features;
-	char			*why_revoked;
-	uint8_t			*revoke_fingerprint;
-	uint8_t			 revoke_alg;
-	uint8_t			 revoke_sensitive;
-	uint8_t			 trustsig;
-	uint8_t			 revocable;
-	uint8_t			 pref_symm_alg;
-	uint8_t			 pref_hash_alg;
-	uint8_t			 pref_compress_alg;
-	uint8_t			 key_server_modify;
-	uint8_t			 notation;
-	uint8_t			 type_key;
-	uint8_t			 primary_userid;
-	uint8_t			 revoked;	/* subtract 1 to get real reason, 0 == not revoked */
-} pgpv_signature_t;
-
-/* a signature packet */
-typedef struct pgpv_sigpkt_t {
-	pgpv_signature_t	 sig;
-	uint16_t		 subslen;
-	uint16_t		 unhashlen;
-	PGPV_ARRAY(pgpv_sigsubpkt_t, subpkts);
-} pgpv_sigpkt_t;
+struct pgpv_t;
+typedef struct pgpv_t	pgpv_t;
 
-/* a one-pass signature packet */
-typedef struct pgpv_onepass_t {
-	uint8_t			 keyid[PGPV_KEYID_LEN];
-	uint8_t			 version;
-	uint8_t			 type;
-	uint8_t			 hashalg;
-	uint8_t			 keyalg;
-	uint8_t			 nested;
-} pgpv_onepass_t;
-
-/* a literal data packet */
-typedef struct pgpv_litdata_t {
-	uint8_t			*filename;
-	pgpv_string_t		 s;
-	uint32_t		 secs;
-	uint8_t			 namelen;
-	char			 format;
-	unsigned		 mem;
-	size_t			 offset;
-	size_t			 len;
-} pgpv_litdata_t;
-
-/* user attributes - images */
-typedef struct pgpv_userattr_t {
-	size_t 			 len;
-	PGPV_ARRAY(pgpv_string_t, subattrs);
-} pgpv_userattr_t;
-
-/* a general PGP packet */
-typedef struct pgpv_pkt_t {
-	uint8_t			 tag;
-	uint8_t			 newfmt;
-	uint8_t			 allocated;
-	uint8_t			 mement;
-	size_t			 offset;
-	pgpv_string_t		 s;
-	union {
-		pgpv_sigpkt_t	sigpkt;
-		pgpv_onepass_t	onepass;
-		pgpv_litdata_t	litdata;
-		pgpv_compress_t	compressed;
-		pgpv_trust_t	trust;
-		pgpv_pubkey_t	pubkey;
-		pgpv_string_t	userid;
-		pgpv_userattr_t	userattr;
-	} u;
-} pgpv_pkt_t;
-
-/* a memory structure */
-typedef struct pgpv_mem_t {
-	size_t			 size;
-	size_t			 cc;
-	uint8_t			*mem;
-	FILE			*fp;
-	uint8_t			 dealloc;
-	const char		*allowed;	/* the types of packet that are allowed */
-} pgpv_mem_t;
-
-/* packet parser */
-
-typedef struct pgpv_signed_userid_t {
-	pgpv_string_t	 	 userid;
-	PGPV_ARRAY(pgpv_signature_t, sigs);
-	uint8_t			 primary_userid;
-	uint8_t			 revoked;
-} pgpv_signed_userid_t;
-
-typedef struct pgpv_signed_userattr_t {
-	pgpv_userattr_t	 	 userattr;
-	PGPV_ARRAY(pgpv_signature_t, sigs);
-	uint8_t			 revoked;
-} pgpv_signed_userattr_t;
-
-typedef struct pgpv_signed_subkey_t {
-	pgpv_pubkey_t	 	 subkey;
-	pgpv_signature_t 	 revoc_self_sig;
-	PGPV_ARRAY(pgpv_signature_t, sigs);
-} pgpv_signed_subkey_t;
-
-typedef struct pgpv_primarykey_t {
-	pgpv_pubkey_t 		 primary;
-	pgpv_signature_t 	 revoc_self_sig;
-	PGPV_ARRAY(pgpv_signature_t, direct_sigs);
-	PGPV_ARRAY(pgpv_signed_userid_t, signed_userids);
-	PGPV_ARRAY(pgpv_signed_userattr_t, signed_userattrs);
-	PGPV_ARRAY(pgpv_signed_subkey_t, signed_subkeys);
-	size_t			 fmtsize;
-	uint8_t			 primary_userid;
-} pgpv_primarykey_t;
-
-/* everything stems from this structure */
-typedef struct pgpv_t {
-	PGPV_ARRAY(pgpv_pkt_t, 	 pkts);		/* packet array */
-	PGPV_ARRAY(pgpv_primarykey_t,	 primaries);	/* array of primary keys */
-	PGPV_ARRAY(pgpv_mem_t,	 areas);	/* areas we read packets from */
-	PGPV_ARRAY(size_t,	 datastarts);	/* starts of data packets */
-	size_t		 	 pkt;		/* when parsing, current pkt number */
-	const char		*op;		/* the operation we're doing */
-	unsigned		 ssh;		/* using ssh keys */
-} pgpv_t;
-
-#define PGPV_REASON_LEN		128
-
-/* when searching, we define a cursor, and fill in an array of subscripts */
-typedef struct pgpv_cursor_t {
-	pgpv_t			*pgp;			/* pointer to pgp tree */
-	char			*field;			/* field we're searching on */
-	char			*op;			/* operation we're doing */
-	char			*value;			/* value we're searching for */
-	void			*ptr;			/* for regexps etc */
-	PGPV_ARRAY(uint32_t,	 found);		/* array of matched pimary key subscripts */
-	PGPV_ARRAY(size_t,	 datacookies);		/* cookies to retrieve matched data */
-	int64_t			 sigtime;		/* time of signature */
-	char			 why[PGPV_REASON_LEN];	/* reason for bad signature */
-} pgpv_cursor_t;
+struct pgpv_cursor_t;
+typedef struct pgpv_cursor_t	pgpv_cursor_t;
 
 #ifndef __BEGIN_DECLS
 #  if defined(__cplusplus)
@@ -281,16 +49,22 @@ typedef struct pgpv_cursor_t {
 
 __BEGIN_DECLS
 
+pgpv_t *pgpv_new(void);
+pgpv_cursor_t *pgpv_new_cursor(void);
+
 int pgpv_read_pubring(pgpv_t */*pgp*/, const void */*keyringfile/mem*/, ssize_t /*size*/);
 int pgpv_read_ssh_pubkeys(pgpv_t */*pgp*/, const void */*keyring*/, ssize_t /*size*/);
 
 size_t pgpv_verify(pgpv_cursor_t */*cursor*/, pgpv_t */*pgp*/, const void */*mem/file*/, ssize_t /*size*/);
 size_t pgpv_get_verified(pgpv_cursor_t */*cursor*/, size_t /*cookie*/, char **/*ret*/);
-int pgpv_get_cursor_element(pgpv_cursor_t */*cursor*/, size_t /*element*/);
 size_t pgpv_dump(pgpv_t */*pgp*/, char **/*data*/);
 
 size_t pgpv_get_entry(pgpv_t */*pgp*/, unsigned /*ent*/, char **/*ret*/, const char */*modifiers*/);
 
+int64_t pgpv_get_cursor_num(pgpv_cursor_t */*cursor*/, const char */*field*/);
+char *pgpv_get_cursor_str(pgpv_cursor_t */*cursor*/, const char */*field*/);
+int pgpv_get_cursor_element(pgpv_cursor_t */*cursor*/, size_t /*element*/);
+
 int pgpv_close(pgpv_t */*pgp*/);
 
 __END_DECLS
author	agc <agc@pkgsrc.org>	2016-07-05 20:18:03 +0000
committer	agc <agc@pkgsrc.org>	2016-07-05 20:18:03 +0000
commit	d9bc980d398155f883b8bee3b74428652e35d46b (patch)
tree	6eaa31fb739a2046445eead86e5dbd66205d8157 /security/netpgpverify
parent	65acfb9d256c14f81db926f1a9875c23fd59d2ec (diff)
download	pkgsrc-d9bc980d398155f883b8bee3b74428652e35d46b.tar.gz