...
 
Commits (4)
# Change Log
All notable changes to this project will be documented in this file.
## [v25] - 2019-04-28
### Added
- Updated to the latest upstream sources, the `-z` command line flag can
now be used to zero the timestamp when producing a signature.
## [v24] - 2018-09-03
### Fixed
- Fixed memory corruption due to incorrect remapping of SHA-224, SHA-384,
......@@ -51,6 +56,7 @@ All notable changes to this project will be documented in this file.
- Support using versions 0.8.2 and 0.8.3 of libbsd when `BUNDLED_LIBBSD=1` is
specified.
[v25]: https://github.com/aperezdc/signify/compare/v24...v25
[v24]: https://github.com/aperezdc/signify/compare/v23...v24
[v23]: https://github.com/aperezdc/signify/compare/v22...v23
[v22]: https://github.com/aperezdc/signify/compare/v21...v22
......
signify-openbsd (25-1) experimental; urgency=medium
* refresh packaging (debhelper 12, std-ver 4.3.0)
* New upstream version 25
-- Tomasz Buchert <tomasz@debian.org> Sun, 05 May 2019 17:10:15 +0200
signify-openbsd (24-1) unstable; urgency=medium
* d/control: update vcs links to salsa
......
......@@ -2,15 +2,18 @@ Source: signify-openbsd
Maintainer: Tomasz Buchert <tomasz@debian.org>
Section: utils
Priority: optional
Build-Depends: debhelper (>= 11), libbsd-dev (>= 0.7.0), pkg-config
Standards-Version: 4.2.1
Build-Depends: debhelper (>= 12),
debhelper-compat (= 12),
libbsd-dev,
pkg-config
Standards-Version: 4.3.0
Vcs-Browser: https://salsa.debian.org/debian/signify-openbsd
Vcs-Git: https://salsa.debian.org/debian/signify-openbsd.git
Homepage: https://github.com/aperezdc/signify
Package: signify-openbsd
Architecture: any
Depends: libbsd0 (>= 0.7.0), ${misc:Depends}, ${shlibs:Depends}
Depends: libbsd0, ${misc:Depends}, ${shlibs:Depends}
Description: Lightweight cryptographic signing and verifying tool
Similar to GNU Privacy Guard (GPG), signify is the tool which
OpenBSD uses to cryptographically sign its releases, so that
......
......@@ -7,19 +7,19 @@ Subject: replace signify with signify-openbsd in the manpage
1 file changed, 16 insertions(+), 16 deletions(-)
diff --git a/signify.1 b/signify.1
index de3b433..052468a 100644
index ca9ab67..549206e 100644
--- a/signify.1
+++ b/signify.1
@@ -1,4 +1,4 @@
-.\" $OpenBSD: signify.1,v 1.44 2018/08/10 20:27:01 deraadt Exp $
+.\" $OpenBSD: signify-openbsd.1,v 1.44 2018/08/10 20:27:01 deraadt Exp $
-.\" $OpenBSD: signify.1,v 1.46 2019/03/23 07:10:06 tedu Exp $
+.\" $OpenBSD: signify-openbsd.1,v 1.46 2019/03/23 07:10:06 tedu Exp $
.\"
.\"Copyright (c) 2013 Marc Espie <espie@openbsd.org>
.\"Copyright (c) 2013 Ted Unangst <tedu@openbsd.org>
@@ -15,31 +15,31 @@
.\"ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\"OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.Dd $Mdocdate: August 10 2018 $
.Dd $Mdocdate: March 23 2019 $
-.Dt SIGNIFY 1
+.Dt SIGNIFY-OPENBSD 1
.Os
......@@ -45,7 +45,7 @@ index de3b433..052468a 100644
-.Nm signify
+.Nm signify-openbsd
.Fl S
.Op Fl ez
.Op Fl enz
.Op Fl x Ar sigfile
.Fl s Ar seckey
.Fl m Ar message
......@@ -54,7 +54,7 @@ index de3b433..052468a 100644
.Fl V
.Op Fl eqz
.Op Fl p Ar pubkey
@@ -113,7 +113,7 @@ to sign a message.
@@ -118,7 +118,7 @@ to sign a message.
.It Fl t Ar keytype
When deducing the correct key to check a signature, make sure
the actual key matches
......@@ -63,7 +63,7 @@ index de3b433..052468a 100644
.It Fl x Ar sigfile
The signature file to create or verify.
The default is
@@ -138,7 +138,7 @@ This comment can then be used as a hint for the name of the public key
@@ -143,7 +143,7 @@ This comment can then be used as a hint for the name of the public key
when verifying.
The second line of the file is the actual key or signature base64 encoded.
.Sh EXIT STATUS
......@@ -72,7 +72,7 @@ index de3b433..052468a 100644
It may fail because of one of the following reasons:
.Pp
.Bl -bullet -compact
@@ -153,34 +153,34 @@ The message file is too large.
@@ -158,34 +158,34 @@ The message file is too large.
.El
.Sh EXAMPLES
Create a new key pair:
......@@ -91,14 +91,14 @@ index de3b433..052468a 100644
.Pa SHA256.sig
and a full set of release files:
.Bd -literal -offset indent -compact
-$ signify -C -p /etc/signify/openbsd-65-base.pub -x SHA256.sig
+$ signify-openbsd -C -p /etc/signify/openbsd-65-base.pub -x SHA256.sig
-$ signify -C -p /etc/signify/openbsd-66-base.pub -x SHA256.sig
+$ signify-openbsd -C -p /etc/signify/openbsd-66-base.pub -x SHA256.sig
.Ed
.Pp
Verify a bsd.rd before an upgrade:
.Bd -literal -offset indent -compact
-$ signify -C -p /etc/signify/openbsd-65-base.pub -x SHA256.sig bsd.rd
+$ signify-openbsd -C -p /etc/signify/openbsd-65-base.pub -x SHA256.sig bsd.rd
-$ signify -C -p /etc/signify/openbsd-66-base.pub -x SHA256.sig bsd.rd
+$ signify-openbsd -C -p /etc/signify/openbsd-66-base.pub -x SHA256.sig bsd.rd
.Ed
.Pp
Sign a gzip archive:
......
.\" $OpenBSD: signify.1,v 1.44 2018/08/10 20:27:01 deraadt Exp $
.\" $OpenBSD: signify.1,v 1.46 2019/03/23 07:10:06 tedu Exp $
.\"
.\"Copyright (c) 2013 Marc Espie <espie@openbsd.org>
.\"Copyright (c) 2013 Ted Unangst <tedu@openbsd.org>
......@@ -14,7 +14,7 @@
.\"WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\"ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\"OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.Dd $Mdocdate: August 10 2018 $
.Dd $Mdocdate: March 23 2019 $
.Dt SIGNIFY 1
.Os
.Sh NAME
......@@ -35,7 +35,7 @@
.Fl s Ar seckey
.Nm signify
.Fl S
.Op Fl ez
.Op Fl enz
.Op Fl x Ar sigfile
.Fl s Ar seckey
.Fl m Ar message
......@@ -91,10 +91,15 @@ When verifying with
.Fl e ,
the file to create.
.It Fl n
Do not ask for a passphrase during key generation.
When generating a key pair, do not ask for a passphrase.
Otherwise,
.Nm
will prompt the user for a passphrase to protect the secret key.
When signing with
.Fl z ,
store a zero time stamp in the
.Xr gzip 1
header.
.It Fl p Ar pubkey
Public key produced by
.Fl G ,
......@@ -165,12 +170,12 @@ Verify a release directory containing
.Pa SHA256.sig
and a full set of release files:
.Bd -literal -offset indent -compact
$ signify -C -p /etc/signify/openbsd-65-base.pub -x SHA256.sig
$ signify -C -p /etc/signify/openbsd-66-base.pub -x SHA256.sig
.Ed
.Pp
Verify a bsd.rd before an upgrade:
.Bd -literal -offset indent -compact
$ signify -C -p /etc/signify/openbsd-65-base.pub -x SHA256.sig bsd.rd
$ signify -C -p /etc/signify/openbsd-66-base.pub -x SHA256.sig bsd.rd
.Ed
.Pp
Sign a gzip archive:
......
/* $OpenBSD: signify.c,v 1.128 2017/07/11 23:27:13 tedu Exp $ */
/* $OpenBSD: signify.c,v 1.131 2019/03/23 07:10:06 tedu Exp $ */
/*
* Copyright (c) 2013 Ted Unangst <tedu@openbsd.org>
*
......@@ -82,7 +82,7 @@ usage(const char *error)
#ifndef VERIFYONLY
"\t%1$s -C [-q] -p pubkey -x sigfile [file ...]\n"
"\t%1$s -G [-n] [-c comment] -p pubkey -s seckey\n"
"\t%1$s -S [-ez] [-x sigfile] -s seckey -m message\n"
"\t%1$s -S [-enz] [-x sigfile] -s seckey -m message\n"
#endif
"\t%1$s -V [-eqz] [-p pubkey] [-t keytype] [-x sigfile] -m message\n",
getprogname());
......@@ -144,7 +144,7 @@ parseb64file(const char *filename, char *b64, void *buf, size_t buflen,
errx(1, "missing new line after base64 in %s", filename);
*b64end = '\0';
if (b64_pton(commentend + 1, buf, buflen) != buflen)
errx(1, "invalid base64 encoding in %s", filename);
errx(1, "unable to parse %s", filename);
if (memcmp(buf, PKALG, 2) != 0)
errx(1, "unsupported file %s", filename);
return b64end - b64 + 1;
......@@ -257,6 +257,7 @@ kdf(uint8_t *salt, size_t saltlen, int rounds, int allowstdin, int confirm,
{
char pass[1024];
int rppflags = RPP_ECHO_OFF;
const char *errstr = NULL;
if (rounds == 0) {
memset(key, 0, keylen);
......@@ -273,15 +274,17 @@ kdf(uint8_t *salt, size_t saltlen, int rounds, int allowstdin, int confirm,
char pass2[1024];
if (!readpassphrase("confirm passphrase: ", pass2,
sizeof(pass2), rppflags))
errx(1, "unable to read passphrase");
if (strcmp(pass, pass2) != 0)
errx(1, "passwords don't match");
errstr = "unable to read passphrase";
if (!errstr && strcmp(pass, pass2) != 0)
errstr = "passwords don't match";
explicit_bzero(pass2, sizeof(pass2));
}
if (bcrypt_pbkdf(pass, strlen(pass), salt, saltlen, key,
if (!errstr && bcrypt_pbkdf(pass, strlen(pass), salt, saltlen, key,
keylen, rounds) == -1)
errx(1, "bcrypt pbkdf");
errstr = "bcrypt pbkdf";
explicit_bzero(pass, sizeof(pass));
if (errstr)
errx(1, "%s", errstr);
}
static void
......@@ -754,7 +757,8 @@ main(int argc, char **argv)
char sigfilebuf[PATH_MAX];
const char *comment = "signify";
char *keytype = NULL;
int ch, rounds;
int ch;
int none = 0;
int embedded = 0;
int quiet = 0;
int gzip = 0;
......@@ -769,8 +773,6 @@ main(int argc, char **argv)
if (pledge("stdio rpath wpath cpath tty", NULL) == -1)
err(1, "pledge");
rounds = 42;
while ((ch = getopt(argc, argv, "CGSVzc:em:np:qs:t:x:")) != -1) {
switch (ch) {
#ifndef VERIFYONLY
......@@ -808,7 +810,7 @@ main(int argc, char **argv)
msgfile = optarg;
break;
case 'n':
rounds = 0;
none = 1;
break;
case 'p':
pubkeyfile = optarg;
......@@ -871,14 +873,14 @@ main(int argc, char **argv)
if (!pubkeyfile || !seckeyfile)
usage("must specify pubkey and seckey");
check_keyname_compliance(pubkeyfile, seckeyfile);
generate(pubkeyfile, seckeyfile, rounds, comment);
generate(pubkeyfile, seckeyfile, none ? 0 : 42, comment);
break;
case SIGN:
/* no pledge */
if (gzip) {
if (!msgfile || !seckeyfile || !sigfile)
usage("must specify message sigfile seckey");
zsign(seckeyfile, msgfile, sigfile);
zsign(seckeyfile, msgfile, sigfile, none);
} else {
if (!msgfile || !seckeyfile)
usage("must specify message and seckey");
......
/* $OpenBSD: signify.h,v 1.1 2016/09/02 16:10:56 espie Exp $ */
/* $OpenBSD: signify.h,v 1.2 2019/03/23 07:10:06 tedu Exp $ */
/*
* Copyright (c) 2016 Marc Espie <espie@openbsd.org>
*
......@@ -19,7 +19,7 @@
#ifndef signify_h
#define signify_h
extern void zverify(const char *, const char *, const char *, const char *);
extern void zsign(const char *, const char *, const char *);
extern void zsign(const char *, const char *, const char *, int);
extern void *xmalloc(size_t);
extern void writeall(int, const void *, size_t, const char *);
......
/* $OpenBSD: zsig.c,v 1.15 2017/07/11 23:52:05 tedu Exp $ */
/* $OpenBSD: zsig.c,v 1.16 2019/03/23 07:10:06 tedu Exp $ */
/*
* Copyright (c) 2016 Marc Espie <espie@openbsd.org>
*
......@@ -231,7 +231,8 @@ zverify(const char *pubkeyfile, const char *msgfile, const char *sigfile,
}
void
zsign(const char *seckeyfile, const char *msgfile, const char *sigfile)
zsign(const char *seckeyfile, const char *msgfile, const char *sigfile,
int skipdate)
{
size_t bufsize = MYBUFSIZE;
int fdin, fdout;
......@@ -261,7 +262,11 @@ zsign(const char *seckeyfile, const char *msgfile, const char *sigfile)
msg = xmalloc(space);
buffer = xmalloc(bufsize);
time(&clock);
if (skipdate) {
clock = 0;
} else {
time(&clock);
}
strftime(date, sizeof date, "%Y-%m-%dT%H:%M:%SZ", gmtime(&clock));
snprintf(msg, space,
"date=%s\n"
......