ports
- add 'sshfpr' subcommand to output the ssh fingerprint of a gpg key
- pem2openpgp now generates self-sigs over SHA-256 instead of SHA-1
+ (changes dependency to libdigest-sha-perl)
- some portability improvements
- properly handle translation of keys with fingerprints with leading
all-zero bytes.
(closes MS #917)
- explicitly set and use MONKEYSPHERE_GROUP from system "groups"
(closes: #534008)
- * update Standard-Version to 3.8.2
+ * update Standard-Version to 3.8.2 (no changes needed)
-- Jameson Graef Rollins <jrollins@finestructure.net> Sat, 11 Jul 2009 18:55:25 -0400
Priority: extra
Maintainer: Jameson Graef Rollins <jrollins@finestructure.net>
Uploaders: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
-Build-Depends: debhelper (>= 7.0), socat, openssh-server, gnupg, libcrypt-openssl-rsa-perl, libdigest-sha1-perl, lockfile-progs | procmail
+Build-Depends: debhelper (>= 7.0), socat, openssh-server, gnupg, libcrypt-openssl-rsa-perl, libdigest-sha-perl, lockfile-progs | procmail
Standards-Version: 3.8.2
Homepage: http://web.monkeysphere.info/
Vcs-Git: git://git.monkeysphere.info/monkeysphere
Package: monkeysphere
Architecture: all
-Depends: openssh-client, gnupg, libcrypt-openssl-rsa-perl, libdigest-sha1-perl, lockfile-progs | procmail, adduser, ${misc:Depends}
+Depends: openssh-client, gnupg, libcrypt-openssl-rsa-perl, libdigest-sha-perl, lockfile-progs | procmail, adduser, ${misc:Depends}
Recommends: netcat | socat, ssh-askpass, cron
Enhances: openssh-client, openssh-server
Description: use the OpenPGP web of trust to verify ssh connections
use Crypt::OpenSSL::RSA;
use Crypt::OpenSSL::Bignum;
use Crypt::OpenSSL::Bignum::CTX;
-use Digest::SHA1;
+use Digest::SHA;
use MIME::Base64;
use POSIX;
my $rsabody = make_rsa_pub_key_body($key, $key_timestamp);
- return Digest::SHA1::sha1(pack('Cn', 0x99, length($rsabody)).$rsabody);
+ return Digest::SHA::sha1(pack('Cn', 0x99, length($rsabody)).$rsabody);
}
my $sigtype = pack('C', $certtype);
# RSA
my $pubkey_algo = pack('C', $asym_algos->{rsa});
- # SHA1
+ # SHA256
my $hash_algo = pack('C', $digests->{sha256});
# FIXME: i'm worried about generating a bazillion new OpenPGP
$sig_data_to_be_hashed.
$trailer;
- my $data_hash = Digest::SHA1::sha1_hex($datatosign);
+ my $data_hash = Digest::SHA::sha256_hex($datatosign);
my $issuer_packet = pack('CCa8', 9, $subpacket_types->{issuer}, $keyid);
On debian-derived systems, you can set this up with:
apt-get install libcrypt-openssl-rsa-perl" ; exit 1; }
-perl -MDigest::SHA1 -e 1 2>/dev/null || { echo "You must have the perl module Digest::SHA1 installed to run this test.
+perl -MDigest::SHA -e 1 2>/dev/null || { echo "You must have the perl module Digest::SHA installed to run this test.
On debian-derived systems, you can set this up with:
apt-get install libdigest-sha1-perl" ; exit 1; }
source "$TESTDIR"/common
-## setup trap
-trap failed_cleanup EXIT
+perl -MCrypt::OpenSSL::RSA -e 1 2>/dev/null || { echo "You must have the perl module Crypt::OpenSSL::RSA installed to run this test.
+On debian-derived systems, you can set this up with:
+ apt-get install libcrypt-openssl-rsa-perl" ; exit 1; }
+
+perl -MDigest::SHA -e 1 2>/dev/null || { echo "You must have the perl module Digest::SHA installed to run this test.
+On debian-derived systems, you can set this up with:
+ apt-get install libdigest-sha1-perl" ; exit 1; }
+
######################################################################
### SETUP VARIABLES
# This should help us test without installing.
export PATH="$TEMPDIR"/bin:"$PATH"
+## setup trap
+trap failed_cleanup EXIT
+
######################################################################
### TEST KEYTRANS