See ChangeLog: Fri Apr 9 12:26:25 CEST 1999 Werner Koch

NEWS

@@ -1,6 +1,10 @@
 
     * Full Twofish support.  It is now statically linked by default.
-   ---->   Hmmm, still have to check the message format
+      The experimental 128 bit version is now disabled.
+   ---->   Hmmm, there is an internal conflict in the RFC
+
+    * Dropped support for the ancient Blowfish160 which is not OpenPGP.
+
 
 Noteworthy changes in version 0.9.5
 -----------------------------------

README

@@ -1,7 +1,6 @@
 Please note that this is only a bug fix release and some things
 do not yet work - see TODO for parts which are problematic
 
-The genkey1024 test will fail due to an expect problem :-(
 
 
 -----BEGIN PGP SIGNED MESSAGE-----

TODO

@@ -21,18 +21,15 @@
   * Add NO_PUBKEY and NO_SECKEY status lines.
   * Add more NODATA status lines
 
-  * Solaris make as problems with the generated POTFILES - seems to be a
+  * Solaris make has problems with the generated POTFILES - seems to be a
     gettext bug.
 
-  * Need suffix rules for .S to produce .s for some systems
-
-  * do a chmod as soon as the secring is created.  Print a warning if
-    the directory mode is wrong.
 
 
 Nice to have
 ------------
   * use DEL and ^H for erasing the previous character (util/ttyio.c).
+  * Print a warning if the directory mode is wrong.
   * replace the keyserver stuff either by a call to a specialized
     utility or SOCKSify the stuff.
   * Do a real fix for bug #7 or document that it is a PGP 5 error.

checks/genkey1024.test

@@ -91,14 +91,7 @@ expect {
     timeout { exit 1 } }
 set timeout 600
 expect {
-  -ex "\r                   \rWe need to generate a lot of random bytes. It is a good idea to perform\r
-some other action (work in another window, move the mouse, utilize the\r
-the disks) during the prime generation; this gives the random\r
-number generator a better chance to gain enough entropy.\r" {}
-    timeout { exit 1 } }
-set timeout 600
-expect {
-    -ex "public and secret key created and signed.\r" { exit 0 }
+    -re "^.*\r\npublic and secret key" { exit 0 }
     eof  { exit 1 }
 }
 exit 1

cipher/ChangeLog

@@ -1,3 +1,11 @@
+Fri Apr  9 12:26:25 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+	* cipher.c (cipher_open): Reversed the changes for AUTO_CFB.
+
+	* blowfish.c: Dropped the Blowfish 160 mode.
+	* cipher.c (cipher_open): Ditto.
+	(setup_cipher_table): Ditto.  And removed support of twofish128
+
 Wed Apr  7 20:51:39 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
 
 	* random.c (get_random_bits): Can now handle requests > POOLSIZE

cipher/blowfish.c

@@ -42,7 +42,6 @@
 
 
 #define CIPHER_ALGO_BLOWFISH	 4  /* blowfish 128 bit key */
-#define CIPHER_ALGO_BLOWFISH160 42  /* blowfish 160 bit key (not in OpenPGP)*/
 
 #define FNCCAST_SETKEY(f)  (int(*)(void*, byte*, unsigned))(f)
 #define FNCCAST_CRYPT(f)   (void(*)(void*, byte*, byte*))(f)
@@ -582,7 +581,7 @@ blowfish_get_info( int algo, size_t *keylen,
 		   void (**r_decrypt)( void *c, byte *outbuf, byte *inbuf )
 		 )
 {
-    *keylen = algo == CIPHER_ALGO_BLOWFISH ? 128 : 160;
+    *keylen = 128;
     *blocksize = BLOWFISH_BLOCKSIZE;
     *contextsize = sizeof(BLOWFISH_context);
     *r_setkey = FNCCAST_SETKEY(bf_setkey);
@@ -591,8 +590,6 @@ blowfish_get_info( int algo, size_t *keylen,
 
     if( algo == CIPHER_ALGO_BLOWFISH )
 	return "BLOWFISH";
-    if( algo == CIPHER_ALGO_BLOWFISH160 )
-	return "BLOWFISH160";
     return NULL;
 }
 

cipher/cipher.c

@@ -127,28 +127,6 @@ setup_cipher_table(void)
     if( !cipher_table[i].name )
 	BUG();
     i++;
-    cipher_table[i].algo = CIPHER_ALGO_BLOWFISH160;
-    cipher_table[i].name = blowfish_get_info( cipher_table[i].algo,
-					 &cipher_table[i].keylen,
-					 &cipher_table[i].blocksize,
-					 &cipher_table[i].contextsize,
-					 &cipher_table[i].setkey,
-					 &cipher_table[i].encrypt,
-					 &cipher_table[i].decrypt     );
-    if( !cipher_table[i].name )
-	BUG();
-    i++;
-    cipher_table[i].algo = CIPHER_ALGO_TWOFISH_OLD;
-    cipher_table[i].name = twofish_get_info( cipher_table[i].algo,
-					 &cipher_table[i].keylen,
-					 &cipher_table[i].blocksize,
-					 &cipher_table[i].contextsize,
-					 &cipher_table[i].setkey,
-					 &cipher_table[i].encrypt,
-					 &cipher_table[i].decrypt     );
-    if( !cipher_table[i].name )
-	BUG();
-    i++;
     cipher_table[i].algo = CIPHER_ALGO_DUMMY;
     cipher_table[i].name = "DUMMY";
     cipher_table[i].blocksize = 8;
@@ -362,8 +340,7 @@ cipher_open( int algo, int mode, int secure )
     if( algo == CIPHER_ALGO_DUMMY )
 	hd->mode = CIPHER_MODE_DUMMY;
     else if( mode == CIPHER_MODE_AUTO_CFB ) {
-	if( hd->blocksize > 8
-	    || algo == CIPHER_ALGO_BLOWFISH160 || algo >= 100 )
+	if( algo >= 100 )
 	    hd->mode = CIPHER_MODE_CFB;
 	else
 	    hd->mode = CIPHER_MODE_PHILS_CFB;

cipher/twofish.c

@@ -2,6 +2,9 @@
  * By Matthew Skala <mskala@ansuz.sooke.bc.ca>, July 26, 1998
  * 256-bit key length added March 20, 1999
  *
+ * The original author has disclaimed all copyright interest in this
+ * code and thus putting it in the public domain.
+ *
  * This code is a "clean room" implementation, written from the paper
  * _Twofish: A 128-Bit Block Cipher_ by Bruce Schneier, John Kelsey,
  * Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson, available

doc/DETAILS

@@ -111,13 +111,26 @@ more arguments in future versions.
     NEED_PASSPHRASE_SYM <cipher_algo> <s2k_mode> <s2k_hash>
 	Issued whenever a passphrase for symmetric encryption is needed.
 
+    MISSING_PASSPHRASE
+
     BAD_PASSPHRASE <long keyid>
 	The supplied passphrase was wrong
 
+    GOOD_PASSPHRASE
+	The supplied passphrase was good and the secret key material
+	is therefore usuable.
+
     DECRYPTION_FAILED
 	The symmetric decryption failed - one reason could be a wrong
 	passphrase for a symmetrical encrypted message.
 
+    DECRYPTION_OKAY
+	The decryption process succeeded.  This means, that either the
+	correct secret key has been used or the correct passphrase
+	for a conventional encrypted message was given.  The program
+	itself may return an errorcode becuase it may not be possible to
+	verify a signature for some reasons.
+
     NO_PUBKEY  <long keyid>
     NO_SECKEY  <long keyid>
 	The key is not available

g10/ChangeLog

@@ -1,3 +1,14 @@
+Fri Apr  9 12:26:25 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+	* status.c (write_status_text): Some more status codes.
+	* passphrase_to_dek (passphrase_to_dek): add a status code.
+	* seckey_cert.c (check_secret_key): Likewise.
+
+	* encr-data.c (decrypt_data): Reverse the last changes
+	* cipher.c (write_header): Ditto.
+
+	* parse-packet.c (parse_key): Dropped kludge for ancient blowfish mode.
+
 Thu Apr  8 09:35:53 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
 
 	* mainproc.c (proc_encrypted): Add a new status output

g10/cipher.c

@@ -58,10 +58,7 @@ write_header( cipher_filter_context_t *cfx, IOBUF a )
     blocksize = cipher_get_blocksize( cfx->dek->algo );
     if( blocksize < 8 || blocksize > 16 )
 	log_fatal("unsupported blocksize %u\n", blocksize );
-    /* FIXME: remove the kludge for the experimental twofish128 mode:
-     * we always use the 10 byte prefix and not one depending on the blocksize
-     */
-    nprefix = cfx->dek->algo == CIPHER_ALGO_TWOFISH_OLD? blocksize : 8;
+    nprefix = blocksize;
     randomize_buffer( temp, nprefix, 1 );
     temp[nprefix] = temp[nprefix-2];
     temp[nprefix+1] = temp[nprefix-1];

g10/encr-data.c

@@ -66,10 +66,7 @@ decrypt_data( PKT_encrypted *ed, DEK *dek )
     blocksize = cipher_get_blocksize(dek->algo);
     if( !blocksize || blocksize > 16 )
 	log_fatal("unsupported blocksize %u\n", blocksize );
-    /* FIXME: remove the kludge for the experimental twofish128 mode:
-     * we always use the 10 byte prefix and not one depending on the blocksize
-     */
-    nprefix = dek->algo == CIPHER_ALGO_TWOFISH_OLD? blocksize : 8;
+    nprefix = blocksize;
     if( ed->len && ed->len < (nprefix+2) )
 	BUG();
 

g10/import.c

@@ -988,6 +988,10 @@ merge_blocks( const char *fname, KBNODE keyblock_orig, KBNODE keyblock,
 /****************
  * append the userid starting with NODE and all signatures to KEYBLOCK.
  * Mark all new and copied packets by setting flag bit 0.
+ * FIXME: It may happen that two identical user ID gets imported; should we
+ *	  add another check and how can we handle the signature?  Maybe
+ *	  we have to collapse both UIDs into one and then remove duplicated
+ *	  signatures.
  */
 static int
 append_uid( KBNODE keyblock, KBNODE node, int *n_sigs,

g10/mainproc.c

@@ -241,6 +241,7 @@ proc_encrypted( CTX c, PACKET *pkt )
     if( result == -1 )
 	;
     else if( !result ) {
+	write_status( STATUS_DECRYPTION_OKAY );
 	if( opt.verbose > 1 )
 	    log_info(_("decryption okay\n"));
     }

g10/parse-packet.c

@@ -1305,11 +1305,7 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
 	    }
 	    else { /* old version; no S2K, so we set mode to 0, hash MD5 */
 		sk->protect.s2k.mode = 0;
-		/* We need a kludge to cope with old GNUPG versions */
-		sk->protect.s2k.hash_algo =
-			     ( sk->protect.algo == CIPHER_ALGO_BLOWFISH160
-			       && algorithm == PUBKEY_ALGO_ELGAMAL_E ) ?
-				      DIGEST_ALGO_RMD160 : DIGEST_ALGO_MD5;
+		sk->protect.s2k.hash_algo = DIGEST_ALGO_MD5;
 		if( list_mode )
 		    printf(  "\tprotect algo: %d  (hash algo: %d)\n",
 			 sk->protect.algo, sk->protect.s2k.hash_algo );

g10/passphrase.c

@@ -201,6 +201,10 @@ passphrase_to_dek( u32 *keyid, int cipher_algo, STRING2KEY *s2k, int mode )
 	    m_free(pw2);
 	}
     }
+
+    if( !pw || !*pw )
+	write_status( STATUS_MISSING_PASSPHRASE );
+
     dek = m_alloc_secure( sizeof *dek );
     dek->algo = cipher_algo;
     if( !*pw && mode == 2 )

g10/seckey-cert.c

@@ -187,6 +187,9 @@ check_secret_key( PKT_secret_key *sk, int n )
 	    break;
     }
 
+    if( !rc )
+	write_status( STATUS_GOOD_PASSPHRASE );
+
     return rc;
 }
 

g10/status.c

@@ -106,6 +106,9 @@ write_status_text ( int no, const char *text)
       case STATUS_NO_SECKEY	 : s = "NO_SECKEY\n"; break;
       case STATUS_NEED_PASSPHRASE_SYM: s = "NEED_PASSPHRASE_SYM\n"; break;
       case STATUS_DECRYPTION_FAILED: s = "DECRYPTION_FAILED\n"; break;
+      case STATUS_DECRYPTION_OKAY: s = "DECRYPTION_OKAY\n"; break;
+      case STATUS_MISSING_PASSPHRASE: s = "MISSING_PASSPHRASE\n"; break;
+      case STATUS_GOOD_PASSPHRASE : s = "GOOD_PASSPHRASE\n"; break;
       default: s = "?\n"; break;
     }
 

g10/status.h

@@ -57,6 +57,9 @@
 #define STATUS_NO_SECKEY       27
 #define STATUS_NEED_PASSPHRASE_SYM 28
 #define STATUS_DECRYPTION_FAILED 29
+#define STATUS_DECRYPTION_OKAY	 30
+#define STATUS_MISSING_PASSPHRASE 31
+#define STATUS_GOOD_PASSPHRASE	32
 
 /*-- status.c --*/
 void set_status_fd ( int fd );

include/ChangeLog

@@ -1,3 +1,7 @@
+Fri Apr  9 12:26:25 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+	* cipher.h (BLOWFISH160): Removed.
+
 Tue Apr  6 19:58:12 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
 
 	* cipher.h (DEK): increased max. key length to 32 bytes

include/cipher.h

@@ -34,7 +34,6 @@
 #define CIPHER_ALGO_SAFER_SK128  5
 #define CIPHER_ALGO_DES_SK	 6
 #define CIPHER_ALGO_TWOFISH	10  /* twofish 256 bit */
-#define CIPHER_ALGO_BLOWFISH160 42  /* blowfish 160 bit key (not in OpenPGP)*/
 #define CIPHER_ALGO_SKIPJACK   101  /* experimental: skipjack */
 #define CIPHER_ALGO_TWOFISH_OLD 102 /* experimental: twofish 128 bit */
 #define CIPHER_ALGO_DUMMY      110  /* no encryption at all */

util/memory.c

@@ -123,20 +123,19 @@ static void check_allmem( const char *info );
 static void
 add_entry( byte *p, unsigned n, int mode, const char *info, const char *by )
 {
-    unsigned index;
+    unsigned idx;
     struct memtbl_entry *e;
     struct info_entry *ie;
 
     if( memtbl_len < memtbl_size  )
-	index = memtbl_len++;
+	idx = memtbl_len++;
     else {
-	struct memtbl_entry *e;
 	/* look for a used entry in the table.	We take the first one,
 	 * so that freed entries remain as long as possible in the table
 	 * (free appends a new one)
 	 */
 	if( (e = memtbl_unused) ) {
-	    index = e - memtbl;
+	    idx = e - memtbl;
 	    memtbl_unused = e->next;
 	    e->next = NULL;
 	}
@@ -145,32 +144,33 @@ add_entry( byte *p, unsigned n, int mode, const char *info, const char *by )
 		memtbl_size = 100;
 		if( !(memtbl = calloc( memtbl_size, sizeof *memtbl )) )
 		    membug("memory debug table malloc failed\n");
-		index = 0;
+		idx = 0;
 		memtbl_len = 1;
 		atexit( dump_table_at_exit );
 	    }
 	    else { /* realloc */
-		unsigned n = memtbl_size / 4; /* enlarge by 25% */
-		if(!(memtbl = realloc(memtbl, (memtbl_size+n)*sizeof *memtbl)))
+		unsigned nn = memtbl_size / 4; /* enlarge by 25% */
+		if(!(memtbl = realloc(memtbl, (memtbl_size+nn)*sizeof *memtbl)))
 		    membug("memory debug table realloc failed\n");
 		memset(memtbl+memtbl_size, 0, n*sizeof *memtbl );
-		memtbl_size += n;
-		index = memtbl_len++;
+		memtbl_size += nn;
+		idx = memtbl_len++;
 	    }
 	}
     }
-    e = memtbl+index;
+    e = memtbl+idx;
     if( e->inuse )
-	membug("Ooops: entry %u is flagged as in use\n", index);
+	membug("Ooops: entry %u is flagged as in use\n", idx);
     e->user_p = p + 4;
     e->user_n = n;
     e->count++;
     if( e->next )
 	membug("Ooops: entry is in free entry list\n");
     /* do we already have this info string */
-    for( ie = info_strings[info_hash(info)]; ie; ie = ie->next )
+    for( ie = info_strings[info_hash(info)]; ie; ie = ie->next ) {
 	if( ie->info == info )
 	    break;
+    }
     if( !ie ) { /* no: make a new entry */
 	if( !(ie = malloc( sizeof *ie )) )
 	    membug("can't allocate info entry\n");
@@ -184,9 +184,9 @@ add_entry( byte *p, unsigned n, int mode, const char *info, const char *by )
     e->inuse = 1;
 
     /* put the index at the start of the memory */
-    p[0] = index;
-    p[1] = index >> 8 ;
-    p[2] = index >> 16 ;
+    p[0] = idx;
+    p[1] = idx >> 8 ;
+    p[2] = idx >> 16 ;
     p[3] = mode? MAGIC_SEC_BYTE : MAGIC_NOR_BYTE  ;
     if( DBG_MEMORY )
 	log_debug( "%s allocates %u bytes using %s\n", info, e->user_n, by );