security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

nearly ready for 0.3.0

This commit is contained in:
Werner Koch 1998-06-25 10:19:08 +00:00
parent e6ac5acbbf
commit 06fd61d081
52 changed files with 1335 additions and 312 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@ -1,3 +1,7 @@
Thu Jun 25 11:18:49 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (--disable-dynload): New.
Wed Jun 10 07:48:59 1998 Werner Koch,mobil,,, (wk@tobold) Wed Jun 10 07:48:59 1998 Werner Koch,mobil,,, (wk@tobold)
* configure.in (GNUPG_LIBDIR): New. * configure.in (GNUPG_LIBDIR): New.

8
INSTALL
View File

@ -25,12 +25,16 @@ Configure options for GNUPG
side-effect, this removes all debugging code and uses side-effect, this removes all debugging code and uses
the -O2 flag for all C files. the -O2 flag for all C files.
--disable-dynload If you have problems with dynamic loading, this option
disables all dynamic loading stuff.
Problems Problems
======== ========
If you have compile problems, try the configure options "--with-included-zlib" If you have compile problems, try the configure options "--with-included-zlib",
or "--disable-nls" (See ABOUT-NLS). "--disable-nls" (See ABOUT-NLS) or --disable-dynload.
I can't check all assembler files, so if you have problems assembling them I can't check all assembler files, so if you have problems assembling them
(or the program crashes), simply delete the files in the mpi/<cpu> directory. (or the program crashes), simply delete the files in the mpi/<cpu> directory.

17
NEWS
View File

@ -1,11 +1,28 @@
Noteworthy changes in version 0.3.0 Noteworthy changes in version 0.3.0
----------------------------------- -----------------------------------
* New option --emulate-checksum-bug. If your passphrase does not * New option --emulate-checksum-bug. If your passphrase does not
work anymore, use this option and --change-passphrase to rewrite work anymore, use this option and --change-passphrase to rewrite
your passphrase. your passphrase.
* More complete v4 key support: Preferences and expiration time
is set into the self signature.
* Key generation defaults to DSA/ElGamal keys, so that new keys are
interoperable with pgp5
* DSA key generation is faster and key generation does not anymore
remove entropy from the random generator (the primes are public
parameters, so there is really no need for a cryptographic secure
prime number generator which we had used).
* A complete new structure for representing the key parameters.
* Removed most public key knowledge into the cipher libray.
* Support for dynamic loading of new algorithms.
* Moved tiger to an extension module.
Noteworthy changes in version 0.2.19 Noteworthy changes in version 0.2.19

13
TODO
View File

@ -1,12 +1,13 @@
* make preferences work
* rewrite --list-packets or put it into another tool.
* add field to PKT_user_id to hold the hash context * add field to PKT_user_id to hold the hash context
* add usage arguments to get_key_byname or return a PKC_LIST with * add usage arguments to get_key_byname or return a PKC_LIST with
all keys and add a selection. all keys and add a selection.
* add expiration date and other stuff from v4 sigs to the trust
checking.
* add readline support. Must enhance libreadline - Anyone? * add readline support. Must enhance libreadline - Anyone?
* Burn the buffers used by fopen(), or use read(2). * Burn the buffers used by fopen(), or use read(2).
@ -21,7 +22,6 @@
* add checking of armor trailers * add checking of armor trailers
* remove all "Fixmes" * remove all "Fixmes"
* bug: g10/trustdb.c#build_sigrecs called to often by do_list_path * bug: g10/trustdb.c#build_sigrecs called to often by do_list_path
and remove the bad kludge. Maybe we should put all sigs into the trustdb and remove the bad kludge. Maybe we should put all sigs into the trustdb
and mark them as valid/invalid/nopubkey, and how do we check, that and mark them as valid/invalid/nopubkey, and how do we check, that
@ -29,11 +29,6 @@
record, as it does not belong to the pubkey record? record, as it does not belong to the pubkey record?
* add an option to create a new user id. * add an option to create a new user id.
Make it possible to change the signature class of the self-signatures,
which can then be used to change the displayed order of user-ids:
Put the user-id with a self-signature of class 0x13 always on top
of the displayed list (needs changes in the user-id-from-keyid
functions).
* add an option to re-create a public key from a secret key. Think about * add an option to re-create a public key from a secret key. Think about
a backup system of only the secret part of the secret key. a backup system of only the secret part of the secret key.

2
VERSION
View File

@ -1 +1 @@
0.2.19b 0.2.19d

2
checks/Makefile.am
View File

@ -25,7 +25,7 @@ check: prepared.stamp
prepared.stamp: pubring.gpg secring.gpg gnupg.sig plain-3 \ prepared.stamp: pubring.gpg secring.gpg gnupg.sig plain-3 \
pubring.pkr secring.skr $(DATA_FILES) pubring.pkr secring.skr $(DATA_FILES)
@echo "def" | ../g10/gpg -v --no-operation; \ @echo "def" | ../g10/gpg --homedir . -v --no-operation; \
echo timestamp >./prepared.stamp echo timestamp >./prepared.stamp
pubring.gpg: pubring.asc pubring.gpg: pubring.asc

2
checks/defs.inc
View File

@ -70,7 +70,7 @@ pgmname=$(basename $0)
cat <<EOF >./options cat <<EOF >./options
no-greeting no-greeting
no-secmem-warning no-secmem-warning
load-extension ../cipher/tiger.so load-extension ../cipher/tiger
batch batch
EOF EOF

10
cipher/ChangeLog
View File

@ -1,6 +1,14 @@
Thu Jun 25 11:18:25 1998 Werner Koch (wk@isil.d.shuttle.de)
* Makefile.am: Support for extensions
Thu Jun 18 12:09:38 1998 Werner Koch (wk@isil.d.shuttle.de)
* random.c (mix_pool): simpler handling for level 0
Mon Jun 15 14:40:48 1998 Werner Koch (wk@isil.d.shuttle.de) Mon Jun 15 14:40:48 1998 Werner Koch (wk@isil.d.shuttle.de)
* tiger.c: Removed from dis, will reappear as dynload module * tiger.c: Removed from dist, will reappear as dynload module
Sat Jun 13 14:16:57 1998 Werner Koch (wk@isil.d.shuttle.de) Sat Jun 13 14:16:57 1998 Werner Koch (wk@isil.d.shuttle.de)

21
cipher/Makefile.am
View File

@ -1,9 +1,15 @@
## Process this file with automake to produce Makefile.in ## Process this file with automake to produce Makefile.in
gnupg_extensions = tiger
INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/intl -I../intl INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/intl -I../intl
EXTRA_DIST = tiger.c
noinst_LIBRARIES = libcipher.a noinst_LIBRARIES = libcipher.a
if ENABLE_GNUPG_EXTENSIONS
pkglib_PROGRAMS = $(gnupg_extensions)
else
pkglib_PROGRAMS =
endif
libcipher_a_SOURCES = cipher.c \ libcipher_a_SOURCES = cipher.c \
@ -18,6 +24,7 @@ libcipher_a_SOURCES = cipher.c \
elgamal.c \ elgamal.c \
elgamal.h \ elgamal.h \
md5.c \ md5.c \
md5.h \
primegen.c \ primegen.c \
random.h \ random.h \
random.c \ random.c \
@ -34,4 +41,16 @@ libcipher_a_SOURCES = cipher.c \
g10c.c \ g10c.c \
smallprime.c smallprime.c
EXTRA_tiger_SOURCES = tiger.c
tiger: tiger.c
$(COMPILE) -shared -fPIC -o tiger tiger.c
install-exec-hook:
@list='$(pkglib_PROGRAMS)'; for p in $$list; do \
if test -f $(pkglibdir)/$$p; then \
echo "chmod 644 $(pkglibdir)/$$p"; \
chmod 644 $(pkglibdir)/$$p; \
fi; \
done

10
cipher/blowfish.c
View File

@ -55,7 +55,7 @@ typedef struct {
u32 p[BLOWFISH_ROUNDS+2]; u32 p[BLOWFISH_ROUNDS+2];
} BLOWFISH_context; } BLOWFISH_context;
static void setkey( BLOWFISH_context *c, byte *key, unsigned keylen ); static void bf_setkey( BLOWFISH_context *c, byte *key, unsigned keylen );
static void encrypt_block( BLOWFISH_context *bc, byte *outbuf, byte *inbuf ); static void encrypt_block( BLOWFISH_context *bc, byte *outbuf, byte *inbuf );
static void decrypt_block( BLOWFISH_context *bc, byte *outbuf, byte *inbuf ); static void decrypt_block( BLOWFISH_context *bc, byte *outbuf, byte *inbuf );
@ -461,7 +461,7 @@ selftest()
byte key3[] = { 0x41, 0x79, 0x6E, 0xA0, 0x52, 0x61, 0x6E, 0xE4 }; byte key3[] = { 0x41, 0x79, 0x6E, 0xA0, 0x52, 0x61, 0x6E, 0xE4 };
byte cipher3[] = { 0xE1, 0x13, 0xF4, 0x10, 0x2C, 0xFC, 0xCE, 0x43 }; byte cipher3[] = { 0xE1, 0x13, 0xF4, 0x10, 0x2C, 0xFC, 0xCE, 0x43 };
setkey( &c, "abcdefghijklmnopqrstuvwxyz", 26 ); bf_setkey( &c, "abcdefghijklmnopqrstuvwxyz", 26 );
encrypt_block( &c, buffer, plain ); encrypt_block( &c, buffer, plain );
if( memcmp( buffer, "\x32\x4E\xD0\xFE\xF4\x13\xA2\x03", 8 ) ) if( memcmp( buffer, "\x32\x4E\xD0\xFE\xF4\x13\xA2\x03", 8 ) )
log_error("wrong blowfish encryption\n"); log_error("wrong blowfish encryption\n");
@ -469,7 +469,7 @@ selftest()
if( memcmp( buffer, plain, 8 ) ) if( memcmp( buffer, plain, 8 ) )
log_bug("blowfish failed\n"); log_bug("blowfish failed\n");
setkey( &c, key3, 8 ); bf_setkey( &c, key3, 8 );
encrypt_block( &c, buffer, plain3 ); encrypt_block( &c, buffer, plain3 );
if( memcmp( buffer, cipher3, 8 ) ) if( memcmp( buffer, cipher3, 8 ) )
log_error("wrong blowfish encryption (3)\n"); log_error("wrong blowfish encryption (3)\n");
@ -481,7 +481,7 @@ selftest()
static void static void
setkey( BLOWFISH_context *c, byte *key, unsigned keylen ) bf_setkey( BLOWFISH_context *c, byte *key, unsigned keylen )
{ {
int i, j; int i, j;
u32 data, datal, datar; u32 data, datal, datar;
@ -563,7 +563,7 @@ blowfish_get_info( int algo, size_t *keylen,
*keylen = algo == CIPHER_ALGO_BLOWFISH ? 128 : 160; *keylen = algo == CIPHER_ALGO_BLOWFISH ? 128 : 160;
*blocksize = BLOWFISH_BLOCKSIZE; *blocksize = BLOWFISH_BLOCKSIZE;
*contextsize = sizeof(BLOWFISH_context); *contextsize = sizeof(BLOWFISH_context);
*r_setkey = FNCCAST_SETKEY(setkey); *r_setkey = FNCCAST_SETKEY(bf_setkey);
*r_encrypt= FNCCAST_CRYPT(encrypt_block); *r_encrypt= FNCCAST_CRYPT(encrypt_block);
*r_decrypt= FNCCAST_CRYPT(decrypt_block); *r_decrypt= FNCCAST_CRYPT(decrypt_block);

12
cipher/cast5.c
View File

@ -57,7 +57,7 @@ typedef struct {
byte Kr[16]; byte Kr[16];
} CAST5_context; } CAST5_context;
static void setkey( CAST5_context *c, byte *key, unsigned keylen ); static void cast_setkey( CAST5_context *c, byte *key, unsigned keylen );
static void encrypt_block( CAST5_context *bc, byte *outbuf, byte *inbuf ); static void encrypt_block( CAST5_context *bc, byte *outbuf, byte *inbuf );
static void decrypt_block( CAST5_context *bc, byte *outbuf, byte *inbuf ); static void decrypt_block( CAST5_context *bc, byte *outbuf, byte *inbuf );
@ -465,7 +465,7 @@ selftest()
byte cipher[8]= { 0x23, 0x8B, 0x4F, 0xE5, 0x84, 0x7E, 0x44, 0xB2 }; byte cipher[8]= { 0x23, 0x8B, 0x4F, 0xE5, 0x84, 0x7E, 0x44, 0xB2 };
byte buffer[8]; byte buffer[8];
setkey( &c, key, 16 ); cast_setkey( &c, key, 16 );
encrypt_block( &c, buffer, plain ); encrypt_block( &c, buffer, plain );
if( memcmp( buffer, cipher, 8 ) ) if( memcmp( buffer, cipher, 8 ) )
log_error("wrong cast5-128 encryption\n"); log_error("wrong cast5-128 encryption\n");
@ -486,10 +486,10 @@ selftest()
0x80,0xAC,0x05,0xB8,0xE8,0x3D,0x69,0x6E }; 0x80,0xAC,0x05,0xB8,0xE8,0x3D,0x69,0x6E };
for(i=0; i < 1000000; i++ ) { for(i=0; i < 1000000; i++ ) {
setkey( &c, b0, 16 ); cast_setkey( &c, b0, 16 );
encrypt_block( &c, a0, a0 ); encrypt_block( &c, a0, a0 );
encrypt_block( &c, a0+8, a0+8 ); encrypt_block( &c, a0+8, a0+8 );
setkey( &c, a0, 16 ); cast_setkey( &c, a0, 16 );
encrypt_block( &c, b0, b0 ); encrypt_block( &c, b0, b0 );
encrypt_block( &c, b0+8, b0+8 ); encrypt_block( &c, b0+8, b0+8 );
} }
@ -550,7 +550,7 @@ key_schedule( u32 *x, u32 *z, u32 *k )
static void static void
setkey( CAST5_context *c, byte *key, unsigned keylen ) cast_setkey( CAST5_context *c, byte *key, unsigned keylen )
{ {
static int initialized; static int initialized;
int i; int i;
@ -602,7 +602,7 @@ cast5_get_info( int algo, size_t *keylen,
*keylen = 128; *keylen = 128;
*blocksize = CAST5_BLOCKSIZE; *blocksize = CAST5_BLOCKSIZE;
*contextsize = sizeof(CAST5_context); *contextsize = sizeof(CAST5_context);
*r_setkey = FNCCAST_SETKEY(setkey); *r_setkey = FNCCAST_SETKEY(cast_setkey);
*r_encrypt= FNCCAST_CRYPT(encrypt_block); *r_encrypt= FNCCAST_CRYPT(encrypt_block);
*r_decrypt= FNCCAST_CRYPT(decrypt_block); *r_decrypt= FNCCAST_CRYPT(decrypt_block);

2
cipher/dsa.c
View File

@ -150,7 +150,7 @@ generate( DSA_secret_key *sk, unsigned nbits, MPI **ret_factors )
* is the secret part. */ * is the secret part. */
if( DBG_CIPHER ) if( DBG_CIPHER )
log_debug("choosing a random x "); log_debug("choosing a random x ");
assert( qbits >= 16 ); assert( qbits >= 160 );
x = mpi_alloc_secure( mpi_get_nlimbs(q) ); x = mpi_alloc_secure( mpi_get_nlimbs(q) );
mpi_sub_ui( h, q, 1 ); /* put q-1 into h */ mpi_sub_ui( h, q, 1 ); /* put q-1 into h */
rndbuf = NULL; rndbuf = NULL;

26
cipher/dynload.c
View File

@ -34,6 +34,7 @@ typedef struct ext_list {
void *handle; /* handle from dlopen() */ void *handle; /* handle from dlopen() */
int failed; /* already tried but failed */ int failed; /* already tried but failed */
void * (*enumfunc)(int, int*, int*, int*); void * (*enumfunc)(int, int*, int*, int*);
char *hintstr; /* pointer into name */
char name[1]; char name[1];
} *EXTLIST; } *EXTLIST;
@ -48,12 +49,19 @@ typedef struct {
/**************** /****************
* Register an extension module. The last registered module will * Register an extension module. The last registered module will
* be loaded first. * be loaded first. A name may have a list of classes
* appended; e.g:
* mymodule.so(1:17,3:20,3:109)
* means that this module provides digest algorithm 17 and public key
* algorithms 20 and 109. This is only a hint but if it is there the
* loader may decide to only load a module which claims to have a
* requested algorithm.
*/ */
void void
register_cipher_extension( const char *fname ) register_cipher_extension( const char *fname )
{ {
EXTLIST r, el; EXTLIST r, el;
char *p, *pe;
if( *fname != '/' ) { /* do tilde expansion etc */ if( *fname != '/' ) { /* do tilde expansion etc */
char *p ; char *p ;
@ -70,6 +78,14 @@ register_cipher_extension( const char *fname )
el = m_alloc_clear( sizeof *el + strlen(fname) ); el = m_alloc_clear( sizeof *el + strlen(fname) );
strcpy(el->name, fname ); strcpy(el->name, fname );
} }
/* check whether we have a class hint */
if( (p=strchr(el->name,'(')) && (pe=strchr(p+1,')')) && !pe[1] ) {
*p = *pe = 0;
el->hintstr = p+1;
}
else
el->hintstr = NULL;
/* check that it is not already registered */ /* check that it is not already registered */
for(r = extensions; r; r = r->next ) for(r = extensions; r; r = r->next )
if( !compare_filenames(r->name, el->name) ) { if( !compare_filenames(r->name, el->name) ) {
@ -77,8 +93,6 @@ register_cipher_extension( const char *fname )
m_free(el); m_free(el);
return; return;
} }
if( DBG_CIPHER )
log_debug("extension '%s' registered\n", el->name );
/* and register */ /* and register */
el->next = extensions; el->next = extensions;
extensions = el; extensions = el;
@ -95,6 +109,7 @@ load_extension( EXTLIST el )
int seq = 0; int seq = 0;
int class, vers; int class, vers;
el->handle = dlopen(el->name, RTLD_NOW); el->handle = dlopen(el->name, RTLD_NOW);
if( !el->handle ) { if( !el->handle ) {
log_error("%s: error loading extension: %s\n", el->name, dlerror() ); log_error("%s: error loading extension: %s\n", el->name, dlerror() );
@ -107,7 +122,10 @@ load_extension( EXTLIST el )
} }
if( g10_opt_verbose ) if( g10_opt_verbose )
log_info("%s: version '%s'\n", el->name, *name ); log_info("%s: %s%s%s%s\n", el->name, *name,
el->hintstr? " (":"",
el->hintstr? el->hintstr:"",
el->hintstr? ")":"");
sym = dlsym(el->handle, "gnupgext_enum_func"); sym = dlsym(el->handle, "gnupgext_enum_func");
if( (err=dlerror()) ) { if( (err=dlerror()) ) {

3
cipher/md.c
View File

@ -314,8 +314,9 @@ md_final(MD_HANDLE a)
if( a->bufcount ) if( a->bufcount )
md_write( a, NULL, 0 ); md_write( a, NULL, 0 );
for(r=a->list; r; r = r->next ) for(r=a->list; r; r = r->next ) {
(*r->final)( &r->context ); (*r->final)( &r->context );
}
} }

12
cipher/rand-unix.c
View File

@ -129,23 +129,11 @@ read_random_source( byte *buffer, size_t length, int level )
fd_random = open_device( "/dev/random", 8 ); fd_random = open_device( "/dev/random", 8 );
fd = fd_random; fd = fd_random;
} }
else if( level == 1 ) {
if( fd_urandom == -1 )
fd_urandom = open_device( "/dev/urandom", 9 );
fd = fd_urandom;
}
else { else {
/* This is level 0, which only yields simple random bytes.
* We do not use /dev/urandom as this would remove entropy
* from the kernel entropy pool */
/* FIXME !!!! */
if( fd_urandom == -1 ) if( fd_urandom == -1 )
fd_urandom = open_device( "/dev/urandom", 9 ); fd_urandom = open_device( "/dev/urandom", 9 );
fd = fd_urandom; fd = fd_urandom;
} }
do { do {
fd_set rfds; fd_set rfds;
struct timeval tv; struct timeval tv;

60
cipher/random.c
View File

@ -211,10 +211,6 @@ read_pool( byte *buffer, size_t length, int level )
if( length >= POOLSIZE ) if( length >= POOLSIZE )
BUG(); /* not allowed */ BUG(); /* not allowed */
if( !level ) { /* read simple random bytes */
read_random_source( buffer, length, level );
return;
}
/* for level 2 make sure that there is enough random in the pool */ /* for level 2 make sure that there is enough random in the pool */
if( level == 2 && pool_balance < length ) { if( level == 2 && pool_balance < length ) {
@ -236,33 +232,45 @@ read_pool( byte *buffer, size_t length, int level )
/* make sure the pool is filled */ /* make sure the pool is filled */
while( !pool_filled ) while( !pool_filled )
random_poll(); random_poll();
/* do always a fast random poll */ /* do always a fast random poll */
fast_random_poll(); fast_random_poll();
/* mix the pool (if add_randomness() didn't it) */ if( !level ) { /* no need for cryptographic strong random */
if( !just_mixed ) /* create a new pool */
for(i=0,dp=(ulong*)keypool, sp=(ulong*)rndpool;
i < POOLWORDS; i++, dp++, sp++ )
*dp = *sp + ADD_VALUE;
/* must mix both pools */
mix_pool(rndpool); mix_pool(rndpool);
mix_pool(keypool);
/* create a new pool */ memcpy( buffer, keypool, length );
for(i=0,dp=(ulong*)keypool, sp=(ulong*)rndpool; }
i < POOLWORDS; i++, dp++, sp++ ) else {
*dp = *sp + ADD_VALUE; /* mix the pool (if add_randomness() didn't it) */
/* and mix both pools */ if( !just_mixed )
mix_pool(rndpool); mix_pool(rndpool);
mix_pool(keypool); /* create a new pool */
/* read the required data for(i=0,dp=(ulong*)keypool, sp=(ulong*)rndpool;
* we use a readpoiter to read from a different postion each i < POOLWORDS; i++, dp++, sp++ )
* time */ *dp = *sp + ADD_VALUE;
while( length-- ) { /* and mix both pools */
*buffer++ = keypool[pool_readpos++]; mix_pool(rndpool);
if( pool_readpos >= POOLSIZE ) mix_pool(keypool);
pool_readpos = 0; /* read the required data
pool_balance--; * we use a readpoiter to read from a different postion each
* time */
while( length-- ) {
*buffer++ = keypool[pool_readpos++];
if( pool_readpos >= POOLSIZE )
pool_readpos = 0;
pool_balance--;
}
if( pool_balance < 0 )
pool_balance = 0;
/* and clear the keypool */
memset( keypool, 0, POOLSIZE );
} }
if( pool_balance < 0 )
pool_balance = 0;
/* and clear the keypool */
memset( keypool, 0, POOLSIZE );
} }

18
configure.in
View File

@ -31,6 +31,10 @@ AC_ARG_ENABLE(dev-random,
[ --disable-dev-random disable the use of dev random], [ --disable-dev-random disable the use of dev random],
try_dev_random=$enableval, try_dev_random=yes) try_dev_random=$enableval, try_dev_random=yes)
AC_ARG_ENABLE(dynload,
[ --disable-dynload disable dynamic loading],
try_dynload=$enableval, try_dynload=yes)
AC_MSG_CHECKING([whether memory debugging is requested]) AC_MSG_CHECKING([whether memory debugging is requested])
AC_ARG_ENABLE(m-debug, AC_ARG_ENABLE(m-debug,
[ --enable-m-debug enable debugging of memory allocation], [ --enable-m-debug enable debugging of memory allocation],
@ -114,18 +118,32 @@ AC_DEFINE_UNQUOTED(PRINTABLE_OS_NAME, "$PRINTABLE_OS_NAME")
dnl Checks for libraries. dnl Checks for libraries.
if test "$try_dynload" = yes ; then
AC_CHECK_LIB(dl,dlopen) AC_CHECK_LIB(dl,dlopen)
if test "$ac_cv_lib_dl_dlopen" = "yes"; then if test "$ac_cv_lib_dl_dlopen" = "yes"; then
AC_DEFINE(USE_DYNAMIC_LINKING) AC_DEFINE(USE_DYNAMIC_LINKING)
AC_DEFINE(HAVE_DL_DLOPEN) AC_DEFINE(HAVE_DL_DLOPEN)
DYNLINK_LDFLAGS=-rdynamic
use_gnupg_extensions=yes
else else
AC_CHECK_LIB(dld,dld_link) AC_CHECK_LIB(dld,dld_link)
if test "$ac_cv_lib_dld_dld_link" = "yes"; then if test "$ac_cv_lib_dld_dld_link" = "yes"; then
AC_DEFINE(USE_DYNAMIC_LINKING) AC_DEFINE(USE_DYNAMIC_LINKING)
AC_DEFINE(HAVE_DLD_DLD_LINK) AC_DEFINE(HAVE_DLD_DLD_LINK)
DYNLINK_LDFLAGS=-rdynamic
use_gnupg_extensions=yes
fi fi
fi fi
else
AC_MSG_CHECKING(for dynamic loading)
DYNLINK_LDFLAGS=
use_gnupg_extensions=no
AC_MSG_RESULT(has been disabled)
fi
AM_CONDITIONAL(ENABLE_GNUPG_EXTENSIONS, test "$use_gnupg_extensions" = yes )
AC_SUBST(DYNLINK_LDFLAGS)
dnl Checks for header files. dnl Checks for header files.
AC_HEADER_STDC AC_HEADER_STDC

12
doc/gpg.1pod
View File

@ -215,6 +215,11 @@ B<--no-options>
Shortcut for B<--options> I</dev/null>. This option is Shortcut for B<--options> I</dev/null>. This option is
detected before an attempt to open an option file. detected before an attempt to open an option file.
B<--load-extension> I<modulename>
Load an extension module. If I<modulename> does not
contain a slash it is searched in B</usr/local/lib/gnupg>
See the manual for more information about extensions.
B<--debug> I<flags> B<--debug> I<flags>
Set debugging flags. All flags are or-ed and I<flags> may Set debugging flags. All flags are or-ed and I<flags> may
be given in C syntax (e.g. 0x0042). be given in C syntax (e.g. 0x0042).
@ -335,8 +340,11 @@ gpgm(1) gpgd(1)
=head1 WARNINGS =head1 WARNINGS
Use a B<good> password for your user account and a non-simple passphrase Use a B<good> password for your user account and a B<good> passphrase
to protect your secret key. to protect your secret key. This passphrase is the weakest part of the
whole system. Programs to do dictionary attacks on your secret keyring
are very easy to write and so you should protect your B<~/.gnupg/>
directory very good.
Keep in mind that, if this program is used over a network (telnet), it Keep in mind that, if this program is used over a network (telnet), it
is B<very> easy to spy out your passphrase! is B<very> easy to spy out your passphrase!

17
g10/ChangeLog
View File

@ -1,3 +1,20 @@
Wed Jun 24 16:40:22 1998 Werner Koch (wk@isil.d.shuttle.de)
* armor.c (armor_filter): Now creates valid onepass_sig packets
with all detected hash algorithms.
* mainproc.c (proc_plaintext): Now uses the hash algos as specified
in the onepass_sig packets (if there are any)
Mon Jun 22 11:54:08 1998 Werner Koch (wk@isil.d.shuttle.de)
* plaintext.c (handle_plaintext): add arg to disable outout
* mainproc.c (proc_plaintext): disable output when in sigs_only mode.
Thu Jun 18 13:17:27 1998 Werner Koch (wk@isil.d.shuttle.de)
* keygen.c: Removed all rsa packet stuff, chnaged defaults
for key generation.
Sun Jun 14 21:28:31 1998 Werner Koch (wk@isil.d.shuttle.de) Sun Jun 14 21:28:31 1998 Werner Koch (wk@isil.d.shuttle.de)
* misc.c (checksum_u16): Fixed a stupid bug which caused a * misc.c (checksum_u16): Fixed a stupid bug which caused a

2
g10/Makefile.am
View File

@ -3,7 +3,7 @@
INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/intl -I../intl INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/intl -I../intl
EXTRA_DIST = OPTIONS pubring.asc EXTRA_DIST = OPTIONS pubring.asc
OMIT_DEPENDENCIES = zlib.h zconf.h OMIT_DEPENDENCIES = zlib.h zconf.h
LDFLAGS = -rdynamic LDFLAGS = @LDFLAGS@ @DYNLINK_LDFLAGS@
needed_libs = ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a needed_libs = ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a
noinst_PROGRAMS = gpgd noinst_PROGRAMS = gpgd

86
g10/armor.c
View File

@ -100,8 +100,10 @@ static char *tail_strings[] = {
}; };
static fhdr_state_t find_header( fhdr_state_t state, byte *buf, static fhdr_state_t find_header( fhdr_state_t state,
size_t *r_buflen, IOBUF a, size_t n, unsigned *r_empty); byte *buf, size_t *r_buflen,
IOBUF a, size_t n,
unsigned *r_empty, int *r_hashes );
static void static void
@ -227,7 +229,7 @@ parse_hash_header( const char *line )
found |= 2; found |= 2;
else if( !strncmp( s, "MD5", s2-s ) ) else if( !strncmp( s, "MD5", s2-s ) )
found |= 4; found |= 4;
else if( !strncmp( s, "MD2", s2-s ) ) else if( !strncmp( s, "TIGER", s2-s ) )
found |= 8; found |= 8;
else else
return 0; return 0;
@ -250,7 +252,7 @@ parse_hash_header( const char *line )
*/ */
static fhdr_state_t static fhdr_state_t
find_header( fhdr_state_t state, byte *buf, size_t *r_buflen, find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
IOBUF a, size_t n, unsigned *r_empty) IOBUF a, size_t n, unsigned *r_empty, int *r_hashes )
{ {
int c=0, i; int c=0, i;
const char *s; const char *s;
@ -319,6 +321,7 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
if( n < buflen || c == '\n' ) { if( n < buflen || c == '\n' ) {
if( n && buf[0] != '\r') { /* maybe a header */ if( n && buf[0] != '\r') { /* maybe a header */
if( strchr( buf, ':') ) { /* yes */ if( strchr( buf, ':') ) { /* yes */
int hashes;
if( buf[n-1] == '\r' ) if( buf[n-1] == '\r' )
buf[--n] = 0; buf[--n] = 0;
if( opt.verbose ) { if( opt.verbose ) {
@ -326,12 +329,15 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
print_string( stderr, buf, n, 0 ); print_string( stderr, buf, n, 0 );
putc('\n', stderr); putc('\n', stderr);
} }
if( clearsig && !parse_hash_header( buf ) ) { if( clearsig && !(hashes=parse_hash_header( buf )) ) {
log_error("invalid clearsig header\n"); log_error("invalid clearsig header\n");
state = fhdrERROR; state = fhdrERROR;
} }
else else {
state = fhdrWAITHeader; state = fhdrWAITHeader;
if( r_hashes )
*r_hashes |= hashes;
}
} }
else else
state = fhdrCHECKDashEscaped3; state = fhdrCHECKDashEscaped3;
@ -602,7 +608,8 @@ check_input( armor_filter_context_t *afx, IOBUF a )
state = fhdrHASArmor; state = fhdrHASArmor;
n = DIM(afx->helpbuf); n = DIM(afx->helpbuf);
state = find_header( state, afx->helpbuf, &n, a, afx->helplen, &emplines); state = find_header( state, afx->helpbuf, &n, a,
afx->helplen, &emplines, &afx->hashes);
switch( state ) { switch( state ) {
case fhdrNOArmor: case fhdrNOArmor:
afx->inp_checked = 1; afx->inp_checked = 1;
@ -684,7 +691,8 @@ fake_packet( armor_filter_context_t *afx, IOBUF a,
/* read a new one */ /* read a new one */
n = DIM(afx->helpbuf); n = DIM(afx->helpbuf);
afx->helpidx = 0; afx->helpidx = 0;
state = find_header( state, afx->helpbuf, &n, a, 0, &emplines ); state = find_header( state, afx->helpbuf, &n, a, 0,
&emplines, &afx->hashes );
switch( state) { switch( state) {
case fhdrERROR: case fhdrERROR:
invalid_armor(); invalid_armor();
@ -884,7 +892,7 @@ armor_filter( void *opaque, int control,
*ret_len = n; *ret_len = n;
} }
else if( control == IOBUFCTRL_UNDERFLOW ) { else if( control == IOBUFCTRL_UNDERFLOW ) {
if( size < 30 ) if( size < 15+(4*15) ) /* need space for up to 4 onepass_sigs */
BUG(); /* supplied buffer too short */ BUG(); /* supplied buffer too short */
if( afx->inp_eof ) { if( afx->inp_eof ) {
@ -907,27 +915,53 @@ armor_filter( void *opaque, int control,
afx->helplen = 0; afx->helplen = 0;
} }
else if( afx->faked ) { else if( afx->faked ) {
/* the buffer is at least 30 bytes long, so it unsigned hashes = afx->hashes;
/* the buffer is at least 15+n*15 bytes long, so it
* is easy to construct the packets */ * is easy to construct the packets */
/* first a onepass signature packet */ hashes &= 1|2|4|8;
buf[0] = 0x90; /* old packet format, type 4, 1 length byte */ if( !hashes )
buf[1] = 13; /* length */ hashes |= 4; /* default to MD 5 */
buf[2] = 3; /* version */ n=0;
buf[3] = 0x01; /* sigclass 0x01 (data in canonical text mode)*/ do {
buf[4] = 0; /* digest algo (don't know) */ /* first some onepass signature packets */
buf[5] = 0; /* public key algo (don't know) */ buf[n++] = 0x90; /* old format, type 4, 1 length byte */
memset(buf+6, 0, 8); /* don't know the keyid */ buf[n++] = 13; /* length */
buf[14] = 1; /* this is the last one */ buf[n++] = 3; /* version */
buf[n++] = 0x01; /* sigclass 0x01 (canonical text mode)*/
if( hashes & 1 ) {
hashes &= ~1;
buf[n++] = DIGEST_ALGO_RMD160;
}
else if( hashes & 2 ) {
hashes &= ~2;
buf[n++] = DIGEST_ALGO_SHA1;
}
else if( hashes & 4 ) {
hashes &= ~4;
buf[n++] = DIGEST_ALGO_MD5;
}
else if( hashes & 8 ) {
hashes &= ~8;
buf[n++] = DIGEST_ALGO_TIGER;
}
else
buf[n++] = 0; /* (don't know) */
buf[n++] = 0; /* public key algo (don't know) */
memset(buf+n, 0, 8); /* don't know the keyid */
n += 8;
buf[n++] = !hashes; /* last one */
} while( hashes );
/* followed by a plaintext packet */ /* followed by a plaintext packet */
buf[15] = 0xaf; /* old packet format, type 11, var length */ buf[n++] = 0xaf; /* old packet format, type 11, var length */
buf[16] = 0; /* set the length header */ buf[n++] = 0; /* set the length header */
buf[17] = 6; buf[n++] = 6;
buf[18] = 't'; /* canonical text mode */ buf[n++] = 't'; /* canonical text mode */
buf[19] = 0; /* namelength */ buf[n++] = 0; /* namelength */
memset(buf+20, 0, 4); /* timestamp */ memset(buf+n, 0, 4); /* timestamp */
n = 24; n += 4;
} }
else if( !rc ) else if( !rc )
rc = radix64_read( afx, a, &n, buf, size ); rc = radix64_read( afx, a, &n, buf, size );

9
g10/build-packet.c
View File

@ -517,6 +517,11 @@ build_sig_subpkt( PKT_signature *sig, sigsubpkttype_t type,
switch( type ) { switch( type ) {
case SIGSUBPKT_SIG_CREATED: case SIGSUBPKT_SIG_CREATED:
case SIGSUBPKT_PRIV_ADD_SIG: case SIGSUBPKT_PRIV_ADD_SIG:
case SIGSUBPKT_PREF_SYM:
case SIGSUBPKT_PREF_HASH:
case SIGSUBPKT_PREF_COMPR:
case SIGSUBPKT_KS_FLAGS:
case SIGSUBPKT_KEY_EXPIRE:
hashed = 1; break; hashed = 1; break;
default: hashed = 0; break; default: hashed = 0; break;
} }
@ -538,8 +543,8 @@ build_sig_subpkt( PKT_signature *sig, sigsubpkttype_t type,
: m_alloc( n+2 ); : m_alloc( n+2 );
} }
data[n0+0] = (n >> 8) & 0xff; data[0] = (n >> 8) & 0xff;
data[n0+1] = n & 0xff; data[1] = n & 0xff;
data[n0+2] = buflen+1; data[n0+2] = buflen+1;
data[n0+3] = type; data[n0+3] = type;
memcpy(data+n0+4, buffer, buflen ); memcpy(data+n0+4, buffer, buflen );

1
g10/filter.h
View File

@ -37,6 +37,7 @@ typedef struct {
byte helpbuf[100]; byte helpbuf[100];
int helpidx, helplen; int helpidx, helplen;
unsigned empty; /* empty line counter */ unsigned empty; /* empty line counter */
int hashes; /* detected hash algorithms */
int faked; int faked;
int parse_state; int parse_state;
int inp_checked; /* set if inp has been checked */ int inp_checked; /* set if inp has been checked */

54
g10/getkey.c
View File

@ -30,6 +30,7 @@
#include "iobuf.h" #include "iobuf.h"
#include "keydb.h" #include "keydb.h"
#include "options.h" #include "options.h"
#include "main.h"
#define MAX_PKC_CACHE_ENTRIES 500 #define MAX_PKC_CACHE_ENTRIES 500
@ -595,6 +596,58 @@ compare_name( const char *uid, size_t uidlen, const char *name, int mode )
} }
/****************
* Assume that knode points to a public key packet and keyblock is
* the entire keyblock. This function adds all relevant information from
* a selfsignature to the public key.
*/
static void
add_stuff_from_selfsig( KBNODE keyblock, KBNODE knode )
{
PKT_public_cert *pkc = knode->pkt->pkt.public_cert;
PKT_signature *sig;
KBNODE k;
u32 kid[2];
assert( knode->pkt->pkttype == PKT_PUBLIC_CERT
|| knode->pkt->pkttype == PKT_PUBKEY_SUBCERT );
if( pkc->version < 4 )
return; /* this is only needed for version >=4 packets */
/* find the selfsignature */
if( knode->pkt->pkttype == PKT_PUBKEY_SUBCERT ) {
k = find_kbnode( keyblock, PKT_PUBLIC_CERT );
if( !k )
BUG(); /* keyblock without primary key!!! */
keyid_from_pkc( knode->pkt->pkt.public_cert, kid );
}
else
keyid_from_pkc( pkc, kid );
for(k=keyblock; k; k = k->next ) {
if( k->pkt->pkttype == PKT_SIGNATURE
&& (sig=k->pkt->pkt.signature)->sig_class >= 0x10
&& sig->sig_class <= 0x13
&& sig->keyid[0] == kid[0]
&& sig->keyid[1] == kid[1]
&& sig->version > 3 ) {
/* okay this is (the first) self-signature which can be used
* fixme: Check how to handle subkey bindings
* FIXME: We should only use this if the signature is valid
* but this is time consuming - we muts provide another
* way to handle this
*/
const byte *p;
p = parse_sig_subpkt( sig->hashed_data, SIGSUBPKT_KEY_EXPIRE, NULL );
pkc->valid_days = p? ((buffer_to_u32(p)+86399L)/86400L):0;
/* fixme: add usage etc. to pkc */
break;
}
}
}
/**************** /****************
* Lookup a key by scanning all keyrings * Lookup a key by scanning all keyrings
* mode 1 = lookup by NAME (exact) * mode 1 = lookup by NAME (exact)
@ -718,6 +771,7 @@ lookup( PKT_public_cert *pkc, int mode, u32 *keyid,
assert( k->pkt->pkttype == PKT_PUBLIC_CERT assert( k->pkt->pkttype == PKT_PUBLIC_CERT
|| k->pkt->pkttype == PKT_PUBKEY_SUBCERT ); || k->pkt->pkttype == PKT_PUBKEY_SUBCERT );
copy_public_cert( pkc, k->pkt->pkt.public_cert ); copy_public_cert( pkc, k->pkt->pkt.public_cert );
add_stuff_from_selfsig( keyblock, k );
if( ret_keyblock ) { if( ret_keyblock ) {
*ret_keyblock = keyblock; *ret_keyblock = keyblock;
keyblock = NULL; keyblock = NULL;

79
g10/keyedit.c
View File

@ -347,7 +347,7 @@ sign_key( const char *username, STRLIST locusr )
node->pkt->pkt.user_id, node->pkt->pkt.user_id,
NULL, NULL,
skc_rover->skc, skc_rover->skc,
0x10, 0 ); 0x10, 0, NULL, NULL );
if( rc ) { if( rc ) {
log_error("make_keysig_packet failed: %s\n", g10_errstr(rc)); log_error("make_keysig_packet failed: %s\n", g10_errstr(rc));
goto leave; goto leave;
@ -720,7 +720,9 @@ int
make_keysig_packet( PKT_signature **ret_sig, PKT_public_cert *pkc, make_keysig_packet( PKT_signature **ret_sig, PKT_public_cert *pkc,
PKT_user_id *uid, PKT_public_cert *subpkc, PKT_user_id *uid, PKT_public_cert *subpkc,
PKT_secret_cert *skc, PKT_secret_cert *skc,
int sigclass, int digest_algo ) int sigclass, int digest_algo,
int (*mksubpkt)(PKT_signature *, void *), void *opaque
)
{ {
PKT_signature *sig; PKT_signature *sig;
int rc=0; int rc=0;
@ -763,45 +765,50 @@ make_keysig_packet( PKT_signature **ret_sig, PKT_public_cert *pkc,
sig->digest_algo = digest_algo; sig->digest_algo = digest_algo;
sig->timestamp = make_timestamp(); sig->timestamp = make_timestamp();
sig->sig_class = sigclass; sig->sig_class = sigclass;
if( sig->version >= 4 )
if( sig->version >= 4 ) {
build_sig_subpkt_from_sig( sig ); build_sig_subpkt_from_sig( sig );
md_putc( md, sig->version );
}
md_putc( md, sig->sig_class );
if( sig->version < 4 ) {
u32 a = sig->timestamp;
md_putc( md, (a >> 24) & 0xff );
md_putc( md, (a >> 16) & 0xff );
md_putc( md, (a >> 8) & 0xff );
md_putc( md, a & 0xff );
}
else {
byte buf[6];
size_t n;
md_putc( md, sig->pubkey_algo ); if( sig->version >= 4 && mksubpkt )
md_putc( md, sig->digest_algo ); rc = (*mksubpkt)( sig, opaque );
if( sig->hashed_data ) {
n = (sig->hashed_data[0] << 8) | sig->hashed_data[1]; if( !rc ) {
md_write( md, sig->hashed_data, n+2 ); if( sig->version >= 4 )
n += 6; md_putc( md, sig->version );
md_putc( md, sig->sig_class );
if( sig->version < 4 ) {
u32 a = sig->timestamp;
md_putc( md, (a >> 24) & 0xff );
md_putc( md, (a >> 16) & 0xff );
md_putc( md, (a >> 8) & 0xff );
md_putc( md, a & 0xff );
} }
else else {
n = 6; byte buf[6];
/* add some magic */ size_t n;
buf[0] = sig->version;
buf[1] = 0xff;
buf[2] = n >> 24; /* hmmm, n is only 16 bit, so this is always 0 */
buf[3] = n >> 16;
buf[4] = n >> 8;
buf[5] = n;
md_write( md, buf, 6 );
md_putc( md, sig->pubkey_algo );
md_putc( md, sig->digest_algo );
if( sig->hashed_data ) {
n = (sig->hashed_data[0] << 8) | sig->hashed_data[1];
md_write( md, sig->hashed_data, n+2 );
n += 6;
}
else
n = 6;
/* add some magic */
buf[0] = sig->version;
buf[1] = 0xff;
buf[2] = n >> 24; /* hmmm, n is only 16 bit, so this is always 0 */
buf[3] = n >> 16;
buf[4] = n >> 8;
buf[5] = n;
md_write( md, buf, 6 );
}
md_final(md);
rc = complete_sig( sig, skc, md );
} }
md_final(md);
rc = complete_sig( sig, skc, md );
md_close( md ); md_close( md );
if( rc ) if( rc )

242
g10/keygen.c
View File

@ -35,11 +35,6 @@
#include "i18n.h" #include "i18n.h"
#if 0
#define ENABLE_RSA_KEYGEN 1
#endif
static void static void
write_uid( KBNODE root, const char *s ) write_uid( KBNODE root, const char *s )
{ {
@ -54,6 +49,65 @@ write_uid( KBNODE root, const char *s )
} }
static int
add_key_expire( PKT_signature *sig, void *opaque )
{
PKT_secret_cert *skc = opaque;
byte buf[8];
u32 u;
if( skc->valid_days ) {
u = skc->valid_days * 86400L;
buf[0] = (u >> 24) & 0xff;
buf[1] = (u >> 16) & 0xff;
buf[2] = (u >> 8) & 0xff;
buf[3] = u & 0xff;
build_sig_subpkt( sig, SIGSUBPKT_KEY_EXPIRE, buf, 4 );
}
return 0;
}
/****************
* Add preference to the self signature packet.
* This is only called for packets with version > 3.
*/
static int
add_prefs( PKT_signature *sig, void *opaque )
{
byte buf[8];
add_key_expire( sig, opaque );
buf[0] = CIPHER_ALGO_BLOWFISH;
buf[1] = CIPHER_ALGO_CAST5;
build_sig_subpkt( sig, SIGSUBPKT_PREF_SYM, buf, 2 );
buf[0] = DIGEST_ALGO_RMD160;
buf[1] = DIGEST_ALGO_SHA1;
buf[2] = DIGEST_ALGO_TIGER;
buf[3] = DIGEST_ALGO_MD5;
build_sig_subpkt( sig, SIGSUBPKT_PREF_HASH, buf, 4 );
buf[0] = 2;
buf[1] = 1;
build_sig_subpkt( sig, SIGSUBPKT_PREF_COMPR, buf, 2 );
buf[0] = 0x80; /* no modify - It is reasonable that a key holder
* has the possibility to reject signatures from users
* who are known to sign everything without any
* validation - so a signed key should be send
* to the holder who in turn can put it on a keyserver
*/
build_sig_subpkt( sig, SIGSUBPKT_KS_FLAGS, buf, 1 );
return 0;
}
static int static int
write_selfsig( KBNODE root, KBNODE pub_root, PKT_secret_cert *skc ) write_selfsig( KBNODE root, KBNODE pub_root, PKT_secret_cert *skc )
{ {
@ -79,7 +133,8 @@ write_selfsig( KBNODE root, KBNODE pub_root, PKT_secret_cert *skc )
pkc = node->pkt->pkt.public_cert; pkc = node->pkt->pkt.public_cert;
/* and make the signature */ /* and make the signature */
rc = make_keysig_packet( &sig, pkc, uid, NULL, skc, 0x13, 0 ); rc = make_keysig_packet( &sig, pkc, uid, NULL, skc, 0x13, 0,
add_prefs, skc );
if( rc ) { if( rc ) {
log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) ); log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );
return rc; return rc;
@ -119,7 +174,8 @@ write_keybinding( KBNODE root, KBNODE pub_root, PKT_secret_cert *skc )
BUG(); BUG();
/* and make the signature */ /* and make the signature */
rc = make_keysig_packet( &sig, pkc, NULL, subpkc, skc, 0x18, 0 ); rc = make_keysig_packet( &sig, pkc, NULL, subpkc, skc, 0x18, 0,
add_key_expire, skc );
if( rc ) { if( rc ) {
log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) ); log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );
return rc; return rc;
@ -134,7 +190,7 @@ write_keybinding( KBNODE root, KBNODE pub_root, PKT_secret_cert *skc )
static int static int
gen_elg(unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek, gen_elg(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
STRING2KEY *s2k, PKT_secret_cert **ret_skc, u16 valid_days, STRING2KEY *s2k, PKT_secret_cert **ret_skc, u16 valid_days,
int version ) int version )
{ {
@ -146,7 +202,8 @@ gen_elg(unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
MPI skey[4]; MPI skey[4];
MPI *factors; MPI *factors;
rc = pubkey_generate( PUBKEY_ALGO_ELGAMAL, nbits, skey, &factors ); assert( is_ELGAMAL(algo) );
rc = pubkey_generate( algo, nbits, skey, &factors );
if( rc ) { if( rc ) {
log_error("pubkey_generate failed: %s\n", g10_errstr(rc) ); log_error("pubkey_generate failed: %s\n", g10_errstr(rc) );
return rc; return rc;
@ -157,7 +214,7 @@ gen_elg(unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
skc->timestamp = pkc->timestamp = make_timestamp(); skc->timestamp = pkc->timestamp = make_timestamp();
skc->version = pkc->version = version; skc->version = pkc->version = version;
skc->valid_days = pkc->valid_days = valid_days; skc->valid_days = pkc->valid_days = valid_days;
skc->pubkey_algo = pkc->pubkey_algo = PUBKEY_ALGO_ELGAMAL; skc->pubkey_algo = pkc->pubkey_algo = algo;
pkc->pkey[0] = mpi_copy( skey[0] ); pkc->pkey[0] = mpi_copy( skey[0] );
pkc->pkey[1] = mpi_copy( skey[1] ); pkc->pkey[1] = mpi_copy( skey[1] );
pkc->pkey[2] = mpi_copy( skey[2] ); pkc->pkey[2] = mpi_copy( skey[2] );
@ -203,73 +260,6 @@ gen_elg(unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
} }
#ifdef ENABLE_RSA_KEYGEN
static int
gen_rsa(unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
STRING2KEY *s2k, PKT_secret_cert **ret_skc, u16 valid_days )
{
int rc;
PACKET *pkt;
PKT_secret_cert *skc;
PKT_public_cert *pkc;
RSA_public_key pk;
RSA_secret_key sk;
rsa_generate( &pk, &sk, nbits );
skc = m_alloc_clear( sizeof *skc );
pkc = m_alloc_clear( sizeof *pkc );
skc->timestamp = pkc->timestamp = make_timestamp();
skc->valid_days = pkc->valid_days = valid_days;
skc->pubkey_algo = pkc->pubkey_algo = PUBKEY_ALGO_RSA;
memset(&pkc->mfx, 0, sizeof pkc->mfx);
pkc->d.rsa.rsa_n = pk.n;
pkc->d.rsa.rsa_e = pk.e;
skc->d.rsa.rsa_n = sk.n;
skc->d.rsa.rsa_e = sk.e;
skc->d.rsa.rsa_d = sk.d;
skc->d.rsa.rsa_p = sk.p;
skc->d.rsa.rsa_q = sk.q;
skc->d.rsa.rsa_u = sk.u;
skc->d.rsa.csum = checksum_mpi_counted_nbits( skc->d.rsa.rsa_d );
skc->d.rsa.csum += checksum_mpi_counted_nbits( skc->d.rsa.rsa_p );
skc->d.rsa.csum += checksum_mpi_counted_nbits( skc->d.rsa.rsa_q );
skc->d.rsa.csum += checksum_mpi_counted_nbits( skc->d.rsa.rsa_u );
if( ret_skc ) /* not a subkey: return an unprotected version of the skc */
*ret_skc = copy_secret_cert( NULL, skc );
if( dek ) {
skc->d.rsa.is_protected = 1;
skc->d.rsa.protect_algo = CIPHER_ALGO_BLOWFISH;
randomize_buffer( skc->d.rsa.protect.blowfish.iv, 8, 1);
skc->d.rsa.csum += checksum_counted_nbits(
skc->d.rsa.protect.blowfish.iv, 8 );
rc = protect_secret_key( skc, dek );
if( rc ) {
log_error("protect_secret_key failed: %s\n", g10_errstr(rc) );
free_public_cert(pkc);
free_secret_cert(skc);
return rc;
}
}
pkt = m_alloc_clear(sizeof *pkt);
pkt->pkttype = ret_skc ? PKT_PUBLIC_CERT : PKT_PUBKEY_SUBCERT;
pkt->pkt.public_cert = pkc;
add_kbnode(pub_root, new_kbnode( pkt ));
pkt = m_alloc_clear(sizeof *pkt);
pkt->pkttype = ret_skc ? PKT_SECRET_CERT : PKT_SECKEY_SUBCERT;
pkt->pkt.secret_cert = skc;
add_kbnode(sec_root, new_kbnode( pkt ));
return rc;
}
#endif /*ENABLE_RSA_KEYGEN*/
/**************** /****************
* Generate a DSA key * Generate a DSA key
*/ */
@ -298,15 +288,12 @@ gen_dsa(unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
pkc = m_alloc_clear( sizeof *pkc ); pkc = m_alloc_clear( sizeof *pkc );
skc->timestamp = pkc->timestamp = make_timestamp(); skc->timestamp = pkc->timestamp = make_timestamp();
skc->version = pkc->version = 4; skc->version = pkc->version = 4;
/* valid days are not stored in the packet, but it is
* used here to put it into the signature.
*/
skc->valid_days = pkc->valid_days = valid_days; skc->valid_days = pkc->valid_days = valid_days;
skc->pubkey_algo = pkc->pubkey_algo = PUBKEY_ALGO_DSA; skc->pubkey_algo = pkc->pubkey_algo = PUBKEY_ALGO_DSA;
pkc->pkey[0] = skey[0]; pkc->pkey[0] = mpi_copy( skey[0] );
pkc->pkey[1] = skey[1]; pkc->pkey[1] = mpi_copy( skey[1] );
pkc->pkey[2] = skey[2]; pkc->pkey[2] = mpi_copy( skey[2] );
pkc->pkey[3] = skey[3]; pkc->pkey[3] = mpi_copy( skey[3] );
skc->skey[0] = skey[0]; skc->skey[0] = skey[0];
skc->skey[1] = skey[1]; skc->skey[1] = skey[1];
skc->skey[2] = skey[2]; skc->skey[2] = skey[2];
@ -317,7 +304,7 @@ gen_dsa(unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
skc->csum = checksum_mpi_counted_nbits( skc->skey[4] ); skc->csum = checksum_mpi_counted_nbits( skc->skey[4] );
if( ret_skc ) /* not a subkey: return an unprotected version of the skc */ if( ret_skc ) /* not a subkey: return an unprotected version of the skc */
*ret_skc = copy_secret_cert( NULL, skc ); *ret_skc = copy_secret_cert( NULL, skc );
if( dek ) { if( dek ) {
skc->protect.algo = dek->algo; skc->protect.algo = dek->algo;
@ -383,47 +370,52 @@ check_valid_days( const char *s )
} }
/****************
* Returns o to create both a DSA and a ElGamal key.
*/
static int static int
ask_algo( int *ret_v4 ) ask_algo( int *ret_v4, int addmode )
{ {
char *answer; char *answer;
int algo; int algo;
tty_printf(_("Please select the algorithm to use:\n" tty_printf(_("Please select what kind of key you want:\n"));
" (1) ElGamal is the suggested one.\n" if( !addmode )
" (2) ElGamal using v4 packets (OpenPGP)\n" tty_printf(_(" (%d) DSA and ElGamal (default)\n"), 1 );
" (3) DSA can only be used for signatures.\n")); tty_printf( _(" (%d) ElGamal (sign and encrypt)\n"), 2 );
#ifdef ENABLE_RSA_KEYGEN tty_printf( _(" (%d) ElGamal (encrypt only)\n"), 3 );
tty_printf(_(" (4) RSA cannot be used in the U.S.\n")); tty_printf( _(" (%d) DSA (sign only)\n"), 4 );
#endif tty_printf( _(" (%d) ElGamal in a v3 packet\n"), 5 );
*ret_v4 = 0; *ret_v4 = 1;
for(;;) { for(;;) {
#ifdef ENABLE_RSA_KEYGEN answer = tty_get(_("Your selection? "));
answer = tty_get(_("Your selection? (1,2,3,4) "));
#else
answer = tty_get(_("Your selection? (1,2,3) "));
#endif
tty_kill_prompt(); tty_kill_prompt();
algo = *answer? atoi(answer): 1; algo = *answer? atoi(answer): 1;
m_free(answer); m_free(answer);
if( algo == 1 || algo == 2 ) { if( algo == 1 && !addmode ) {
if( algo == 2 ) algo = 0; /* create both keys */
*ret_v4 = 1; break;
}
else if( algo == 2 ) {
algo = PUBKEY_ALGO_ELGAMAL; algo = PUBKEY_ALGO_ELGAMAL;
break; break;
} }
else if( algo == 3 ) { else if( algo == 3 ) {
*ret_v4 = 1; algo = PUBKEY_ALGO_ELGAMAL_E;
break;
}
else if( algo == 4 ) {
algo = PUBKEY_ALGO_DSA; algo = PUBKEY_ALGO_DSA;
break; break;
} }
#ifdef ENABLE_RSA_KEYGEN else if( algo == 5 ) {
else if( algo == 4 ) { algo = PUBKEY_ALGO_ELGAMAL_E;
algo = PUBKEY_ALGO_RSA; *ret_v4 = 0;
break; break;
} }
#endif else
tty_printf(_("Invalid selection.\n"));
} }
return algo; return algo;
} }
@ -703,13 +695,9 @@ do_create( int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root,
"network and the disks) during the prime generation; this gives the random\n" "network and the disks) during the prime generation; this gives the random\n"
"number generator a better chance to gain enough entropy.\n") ); "number generator a better chance to gain enough entropy.\n") );
if( algo == PUBKEY_ALGO_ELGAMAL ) if( algo == PUBKEY_ALGO_ELGAMAL || algo == PUBKEY_ALGO_ELGAMAL_E )
rc = gen_elg(nbits, pub_root, sec_root, dek, s2k, rc = gen_elg(algo, nbits, pub_root, sec_root, dek, s2k,
skc, valid_days, v4_packet? 4:3 ); skc, valid_days, v4_packet? 4:3 );
#ifdef ENABLE_RSA_KEYGEN
else if( algo == PUBKEY_ALGO_RSA )
rc = gen_rsa(nbits, pub_root, sec_root, dek, s2k, skc, valid_days );
#endif
else if( algo == PUBKEY_ALGO_DSA ) else if( algo == PUBKEY_ALGO_DSA )
rc = gen_dsa(nbits, pub_root, sec_root, dek, s2k, skc, valid_days); rc = gen_dsa(nbits, pub_root, sec_root, dek, s2k, skc, valid_days);
else else
@ -745,13 +733,19 @@ generate_keypair()
int algo; int algo;
int ndays; int ndays;
int v4; int v4;
int both = 0;
if( opt.batch || opt.answer_yes || opt.answer_no ) { if( opt.batch || opt.answer_yes || opt.answer_no ) {
log_error(_("Key generation can only be used in interactive mode\n")); log_error(_("Key generation can only be used in interactive mode\n"));
return; return;
} }
algo = ask_algo( &v4 ); algo = ask_algo( &v4, 0 );
if( !algo ) {
algo = PUBKEY_ALGO_ELGAMAL;
both = 1;
tty_printf(_("DSA keypair will have 1024 bits.\n"));
}
nbits = ask_keysize( algo ); nbits = ask_keysize( algo );
ndays = ask_valid_days(); ndays = ask_valid_days();
uid = ask_user_id(); uid = ask_user_id();
@ -774,7 +768,12 @@ generate_keypair()
pub_root = make_comment_node("#"); delete_kbnode(pub_root); pub_root = make_comment_node("#"); delete_kbnode(pub_root);
sec_root = make_comment_node("#"); delete_kbnode(sec_root); sec_root = make_comment_node("#"); delete_kbnode(sec_root);
rc = do_create( algo, nbits, pub_root, sec_root, dek, s2k, &skc, ndays, v4); if( both )
rc = do_create( PUBKEY_ALGO_DSA, 1024, pub_root, sec_root,
dek, s2k, &skc, ndays, 1);
else
rc = do_create( algo, nbits, pub_root, sec_root,
dek, s2k, &skc, ndays, v4);
if( !rc ) if( !rc )
write_uid(pub_root, uid ); write_uid(pub_root, uid );
if( !rc ) if( !rc )
@ -784,6 +783,16 @@ generate_keypair()
if( !rc ) if( !rc )
rc = write_selfsig(sec_root, pub_root, skc); rc = write_selfsig(sec_root, pub_root, skc);
if( both ) {
rc = do_create( algo, nbits, pub_root, sec_root,
dek, s2k, NULL, ndays, 1 );
if( !rc )
rc = write_keybinding(pub_root, pub_root, skc);
if( !rc )
rc = write_keybinding(sec_root, pub_root, skc);
}
if( !rc ) { if( !rc ) {
KBPOS pub_kbpos; KBPOS pub_kbpos;
KBPOS sec_kbpos; KBPOS sec_kbpos;
@ -958,7 +967,8 @@ generate_subkeypair( const char *username )
goto leave; goto leave;
algo = ask_algo( &v4 ); algo = ask_algo( &v4, 1 );
assert(algo);
nbits = ask_keysize( algo ); nbits = ask_keysize( algo );
ndays = ask_valid_days(); ndays = ask_valid_days();

1
g10/main.h
View File

@ -50,6 +50,7 @@ u16 checksum_u16( unsigned n );
u16 checksum( byte *p, unsigned n ); u16 checksum( byte *p, unsigned n );
u16 checksum_mpi( MPI a ); u16 checksum_mpi( MPI a );
u16 checksum_mpi_counted_nbits( MPI a ); u16 checksum_mpi_counted_nbits( MPI a );
u32 buffer_to_u32( const byte *buffer );
/*-- encode.c --*/ /*-- encode.c --*/
int encode_symmetric( const char *filename ); int encode_symmetric( const char *filename );

49
g10/mainproc.c
View File

@ -232,25 +232,42 @@ static void
proc_plaintext( CTX c, PACKET *pkt ) proc_plaintext( CTX c, PACKET *pkt )
{ {
PKT_plaintext *pt = pkt->pkt.plaintext; PKT_plaintext *pt = pkt->pkt.plaintext;
int rc; int any, rc;
KBNODE n;
if( opt.verbose ) if( opt.verbose )
log_info("original file name='%.*s'\n", pt->namelen, pt->name); log_info("original file name='%.*s'\n", pt->namelen, pt->name);
free_md_filter_context( &c->mfx ); free_md_filter_context( &c->mfx );
/* FIXME: take the digest algo(s) to use from the /* fixme: look at the sigclass to check whether we should use the
* onepass_sig packet (if we have these) * textmode filter (sigclass 0x01)
* And look at the sigclass to check whether we should use the
* textmode filter (sigclass 0x01)
*/ */
c->mfx.md = md_open( DIGEST_ALGO_RMD160, 0); c->mfx.md = md_open( 0, 0);
/*md_start_debug(c->mfx.md, "proc_plaintext");*/ any = 0;
md_enable( c->mfx.md, DIGEST_ALGO_SHA1 ); for(n=c->list; n; n = n->next ) {
md_enable( c->mfx.md, DIGEST_ALGO_MD5 ); if( n->pkt->pkttype == PKT_ONEPASS_SIG
if( !check_digest_algo(DIGEST_ALGO_TIGER) ) && n->pkt->pkt.onepass_sig->digest_algo ) {
md_enable( c->mfx.md, DIGEST_ALGO_TIGER ); md_enable( c->mfx.md, n->pkt->pkt.onepass_sig->digest_algo );
rc = handle_plaintext( pt, &c->mfx ); any = 1;
}
}
if( !any ) { /* no onepass sig packet: enable all algos */
md_enable( c->mfx.md, DIGEST_ALGO_RMD160 );
md_enable( c->mfx.md, DIGEST_ALGO_SHA1 );
md_enable( c->mfx.md, DIGEST_ALGO_MD5 );
}
if( c->mfx.md ) {
m_check(c->mfx.md);
if( c->mfx.md->list )
m_check( c->mfx.md->list );
}
rc = handle_plaintext( pt, &c->mfx, c->sigs_only );
if( rc ) if( rc )
log_error( "handle plaintext failed: %s\n", g10_errstr(rc)); log_error( "handle plaintext failed: %s\n", g10_errstr(rc));
if( c->mfx.md ) {
m_check(c->mfx.md);
if( c->mfx.md->list )
m_check( c->mfx.md->list );
}
free_packet(pkt); free_packet(pkt);
c->last_was_session_key = 0; c->last_was_session_key = 0;
} }
@ -312,6 +329,12 @@ do_check_sig( CTX c, KBNODE node, int *is_selfsig )
if( (rc=check_digest_algo(algo)) ) if( (rc=check_digest_algo(algo)) )
return rc; return rc;
if( c->mfx.md ) {
m_check(c->mfx.md);
if( c->mfx.md->list )
m_check( c->mfx.md->list );
}
if( sig->sig_class == 0x00 ) { if( sig->sig_class == 0x00 ) {
if( c->mfx.md ) if( c->mfx.md )
md = md_copy( c->mfx.md ); md = md_copy( c->mfx.md );
@ -792,7 +815,7 @@ check_sig_and_print( CTX c, KBNODE node )
tstr = asctime(localtime (&stamp)); tstr = asctime(localtime (&stamp));
astr = pubkey_algo_to_string( sig->pubkey_algo ); astr = pubkey_algo_to_string( sig->pubkey_algo );
log_info(_("Signature made %.*s using %s key ID %08lX\n"), log_info(_("Signature made %.*s using %s key ID %08lX\n"),
strlen(tstr)-1, tstr, astr? astr: "?", (ulong)sig->keyid[1] ); (int)strlen(tstr)-1, tstr, astr? astr: "?", (ulong)sig->keyid[1] );
rc = do_check_sig(c, node, NULL ); rc = do_check_sig(c, node, NULL );
if( !rc || rc == G10ERR_BAD_SIGN ) { if( !rc || rc == G10ERR_BAD_SIGN ) {

12
g10/misc.c
View File

@ -152,3 +152,15 @@ checksum_mpi_counted_nbits( MPI a )
return csum; return csum;
} }
u32
buffer_to_u32( const byte *buffer )
{
unsigned long a;
a = *buffer << 24;
a |= buffer[1] << 16;
a |= buffer[2] << 8;
a |= buffer[3];
return a;
}

6
g10/packet.h
View File

@ -276,7 +276,7 @@ int decrypt_data( PKT_encrypted *ed, DEK *dek );
int encrypt_data( PKT_encrypted *ed, DEK *dek ); int encrypt_data( PKT_encrypted *ed, DEK *dek );
/*-- plaintext.c --*/ /*-- plaintext.c --*/
int handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx ); int handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,int nooutput);
int ask_for_detached_datafile( md_filter_context_t *mfx, const char *inname ); int ask_for_detached_datafile( md_filter_context_t *mfx, const char *inname );
/*-- comment.c --*/ /*-- comment.c --*/
@ -286,6 +286,8 @@ int write_comment( IOBUF out, const char *s );
int make_keysig_packet( PKT_signature **ret_sig, PKT_public_cert *pkc, int make_keysig_packet( PKT_signature **ret_sig, PKT_public_cert *pkc,
PKT_user_id *uid, PKT_public_cert *subpkc, PKT_user_id *uid, PKT_public_cert *subpkc,
PKT_secret_cert *skc, PKT_secret_cert *skc,
int sigclass, int digest_algo ); int sigclass, int digest_algo,
int (*mksubpkt)(PKT_signature *, void *),
void *opaque );
#endif /*G10_PACKET_H*/ #endif /*G10_PACKET_H*/

13
g10/parse-packet.c
View File

@ -32,6 +32,7 @@
#include "memory.h" #include "memory.h"
#include "filter.h" #include "filter.h"
#include "options.h" #include "options.h"
#include "main.h"
static int mpi_print_mode = 0; static int mpi_print_mode = 0;
static int list_mode = 0; static int list_mode = 0;
@ -85,16 +86,6 @@ read_32(IOBUF inp)
return a; return a;
} }
static unsigned long
buffer_to_u32( const byte *buffer )
{
unsigned long a;
a = *buffer << 24;
a |= buffer[1] << 16;
a |= buffer[2] << 8;
a |= buffer[3];
return a;
}
int int
set_packet_list_mode( int mode ) set_packet_list_mode( int mode )
@ -622,6 +613,8 @@ parse_sig_subpkt( const byte *buffer, sigsubpkttype_t reqtype, size_t *ret_n )
*ret_n = n; *ret_n = n;
switch( type ) { switch( type ) {
case SIGSUBPKT_SIG_CREATED: case SIGSUBPKT_SIG_CREATED:
case SIGSUBPKT_SIG_EXPIRE:
case SIGSUBPKT_KEY_EXPIRE:
if( n < 4 ) if( n < 4 )
break; break;
return buffer; return buffer;

37
g10/plaintext.c
View File

@ -40,16 +40,18 @@
* bytes from the plaintext. * bytes from the plaintext.
*/ */
int int
handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx ) handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx, int nooutput )
{ {
char *fname; char *fname = NULL;
FILE *fp = NULL; FILE *fp = NULL;
int rc = 0; int rc = 0;
int c; int c;
int convert = pt->mode == 't'; int convert = pt->mode == 't';
/* create the filename as C string */ /* create the filename as C string */
if( opt.outfile ) { if( nooutput )
;
else if( opt.outfile ) {
fname = m_alloc( strlen( opt.outfile ) + 1); fname = m_alloc( strlen( opt.outfile ) + 1);
strcpy(fname, opt.outfile ); strcpy(fname, opt.outfile );
} }
@ -59,14 +61,16 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx )
fname[pt->namelen] = 0; fname[pt->namelen] = 0;
} }
if( !*fname || (*fname=='-' && !fname[1])) { if( nooutput )
;
else if( !*fname || (*fname=='-' && !fname[1])) {
/* no filename or "-" given; write to stdout */ /* no filename or "-" given; write to stdout */
fp = stdout; fp = stdout;
} }
else if( overwrite_filep( fname ) ) else if( overwrite_filep( fname ) )
goto leave; goto leave;
if( fp ) if( fp || nooutput )
; ;
else if( !(fp = fopen(fname,"wb")) ) { else if( !(fp = fopen(fname,"wb")) ) {
log_error("Error creating '%s': %s\n", fname, strerror(errno) ); log_error("Error creating '%s': %s\n", fname, strerror(errno) );
@ -86,10 +90,13 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx )
md_putc(mfx->md, c ); md_putc(mfx->md, c );
if( convert && c == '\r' ) if( convert && c == '\r' )
continue; /* FIXME: this hack is too simple */ continue; /* FIXME: this hack is too simple */
if( putc( c, fp ) == EOF ) { if( fp ) {
log_error("Error writing to '%s': %s\n", fname, strerror(errno) ); if( putc( c, fp ) == EOF ) {
rc = G10ERR_WRITE_FILE; log_error("Error writing to '%s': %s\n",
goto leave; fname, strerror(errno) );
rc = G10ERR_WRITE_FILE;
goto leave;
}
} }
} }
} }
@ -99,11 +106,13 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx )
md_putc(mfx->md, c ); md_putc(mfx->md, c );
if( convert && c == '\r' ) if( convert && c == '\r' )
continue; /* FIXME: this hack is too simple */ continue; /* FIXME: this hack is too simple */
if( putc( c, fp ) == EOF ) { if( fp ) {
log_error("Error writing to '%s': %s\n", if( putc( c, fp ) == EOF ) {
fname, strerror(errno) ); log_error("Error writing to '%s': %s\n",
rc = G10ERR_WRITE_FILE; fname, strerror(errno) );
goto leave; rc = G10ERR_WRITE_FILE;
goto leave;
}
} }
} }
iobuf_clear_eof(pt->buf); iobuf_clear_eof(pt->buf);

2
g10/revoke.c
View File

@ -159,7 +159,7 @@ gen_revoke( const char *uname )
/* create it */ /* create it */
rc = make_keysig_packet( &sig, pkc, NULL, NULL, skc, 0x20, 0); rc = make_keysig_packet( &sig, pkc, NULL, NULL, skc, 0x20, 0, NULL, NULL);
if( rc ) { if( rc ) {
log_error("make_keysig_packet failed: %s\n", g10_errstr(rc)); log_error("make_keysig_packet failed: %s\n", g10_errstr(rc));
goto leave; goto leave;

17
g10/sig-check.c
View File

@ -31,6 +31,7 @@
#include "cipher.h" #include "cipher.h"
#include "main.h" #include "main.h"
#include "status.h" #include "status.h"
#include "i18n.h"
struct cmp_help_context_s { struct cmp_help_context_s {
PKT_signature *sig; PKT_signature *sig;
@ -148,6 +149,7 @@ do_check( PKT_public_cert *pkc, PKT_signature *sig, MD_HANDLE digest )
MPI result = NULL; MPI result = NULL;
int rc=0; int rc=0;
struct cmp_help_context_s ctx; struct cmp_help_context_s ctx;
u32 cur_time;
if( pkc->version == 4 && pkc->pubkey_algo == PUBKEY_ALGO_ELGAMAL_E ) { if( pkc->version == 4 && pkc->pubkey_algo == PUBKEY_ALGO_ELGAMAL_E ) {
log_info("this is a PGP generated " log_info("this is a PGP generated "
@ -158,6 +160,21 @@ do_check( PKT_public_cert *pkc, PKT_signature *sig, MD_HANDLE digest )
if( pkc->timestamp > sig->timestamp ) if( pkc->timestamp > sig->timestamp )
return G10ERR_TIME_CONFLICT; /* pubkey newer that signature */ return G10ERR_TIME_CONFLICT; /* pubkey newer that signature */
cur_time = make_timestamp();
if( pkc->timestamp > cur_time ) {
log_info(_("public key created in future (time warp or clock problem)\n"));
return G10ERR_TIME_CONFLICT;
}
if( pkc->valid_days && add_days_to_timestamp(pkc->timestamp,
pkc->valid_days) < cur_time ) {
log_info(_("warning: signature key expired %s\n"), strtimestamp(
add_days_to_timestamp(pkc->timestamp,
pkc->valid_days)));
write_status(STATUS_SIGEXPIRED);
}
if( (rc=check_digest_algo(sig->digest_algo)) ) if( (rc=check_digest_algo(sig->digest_algo)) )
return rc; return rc;
if( (rc=check_pubkey_algo(sig->pubkey_algo)) ) if( (rc=check_pubkey_algo(sig->pubkey_algo)) )

34
g10/sign.c
View File

@ -98,7 +98,22 @@ hash_for(int pubkey_algo )
return DEFAULT_DIGEST_ALGO; return DEFAULT_DIGEST_ALGO;
} }
static int
only_old_style( SKC_LIST skc_list )
{
SKC_LIST skc_rover = NULL;
int old_style = 0;
/* if there are only old style capable key we use the old sytle */
for( skc_rover = skc_list; skc_rover; skc_rover = skc_rover->next ) {
PKT_secret_cert *skc = skc_rover->skc;
if( skc->pubkey_algo == PUBKEY_ALGO_RSA && skc->version < 4 )
old_style = 1;
else
return 0;
}
return old_style;
}
/**************** /****************
* Sign the files whose names are in FILENAME. * Sign the files whose names are in FILENAME.
@ -131,6 +146,8 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
SKC_LIST skc_list = NULL; SKC_LIST skc_list = NULL;
SKC_LIST skc_rover = NULL; SKC_LIST skc_rover = NULL;
int multifile = 0; int multifile = 0;
int old_style = opt.rfc1991;
memset( &afx, 0, sizeof afx); memset( &afx, 0, sizeof afx);
memset( &zfx, 0, sizeof zfx); memset( &zfx, 0, sizeof zfx);
@ -151,6 +168,8 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
if( (rc=build_skc_list( locusr, &skc_list, 1, 1 )) ) if( (rc=build_skc_list( locusr, &skc_list, 1, 1 )) )
goto leave; goto leave;
if( !old_style )
old_style = only_old_style( skc_list );
if( encrypt ) { if( encrypt ) {
if( (rc=build_pkc_list( remusr, &pkc_list, 2 )) ) if( (rc=build_pkc_list( remusr, &pkc_list, 2 )) )
goto leave; goto leave;
@ -204,11 +223,13 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
iobuf_push_filter( out, encrypt_filter, &efx ); iobuf_push_filter( out, encrypt_filter, &efx );
} }
if( opt.compress && !outfile ) if( opt.compress && !outfile ) {
if( old_style )
zfx.algo = 1;
iobuf_push_filter( out, compress_filter, &zfx ); iobuf_push_filter( out, compress_filter, &zfx );
}
if( !detached && !old_style ) {
if( !detached && !opt.rfc1991 ) {
/* loop over the secret certificates and build headers */ /* loop over the secret certificates and build headers */
for( skc_rover = skc_list; skc_rover; skc_rover = skc_rover->next ) { for( skc_rover = skc_list; skc_rover; skc_rover = skc_rover->next ) {
PKT_secret_cert *skc; PKT_secret_cert *skc;
@ -439,6 +460,7 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
int rc = 0; int rc = 0;
SKC_LIST skc_list = NULL; SKC_LIST skc_list = NULL;
SKC_LIST skc_rover = NULL; SKC_LIST skc_rover = NULL;
int old_style = opt.rfc1991;
memset( &afx, 0, sizeof afx); memset( &afx, 0, sizeof afx);
memset( &tfx, 0, sizeof tfx); memset( &tfx, 0, sizeof tfx);
@ -446,6 +468,8 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
if( (rc=build_skc_list( locusr, &skc_list, 1, 1 )) ) if( (rc=build_skc_list( locusr, &skc_list, 1, 1 )) )
goto leave; goto leave;
if( !old_style )
old_style = only_old_style( skc_list );
/* prepare iobufs */ /* prepare iobufs */
if( !(inp = iobuf_open(fname)) ) { if( !(inp = iobuf_open(fname)) ) {
@ -469,9 +493,9 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
goto leave; goto leave;
} }
/* FIXME: This stuff is not correct if mutliple hash algos are used*/ /* FIXME: This stuff is not correct if multiple hash algos are used*/
iobuf_writestr(out, "-----BEGIN PGP SIGNED MESSAGE-----\n" ); iobuf_writestr(out, "-----BEGIN PGP SIGNED MESSAGE-----\n" );
if( opt.rfc1991 if( old_style
|| (opt.def_digest_algo?opt.def_digest_algo:DEFAULT_DIGEST_ALGO) || (opt.def_digest_algo?opt.def_digest_algo:DEFAULT_DIGEST_ALGO)
== DIGEST_ALGO_MD5 ) == DIGEST_ALGO_MD5 )
iobuf_writestr(out, "\n" ); iobuf_writestr(out, "\n" );

1
g10/status.c
View File

@ -53,6 +53,7 @@ write_status_text( int no, const char *text)
case STATUS_LEAVE : s = "LEAVE\n"; break; case STATUS_LEAVE : s = "LEAVE\n"; break;
case STATUS_ABORT : s = "ABORT\n"; break; case STATUS_ABORT : s = "ABORT\n"; break;
case STATUS_GOODSIG: s = "GOODSIG\n"; break; case STATUS_GOODSIG: s = "GOODSIG\n"; break;
case STATUS_SIGEXPIRED: s = "SIGEXPIRED\n"; break;
case STATUS_BADSIG : s = "BADSIG\n"; break; case STATUS_BADSIG : s = "BADSIG\n"; break;
case STATUS_ERRSIG : s = "ERRSIG\n"; break; case STATUS_ERRSIG : s = "ERRSIG\n"; break;
case STATUS_BADARMOR : s = "BADARMOR\n"; break; case STATUS_BADARMOR : s = "BADARMOR\n"; break;

2
g10/status.h
View File

@ -33,7 +33,7 @@
#define STATUS_BADARMOR 7 #define STATUS_BADARMOR 7
#define STATUS_RSA_OR_IDEA 8 #define STATUS_RSA_OR_IDEA 8
#define STATUS_SIGEXPIRED 9
/*-- status.c --*/ /*-- status.c --*/
void set_status_fd( int fd ); void set_status_fd( int fd );

2
g10/trustdb.c
View File

@ -1705,7 +1705,7 @@ check_trust( PKT_public_cert *pkc, unsigned *r_trustlevel )
TRUSTREC rec; TRUSTREC rec;
unsigned trustlevel = TRUST_UNKNOWN; unsigned trustlevel = TRUST_UNKNOWN;
int rc=0; int rc=0;
int cur_time; u32 cur_time;
if( DBG_TRUST ) if( DBG_TRUST )
log_info("check_trust() called.\n"); log_info("check_trust() called.\n");

2
include/cipher.h
View File

@ -78,7 +78,9 @@ typedef struct {
int bufcount; int bufcount;
int secure; int secure;
FILE *debug; FILE *debug;
int guard1;
struct md_digest_list_s *list; struct md_digest_list_s *list;
int guard2;
} *MD_HANDLE; } *MD_HANDLE;

4
mpi/ChangeLog
View File

@ -1,3 +1,7 @@
Thu Jun 25 11:50:01 1998 Werner Koch (wk@isil.d.shuttle.de)
* mips3/*.S: New
Mon May 18 13:47:06 1998 Werner Koch (wk@isil.d.shuttle.de) Mon May 18 13:47:06 1998 Werner Koch (wk@isil.d.shuttle.de)
* config.links: split mpih-shift into mpih-[lr]shift and * config.links: split mpih-shift into mpih-[lr]shift and

9
mpi/mips3/distfiles Normal file
View File

@ -0,0 +1,9 @@
README
mpih-add1.S
mpih-sub1.S
mpih-mul1.S
mpih-mul2.S
mpih-mul3.S
mpih-lshift.S
mpih-rshift.S

122
mpi/mips3/mpih-add1.S Normal file
View File

@ -0,0 +1,122 @@
/* mips3 add_n -- Add two limb vectors of the same length > 0 and store
* sum in a third limb vector.
* Copyright (C) 1995, 1998 Free Software Foundation, Inc.
*
* This file is part of GNUPG.
*
* GNUPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GNUPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/*******************
* mpi_limb_t
* mpihelp_add_n( mpi_ptr_t res_ptr, ($4)
* mpi_ptr_t s1_ptr, ($5)
* mpi_ptr_t s2_ptr, ($6)
* mpi_size_t size) ($7)
*/
.text
.align 2
.globl mpihelp_add_n
.ent mpihelp_add_n
mpihelp_add_n:
.set noreorder
.set nomacro
ld $10,0($5)
ld $11,0($6)
daddiu $7,$7,-1
and $9,$7,4-1 # number of limbs in first loop
beq $9,$0,.L0 # if multiple of 4 limbs, skip first loop
move $2,$0
dsubu $7,$7,$9
.Loop0: daddiu $9,$9,-1
ld $12,8($5)
daddu $11,$11,$2
ld $13,8($6)
sltu $8,$11,$2
daddu $11,$10,$11
sltu $2,$11,$10
sd $11,0($4)
or $2,$2,$8
daddiu $5,$5,8
daddiu $6,$6,8
move $10,$12
move $11,$13
bne $9,$0,.Loop0
daddiu $4,$4,8
.L0: beq $7,$0,.Lend
nop
.Loop: daddiu $7,$7,-4
ld $12,8($5)
daddu $11,$11,$2
ld $13,8($6)
sltu $8,$11,$2
daddu $11,$10,$11
sltu $2,$11,$10
sd $11,0($4)
or $2,$2,$8
ld $10,16($5)
daddu $13,$13,$2
ld $11,16($6)
sltu $8,$13,$2
daddu $13,$12,$13
sltu $2,$13,$12
sd $13,8($4)
or $2,$2,$8
ld $12,24($5)
daddu $11,$11,$2
ld $13,24($6)
sltu $8,$11,$2
daddu $11,$10,$11
sltu $2,$11,$10
sd $11,16($4)
or $2,$2,$8
ld $10,32($5)
daddu $13,$13,$2
ld $11,32($6)
sltu $8,$13,$2
daddu $13,$12,$13
sltu $2,$13,$12
sd $13,24($4)
or $2,$2,$8
daddiu $5,$5,32
daddiu $6,$6,32
bne $7,$0,.Loop
daddiu $4,$4,32
.Lend: daddu $11,$11,$2
sltu $8,$11,$2
daddu $11,$10,$11
sltu $2,$11,$10
sd $11,0($4)
j $31
or $2,$2,$8
.end mpihelp_add_n

95
mpi/mips3/mpih-lshift.S Normal file
View File

@ -0,0 +1,95 @@
/* mips3 lshift
* Copyright (C) 1995, 1998 Free Software Foundation, Inc.
*
* This file is part of GNUPG.
*
* GNUPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GNUPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/*******************
* mpi_limb_t
* mpihelp_lshift( mpi_ptr_t wp, ($4)
* mpi_ptr_t up, ($5)
* mpi_size_t usize, ($6)
* unsigned cnt) ($7)
*/
.text
.align 2
.globl mpihelp_lshift
.ent mpihelp_lshift
mpihelp_lshift:
.set noreorder
.set nomacro
dsll $2,$6,3
daddu $5,$5,$2 # make r5 point at end of src
ld $10,-8($5) # load first limb
dsubu $13,$0,$7
daddu $4,$4,$2 # make r4 point at end of res
daddiu $6,$6,-1
and $9,$6,4-1 # number of limbs in first loop
beq $9,$0,.L0 # if multiple of 4 limbs, skip first loop
dsrl $2,$10,$13 # compute function result
dsubu $6,$6,$9
.Loop0: ld $3,-16($5)
daddiu $4,$4,-8
daddiu $5,$5,-8
daddiu $9,$9,-1
dsll $11,$10,$7
dsrl $12,$3,$13
move $10,$3
or $8,$11,$12
bne $9,$0,.Loop0
sd $8,0($4)
.L0: beq $6,$0,.Lend
nop
.Loop: ld $3,-16($5)
daddiu $4,$4,-32
daddiu $6,$6,-4
dsll $11,$10,$7
dsrl $12,$3,$13
ld $10,-24($5)
dsll $14,$3,$7
or $8,$11,$12
sd $8,24($4)
dsrl $9,$10,$13
ld $3,-32($5)
dsll $11,$10,$7
or $8,$14,$9
sd $8,16($4)
dsrl $12,$3,$13
ld $10,-40($5)
dsll $14,$3,$7
or $8,$11,$12
sd $8,8($4)
dsrl $9,$10,$13
daddiu $5,$5,-32
or $8,$14,$9
bgtz $6,.Loop
sd $8,0($4)
.Lend: dsll $8,$10,$7
j $31
sd $8,-8($4)
.end mpihelp_lshift

87
mpi/mips3/mpih-mul1.S Normal file
View File

@ -0,0 +1,87 @@
/* mips3 mpih-mul1.S -- Multiply a limb vector with a limb and store
* the result in a second limb vector.
* Copyright (C) 1992, 1994, 1995, 1998 Free Software Foundation, Inc.
*
* This file is part of GNUPG.
*
* GNUPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GNUPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/*******************
* mpi_limb_t
* mpihelp_mul_1( mpi_ptr_t res_ptr, (r4)
* mpi_ptr_t s1_ptr, (r5)
* mpi_size_t s1_size, (r6)
* mpi_limb_t s2_limb) (r7)
*/
.text
.align 4
.globl mpihelp_mul_1
.ent mpihelp_mul_1
mpihelp_mul_1:
.set noreorder
.set nomacro
# warm up phase 0
ld $8,0($5)
# warm up phase 1
daddiu $5,$5,8
dmultu $8,$7
daddiu $6,$6,-1
beq $6,$0,$LC0
move $2,$0 # zero cy2
daddiu $6,$6,-1
beq $6,$0,$LC1
ld $8,0($5) # load new s1 limb as early as possible
Loop: mflo $10
mfhi $9
daddiu $5,$5,8
daddu $10,$10,$2 # add old carry limb to low product limb
dmultu $8,$7
ld $8,0($5) # load new s1 limb as early as possible
daddiu $6,$6,-1 # decrement loop counter
sltu $2,$10,$2 # carry from previous addition -> $2
sd $10,0($4)
daddiu $4,$4,8
bne $6,$0,Loop
daddu $2,$9,$2 # add high product limb and carry from addition
# cool down phase 1
$LC1: mflo $10
mfhi $9
daddu $10,$10,$2
sltu $2,$10,$2
dmultu $8,$7
sd $10,0($4)
daddiu $4,$4,8
daddu $2,$9,$2 # add high product limb and carry from addition
# cool down phase 0
$LC0: mflo $10
mfhi $9
daddu $10,$10,$2
sltu $2,$10,$2
sd $10,0($4)
j $31
daddu $2,$9,$2 # add high product limb and carry from addition
.end mpihelp_mul_1

99
mpi/mips3/mpih-mul2.S Normal file
View File

@ -0,0 +1,99 @@
/* MIPS3 addmul_1 -- Multiply a limb vector with a single limb and
* add the product to a second limb vector.
* Copyright (C) 1992, 1994, 1995, 1998 Free Software Foundation, Inc.
*
* This file is part of GNUPG.
*
* GNUPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GNUPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/*******************
* mpi_limb_t
* mpihelp_addmul_1( mpi_ptr_t res_ptr, (r4)
* mpi_ptr_t s1_ptr, (r5)
* mpi_size_t s1_size, (r6)
* mpi_limb_t s2_limb) (r7)
*/
.text
.align 4
.globl mpihelp_addmul_1
.ent mpihelp_addmul_1
mpihelp_addmul_1:
.set noreorder
.set nomacro
# warm up phase 0
ld $8,0($5)
# warm up phase 1
daddiu $5,$5,8
dmultu $8,$7
daddiu $6,$6,-1
beq $6,$0,$LC0
move $2,$0 # zero cy2
daddiu $6,$6,-1
beq $6,$0,$LC1
ld $8,0($5) # load new s1 limb as early as possible
Loop: ld $10,0($4)
mflo $3
mfhi $9
daddiu $5,$5,8
daddu $3,$3,$2 # add old carry limb to low product limb
dmultu $8,$7
ld $8,0($5) # load new s1 limb as early as possible
daddiu $6,$6,-1 # decrement loop counter
sltu $2,$3,$2 # carry from previous addition -> $2
daddu $3,$10,$3
sltu $10,$3,$10
daddu $2,$2,$10
sd $3,0($4)
daddiu $4,$4,8
bne $6,$0,Loop
daddu $2,$9,$2 # add high product limb and carry from addition
# cool down phase 1
$LC1: ld $10,0($4)
mflo $3
mfhi $9
daddu $3,$3,$2
sltu $2,$3,$2
dmultu $8,$7
daddu $3,$10,$3
sltu $10,$3,$10
daddu $2,$2,$10
sd $3,0($4)
daddiu $4,$4,8
daddu $2,$9,$2 # add high product limb and carry from addition
# cool down phase 0
$LC0: ld $10,0($4)
mflo $3
mfhi $9
daddu $3,$3,$2
sltu $2,$3,$2
daddu $3,$10,$3
sltu $10,$3,$10
daddu $2,$2,$10
sd $3,0($4)
j $31
daddu $2,$9,$2 # add high product limb and carry from addition
.end mpihelp_addmul_1

99
mpi/mips3/mpih-mul3.S Normal file
View File

@ -0,0 +1,99 @@
/* MIPS3 submul_1 -- Multiply a limb vector with a single limb and
* subtract the product from a second limb vector.
* Copyright (C) 1992, 1994, 1995, 1998 Free Software Foundation, Inc.
*
* This file is part of GNUPG.
*
* GNUPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GNUPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/*******************
* mpi_limb_t
* mpihelp_submul_1( mpi_ptr_t res_ptr, (r4)
* mpi_ptr_t s1_ptr, (r5)
* mpi_size_t s1_size, (r6)
* mpi_limb_t s2_limb) (r7)
*/
.text
.align 4
.globl mpihelp_submul_1
.ent mpihelp_submul_1
mpihelp_submul_1:
.set noreorder
.set nomacro
# warm up phase 0
ld $8,0($5)
# warm up phase 1
daddiu $5,$5,8
dmultu $8,$7
daddiu $6,$6,-1
beq $6,$0,$LC0
move $2,$0 # zero cy2
daddiu $6,$6,-1
beq $6,$0,$LC1
ld $8,0($5) # load new s1 limb as early as possible
Loop: ld $10,0($4)
mflo $3
mfhi $9
daddiu $5,$5,8
daddu $3,$3,$2 # add old carry limb to low product limb
dmultu $8,$7
ld $8,0($5) # load new s1 limb as early as possible
daddiu $6,$6,-1 # decrement loop counter
sltu $2,$3,$2 # carry from previous addition -> $2
dsubu $3,$10,$3
sgtu $10,$3,$10
daddu $2,$2,$10
sd $3,0($4)
daddiu $4,$4,8
bne $6,$0,Loop
daddu $2,$9,$2 # add high product limb and carry from addition
# cool down phase 1
$LC1: ld $10,0($4)
mflo $3
mfhi $9
daddu $3,$3,$2
sltu $2,$3,$2
dmultu $8,$7
dsubu $3,$10,$3
sgtu $10,$3,$10
daddu $2,$2,$10
sd $3,0($4)
daddiu $4,$4,8
daddu $2,$9,$2 # add high product limb and carry from addition
# cool down phase 0
$LC0: ld $10,0($4)
mflo $3
mfhi $9
daddu $3,$3,$2
sltu $2,$3,$2
dsubu $3,$10,$3
sgtu $10,$3,$10
daddu $2,$2,$10
sd $3,0($4)
j $31
daddu $2,$9,$2 # add high product limb and carry from addition
.end mpihelp_submul_1

93
mpi/mips3/mpih-rshift.S Normal file
View File

@ -0,0 +1,93 @@
/* mips3 rshift
* Copyright (C) 1995, 1998 Free Software Foundation, Inc.
*
* This file is part of GNUPG.
*
* GNUPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GNUPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/*******************
* mpi_limb_t
* mpihelp_rshift( mpi_ptr_t wp, ($4)
* mpi_ptr_t up, ($5)
* mpi_size_t usize, ($6)
* unsigned cnt) ($7)
*/
.text
.align 2
.globl mpihelp_rshift
.ent mpihelp_rshift
mpihelp_rshift:
.set noreorder
.set nomacro
ld $10,0($5) # load first limb
dsubu $13,$0,$7
daddiu $6,$6,-1
and $9,$6,4-1 # number of limbs in first loop
beq $9,$0,.L0 # if multiple of 4 limbs, skip first loop
dsll $2,$10,$13 # compute function result
dsubu $6,$6,$9
.Loop0: ld $3,8($5)
daddiu $4,$4,8
daddiu $5,$5,8
daddiu $9,$9,-1
dsrl $11,$10,$7
dsll $12,$3,$13
move $10,$3
or $8,$11,$12
bne $9,$0,.Loop0
sd $8,-8($4)
.L0: beq $6,$0,.Lend
nop
.Loop: ld $3,8($5)
daddiu $4,$4,32
daddiu $6,$6,-4
dsrl $11,$10,$7
dsll $12,$3,$13
ld $10,16($5)
dsrl $14,$3,$7
or $8,$11,$12
sd $8,-32($4)
dsll $9,$10,$13
ld $3,24($5)
dsrl $11,$10,$7
or $8,$14,$9
sd $8,-24($4)
dsll $12,$3,$13
ld $10,32($5)
dsrl $14,$3,$7
or $8,$11,$12
sd $8,-16($4)
dsll $9,$10,$13
daddiu $5,$5,32
or $8,$14,$9
bgtz $6,.Loop
sd $8,-8($4)
.Lend: dsrl $8,$10,$7
j $31
sd $8,0($4)
.end mpihelp_rshift

123
mpi/mips3/mpih-sub1.S Normal file
View File

@ -0,0 +1,123 @@
/* mips3 sub_n -- Subtract two limb vectors of the same length > 0 and
* store difference in a third limb vector.
* Copyright (C) 1995, 1998 Free Software Foundation, Inc.
*
* This file is part of GNUPG.
*
* GNUPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GNUPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/*******************
* mpi_limb_t
* mpihelp_sub_n( mpi_ptr_t res_ptr, (r4)
* mpi_ptr_t s1_ptr, (r5)
* mpi_ptr_t s2_ptr, (r6)
* mpi_size_t size) (r7)
*/
.text
.align 2
.globl mpihelp_sub_n
.ent mpihelp_sub_n
mpihelp_sub_n:
.set noreorder
.set nomacro
ld $10,0($5)
ld $11,0($6)
daddiu $7,$7,-1
and $9,$7,4-1 # number of limbs in first loop
beq $9,$0,.L0 # if multiple of 4 limbs, skip first loop
move $2,$0
dsubu $7,$7,$9
.Loop0: daddiu $9,$9,-1
ld $12,8($5)
daddu $11,$11,$2
ld $13,8($6)
sltu $8,$11,$2
dsubu $11,$10,$11
sltu $2,$10,$11
sd $11,0($4)
or $2,$2,$8
daddiu $5,$5,8
daddiu $6,$6,8
move $10,$12
move $11,$13
bne $9,$0,.Loop0
daddiu $4,$4,8
.L0: beq $7,$0,.Lend
nop
.Loop: daddiu $7,$7,-4
ld $12,8($5)
daddu $11,$11,$2
ld $13,8($6)
sltu $8,$11,$2
dsubu $11,$10,$11
sltu $2,$10,$11
sd $11,0($4)
or $2,$2,$8
ld $10,16($5)
daddu $13,$13,$2
ld $11,16($6)
sltu $8,$13,$2
dsubu $13,$12,$13
sltu $2,$12,$13
sd $13,8($4)
or $2,$2,$8
ld $12,24($5)
daddu $11,$11,$2
ld $13,24($6)
sltu $8,$11,$2
dsubu $11,$10,$11
sltu $2,$10,$11
sd $11,16($4)
or $2,$2,$8
ld $10,32($5)
daddu $13,$13,$2
ld $11,32($6)
sltu $8,$13,$2
dsubu $13,$12,$13
sltu $2,$12,$13
sd $13,24($4)
or $2,$2,$8
daddiu $5,$5,32
daddiu $6,$6,32
bne $7,$0,.Loop
daddiu $4,$4,32
.Lend: daddu $11,$11,$2
sltu $8,$11,$2
dsubu $11,$10,$11
sltu $2,$10,$11
sd $11,0($4)
j $31
or $2,$2,$8
.end mpihelp_sub_n
n

8
po/de.po
View File

@ -563,10 +563,6 @@ msgstr ""
" (1) ElGamal wird empfohlen.\n" " (1) ElGamal wird empfohlen.\n"
" (2) DSA kann nur für Signaturen verwendet werden.\n" " (2) DSA kann nur für Signaturen verwendet werden.\n"
#: g10/keygen.c:305
msgid " (3) RSA cannot be used in the U.S.\n"
msgstr " (3) RSA darf in den USA nicht benutzt werden\n"
#: g10/keygen.c:314 #: g10/keygen.c:314
msgid "Your selection? (1,2,3) " msgid "Your selection? (1,2,3) "
msgstr "Ihre Auswahl? (1,2,3) " msgstr "Ihre Auswahl? (1,2,3) "
@ -575,10 +571,6 @@ msgstr "Ihre Auswahl? (1,2,3) "
msgid "Your selection? (1,2) " msgid "Your selection? (1,2) "
msgstr "Ihre Auswahl? (1,2) " msgstr "Ihre Auswahl? (1,2) "
#: g10/keygen.c:330
msgid "Sorry; DSA is not yet supported.\n"
msgstr "Pardon; DSA wird noch nicht unterstützt.\n"
#: g10/keygen.c:343 #: g10/keygen.c:343
msgid "" msgid ""
"About to generate a new %s keypair.\n" "About to generate a new %s keypair.\n"

BIN
tools/mk-tdata
View File

Binary file not shown.

2
util/secmem.c
View File

@ -71,7 +71,7 @@ lock_pool( void *p, size_t n )
uid_t uid; uid_t uid;
int err; int err;
err = mlock( p, n ); err = -1; mlock( p, n );
if( err && errno ) if( err && errno )
err = errno; err = errno;

4
zlib/Makefile
View File

@ -91,7 +91,7 @@ POSUB = po
RANLIB = ranlib RANLIB = ranlib
USE_INCLUDED_LIBINTL = yes USE_INCLUDED_LIBINTL = yes
USE_NLS = yes USE_NLS = yes
VERSION = 0.2.19b VERSION = 0.2.19c
ZLIBS = ZLIBS =
l = l =
@ -121,7 +121,7 @@ LIBRARIES = $(noinst_LIBRARIES)
DEFS = -DHAVE_CONFIG_H -I. -I$(srcdir) -I.. DEFS = -DHAVE_CONFIG_H -I. -I$(srcdir) -I..
CPPFLAGS = CPPFLAGS =
LDFLAGS = LDFLAGS =
LIBS = -ldl -lz LIBS = -lz
libzlib_a_LIBADD = libzlib_a_LIBADD =
libzlib_a_OBJECTS = adler32.o compress.o crc32.o gzio.o uncompr.o \ libzlib_a_OBJECTS = adler32.o compress.o crc32.o gzio.o uncompr.o \
deflate.o trees.o zutil.o inflate.o infblock.o inftrees.o infcodes.o \ deflate.o trees.o zutil.o inflate.o infblock.o inftrees.o infcodes.o \