security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

v0.2.11

This commit is contained in:
Werner Koch 1998-03-03 08:43:28 +00:00
parent b13e238a19
commit 0eb5aa6cfd
19 changed files with 226 additions and 264 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
NEWS
View File

@ -1,3 +1,15 @@
Noteworthy changes in version 0.2.11
------------------------------------
* GPG now asks for a recipient's name if option "-r" is not used.
* If there is no good trust path, the program asks whether to use
the public keys anyway.
* "--delete-key" works for public keys. What semantics shall I use
when there is a secret key too? Delete the secret key or leave him
and auto-regenerate the public key, netxt time the secret key is used?
Noteworthy changes in version 0.2.10
------------------------------------

2
VERSION
View File

@ -1 +1 @@
0.2.10
0.2.11

8
cipher/ChangeLog
View File

@ -1,3 +1,11 @@
Mon Mar 2 19:21:46 1998 Werner Koch (wk@isil.d.shuttle.de)
* gost.c, gost.h: Removed because they did only conatin trash.
Sun Mar 1 16:42:29 1998 Werner Koch (wk@isil.d.shuttle.de)
* random.c (fill_buffer): removed error message if n == -1.
Fri Feb 27 16:39:34 1998 Werner Koch (wk@isil.d.shuttle.de)
* md.c (md_enable): No init if called twice.

2
cipher/Makefile.am
View File

@ -10,8 +10,6 @@ libcipher_a_SOURCES = blowfish.c \
blowfish.h \
elgamal.c \
elgamal.h \
gost.c \
gost.h \
md5.c \
md5.h \
primegen.c \

12
cipher/Makefile.in
View File

@ -101,8 +101,6 @@ libcipher_a_SOURCES = blowfish.c \
blowfish.h \
elgamal.c \
elgamal.h \
gost.c \
gost.h \
md5.c \
md5.h \
primegen.c \
@ -130,8 +128,8 @@ DEFS = @DEFS@ -I. -I$(srcdir) -I..
CPPFLAGS = @CPPFLAGS@
LDFLAGS = @LDFLAGS@
LIBS = @LIBS@
libcipher_a_OBJECTS = blowfish.o elgamal.o gost.o md5.o primegen.o \
random.o rmd160.o sha1.o dsa.o md.o misc.o smallprime.o
libcipher_a_OBJECTS = blowfish.o elgamal.o md5.o primegen.o random.o \
rmd160.o sha1.o dsa.o md.o misc.o smallprime.o
AR = ar
CFLAGS = @CFLAGS@
COMPILE = $(CC) $(DEFS) $(INCLUDES) $(CPPFLAGS) $(CFLAGS)
@ -143,9 +141,9 @@ DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST)
TAR = tar
GZIP = --best
DEP_FILES = .deps/blowfish.P .deps/dsa.P .deps/elgamal.P .deps/gost.P \
.deps/md.P .deps/md5.P .deps/misc.P .deps/primegen.P .deps/random.P \
.deps/rmd160.P .deps/sha1.P .deps/smallprime.P
DEP_FILES = .deps/blowfish.P .deps/dsa.P .deps/elgamal.P .deps/md.P \
.deps/md5.P .deps/misc.P .deps/primegen.P .deps/random.P .deps/rmd160.P \
.deps/sha1.P .deps/smallprime.P
SOURCES = $(libcipher_a_SOURCES)
OBJECTS = $(libcipher_a_OBJECTS)

235
cipher/gost.c
View File

@ -30,280 +30,47 @@
#include "types.h"
#include "gost.h"
static u16
mul_inv( u16 x )
{
u16 t0, t1;
u16 q, y;
if( x < 2 )
return x;
t1 = 0x10001L / x;
y = 0x10001L % x;
if( y == 1 )
return (1-t1) & 0xffff;
t0 = 1;
do {
q = x / y;
x = x % y;
t0 += q * t1;
if( x == 1 )
return t0;
q = y / x;
y = y % x;
t1 += q * t0;
} while( y != 1 );
return (1-t1) & 0xffff;
}
static void
expand_key( byte *userkey, u16 *ek )
{
int i,j;
for(j=0; j < 8; j++ ) {
ek[j] = (*userkey << 8) + userkey[1];
userkey += 2;
}
for(i=0; j < GOST_KEYLEN; j++ ) {
i++;
ek[i+7] = ek[i&7] << 9 | ek[(i+1)&7] >> 7;
ek += i & 8;
i &= 7;
}
}
static void
invert_key( u16 *ek, u16 dk[GOST_KEYLEN] )
{
int i;
u16 t1, t2, t3;
u16 temp[GOST_KEYLEN];
u16 *p = temp + GOST_KEYLEN;
t1 = mul_inv( *ek++ );
t2 = -*ek++;
t3 = -*ek++;
*--p = mul_inv( *ek++ );
*--p = t3;
*--p = t2;
*--p = t1;
for(i=0; i < GOST_ROUNDS-1; i++ ) {
t1 = *ek++;
*--p = *ek++;
*--p = t1;
t1 = mul_inv( *ek++ );
t2 = -*ek++;
t3 = -*ek++;
*--p = mul_inv( *ek++ );
*--p = t3;
*--p = t2;
*--p = t1;
}
t1 = *ek++;
*--p = *ek++;
*--p = t1;
t1 = mul_inv( *ek++ );
t2 = -*ek++;
t3 = -*ek++;
*--p = mul_inv( *ek++ );
*--p = t3;
*--p = t2;
*--p = t1;
memcpy(dk, temp, sizeof(temp) );
memset(temp, 0, sizeof(temp) ); /* burn temp */
}
static void
cipher( byte *inbuf, byte *outbuf, u16 *key )
{
u16 x1, x2, x3,x4, s2, s3;
u16 *in, *out;
int r = GOST_ROUNDS;
#define MUL(x,y) \
do {u16 _t16; u32 _t32; \
if( (_t16 = (y)) ) { \
if( (x = (x)&0xffff) ) { \
_t32 = (u32)x * _t16; \
x = _t32 & 0xffff; \
_t16 = _t32 >> 16; \
x = ((x)-_t16) + (x<_t16?1:0); \
} \
else { \
x = 1 - _t16; \
} \
} \
else { \
x = 1 - x; \
} \
} while(0)
in = (u16*)inbuf;
x1 = *in++;
x2 = *in++;
x3 = *in++;
x4 = *in;
#ifdef LITTLE_ENDIAN_HOST
x1 = (x1>>8) | (x1<<8);
x2 = (x2>>8) | (x2<<8);
x3 = (x3>>8) | (x3<<8);
x4 = (x4>>8) | (x4<<8);
#endif
do {
MUL(x1, *key++);
x2 += *key++;
x3 += *key++;
MUL(x4, *key++ );
s3 = x3;
x3 ^= x1;
MUL(x3, *key++);
s2 = x2;
x2 ^=x4;
x2 += x3;
MUL(x2, *key++);
x3 += x2;
x1 ^= x2;
x4 ^= x3;
x2 ^= s3;
x3 ^= s2;
} while( --r );
MUL(x1, *key++);
x3 += *key++;
x2 += *key++;
MUL(x4, *key);
out = (u16*)outbuf;
#ifdef LITTLE_ENDIAN_HOST
*out++ = (x1>>8) | (x1<<8);
*out++ = (x3>>8) | (x3<<8);
*out++ = (x2>>8) | (x2<<8);
*out = (x4>>8) | (x4<<8);
#else
*out++ = x1;
*out++ = x3;
*out++ = x2;
*out = x4;
#endif
#undef MUL
}
#error don't use this
void
gost_setkey( GOST_context *c, byte *key )
{
expand_key( key, c->ek );
invert_key( c->ek, c->dk );
}
void
gost_setiv( GOST_context *c, byte *iv )
{
memcpy( c->iv, iv, GOST_BLOCKSIZE );
}
void
gost_encode( GOST_context *c, byte *outbuf, byte *inbuf, unsigned nblocks )
{
unsigned n;
for(n=0; n < nblocks; n++ ) {
cipher( inbuf, outbuf, c->ek );
inbuf += 8;
outbuf += 8;
}
}
void
gost_decode( GOST_context *c, byte *outbuf, byte *inbuf, unsigned nblocks )
{
unsigned n;
for(n=0; n < nblocks; n++ ) {
cipher( inbuf, outbuf, c->dk );
inbuf += 8;
outbuf += 8;
}
}
static void
cfbshift( byte *iv, byte *buf, unsigned count)
{
unsigned n;
if( count ) {
for( n = GOST_BLOCKSIZE - count; n; n--, iv++ )
*iv = iv[count];
for( ; count; count-- )
*iv++ = *buf++;
}
}
/****************
* FIXME: Make use of bigger chunks
*/
static void
xorblock( byte *out, byte *a, byte *b, unsigned count )
{
for( ; count ; count--, a++, b++ )
*out++ = *a ^ *b ;
}
void
gost_encode_cfb( GOST_context *c, byte *outbuf, byte *inbuf, unsigned nbytes)
{
byte temp[GOST_BLOCKSIZE];
while( nbytes >= GOST_BLOCKSIZE ) {
cipher( c->iv, temp, c->ek );
xorblock( outbuf, inbuf, temp, GOST_BLOCKSIZE);
cfbshift( c->iv, outbuf, GOST_BLOCKSIZE );
nbytes -= GOST_BLOCKSIZE;
inbuf += GOST_BLOCKSIZE;
outbuf += GOST_BLOCKSIZE;
}
if( nbytes ) {
cipher( c->iv, temp, c->ek );
xorblock( outbuf, inbuf, temp, nbytes );
cfbshift( c->iv, outbuf, nbytes );
}
}
void
gost_decode_cfb( GOST_context *c, byte *outbuf, byte *inbuf, unsigned nbytes)
{
byte temp[GOST_BLOCKSIZE];
while( nbytes >= GOST_BLOCKSIZE ) {
cipher( c->iv, temp, c->ek );
cfbshift( c->iv, inbuf, GOST_BLOCKSIZE );
xorblock( outbuf, inbuf, temp, GOST_BLOCKSIZE);
nbytes -= GOST_BLOCKSIZE;
inbuf += GOST_BLOCKSIZE;
outbuf += GOST_BLOCKSIZE;
}
if( nbytes ) {
cipher( c->iv, temp, c->ek );
cfbshift( c->iv, inbuf, nbytes );
xorblock( outbuf, inbuf, temp, nbytes );
}
}

1
cipher/misc.c
View File

@ -36,7 +36,6 @@ static struct { const char *name; int algo;} cipher_names[] = {
{ "SAFER_SK128", CIPHER_ALGO_SAFER_SK128 },
{ "DES_SK", CIPHER_ALGO_DES_SK },
{ "BLOWFISH", CIPHER_ALGO_BLOWFISH },
{ "GOST", CIPHER_ALGO_GOST },
{NULL} };
static struct { const char *name; int algo;} pubkey_names[] = {

2
cipher/random.c
View File

@ -157,7 +157,7 @@ fill_buffer( byte *buffer, size_t length, int level )
assert( length < 200 );
do {
n = read(fd, buffer, length );
if( n > length ) {
if( n >= 0 && n > length ) {
log_error("bogus read from random device (n=%d)\n", n );
n = length;
}

20
g10/ChangeLog
View File

@ -1,3 +1,23 @@
Mon Mar 2 21:23:48 1998 Werner Koch (wk@isil.d.shuttle.de)
* pkc_list.c (build_pkc_list): Add interactive input of user ID.
Mon Mar 2 20:54:05 1998 Werner Koch (wk@isil.d.shuttle.de)
* pkclist.c (do_we_trust_pre): New.
(add_ownertrust): Add message.
* trustdb.c (enum_trust_web): Quick fix.
Mon Mar 2 13:50:53 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c (main): New action aDeleteKey
* sign.c (delete_key): New.
Sun Mar 1 16:38:58 1998 Werner Koch (wk@isil.d.shuttle.de)
* trustdb.c (do_check): No returns TRUST_UNDEFINED instead of
eof error.
Fri Feb 27 18:14:03 1998 Werner Koch (wk@isil.d.shuttle.de)
* armor.c (find_header): Removed trailing CR on headers.

11
g10/g10.c
View File

@ -120,7 +120,7 @@ static ARGPARSE_OPTS opts[] = {
enum cmd_values { aNull = 0,
aSym, aStore, aEncr, aKeygen, aSign, aSignEncr,
aSignKey, aClearsign, aListPackets, aEditSig,
aSignKey, aClearsign, aListPackets, aEditSig, aDeleteKey,
aKMode, aKModeC, aChangePass, aImport,
aExport, aCheckKeys, aGenRevoke,
aNOP };
@ -416,6 +416,7 @@ main( int argc, char **argv )
case 501: opt.answer_yes = 1; break;
case 502: opt.answer_no = 1; break;
case 503: set_cmd( &cmd, aKeygen); break;
case 505: set_cmd( &cmd, aDeleteKey); break;
case 506: set_cmd( &cmd, aSignKey); break;
case 507: set_cmd( &cmd, aStore); break;
case 508: set_cmd( &cmd, aCheckKeys);
@ -612,6 +613,14 @@ main( int argc, char **argv )
log_error("%s: edit signature failed: %s\n", fname_print, g10_errstr(rc) );
break;
case aDeleteKey:
if( argc != 1 )
wrong_args(_("--delete-key username"));
/* note: fname is the user id! */
if( (rc = delete_key(fname)) )
log_error("%s: delete key failed: %s\n", fname_print, g10_errstr(rc) );
break;
case aChangePass: /* Chnage the passphrase */
if( argc > 1 ) /* no arg: use default, 1 arg use this one */
wrong_args(_("--change-passphrase [username]"));

1
g10/main.h
View File

@ -53,6 +53,7 @@ int sign_file( STRLIST filenames, int detached, STRLIST locusr,
int clearsign_file( const char *fname, STRLIST locusr, const char *outfile );
int sign_key( const char *username, STRLIST locusr );
int edit_keysigs( const char *username );
int delete_key( const char *username );
int change_passphrase( const char *username );
/*-- sig-check.c --*/

83
g10/pkclist.c
View File

@ -153,11 +153,12 @@ _("Could not find a valid trust path to the key. Lets see, wether we\n"
rc = 0;
enum_trust_web( &context, NULL ); /* close */
if( !any )
tty_printf(_("No ownertrust values changed.\n\n") );
return rc? rc : any? 0:-1;
}
/****************
* Check wether we can trust this pkc which has a trustlevel of TRUSTLEVEL
* Returns: true if we trust.
@ -218,7 +219,7 @@ do_we_trust( PKT_public_cert *pkc, int trustlevel )
return do_we_trust( pkc, trustlevel );
}
}
return 0; /* no */
return 0; /* no FIXME: add "Proceed anyway?" */
case TRUST_NEVER:
log_info("We do NOT trust this key\n");
@ -250,6 +251,32 @@ do_we_trust( PKT_public_cert *pkc, int trustlevel )
}
/****************
* wrapper arounf do_we_trust, so we can ask wether to use the
* key anyway.
*/
static int
do_we_trust_pre( PKT_public_cert *pkc, int trustlevel )
{
int rc = do_we_trust( pkc, trustlevel );
if( !opt.batch && !rc ) {
char *answer;
tty_printf(_(
"It is NOT certain, that the key belongs to his owner.\n"
"If you *really* know what you are doing, you may answer\n"
"the next question with yes\n\n") );
answer = tty_get("Use this key anyway? ");
tty_kill_prompt();
if( answer_is_yes(answer) )
rc = 1;
m_free(answer);
}
return rc;
}
void
release_pkc_list( PKC_LIST pkc_list )
@ -267,14 +294,56 @@ int
build_pkc_list( STRLIST remusr, PKC_LIST *ret_pkc_list )
{
PKC_LIST pkc_list = NULL;
int rc;
PKT_public_cert *pkc=NULL;
int rc=0;
if( !remusr ) { /* ask!!! */
log_bug("ask for public key nyi\n");
if( !remusr && !opt.batch ) { /* ask */
char *answer=NULL;
tty_printf(_(
"You did not specify a user ID. (you may use \"-r\")\n\n"));
for(;;) {
rc = 0;
m_free(answer);
answer = tty_get(_("Enter the user ID: "));
trim_spaces(answer);
tty_kill_prompt();
if( !*answer )
break;
if( pkc )
free_public_cert( pkc );
pkc = m_alloc_clear( sizeof *pkc );
rc = get_pubkey_byname( pkc, answer );
if( rc )
tty_printf("No such user ID.\n");
else if( !(rc=check_pubkey_algo(pkc->pubkey_algo)) ) {
int trustlevel;
rc = check_trust( pkc, &trustlevel );
if( rc ) {
log_error("error checking pkc of '%s': %s\n",
answer, g10_errstr(rc) );
}
else if( do_we_trust_pre( pkc, trustlevel ) ) {
PKC_LIST r;
r = m_alloc( sizeof *r );
r->pkc = pkc; pkc = NULL;
r->next = pkc_list;
r->mark = 0;
pkc_list = r;
break;
}
}
}
m_free(answer);
if( pkc ) {
free_public_cert( pkc );
pkc = NULL;
}
}
else {
for(; remusr; remusr = remusr->next ) {
PKT_public_cert *pkc;
pkc = m_alloc_clear( sizeof *pkc );
if( (rc = get_pubkey_byname( pkc, remusr->d )) ) {
@ -290,7 +359,7 @@ build_pkc_list( STRLIST remusr, PKC_LIST *ret_pkc_list )
log_error("error checking pkc of '%s': %s\n",
remusr->d, g10_errstr(rc) );
}
else if( do_we_trust( pkc, trustlevel ) ) {
else if( do_we_trust_pre( pkc, trustlevel ) ) {
/* note: do_we_trust may have changed the trustlevel */
PKC_LIST r;

2
g10/seckey-cert.c
View File

@ -195,7 +195,7 @@ check_rsa( PKT_secret_cert *cert )
case CIPHER_ALGO_NONE: BUG(); break;
case CIPHER_ALGO_BLOWFISH:
keyid_from_skc( cert, keyid );
dek = get_passphrase_hash( keyid, NULL );
dek = get_passphrase_hash( keyid, NULL, NULL );
blowfish_ctx = m_alloc_secure( sizeof *blowfish_ctx );
blowfish_setkey( blowfish_ctx, dek->key, dek->keylen );
m_free(dek); /* pw is in secure memory, so m_free() burns it */

78
g10/sign.c
View File

@ -854,6 +854,84 @@ edit_keysigs( const char *username )
}
/****************
* Eine public key aus dem keyring entfernen.
*/
int
delete_key( const char *username )
{
int rc = 0;
KBNODE keyblock = NULL;
KBNODE node;
KBPOS kbpos;
PKT_public_cert *pkc;
u32 pkc_keyid[2];
int okay=0;
/* search the userid */
rc = find_keyblock_byname( &kbpos, username );
if( rc ) {
log_error("%s: user not found\n", username );
goto leave;
}
/* read the keyblock */
rc = read_keyblock( &kbpos, &keyblock );
if( rc ) {
log_error("%s: certificate read problem: %s\n", username, g10_errstr(rc) );
goto leave;
}
/* get the keyid from the keyblock */
node = find_kbnode( keyblock, PKT_PUBLIC_CERT );
if( !node ) {
log_error("Oops; public key not found anymore!\n");
rc = G10ERR_GENERAL;
goto leave;
}
pkc = node->pkt->pkt.public_cert;
keyid_from_pkc( pkc, pkc_keyid );
if( opt.batch && opt.answer_yes )
okay++;
else if( opt.batch )
log_error("can't do that in batch-mode without \"--yes\"\n");
else {
char *p;
size_t n;
tty_printf("pub %4u%c/%08lX %s ",
nbits_from_pkc( pkc ),
pubkey_letter( pkc->pubkey_algo ),
pkc_keyid[1], datestr_from_pkc(pkc) );
p = get_user_id( pkc_keyid, &n );
tty_print_string( p, n );
m_free(p);
tty_printf("\n\n");
p = tty_get("Delete this key from the keyring? ");
tty_kill_prompt();
if( answer_is_yes(p) )
okay++;
m_free(p);
}
if( okay ) {
rc = delete_keyblock( &kbpos );
if( rc ) {
log_error("delete_keyblock failed: %s\n", g10_errstr(rc) );
goto leave;
}
}
leave:
release_kbnode( keyblock );
return rc;
}
int
change_passphrase( const char *username )
{

11
g10/trustdb.c
View File

@ -1421,12 +1421,9 @@ do_check( ulong pubkeyid, TRUSTREC *dr, unsigned *trustlevel )
if( !rc && !dr->r.dir.sigrec ) {
/* See wether this is our own key */
if( !qry_lid_table_flag( ultikey_table, pubkeyid, NULL ) ) {
if( !qry_lid_table_flag( ultikey_table, pubkeyid, NULL ) )
*trustlevel = tflags | TRUST_ULTIMATE;
return 0;
}
else
rc = -1;
return 0;
}
if( rc )
return rc; /* error while looking for sigrec or building sigrecs */
@ -1774,8 +1771,8 @@ enum_trust_web( void **context, ulong *lid )
if( !c ) { /* make a new context */
c = m_alloc_clear( sizeof *c );
*context = c;
if( *lid != last_trust_web_key )
log_bug("enum_trust_web: nyi\n");
if( *lid != last_trust_web_key && last_trust_web_key )
log_bug("enum_trust_web: nyi\n"); /* <--- FIXME */
c->tsl = last_trust_web_tslist;
c->index = 1;
}

2
include/cipher.h
View File

@ -33,7 +33,6 @@
#include "../cipher/rsa.h"
#endif
#include "../cipher/blowfish.h"
#include "../cipher/gost.h"
#include "../cipher/elgamal.h"
@ -46,7 +45,6 @@
#define CIPHER_ALGO_SAFER_SK128 6
#define CIPHER_ALGO_DES_SK 7
#define CIPHER_ALGO_BLOWFISH 42 /* blowfish 160 bit key (not in OpenPGP)*/
#define CIPHER_ALGO_GOST 43 /* (Not in OpenPGP) */
#define PUBKEY_ALGO_RSA 1
#define PUBKEY_ALGO_RSA_E 2 /* RSA encrypt only */

4
mpi/ChangeLog
View File

@ -1,3 +1,7 @@
Mon Mar 2 19:29:00 1998 Werner Koch (wk@isil.d.shuttle.de)
* Makefile.am (DISTCLEANFILES): New
Thu Feb 26 06:48:54 1998 Werner Koch (wk@isil.d.shuttle.de)
* config.links (X86_BROKEN_ALIGN): Added for some systems.

2
mpi/Makefile.am
View File

@ -6,6 +6,8 @@ CFLAGS += -O2
SUFFIXES = .S .s
EXTRA_DIST = config.links
DISTCLEANFILES = mpih-add1.S mpih-mul1.S mpih-mul2.S mpih-mul3.S \
mpih-shift.S mpih-sub1.S asm-syntax.h sysdep.h
noinst_LIBRARIES = libmpi.a

2
mpi/Makefile.in
View File

@ -97,6 +97,8 @@ INCLUDES = -I$(top_srcdir)/include
SUFFIXES = .S .s
EXTRA_DIST = config.links
DISTCLEANFILES = mpih-add1.S mpih-mul1.S mpih-mul2.S mpih-mul3.S \
mpih-shift.S mpih-sub1.S asm-syntax.h sysdep.h
noinst_LIBRARIES = libmpi.a
# noinst_HEADERS =