Migrated more stuff to doc/

Migrated the gpg regression tests.
Some changes tp the gpg code to fix bugs and
for the use in testing. 
make distcheck works now with gpg enabled.

g10/ChangeLog

@@ -1,3 +1,17 @@
+2006-08-21  Werner Koch  <wk@g10code.com>
+
+	* skclist.c (random_is_faked): Implemented.
+	(is_insecure): Also test for the old uppercase version of the
+	insecure string.
+	* gpg.c (main): Renamed --quick-random to debug-quick-quick-random.
+
+	* gpg.c (print_mds): Do not use the USE_SHA macros.
+
+	* mainproc.c (proc_encrypted): Remove assign inside condition for
+	better readibility.
+
+	* packet.h: Moved consts to new header ../common/openpgpdefs.h.
+
 2006-08-16  Werner Koch  <wk@g10code.com>
 
 	* keyserver.c (GPGKEYS_PREFIX): Rename to gpg2keys_.  This is so

g10/gpg.c

@@ -568,7 +568,7 @@ static ARGPARSE_OPTS opts[] = {
     { oPasswdFile, "passphrase-file",2, "@" },
     { oCommandFD, "command-fd",1, "@" },
     { oCommandFile, "command-file",2, "@" },
-    { oQuickRandom, "quick-random", 0, "@"},
+    { oQuickRandom, "debug-quick-random", 0, "@"},
     { oNoVerbose, "no-verbose", 0, "@"},
     { oTrustDBName, "trustdb-name", 2, "@" },
     { oNoSecmemWarn, "no-secmem-warning", 0, "@" },
@@ -2152,8 +2152,9 @@ main (int argc, char **argv )
             gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose);
             opt.list_sigs=0;
             break;
-          /* Disabled for now:
-          case oQuickRandom: quick_random_gen(1); break;*/
+          case oQuickRandom: 
+            gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
+            break;
 	  case oEmitVersion: opt.no_version=0; break;
 	  case oNoEmitVersion: opt.no_version=1; break;
 	  case oCompletesNeeded: opt.completes_needed = pargs.r.ret_int; break;
@@ -2162,17 +2163,17 @@ main (int argc, char **argv )
 	  case oTrustDBName: trustdb_name = pargs.r.ret_str; break;
 	  case oDefaultKey: opt.def_secret_key = pargs.r.ret_str; break;
 	  case oDefRecipient:
-		    if( *pargs.r.ret_str )
-			opt.def_recipient = make_username(pargs.r.ret_str);
-		    break;
+            if( *pargs.r.ret_str )
+              opt.def_recipient = make_username(pargs.r.ret_str);
+            break;
 	  case oDefRecipientSelf:
-		    xfree(opt.def_recipient); opt.def_recipient = NULL;
-		    opt.def_recipient_self = 1;
-		    break;
+            xfree(opt.def_recipient); opt.def_recipient = NULL;
+            opt.def_recipient_self = 1;
+            break;
 	  case oNoDefRecipient:
-		    xfree(opt.def_recipient); opt.def_recipient = NULL;
-		    opt.def_recipient_self = 0;
-		    break;
+            xfree(opt.def_recipient); opt.def_recipient = NULL;
+            opt.def_recipient_self = 0;
+            break;
 	  case oNoOptions: opt.no_homedir_creation = 1; break; /* no-options */
 	  case oHomedir: break;
 	  case oNoBatch: opt.batch = 0; break;
@@ -4031,14 +4032,14 @@ print_mds( const char *fname, int algo )
 	gcry_md_enable (md, GCRY_MD_MD5);
 	gcry_md_enable (md, GCRY_MD_SHA1);
 	gcry_md_enable (md, GCRY_MD_RMD160);
-#ifdef USE_SHA256
-	gcry_md_enable (md, DIGEST_ALGO_SHA224);
-	gcry_md_enable (md, GCRY_MD_SHA256);
-#endif
-#ifdef USE_SHA512
-	gcry_md_enable (md, GCRY_MD_SHA384);
-	gcry_md_enable (md, GCRY_MD_SHA512);
-#endif
+        if (!openpgp_md_test_algo (DIGEST_ALGO_SHA224))
+          gcry_md_enable (md, DIGEST_ALGO_SHA224);
+        if (!openpgp_md_test_algo (GCRY_MD_SHA256))
+          gcry_md_enable (md, GCRY_MD_SHA256);
+        if (!openpgp_md_test_algo (GCRY_MD_SHA384))
+          gcry_md_enable (md, GCRY_MD_SHA384);
+        if (!openpgp_md_test_algo (GCRY_MD_SHA512))
+          gcry_md_enable (md, GCRY_MD_SHA512);
     }
 
     while( (n=fread( buf, 1, DIM(buf), fp )) )
@@ -4054,15 +4055,14 @@ print_mds( const char *fname, int algo )
                 print_hashline( md, GCRY_MD_MD5, fname );
                 print_hashline( md, GCRY_MD_SHA1, fname );
                 print_hashline( md, GCRY_MD_RMD160, fname );
-#ifdef USE_SHA256
-                if (!gcry_md_test_algo (DIGEST_ALGO_SHA224)
+                if (!gcry_md_test_algo (DIGEST_ALGO_SHA224))
                     print_hashline (md, DIGEST_ALGO_SHA224, fname);
-                print_hashline( md, GCRY_MD_SHA256, fname );
-#endif
-#ifdef USE_SHA512
-		print_hashline( md, GCRY_MD_SHA384, fname );
-		print_hashline( md, GCRY_MD_SHA512, fname );
-#endif
+                if (!gcry_md_test_algo (GCRY_MD_SHA256))
+                    print_hashline( md, GCRY_MD_SHA256, fname );
+                if (!gcry_md_test_algo (GCRY_MD_SHA384))
+                    print_hashline ( md, GCRY_MD_SHA384, fname );
+                if (!gcry_md_test_algo (GCRY_MD_SHA512))
+                    print_hashline ( md, GCRY_MD_SHA512, fname );
             }
         }
         else {
@@ -4072,15 +4072,14 @@ print_mds( const char *fname, int algo )
                 print_hex( md, GCRY_MD_MD5, fname );
                 print_hex( md, GCRY_MD_SHA1, fname );
                 print_hex( md, GCRY_MD_RMD160, fname );
-#ifdef USE_SHA256
-                if (!gcry_md_test_algo (DIGEST_ALGO_SHA224)
+                if (!gcry_md_test_algo (DIGEST_ALGO_SHA224))
                     print_hex (md, DIGEST_ALGO_SHA224, fname);
-                print_hex( md, GCRY_MD_SHA256, fname );
-#endif
-#ifdef USE_SHA512
-		print_hex( md, GCRY_MD_SHA384, fname );
-		print_hex( md, GCRY_MD_SHA512, fname );
-#endif
+                if (!gcry_md_test_algo (GCRY_MD_SHA256))
+                    print_hex( md, GCRY_MD_SHA256, fname );
+                if (!gcry_md_test_algo (GCRY_MD_SHA384))
+                    print_hex( md, GCRY_MD_SHA384, fname );
+                if (!gcry_md_test_algo (GCRY_MD_SHA512))
+                    print_hex( md, GCRY_MD_SHA512, fname );
             }
         }
     }

g10/keydb.h

@@ -190,6 +190,7 @@ int  select_algo_from_prefs( PK_LIST pk_list, int preftype,
 int  select_mdc_from_pklist (PK_LIST pk_list);
 
 /*-- skclist.c --*/
+int  random_is_faked (void);
 void release_sk_list( SK_LIST sk_list );
 int  build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list,
 					    int unlock, unsigned use );

g10/keygen.c

@@ -1949,11 +1949,9 @@ ask_user_id( int mode )
 	if( *amail )
 	    p = stpcpy(stpcpy(stpcpy(p," <"), amail),">");
 
-	/* append a warning if we do not have dev/random
-	 * or it is switched into  quick testmode */
-        /* FIXME: see skclist.c:random_is_faked */
-        /* 	if( quick_random_gen(-1)  ) */
-        /* 	    strcpy(p, " (INSECURE!)" ); */
+	/* Append a warning if the RNG is switched into fake mode.  */
+        if ( random_is_faked ()  )
+          strcpy(p, " (insecure!)" );
 
 	/* print a note in case that UTF8 mapping has to be done */
 	for(p=uid; *p; p++ ) {

g10/keyserver-internal.h

@@ -23,7 +23,7 @@
 #define _KEYSERVER_INTERNAL_H_
 
 #include <time.h>
-#include "keyserver.h"
+#include "../common/keyserver.h"
 #include "../common/iobuf.h"
 #include "types.h"
 

g10/mainproc.c

@@ -508,8 +508,9 @@ proc_encrypted( CTX c, PACKET *pkt )
 	  }
 	else
 	  {
-	    /* assume this is old style conventional encrypted data */
-	    if ( (algo = opt.def_cipher_algo))
+	    /* Assume this is old style conventional encrypted data. */
+	    algo = opt.def_cipher_algo;
+	    if ( algo )
 	      log_info (_("assuming %s encrypted data\n"),
                         gcry_cipher_algo_name (algo));
 	    else if ( gcry_cipher_test_algo (CIPHER_ALGO_IDEA) )
@@ -680,6 +681,8 @@ proc_plaintext( CTX c, PACKET *pkt )
     }
 
     rc = handle_plaintext( pt, &c->mfx, c->sigs_only, clearsig );
+    if (rc)
+      log_debug ("handle_plaintext failed: err=%d\n", rc);
     if( gpg_err_code (rc) == GPG_ERR_ENOENT && !c->sigs_only) 
       {
 #warning We need to change the test for the error code

g10/packet.h

@@ -28,32 +28,10 @@
 #include "../jnlib/strlist.h"
 #include "cipher.h"
 #include "filter.h"
+#include "../common/openpgpdefs.h"
 
 #define DEBUG_PARSE_PACKET 1
 
-typedef enum {
-	PKT_NONE	   =0,
-	PKT_PUBKEY_ENC	   =1, /* public key encrypted packet */
-	PKT_SIGNATURE	   =2, /* secret key encrypted packet */
-	PKT_SYMKEY_ENC	   =3, /* session key packet (OpenPGP)*/
-	PKT_ONEPASS_SIG    =4, /* one pass sig packet (OpenPGP)*/
-	PKT_SECRET_KEY	   =5, /* secret key */
-	PKT_PUBLIC_KEY	   =6, /* public key */
-	PKT_SECRET_SUBKEY  =7, /* secret subkey (OpenPGP) */
-	PKT_COMPRESSED	   =8, /* compressed data packet */
-	PKT_ENCRYPTED	   =9, /* conventional encrypted data */
-	PKT_MARKER	  =10, /* marker packet (OpenPGP) */
-	PKT_PLAINTEXT	  =11, /* plaintext data with filename and mode */
-	PKT_RING_TRUST	  =12, /* keyring trust packet */
-	PKT_USER_ID	  =13, /* user id packet */
-	PKT_PUBLIC_SUBKEY =14, /* public subkey (OpenPGP) */
-	PKT_OLD_COMMENT   =16, /* comment packet from an OpenPGP draft */
-	PKT_ATTRIBUTE     =17, /* PGP's attribute packet */
-	PKT_ENCRYPTED_MDC =18, /* integrity protected encrypted data */
-	PKT_MDC 	  =19, /* manipulation detection code packet */
-	PKT_COMMENT	  =61, /* new comment packet (private) */
-        PKT_GPG_CONTROL   =63  /* internal control packet */
-} pkttype_t;
 
 typedef struct packet_struct PACKET;
 
@@ -373,38 +351,6 @@ struct packet_struct {
 			    (a)->pkt.generic = NULL;	\
 		       } while(0)
 
-typedef enum {
-    SIGSUBPKT_TEST_CRITICAL=-3,
-    SIGSUBPKT_LIST_UNHASHED=-2,
-    SIGSUBPKT_LIST_HASHED  =-1,
-    SIGSUBPKT_NONE	   = 0,
-    SIGSUBPKT_SIG_CREATED  = 2, /* signature creation time */
-    SIGSUBPKT_SIG_EXPIRE   = 3, /* signature expiration time */
-    SIGSUBPKT_EXPORTABLE   = 4, /* exportable */
-    SIGSUBPKT_TRUST	   = 5, /* trust signature */
-    SIGSUBPKT_REGEXP	   = 6, /* regular expression */
-    SIGSUBPKT_REVOCABLE    = 7, /* revocable */
-    SIGSUBPKT_KEY_EXPIRE   = 9, /* key expiration time */
-    SIGSUBPKT_ARR	   =10, /* additional recipient request */
-    SIGSUBPKT_PREF_SYM	   =11, /* preferred symmetric algorithms */
-    SIGSUBPKT_REV_KEY	   =12, /* revocation key */
-    SIGSUBPKT_ISSUER	   =16, /* issuer key ID */
-    SIGSUBPKT_NOTATION	   =20, /* notation data */
-    SIGSUBPKT_PREF_HASH    =21, /* preferred hash algorithms */
-    SIGSUBPKT_PREF_COMPR   =22, /* preferred compression algorithms */
-    SIGSUBPKT_KS_FLAGS	   =23, /* key server preferences */
-    SIGSUBPKT_PREF_KS	   =24, /* preferred key server */
-    SIGSUBPKT_PRIMARY_UID  =25, /* primary user id */
-    SIGSUBPKT_POLICY	   =26, /* policy URL */
-    SIGSUBPKT_KEY_FLAGS    =27, /* key flags */
-    SIGSUBPKT_SIGNERS_UID  =28, /* signer's user id */
-    SIGSUBPKT_REVOC_REASON =29, /* reason for revocation */
-    SIGSUBPKT_FEATURES     =30, /* feature flags */
-
-    SIGSUBPKT_SIGNATURE    =32, /* embedded signature */
-
-    SIGSUBPKT_FLAG_CRITICAL=128
-} sigsubpkttype_t;
 
 struct notation
 {

g10/skclist.c

@@ -35,16 +35,26 @@
 #include "i18n.h"
 #include "cipher.h"
 
+#ifndef GCRYCTL_FAKED_RANDOM_P
+#define GCRYCTL_FAKED_RANDOM_P 51
+#endif
 
-/* There is currently no way to get the status of the quick random
-   generator flag from libgcrypt and it is not clear whether this
-   faked RNG is really a good idea.  Thus for now we use this stub
-   function but we should consider to entirely remove this fake RNG
-   stuff. */
-static int
+/* Return true if Libgcrypt's RNG is in faked mode.  */
+int
 random_is_faked (void)
 {
-  return 0;
+  /* We use a runtime check to allow for slow migrattion of libgcrypt.
+     We can't use the constant becuase that one is actually an enum
+     value.  */
+  gpg_error_t err = gcry_control ( 51 /*GCRYCTL_FAKED_RANDOM_P*/, 0);
+
+  if (!err)
+    return 0;
+  if (gpg_err_code (err) != GPG_ERR_INV_OP)
+    return 1;
+  log_info ("WARNING: libgcrypt too old.\n");
+  log_info ("         can't check whether we are in faked RNG mode\n");
+  return 0; /* Need to return false.  */
 }
 
 
@@ -82,7 +92,8 @@ is_insecure( PKT_secret_key *sk )
                 continue; /* skip attribute packets */
             if ( strstr( id->name, "(insecure!)" )
                  || strstr( id->name, "not secure" )
-                 || strstr( id->name, "do not use" ) ) {
+                 || strstr( id->name, "do not use" )
+                 || strstr( id->name, "(INSECURE!)" ) ) {
                 insecure = 1;
                 break;
             }