From 1feae2011ccd122ffb9a8f28013a13e57fc0b4fd Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Sun, 18 Apr 1999 08:18:52 +0000 Subject: [PATCH] See ChangeLog: Sun Apr 18 10:11:28 CEST 1999 Werner Koch --- NEWS | 3 + THANKS | 1 + THOUGHTS | 16 -- TODO | 7 +- checks/ChangeLog | 6 + checks/Makefile.am | 20 +- checks/conventional.test | 4 + checks/mds.test | 4 +- checks/mkdemodirs | 37 ++++ checks/signdemokey | 16 ++ cipher/ChangeLog | 10 + cipher/Makefile.am | 13 +- cipher/cipher.c | 17 +- cipher/des.c | 2 +- cipher/dynload.c | 1 - cipher/elgamal.c | 7 +- cipher/md.c | 4 +- cipher/pubkey.c | 2 - cipher/random.c | 2 +- cipher/rndegd.c | 5 +- cipher/twofish.c | 430 +++++++++++++++++---------------------- doc/gpg.1pod | 15 +- g10/ChangeLog | 25 +++ g10/Makefile.am | 14 +- g10/build-packet.c | 4 +- g10/cipher.c | 6 +- g10/encr-data.c | 6 +- g10/g10.c | 103 +--------- g10/getkey.c | 2 + g10/import.c | 56 ++--- g10/keyedit.c | 7 +- g10/packet.h | 3 +- g10/parse-packet.c | 30 ++- g10/ringedit.c | 7 +- g10/seckey-cert.c | 15 +- g10/tdbio.c | 5 +- include/cipher.h | 4 +- include/ttyio.h | 3 +- mpi/ChangeLog | 5 + mpi/mpi-pow.c | 3 +- mpi/mpih-mul.c | 19 +- mpi/mpiutil.c | 8 +- tools/bftest.c | 2 +- util/ChangeLog | 6 + util/argparse.c | 9 +- util/http.c | 10 +- util/memory.c | 30 +-- util/secmem.c | 2 + util/strgutil.c | 19 ++ util/ttyio.c | 24 ++- 50 files changed, 547 insertions(+), 502 deletions(-) create mode 100755 checks/mkdemodirs create mode 100755 checks/signdemokey diff --git a/NEWS b/NEWS index 4da83f122..073e82ec2 100644 --- a/NEWS +++ b/NEWS @@ -2,9 +2,12 @@ * Full Twofish support. It is now statically linked by default. The experimental 128 bit version is now disabled. ----> Hmmm, there is an internal conflict in the RFC + ----> For now it is disabled * Dropped support for the ancient Blowfish160 which is not OpenPGP. + * Merged gpgm and gpg into one binary. + Noteworthy changes in version 0.9.5 ----------------------------------- diff --git a/THANKS b/THANKS index 55318f35e..f5435e5c9 100644 --- a/THANKS +++ b/THANKS @@ -75,6 +75,7 @@ Ross Golder rossigee@bigfoot.com Serge Munhoven munhoven@mema.ucl.ac.be SL Baur steve@xemacs.org Stefan Karrmann S.Karrmann@gmx.net +Stefan Keller dres@cs.tu-berlin.de Steffen Ullrich ccrlphr@xensei.com Steffen Zahn zahn@berlin.snafu.de Steven Bakker steven@icoe.att.com diff --git a/THOUGHTS b/THOUGHTS index 7c12bf80f..70d3dff99 100644 --- a/THOUGHTS +++ b/THOUGHTS @@ -15,22 +15,6 @@ AM_CONDITIONAL(WITH_EGD, $perl_present) and add util/egd to the top-level Makefile directory list inside a WITH_EGD conditional. - - -==== - - /* we still have these if a signed signed more than one - * user ID. I don't think that is makes sense to sign - * more than one user ID; an exception might be a user ID - * which is to be removed in near future. Anyway it is - * always good to sign only those user ID which are - * unlikely to change. It might be good to insert a - * user ID which does not contain an email address and - * mark this one with a special signature flag or let - * sign_key() suggest a user ID w/o an email address - */ - - * What shall we do if we have a valid subkey revocation certificate but no subkey binding? Is this a valid but revoked key? diff --git a/TODO b/TODO index bc6ed7705..441cfe14e 100644 --- a/TODO +++ b/TODO @@ -6,7 +6,7 @@ * Check calculation of key validity. - * See why we always get this "Hmmm public key lost" - Is it fixed? + * See why we always get this "Hmmm, public key not anymore available" * print a warning when a revoked/expired secret key is used. @@ -24,10 +24,13 @@ * Solaris make has problems with the generated POTFILES - seems to be a gettext bug. + * cvs -d :pserver:anoncvs@anoncvs.gnu.org:/gd/gnu/anoncvsroot co common + Nice to have ------------ + * Offcial test vectors for 3DES-EDE3 * use DEL and ^H for erasing the previous character (util/ttyio.c). * Print a warning if the directory mode is wrong. * replace the keyserver stuff either by a call to a specialized @@ -45,4 +48,6 @@ Nice to have really make sense? * change the fake_data stuff to mpi_set_opaque * Stats about used random numbers. + * the pubkey encrypt functions should do some sanity checks. + * dynload: implement the hint stuff. diff --git a/checks/ChangeLog b/checks/ChangeLog index 3217d4145..b5c20f7da 100644 --- a/checks/ChangeLog +++ b/checks/ChangeLog @@ -1,3 +1,9 @@ +Sun Apr 18 10:11:28 CEST 1999 Werner Koch + + * mkdemodirs: New + * signdemokey: New. + * Makefile.am (distclean-local): New. + Wed Mar 17 13:09:03 CET 1999 Werner Koch * mds.test: replaced the "echo -n" diff --git a/checks/Makefile.am b/checks/Makefile.am index ab0e2ec09..df2a330cc 100644 --- a/checks/Makefile.am +++ b/checks/Makefile.am @@ -18,7 +18,8 @@ TEST_FILES = pubring.asc secring.asc plain-1o.asc plain-2o.asc plain-3o.asc \ DATA_FILES = data-500 data-9000 data-32000 data-80000 plain-large -EXTRA_DIST = defs.inc run-gpg run-gpgm run-gpg.patterns $(TESTS) $(TEST_FILES) +EXTRA_DIST = defs.inc run-gpg run-gpg.patterns $(TESTS) $(TEST_FILES) \ + mkdemodirs signdemokey CLEANFILES = prepared.stamp x y yy z out err $(DATA_FILES) \ plain-1 plain-2 plain-3 options trustdb.gpg *.lock .\#lk* \ pubring.gpg secring.gpg pubring.pkr secring.skr @@ -27,31 +28,34 @@ CLEANFILES = prepared.stamp x y yy z out err $(DATA_FILES) \ all-local: prepared.stamp +distclean-local: + ./mkdemodirs --clean + prepared.stamp: ./pubring.gpg ./secring.gpg ./plain-1 ./plain-2 ./plain-3 \ ./pubring.pkr ./secring.skr $(DATA_FILES) echo timestamp >./prepared.stamp ./pubring.gpg: $(srcdir)/pubring.asc - ../g10/gpgm --yes --dearmor -o ./pubring.gpg $(srcdir)/pubring.asc + ../g10/gpg --yes --dearmor -o ./pubring.gpg $(srcdir)/pubring.asc ./secring.gpg: $(srcdir)/secring.asc - ../g10/gpgm --yes --dearmor -o ./secring.gpg $(srcdir)/secring.asc + ../g10/gpg --yes --dearmor -o ./secring.gpg $(srcdir)/secring.asc ./pubring.pkr: $(srcdir)/pubring.pkr.asc - ../g10/gpgm --yes --dearmor -o ./pubring.pkr $(srcdir)/pubring.pkr.asc + ../g10/gpg --yes --dearmor -o ./pubring.pkr $(srcdir)/pubring.pkr.asc ./secring.skr: $(srcdir)/secring.skr.asc - ../g10/gpgm --yes --dearmor -o ./secring.skr $(srcdir)/secring.skr.asc + ../g10/gpg --yes --dearmor -o ./secring.skr $(srcdir)/secring.skr.asc ./plain-1: $(srcdir)/plain-1o.asc - ../g10/gpgm --yes --dearmor -o ./plain-1 $(srcdir)/plain-1o.asc + ../g10/gpg --yes --dearmor -o ./plain-1 $(srcdir)/plain-1o.asc ./plain-2: $(srcdir)/plain-2o.asc - ../g10/gpgm --yes --dearmor -o ./plain-2 $(srcdir)/plain-2o.asc + ../g10/gpg --yes --dearmor -o ./plain-2 $(srcdir)/plain-2o.asc ./plain-3: $(srcdir)/plain-3o.asc - ../g10/gpgm --yes --dearmor -o ./plain-3 $(srcdir)/plain-3o.asc + ../g10/gpg --yes --dearmor -o ./plain-3 $(srcdir)/plain-3o.asc diff --git a/checks/conventional.test b/checks/conventional.test index 6f78b0191..289a85095 100755 --- a/checks/conventional.test +++ b/checks/conventional.test @@ -2,6 +2,10 @@ . $srcdir/defs.inc || exit 3 +# temp. hack cause the format for 128 biut blocksize messages may change +GNUPG_ENABLE_TWOFISH=1 +export GNUPG_ENABLE_TWOFISH + #info Checking conventional encryption for i in plain-2 data-32000 ; do echo "Hier spricht HAL" | $srcdir/run-gpg --passphrase-fd 0 -c -o x --yes $i diff --git a/checks/mds.test b/checks/mds.test index 63bec7c05..98584b395 100755 --- a/checks/mds.test +++ b/checks/mds.test @@ -13,7 +13,7 @@ test_one () { failed="" #info Checking message digests -cat /dev/null | $srcdir/run-gpgm -v --print-mds >y +cat /dev/null | $srcdir/run-gpg -v --print-mds >y test_one "MD5" "D41D8CD98F00B204E9800998ECF8427E" test_one "SHA1" "DA39A3EE5E6B4B0D3255BFEF95601890AFD80709" test_one "RMD160" "9C1185A5C5E9FC54612808977EE8F548B2258D31" @@ -25,7 +25,7 @@ fi [ "$failed" != "" ] && error "$failed failed for empty string" -/bin/echo "abcdefghijklmnopqrstuvwxyz\c" | $srcdir/run-gpgm --print-mds >y +/bin/echo "abcdefghijklmnopqrstuvwxyz\c" | $srcdir/run-gpg --print-mds >y test_one "MD5" "C3FCD3D76192E4007DFB496CCA67E13B" test_one "SHA1" "32D10C7B8CF96570CA04CE37F2A19D84240D3A89" test_one "RMD160" "F71C27109C692C1B56BBDCEB5B9D2865B3708DBC" diff --git a/checks/mkdemodirs b/checks/mkdemodirs new file mode 100755 index 000000000..b0755ab48 --- /dev/null +++ b/checks/mkdemodirs @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +GPG="../g10/gpg --batch --quiet --no-secmem-warning" +NAMES='Alpha Bravo Charlie Delta Echo Foxtrot Golf Hotel India + Juliet Kilo Lima Mike November Oscar Papa Quebec Romeo + Sierra Tango Uniform Victor Whisky XRay Yankee Zulu' + +if [ "$1" = "--clean" ]; then + for i in $NAMES; do + [ -d $i ] && rm -r $i + done + exit 0 +fi + +$GPG --dearmor -o secdemo.gpg --yes ../checks/secdemo.asc +$GPG --dearmor -o pubdemo.gpg --yes ../checks/pubdemo.asc +[ -f ./tdb.tmp ] && rm ./tdb.tmp +GPGDEMO="$GPG --homedir . --trustdb-name ./tdb.tmp --no-default-keyring + --keyring pubdemo.gpg --secret-keyring secdemo.gpg" +/bin/echo "Creating:\c" +for name in $NAMES; do + /bin/echo " $name\c" + [ -d $name ] && rm -r $name + mkdir $name + $GPGDEMO --export-secret-key -o - $name | tee $name/Secret.gpg | \ + $GPG --homedir $name --import + $GPGDEMO --export -o - $name | tee $name/Public.gpg | \ + $GPG --homedir $name --import + [ -f $name/pubring.gpg~ ] && rm $name/pubring.gpg~ +done +echo "." +[ -f ./tdb.tmp ] && rm ./tdb.tmp +rm pubdemo.gpg secdemo.gpg + + diff --git a/checks/signdemokey b/checks/signdemokey new file mode 100755 index 000000000..e387446c2 --- /dev/null +++ b/checks/signdemokey @@ -0,0 +1,16 @@ +#!/bin/sh + +set -e + +if [ $# != 3 ]; then + echo "Usage: signdemokey name user_id user_id_no" + exit 1 +fi +name="$1" +user_id="$2" +user_id_no="$3" + +echo "abc" | ../g10/gpg --options ./options --homedir $name \ + --sign-key --batch --yes --passphrase-fd 0 $user_id \ + $user_id_no sign save + diff --git a/cipher/ChangeLog b/cipher/ChangeLog index 9b16f12ae..52dd247de 100644 --- a/cipher/ChangeLog +++ b/cipher/ChangeLog @@ -1,3 +1,13 @@ +Sun Apr 18 10:11:28 CEST 1999 Werner Koch + + * cipher.c (cipher_setiv): Add ivlen arg, changed all callers. + + * random.c (randomize_buffer): alway use secure memory because + we can't use m_is_secure() on a statically allocated buffer. + + * twofish.c: Replaced some macros by a loop to reduce text size. + * Makefile.am (twofish): No more need for sed editing. + Fri Apr 9 12:26:25 CEST 1999 Werner Koch * cipher.c (cipher_open): Reversed the changes for AUTO_CFB. diff --git a/cipher/Makefile.am b/cipher/Makefile.am index f42d682ac..b12781622 100644 --- a/cipher/Makefile.am +++ b/cipher/Makefile.am @@ -77,12 +77,15 @@ tiger: $(srcdir)/tiger.c tiger.o: $(srcdir)/tiger.c `echo $(COMPILE) -c $(srcdir)/tiger.c | sed -e 's/-O[2-9]*/-O1/g' ` -twofish: $(srcdir)/twofish.c - `echo $(COMPILE) $(DYNLINK_MOD_CFLAGS) -o twofish $(srcdir)/twofish.c | \ - sed -e 's/-O[0-9]*/ /g' ` +#twofish: $(srcdir)/twofish.c +# `echo $(COMPILE) $(DYNLINK_MOD_CFLAGS) -o twofish $(srcdir)/twofish.c | \ +# sed -e 's/-O[0-9]*/ /g' ` -twofish.o: $(srcdir)/twofish.c - `echo $(COMPILE) -c $(srcdir)/twofish.c | sed -e 's/-O[0-9]*/ /g' ` +twofish: $(srcdir)/twofish.c + $(COMPILE) $(DYNLINK_MOD_CFLAGS) -o twofish $(srcdir)/twofish.c + +#twofish.o: $(srcdir)/twofish.c +# `echo $(COMPILE) -c $(srcdir)/twofish.c | sed -e 's/-O[0-9]*/ /g' ` rndunix: $(srcdir)/rndunix.c diff --git a/cipher/cipher.c b/cipher/cipher.c index cba011be1..c3712f985 100644 --- a/cipher/cipher.c +++ b/cipher/cipher.c @@ -83,6 +83,7 @@ setup_cipher_table(void) int i; i = 0; + if( getenv("GNUPG_ENABLE_TWOFISH") ) { cipher_table[i].algo = CIPHER_ALGO_TWOFISH; cipher_table[i].name = twofish_get_info( cipher_table[i].algo, &cipher_table[i].keylen, @@ -94,6 +95,7 @@ setup_cipher_table(void) if( !cipher_table[i].name ) BUG(); i++; + } cipher_table[i].algo = CIPHER_ALGO_BLOWFISH; cipher_table[i].name = blowfish_get_info( cipher_table[i].algo, &cipher_table[i].keylen, @@ -368,12 +370,17 @@ cipher_setkey( CIPHER_HANDLE c, byte *key, unsigned keylen ) void -cipher_setiv( CIPHER_HANDLE c, const byte *iv ) +cipher_setiv( CIPHER_HANDLE c, const byte *iv, unsigned ivlen ) { - if( iv ) - memcpy( c->iv, iv, c->blocksize ); - else - memset( c->iv, 0, c->blocksize ); + memset( c->iv, 0, c->blocksize ); + if( iv ) { + if( ivlen != c->blocksize ) + log_info("WARNING: cipher_setiv: ivlen=%u blklen=%u\n", + ivlen, c->blocksize ); + if( ivlen > c->blocksize ) + ivlen = c->blocksize; + memcpy( c->iv, iv, ivlen ); + } c->unused = 0; } diff --git a/cipher/des.c b/cipher/des.c index 088f5e142..256e96bc9 100644 --- a/cipher/des.c +++ b/cipher/des.c @@ -799,7 +799,7 @@ selftest (void) /* * Triple-DES test (Do somebody known on official test?) * - * FIXME: This test doesn't use tripledes_set3keys() ! + * Note: This test doesn't use tripledes_set3keys() ! */ { int i; diff --git a/cipher/dynload.c b/cipher/dynload.c index b4ed77177..318867796 100644 --- a/cipher/dynload.c +++ b/cipher/dynload.c @@ -335,7 +335,6 @@ enum_gnupgext_digests( void **enum_context, else ctx = *enum_context; - /* fixme: have a look at the hint string */ for( r = ctx->r; r; r = r->next ) { int class, vers; diff --git a/cipher/elgamal.c b/cipher/elgamal.c index 90d5aca18..9d9058f97 100644 --- a/cipher/elgamal.c +++ b/cipher/elgamal.c @@ -245,11 +245,16 @@ encrypt(MPI a, MPI b, MPI input, ELG_public_key *pkey ) { MPI k; + /* Note: maybe we should change the interface, so that it + * is possible to check that input is < p and return an + * error code. + */ + k = gen_k( pkey->p ); mpi_powm( a, pkey->g, k, pkey->p ); /* b = (y^k * input) mod p * = ((y^k mod p) * (input mod p)) mod p - * and because input is < p (FIXME: check this!) + * and because input is < p * = ((y^k mod p) * input) mod p */ mpi_powm( b, pkey->y, k, pkey->p ); diff --git a/cipher/md.c b/cipher/md.c index 0a2974406..fc740479e 100644 --- a/cipher/md.c +++ b/cipher/md.c @@ -458,8 +458,8 @@ md_digest_length( int algo ) } -/* fixme: add a mode to enumerate the OIDs - * to make g10/sig-check.c more portable */ +/* Hmmm: add a mode to enumerate the OIDs + * to make g10/sig-check.c more portable */ const byte * md_asn_oid( int algo, size_t *asnlen, size_t *mdlen ) { diff --git a/cipher/pubkey.c b/cipher/pubkey.c index dbdd8ae2b..5695e7523 100644 --- a/cipher/pubkey.c +++ b/cipher/pubkey.c @@ -425,8 +425,6 @@ pubkey_encrypt( int algo, MPI *resarr, MPI data, MPI *pkey ) { int i, rc; - /* FIXME: check that data fits into the key (in xxx_encrypt)*/ - if( DBG_CIPHER ) { log_debug("pubkey_encrypt: algo=%d\n", algo ); for(i=0; i < pubkey_get_npkey(algo); i++ ) diff --git a/cipher/random.c b/cipher/random.c index a201c1dbb..396e1dbd9 100644 --- a/cipher/random.c +++ b/cipher/random.c @@ -147,7 +147,7 @@ quick_random_gen( int onoff ) void randomize_buffer( byte *buffer, size_t length, int level ) { - char *p = get_random_bits( length*8, level, m_is_secure(buffer) ); + char *p = get_random_bits( length*8, level, 1 ); memcpy( buffer, p, length ); m_free(p); } diff --git a/cipher/rndegd.c b/cipher/rndegd.c index 7fc1f494c..495586231 100644 --- a/cipher/rndegd.c +++ b/cipher/rndegd.c @@ -83,7 +83,10 @@ do_read( int fd, void *buf, size_t nbytes ) -/* fixme: level 1 is not yet handled */ +/* Note: we always use the highest level. + * TO boost the performance we may want to add some + * additional code for level 1 + */ static int gather_random( void (*add)(const void*, size_t, int), int requester, size_t length, int level ) diff --git a/cipher/twofish.c b/cipher/twofish.c index 6ab5ebaed..182f18c49 100644 --- a/cipher/twofish.c +++ b/cipher/twofish.c @@ -1,6 +1,7 @@ /* Twofish for GPG * By Matthew Skala , July 26, 1998 * 256-bit key length added March 20, 1999 + * Some modifications to reduce the text size by Werner Koch, April, 1998 * * The original author has disclaimed all copyright interest in this * code and thus putting it in the public domain. @@ -392,6 +393,75 @@ static const byte exp_to_poly[492] = { 0x71, 0xE2, 0x89, 0x5F, 0xBE, 0x31, 0x62, 0xC4, 0xC5, 0xC7, 0xC3, 0xCB }; + +/* The table constants are indices of + * S-box entries, preprocessed through q0 and q1. */ +static byte calc_sb_tbl[512] = { + 0xA9, 0x75, 0x67, 0xF3, 0xB3, 0xC6, 0xE8, 0xF4, + 0x04, 0xDB, 0xFD, 0x7B, 0xA3, 0xFB, 0x76, 0xC8, + 0x9A, 0x4A, 0x92, 0xD3, 0x80, 0xE6, 0x78, 0x6B, + 0xE4, 0x45, 0xDD, 0x7D, 0xD1, 0xE8, 0x38, 0x4B, + 0x0D, 0xD6, 0xC6, 0x32, 0x35, 0xD8, 0x98, 0xFD, + 0x18, 0x37, 0xF7, 0x71, 0xEC, 0xF1, 0x6C, 0xE1, + 0x43, 0x30, 0x75, 0x0F, 0x37, 0xF8, 0x26, 0x1B, + 0xFA, 0x87, 0x13, 0xFA, 0x94, 0x06, 0x48, 0x3F, + 0xF2, 0x5E, 0xD0, 0xBA, 0x8B, 0xAE, 0x30, 0x5B, + 0x84, 0x8A, 0x54, 0x00, 0xDF, 0xBC, 0x23, 0x9D, + 0x19, 0x6D, 0x5B, 0xC1, 0x3D, 0xB1, 0x59, 0x0E, + 0xF3, 0x80, 0xAE, 0x5D, 0xA2, 0xD2, 0x82, 0xD5, + 0x63, 0xA0, 0x01, 0x84, 0x83, 0x07, 0x2E, 0x14, + 0xD9, 0xB5, 0x51, 0x90, 0x9B, 0x2C, 0x7C, 0xA3, + 0xA6, 0xB2, 0xEB, 0x73, 0xA5, 0x4C, 0xBE, 0x54, + 0x16, 0x92, 0x0C, 0x74, 0xE3, 0x36, 0x61, 0x51, + 0xC0, 0x38, 0x8C, 0xB0, 0x3A, 0xBD, 0xF5, 0x5A, + 0x73, 0xFC, 0x2C, 0x60, 0x25, 0x62, 0x0B, 0x96, + 0xBB, 0x6C, 0x4E, 0x42, 0x89, 0xF7, 0x6B, 0x10, + 0x53, 0x7C, 0x6A, 0x28, 0xB4, 0x27, 0xF1, 0x8C, + 0xE1, 0x13, 0xE6, 0x95, 0xBD, 0x9C, 0x45, 0xC7, + 0xE2, 0x24, 0xF4, 0x46, 0xB6, 0x3B, 0x66, 0x70, + 0xCC, 0xCA, 0x95, 0xE3, 0x03, 0x85, 0x56, 0xCB, + 0xD4, 0x11, 0x1C, 0xD0, 0x1E, 0x93, 0xD7, 0xB8, + 0xFB, 0xA6, 0xC3, 0x83, 0x8E, 0x20, 0xB5, 0xFF, + 0xE9, 0x9F, 0xCF, 0x77, 0xBF, 0xC3, 0xBA, 0xCC, + 0xEA, 0x03, 0x77, 0x6F, 0x39, 0x08, 0xAF, 0xBF, + 0x33, 0x40, 0xC9, 0xE7, 0x62, 0x2B, 0x71, 0xE2, + 0x81, 0x79, 0x79, 0x0C, 0x09, 0xAA, 0xAD, 0x82, + 0x24, 0x41, 0xCD, 0x3A, 0xF9, 0xEA, 0xD8, 0xB9, + 0xE5, 0xE4, 0xC5, 0x9A, 0xB9, 0xA4, 0x4D, 0x97, + 0x44, 0x7E, 0x08, 0xDA, 0x86, 0x7A, 0xE7, 0x17, + 0xA1, 0x66, 0x1D, 0x94, 0xAA, 0xA1, 0xED, 0x1D, + 0x06, 0x3D, 0x70, 0xF0, 0xB2, 0xDE, 0xD2, 0xB3, + 0x41, 0x0B, 0x7B, 0x72, 0xA0, 0xA7, 0x11, 0x1C, + 0x31, 0xEF, 0xC2, 0xD1, 0x27, 0x53, 0x90, 0x3E, + 0x20, 0x8F, 0xF6, 0x33, 0x60, 0x26, 0xFF, 0x5F, + 0x96, 0xEC, 0x5C, 0x76, 0xB1, 0x2A, 0xAB, 0x49, + 0x9E, 0x81, 0x9C, 0x88, 0x52, 0xEE, 0x1B, 0x21, + 0x5F, 0xC4, 0x93, 0x1A, 0x0A, 0xEB, 0xEF, 0xD9, + 0x91, 0xC5, 0x85, 0x39, 0x49, 0x99, 0xEE, 0xCD, + 0x2D, 0xAD, 0x4F, 0x31, 0x8F, 0x8B, 0x3B, 0x01, + 0x47, 0x18, 0x87, 0x23, 0x6D, 0xDD, 0x46, 0x1F, + 0xD6, 0x4E, 0x3E, 0x2D, 0x69, 0xF9, 0x64, 0x48, + 0x2A, 0x4F, 0xCE, 0xF2, 0xCB, 0x65, 0x2F, 0x8E, + 0xFC, 0x78, 0x97, 0x5C, 0x05, 0x58, 0x7A, 0x19, + 0xAC, 0x8D, 0x7F, 0xE5, 0xD5, 0x98, 0x1A, 0x57, + 0x4B, 0x67, 0x0E, 0x7F, 0xA7, 0x05, 0x5A, 0x64, + 0x28, 0xAF, 0x14, 0x63, 0x3F, 0xB6, 0x29, 0xFE, + 0x88, 0xF5, 0x3C, 0xB7, 0x4C, 0x3C, 0x02, 0xA5, + 0xB8, 0xCE, 0xDA, 0xE9, 0xB0, 0x68, 0x17, 0x44, + 0x55, 0xE0, 0x1F, 0x4D, 0x8A, 0x43, 0x7D, 0x69, + 0x57, 0x29, 0xC7, 0x2E, 0x8D, 0xAC, 0x74, 0x15, + 0xB7, 0x59, 0xC4, 0xA8, 0x9F, 0x0A, 0x72, 0x9E, + 0x7E, 0x6E, 0x15, 0x47, 0x22, 0xDF, 0x12, 0x34, + 0x58, 0x35, 0x07, 0x6A, 0x99, 0xCF, 0x34, 0xDC, + 0x6E, 0x22, 0x50, 0xC9, 0xDE, 0xC0, 0x68, 0x9B, + 0x65, 0x89, 0xBC, 0xD4, 0xDB, 0xED, 0xF8, 0xAB, + 0xC8, 0x12, 0xA8, 0xA2, 0x2B, 0x0D, 0x40, 0x52, + 0xDC, 0xBB, 0xFE, 0x02, 0x32, 0x2F, 0xA4, 0xA9, + 0xCA, 0xD7, 0x10, 0x61, 0x21, 0x1E, 0xF0, 0xB4, + 0xD3, 0x50, 0x5D, 0x04, 0x0F, 0xF6, 0x00, 0xC2, + 0x6F, 0x16, 0x9D, 0x25, 0x36, 0x86, 0x42, 0x56, + 0x4A, 0x55, 0x5E, 0x09, 0xC1, 0xBE, 0xE0, 0x91 +}; /* Macro to perform one column of the RS matrix multiplication. The * parameters a, b, c, and d are the four bytes of output; i is the index * of the key bytes, and w, x, y, and z, are the column of constants from @@ -485,260 +555,136 @@ static const byte exp_to_poly[492] = { static int twofish_setkey (TWOFISH_context *ctx, const byte *key, const unsigned keylen) { - /* Temporaries for CALC_K. */ - u32 x, y; + int i, j, k; - /* The S vector used to key the S-boxes, split up into individual bytes. - * 128-bit keys use only sa through sh; 256-bit use all of them. */ - byte sa = 0, sb = 0, sc = 0, sd = 0, se = 0, sf = 0, sg = 0, sh = 0; - byte si = 0, sj = 0, sk = 0, sl = 0, sm = 0, sn = 0, so = 0, sp = 0; + /* Temporaries for CALC_K. */ + u32 x, y; - /* Temporary for CALC_S. */ - byte tmp; + /* The S vector used to key the S-boxes, split up into individual bytes. + * 128-bit keys use only sa through sh; 256-bit use all of them. */ + byte sa = 0, sb = 0, sc = 0, sd = 0, se = 0, sf = 0, sg = 0, sh = 0; + byte si = 0, sj = 0, sk = 0, sl = 0, sm = 0, sn = 0, so = 0, sp = 0; - /* Flags for self-test. */ - static int initialized = 0; - static const char *selftest_failed=0; + /* Temporary for CALC_S. */ + byte tmp; - /* Check key length. */ - if( ( ( keylen - 16 ) | 16 ) != 16 ) - return G10ERR_WRONG_KEYLEN; + /* Flags for self-test. */ + static int initialized = 0; + static const char *selftest_failed=0; - /* Do self-test if necessary. */ - if (!initialized) { - initialized = 1; - selftest_failed = selftest (); - if( selftest_failed ) - fprintf(stderr, "%s\n", selftest_failed ); - } - if( selftest_failed ) - return G10ERR_SELFTEST_FAILED; + /* Check key length. */ + if( ( ( keylen - 16 ) | 16 ) != 16 ) + return G10ERR_WRONG_KEYLEN; - /* Compute the first two words of the S vector. The magic numbers are - * the entries of the RS matrix, preprocessed through poly_to_exp. The - * numbers in the comments are the original (polynomial form) matrix - * entries. */ - CALC_S (sa, sb, sc, sd, 0, 0x00, 0x2D, 0x01, 0x2D); /* 01 A4 02 A4 */ - CALC_S (sa, sb, sc, sd, 1, 0x2D, 0xA4, 0x44, 0x8A); /* A4 56 A1 55 */ - CALC_S (sa, sb, sc, sd, 2, 0x8A, 0xD5, 0xBF, 0xD1); /* 55 82 FC 87 */ - CALC_S (sa, sb, sc, sd, 3, 0xD1, 0x7F, 0x3D, 0x99); /* 87 F3 C1 5A */ - CALC_S (sa, sb, sc, sd, 4, 0x99, 0x46, 0x66, 0x96); /* 5A 1E 47 58 */ - CALC_S (sa, sb, sc, sd, 5, 0x96, 0x3C, 0x5B, 0xED); /* 58 C6 AE DB */ - CALC_S (sa, sb, sc, sd, 6, 0xED, 0x37, 0x4F, 0xE0); /* DB 68 3D 9E */ - CALC_S (sa, sb, sc, sd, 7, 0xE0, 0xD0, 0x8C, 0x17); /* 9E E5 19 03 */ - CALC_S (se, sf, sg, sh, 8, 0x00, 0x2D, 0x01, 0x2D); /* 01 A4 02 A4 */ - CALC_S (se, sf, sg, sh, 9, 0x2D, 0xA4, 0x44, 0x8A); /* A4 56 A1 55 */ - CALC_S (se, sf, sg, sh, 10, 0x8A, 0xD5, 0xBF, 0xD1); /* 55 82 FC 87 */ - CALC_S (se, sf, sg, sh, 11, 0xD1, 0x7F, 0x3D, 0x99); /* 87 F3 C1 5A */ - CALC_S (se, sf, sg, sh, 12, 0x99, 0x46, 0x66, 0x96); /* 5A 1E 47 58 */ - CALC_S (se, sf, sg, sh, 13, 0x96, 0x3C, 0x5B, 0xED); /* 58 C6 AE DB */ - CALC_S (se, sf, sg, sh, 14, 0xED, 0x37, 0x4F, 0xE0); /* DB 68 3D 9E */ - CALC_S (se, sf, sg, sh, 15, 0xE0, 0xD0, 0x8C, 0x17); /* 9E E5 19 03 */ + /* Do self-test if necessary. */ + if (!initialized) { + initialized = 1; + selftest_failed = selftest (); + if( selftest_failed ) + fprintf(stderr, "%s\n", selftest_failed ); + } + if( selftest_failed ) + return G10ERR_SELFTEST_FAILED; - if (keylen == 32) { /* 256-bit key */ + /* Compute the first two words of the S vector. The magic numbers are + * the entries of the RS matrix, preprocessed through poly_to_exp. The + * numbers in the comments are the original (polynomial form) matrix + * entries. */ + CALC_S (sa, sb, sc, sd, 0, 0x00, 0x2D, 0x01, 0x2D); /* 01 A4 02 A4 */ + CALC_S (sa, sb, sc, sd, 1, 0x2D, 0xA4, 0x44, 0x8A); /* A4 56 A1 55 */ + CALC_S (sa, sb, sc, sd, 2, 0x8A, 0xD5, 0xBF, 0xD1); /* 55 82 FC 87 */ + CALC_S (sa, sb, sc, sd, 3, 0xD1, 0x7F, 0x3D, 0x99); /* 87 F3 C1 5A */ + CALC_S (sa, sb, sc, sd, 4, 0x99, 0x46, 0x66, 0x96); /* 5A 1E 47 58 */ + CALC_S (sa, sb, sc, sd, 5, 0x96, 0x3C, 0x5B, 0xED); /* 58 C6 AE DB */ + CALC_S (sa, sb, sc, sd, 6, 0xED, 0x37, 0x4F, 0xE0); /* DB 68 3D 9E */ + CALC_S (sa, sb, sc, sd, 7, 0xE0, 0xD0, 0x8C, 0x17); /* 9E E5 19 03 */ + CALC_S (se, sf, sg, sh, 8, 0x00, 0x2D, 0x01, 0x2D); /* 01 A4 02 A4 */ + CALC_S (se, sf, sg, sh, 9, 0x2D, 0xA4, 0x44, 0x8A); /* A4 56 A1 55 */ + CALC_S (se, sf, sg, sh, 10, 0x8A, 0xD5, 0xBF, 0xD1); /* 55 82 FC 87 */ + CALC_S (se, sf, sg, sh, 11, 0xD1, 0x7F, 0x3D, 0x99); /* 87 F3 C1 5A */ + CALC_S (se, sf, sg, sh, 12, 0x99, 0x46, 0x66, 0x96); /* 5A 1E 47 58 */ + CALC_S (se, sf, sg, sh, 13, 0x96, 0x3C, 0x5B, 0xED); /* 58 C6 AE DB */ + CALC_S (se, sf, sg, sh, 14, 0xED, 0x37, 0x4F, 0xE0); /* DB 68 3D 9E */ + CALC_S (se, sf, sg, sh, 15, 0xE0, 0xD0, 0x8C, 0x17); /* 9E E5 19 03 */ - /* Calculate the remaining two words of the S vector */ - CALC_S (si, sj, sk, sl, 16, 0x00, 0x2D, 0x01, 0x2D); /* 01 A4 02 A4 */ - CALC_S (si, sj, sk, sl, 17, 0x2D, 0xA4, 0x44, 0x8A); /* A4 56 A1 55 */ - CALC_S (si, sj, sk, sl, 18, 0x8A, 0xD5, 0xBF, 0xD1); /* 55 82 FC 87 */ - CALC_S (si, sj, sk, sl, 19, 0xD1, 0x7F, 0x3D, 0x99); /* 87 F3 C1 5A */ - CALC_S (si, sj, sk, sl, 20, 0x99, 0x46, 0x66, 0x96); /* 5A 1E 47 58 */ - CALC_S (si, sj, sk, sl, 21, 0x96, 0x3C, 0x5B, 0xED); /* 58 C6 AE DB */ - CALC_S (si, sj, sk, sl, 22, 0xED, 0x37, 0x4F, 0xE0); /* DB 68 3D 9E */ - CALC_S (si, sj, sk, sl, 23, 0xE0, 0xD0, 0x8C, 0x17); /* 9E E5 19 03 */ - CALC_S (sm, sn, so, sp, 24, 0x00, 0x2D, 0x01, 0x2D); /* 01 A4 02 A4 */ - CALC_S (sm, sn, so, sp, 25, 0x2D, 0xA4, 0x44, 0x8A); /* A4 56 A1 55 */ - CALC_S (sm, sn, so, sp, 26, 0x8A, 0xD5, 0xBF, 0xD1); /* 55 82 FC 87 */ - CALC_S (sm, sn, so, sp, 27, 0xD1, 0x7F, 0x3D, 0x99); /* 87 F3 C1 5A */ - CALC_S (sm, sn, so, sp, 28, 0x99, 0x46, 0x66, 0x96); /* 5A 1E 47 58 */ - CALC_S (sm, sn, so, sp, 29, 0x96, 0x3C, 0x5B, 0xED); /* 58 C6 AE DB */ - CALC_S (sm, sn, so, sp, 30, 0xED, 0x37, 0x4F, 0xE0); /* DB 68 3D 9E */ - CALC_S (sm, sn, so, sp, 31, 0xE0, 0xD0, 0x8C, 0x17); /* 9E E5 19 03 */ + if (keylen == 32) { /* 256-bit key */ + /* Calculate the remaining two words of the S vector */ + CALC_S (si, sj, sk, sl, 16, 0x00, 0x2D, 0x01, 0x2D); /* 01 A4 02 A4 */ + CALC_S (si, sj, sk, sl, 17, 0x2D, 0xA4, 0x44, 0x8A); /* A4 56 A1 55 */ + CALC_S (si, sj, sk, sl, 18, 0x8A, 0xD5, 0xBF, 0xD1); /* 55 82 FC 87 */ + CALC_S (si, sj, sk, sl, 19, 0xD1, 0x7F, 0x3D, 0x99); /* 87 F3 C1 5A */ + CALC_S (si, sj, sk, sl, 20, 0x99, 0x46, 0x66, 0x96); /* 5A 1E 47 58 */ + CALC_S (si, sj, sk, sl, 21, 0x96, 0x3C, 0x5B, 0xED); /* 58 C6 AE DB */ + CALC_S (si, sj, sk, sl, 22, 0xED, 0x37, 0x4F, 0xE0); /* DB 68 3D 9E */ + CALC_S (si, sj, sk, sl, 23, 0xE0, 0xD0, 0x8C, 0x17); /* 9E E5 19 03 */ + CALC_S (sm, sn, so, sp, 24, 0x00, 0x2D, 0x01, 0x2D); /* 01 A4 02 A4 */ + CALC_S (sm, sn, so, sp, 25, 0x2D, 0xA4, 0x44, 0x8A); /* A4 56 A1 55 */ + CALC_S (sm, sn, so, sp, 26, 0x8A, 0xD5, 0xBF, 0xD1); /* 55 82 FC 87 */ + CALC_S (sm, sn, so, sp, 27, 0xD1, 0x7F, 0x3D, 0x99); /* 87 F3 C1 5A */ + CALC_S (sm, sn, so, sp, 28, 0x99, 0x46, 0x66, 0x96); /* 5A 1E 47 58 */ + CALC_S (sm, sn, so, sp, 29, 0x96, 0x3C, 0x5B, 0xED); /* 58 C6 AE DB */ + CALC_S (sm, sn, so, sp, 30, 0xED, 0x37, 0x4F, 0xE0); /* DB 68 3D 9E */ + CALC_S (sm, sn, so, sp, 31, 0xE0, 0xD0, 0x8C, 0x17); /* 9E E5 19 03 */ - /* Compute the S-boxes. The constants are indices of - * S-box entries, preprocessed through q0 and q1. */ - CALC_SB256 (0, 0xA9, 0x75, 0x67, 0xF3, 0xB3, 0xC6, 0xE8, 0xF4); - CALC_SB256 (4, 0x04, 0xDB, 0xFD, 0x7B, 0xA3, 0xFB, 0x76, 0xC8); - CALC_SB256 (8, 0x9A, 0x4A, 0x92, 0xD3, 0x80, 0xE6, 0x78, 0x6B); - CALC_SB256 (12, 0xE4, 0x45, 0xDD, 0x7D, 0xD1, 0xE8, 0x38, 0x4B); - CALC_SB256 (16, 0x0D, 0xD6, 0xC6, 0x32, 0x35, 0xD8, 0x98, 0xFD); - CALC_SB256 (20, 0x18, 0x37, 0xF7, 0x71, 0xEC, 0xF1, 0x6C, 0xE1); - CALC_SB256 (24, 0x43, 0x30, 0x75, 0x0F, 0x37, 0xF8, 0x26, 0x1B); - CALC_SB256 (28, 0xFA, 0x87, 0x13, 0xFA, 0x94, 0x06, 0x48, 0x3F); - CALC_SB256 (32, 0xF2, 0x5E, 0xD0, 0xBA, 0x8B, 0xAE, 0x30, 0x5B); - CALC_SB256 (36, 0x84, 0x8A, 0x54, 0x00, 0xDF, 0xBC, 0x23, 0x9D); - CALC_SB256 (40, 0x19, 0x6D, 0x5B, 0xC1, 0x3D, 0xB1, 0x59, 0x0E); - CALC_SB256 (44, 0xF3, 0x80, 0xAE, 0x5D, 0xA2, 0xD2, 0x82, 0xD5); - CALC_SB256 (48, 0x63, 0xA0, 0x01, 0x84, 0x83, 0x07, 0x2E, 0x14); - CALC_SB256 (52, 0xD9, 0xB5, 0x51, 0x90, 0x9B, 0x2C, 0x7C, 0xA3); - CALC_SB256 (56, 0xA6, 0xB2, 0xEB, 0x73, 0xA5, 0x4C, 0xBE, 0x54); - CALC_SB256 (60, 0x16, 0x92, 0x0C, 0x74, 0xE3, 0x36, 0x61, 0x51); - CALC_SB256 (64, 0xC0, 0x38, 0x8C, 0xB0, 0x3A, 0xBD, 0xF5, 0x5A); - CALC_SB256 (68, 0x73, 0xFC, 0x2C, 0x60, 0x25, 0x62, 0x0B, 0x96); - CALC_SB256 (72, 0xBB, 0x6C, 0x4E, 0x42, 0x89, 0xF7, 0x6B, 0x10); - CALC_SB256 (76, 0x53, 0x7C, 0x6A, 0x28, 0xB4, 0x27, 0xF1, 0x8C); - CALC_SB256 (80, 0xE1, 0x13, 0xE6, 0x95, 0xBD, 0x9C, 0x45, 0xC7); - CALC_SB256 (84, 0xE2, 0x24, 0xF4, 0x46, 0xB6, 0x3B, 0x66, 0x70); - CALC_SB256 (88, 0xCC, 0xCA, 0x95, 0xE3, 0x03, 0x85, 0x56, 0xCB); - CALC_SB256 (92, 0xD4, 0x11, 0x1C, 0xD0, 0x1E, 0x93, 0xD7, 0xB8); - CALC_SB256 (96, 0xFB, 0xA6, 0xC3, 0x83, 0x8E, 0x20, 0xB5, 0xFF); - CALC_SB256 (100, 0xE9, 0x9F, 0xCF, 0x77, 0xBF, 0xC3, 0xBA, 0xCC); - CALC_SB256 (104, 0xEA, 0x03, 0x77, 0x6F, 0x39, 0x08, 0xAF, 0xBF); - CALC_SB256 (108, 0x33, 0x40, 0xC9, 0xE7, 0x62, 0x2B, 0x71, 0xE2); - CALC_SB256 (112, 0x81, 0x79, 0x79, 0x0C, 0x09, 0xAA, 0xAD, 0x82); - CALC_SB256 (116, 0x24, 0x41, 0xCD, 0x3A, 0xF9, 0xEA, 0xD8, 0xB9); - CALC_SB256 (120, 0xE5, 0xE4, 0xC5, 0x9A, 0xB9, 0xA4, 0x4D, 0x97); - CALC_SB256 (124, 0x44, 0x7E, 0x08, 0xDA, 0x86, 0x7A, 0xE7, 0x17); - CALC_SB256 (128, 0xA1, 0x66, 0x1D, 0x94, 0xAA, 0xA1, 0xED, 0x1D); - CALC_SB256 (132, 0x06, 0x3D, 0x70, 0xF0, 0xB2, 0xDE, 0xD2, 0xB3); - CALC_SB256 (136, 0x41, 0x0B, 0x7B, 0x72, 0xA0, 0xA7, 0x11, 0x1C); - CALC_SB256 (140, 0x31, 0xEF, 0xC2, 0xD1, 0x27, 0x53, 0x90, 0x3E); - CALC_SB256 (144, 0x20, 0x8F, 0xF6, 0x33, 0x60, 0x26, 0xFF, 0x5F); - CALC_SB256 (148, 0x96, 0xEC, 0x5C, 0x76, 0xB1, 0x2A, 0xAB, 0x49); - CALC_SB256 (152, 0x9E, 0x81, 0x9C, 0x88, 0x52, 0xEE, 0x1B, 0x21); - CALC_SB256 (156, 0x5F, 0xC4, 0x93, 0x1A, 0x0A, 0xEB, 0xEF, 0xD9); - CALC_SB256 (160, 0x91, 0xC5, 0x85, 0x39, 0x49, 0x99, 0xEE, 0xCD); - CALC_SB256 (164, 0x2D, 0xAD, 0x4F, 0x31, 0x8F, 0x8B, 0x3B, 0x01); - CALC_SB256 (168, 0x47, 0x18, 0x87, 0x23, 0x6D, 0xDD, 0x46, 0x1F); - CALC_SB256 (172, 0xD6, 0x4E, 0x3E, 0x2D, 0x69, 0xF9, 0x64, 0x48); - CALC_SB256 (176, 0x2A, 0x4F, 0xCE, 0xF2, 0xCB, 0x65, 0x2F, 0x8E); - CALC_SB256 (180, 0xFC, 0x78, 0x97, 0x5C, 0x05, 0x58, 0x7A, 0x19); - CALC_SB256 (184, 0xAC, 0x8D, 0x7F, 0xE5, 0xD5, 0x98, 0x1A, 0x57); - CALC_SB256 (188, 0x4B, 0x67, 0x0E, 0x7F, 0xA7, 0x05, 0x5A, 0x64); - CALC_SB256 (192, 0x28, 0xAF, 0x14, 0x63, 0x3F, 0xB6, 0x29, 0xFE); - CALC_SB256 (196, 0x88, 0xF5, 0x3C, 0xB7, 0x4C, 0x3C, 0x02, 0xA5); - CALC_SB256 (200, 0xB8, 0xCE, 0xDA, 0xE9, 0xB0, 0x68, 0x17, 0x44); - CALC_SB256 (204, 0x55, 0xE0, 0x1F, 0x4D, 0x8A, 0x43, 0x7D, 0x69); - CALC_SB256 (208, 0x57, 0x29, 0xC7, 0x2E, 0x8D, 0xAC, 0x74, 0x15); - CALC_SB256 (212, 0xB7, 0x59, 0xC4, 0xA8, 0x9F, 0x0A, 0x72, 0x9E); - CALC_SB256 (216, 0x7E, 0x6E, 0x15, 0x47, 0x22, 0xDF, 0x12, 0x34); - CALC_SB256 (220, 0x58, 0x35, 0x07, 0x6A, 0x99, 0xCF, 0x34, 0xDC); - CALC_SB256 (224, 0x6E, 0x22, 0x50, 0xC9, 0xDE, 0xC0, 0x68, 0x9B); - CALC_SB256 (228, 0x65, 0x89, 0xBC, 0xD4, 0xDB, 0xED, 0xF8, 0xAB); - CALC_SB256 (232, 0xC8, 0x12, 0xA8, 0xA2, 0x2B, 0x0D, 0x40, 0x52); - CALC_SB256 (236, 0xDC, 0xBB, 0xFE, 0x02, 0x32, 0x2F, 0xA4, 0xA9); - CALC_SB256 (240, 0xCA, 0xD7, 0x10, 0x61, 0x21, 0x1E, 0xF0, 0xB4); - CALC_SB256 (244, 0xD3, 0x50, 0x5D, 0x04, 0x0F, 0xF6, 0x00, 0xC2); - CALC_SB256 (248, 0x6F, 0x16, 0x9D, 0x25, 0x36, 0x86, 0x42, 0x56); - CALC_SB256 (252, 0x4A, 0x55, 0x5E, 0x09, 0xC1, 0xBE, 0xE0, 0x91); + /* Compute the S-boxes. */ + for(i=j=0,k=1; i < 256; i++, j += 2, k += 2 ) { + CALC_SB256_2( i, calc_sb_tbl[j], calc_sb_tbl[k] ); + } - /* Calculate whitening and round subkeys. The constants are - * indices of subkeys, preprocessed through q0 and q1. */ - CALC_K256 (w, 0, 0xA9, 0x75, 0x67, 0xF3); - CALC_K256 (w, 2, 0xB3, 0xC6, 0xE8, 0xF4); - CALC_K256 (w, 4, 0x04, 0xDB, 0xFD, 0x7B); - CALC_K256 (w, 6, 0xA3, 0xFB, 0x76, 0xC8); - CALC_K256 (k, 0, 0x9A, 0x4A, 0x92, 0xD3); - CALC_K256 (k, 2, 0x80, 0xE6, 0x78, 0x6B); - CALC_K256 (k, 4, 0xE4, 0x45, 0xDD, 0x7D); - CALC_K256 (k, 6, 0xD1, 0xE8, 0x38, 0x4B); - CALC_K256 (k, 8, 0x0D, 0xD6, 0xC6, 0x32); - CALC_K256 (k, 10, 0x35, 0xD8, 0x98, 0xFD); - CALC_K256 (k, 12, 0x18, 0x37, 0xF7, 0x71); - CALC_K256 (k, 14, 0xEC, 0xF1, 0x6C, 0xE1); - CALC_K256 (k, 16, 0x43, 0x30, 0x75, 0x0F); - CALC_K256 (k, 18, 0x37, 0xF8, 0x26, 0x1B); - CALC_K256 (k, 20, 0xFA, 0x87, 0x13, 0xFA); - CALC_K256 (k, 22, 0x94, 0x06, 0x48, 0x3F); - CALC_K256 (k, 24, 0xF2, 0x5E, 0xD0, 0xBA); - CALC_K256 (k, 26, 0x8B, 0xAE, 0x30, 0x5B); - CALC_K256 (k, 28, 0x84, 0x8A, 0x54, 0x00); - CALC_K256 (k, 30, 0xDF, 0xBC, 0x23, 0x9D); + /* Calculate whitening and round subkeys. The constants are + * indices of subkeys, preprocessed through q0 and q1. */ + CALC_K256 (w, 0, 0xA9, 0x75, 0x67, 0xF3); + CALC_K256 (w, 2, 0xB3, 0xC6, 0xE8, 0xF4); + CALC_K256 (w, 4, 0x04, 0xDB, 0xFD, 0x7B); + CALC_K256 (w, 6, 0xA3, 0xFB, 0x76, 0xC8); + CALC_K256 (k, 0, 0x9A, 0x4A, 0x92, 0xD3); + CALC_K256 (k, 2, 0x80, 0xE6, 0x78, 0x6B); + CALC_K256 (k, 4, 0xE4, 0x45, 0xDD, 0x7D); + CALC_K256 (k, 6, 0xD1, 0xE8, 0x38, 0x4B); + CALC_K256 (k, 8, 0x0D, 0xD6, 0xC6, 0x32); + CALC_K256 (k, 10, 0x35, 0xD8, 0x98, 0xFD); + CALC_K256 (k, 12, 0x18, 0x37, 0xF7, 0x71); + CALC_K256 (k, 14, 0xEC, 0xF1, 0x6C, 0xE1); + CALC_K256 (k, 16, 0x43, 0x30, 0x75, 0x0F); + CALC_K256 (k, 18, 0x37, 0xF8, 0x26, 0x1B); + CALC_K256 (k, 20, 0xFA, 0x87, 0x13, 0xFA); + CALC_K256 (k, 22, 0x94, 0x06, 0x48, 0x3F); + CALC_K256 (k, 24, 0xF2, 0x5E, 0xD0, 0xBA); + CALC_K256 (k, 26, 0x8B, 0xAE, 0x30, 0x5B); + CALC_K256 (k, 28, 0x84, 0x8A, 0x54, 0x00); + CALC_K256 (k, 30, 0xDF, 0xBC, 0x23, 0x9D); + } + else { + /* Compute the S-boxes. */ + for(i=j=0,k=1; i < 256; i++, j += 2, k += 2 ) { + CALC_SB_2( i, calc_sb_tbl[j], calc_sb_tbl[k] ); + } - } else { /* 128-bit key */ + /* Calculate whitening and round subkeys. The constants are + * indices of subkeys, preprocessed through q0 and q1. */ + CALC_K (w, 0, 0xA9, 0x75, 0x67, 0xF3); + CALC_K (w, 2, 0xB3, 0xC6, 0xE8, 0xF4); + CALC_K (w, 4, 0x04, 0xDB, 0xFD, 0x7B); + CALC_K (w, 6, 0xA3, 0xFB, 0x76, 0xC8); + CALC_K (k, 0, 0x9A, 0x4A, 0x92, 0xD3); + CALC_K (k, 2, 0x80, 0xE6, 0x78, 0x6B); + CALC_K (k, 4, 0xE4, 0x45, 0xDD, 0x7D); + CALC_K (k, 6, 0xD1, 0xE8, 0x38, 0x4B); + CALC_K (k, 8, 0x0D, 0xD6, 0xC6, 0x32); + CALC_K (k, 10, 0x35, 0xD8, 0x98, 0xFD); + CALC_K (k, 12, 0x18, 0x37, 0xF7, 0x71); + CALC_K (k, 14, 0xEC, 0xF1, 0x6C, 0xE1); + CALC_K (k, 16, 0x43, 0x30, 0x75, 0x0F); + CALC_K (k, 18, 0x37, 0xF8, 0x26, 0x1B); + CALC_K (k, 20, 0xFA, 0x87, 0x13, 0xFA); + CALC_K (k, 22, 0x94, 0x06, 0x48, 0x3F); + CALC_K (k, 24, 0xF2, 0x5E, 0xD0, 0xBA); + CALC_K (k, 26, 0x8B, 0xAE, 0x30, 0x5B); + CALC_K (k, 28, 0x84, 0x8A, 0x54, 0x00); + CALC_K (k, 30, 0xDF, 0xBC, 0x23, 0x9D); + } - /* Compute the S-boxes. The constants are indices of - * S-box entries, preprocessed through q0 and q1. */ - CALC_SB (0, 0xA9, 0x75, 0x67, 0xF3, 0xB3, 0xC6, 0xE8, 0xF4); - CALC_SB (4, 0x04, 0xDB, 0xFD, 0x7B, 0xA3, 0xFB, 0x76, 0xC8); - CALC_SB (8, 0x9A, 0x4A, 0x92, 0xD3, 0x80, 0xE6, 0x78, 0x6B); - CALC_SB (12, 0xE4, 0x45, 0xDD, 0x7D, 0xD1, 0xE8, 0x38, 0x4B); - CALC_SB (16, 0x0D, 0xD6, 0xC6, 0x32, 0x35, 0xD8, 0x98, 0xFD); - CALC_SB (20, 0x18, 0x37, 0xF7, 0x71, 0xEC, 0xF1, 0x6C, 0xE1); - CALC_SB (24, 0x43, 0x30, 0x75, 0x0F, 0x37, 0xF8, 0x26, 0x1B); - CALC_SB (28, 0xFA, 0x87, 0x13, 0xFA, 0x94, 0x06, 0x48, 0x3F); - CALC_SB (32, 0xF2, 0x5E, 0xD0, 0xBA, 0x8B, 0xAE, 0x30, 0x5B); - CALC_SB (36, 0x84, 0x8A, 0x54, 0x00, 0xDF, 0xBC, 0x23, 0x9D); - CALC_SB (40, 0x19, 0x6D, 0x5B, 0xC1, 0x3D, 0xB1, 0x59, 0x0E); - CALC_SB (44, 0xF3, 0x80, 0xAE, 0x5D, 0xA2, 0xD2, 0x82, 0xD5); - CALC_SB (48, 0x63, 0xA0, 0x01, 0x84, 0x83, 0x07, 0x2E, 0x14); - CALC_SB (52, 0xD9, 0xB5, 0x51, 0x90, 0x9B, 0x2C, 0x7C, 0xA3); - CALC_SB (56, 0xA6, 0xB2, 0xEB, 0x73, 0xA5, 0x4C, 0xBE, 0x54); - CALC_SB (60, 0x16, 0x92, 0x0C, 0x74, 0xE3, 0x36, 0x61, 0x51); - CALC_SB (64, 0xC0, 0x38, 0x8C, 0xB0, 0x3A, 0xBD, 0xF5, 0x5A); - CALC_SB (68, 0x73, 0xFC, 0x2C, 0x60, 0x25, 0x62, 0x0B, 0x96); - CALC_SB (72, 0xBB, 0x6C, 0x4E, 0x42, 0x89, 0xF7, 0x6B, 0x10); - CALC_SB (76, 0x53, 0x7C, 0x6A, 0x28, 0xB4, 0x27, 0xF1, 0x8C); - CALC_SB (80, 0xE1, 0x13, 0xE6, 0x95, 0xBD, 0x9C, 0x45, 0xC7); - CALC_SB (84, 0xE2, 0x24, 0xF4, 0x46, 0xB6, 0x3B, 0x66, 0x70); - CALC_SB (88, 0xCC, 0xCA, 0x95, 0xE3, 0x03, 0x85, 0x56, 0xCB); - CALC_SB (92, 0xD4, 0x11, 0x1C, 0xD0, 0x1E, 0x93, 0xD7, 0xB8); - CALC_SB (96, 0xFB, 0xA6, 0xC3, 0x83, 0x8E, 0x20, 0xB5, 0xFF); - CALC_SB (100, 0xE9, 0x9F, 0xCF, 0x77, 0xBF, 0xC3, 0xBA, 0xCC); - CALC_SB (104, 0xEA, 0x03, 0x77, 0x6F, 0x39, 0x08, 0xAF, 0xBF); - CALC_SB (108, 0x33, 0x40, 0xC9, 0xE7, 0x62, 0x2B, 0x71, 0xE2); - CALC_SB (112, 0x81, 0x79, 0x79, 0x0C, 0x09, 0xAA, 0xAD, 0x82); - CALC_SB (116, 0x24, 0x41, 0xCD, 0x3A, 0xF9, 0xEA, 0xD8, 0xB9); - CALC_SB (120, 0xE5, 0xE4, 0xC5, 0x9A, 0xB9, 0xA4, 0x4D, 0x97); - CALC_SB (124, 0x44, 0x7E, 0x08, 0xDA, 0x86, 0x7A, 0xE7, 0x17); - CALC_SB (128, 0xA1, 0x66, 0x1D, 0x94, 0xAA, 0xA1, 0xED, 0x1D); - CALC_SB (132, 0x06, 0x3D, 0x70, 0xF0, 0xB2, 0xDE, 0xD2, 0xB3); - CALC_SB (136, 0x41, 0x0B, 0x7B, 0x72, 0xA0, 0xA7, 0x11, 0x1C); - CALC_SB (140, 0x31, 0xEF, 0xC2, 0xD1, 0x27, 0x53, 0x90, 0x3E); - CALC_SB (144, 0x20, 0x8F, 0xF6, 0x33, 0x60, 0x26, 0xFF, 0x5F); - CALC_SB (148, 0x96, 0xEC, 0x5C, 0x76, 0xB1, 0x2A, 0xAB, 0x49); - CALC_SB (152, 0x9E, 0x81, 0x9C, 0x88, 0x52, 0xEE, 0x1B, 0x21); - CALC_SB (156, 0x5F, 0xC4, 0x93, 0x1A, 0x0A, 0xEB, 0xEF, 0xD9); - CALC_SB (160, 0x91, 0xC5, 0x85, 0x39, 0x49, 0x99, 0xEE, 0xCD); - CALC_SB (164, 0x2D, 0xAD, 0x4F, 0x31, 0x8F, 0x8B, 0x3B, 0x01); - CALC_SB (168, 0x47, 0x18, 0x87, 0x23, 0x6D, 0xDD, 0x46, 0x1F); - CALC_SB (172, 0xD6, 0x4E, 0x3E, 0x2D, 0x69, 0xF9, 0x64, 0x48); - CALC_SB (176, 0x2A, 0x4F, 0xCE, 0xF2, 0xCB, 0x65, 0x2F, 0x8E); - CALC_SB (180, 0xFC, 0x78, 0x97, 0x5C, 0x05, 0x58, 0x7A, 0x19); - CALC_SB (184, 0xAC, 0x8D, 0x7F, 0xE5, 0xD5, 0x98, 0x1A, 0x57); - CALC_SB (188, 0x4B, 0x67, 0x0E, 0x7F, 0xA7, 0x05, 0x5A, 0x64); - CALC_SB (192, 0x28, 0xAF, 0x14, 0x63, 0x3F, 0xB6, 0x29, 0xFE); - CALC_SB (196, 0x88, 0xF5, 0x3C, 0xB7, 0x4C, 0x3C, 0x02, 0xA5); - CALC_SB (200, 0xB8, 0xCE, 0xDA, 0xE9, 0xB0, 0x68, 0x17, 0x44); - CALC_SB (204, 0x55, 0xE0, 0x1F, 0x4D, 0x8A, 0x43, 0x7D, 0x69); - CALC_SB (208, 0x57, 0x29, 0xC7, 0x2E, 0x8D, 0xAC, 0x74, 0x15); - CALC_SB (212, 0xB7, 0x59, 0xC4, 0xA8, 0x9F, 0x0A, 0x72, 0x9E); - CALC_SB (216, 0x7E, 0x6E, 0x15, 0x47, 0x22, 0xDF, 0x12, 0x34); - CALC_SB (220, 0x58, 0x35, 0x07, 0x6A, 0x99, 0xCF, 0x34, 0xDC); - CALC_SB (224, 0x6E, 0x22, 0x50, 0xC9, 0xDE, 0xC0, 0x68, 0x9B); - CALC_SB (228, 0x65, 0x89, 0xBC, 0xD4, 0xDB, 0xED, 0xF8, 0xAB); - CALC_SB (232, 0xC8, 0x12, 0xA8, 0xA2, 0x2B, 0x0D, 0x40, 0x52); - CALC_SB (236, 0xDC, 0xBB, 0xFE, 0x02, 0x32, 0x2F, 0xA4, 0xA9); - CALC_SB (240, 0xCA, 0xD7, 0x10, 0x61, 0x21, 0x1E, 0xF0, 0xB4); - CALC_SB (244, 0xD3, 0x50, 0x5D, 0x04, 0x0F, 0xF6, 0x00, 0xC2); - CALC_SB (248, 0x6F, 0x16, 0x9D, 0x25, 0x36, 0x86, 0x42, 0x56); - CALC_SB (252, 0x4A, 0x55, 0x5E, 0x09, 0xC1, 0xBE, 0xE0, 0x91); - - /* Calculate whitening and round subkeys. The constants are - * indices of subkeys, preprocessed through q0 and q1. */ - CALC_K (w, 0, 0xA9, 0x75, 0x67, 0xF3); - CALC_K (w, 2, 0xB3, 0xC6, 0xE8, 0xF4); - CALC_K (w, 4, 0x04, 0xDB, 0xFD, 0x7B); - CALC_K (w, 6, 0xA3, 0xFB, 0x76, 0xC8); - CALC_K (k, 0, 0x9A, 0x4A, 0x92, 0xD3); - CALC_K (k, 2, 0x80, 0xE6, 0x78, 0x6B); - CALC_K (k, 4, 0xE4, 0x45, 0xDD, 0x7D); - CALC_K (k, 6, 0xD1, 0xE8, 0x38, 0x4B); - CALC_K (k, 8, 0x0D, 0xD6, 0xC6, 0x32); - CALC_K (k, 10, 0x35, 0xD8, 0x98, 0xFD); - CALC_K (k, 12, 0x18, 0x37, 0xF7, 0x71); - CALC_K (k, 14, 0xEC, 0xF1, 0x6C, 0xE1); - CALC_K (k, 16, 0x43, 0x30, 0x75, 0x0F); - CALC_K (k, 18, 0x37, 0xF8, 0x26, 0x1B); - CALC_K (k, 20, 0xFA, 0x87, 0x13, 0xFA); - CALC_K (k, 22, 0x94, 0x06, 0x48, 0x3F); - CALC_K (k, 24, 0xF2, 0x5E, 0xD0, 0xBA); - CALC_K (k, 26, 0x8B, 0xAE, 0x30, 0x5B); - CALC_K (k, 28, 0x84, 0x8A, 0x54, 0x00); - CALC_K (k, 30, 0xDF, 0xBC, 0x23, 0x9D); - } - - return 0; + return 0; } /* Macros to compute the g() function in the encryption and decryption diff --git a/doc/gpg.1pod b/doc/gpg.1pod index fee6d588d..42d4298bf 100644 --- a/doc/gpg.1pod +++ b/doc/gpg.1pod @@ -1,19 +1,14 @@ =head1 NAME -gpg, gpgm - GNU Privacy Guard +gpg - GNU Privacy Guard =head1 SYNOPSIS B [--homedir name] [--options file] [options] command [args] -B [--homedir name] [--options file] [options] command [args] - =head1 DESCRIPTION -B is the main program for the GnuPG system. B is a maintenance -tool which has some commands B does not have; it is there because -it does not handle sensitive data and therefore has no need to allocate -secure memory. Both programs may be merged in the future. +B is the main program for the GnuPG system. =head1 COMMANDS @@ -219,12 +214,12 @@ B<--recv-keys> I B<--export-ownertrust> List the assigned ownertrust values in ASCII format - for backup purposes [B only]. + for backup purposes B<--import-ownertrust> [I] Update the trustdb with the ownertrust values stored in I (or stdin if not given); existing - values will be overwritten. [B only]. + values will be overwritten. =head1 OPTIONS @@ -552,7 +547,7 @@ F Default location for extensions =head1 SEE ALSO -gpg(1) gpgm(1) +gpg(1) =head1 WARNINGS diff --git a/g10/ChangeLog b/g10/ChangeLog index fd8e718c7..5fc0e45ca 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,28 @@ +Sun Apr 18 10:11:28 CEST 1999 Werner Koch + + + * seckey-cert.c (do_check): Use real IV instead of a 0 one, so that + it works even if the length of the IV doesn't match the blocksize. + Removed the save_iv stuff. + (protect_secret_key): Likewise. Create the IV here. + * packet.h (PKT_secret_key): Increased size of IV field and add a + ivlen field. + * parse-packet.c (parse_key): Use the len protect.ivlen. + * build-packet.c (do_secret_key). Ditto. + + * getkey.c (key_byname): Close keyblocks. + + * Makefile.am (gpgm): Removed this + * g10.c: Merged gpg and gpgm + + * import.c (import): Utilize option quiet. + * tdbio.c (tdbio_set_dbname): Ditto. + * ringedit.c (add_keyblock_resource,keyring_copy): Ditto. + + * keyedit.c (sign_uids): Add some batch support. + + * g10.c (main): add call to tty_batchmode. + Fri Apr 9 12:26:25 CEST 1999 Werner Koch * status.c (write_status_text): Some more status codes. diff --git a/g10/Makefile.am b/g10/Makefile.am index cf0286d2c..5fadb2918 100644 --- a/g10/Makefile.am +++ b/g10/Makefile.am @@ -7,7 +7,7 @@ LDFLAGS = @LDFLAGS@ @DYNLINK_LDFLAGS@ needed_libs = ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a #noinst_PROGRAMS = gpgd -bin_PROGRAMS = gpg gpgm +bin_PROGRAMS = gpg common_source = \ build-packet.c \ @@ -64,12 +64,9 @@ gpg_SOURCES = g10.c \ verify.c \ decrypt.c \ keyedit.c \ + dearmor.c \ keygen.c - -gpgm_SOURCES = dearmor.c \ - $(common_source) - #gpgd_SOURCES = gpgd.c \ # ks-proto.h \ # ks-proto.c \ @@ -80,11 +77,6 @@ gpgm_SOURCES = dearmor.c \ LDADD = $(needed_libs) @ZLIBS@ @INTLLIBS@ -gpgm_LDADD = g10maint.o $(LDADD) - -g10maint.o: $(srcdir)/g10.c - $(COMPILE) -DIS_G10MAINT -o g10maint.o -c $(srcdir)/g10.c - $(PROGRAMS): $(needed_libs) @@ -92,6 +84,6 @@ $(PROGRAMS): $(needed_libs) install-data-local: $(mkinstalldirs) $(pkgdatadir) $(INSTALL_DATA) $(srcdir)/options.skel $(pkgdatadir)/options.skel - + rm $(bindir)/gpgm || ln -s $(bindir)/gpgm gpg diff --git a/g10/build-packet.c b/g10/build-packet.c index ca0837f6b..b3831eb32 100644 --- a/g10/build-packet.c +++ b/g10/build-packet.c @@ -343,7 +343,7 @@ do_secret_key( IOBUF out, int ctb, PKT_secret_key *sk ) if( is_RSA(sk->pubkey_algo) && sk->version < 4 && !sk->protect.s2k.mode ) { iobuf_put(a, sk->protect.algo ); - iobuf_write(a, sk->protect.iv, 8 ); + iobuf_write(a, sk->protect.iv, sk->protect.ivlen ); } else { iobuf_put(a, 0xff ); @@ -355,7 +355,7 @@ do_secret_key( IOBUF out, int ctb, PKT_secret_key *sk ) iobuf_write(a, sk->protect.s2k.salt, 8 ); if( sk->protect.s2k.mode == 3 ) iobuf_put(a, sk->protect.s2k.count ); - iobuf_write(a, sk->protect.iv, 8 ); + iobuf_write(a, sk->protect.iv, sk->protect.ivlen ); } } else diff --git a/g10/cipher.c b/g10/cipher.c index 5a7229f24..f0564e36d 100644 --- a/g10/cipher.c +++ b/g10/cipher.c @@ -64,10 +64,10 @@ write_header( cipher_filter_context_t *cfx, IOBUF a ) temp[nprefix+1] = temp[nprefix-1]; print_cipher_algo_note( cfx->dek->algo ); cfx->cipher_hd = cipher_open( cfx->dek->algo, CIPHER_MODE_AUTO_CFB, 1 ); - /*log_hexdump( "thekey", cfx->dek->key, cfx->dek->keylen );*/ +/* log_hexdump( "thekey", cfx->dek->key, cfx->dek->keylen );*/ cipher_setkey( cfx->cipher_hd, cfx->dek->key, cfx->dek->keylen ); - cipher_setiv( cfx->cipher_hd, NULL ); - /* log_hexdump( "prefix", temp, nprefix+2 );*/ + cipher_setiv( cfx->cipher_hd, NULL, 0 ); +/* log_hexdump( "prefix", temp, nprefix+2 ); */ cipher_encrypt( cfx->cipher_hd, temp, temp, nprefix+2); cipher_sync( cfx->cipher_hd ); iobuf_write(a, temp, nprefix+2); diff --git a/g10/encr-data.c b/g10/encr-data.c index ff0930775..c18a397bd 100644 --- a/g10/encr-data.c +++ b/g10/encr-data.c @@ -71,7 +71,7 @@ decrypt_data( PKT_encrypted *ed, DEK *dek ) BUG(); dfx.cipher_hd = cipher_open( dek->algo, CIPHER_MODE_AUTO_CFB, 1 ); - /*log_hexdump( "thekey", dek->key, dek->keylen );*/ +/* log_hexdump( "thekey", dek->key, dek->keylen );*/ rc = cipher_setkey( dfx.cipher_hd, dek->key, dek->keylen ); if( rc == G10ERR_WEAK_KEY ) log_info(_("WARNING: message was encrypted with " @@ -79,7 +79,7 @@ decrypt_data( PKT_encrypted *ed, DEK *dek ) else if( rc ) log_error("key setup failed: %s\n", g10_errstr(rc) ); - cipher_setiv( dfx.cipher_hd, NULL ); + cipher_setiv( dfx.cipher_hd, NULL, 0 ); if( ed->len ) { for(i=0; i < (nprefix+2) && ed->len; i++, ed->len-- ) { @@ -99,7 +99,7 @@ decrypt_data( PKT_encrypted *ed, DEK *dek ) cipher_decrypt( dfx.cipher_hd, temp, temp, nprefix+2); cipher_sync( dfx.cipher_hd ); p = temp; - /*log_hexdump( "prefix", temp, nprefix+2 );*/ +/* log_hexdump( "prefix", temp, nprefix+2 ); */ if( p[nprefix-2] != p[nprefix] || p[nprefix-1] != p[nprefix+1] ) { cipher_close(dfx.cipher_hd); return G10ERR_BAD_KEY; diff --git a/g10/g10.c b/g10/g10.c index 7e98f1e29..3ebcbe99f 100644 --- a/g10/g10.c +++ b/g10/g10.c @@ -45,10 +45,6 @@ #include "g10defs.h" #include "hkp.h" -#ifndef IS_G10MAINT - #define IS_G10 1 -#endif - enum cmd_and_opt_values { aNull = 0, oArmor = 'a', @@ -165,7 +161,6 @@ static ARGPARSE_OPTS opts[] = { { 300, NULL, 0, N_("@Commands:\n ") }, - #ifdef IS_G10 { aSign, "sign", 256, N_("|[file]|make a signature")}, { aClearsign, "clearsign", 256, N_("|[file]|make a clear text signature") }, { aDetachedSign, "detach-sign", 256, N_("make a detached signature")}, @@ -174,21 +169,16 @@ static ARGPARSE_OPTS opts[] = { { aStore, "store", 256, N_("store only")}, { aDecrypt, "decrypt", 256, N_("decrypt data (default)")}, { aVerify, "verify" , 256, N_("verify a signature")}, - #endif { aListKeys, "list-keys", 256, N_("list keys")}, { aListKeys, "list-public-keys", 256, "@" }, { aListSigs, "list-sigs", 256, N_("list keys and signatures")}, { aCheckKeys, "check-sigs",256, N_("check key signatures")}, { oFingerprint, "fingerprint", 256, N_("list keys and fingerprints")}, { aListSecretKeys, "list-secret-keys", 256, N_("list secret keys")}, - #ifdef IS_G10 { aKeygen, "gen-key", 256, N_("generate a new key pair")}, - #endif { aDeleteKey, "delete-key",256, N_("remove key from the public keyring")}, - #ifdef IS_G10 { aEditKey, "edit-key" ,256, N_("sign or edit a key")}, { aGenRevoke, "gen-revoke",256, N_("generate a revocation certificate")}, - #endif { aExport, "export" , 256, N_("export keys") }, { aSendKeys, "send-keys" , 256, N_("export keys to a key server") }, { aRecvKeys, "recv-keys" , 256, N_("import keys from a key server") }, @@ -197,7 +187,6 @@ static ARGPARSE_OPTS opts[] = { { aImport, "import", 256 , N_("import/merge keys")}, { aFastImport, "fast-import", 256 , "@"}, { aListPackets, "list-packets",256,N_("list only the sequence of packets")}, - #ifdef IS_G10MAINT { aExportOwnerTrust, "export-ownertrust", 256, N_("export the ownertrust values")}, { aImportOwnerTrust, @@ -215,7 +204,6 @@ static ARGPARSE_OPTS opts[] = { { aPrimegen, "gen-prime" , 256, "@" }, { aGenRandom, "gen-random" , 256, "@" }, #endif - #endif { 301, NULL, 0, N_("@\nOptions:\n ") }, @@ -224,12 +212,10 @@ static ARGPARSE_OPTS opts[] = { { oRecipient, "remote-user", 2, "@"}, /* old option name */ { oEncryptTo, "encrypt-to", 2, "@" }, { oNoEncryptTo, "no-encrypt-to", 0, "@" }, - #ifdef IS_G10 { oUser, "local-user",2, N_("use this user-id to sign or decrypt")}, { oCompress, NULL, 1, N_("|N|set compress level N (0 disables)") }, { oTextmodeShort, NULL, 0, "@"}, { oTextmode, "textmode", 0, N_("use canonical text mode")}, - #endif { oOutput, "output", 2, N_("use as output file")}, { oVerbose, "verbose", 0, N_("verbose") }, { oQuiet, "quiet", 0, N_("be somewhat more quiet") }, @@ -259,37 +245,25 @@ static ARGPARSE_OPTS opts[] = { N_("|NAME|use message digest algorithm NAME for passphrases")}, { oS2KCipher, "s2k-cipher-algo",2, N_("|NAME|use cipher algorithm NAME for passphrases")}, - #ifdef IS_G10 { oCipherAlgo, "cipher-algo", 2 , N_("|NAME|use cipher algorithm NAME")}, { oDigestAlgo, "digest-algo", 2 , N_("|NAME|use message digest algorithm NAME")}, { oCompressAlgo, "compress-algo", 1 , N_("|N|use compress algorithm N")}, { oThrowKeyid, "throw-keyid", 0, N_("throw keyid field of encrypted packets")}, - #else /* some dummies */ - { oCipherAlgo, "cipher-algo", 2 , "@"}, - { oDigestAlgo, "digest-algo", 2 , "@"}, - { oCompressAlgo, "compress-algo", 1 , "@"}, - #endif - #ifdef IS_G10 { 302, NULL, 0, N_("@\nExamples:\n\n" " -se -r Bob [file] sign and encrypt for user Bob\n" " --clearsign [file] make a clear text signature\n" " --detach-sign [file] make a detached signature\n" " --list-keys [names] show keys\n" " --fingerprint [names] show fingerprints\n" ) }, - #endif /* hidden options */ - #ifdef IS_G10MAINT { aExportOwnerTrust, "list-ownertrust",0 , "@"}, /* alias */ { aListTrustDB, "list-trustdb",0 , "@"}, { aListTrustPath, "list-trust-path",0, "@"}, - #endif - #ifdef IS_G10 { oKOption, NULL, 0, "@"}, { oPasswdFD, "passphrase-fd",1, "@" }, { aSignKey, "sign-key" ,256, "@" }, /* alias for edit-key */ - #endif { aDeleteSecretKey, "delete-secret-key",0, "@" }, { oQuickRandom, "quick-random", 0, "@"}, { oNoVerbose, "no-verbose", 0, "@"}, @@ -330,10 +304,8 @@ static char *build_list( const char *text, const char *(*mapf)(int), int (*chkf)(int) ); static void set_cmd( enum cmd_and_opt_values *ret_cmd, enum cmd_and_opt_values new_cmd ); -#ifdef IS_G10MAINT static void print_hex( byte *p, size_t n ); static void print_mds( const char *fname, int algo ); -#endif const char * strusage( int level ) @@ -341,12 +313,7 @@ strusage( int level ) static char *digests, *pubkeys, *ciphers; const char *p; switch( level ) { - case 11: p = - #ifdef IS_G10MAINT - "gpgm (GnuPG)"; - #else - "gpg (GnuPG)"; - #endif + case 11: p = "gpg (GnuPG)"; break; case 13: p = VERSION; break; case 17: p = PRINTABLE_OS_NAME; break; @@ -355,21 +322,12 @@ strusage( int level ) break; case 1: case 40: p = - #ifdef IS_G10MAINT - _("Usage: gpgm [options] [files] (-h for help)"); - #else _("Usage: gpg [options] [files] (-h for help)"); - #endif break; case 41: p = - #ifdef IS_G10MAINT - _("Syntax: gpgm [options] [files]\n" - "GnuPG maintenance utility\n"); - #else _("Syntax: gpg [options] [files]\n" "sign, check, encrypt or decrypt\n" "default operation depends on the input data\n"); - #endif break; case 31: p = _("\nSupported algorithms:\n"); break; @@ -446,11 +404,7 @@ i18n_init(void) static void wrong_args( const char *text) { - #ifdef IS_G10MAINT - fputs(_("usage: gpgm [options] "),stderr); - #else fputs(_("usage: gpg [options] "),stderr); - #endif fputs(text,stderr); putc('\n',stderr); g10_exit(2); @@ -532,11 +486,6 @@ main( int argc, char **argv ) trap_unaligned(); secmem_set_flags( secmem_get_flags() | 2 ); /* suspend warnings */ - #ifdef IS_G10MAINT - secmem_init( 0 ); /* disable use of secmem */ - maybe_setuid = 0; - log_set_name("gpgm"); - #else /* Please note that we may running SUID(ROOT), so be very CAREFUL * when adding any stuff between here and the call to * secmem_init() somewhere after the option parsing @@ -544,7 +493,6 @@ main( int argc, char **argv ) log_set_name("gpg"); secure_random_alloc(); /* put random number into secure memory */ disable_core_dumps(); - #endif init_signals(); create_dotlock(NULL); /* register locking cleanup */ i18n_init(); @@ -600,19 +548,13 @@ main( int argc, char **argv ) #ifdef USE_SHM_COPROCESSING if( opt.shm_coprocess ) { - #ifdef IS_G10 init_shm_coprocessing(requested_shm_size, 1 ); - #else - init_shm_coprocessing(requested_shm_size, 0 ); - #endif } #endif - #ifdef IS_G10 /* initialize the secure memory. */ secmem_init( 16384 ); maybe_setuid = 0; /* Okay, we are now working under our real uid */ - #endif if( default_config ) configname = make_filename(opt.homedir, "options", NULL ); @@ -661,7 +603,6 @@ main( int argc, char **argv ) case aDeleteSecretKey: set_cmd( &cmd, aDeleteSecretKey); break; case aDeleteKey: set_cmd( &cmd, aDeleteKey); break; - #ifdef IS_G10 case aDetachedSign: detached_sig = 1; set_cmd( &cmd, aSign ); break; case aSym: set_cmd( &cmd, aSym); break; case aDecrypt: set_cmd( &cmd, aDecrypt); break; @@ -674,11 +615,10 @@ main( int argc, char **argv ) case aClearsign: set_cmd( &cmd, aClearsign); break; case aGenRevoke: set_cmd( &cmd, aGenRevoke); break; case aVerify: set_cmd( &cmd, aVerify); break; - #else - #ifdef MAINTAINER_OPTIONS - case aPrimegen: set_cmd( &cmd, aPrimegen); break; - case aGenRandom: set_cmd( &cmd, aGenRandom); break; - #endif + #ifdef MAINTAINER_OPTIONS + case aPrimegen: set_cmd( &cmd, aPrimegen); break; + case aGenRandom: set_cmd( &cmd, aGenRandom); break; + #endif case aPrintMD: set_cmd( &cmd, aPrintMD); break; case aPrintMDs: set_cmd( &cmd, aPrintMDs); break; case aListTrustDB: set_cmd( &cmd, aListTrustDB); break; @@ -686,13 +626,10 @@ main( int argc, char **argv ) case aUpdateTrustDB: set_cmd( &cmd, aUpdateTrustDB); break; case aFixTrustDB: set_cmd( &cmd, aFixTrustDB); break; case aListTrustPath: set_cmd( &cmd, aListTrustPath); break; - case aDeArmor: set_cmd( &cmd, aDeArmor); break; - case aEnArmor: set_cmd( &cmd, aEnArmor); break; + case aDeArmor: set_cmd( &cmd, aDeArmor); greeting = 0; break; + case aEnArmor: set_cmd( &cmd, aEnArmor); greeting = 0; break; case aExportOwnerTrust: set_cmd( &cmd, aExportOwnerTrust); break; case aImportOwnerTrust: set_cmd( &cmd, aImportOwnerTrust); break; - #endif /* IS_G10MAINT */ - - case oArmor: opt.armor = 1; opt.no_armor=0; break; case oOutput: opt.outfile = pargs.r.ret_str; break; @@ -773,7 +710,6 @@ main( int argc, char **argv ) sl = add_to_strlist( &remusr, pargs.r.ret_str ); sl->flags = 1; break; - #ifdef IS_G10 case oRecipient: /* store the recipient */ add_to_strlist( &remusr, pargs.r.ret_str ); break; @@ -787,12 +723,6 @@ main( int argc, char **argv ) case oCipherAlgo: def_cipher_string = m_strdup(pargs.r.ret_str); break; case oDigestAlgo: def_digest_string = m_strdup(pargs.r.ret_str); break; case oNoSecmemWarn: secmem_set_flags( secmem_get_flags() | 1 ); break; - #else - case oCipherAlgo: - case oDigestAlgo: - case oNoSecmemWarn: - break; /* dummies */ - #endif case oCharset: if( set_native_charset( pargs.r.ret_str ) ) log_error(_("%s is not a valid character set\n"), @@ -824,6 +754,8 @@ main( int argc, char **argv ) log_info("NOTE: this is a development version!\n"); #endif } + if( opt.batch ) + tty_batchmode( 1 ); secmem_set_flags( secmem_get_flags() & ~2 ); /* resume warnings */ @@ -958,7 +890,6 @@ main( int argc, char **argv ) log_error_f( print_fname_stdin(fname), "store failed: %s\n", g10_errstr(rc) ); break; - #ifdef IS_G10 case aSym: /* encrypt the given file only with the symmetric cipher */ if( argc > 1 ) wrong_args(_("--symmetric [filename]")); @@ -1042,8 +973,6 @@ main( int argc, char **argv ) keyedit_menu(fname, locusr, NULL ); break; - #endif /* IS_G10 */ - case aDeleteSecretKey: if( argc != 1 ) wrong_args(_("--delete-secret-key username")); @@ -1086,13 +1015,11 @@ main( int argc, char **argv ) wrong_args(_("-k[v][v][v][c] [userid] [keyring]") ); break; - #ifdef IS_G10 case aKeygen: /* generate a key (interactive) */ if( argc ) wrong_args("--gen-key"); generate_keypair(); break; - #endif case aFastImport: case aImport: @@ -1133,15 +1060,12 @@ main( int argc, char **argv ) free_strlist(sl); break; - #ifdef IS_G10 case aGenRevoke: if( argc != 1 ) wrong_args("--gen-revoke user-id"); gen_revoke( *argv ); break; - #endif - #ifdef IS_G10MAINT case aDeArmor: if( argc > 1 ) wrong_args("--dearmor [file]"); @@ -1292,13 +1216,9 @@ main( int argc, char **argv ) import_ownertrust( argc? *argv:NULL ); break; - #endif /* IS_G10MAINT */ - - case aListPackets: opt.list_packets=1; default: - /* fixme: g10maint should do regular maintenace tasks here */ if( argc > 1 ) wrong_args(_("[filename]")); /* Issue some output for the unix newbie */ @@ -1351,7 +1271,6 @@ g10_exit( int rc ) -#ifdef IS_G10MAINT static void print_hex( byte *p, size_t n ) { @@ -1452,7 +1371,3 @@ print_mds( const char *fname, int algo ) fclose(fp); } - - -#endif /* IS_G10MAINT */ - diff --git a/g10/getkey.c b/g10/getkey.c index 4d16ecd84..505e1c071 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -702,6 +702,8 @@ key_byname( GETKEY_CTX *retctx, STRLIST namelist, if( retctx ) /* caller wants the context */ *retctx = ctx; else { + /* Hmmm, why not get_pubkey-end here?? */ + enum_keyblocks( 2, &ctx->kbpos, NULL ); /* close */ for(n=0; n < ctx->nitems; n++ ) m_free( ctx->items[n].namebuf ); m_free( ctx ); diff --git a/g10/import.c b/g10/import.c index 31965dcb9..0d8463c1e 100644 --- a/g10/import.c +++ b/g10/import.c @@ -163,7 +163,7 @@ import( IOBUF inp, int fast, const char* fname ) release_kbnode(keyblock); if( rc ) break; - if( !(++count % 100) ) + if( !(++count % 100) && !opt.quiet ) log_info(_("%lu keys so far processed\n"), count ); } if( rc == -1 ) @@ -171,31 +171,33 @@ import( IOBUF inp, int fast, const char* fname ) else if( rc && rc != G10ERR_INV_KEYRING ) log_error_f( fname, _("read error: %s\n"), g10_errstr(rc)); - log_info(_("Total number processed: %lu\n"), count ); - if( stats.no_user_id ) - log_info(_(" w/o user IDs: %lu\n"), stats.no_user_id ); - if( stats.imported || stats.imported_rsa ) { - log_info(_(" imported: %lu"), stats.imported ); - if( stats.imported_rsa ) - fprintf(stderr, " (RSA: %lu)", stats.imported_rsa ); - putc('\n', stderr); + if( !opt.quiet ) { + log_info(_("Total number processed: %lu\n"), count ); + if( stats.no_user_id ) + log_info(_(" w/o user IDs: %lu\n"), stats.no_user_id ); + if( stats.imported || stats.imported_rsa ) { + log_info(_(" imported: %lu"), stats.imported ); + if( stats.imported_rsa ) + fprintf(stderr, " (RSA: %lu)", stats.imported_rsa ); + putc('\n', stderr); + } + if( stats.unchanged ) + log_info(_(" unchanged: %lu\n"), stats.unchanged ); + if( stats.n_uids ) + log_info(_(" new user IDs: %lu\n"), stats.n_uids ); + if( stats.n_subk ) + log_info(_(" new subkeys: %lu\n"), stats.n_subk ); + if( stats.n_sigs ) + log_info(_(" new signatures: %lu\n"), stats.n_sigs ); + if( stats.n_revoc ) + log_info(_(" new key revocations: %lu\n"), stats.n_revoc ); + if( stats.secret_read ) + log_info(_(" secret keys read: %lu\n"), stats.secret_read ); + if( stats.secret_imported ) + log_info(_(" secret keys imported: %lu\n"), stats.secret_imported ); + if( stats.secret_dups ) + log_info(_(" secret keys unchanged: %lu\n"), stats.secret_dups ); } - if( stats.unchanged ) - log_info(_(" unchanged: %lu\n"), stats.unchanged ); - if( stats.n_uids ) - log_info(_(" new user IDs: %lu\n"), stats.n_uids ); - if( stats.n_subk ) - log_info(_(" new subkeys: %lu\n"), stats.n_subk ); - if( stats.n_sigs ) - log_info(_(" new signatures: %lu\n"), stats.n_sigs ); - if( stats.n_revoc ) - log_info(_(" new key revocations: %lu\n"), stats.n_revoc ); - if( stats.secret_read ) - log_info(_(" secret keys read: %lu\n"), stats.secret_read ); - if( stats.secret_imported ) - log_info(_(" secret keys imported: %lu\n"), stats.secret_imported ); - if( stats.secret_dups ) - log_info(_(" secret keys unchanged: %lu\n"), stats.secret_dups ); return rc; } @@ -553,7 +555,9 @@ import_secret_one( const char *fname, KBNODE keyblock ) _("can't write keyring: %s\n"), g10_errstr(rc) ); unlock_keyblock( &kbpos ); /* we are ready */ - log_info_f(fname, _("key %08lX: secret key imported\n"), (ulong)keyid[1]); + if( !opt.quiet ) + log_info_f(fname, _("key %08lX: secret key imported\n"), + (ulong)keyid[1]); stats.secret_imported++; } else if( !rc ) { /* we can't merge secret keys */ diff --git a/g10/keyedit.c b/g10/keyedit.c index ad53c37bb..7ae006a68 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -306,8 +306,11 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified, int local ) tty_printf( _("The signature will be marked as non-exportable.\n\n")); - if( !cpr_get_answer_is_yes("sign_uid.okay", _("Really sign? ")) ) - continue;; + + if( opt.batch && opt.answer_yes ) + ; + else if( !cpr_get_answer_is_yes("sign_uid.okay", _("Really sign? ")) ) + continue; /* now we can sign the user ids */ reloop: /* (must use this, because we are modifing the list) */ primary_pk = NULL; diff --git a/g10/packet.h b/g10/packet.h index 06fb92e8f..36115be5b 100644 --- a/g10/packet.h +++ b/g10/packet.h @@ -139,7 +139,8 @@ typedef struct { struct { byte algo; /* cipher used to protect the secret information*/ STRING2KEY s2k; - byte iv[8]; /* initialization vector for CFB mode */ + byte ivlen; /* used length of the iv */ + byte iv[16]; /* initialization vector for CFB mode */ } protect; MPI skey[PUBKEY_MAX_NSKEY]; u16 csum; /* checksum */ diff --git a/g10/parse-packet.c b/g10/parse-packet.c index 1683df0a2..61a226a39 100644 --- a/g10/parse-packet.c +++ b/g10/parse-packet.c @@ -1,5 +1,5 @@ /* parse-packet.c - read packets - * Copyright (C) 1998 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -1310,19 +1310,33 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen, printf( "\tprotect algo: %d (hash algo: %d)\n", sk->protect.algo, sk->protect.s2k.hash_algo ); } - if( pktlen < 8 ) { + /* It is really ugly that we don't know the size + * of the IV here in cases we are not aware of the algorithm. + * so a + * sk->protect.ivlen = cipher_get_blocksize(sk->protect.algo); + * won't work. The only solution I see is to hardwire it here. + */ + switch( sk->protect.algo ) { + case 7: case 8: case 9: /* reserved for AES */ + case 10: /* Twofish */ + sk->protect.ivlen = 16; + break; + default: + sk->protect.ivlen = 8; + } + if( pktlen < sk->protect.ivlen ) { rc = G10ERR_INVALID_PACKET; goto leave; } - for(i=0; i < 8 && pktlen; i++, pktlen-- ) + for(i=0; i < sk->protect.ivlen && pktlen; i++, pktlen-- ) temp[i] = iobuf_get_noeof(inp); if( list_mode ) { printf( "\tprotect IV: "); - for(i=0; i < 8; i++ ) + for(i=0; i < sk->protect.ivlen; i++ ) printf(" %02x", temp[i] ); putchar('\n'); } - memcpy(sk->protect.iv, temp, 8 ); + memcpy(sk->protect.iv, temp, sk->protect.ivlen ); } else sk->is_protected = 0; @@ -1330,7 +1344,7 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen, * If the user is so careless, not to protect his secret key, * we can assume, that he operates an open system :=(. * So we put the key into secure memory when we unprotect it. */ - if( is_v4 && sk->is_protected ){ + if( is_v4 && sk->is_protected ) { /* ugly; the length is encrypted too, so we read all * stuff up to the end of the packet into the first * skey element */ @@ -1539,14 +1553,14 @@ parse_encrypted( IOBUF inp, int pkttype, unsigned long pktlen, ed->len = pktlen; ed->buf = NULL; ed->new_ctb = new_ctb; - if( pktlen && pktlen < 10 ) { + if( pktlen && pktlen < 10 ) { /* actually this is blocksize+2 */ log_error("packet(%d) too short\n", pkttype); skip_rest(inp, pktlen); goto leave; } if( list_mode ) { if( pktlen ) - printf(":encrypted data packet:\n\tlength: %lu\n", pktlen-10); + printf(":encrypted data packet:\n\tlength: %lu\n", pktlen); else printf(":encrypted data packet:\n\tlength: unknown\n"); } diff --git a/g10/ringedit.c b/g10/ringedit.c index 30e30cefe..75baf8abd 100644 --- a/g10/ringedit.c +++ b/g10/ringedit.c @@ -298,7 +298,7 @@ add_keyblock_resource( const char *url, int force, int secret ) rc = G10ERR_OPEN_FILE; goto leave; } - else + else if( !opt.quiet ) log_info( _("%s: directory created\n"), filename ); copy_options_file( filename ); } @@ -329,7 +329,8 @@ add_keyblock_resource( const char *url, int force, int secret ) } } #endif - log_info(_("%s: keyring created\n"), filename ); + if( !opt.quiet ) + log_info(_("%s: keyring created\n"), filename ); } } #if HAVE_DOSISH_SYSTEM || 1 @@ -1344,7 +1345,7 @@ keyring_copy( KBPOS *kbpos, int mode, KBNODE root ) unlock_rentry( rentry ); return G10ERR_OPEN_FILE; } - else + else if( !opt.quiet ) log_info(_("%s: keyring created\n"), rentry->fname ); kbctx=NULL; diff --git a/g10/seckey-cert.c b/g10/seckey-cert.c index d875e6333..03cf3f2bf 100644 --- a/g10/seckey-cert.c +++ b/g10/seckey-cert.c @@ -48,7 +48,6 @@ do_check( PKT_secret_key *sk ) u32 keyid[4]; /* 4! because we need two of them */ CIPHER_HANDLE cipher_hd=NULL; PKT_secret_key *save_sk; - char save_iv[8]; if( sk->protect.algo == CIPHER_ALGO_NONE ) BUG(); @@ -70,11 +69,9 @@ do_check( PKT_secret_key *sk ) cipher_hd = cipher_open( sk->protect.algo, CIPHER_MODE_AUTO_CFB, 1); cipher_setkey( cipher_hd, dek->key, dek->keylen ); - cipher_setiv( cipher_hd, NULL ); m_free(dek); save_sk = copy_secret_key( NULL, sk ); - memcpy(save_iv, sk->protect.iv, 8 ); - cipher_decrypt( cipher_hd, sk->protect.iv, sk->protect.iv, 8 ); + cipher_setiv( cipher_hd, sk->protect.iv, sk->protect.ivlen ); csum = 0; if( sk->version >= 4 ) { int ndata; @@ -129,7 +126,6 @@ do_check( PKT_secret_key *sk ) if( csum != sk->csum ) { copy_secret_key( sk, save_sk ); free_secret_key( save_sk ); - memcpy( sk->protect.iv, save_iv, 8 ); return G10ERR_BAD_PASS; } /* the checksum may fail, so we also check the key itself */ @@ -137,7 +133,6 @@ do_check( PKT_secret_key *sk ) if( res ) { copy_secret_key( sk, save_sk ); free_secret_key( save_sk ); - memcpy( sk->protect.iv, save_iv, 8 ); return G10ERR_BAD_PASS; } free_secret_key( save_sk ); @@ -231,8 +226,12 @@ protect_secret_key( PKT_secret_key *sk, DEK *dek ) if( cipher_setkey( cipher_hd, dek->key, dek->keylen ) ) log_info(_("WARNING: Weak key detected" " - please change passphrase again.\n")); - cipher_setiv( cipher_hd, NULL ); - cipher_encrypt( cipher_hd, sk->protect.iv, sk->protect.iv, 8 ); + sk->protect.ivlen = cipher_get_blocksize( sk->protect.algo ); + assert( sk->protect.ivlen <= DIM(sk->protect.iv) ); + if( sk->protect.ivlen != 8 && sk->protect.ivlen != 16 ) + BUG(); /* yes, we are very careful */ + randomize_buffer(sk->protect.iv, sk->protect.ivlen, 1); + cipher_setiv( cipher_hd, sk->protect.iv, sk->protect.ivlen ); if( sk->version >= 4 ) { #define NMPIS (PUBKEY_MAX_NSKEY - PUBKEY_MAX_NPKEY) byte *bufarr[NMPIS]; diff --git a/g10/tdbio.c b/g10/tdbio.c index 9bcb6aa14..1d05aae37 100644 --- a/g10/tdbio.c +++ b/g10/tdbio.c @@ -443,7 +443,7 @@ tdbio_set_dbname( const char *new_dbname, int create ) #endif log_fatal( _("%s: can't create directory: %s\n"), fname, strerror(errno) ); - else + else if( !opt.quiet ) log_info( _("%s: directory created\n"), fname ); copy_options_file( fname ); } @@ -489,7 +489,8 @@ tdbio_set_dbname( const char *new_dbname, int create ) if( tdbio_read_record( 0, &rec, RECTYPE_VER ) ) log_fatal( _("%s: invalid trustdb created\n"), db_name ); - log_info(_("%s: trustdb created\n"), db_name); + if( !opt.quiet ) + log_info(_("%s: trustdb created\n"), db_name); return 0; } diff --git a/include/cipher.h b/include/cipher.h index cae310cfb..19b29771a 100644 --- a/include/cipher.h +++ b/include/cipher.h @@ -41,7 +41,7 @@ #define PUBKEY_ALGO_RSA 1 #define PUBKEY_ALGO_RSA_E 2 /* RSA encrypt only */ #define PUBKEY_ALGO_RSA_S 3 /* RSA sign only */ -#define PUBKEY_ALGO_ELGAMAL_E 16 /* encrypt only ElGamal (but not vor v3)*/ +#define PUBKEY_ALGO_ELGAMAL_E 16 /* encrypt only ElGamal (but not for v3)*/ #define PUBKEY_ALGO_DSA 17 #define PUBKEY_ALGO_ELGAMAL 20 /* sign and encrypt elgamal */ @@ -130,7 +130,7 @@ unsigned cipher_get_blocksize( int algo ); CIPHER_HANDLE cipher_open( int algo, int mode, int secure ); void cipher_close( CIPHER_HANDLE c ); int cipher_setkey( CIPHER_HANDLE c, byte *key, unsigned keylen ); -void cipher_setiv( CIPHER_HANDLE c, const byte *iv ); +void cipher_setiv( CIPHER_HANDLE c, const byte *iv, unsigned ivlen ); void cipher_encrypt( CIPHER_HANDLE c, byte *out, byte *in, unsigned nbytes ); void cipher_decrypt( CIPHER_HANDLE c, byte *out, byte *in, unsigned nbytes ); void cipher_sync( CIPHER_HANDLE c ); diff --git a/include/ttyio.h b/include/ttyio.h index e4119db86..8fd44448b 100644 --- a/include/ttyio.h +++ b/include/ttyio.h @@ -1,5 +1,5 @@ /* ttyio.h - * Copyright (C) 1998 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999 Free Software Foundation, Inc. * * This file is part of GNUPG. * @@ -20,6 +20,7 @@ #ifndef G10_TTYIO_H #define G10_TTYIO_H +int tty_batchmode( int onoff ); void tty_printf( const char *fmt, ... ); void tty_print_string( byte *p, size_t n ); char *tty_get( const char *prompt ); diff --git a/mpi/ChangeLog b/mpi/ChangeLog index c4e214e08..95f0e4055 100644 --- a/mpi/ChangeLog +++ b/mpi/ChangeLog @@ -1,3 +1,8 @@ +Sun Apr 18 10:11:28 CEST 1999 Werner Koch + + * mpih-mul.c (mpihelp_mul_n): Fixed use of memory region. + (mpihelp_mul): Ditto. + Wed Apr 7 20:51:39 CEST 1999 Werner Koch * Makefile.am: Explicit rules to invoke cpp on *.S diff --git a/mpi/mpi-pow.c b/mpi/mpi-pow.c index 96a1218d9..e8d55f9b9 100644 --- a/mpi/mpi-pow.c +++ b/mpi/mpi-pow.c @@ -52,7 +52,8 @@ mpi_powm( MPI res, MPI base, MPI exp, MPI mod) mpi_ptr_t xp_marker=NULL; int assign_rp=0; mpi_ptr_t tspace = NULL; - mpi_size_t tsize=0; /* to avoid compiler warning, fixme: check */ + mpi_size_t tsize=0; /* to avoid compiler warning */ + /* fixme: we should check that the warning is void*/ esize = exp->nlimbs; msize = mod->nlimbs; diff --git a/mpi/mpih-mul.c b/mpi/mpih-mul.c index b457a0b5f..7707c0e30 100644 --- a/mpi/mpih-mul.c +++ b/mpi/mpih-mul.c @@ -1,6 +1,5 @@ /* mpihelp-mul.c - MPI helper functions - * Copyright (C) 1998 Free Software Foundation, Inc. - * Copyright (C) 1994, 1996 Free Software Foundation, Inc. + * Copyright (C) 1994, 1996, 1998, 1999 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -346,14 +345,15 @@ mpih_sqr_n( mpi_ptr_t prodp, mpi_ptr_t up, mpi_size_t size, mpi_ptr_t tspace) void mpihelp_mul_n( mpi_ptr_t prodp, mpi_ptr_t up, mpi_ptr_t vp, mpi_size_t size) { - /* FIXME: mpi_alloc_limb_space, secure arg is wrong! */ + int secure; if( up == vp ) { if( size < KARATSUBA_THRESHOLD ) mpih_sqr_n_basecase( prodp, up, size ); else { mpi_ptr_t tspace; - tspace = mpi_alloc_limb_space( 2 * size, 0 ); + secure = m_is_secure( up ); + tspace = mpi_alloc_limb_space( 2 * size, secure ); mpih_sqr_n( prodp, up, size, tspace ); mpi_free_limb_space( tspace ); } @@ -363,7 +363,8 @@ mpihelp_mul_n( mpi_ptr_t prodp, mpi_ptr_t up, mpi_ptr_t vp, mpi_size_t size) mul_n_basecase( prodp, up, vp, size ); else { mpi_ptr_t tspace; - tspace = mpi_alloc_limb_space( 2 * size, 0 ); + secure = m_is_secure( up ) || m_is_secure( vp ); + tspace = mpi_alloc_limb_space( 2 * size, secure ); mul_n (prodp, up, vp, size, tspace); mpi_free_limb_space( tspace ); } @@ -436,16 +437,16 @@ mpihelp_mul( mpi_ptr_t prodp, mpi_ptr_t up, mpi_size_t usize, return cy; } - /* FIXME: mpi_alloc_limb_space, secure arg is wrong! */ - tspace = mpi_alloc_limb_space( 2 * vsize, 0 ); + tspace = mpi_alloc_limb_space( 2 * vsize, + m_is_secure( up ) || m_is_secure( vp ) ); MPN_MUL_N_RECURSE( prodp, up, vp, vsize, tspace ); prodp += vsize; up += vsize; usize -= vsize; if( usize >= vsize ) { - /* FIXME: mpi_alloc_limb_space, secure arg is wrong! */ - mpi_ptr_t tp = mpi_alloc_limb_space( 2 * vsize, 0 ); + mpi_ptr_t tp = mpi_alloc_limb_space( 2 * vsize, m_is_secure( up ) + || m_is_secure( vp ) ); do { MPN_MUL_N_RECURSE( tp, up, vp, vsize, tspace ); cy = mpihelp_add_n( prodp, prodp, tp, vsize ); diff --git a/mpi/mpiutil.c b/mpi/mpiutil.c index d90cd4d34..82ba87112 100644 --- a/mpi/mpiutil.c +++ b/mpi/mpiutil.c @@ -37,7 +37,7 @@ #endif /**************** - * fixme: It was a bad idea to use the number of limbs to allocate + * Note: It was a bad idea to use the number of limbs to allocate * because on a alpha the limbs are large but we normally need * integers of n bits - So we should chnage this to bits (or bytes). * @@ -159,7 +159,11 @@ mpi_resize( MPI a, unsigned nlimbs ) { if( nlimbs <= a->alloced ) return; /* no need to do it */ - /* FIXME: add realloc_secure based on a->secure */ + /* Note: a->secure is not used - instead the realloc functions + * take care of it. Maybe we should drop a->secure completely + * and rely on a mpi_is_secure function, which would be + * a wrapper around m_is_secure + */ #ifdef M_DEBUG if( a->d ) a->d = m_debug_realloc(a->d, nlimbs * sizeof(mpi_limb_t), info ); diff --git a/tools/bftest.c b/tools/bftest.c index edfb8e36a..1b24b1c3f 100644 --- a/tools/bftest.c +++ b/tools/bftest.c @@ -97,7 +97,7 @@ main(int argc, char **argv) hd = cipher_open( algo, CIPHER_MODE_CFB, 0 ); cipher_setkey( hd, *argv, strlen(*argv) ); - cipher_setiv( hd, NULL ); + cipher_setiv( hd, NULL, 0 ); while( (n = fread( buf, 1, size, stdin )) > 0 ) { if( encode ) cipher_encrypt( hd, buf, buf, n ); diff --git a/util/ChangeLog b/util/ChangeLog index 9720f3ced..6dac03492 100644 --- a/util/ChangeLog +++ b/util/ChangeLog @@ -1,3 +1,9 @@ +Sun Apr 18 10:11:28 CEST 1999 Werner Koch + + * argparse.c (store_alias): Disabled becuase it is not used. + + * ttyio.c (tty_batchmode): New + Sat Mar 20 11:44:21 CET 1999 Werner Koch * http.c: Swapped to includes. diff --git a/util/argparse.c b/util/argparse.c index 83efc0f64..707d75ecf 100644 --- a/util/argparse.c +++ b/util/argparse.c @@ -197,15 +197,20 @@ initialize( ARGPARSE_ARGS *arg, const char *filename, unsigned *lineno ) } - static void store_alias( ARGPARSE_ARGS *arg, char *name, char *value ) { + /* TODO: replace this dummy function with a rea one + * and fix the probelms IRIX has with (ALIAS_DEV)arg.. + * used as lvalue + */ +#if 0 ALIAS_DEF a = m_alloc( sizeof *a ); a->name = name; a->value = value; a->next = (ALIAS_DEF)arg->internal.aliases; (ALIAS_DEF)arg->internal.aliases = a; +#endif } /**************** @@ -418,7 +423,7 @@ find_long_option( ARGPARSE_ARGS *arg, /* see whether it is an alias */ for( a = args->internal.aliases; a; a = a->next ) { if( !strcmp( a->name, keyword) ) { - /* fixme: must parse the alias here */ + /* todo: must parse the alias here */ args->internal.cur_alias = a; return -3; /* alias available */ } diff --git a/util/http.c b/util/http.c index bdbfa41d3..1073e0433 100644 --- a/util/http.c +++ b/util/http.c @@ -270,7 +270,7 @@ do_parse_uri( PARSED_URI uri, int only_local_part ) if( !p || !*p ) /* we don't have a path */ return 0; /* and this is okay */ - /* fixme: here we have to check params */ + /* todo: here we have to check params */ /* do we have a query part */ if( (p2 = strchr( p, '?' )) ) @@ -463,7 +463,7 @@ build_rel_path( PARSED_URI uri ) /* count the needed space */ n = insert_escapes( NULL, uri->path, "%;?&" ); - /* fixme: add params */ + /* todo: build params */ for( r=uri->query; r; r = r->next ) { n++; /* '?'/'&' */ n += insert_escapes( NULL, r->name, "%;?&=" ); @@ -476,13 +476,13 @@ build_rel_path( PARSED_URI uri ) p = rel_path = m_alloc( n ); n = insert_escapes( p, uri->path, "%;?&" ); p += n; - /* fixme: add params */ + /* todo: add params */ for( r=uri->query; r; r = r->next ) { *p++ = r == uri->query? '?':'&'; n = insert_escapes( p, r->name, "%;?&=" ); p += n; *p++ = '='; - /* fixme: use valuelen */ + /* todo: use valuelen */ n = insert_escapes( p, r->value, "%;?&=" ); p += n; } @@ -526,7 +526,7 @@ parse_response( HTTP_HD hd ) if( !p2 ) return 0; /* assume http 0.9 */ p = p2; - /* fixme: add HTTP version number check here */ + /* todo: add HTTP version number check here */ if( (p2 = strpbrk( p, " \t" ) ) ) *p2++ = 0; if( !isdigit(p[0]) || !isdigit(p[1]) || !isdigit(p[2]) || p[3] ) { diff --git a/util/memory.c b/util/memory.c index 9f9f6c81f..4370c72ec 100644 --- a/util/memory.c +++ b/util/memory.c @@ -123,19 +123,20 @@ static void check_allmem( const char *info ); static void add_entry( byte *p, unsigned n, int mode, const char *info, const char *by ) { - unsigned idx; + unsigned index; struct memtbl_entry *e; struct info_entry *ie; if( memtbl_len < memtbl_size ) - idx = memtbl_len++; + index = memtbl_len++; else { + struct memtbl_entry *e; /* look for a used entry in the table. We take the first one, * so that freed entries remain as long as possible in the table * (free appends a new one) */ if( (e = memtbl_unused) ) { - idx = e - memtbl; + index = e - memtbl; memtbl_unused = e->next; e->next = NULL; } @@ -144,33 +145,32 @@ add_entry( byte *p, unsigned n, int mode, const char *info, const char *by ) memtbl_size = 100; if( !(memtbl = calloc( memtbl_size, sizeof *memtbl )) ) membug("memory debug table malloc failed\n"); - idx = 0; + index = 0; memtbl_len = 1; atexit( dump_table_at_exit ); } else { /* realloc */ - unsigned nn = memtbl_size / 4; /* enlarge by 25% */ - if(!(memtbl = realloc(memtbl, (memtbl_size+nn)*sizeof *memtbl))) + unsigned n = memtbl_size / 4; /* enlarge by 25% */ + if(!(memtbl = realloc(memtbl, (memtbl_size+n)*sizeof *memtbl))) membug("memory debug table realloc failed\n"); memset(memtbl+memtbl_size, 0, n*sizeof *memtbl ); - memtbl_size += nn; - idx = memtbl_len++; + memtbl_size += n; + index = memtbl_len++; } } } - e = memtbl+idx; + e = memtbl+index; if( e->inuse ) - membug("Ooops: entry %u is flagged as in use\n", idx); + membug("Ooops: entry %u is flagged as in use\n", index); e->user_p = p + 4; e->user_n = n; e->count++; if( e->next ) membug("Ooops: entry is in free entry list\n"); /* do we already have this info string */ - for( ie = info_strings[info_hash(info)]; ie; ie = ie->next ) { + for( ie = info_strings[info_hash(info)]; ie; ie = ie->next ) if( ie->info == info ) break; - } if( !ie ) { /* no: make a new entry */ if( !(ie = malloc( sizeof *ie )) ) membug("can't allocate info entry\n"); @@ -184,9 +184,9 @@ add_entry( byte *p, unsigned n, int mode, const char *info, const char *by ) e->inuse = 1; /* put the index at the start of the memory */ - p[0] = idx; - p[1] = idx >> 8 ; - p[2] = idx >> 16 ; + p[0] = index; + p[1] = index >> 8 ; + p[2] = index >> 16 ; p[3] = mode? MAGIC_SEC_BYTE : MAGIC_NOR_BYTE ; if( DBG_MEMORY ) log_debug( "%s allocates %u bytes using %s\n", info, e->user_n, by ); diff --git a/util/secmem.c b/util/secmem.c index 3db66c062..f48b0edb0 100644 --- a/util/secmem.c +++ b/util/secmem.c @@ -324,6 +324,8 @@ secmem_free( void *a ) mb = (MEMBLOCK*)((char*)a - ((size_t) &((MEMBLOCK*)0)->u.aligned.c)); size = mb->size; + /* This does not make much sense: probably this memory is held in the + * cache. We do it anyway: */ memset(mb, 0xff, size ); memset(mb, 0xaa, size ); memset(mb, 0x55, size ); diff --git a/util/strgutil.c b/util/strgutil.c index 79b93318f..5cef77bf6 100644 --- a/util/strgutil.c +++ b/util/strgutil.c @@ -47,6 +47,25 @@ static ushort koi82unicode[128] = { 0x042c,0x042b,0x0417,0x0428,0x042d,0x0429,0x0427,0x042a }; +static ushort latin2_unicode[128] = { + 0x0080,0x0081,0x0082,0x0083,0x0084,0x0085,0x0086,0x0087, + 0x0088,0x0089,0x008A,0x008B,0x008C,0x008D,0x008E,0x008F, + 0x0090,0x0091,0x0092,0x0093,0x0094,0x0095,0x0096,0x0097, + 0x0098,0x0099,0x009A,0x009B,0x009C,0x009D,0x009E,0x009F, + 0x00A0,0x0104,0x02D8,0x0141,0x00A4,0x013D,0x015A,0x00A7, + 0x00A8,0x0160,0x015E,0x0164,0x0179,0x00AD,0x017D,0x017B, + 0x00B0,0x0105,0x02DB,0x0142,0x00B4,0x013E,0x015B,0x02C7, + 0x00B8,0x0161,0x015F,0x0165,0x017A,0x02DD,0x017E,0x017C, + 0x0154,0x00C1,0x00C2,0x0102,0x00C4,0x0139,0x0106,0x00C7, + 0x010C,0x00C9,0x0118,0x00CB,0x011A,0x00CD,0x00CE,0x010E, + 0x0110,0x0143,0x0147,0x00D3,0x00D4,0x0150,0x00D6,0x00D7, + 0x0158,0x016E,0x00DA,0x0170,0x00DC,0x00DD,0x0162,0x00DF, + 0x0155,0x00E1,0x00E2,0x0103,0x00E4,0x013A,0x0107,0x00E7, + 0x010D,0x00E9,0x0119,0x00EB,0x011B,0x00ED,0x00EE,0x010F, + 0x0111,0x0144,0x0148,0x00F3,0x00F4,0x0151,0x00F6,0x00F7, + 0x0159,0x016F,0x00FA,0x0171,0x00FC,0x00FD,0x0163,0x02D9 +}; + void diff --git a/util/ttyio.c b/util/ttyio.c index b5d0a1302..0f0f144ef 100644 --- a/util/ttyio.c +++ b/util/ttyio.c @@ -57,6 +57,7 @@ static FILE *ttyfp = NULL; static int initialized; static int last_prompt_len; +static int batchmode; #ifdef HAVE_TCGETATTR static struct termios termsave; @@ -108,9 +109,11 @@ init_ttyfp(void) #elif defined(__EMX__) ttyfp = stdout; /* Fixme: replace by the real functions: see wklib */ #else - ttyfp = fopen("/dev/tty", "r+"); - if( !ttyfp ) - log_fatal("cannot open /dev/tty: %s\n", strerror(errno) ); + ttyfp = batchmode? stderr : fopen("/dev/tty", "r+"); + if( !ttyfp ) { + log_error("cannot open /dev/tty: %s\n", strerror(errno) ); + exit(2); + } #endif #ifdef HAVE_TCGETATTR atexit( cleanup ); @@ -118,6 +121,14 @@ init_ttyfp(void) initialized = 1; } +int +tty_batchmode( int onoff ) +{ + int old = batchmode; + if( onoff != -1 ) + batchmode = onoff; + return old; +} void tty_printf( const char *fmt, ... ) @@ -220,6 +231,11 @@ do_get( const char *prompt, int hidden ) byte cbuf[1]; int c, n, i; + if( batchmode ) { + log_error("Sorry, we are in batchmode - can't get input\n"); + exit(2); + } + if( !initialized ) init_ttyfp(); @@ -336,6 +352,8 @@ tty_kill_prompt() if( !initialized ) init_ttyfp(); + if( batchmode ) + last_prompt_len = 0; if( !last_prompt_len ) return; #if __MINGW32__