1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-05 12:31:50 +01:00

See ChangeLog: Sun Apr 18 10:11:28 CEST 1999 Werner Koch

This commit is contained in:
Werner Koch 1999-04-18 08:18:52 +00:00
parent 02d018f9c8
commit 1feae2011c
50 changed files with 547 additions and 502 deletions

3
NEWS
View File

@ -2,9 +2,12 @@
* Full Twofish support. It is now statically linked by default. * Full Twofish support. It is now statically linked by default.
The experimental 128 bit version is now disabled. The experimental 128 bit version is now disabled.
----> Hmmm, there is an internal conflict in the RFC ----> Hmmm, there is an internal conflict in the RFC
----> For now it is disabled
* Dropped support for the ancient Blowfish160 which is not OpenPGP. * Dropped support for the ancient Blowfish160 which is not OpenPGP.
* Merged gpgm and gpg into one binary.
Noteworthy changes in version 0.9.5 Noteworthy changes in version 0.9.5
----------------------------------- -----------------------------------

1
THANKS
View File

@ -75,6 +75,7 @@ Ross Golder rossigee@bigfoot.com
Serge Munhoven munhoven@mema.ucl.ac.be Serge Munhoven munhoven@mema.ucl.ac.be
SL Baur steve@xemacs.org SL Baur steve@xemacs.org
Stefan Karrmann S.Karrmann@gmx.net Stefan Karrmann S.Karrmann@gmx.net
Stefan Keller dres@cs.tu-berlin.de
Steffen Ullrich ccrlphr@xensei.com Steffen Ullrich ccrlphr@xensei.com
Steffen Zahn zahn@berlin.snafu.de Steffen Zahn zahn@berlin.snafu.de
Steven Bakker steven@icoe.att.com Steven Bakker steven@icoe.att.com

View File

@ -15,22 +15,6 @@ AM_CONDITIONAL(WITH_EGD, $perl_present)
and add util/egd to the top-level Makefile directory list inside a WITH_EGD and add util/egd to the top-level Makefile directory list inside a WITH_EGD
conditional. conditional.
====
/* we still have these if a signed signed more than one
* user ID. I don't think that is makes sense to sign
* more than one user ID; an exception might be a user ID
* which is to be removed in near future. Anyway it is
* always good to sign only those user ID which are
* unlikely to change. It might be good to insert a
* user ID which does not contain an email address and
* mark this one with a special signature flag or let
* sign_key() suggest a user ID w/o an email address
*/
* What shall we do if we have a valid subkey revocation certificate * What shall we do if we have a valid subkey revocation certificate
but no subkey binding? Is this a valid but revoked key? but no subkey binding? Is this a valid but revoked key?

7
TODO
View File

@ -6,7 +6,7 @@
* Check calculation of key validity. * Check calculation of key validity.
* See why we always get this "Hmmm public key lost" - Is it fixed? * See why we always get this "Hmmm, public key not anymore available"
* print a warning when a revoked/expired secret key is used. * print a warning when a revoked/expired secret key is used.
@ -24,10 +24,13 @@
* Solaris make has problems with the generated POTFILES - seems to be a * Solaris make has problems with the generated POTFILES - seems to be a
gettext bug. gettext bug.
* cvs -d :pserver:anoncvs@anoncvs.gnu.org:/gd/gnu/anoncvsroot co common
Nice to have Nice to have
------------ ------------
* Offcial test vectors for 3DES-EDE3
* use DEL and ^H for erasing the previous character (util/ttyio.c). * use DEL and ^H for erasing the previous character (util/ttyio.c).
* Print a warning if the directory mode is wrong. * Print a warning if the directory mode is wrong.
* replace the keyserver stuff either by a call to a specialized * replace the keyserver stuff either by a call to a specialized
@ -45,4 +48,6 @@ Nice to have
really make sense? really make sense?
* change the fake_data stuff to mpi_set_opaque * change the fake_data stuff to mpi_set_opaque
* Stats about used random numbers. * Stats about used random numbers.
* the pubkey encrypt functions should do some sanity checks.
* dynload: implement the hint stuff.

View File

@ -1,3 +1,9 @@
Sun Apr 18 10:11:28 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* mkdemodirs: New
* signdemokey: New.
* Makefile.am (distclean-local): New.
Wed Mar 17 13:09:03 CET 1999 Werner Koch <wk@isil.d.shuttle.de> Wed Mar 17 13:09:03 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* mds.test: replaced the "echo -n" * mds.test: replaced the "echo -n"

View File

@ -18,7 +18,8 @@ TEST_FILES = pubring.asc secring.asc plain-1o.asc plain-2o.asc plain-3o.asc \
DATA_FILES = data-500 data-9000 data-32000 data-80000 plain-large DATA_FILES = data-500 data-9000 data-32000 data-80000 plain-large
EXTRA_DIST = defs.inc run-gpg run-gpgm run-gpg.patterns $(TESTS) $(TEST_FILES) EXTRA_DIST = defs.inc run-gpg run-gpg.patterns $(TESTS) $(TEST_FILES) \
mkdemodirs signdemokey
CLEANFILES = prepared.stamp x y yy z out err $(DATA_FILES) \ CLEANFILES = prepared.stamp x y yy z out err $(DATA_FILES) \
plain-1 plain-2 plain-3 options trustdb.gpg *.lock .\#lk* \ plain-1 plain-2 plain-3 options trustdb.gpg *.lock .\#lk* \
pubring.gpg secring.gpg pubring.pkr secring.skr pubring.gpg secring.gpg pubring.pkr secring.skr
@ -27,31 +28,34 @@ CLEANFILES = prepared.stamp x y yy z out err $(DATA_FILES) \
all-local: prepared.stamp all-local: prepared.stamp
distclean-local:
./mkdemodirs --clean
prepared.stamp: ./pubring.gpg ./secring.gpg ./plain-1 ./plain-2 ./plain-3 \ prepared.stamp: ./pubring.gpg ./secring.gpg ./plain-1 ./plain-2 ./plain-3 \
./pubring.pkr ./secring.skr $(DATA_FILES) ./pubring.pkr ./secring.skr $(DATA_FILES)
echo timestamp >./prepared.stamp echo timestamp >./prepared.stamp
./pubring.gpg: $(srcdir)/pubring.asc ./pubring.gpg: $(srcdir)/pubring.asc
../g10/gpgm --yes --dearmor -o ./pubring.gpg $(srcdir)/pubring.asc ../g10/gpg --yes --dearmor -o ./pubring.gpg $(srcdir)/pubring.asc
./secring.gpg: $(srcdir)/secring.asc ./secring.gpg: $(srcdir)/secring.asc
../g10/gpgm --yes --dearmor -o ./secring.gpg $(srcdir)/secring.asc ../g10/gpg --yes --dearmor -o ./secring.gpg $(srcdir)/secring.asc
./pubring.pkr: $(srcdir)/pubring.pkr.asc ./pubring.pkr: $(srcdir)/pubring.pkr.asc
../g10/gpgm --yes --dearmor -o ./pubring.pkr $(srcdir)/pubring.pkr.asc ../g10/gpg --yes --dearmor -o ./pubring.pkr $(srcdir)/pubring.pkr.asc
./secring.skr: $(srcdir)/secring.skr.asc ./secring.skr: $(srcdir)/secring.skr.asc
../g10/gpgm --yes --dearmor -o ./secring.skr $(srcdir)/secring.skr.asc ../g10/gpg --yes --dearmor -o ./secring.skr $(srcdir)/secring.skr.asc
./plain-1: $(srcdir)/plain-1o.asc ./plain-1: $(srcdir)/plain-1o.asc
../g10/gpgm --yes --dearmor -o ./plain-1 $(srcdir)/plain-1o.asc ../g10/gpg --yes --dearmor -o ./plain-1 $(srcdir)/plain-1o.asc
./plain-2: $(srcdir)/plain-2o.asc ./plain-2: $(srcdir)/plain-2o.asc
../g10/gpgm --yes --dearmor -o ./plain-2 $(srcdir)/plain-2o.asc ../g10/gpg --yes --dearmor -o ./plain-2 $(srcdir)/plain-2o.asc
./plain-3: $(srcdir)/plain-3o.asc ./plain-3: $(srcdir)/plain-3o.asc
../g10/gpgm --yes --dearmor -o ./plain-3 $(srcdir)/plain-3o.asc ../g10/gpg --yes --dearmor -o ./plain-3 $(srcdir)/plain-3o.asc

View File

@ -2,6 +2,10 @@
. $srcdir/defs.inc || exit 3 . $srcdir/defs.inc || exit 3
# temp. hack cause the format for 128 biut blocksize messages may change
GNUPG_ENABLE_TWOFISH=1
export GNUPG_ENABLE_TWOFISH
#info Checking conventional encryption #info Checking conventional encryption
for i in plain-2 data-32000 ; do for i in plain-2 data-32000 ; do
echo "Hier spricht HAL" | $srcdir/run-gpg --passphrase-fd 0 -c -o x --yes $i echo "Hier spricht HAL" | $srcdir/run-gpg --passphrase-fd 0 -c -o x --yes $i

View File

@ -13,7 +13,7 @@ test_one () {
failed="" failed=""
#info Checking message digests #info Checking message digests
cat /dev/null | $srcdir/run-gpgm -v --print-mds >y cat /dev/null | $srcdir/run-gpg -v --print-mds >y
test_one "MD5" "D41D8CD98F00B204E9800998ECF8427E" test_one "MD5" "D41D8CD98F00B204E9800998ECF8427E"
test_one "SHA1" "DA39A3EE5E6B4B0D3255BFEF95601890AFD80709" test_one "SHA1" "DA39A3EE5E6B4B0D3255BFEF95601890AFD80709"
test_one "RMD160" "9C1185A5C5E9FC54612808977EE8F548B2258D31" test_one "RMD160" "9C1185A5C5E9FC54612808977EE8F548B2258D31"
@ -25,7 +25,7 @@ fi
[ "$failed" != "" ] && error "$failed failed for empty string" [ "$failed" != "" ] && error "$failed failed for empty string"
/bin/echo "abcdefghijklmnopqrstuvwxyz\c" | $srcdir/run-gpgm --print-mds >y /bin/echo "abcdefghijklmnopqrstuvwxyz\c" | $srcdir/run-gpg --print-mds >y
test_one "MD5" "C3FCD3D76192E4007DFB496CCA67E13B" test_one "MD5" "C3FCD3D76192E4007DFB496CCA67E13B"
test_one "SHA1" "32D10C7B8CF96570CA04CE37F2A19D84240D3A89" test_one "SHA1" "32D10C7B8CF96570CA04CE37F2A19D84240D3A89"
test_one "RMD160" "F71C27109C692C1B56BBDCEB5B9D2865B3708DBC" test_one "RMD160" "F71C27109C692C1B56BBDCEB5B9D2865B3708DBC"

37
checks/mkdemodirs Executable file
View File

@ -0,0 +1,37 @@
#!/bin/sh
set -e
GPG="../g10/gpg --batch --quiet --no-secmem-warning"
NAMES='Alpha Bravo Charlie Delta Echo Foxtrot Golf Hotel India
Juliet Kilo Lima Mike November Oscar Papa Quebec Romeo
Sierra Tango Uniform Victor Whisky XRay Yankee Zulu'
if [ "$1" = "--clean" ]; then
for i in $NAMES; do
[ -d $i ] && rm -r $i
done
exit 0
fi
$GPG --dearmor -o secdemo.gpg --yes ../checks/secdemo.asc
$GPG --dearmor -o pubdemo.gpg --yes ../checks/pubdemo.asc
[ -f ./tdb.tmp ] && rm ./tdb.tmp
GPGDEMO="$GPG --homedir . --trustdb-name ./tdb.tmp --no-default-keyring
--keyring pubdemo.gpg --secret-keyring secdemo.gpg"
/bin/echo "Creating:\c"
for name in $NAMES; do
/bin/echo " $name\c"
[ -d $name ] && rm -r $name
mkdir $name
$GPGDEMO --export-secret-key -o - $name | tee $name/Secret.gpg | \
$GPG --homedir $name --import
$GPGDEMO --export -o - $name | tee $name/Public.gpg | \
$GPG --homedir $name --import
[ -f $name/pubring.gpg~ ] && rm $name/pubring.gpg~
done
echo "."
[ -f ./tdb.tmp ] && rm ./tdb.tmp
rm pubdemo.gpg secdemo.gpg

16
checks/signdemokey Executable file
View File

@ -0,0 +1,16 @@
#!/bin/sh
set -e
if [ $# != 3 ]; then
echo "Usage: signdemokey name user_id user_id_no"
exit 1
fi
name="$1"
user_id="$2"
user_id_no="$3"
echo "abc" | ../g10/gpg --options ./options --homedir $name \
--sign-key --batch --yes --passphrase-fd 0 $user_id \
$user_id_no sign save

View File

@ -1,3 +1,13 @@
Sun Apr 18 10:11:28 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* cipher.c (cipher_setiv): Add ivlen arg, changed all callers.
* random.c (randomize_buffer): alway use secure memory because
we can't use m_is_secure() on a statically allocated buffer.
* twofish.c: Replaced some macros by a loop to reduce text size.
* Makefile.am (twofish): No more need for sed editing.
Fri Apr 9 12:26:25 CEST 1999 Werner Koch <wk@isil.d.shuttle.de> Fri Apr 9 12:26:25 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* cipher.c (cipher_open): Reversed the changes for AUTO_CFB. * cipher.c (cipher_open): Reversed the changes for AUTO_CFB.

View File

@ -77,12 +77,15 @@ tiger: $(srcdir)/tiger.c
tiger.o: $(srcdir)/tiger.c tiger.o: $(srcdir)/tiger.c
`echo $(COMPILE) -c $(srcdir)/tiger.c | sed -e 's/-O[2-9]*/-O1/g' ` `echo $(COMPILE) -c $(srcdir)/tiger.c | sed -e 's/-O[2-9]*/-O1/g' `
twofish: $(srcdir)/twofish.c #twofish: $(srcdir)/twofish.c
`echo $(COMPILE) $(DYNLINK_MOD_CFLAGS) -o twofish $(srcdir)/twofish.c | \ # `echo $(COMPILE) $(DYNLINK_MOD_CFLAGS) -o twofish $(srcdir)/twofish.c | \
sed -e 's/-O[0-9]*/ /g' ` # sed -e 's/-O[0-9]*/ /g' `
twofish.o: $(srcdir)/twofish.c twofish: $(srcdir)/twofish.c
`echo $(COMPILE) -c $(srcdir)/twofish.c | sed -e 's/-O[0-9]*/ /g' ` $(COMPILE) $(DYNLINK_MOD_CFLAGS) -o twofish $(srcdir)/twofish.c
#twofish.o: $(srcdir)/twofish.c
# `echo $(COMPILE) -c $(srcdir)/twofish.c | sed -e 's/-O[0-9]*/ /g' `
rndunix: $(srcdir)/rndunix.c rndunix: $(srcdir)/rndunix.c

View File

@ -83,6 +83,7 @@ setup_cipher_table(void)
int i; int i;
i = 0; i = 0;
if( getenv("GNUPG_ENABLE_TWOFISH") ) {
cipher_table[i].algo = CIPHER_ALGO_TWOFISH; cipher_table[i].algo = CIPHER_ALGO_TWOFISH;
cipher_table[i].name = twofish_get_info( cipher_table[i].algo, cipher_table[i].name = twofish_get_info( cipher_table[i].algo,
&cipher_table[i].keylen, &cipher_table[i].keylen,
@ -94,6 +95,7 @@ setup_cipher_table(void)
if( !cipher_table[i].name ) if( !cipher_table[i].name )
BUG(); BUG();
i++; i++;
}
cipher_table[i].algo = CIPHER_ALGO_BLOWFISH; cipher_table[i].algo = CIPHER_ALGO_BLOWFISH;
cipher_table[i].name = blowfish_get_info( cipher_table[i].algo, cipher_table[i].name = blowfish_get_info( cipher_table[i].algo,
&cipher_table[i].keylen, &cipher_table[i].keylen,
@ -368,12 +370,17 @@ cipher_setkey( CIPHER_HANDLE c, byte *key, unsigned keylen )
void void
cipher_setiv( CIPHER_HANDLE c, const byte *iv ) cipher_setiv( CIPHER_HANDLE c, const byte *iv, unsigned ivlen )
{ {
if( iv )
memcpy( c->iv, iv, c->blocksize );
else
memset( c->iv, 0, c->blocksize ); memset( c->iv, 0, c->blocksize );
if( iv ) {
if( ivlen != c->blocksize )
log_info("WARNING: cipher_setiv: ivlen=%u blklen=%u\n",
ivlen, c->blocksize );
if( ivlen > c->blocksize )
ivlen = c->blocksize;
memcpy( c->iv, iv, ivlen );
}
c->unused = 0; c->unused = 0;
} }

View File

@ -799,7 +799,7 @@ selftest (void)
/* /*
* Triple-DES test (Do somebody known on official test?) * Triple-DES test (Do somebody known on official test?)
* *
* FIXME: This test doesn't use tripledes_set3keys() ! * Note: This test doesn't use tripledes_set3keys() !
*/ */
{ {
int i; int i;

View File

@ -335,7 +335,6 @@ enum_gnupgext_digests( void **enum_context,
else else
ctx = *enum_context; ctx = *enum_context;
/* fixme: have a look at the hint string */
for( r = ctx->r; r; r = r->next ) { for( r = ctx->r; r; r = r->next ) {
int class, vers; int class, vers;

View File

@ -245,11 +245,16 @@ encrypt(MPI a, MPI b, MPI input, ELG_public_key *pkey )
{ {
MPI k; MPI k;
/* Note: maybe we should change the interface, so that it
* is possible to check that input is < p and return an
* error code.
*/
k = gen_k( pkey->p ); k = gen_k( pkey->p );
mpi_powm( a, pkey->g, k, pkey->p ); mpi_powm( a, pkey->g, k, pkey->p );
/* b = (y^k * input) mod p /* b = (y^k * input) mod p
* = ((y^k mod p) * (input mod p)) mod p * = ((y^k mod p) * (input mod p)) mod p
* and because input is < p (FIXME: check this!) * and because input is < p
* = ((y^k mod p) * input) mod p * = ((y^k mod p) * input) mod p
*/ */
mpi_powm( b, pkey->y, k, pkey->p ); mpi_powm( b, pkey->y, k, pkey->p );

View File

@ -458,7 +458,7 @@ md_digest_length( int algo )
} }
/* fixme: add a mode to enumerate the OIDs /* Hmmm: add a mode to enumerate the OIDs
* to make g10/sig-check.c more portable */ * to make g10/sig-check.c more portable */
const byte * const byte *
md_asn_oid( int algo, size_t *asnlen, size_t *mdlen ) md_asn_oid( int algo, size_t *asnlen, size_t *mdlen )

View File

@ -425,8 +425,6 @@ pubkey_encrypt( int algo, MPI *resarr, MPI data, MPI *pkey )
{ {
int i, rc; int i, rc;
/* FIXME: check that data fits into the key (in xxx_encrypt)*/
if( DBG_CIPHER ) { if( DBG_CIPHER ) {
log_debug("pubkey_encrypt: algo=%d\n", algo ); log_debug("pubkey_encrypt: algo=%d\n", algo );
for(i=0; i < pubkey_get_npkey(algo); i++ ) for(i=0; i < pubkey_get_npkey(algo); i++ )

View File

@ -147,7 +147,7 @@ quick_random_gen( int onoff )
void void
randomize_buffer( byte *buffer, size_t length, int level ) randomize_buffer( byte *buffer, size_t length, int level )
{ {
char *p = get_random_bits( length*8, level, m_is_secure(buffer) ); char *p = get_random_bits( length*8, level, 1 );
memcpy( buffer, p, length ); memcpy( buffer, p, length );
m_free(p); m_free(p);
} }

View File

@ -83,7 +83,10 @@ do_read( int fd, void *buf, size_t nbytes )
/* fixme: level 1 is not yet handled */ /* Note: we always use the highest level.
* TO boost the performance we may want to add some
* additional code for level 1
*/
static int static int
gather_random( void (*add)(const void*, size_t, int), int requester, gather_random( void (*add)(const void*, size_t, int), int requester,
size_t length, int level ) size_t length, int level )

View File

@ -1,6 +1,7 @@
/* Twofish for GPG /* Twofish for GPG
* By Matthew Skala <mskala@ansuz.sooke.bc.ca>, July 26, 1998 * By Matthew Skala <mskala@ansuz.sooke.bc.ca>, July 26, 1998
* 256-bit key length added March 20, 1999 * 256-bit key length added March 20, 1999
* Some modifications to reduce the text size by Werner Koch, April, 1998
* *
* The original author has disclaimed all copyright interest in this * The original author has disclaimed all copyright interest in this
* code and thus putting it in the public domain. * code and thus putting it in the public domain.
@ -392,6 +393,75 @@ static const byte exp_to_poly[492] = {
0x71, 0xE2, 0x89, 0x5F, 0xBE, 0x31, 0x62, 0xC4, 0xC5, 0xC7, 0xC3, 0xCB 0x71, 0xE2, 0x89, 0x5F, 0xBE, 0x31, 0x62, 0xC4, 0xC5, 0xC7, 0xC3, 0xCB
}; };
/* The table constants are indices of
* S-box entries, preprocessed through q0 and q1. */
static byte calc_sb_tbl[512] = {
0xA9, 0x75, 0x67, 0xF3, 0xB3, 0xC6, 0xE8, 0xF4,
0x04, 0xDB, 0xFD, 0x7B, 0xA3, 0xFB, 0x76, 0xC8,
0x9A, 0x4A, 0x92, 0xD3, 0x80, 0xE6, 0x78, 0x6B,
0xE4, 0x45, 0xDD, 0x7D, 0xD1, 0xE8, 0x38, 0x4B,
0x0D, 0xD6, 0xC6, 0x32, 0x35, 0xD8, 0x98, 0xFD,
0x18, 0x37, 0xF7, 0x71, 0xEC, 0xF1, 0x6C, 0xE1,
0x43, 0x30, 0x75, 0x0F, 0x37, 0xF8, 0x26, 0x1B,
0xFA, 0x87, 0x13, 0xFA, 0x94, 0x06, 0x48, 0x3F,
0xF2, 0x5E, 0xD0, 0xBA, 0x8B, 0xAE, 0x30, 0x5B,
0x84, 0x8A, 0x54, 0x00, 0xDF, 0xBC, 0x23, 0x9D,
0x19, 0x6D, 0x5B, 0xC1, 0x3D, 0xB1, 0x59, 0x0E,
0xF3, 0x80, 0xAE, 0x5D, 0xA2, 0xD2, 0x82, 0xD5,
0x63, 0xA0, 0x01, 0x84, 0x83, 0x07, 0x2E, 0x14,
0xD9, 0xB5, 0x51, 0x90, 0x9B, 0x2C, 0x7C, 0xA3,
0xA6, 0xB2, 0xEB, 0x73, 0xA5, 0x4C, 0xBE, 0x54,
0x16, 0x92, 0x0C, 0x74, 0xE3, 0x36, 0x61, 0x51,
0xC0, 0x38, 0x8C, 0xB0, 0x3A, 0xBD, 0xF5, 0x5A,
0x73, 0xFC, 0x2C, 0x60, 0x25, 0x62, 0x0B, 0x96,
0xBB, 0x6C, 0x4E, 0x42, 0x89, 0xF7, 0x6B, 0x10,
0x53, 0x7C, 0x6A, 0x28, 0xB4, 0x27, 0xF1, 0x8C,
0xE1, 0x13, 0xE6, 0x95, 0xBD, 0x9C, 0x45, 0xC7,
0xE2, 0x24, 0xF4, 0x46, 0xB6, 0x3B, 0x66, 0x70,
0xCC, 0xCA, 0x95, 0xE3, 0x03, 0x85, 0x56, 0xCB,
0xD4, 0x11, 0x1C, 0xD0, 0x1E, 0x93, 0xD7, 0xB8,
0xFB, 0xA6, 0xC3, 0x83, 0x8E, 0x20, 0xB5, 0xFF,
0xE9, 0x9F, 0xCF, 0x77, 0xBF, 0xC3, 0xBA, 0xCC,
0xEA, 0x03, 0x77, 0x6F, 0x39, 0x08, 0xAF, 0xBF,
0x33, 0x40, 0xC9, 0xE7, 0x62, 0x2B, 0x71, 0xE2,
0x81, 0x79, 0x79, 0x0C, 0x09, 0xAA, 0xAD, 0x82,
0x24, 0x41, 0xCD, 0x3A, 0xF9, 0xEA, 0xD8, 0xB9,
0xE5, 0xE4, 0xC5, 0x9A, 0xB9, 0xA4, 0x4D, 0x97,
0x44, 0x7E, 0x08, 0xDA, 0x86, 0x7A, 0xE7, 0x17,
0xA1, 0x66, 0x1D, 0x94, 0xAA, 0xA1, 0xED, 0x1D,
0x06, 0x3D, 0x70, 0xF0, 0xB2, 0xDE, 0xD2, 0xB3,
0x41, 0x0B, 0x7B, 0x72, 0xA0, 0xA7, 0x11, 0x1C,
0x31, 0xEF, 0xC2, 0xD1, 0x27, 0x53, 0x90, 0x3E,
0x20, 0x8F, 0xF6, 0x33, 0x60, 0x26, 0xFF, 0x5F,
0x96, 0xEC, 0x5C, 0x76, 0xB1, 0x2A, 0xAB, 0x49,
0x9E, 0x81, 0x9C, 0x88, 0x52, 0xEE, 0x1B, 0x21,
0x5F, 0xC4, 0x93, 0x1A, 0x0A, 0xEB, 0xEF, 0xD9,
0x91, 0xC5, 0x85, 0x39, 0x49, 0x99, 0xEE, 0xCD,
0x2D, 0xAD, 0x4F, 0x31, 0x8F, 0x8B, 0x3B, 0x01,
0x47, 0x18, 0x87, 0x23, 0x6D, 0xDD, 0x46, 0x1F,
0xD6, 0x4E, 0x3E, 0x2D, 0x69, 0xF9, 0x64, 0x48,
0x2A, 0x4F, 0xCE, 0xF2, 0xCB, 0x65, 0x2F, 0x8E,
0xFC, 0x78, 0x97, 0x5C, 0x05, 0x58, 0x7A, 0x19,
0xAC, 0x8D, 0x7F, 0xE5, 0xD5, 0x98, 0x1A, 0x57,
0x4B, 0x67, 0x0E, 0x7F, 0xA7, 0x05, 0x5A, 0x64,
0x28, 0xAF, 0x14, 0x63, 0x3F, 0xB6, 0x29, 0xFE,
0x88, 0xF5, 0x3C, 0xB7, 0x4C, 0x3C, 0x02, 0xA5,
0xB8, 0xCE, 0xDA, 0xE9, 0xB0, 0x68, 0x17, 0x44,
0x55, 0xE0, 0x1F, 0x4D, 0x8A, 0x43, 0x7D, 0x69,
0x57, 0x29, 0xC7, 0x2E, 0x8D, 0xAC, 0x74, 0x15,
0xB7, 0x59, 0xC4, 0xA8, 0x9F, 0x0A, 0x72, 0x9E,
0x7E, 0x6E, 0x15, 0x47, 0x22, 0xDF, 0x12, 0x34,
0x58, 0x35, 0x07, 0x6A, 0x99, 0xCF, 0x34, 0xDC,
0x6E, 0x22, 0x50, 0xC9, 0xDE, 0xC0, 0x68, 0x9B,
0x65, 0x89, 0xBC, 0xD4, 0xDB, 0xED, 0xF8, 0xAB,
0xC8, 0x12, 0xA8, 0xA2, 0x2B, 0x0D, 0x40, 0x52,
0xDC, 0xBB, 0xFE, 0x02, 0x32, 0x2F, 0xA4, 0xA9,
0xCA, 0xD7, 0x10, 0x61, 0x21, 0x1E, 0xF0, 0xB4,
0xD3, 0x50, 0x5D, 0x04, 0x0F, 0xF6, 0x00, 0xC2,
0x6F, 0x16, 0x9D, 0x25, 0x36, 0x86, 0x42, 0x56,
0x4A, 0x55, 0x5E, 0x09, 0xC1, 0xBE, 0xE0, 0x91
};
/* Macro to perform one column of the RS matrix multiplication. The /* Macro to perform one column of the RS matrix multiplication. The
* parameters a, b, c, and d are the four bytes of output; i is the index * parameters a, b, c, and d are the four bytes of output; i is the index
* of the key bytes, and w, x, y, and z, are the column of constants from * of the key bytes, and w, x, y, and z, are the column of constants from
@ -485,6 +555,8 @@ static const byte exp_to_poly[492] = {
static int static int
twofish_setkey (TWOFISH_context *ctx, const byte *key, const unsigned keylen) twofish_setkey (TWOFISH_context *ctx, const byte *key, const unsigned keylen)
{ {
int i, j, k;
/* Temporaries for CALC_K. */ /* Temporaries for CALC_K. */
u32 x, y; u32 x, y;
@ -536,7 +608,6 @@ twofish_setkey (TWOFISH_context *ctx, const byte *key, const unsigned keylen)
CALC_S (se, sf, sg, sh, 15, 0xE0, 0xD0, 0x8C, 0x17); /* 9E E5 19 03 */ CALC_S (se, sf, sg, sh, 15, 0xE0, 0xD0, 0x8C, 0x17); /* 9E E5 19 03 */
if (keylen == 32) { /* 256-bit key */ if (keylen == 32) { /* 256-bit key */
/* Calculate the remaining two words of the S vector */ /* Calculate the remaining two words of the S vector */
CALC_S (si, sj, sk, sl, 16, 0x00, 0x2D, 0x01, 0x2D); /* 01 A4 02 A4 */ CALC_S (si, sj, sk, sl, 16, 0x00, 0x2D, 0x01, 0x2D); /* 01 A4 02 A4 */
CALC_S (si, sj, sk, sl, 17, 0x2D, 0xA4, 0x44, 0x8A); /* A4 56 A1 55 */ CALC_S (si, sj, sk, sl, 17, 0x2D, 0xA4, 0x44, 0x8A); /* A4 56 A1 55 */
@ -555,72 +626,10 @@ twofish_setkey (TWOFISH_context *ctx, const byte *key, const unsigned keylen)
CALC_S (sm, sn, so, sp, 30, 0xED, 0x37, 0x4F, 0xE0); /* DB 68 3D 9E */ CALC_S (sm, sn, so, sp, 30, 0xED, 0x37, 0x4F, 0xE0); /* DB 68 3D 9E */
CALC_S (sm, sn, so, sp, 31, 0xE0, 0xD0, 0x8C, 0x17); /* 9E E5 19 03 */ CALC_S (sm, sn, so, sp, 31, 0xE0, 0xD0, 0x8C, 0x17); /* 9E E5 19 03 */
/* Compute the S-boxes. The constants are indices of /* Compute the S-boxes. */
* S-box entries, preprocessed through q0 and q1. */ for(i=j=0,k=1; i < 256; i++, j += 2, k += 2 ) {
CALC_SB256 (0, 0xA9, 0x75, 0x67, 0xF3, 0xB3, 0xC6, 0xE8, 0xF4); CALC_SB256_2( i, calc_sb_tbl[j], calc_sb_tbl[k] );
CALC_SB256 (4, 0x04, 0xDB, 0xFD, 0x7B, 0xA3, 0xFB, 0x76, 0xC8); }
CALC_SB256 (8, 0x9A, 0x4A, 0x92, 0xD3, 0x80, 0xE6, 0x78, 0x6B);
CALC_SB256 (12, 0xE4, 0x45, 0xDD, 0x7D, 0xD1, 0xE8, 0x38, 0x4B);
CALC_SB256 (16, 0x0D, 0xD6, 0xC6, 0x32, 0x35, 0xD8, 0x98, 0xFD);
CALC_SB256 (20, 0x18, 0x37, 0xF7, 0x71, 0xEC, 0xF1, 0x6C, 0xE1);
CALC_SB256 (24, 0x43, 0x30, 0x75, 0x0F, 0x37, 0xF8, 0x26, 0x1B);
CALC_SB256 (28, 0xFA, 0x87, 0x13, 0xFA, 0x94, 0x06, 0x48, 0x3F);
CALC_SB256 (32, 0xF2, 0x5E, 0xD0, 0xBA, 0x8B, 0xAE, 0x30, 0x5B);
CALC_SB256 (36, 0x84, 0x8A, 0x54, 0x00, 0xDF, 0xBC, 0x23, 0x9D);
CALC_SB256 (40, 0x19, 0x6D, 0x5B, 0xC1, 0x3D, 0xB1, 0x59, 0x0E);
CALC_SB256 (44, 0xF3, 0x80, 0xAE, 0x5D, 0xA2, 0xD2, 0x82, 0xD5);
CALC_SB256 (48, 0x63, 0xA0, 0x01, 0x84, 0x83, 0x07, 0x2E, 0x14);
CALC_SB256 (52, 0xD9, 0xB5, 0x51, 0x90, 0x9B, 0x2C, 0x7C, 0xA3);
CALC_SB256 (56, 0xA6, 0xB2, 0xEB, 0x73, 0xA5, 0x4C, 0xBE, 0x54);
CALC_SB256 (60, 0x16, 0x92, 0x0C, 0x74, 0xE3, 0x36, 0x61, 0x51);
CALC_SB256 (64, 0xC0, 0x38, 0x8C, 0xB0, 0x3A, 0xBD, 0xF5, 0x5A);
CALC_SB256 (68, 0x73, 0xFC, 0x2C, 0x60, 0x25, 0x62, 0x0B, 0x96);
CALC_SB256 (72, 0xBB, 0x6C, 0x4E, 0x42, 0x89, 0xF7, 0x6B, 0x10);
CALC_SB256 (76, 0x53, 0x7C, 0x6A, 0x28, 0xB4, 0x27, 0xF1, 0x8C);
CALC_SB256 (80, 0xE1, 0x13, 0xE6, 0x95, 0xBD, 0x9C, 0x45, 0xC7);
CALC_SB256 (84, 0xE2, 0x24, 0xF4, 0x46, 0xB6, 0x3B, 0x66, 0x70);
CALC_SB256 (88, 0xCC, 0xCA, 0x95, 0xE3, 0x03, 0x85, 0x56, 0xCB);
CALC_SB256 (92, 0xD4, 0x11, 0x1C, 0xD0, 0x1E, 0x93, 0xD7, 0xB8);
CALC_SB256 (96, 0xFB, 0xA6, 0xC3, 0x83, 0x8E, 0x20, 0xB5, 0xFF);
CALC_SB256 (100, 0xE9, 0x9F, 0xCF, 0x77, 0xBF, 0xC3, 0xBA, 0xCC);
CALC_SB256 (104, 0xEA, 0x03, 0x77, 0x6F, 0x39, 0x08, 0xAF, 0xBF);
CALC_SB256 (108, 0x33, 0x40, 0xC9, 0xE7, 0x62, 0x2B, 0x71, 0xE2);
CALC_SB256 (112, 0x81, 0x79, 0x79, 0x0C, 0x09, 0xAA, 0xAD, 0x82);
CALC_SB256 (116, 0x24, 0x41, 0xCD, 0x3A, 0xF9, 0xEA, 0xD8, 0xB9);
CALC_SB256 (120, 0xE5, 0xE4, 0xC5, 0x9A, 0xB9, 0xA4, 0x4D, 0x97);
CALC_SB256 (124, 0x44, 0x7E, 0x08, 0xDA, 0x86, 0x7A, 0xE7, 0x17);
CALC_SB256 (128, 0xA1, 0x66, 0x1D, 0x94, 0xAA, 0xA1, 0xED, 0x1D);
CALC_SB256 (132, 0x06, 0x3D, 0x70, 0xF0, 0xB2, 0xDE, 0xD2, 0xB3);
CALC_SB256 (136, 0x41, 0x0B, 0x7B, 0x72, 0xA0, 0xA7, 0x11, 0x1C);
CALC_SB256 (140, 0x31, 0xEF, 0xC2, 0xD1, 0x27, 0x53, 0x90, 0x3E);
CALC_SB256 (144, 0x20, 0x8F, 0xF6, 0x33, 0x60, 0x26, 0xFF, 0x5F);
CALC_SB256 (148, 0x96, 0xEC, 0x5C, 0x76, 0xB1, 0x2A, 0xAB, 0x49);
CALC_SB256 (152, 0x9E, 0x81, 0x9C, 0x88, 0x52, 0xEE, 0x1B, 0x21);
CALC_SB256 (156, 0x5F, 0xC4, 0x93, 0x1A, 0x0A, 0xEB, 0xEF, 0xD9);
CALC_SB256 (160, 0x91, 0xC5, 0x85, 0x39, 0x49, 0x99, 0xEE, 0xCD);
CALC_SB256 (164, 0x2D, 0xAD, 0x4F, 0x31, 0x8F, 0x8B, 0x3B, 0x01);
CALC_SB256 (168, 0x47, 0x18, 0x87, 0x23, 0x6D, 0xDD, 0x46, 0x1F);
CALC_SB256 (172, 0xD6, 0x4E, 0x3E, 0x2D, 0x69, 0xF9, 0x64, 0x48);
CALC_SB256 (176, 0x2A, 0x4F, 0xCE, 0xF2, 0xCB, 0x65, 0x2F, 0x8E);
CALC_SB256 (180, 0xFC, 0x78, 0x97, 0x5C, 0x05, 0x58, 0x7A, 0x19);
CALC_SB256 (184, 0xAC, 0x8D, 0x7F, 0xE5, 0xD5, 0x98, 0x1A, 0x57);
CALC_SB256 (188, 0x4B, 0x67, 0x0E, 0x7F, 0xA7, 0x05, 0x5A, 0x64);
CALC_SB256 (192, 0x28, 0xAF, 0x14, 0x63, 0x3F, 0xB6, 0x29, 0xFE);
CALC_SB256 (196, 0x88, 0xF5, 0x3C, 0xB7, 0x4C, 0x3C, 0x02, 0xA5);
CALC_SB256 (200, 0xB8, 0xCE, 0xDA, 0xE9, 0xB0, 0x68, 0x17, 0x44);
CALC_SB256 (204, 0x55, 0xE0, 0x1F, 0x4D, 0x8A, 0x43, 0x7D, 0x69);
CALC_SB256 (208, 0x57, 0x29, 0xC7, 0x2E, 0x8D, 0xAC, 0x74, 0x15);
CALC_SB256 (212, 0xB7, 0x59, 0xC4, 0xA8, 0x9F, 0x0A, 0x72, 0x9E);
CALC_SB256 (216, 0x7E, 0x6E, 0x15, 0x47, 0x22, 0xDF, 0x12, 0x34);
CALC_SB256 (220, 0x58, 0x35, 0x07, 0x6A, 0x99, 0xCF, 0x34, 0xDC);
CALC_SB256 (224, 0x6E, 0x22, 0x50, 0xC9, 0xDE, 0xC0, 0x68, 0x9B);
CALC_SB256 (228, 0x65, 0x89, 0xBC, 0xD4, 0xDB, 0xED, 0xF8, 0xAB);
CALC_SB256 (232, 0xC8, 0x12, 0xA8, 0xA2, 0x2B, 0x0D, 0x40, 0x52);
CALC_SB256 (236, 0xDC, 0xBB, 0xFE, 0x02, 0x32, 0x2F, 0xA4, 0xA9);
CALC_SB256 (240, 0xCA, 0xD7, 0x10, 0x61, 0x21, 0x1E, 0xF0, 0xB4);
CALC_SB256 (244, 0xD3, 0x50, 0x5D, 0x04, 0x0F, 0xF6, 0x00, 0xC2);
CALC_SB256 (248, 0x6F, 0x16, 0x9D, 0x25, 0x36, 0x86, 0x42, 0x56);
CALC_SB256 (252, 0x4A, 0x55, 0x5E, 0x09, 0xC1, 0xBE, 0xE0, 0x91);
/* Calculate whitening and round subkeys. The constants are /* Calculate whitening and round subkeys. The constants are
* indices of subkeys, preprocessed through q0 and q1. */ * indices of subkeys, preprocessed through q0 and q1. */
@ -644,75 +653,12 @@ twofish_setkey (TWOFISH_context *ctx, const byte *key, const unsigned keylen)
CALC_K256 (k, 26, 0x8B, 0xAE, 0x30, 0x5B); CALC_K256 (k, 26, 0x8B, 0xAE, 0x30, 0x5B);
CALC_K256 (k, 28, 0x84, 0x8A, 0x54, 0x00); CALC_K256 (k, 28, 0x84, 0x8A, 0x54, 0x00);
CALC_K256 (k, 30, 0xDF, 0xBC, 0x23, 0x9D); CALC_K256 (k, 30, 0xDF, 0xBC, 0x23, 0x9D);
}
} else { /* 128-bit key */ else {
/* Compute the S-boxes. */
/* Compute the S-boxes. The constants are indices of for(i=j=0,k=1; i < 256; i++, j += 2, k += 2 ) {
* S-box entries, preprocessed through q0 and q1. */ CALC_SB_2( i, calc_sb_tbl[j], calc_sb_tbl[k] );
CALC_SB (0, 0xA9, 0x75, 0x67, 0xF3, 0xB3, 0xC6, 0xE8, 0xF4); }
CALC_SB (4, 0x04, 0xDB, 0xFD, 0x7B, 0xA3, 0xFB, 0x76, 0xC8);
CALC_SB (8, 0x9A, 0x4A, 0x92, 0xD3, 0x80, 0xE6, 0x78, 0x6B);
CALC_SB (12, 0xE4, 0x45, 0xDD, 0x7D, 0xD1, 0xE8, 0x38, 0x4B);
CALC_SB (16, 0x0D, 0xD6, 0xC6, 0x32, 0x35, 0xD8, 0x98, 0xFD);
CALC_SB (20, 0x18, 0x37, 0xF7, 0x71, 0xEC, 0xF1, 0x6C, 0xE1);
CALC_SB (24, 0x43, 0x30, 0x75, 0x0F, 0x37, 0xF8, 0x26, 0x1B);
CALC_SB (28, 0xFA, 0x87, 0x13, 0xFA, 0x94, 0x06, 0x48, 0x3F);
CALC_SB (32, 0xF2, 0x5E, 0xD0, 0xBA, 0x8B, 0xAE, 0x30, 0x5B);
CALC_SB (36, 0x84, 0x8A, 0x54, 0x00, 0xDF, 0xBC, 0x23, 0x9D);
CALC_SB (40, 0x19, 0x6D, 0x5B, 0xC1, 0x3D, 0xB1, 0x59, 0x0E);
CALC_SB (44, 0xF3, 0x80, 0xAE, 0x5D, 0xA2, 0xD2, 0x82, 0xD5);
CALC_SB (48, 0x63, 0xA0, 0x01, 0x84, 0x83, 0x07, 0x2E, 0x14);
CALC_SB (52, 0xD9, 0xB5, 0x51, 0x90, 0x9B, 0x2C, 0x7C, 0xA3);
CALC_SB (56, 0xA6, 0xB2, 0xEB, 0x73, 0xA5, 0x4C, 0xBE, 0x54);
CALC_SB (60, 0x16, 0x92, 0x0C, 0x74, 0xE3, 0x36, 0x61, 0x51);
CALC_SB (64, 0xC0, 0x38, 0x8C, 0xB0, 0x3A, 0xBD, 0xF5, 0x5A);
CALC_SB (68, 0x73, 0xFC, 0x2C, 0x60, 0x25, 0x62, 0x0B, 0x96);
CALC_SB (72, 0xBB, 0x6C, 0x4E, 0x42, 0x89, 0xF7, 0x6B, 0x10);
CALC_SB (76, 0x53, 0x7C, 0x6A, 0x28, 0xB4, 0x27, 0xF1, 0x8C);
CALC_SB (80, 0xE1, 0x13, 0xE6, 0x95, 0xBD, 0x9C, 0x45, 0xC7);
CALC_SB (84, 0xE2, 0x24, 0xF4, 0x46, 0xB6, 0x3B, 0x66, 0x70);
CALC_SB (88, 0xCC, 0xCA, 0x95, 0xE3, 0x03, 0x85, 0x56, 0xCB);
CALC_SB (92, 0xD4, 0x11, 0x1C, 0xD0, 0x1E, 0x93, 0xD7, 0xB8);
CALC_SB (96, 0xFB, 0xA6, 0xC3, 0x83, 0x8E, 0x20, 0xB5, 0xFF);
CALC_SB (100, 0xE9, 0x9F, 0xCF, 0x77, 0xBF, 0xC3, 0xBA, 0xCC);
CALC_SB (104, 0xEA, 0x03, 0x77, 0x6F, 0x39, 0x08, 0xAF, 0xBF);
CALC_SB (108, 0x33, 0x40, 0xC9, 0xE7, 0x62, 0x2B, 0x71, 0xE2);
CALC_SB (112, 0x81, 0x79, 0x79, 0x0C, 0x09, 0xAA, 0xAD, 0x82);
CALC_SB (116, 0x24, 0x41, 0xCD, 0x3A, 0xF9, 0xEA, 0xD8, 0xB9);
CALC_SB (120, 0xE5, 0xE4, 0xC5, 0x9A, 0xB9, 0xA4, 0x4D, 0x97);
CALC_SB (124, 0x44, 0x7E, 0x08, 0xDA, 0x86, 0x7A, 0xE7, 0x17);
CALC_SB (128, 0xA1, 0x66, 0x1D, 0x94, 0xAA, 0xA1, 0xED, 0x1D);
CALC_SB (132, 0x06, 0x3D, 0x70, 0xF0, 0xB2, 0xDE, 0xD2, 0xB3);
CALC_SB (136, 0x41, 0x0B, 0x7B, 0x72, 0xA0, 0xA7, 0x11, 0x1C);
CALC_SB (140, 0x31, 0xEF, 0xC2, 0xD1, 0x27, 0x53, 0x90, 0x3E);
CALC_SB (144, 0x20, 0x8F, 0xF6, 0x33, 0x60, 0x26, 0xFF, 0x5F);
CALC_SB (148, 0x96, 0xEC, 0x5C, 0x76, 0xB1, 0x2A, 0xAB, 0x49);
CALC_SB (152, 0x9E, 0x81, 0x9C, 0x88, 0x52, 0xEE, 0x1B, 0x21);
CALC_SB (156, 0x5F, 0xC4, 0x93, 0x1A, 0x0A, 0xEB, 0xEF, 0xD9);
CALC_SB (160, 0x91, 0xC5, 0x85, 0x39, 0x49, 0x99, 0xEE, 0xCD);
CALC_SB (164, 0x2D, 0xAD, 0x4F, 0x31, 0x8F, 0x8B, 0x3B, 0x01);
CALC_SB (168, 0x47, 0x18, 0x87, 0x23, 0x6D, 0xDD, 0x46, 0x1F);
CALC_SB (172, 0xD6, 0x4E, 0x3E, 0x2D, 0x69, 0xF9, 0x64, 0x48);
CALC_SB (176, 0x2A, 0x4F, 0xCE, 0xF2, 0xCB, 0x65, 0x2F, 0x8E);
CALC_SB (180, 0xFC, 0x78, 0x97, 0x5C, 0x05, 0x58, 0x7A, 0x19);
CALC_SB (184, 0xAC, 0x8D, 0x7F, 0xE5, 0xD5, 0x98, 0x1A, 0x57);
CALC_SB (188, 0x4B, 0x67, 0x0E, 0x7F, 0xA7, 0x05, 0x5A, 0x64);
CALC_SB (192, 0x28, 0xAF, 0x14, 0x63, 0x3F, 0xB6, 0x29, 0xFE);
CALC_SB (196, 0x88, 0xF5, 0x3C, 0xB7, 0x4C, 0x3C, 0x02, 0xA5);
CALC_SB (200, 0xB8, 0xCE, 0xDA, 0xE9, 0xB0, 0x68, 0x17, 0x44);
CALC_SB (204, 0x55, 0xE0, 0x1F, 0x4D, 0x8A, 0x43, 0x7D, 0x69);
CALC_SB (208, 0x57, 0x29, 0xC7, 0x2E, 0x8D, 0xAC, 0x74, 0x15);
CALC_SB (212, 0xB7, 0x59, 0xC4, 0xA8, 0x9F, 0x0A, 0x72, 0x9E);
CALC_SB (216, 0x7E, 0x6E, 0x15, 0x47, 0x22, 0xDF, 0x12, 0x34);
CALC_SB (220, 0x58, 0x35, 0x07, 0x6A, 0x99, 0xCF, 0x34, 0xDC);
CALC_SB (224, 0x6E, 0x22, 0x50, 0xC9, 0xDE, 0xC0, 0x68, 0x9B);
CALC_SB (228, 0x65, 0x89, 0xBC, 0xD4, 0xDB, 0xED, 0xF8, 0xAB);
CALC_SB (232, 0xC8, 0x12, 0xA8, 0xA2, 0x2B, 0x0D, 0x40, 0x52);
CALC_SB (236, 0xDC, 0xBB, 0xFE, 0x02, 0x32, 0x2F, 0xA4, 0xA9);
CALC_SB (240, 0xCA, 0xD7, 0x10, 0x61, 0x21, 0x1E, 0xF0, 0xB4);
CALC_SB (244, 0xD3, 0x50, 0x5D, 0x04, 0x0F, 0xF6, 0x00, 0xC2);
CALC_SB (248, 0x6F, 0x16, 0x9D, 0x25, 0x36, 0x86, 0x42, 0x56);
CALC_SB (252, 0x4A, 0x55, 0x5E, 0x09, 0xC1, 0xBE, 0xE0, 0x91);
/* Calculate whitening and round subkeys. The constants are /* Calculate whitening and round subkeys. The constants are
* indices of subkeys, preprocessed through q0 and q1. */ * indices of subkeys, preprocessed through q0 and q1. */

View File

@ -1,19 +1,14 @@
=head1 NAME =head1 NAME
gpg, gpgm - GNU Privacy Guard gpg - GNU Privacy Guard
=head1 SYNOPSIS =head1 SYNOPSIS
B<gpg> [--homedir name] [--options file] [options] command [args] B<gpg> [--homedir name] [--options file] [options] command [args]
B<gpgm> [--homedir name] [--options file] [options] command [args]
=head1 DESCRIPTION =head1 DESCRIPTION
B<gpg> is the main program for the GnuPG system. B<gpgm> is a maintenance B<gpg> is the main program for the GnuPG system.
tool which has some commands B<gpg> does not have; it is there because
it does not handle sensitive data and therefore has no need to allocate
secure memory. Both programs may be merged in the future.
=head1 COMMANDS =head1 COMMANDS
@ -219,12 +214,12 @@ B<--recv-keys> I<key_IDs>
B<--export-ownertrust> B<--export-ownertrust>
List the assigned ownertrust values in ASCII format List the assigned ownertrust values in ASCII format
for backup purposes [B<gpgm> only]. for backup purposes
B<--import-ownertrust> [I<filename>] B<--import-ownertrust> [I<filename>]
Update the trustdb with the ownertrust values stored Update the trustdb with the ownertrust values stored
in I<filename> (or stdin if not given); existing in I<filename> (or stdin if not given); existing
values will be overwritten. [B<gpgm> only]. values will be overwritten.
=head1 OPTIONS =head1 OPTIONS
@ -552,7 +547,7 @@ F</usr[/local]/lib/gnupg/> Default location for extensions
=head1 SEE ALSO =head1 SEE ALSO
gpg(1) gpgm(1) gpg(1)
=head1 WARNINGS =head1 WARNINGS

View File

@ -1,3 +1,28 @@
Sun Apr 18 10:11:28 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* seckey-cert.c (do_check): Use real IV instead of a 0 one, so that
it works even if the length of the IV doesn't match the blocksize.
Removed the save_iv stuff.
(protect_secret_key): Likewise. Create the IV here.
* packet.h (PKT_secret_key): Increased size of IV field and add a
ivlen field.
* parse-packet.c (parse_key): Use the len protect.ivlen.
* build-packet.c (do_secret_key). Ditto.
* getkey.c (key_byname): Close keyblocks.
* Makefile.am (gpgm): Removed this
* g10.c: Merged gpg and gpgm
* import.c (import): Utilize option quiet.
* tdbio.c (tdbio_set_dbname): Ditto.
* ringedit.c (add_keyblock_resource,keyring_copy): Ditto.
* keyedit.c (sign_uids): Add some batch support.
* g10.c (main): add call to tty_batchmode.
Fri Apr 9 12:26:25 CEST 1999 Werner Koch <wk@isil.d.shuttle.de> Fri Apr 9 12:26:25 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* status.c (write_status_text): Some more status codes. * status.c (write_status_text): Some more status codes.

View File

@ -7,7 +7,7 @@ LDFLAGS = @LDFLAGS@ @DYNLINK_LDFLAGS@
needed_libs = ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a needed_libs = ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a
#noinst_PROGRAMS = gpgd #noinst_PROGRAMS = gpgd
bin_PROGRAMS = gpg gpgm bin_PROGRAMS = gpg
common_source = \ common_source = \
build-packet.c \ build-packet.c \
@ -64,12 +64,9 @@ gpg_SOURCES = g10.c \
verify.c \ verify.c \
decrypt.c \ decrypt.c \
keyedit.c \ keyedit.c \
dearmor.c \
keygen.c keygen.c
gpgm_SOURCES = dearmor.c \
$(common_source)
#gpgd_SOURCES = gpgd.c \ #gpgd_SOURCES = gpgd.c \
# ks-proto.h \ # ks-proto.h \
# ks-proto.c \ # ks-proto.c \
@ -80,11 +77,6 @@ gpgm_SOURCES = dearmor.c \
LDADD = $(needed_libs) @ZLIBS@ @INTLLIBS@ LDADD = $(needed_libs) @ZLIBS@ @INTLLIBS@
gpgm_LDADD = g10maint.o $(LDADD)
g10maint.o: $(srcdir)/g10.c
$(COMPILE) -DIS_G10MAINT -o g10maint.o -c $(srcdir)/g10.c
$(PROGRAMS): $(needed_libs) $(PROGRAMS): $(needed_libs)
@ -92,6 +84,6 @@ $(PROGRAMS): $(needed_libs)
install-data-local: install-data-local:
$(mkinstalldirs) $(pkgdatadir) $(mkinstalldirs) $(pkgdatadir)
$(INSTALL_DATA) $(srcdir)/options.skel $(pkgdatadir)/options.skel $(INSTALL_DATA) $(srcdir)/options.skel $(pkgdatadir)/options.skel
rm $(bindir)/gpgm || ln -s $(bindir)/gpgm gpg

View File

@ -343,7 +343,7 @@ do_secret_key( IOBUF out, int ctb, PKT_secret_key *sk )
if( is_RSA(sk->pubkey_algo) && sk->version < 4 if( is_RSA(sk->pubkey_algo) && sk->version < 4
&& !sk->protect.s2k.mode ) { && !sk->protect.s2k.mode ) {
iobuf_put(a, sk->protect.algo ); iobuf_put(a, sk->protect.algo );
iobuf_write(a, sk->protect.iv, 8 ); iobuf_write(a, sk->protect.iv, sk->protect.ivlen );
} }
else { else {
iobuf_put(a, 0xff ); iobuf_put(a, 0xff );
@ -355,7 +355,7 @@ do_secret_key( IOBUF out, int ctb, PKT_secret_key *sk )
iobuf_write(a, sk->protect.s2k.salt, 8 ); iobuf_write(a, sk->protect.s2k.salt, 8 );
if( sk->protect.s2k.mode == 3 ) if( sk->protect.s2k.mode == 3 )
iobuf_put(a, sk->protect.s2k.count ); iobuf_put(a, sk->protect.s2k.count );
iobuf_write(a, sk->protect.iv, 8 ); iobuf_write(a, sk->protect.iv, sk->protect.ivlen );
} }
} }
else else

View File

@ -64,10 +64,10 @@ write_header( cipher_filter_context_t *cfx, IOBUF a )
temp[nprefix+1] = temp[nprefix-1]; temp[nprefix+1] = temp[nprefix-1];
print_cipher_algo_note( cfx->dek->algo ); print_cipher_algo_note( cfx->dek->algo );
cfx->cipher_hd = cipher_open( cfx->dek->algo, CIPHER_MODE_AUTO_CFB, 1 ); cfx->cipher_hd = cipher_open( cfx->dek->algo, CIPHER_MODE_AUTO_CFB, 1 );
/*log_hexdump( "thekey", cfx->dek->key, cfx->dek->keylen );*/ /* log_hexdump( "thekey", cfx->dek->key, cfx->dek->keylen );*/
cipher_setkey( cfx->cipher_hd, cfx->dek->key, cfx->dek->keylen ); cipher_setkey( cfx->cipher_hd, cfx->dek->key, cfx->dek->keylen );
cipher_setiv( cfx->cipher_hd, NULL ); cipher_setiv( cfx->cipher_hd, NULL, 0 );
/* log_hexdump( "prefix", temp, nprefix+2 );*/ /* log_hexdump( "prefix", temp, nprefix+2 ); */
cipher_encrypt( cfx->cipher_hd, temp, temp, nprefix+2); cipher_encrypt( cfx->cipher_hd, temp, temp, nprefix+2);
cipher_sync( cfx->cipher_hd ); cipher_sync( cfx->cipher_hd );
iobuf_write(a, temp, nprefix+2); iobuf_write(a, temp, nprefix+2);

View File

@ -71,7 +71,7 @@ decrypt_data( PKT_encrypted *ed, DEK *dek )
BUG(); BUG();
dfx.cipher_hd = cipher_open( dek->algo, CIPHER_MODE_AUTO_CFB, 1 ); dfx.cipher_hd = cipher_open( dek->algo, CIPHER_MODE_AUTO_CFB, 1 );
/*log_hexdump( "thekey", dek->key, dek->keylen );*/ /* log_hexdump( "thekey", dek->key, dek->keylen );*/
rc = cipher_setkey( dfx.cipher_hd, dek->key, dek->keylen ); rc = cipher_setkey( dfx.cipher_hd, dek->key, dek->keylen );
if( rc == G10ERR_WEAK_KEY ) if( rc == G10ERR_WEAK_KEY )
log_info(_("WARNING: message was encrypted with " log_info(_("WARNING: message was encrypted with "
@ -79,7 +79,7 @@ decrypt_data( PKT_encrypted *ed, DEK *dek )
else if( rc ) else if( rc )
log_error("key setup failed: %s\n", g10_errstr(rc) ); log_error("key setup failed: %s\n", g10_errstr(rc) );
cipher_setiv( dfx.cipher_hd, NULL ); cipher_setiv( dfx.cipher_hd, NULL, 0 );
if( ed->len ) { if( ed->len ) {
for(i=0; i < (nprefix+2) && ed->len; i++, ed->len-- ) { for(i=0; i < (nprefix+2) && ed->len; i++, ed->len-- ) {
@ -99,7 +99,7 @@ decrypt_data( PKT_encrypted *ed, DEK *dek )
cipher_decrypt( dfx.cipher_hd, temp, temp, nprefix+2); cipher_decrypt( dfx.cipher_hd, temp, temp, nprefix+2);
cipher_sync( dfx.cipher_hd ); cipher_sync( dfx.cipher_hd );
p = temp; p = temp;
/*log_hexdump( "prefix", temp, nprefix+2 );*/ /* log_hexdump( "prefix", temp, nprefix+2 ); */
if( p[nprefix-2] != p[nprefix] || p[nprefix-1] != p[nprefix+1] ) { if( p[nprefix-2] != p[nprefix] || p[nprefix-1] != p[nprefix+1] ) {
cipher_close(dfx.cipher_hd); cipher_close(dfx.cipher_hd);
return G10ERR_BAD_KEY; return G10ERR_BAD_KEY;

View File

@ -45,10 +45,6 @@
#include "g10defs.h" #include "g10defs.h"
#include "hkp.h" #include "hkp.h"
#ifndef IS_G10MAINT
#define IS_G10 1
#endif
enum cmd_and_opt_values { aNull = 0, enum cmd_and_opt_values { aNull = 0,
oArmor = 'a', oArmor = 'a',
@ -165,7 +161,6 @@ static ARGPARSE_OPTS opts[] = {
{ 300, NULL, 0, N_("@Commands:\n ") }, { 300, NULL, 0, N_("@Commands:\n ") },
#ifdef IS_G10
{ aSign, "sign", 256, N_("|[file]|make a signature")}, { aSign, "sign", 256, N_("|[file]|make a signature")},
{ aClearsign, "clearsign", 256, N_("|[file]|make a clear text signature") }, { aClearsign, "clearsign", 256, N_("|[file]|make a clear text signature") },
{ aDetachedSign, "detach-sign", 256, N_("make a detached signature")}, { aDetachedSign, "detach-sign", 256, N_("make a detached signature")},
@ -174,21 +169,16 @@ static ARGPARSE_OPTS opts[] = {
{ aStore, "store", 256, N_("store only")}, { aStore, "store", 256, N_("store only")},
{ aDecrypt, "decrypt", 256, N_("decrypt data (default)")}, { aDecrypt, "decrypt", 256, N_("decrypt data (default)")},
{ aVerify, "verify" , 256, N_("verify a signature")}, { aVerify, "verify" , 256, N_("verify a signature")},
#endif
{ aListKeys, "list-keys", 256, N_("list keys")}, { aListKeys, "list-keys", 256, N_("list keys")},
{ aListKeys, "list-public-keys", 256, "@" }, { aListKeys, "list-public-keys", 256, "@" },
{ aListSigs, "list-sigs", 256, N_("list keys and signatures")}, { aListSigs, "list-sigs", 256, N_("list keys and signatures")},
{ aCheckKeys, "check-sigs",256, N_("check key signatures")}, { aCheckKeys, "check-sigs",256, N_("check key signatures")},
{ oFingerprint, "fingerprint", 256, N_("list keys and fingerprints")}, { oFingerprint, "fingerprint", 256, N_("list keys and fingerprints")},
{ aListSecretKeys, "list-secret-keys", 256, N_("list secret keys")}, { aListSecretKeys, "list-secret-keys", 256, N_("list secret keys")},
#ifdef IS_G10
{ aKeygen, "gen-key", 256, N_("generate a new key pair")}, { aKeygen, "gen-key", 256, N_("generate a new key pair")},
#endif
{ aDeleteKey, "delete-key",256, N_("remove key from the public keyring")}, { aDeleteKey, "delete-key",256, N_("remove key from the public keyring")},
#ifdef IS_G10
{ aEditKey, "edit-key" ,256, N_("sign or edit a key")}, { aEditKey, "edit-key" ,256, N_("sign or edit a key")},
{ aGenRevoke, "gen-revoke",256, N_("generate a revocation certificate")}, { aGenRevoke, "gen-revoke",256, N_("generate a revocation certificate")},
#endif
{ aExport, "export" , 256, N_("export keys") }, { aExport, "export" , 256, N_("export keys") },
{ aSendKeys, "send-keys" , 256, N_("export keys to a key server") }, { aSendKeys, "send-keys" , 256, N_("export keys to a key server") },
{ aRecvKeys, "recv-keys" , 256, N_("import keys from a key server") }, { aRecvKeys, "recv-keys" , 256, N_("import keys from a key server") },
@ -197,7 +187,6 @@ static ARGPARSE_OPTS opts[] = {
{ aImport, "import", 256 , N_("import/merge keys")}, { aImport, "import", 256 , N_("import/merge keys")},
{ aFastImport, "fast-import", 256 , "@"}, { aFastImport, "fast-import", 256 , "@"},
{ aListPackets, "list-packets",256,N_("list only the sequence of packets")}, { aListPackets, "list-packets",256,N_("list only the sequence of packets")},
#ifdef IS_G10MAINT
{ aExportOwnerTrust, { aExportOwnerTrust,
"export-ownertrust", 256, N_("export the ownertrust values")}, "export-ownertrust", 256, N_("export the ownertrust values")},
{ aImportOwnerTrust, { aImportOwnerTrust,
@ -215,7 +204,6 @@ static ARGPARSE_OPTS opts[] = {
{ aPrimegen, "gen-prime" , 256, "@" }, { aPrimegen, "gen-prime" , 256, "@" },
{ aGenRandom, "gen-random" , 256, "@" }, { aGenRandom, "gen-random" , 256, "@" },
#endif #endif
#endif
{ 301, NULL, 0, N_("@\nOptions:\n ") }, { 301, NULL, 0, N_("@\nOptions:\n ") },
@ -224,12 +212,10 @@ static ARGPARSE_OPTS opts[] = {
{ oRecipient, "remote-user", 2, "@"}, /* old option name */ { oRecipient, "remote-user", 2, "@"}, /* old option name */
{ oEncryptTo, "encrypt-to", 2, "@" }, { oEncryptTo, "encrypt-to", 2, "@" },
{ oNoEncryptTo, "no-encrypt-to", 0, "@" }, { oNoEncryptTo, "no-encrypt-to", 0, "@" },
#ifdef IS_G10
{ oUser, "local-user",2, N_("use this user-id to sign or decrypt")}, { oUser, "local-user",2, N_("use this user-id to sign or decrypt")},
{ oCompress, NULL, 1, N_("|N|set compress level N (0 disables)") }, { oCompress, NULL, 1, N_("|N|set compress level N (0 disables)") },
{ oTextmodeShort, NULL, 0, "@"}, { oTextmodeShort, NULL, 0, "@"},
{ oTextmode, "textmode", 0, N_("use canonical text mode")}, { oTextmode, "textmode", 0, N_("use canonical text mode")},
#endif
{ oOutput, "output", 2, N_("use as output file")}, { oOutput, "output", 2, N_("use as output file")},
{ oVerbose, "verbose", 0, N_("verbose") }, { oVerbose, "verbose", 0, N_("verbose") },
{ oQuiet, "quiet", 0, N_("be somewhat more quiet") }, { oQuiet, "quiet", 0, N_("be somewhat more quiet") },
@ -259,37 +245,25 @@ static ARGPARSE_OPTS opts[] = {
N_("|NAME|use message digest algorithm NAME for passphrases")}, N_("|NAME|use message digest algorithm NAME for passphrases")},
{ oS2KCipher, "s2k-cipher-algo",2, { oS2KCipher, "s2k-cipher-algo",2,
N_("|NAME|use cipher algorithm NAME for passphrases")}, N_("|NAME|use cipher algorithm NAME for passphrases")},
#ifdef IS_G10
{ oCipherAlgo, "cipher-algo", 2 , N_("|NAME|use cipher algorithm NAME")}, { oCipherAlgo, "cipher-algo", 2 , N_("|NAME|use cipher algorithm NAME")},
{ oDigestAlgo, "digest-algo", 2 , N_("|NAME|use message digest algorithm NAME")}, { oDigestAlgo, "digest-algo", 2 , N_("|NAME|use message digest algorithm NAME")},
{ oCompressAlgo, "compress-algo", 1 , N_("|N|use compress algorithm N")}, { oCompressAlgo, "compress-algo", 1 , N_("|N|use compress algorithm N")},
{ oThrowKeyid, "throw-keyid", 0, N_("throw keyid field of encrypted packets")}, { oThrowKeyid, "throw-keyid", 0, N_("throw keyid field of encrypted packets")},
#else /* some dummies */
{ oCipherAlgo, "cipher-algo", 2 , "@"},
{ oDigestAlgo, "digest-algo", 2 , "@"},
{ oCompressAlgo, "compress-algo", 1 , "@"},
#endif
#ifdef IS_G10
{ 302, NULL, 0, N_("@\nExamples:\n\n" { 302, NULL, 0, N_("@\nExamples:\n\n"
" -se -r Bob [file] sign and encrypt for user Bob\n" " -se -r Bob [file] sign and encrypt for user Bob\n"
" --clearsign [file] make a clear text signature\n" " --clearsign [file] make a clear text signature\n"
" --detach-sign [file] make a detached signature\n" " --detach-sign [file] make a detached signature\n"
" --list-keys [names] show keys\n" " --list-keys [names] show keys\n"
" --fingerprint [names] show fingerprints\n" ) }, " --fingerprint [names] show fingerprints\n" ) },
#endif
/* hidden options */ /* hidden options */
#ifdef IS_G10MAINT
{ aExportOwnerTrust, "list-ownertrust",0 , "@"}, /* alias */ { aExportOwnerTrust, "list-ownertrust",0 , "@"}, /* alias */
{ aListTrustDB, "list-trustdb",0 , "@"}, { aListTrustDB, "list-trustdb",0 , "@"},
{ aListTrustPath, "list-trust-path",0, "@"}, { aListTrustPath, "list-trust-path",0, "@"},
#endif
#ifdef IS_G10
{ oKOption, NULL, 0, "@"}, { oKOption, NULL, 0, "@"},
{ oPasswdFD, "passphrase-fd",1, "@" }, { oPasswdFD, "passphrase-fd",1, "@" },
{ aSignKey, "sign-key" ,256, "@" }, /* alias for edit-key */ { aSignKey, "sign-key" ,256, "@" }, /* alias for edit-key */
#endif
{ aDeleteSecretKey, "delete-secret-key",0, "@" }, { aDeleteSecretKey, "delete-secret-key",0, "@" },
{ oQuickRandom, "quick-random", 0, "@"}, { oQuickRandom, "quick-random", 0, "@"},
{ oNoVerbose, "no-verbose", 0, "@"}, { oNoVerbose, "no-verbose", 0, "@"},
@ -330,10 +304,8 @@ static char *build_list( const char *text,
const char *(*mapf)(int), int (*chkf)(int) ); const char *(*mapf)(int), int (*chkf)(int) );
static void set_cmd( enum cmd_and_opt_values *ret_cmd, static void set_cmd( enum cmd_and_opt_values *ret_cmd,
enum cmd_and_opt_values new_cmd ); enum cmd_and_opt_values new_cmd );
#ifdef IS_G10MAINT
static void print_hex( byte *p, size_t n ); static void print_hex( byte *p, size_t n );
static void print_mds( const char *fname, int algo ); static void print_mds( const char *fname, int algo );
#endif
const char * const char *
strusage( int level ) strusage( int level )
@ -341,12 +313,7 @@ strusage( int level )
static char *digests, *pubkeys, *ciphers; static char *digests, *pubkeys, *ciphers;
const char *p; const char *p;
switch( level ) { switch( level ) {
case 11: p = case 11: p = "gpg (GnuPG)";
#ifdef IS_G10MAINT
"gpgm (GnuPG)";
#else
"gpg (GnuPG)";
#endif
break; break;
case 13: p = VERSION; break; case 13: p = VERSION; break;
case 17: p = PRINTABLE_OS_NAME; break; case 17: p = PRINTABLE_OS_NAME; break;
@ -355,21 +322,12 @@ strusage( int level )
break; break;
case 1: case 1:
case 40: p = case 40: p =
#ifdef IS_G10MAINT
_("Usage: gpgm [options] [files] (-h for help)");
#else
_("Usage: gpg [options] [files] (-h for help)"); _("Usage: gpg [options] [files] (-h for help)");
#endif
break; break;
case 41: p = case 41: p =
#ifdef IS_G10MAINT
_("Syntax: gpgm [options] [files]\n"
"GnuPG maintenance utility\n");
#else
_("Syntax: gpg [options] [files]\n" _("Syntax: gpg [options] [files]\n"
"sign, check, encrypt or decrypt\n" "sign, check, encrypt or decrypt\n"
"default operation depends on the input data\n"); "default operation depends on the input data\n");
#endif
break; break;
case 31: p = _("\nSupported algorithms:\n"); break; case 31: p = _("\nSupported algorithms:\n"); break;
@ -446,11 +404,7 @@ i18n_init(void)
static void static void
wrong_args( const char *text) wrong_args( const char *text)
{ {
#ifdef IS_G10MAINT
fputs(_("usage: gpgm [options] "),stderr);
#else
fputs(_("usage: gpg [options] "),stderr); fputs(_("usage: gpg [options] "),stderr);
#endif
fputs(text,stderr); fputs(text,stderr);
putc('\n',stderr); putc('\n',stderr);
g10_exit(2); g10_exit(2);
@ -532,11 +486,6 @@ main( int argc, char **argv )
trap_unaligned(); trap_unaligned();
secmem_set_flags( secmem_get_flags() | 2 ); /* suspend warnings */ secmem_set_flags( secmem_get_flags() | 2 ); /* suspend warnings */
#ifdef IS_G10MAINT
secmem_init( 0 ); /* disable use of secmem */
maybe_setuid = 0;
log_set_name("gpgm");
#else
/* Please note that we may running SUID(ROOT), so be very CAREFUL /* Please note that we may running SUID(ROOT), so be very CAREFUL
* when adding any stuff between here and the call to * when adding any stuff between here and the call to
* secmem_init() somewhere after the option parsing * secmem_init() somewhere after the option parsing
@ -544,7 +493,6 @@ main( int argc, char **argv )
log_set_name("gpg"); log_set_name("gpg");
secure_random_alloc(); /* put random number into secure memory */ secure_random_alloc(); /* put random number into secure memory */
disable_core_dumps(); disable_core_dumps();
#endif
init_signals(); init_signals();
create_dotlock(NULL); /* register locking cleanup */ create_dotlock(NULL); /* register locking cleanup */
i18n_init(); i18n_init();
@ -600,19 +548,13 @@ main( int argc, char **argv )
#ifdef USE_SHM_COPROCESSING #ifdef USE_SHM_COPROCESSING
if( opt.shm_coprocess ) { if( opt.shm_coprocess ) {
#ifdef IS_G10
init_shm_coprocessing(requested_shm_size, 1 ); init_shm_coprocessing(requested_shm_size, 1 );
#else
init_shm_coprocessing(requested_shm_size, 0 );
#endif
} }
#endif #endif
#ifdef IS_G10
/* initialize the secure memory. */ /* initialize the secure memory. */
secmem_init( 16384 ); secmem_init( 16384 );
maybe_setuid = 0; maybe_setuid = 0;
/* Okay, we are now working under our real uid */ /* Okay, we are now working under our real uid */
#endif
if( default_config ) if( default_config )
configname = make_filename(opt.homedir, "options", NULL ); configname = make_filename(opt.homedir, "options", NULL );
@ -661,7 +603,6 @@ main( int argc, char **argv )
case aDeleteSecretKey: set_cmd( &cmd, aDeleteSecretKey); break; case aDeleteSecretKey: set_cmd( &cmd, aDeleteSecretKey); break;
case aDeleteKey: set_cmd( &cmd, aDeleteKey); break; case aDeleteKey: set_cmd( &cmd, aDeleteKey); break;
#ifdef IS_G10
case aDetachedSign: detached_sig = 1; set_cmd( &cmd, aSign ); break; case aDetachedSign: detached_sig = 1; set_cmd( &cmd, aSign ); break;
case aSym: set_cmd( &cmd, aSym); break; case aSym: set_cmd( &cmd, aSym); break;
case aDecrypt: set_cmd( &cmd, aDecrypt); break; case aDecrypt: set_cmd( &cmd, aDecrypt); break;
@ -674,7 +615,6 @@ main( int argc, char **argv )
case aClearsign: set_cmd( &cmd, aClearsign); break; case aClearsign: set_cmd( &cmd, aClearsign); break;
case aGenRevoke: set_cmd( &cmd, aGenRevoke); break; case aGenRevoke: set_cmd( &cmd, aGenRevoke); break;
case aVerify: set_cmd( &cmd, aVerify); break; case aVerify: set_cmd( &cmd, aVerify); break;
#else
#ifdef MAINTAINER_OPTIONS #ifdef MAINTAINER_OPTIONS
case aPrimegen: set_cmd( &cmd, aPrimegen); break; case aPrimegen: set_cmd( &cmd, aPrimegen); break;
case aGenRandom: set_cmd( &cmd, aGenRandom); break; case aGenRandom: set_cmd( &cmd, aGenRandom); break;
@ -686,13 +626,10 @@ main( int argc, char **argv )
case aUpdateTrustDB: set_cmd( &cmd, aUpdateTrustDB); break; case aUpdateTrustDB: set_cmd( &cmd, aUpdateTrustDB); break;
case aFixTrustDB: set_cmd( &cmd, aFixTrustDB); break; case aFixTrustDB: set_cmd( &cmd, aFixTrustDB); break;
case aListTrustPath: set_cmd( &cmd, aListTrustPath); break; case aListTrustPath: set_cmd( &cmd, aListTrustPath); break;
case aDeArmor: set_cmd( &cmd, aDeArmor); break; case aDeArmor: set_cmd( &cmd, aDeArmor); greeting = 0; break;
case aEnArmor: set_cmd( &cmd, aEnArmor); break; case aEnArmor: set_cmd( &cmd, aEnArmor); greeting = 0; break;
case aExportOwnerTrust: set_cmd( &cmd, aExportOwnerTrust); break; case aExportOwnerTrust: set_cmd( &cmd, aExportOwnerTrust); break;
case aImportOwnerTrust: set_cmd( &cmd, aImportOwnerTrust); break; case aImportOwnerTrust: set_cmd( &cmd, aImportOwnerTrust); break;
#endif /* IS_G10MAINT */
case oArmor: opt.armor = 1; opt.no_armor=0; break; case oArmor: opt.armor = 1; opt.no_armor=0; break;
case oOutput: opt.outfile = pargs.r.ret_str; break; case oOutput: opt.outfile = pargs.r.ret_str; break;
@ -773,7 +710,6 @@ main( int argc, char **argv )
sl = add_to_strlist( &remusr, pargs.r.ret_str ); sl = add_to_strlist( &remusr, pargs.r.ret_str );
sl->flags = 1; sl->flags = 1;
break; break;
#ifdef IS_G10
case oRecipient: /* store the recipient */ case oRecipient: /* store the recipient */
add_to_strlist( &remusr, pargs.r.ret_str ); add_to_strlist( &remusr, pargs.r.ret_str );
break; break;
@ -787,12 +723,6 @@ main( int argc, char **argv )
case oCipherAlgo: def_cipher_string = m_strdup(pargs.r.ret_str); break; case oCipherAlgo: def_cipher_string = m_strdup(pargs.r.ret_str); break;
case oDigestAlgo: def_digest_string = m_strdup(pargs.r.ret_str); break; case oDigestAlgo: def_digest_string = m_strdup(pargs.r.ret_str); break;
case oNoSecmemWarn: secmem_set_flags( secmem_get_flags() | 1 ); break; case oNoSecmemWarn: secmem_set_flags( secmem_get_flags() | 1 ); break;
#else
case oCipherAlgo:
case oDigestAlgo:
case oNoSecmemWarn:
break; /* dummies */
#endif
case oCharset: case oCharset:
if( set_native_charset( pargs.r.ret_str ) ) if( set_native_charset( pargs.r.ret_str ) )
log_error(_("%s is not a valid character set\n"), log_error(_("%s is not a valid character set\n"),
@ -824,6 +754,8 @@ main( int argc, char **argv )
log_info("NOTE: this is a development version!\n"); log_info("NOTE: this is a development version!\n");
#endif #endif
} }
if( opt.batch )
tty_batchmode( 1 );
secmem_set_flags( secmem_get_flags() & ~2 ); /* resume warnings */ secmem_set_flags( secmem_get_flags() & ~2 ); /* resume warnings */
@ -958,7 +890,6 @@ main( int argc, char **argv )
log_error_f( print_fname_stdin(fname), log_error_f( print_fname_stdin(fname),
"store failed: %s\n", g10_errstr(rc) ); "store failed: %s\n", g10_errstr(rc) );
break; break;
#ifdef IS_G10
case aSym: /* encrypt the given file only with the symmetric cipher */ case aSym: /* encrypt the given file only with the symmetric cipher */
if( argc > 1 ) if( argc > 1 )
wrong_args(_("--symmetric [filename]")); wrong_args(_("--symmetric [filename]"));
@ -1042,8 +973,6 @@ main( int argc, char **argv )
keyedit_menu(fname, locusr, NULL ); keyedit_menu(fname, locusr, NULL );
break; break;
#endif /* IS_G10 */
case aDeleteSecretKey: case aDeleteSecretKey:
if( argc != 1 ) if( argc != 1 )
wrong_args(_("--delete-secret-key username")); wrong_args(_("--delete-secret-key username"));
@ -1086,13 +1015,11 @@ main( int argc, char **argv )
wrong_args(_("-k[v][v][v][c] [userid] [keyring]") ); wrong_args(_("-k[v][v][v][c] [userid] [keyring]") );
break; break;
#ifdef IS_G10
case aKeygen: /* generate a key (interactive) */ case aKeygen: /* generate a key (interactive) */
if( argc ) if( argc )
wrong_args("--gen-key"); wrong_args("--gen-key");
generate_keypair(); generate_keypair();
break; break;
#endif
case aFastImport: case aFastImport:
case aImport: case aImport:
@ -1133,15 +1060,12 @@ main( int argc, char **argv )
free_strlist(sl); free_strlist(sl);
break; break;
#ifdef IS_G10
case aGenRevoke: case aGenRevoke:
if( argc != 1 ) if( argc != 1 )
wrong_args("--gen-revoke user-id"); wrong_args("--gen-revoke user-id");
gen_revoke( *argv ); gen_revoke( *argv );
break; break;
#endif
#ifdef IS_G10MAINT
case aDeArmor: case aDeArmor:
if( argc > 1 ) if( argc > 1 )
wrong_args("--dearmor [file]"); wrong_args("--dearmor [file]");
@ -1292,13 +1216,9 @@ main( int argc, char **argv )
import_ownertrust( argc? *argv:NULL ); import_ownertrust( argc? *argv:NULL );
break; break;
#endif /* IS_G10MAINT */
case aListPackets: case aListPackets:
opt.list_packets=1; opt.list_packets=1;
default: default:
/* fixme: g10maint should do regular maintenace tasks here */
if( argc > 1 ) if( argc > 1 )
wrong_args(_("[filename]")); wrong_args(_("[filename]"));
/* Issue some output for the unix newbie */ /* Issue some output for the unix newbie */
@ -1351,7 +1271,6 @@ g10_exit( int rc )
#ifdef IS_G10MAINT
static void static void
print_hex( byte *p, size_t n ) print_hex( byte *p, size_t n )
{ {
@ -1452,7 +1371,3 @@ print_mds( const char *fname, int algo )
fclose(fp); fclose(fp);
} }
#endif /* IS_G10MAINT */

View File

@ -702,6 +702,8 @@ key_byname( GETKEY_CTX *retctx, STRLIST namelist,
if( retctx ) /* caller wants the context */ if( retctx ) /* caller wants the context */
*retctx = ctx; *retctx = ctx;
else { else {
/* Hmmm, why not get_pubkey-end here?? */
enum_keyblocks( 2, &ctx->kbpos, NULL ); /* close */
for(n=0; n < ctx->nitems; n++ ) for(n=0; n < ctx->nitems; n++ )
m_free( ctx->items[n].namebuf ); m_free( ctx->items[n].namebuf );
m_free( ctx ); m_free( ctx );

View File

@ -163,7 +163,7 @@ import( IOBUF inp, int fast, const char* fname )
release_kbnode(keyblock); release_kbnode(keyblock);
if( rc ) if( rc )
break; break;
if( !(++count % 100) ) if( !(++count % 100) && !opt.quiet )
log_info(_("%lu keys so far processed\n"), count ); log_info(_("%lu keys so far processed\n"), count );
} }
if( rc == -1 ) if( rc == -1 )
@ -171,6 +171,7 @@ import( IOBUF inp, int fast, const char* fname )
else if( rc && rc != G10ERR_INV_KEYRING ) else if( rc && rc != G10ERR_INV_KEYRING )
log_error_f( fname, _("read error: %s\n"), g10_errstr(rc)); log_error_f( fname, _("read error: %s\n"), g10_errstr(rc));
if( !opt.quiet ) {
log_info(_("Total number processed: %lu\n"), count ); log_info(_("Total number processed: %lu\n"), count );
if( stats.no_user_id ) if( stats.no_user_id )
log_info(_(" w/o user IDs: %lu\n"), stats.no_user_id ); log_info(_(" w/o user IDs: %lu\n"), stats.no_user_id );
@ -196,6 +197,7 @@ import( IOBUF inp, int fast, const char* fname )
log_info(_(" secret keys imported: %lu\n"), stats.secret_imported ); log_info(_(" secret keys imported: %lu\n"), stats.secret_imported );
if( stats.secret_dups ) if( stats.secret_dups )
log_info(_(" secret keys unchanged: %lu\n"), stats.secret_dups ); log_info(_(" secret keys unchanged: %lu\n"), stats.secret_dups );
}
return rc; return rc;
} }
@ -553,7 +555,9 @@ import_secret_one( const char *fname, KBNODE keyblock )
_("can't write keyring: %s\n"), g10_errstr(rc) ); _("can't write keyring: %s\n"), g10_errstr(rc) );
unlock_keyblock( &kbpos ); unlock_keyblock( &kbpos );
/* we are ready */ /* we are ready */
log_info_f(fname, _("key %08lX: secret key imported\n"), (ulong)keyid[1]); if( !opt.quiet )
log_info_f(fname, _("key %08lX: secret key imported\n"),
(ulong)keyid[1]);
stats.secret_imported++; stats.secret_imported++;
} }
else if( !rc ) { /* we can't merge secret keys */ else if( !rc ) { /* we can't merge secret keys */

View File

@ -306,8 +306,11 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified, int local )
tty_printf( tty_printf(
_("The signature will be marked as non-exportable.\n\n")); _("The signature will be marked as non-exportable.\n\n"));
if( !cpr_get_answer_is_yes("sign_uid.okay", _("Really sign? ")) )
continue;; if( opt.batch && opt.answer_yes )
;
else if( !cpr_get_answer_is_yes("sign_uid.okay", _("Really sign? ")) )
continue;
/* now we can sign the user ids */ /* now we can sign the user ids */
reloop: /* (must use this, because we are modifing the list) */ reloop: /* (must use this, because we are modifing the list) */
primary_pk = NULL; primary_pk = NULL;

View File

@ -139,7 +139,8 @@ typedef struct {
struct { struct {
byte algo; /* cipher used to protect the secret information*/ byte algo; /* cipher used to protect the secret information*/
STRING2KEY s2k; STRING2KEY s2k;
byte iv[8]; /* initialization vector for CFB mode */ byte ivlen; /* used length of the iv */
byte iv[16]; /* initialization vector for CFB mode */
} protect; } protect;
MPI skey[PUBKEY_MAX_NSKEY]; MPI skey[PUBKEY_MAX_NSKEY];
u16 csum; /* checksum */ u16 csum; /* checksum */

View File

@ -1,5 +1,5 @@
/* parse-packet.c - read packets /* parse-packet.c - read packets
* Copyright (C) 1998 Free Software Foundation, Inc. * Copyright (C) 1998, 1999 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -1310,19 +1310,33 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
printf( "\tprotect algo: %d (hash algo: %d)\n", printf( "\tprotect algo: %d (hash algo: %d)\n",
sk->protect.algo, sk->protect.s2k.hash_algo ); sk->protect.algo, sk->protect.s2k.hash_algo );
} }
if( pktlen < 8 ) { /* It is really ugly that we don't know the size
* of the IV here in cases we are not aware of the algorithm.
* so a
* sk->protect.ivlen = cipher_get_blocksize(sk->protect.algo);
* won't work. The only solution I see is to hardwire it here.
*/
switch( sk->protect.algo ) {
case 7: case 8: case 9: /* reserved for AES */
case 10: /* Twofish */
sk->protect.ivlen = 16;
break;
default:
sk->protect.ivlen = 8;
}
if( pktlen < sk->protect.ivlen ) {
rc = G10ERR_INVALID_PACKET; rc = G10ERR_INVALID_PACKET;
goto leave; goto leave;
} }
for(i=0; i < 8 && pktlen; i++, pktlen-- ) for(i=0; i < sk->protect.ivlen && pktlen; i++, pktlen-- )
temp[i] = iobuf_get_noeof(inp); temp[i] = iobuf_get_noeof(inp);
if( list_mode ) { if( list_mode ) {
printf( "\tprotect IV: "); printf( "\tprotect IV: ");
for(i=0; i < 8; i++ ) for(i=0; i < sk->protect.ivlen; i++ )
printf(" %02x", temp[i] ); printf(" %02x", temp[i] );
putchar('\n'); putchar('\n');
} }
memcpy(sk->protect.iv, temp, 8 ); memcpy(sk->protect.iv, temp, sk->protect.ivlen );
} }
else else
sk->is_protected = 0; sk->is_protected = 0;
@ -1330,7 +1344,7 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
* If the user is so careless, not to protect his secret key, * If the user is so careless, not to protect his secret key,
* we can assume, that he operates an open system :=(. * we can assume, that he operates an open system :=(.
* So we put the key into secure memory when we unprotect it. */ * So we put the key into secure memory when we unprotect it. */
if( is_v4 && sk->is_protected ){ if( is_v4 && sk->is_protected ) {
/* ugly; the length is encrypted too, so we read all /* ugly; the length is encrypted too, so we read all
* stuff up to the end of the packet into the first * stuff up to the end of the packet into the first
* skey element */ * skey element */
@ -1539,14 +1553,14 @@ parse_encrypted( IOBUF inp, int pkttype, unsigned long pktlen,
ed->len = pktlen; ed->len = pktlen;
ed->buf = NULL; ed->buf = NULL;
ed->new_ctb = new_ctb; ed->new_ctb = new_ctb;
if( pktlen && pktlen < 10 ) { if( pktlen && pktlen < 10 ) { /* actually this is blocksize+2 */
log_error("packet(%d) too short\n", pkttype); log_error("packet(%d) too short\n", pkttype);
skip_rest(inp, pktlen); skip_rest(inp, pktlen);
goto leave; goto leave;
} }
if( list_mode ) { if( list_mode ) {
if( pktlen ) if( pktlen )
printf(":encrypted data packet:\n\tlength: %lu\n", pktlen-10); printf(":encrypted data packet:\n\tlength: %lu\n", pktlen);
else else
printf(":encrypted data packet:\n\tlength: unknown\n"); printf(":encrypted data packet:\n\tlength: unknown\n");
} }

View File

@ -298,7 +298,7 @@ add_keyblock_resource( const char *url, int force, int secret )
rc = G10ERR_OPEN_FILE; rc = G10ERR_OPEN_FILE;
goto leave; goto leave;
} }
else else if( !opt.quiet )
log_info( _("%s: directory created\n"), filename ); log_info( _("%s: directory created\n"), filename );
copy_options_file( filename ); copy_options_file( filename );
} }
@ -329,6 +329,7 @@ add_keyblock_resource( const char *url, int force, int secret )
} }
} }
#endif #endif
if( !opt.quiet )
log_info(_("%s: keyring created\n"), filename ); log_info(_("%s: keyring created\n"), filename );
} }
} }
@ -1344,7 +1345,7 @@ keyring_copy( KBPOS *kbpos, int mode, KBNODE root )
unlock_rentry( rentry ); unlock_rentry( rentry );
return G10ERR_OPEN_FILE; return G10ERR_OPEN_FILE;
} }
else else if( !opt.quiet )
log_info(_("%s: keyring created\n"), rentry->fname ); log_info(_("%s: keyring created\n"), rentry->fname );
kbctx=NULL; kbctx=NULL;

View File

@ -48,7 +48,6 @@ do_check( PKT_secret_key *sk )
u32 keyid[4]; /* 4! because we need two of them */ u32 keyid[4]; /* 4! because we need two of them */
CIPHER_HANDLE cipher_hd=NULL; CIPHER_HANDLE cipher_hd=NULL;
PKT_secret_key *save_sk; PKT_secret_key *save_sk;
char save_iv[8];
if( sk->protect.algo == CIPHER_ALGO_NONE ) if( sk->protect.algo == CIPHER_ALGO_NONE )
BUG(); BUG();
@ -70,11 +69,9 @@ do_check( PKT_secret_key *sk )
cipher_hd = cipher_open( sk->protect.algo, cipher_hd = cipher_open( sk->protect.algo,
CIPHER_MODE_AUTO_CFB, 1); CIPHER_MODE_AUTO_CFB, 1);
cipher_setkey( cipher_hd, dek->key, dek->keylen ); cipher_setkey( cipher_hd, dek->key, dek->keylen );
cipher_setiv( cipher_hd, NULL );
m_free(dek); m_free(dek);
save_sk = copy_secret_key( NULL, sk ); save_sk = copy_secret_key( NULL, sk );
memcpy(save_iv, sk->protect.iv, 8 ); cipher_setiv( cipher_hd, sk->protect.iv, sk->protect.ivlen );
cipher_decrypt( cipher_hd, sk->protect.iv, sk->protect.iv, 8 );
csum = 0; csum = 0;
if( sk->version >= 4 ) { if( sk->version >= 4 ) {
int ndata; int ndata;
@ -129,7 +126,6 @@ do_check( PKT_secret_key *sk )
if( csum != sk->csum ) { if( csum != sk->csum ) {
copy_secret_key( sk, save_sk ); copy_secret_key( sk, save_sk );
free_secret_key( save_sk ); free_secret_key( save_sk );
memcpy( sk->protect.iv, save_iv, 8 );
return G10ERR_BAD_PASS; return G10ERR_BAD_PASS;
} }
/* the checksum may fail, so we also check the key itself */ /* the checksum may fail, so we also check the key itself */
@ -137,7 +133,6 @@ do_check( PKT_secret_key *sk )
if( res ) { if( res ) {
copy_secret_key( sk, save_sk ); copy_secret_key( sk, save_sk );
free_secret_key( save_sk ); free_secret_key( save_sk );
memcpy( sk->protect.iv, save_iv, 8 );
return G10ERR_BAD_PASS; return G10ERR_BAD_PASS;
} }
free_secret_key( save_sk ); free_secret_key( save_sk );
@ -231,8 +226,12 @@ protect_secret_key( PKT_secret_key *sk, DEK *dek )
if( cipher_setkey( cipher_hd, dek->key, dek->keylen ) ) if( cipher_setkey( cipher_hd, dek->key, dek->keylen ) )
log_info(_("WARNING: Weak key detected" log_info(_("WARNING: Weak key detected"
" - please change passphrase again.\n")); " - please change passphrase again.\n"));
cipher_setiv( cipher_hd, NULL ); sk->protect.ivlen = cipher_get_blocksize( sk->protect.algo );
cipher_encrypt( cipher_hd, sk->protect.iv, sk->protect.iv, 8 ); assert( sk->protect.ivlen <= DIM(sk->protect.iv) );
if( sk->protect.ivlen != 8 && sk->protect.ivlen != 16 )
BUG(); /* yes, we are very careful */
randomize_buffer(sk->protect.iv, sk->protect.ivlen, 1);
cipher_setiv( cipher_hd, sk->protect.iv, sk->protect.ivlen );
if( sk->version >= 4 ) { if( sk->version >= 4 ) {
#define NMPIS (PUBKEY_MAX_NSKEY - PUBKEY_MAX_NPKEY) #define NMPIS (PUBKEY_MAX_NSKEY - PUBKEY_MAX_NPKEY)
byte *bufarr[NMPIS]; byte *bufarr[NMPIS];

View File

@ -443,7 +443,7 @@ tdbio_set_dbname( const char *new_dbname, int create )
#endif #endif
log_fatal( _("%s: can't create directory: %s\n"), log_fatal( _("%s: can't create directory: %s\n"),
fname, strerror(errno) ); fname, strerror(errno) );
else else if( !opt.quiet )
log_info( _("%s: directory created\n"), fname ); log_info( _("%s: directory created\n"), fname );
copy_options_file( fname ); copy_options_file( fname );
} }
@ -489,6 +489,7 @@ tdbio_set_dbname( const char *new_dbname, int create )
if( tdbio_read_record( 0, &rec, RECTYPE_VER ) ) if( tdbio_read_record( 0, &rec, RECTYPE_VER ) )
log_fatal( _("%s: invalid trustdb created\n"), db_name ); log_fatal( _("%s: invalid trustdb created\n"), db_name );
if( !opt.quiet )
log_info(_("%s: trustdb created\n"), db_name); log_info(_("%s: trustdb created\n"), db_name);
return 0; return 0;

View File

@ -41,7 +41,7 @@
#define PUBKEY_ALGO_RSA 1 #define PUBKEY_ALGO_RSA 1
#define PUBKEY_ALGO_RSA_E 2 /* RSA encrypt only */ #define PUBKEY_ALGO_RSA_E 2 /* RSA encrypt only */
#define PUBKEY_ALGO_RSA_S 3 /* RSA sign only */ #define PUBKEY_ALGO_RSA_S 3 /* RSA sign only */
#define PUBKEY_ALGO_ELGAMAL_E 16 /* encrypt only ElGamal (but not vor v3)*/ #define PUBKEY_ALGO_ELGAMAL_E 16 /* encrypt only ElGamal (but not for v3)*/
#define PUBKEY_ALGO_DSA 17 #define PUBKEY_ALGO_DSA 17
#define PUBKEY_ALGO_ELGAMAL 20 /* sign and encrypt elgamal */ #define PUBKEY_ALGO_ELGAMAL 20 /* sign and encrypt elgamal */
@ -130,7 +130,7 @@ unsigned cipher_get_blocksize( int algo );
CIPHER_HANDLE cipher_open( int algo, int mode, int secure ); CIPHER_HANDLE cipher_open( int algo, int mode, int secure );
void cipher_close( CIPHER_HANDLE c ); void cipher_close( CIPHER_HANDLE c );
int cipher_setkey( CIPHER_HANDLE c, byte *key, unsigned keylen ); int cipher_setkey( CIPHER_HANDLE c, byte *key, unsigned keylen );
void cipher_setiv( CIPHER_HANDLE c, const byte *iv ); void cipher_setiv( CIPHER_HANDLE c, const byte *iv, unsigned ivlen );
void cipher_encrypt( CIPHER_HANDLE c, byte *out, byte *in, unsigned nbytes ); void cipher_encrypt( CIPHER_HANDLE c, byte *out, byte *in, unsigned nbytes );
void cipher_decrypt( CIPHER_HANDLE c, byte *out, byte *in, unsigned nbytes ); void cipher_decrypt( CIPHER_HANDLE c, byte *out, byte *in, unsigned nbytes );
void cipher_sync( CIPHER_HANDLE c ); void cipher_sync( CIPHER_HANDLE c );

View File

@ -1,5 +1,5 @@
/* ttyio.h /* ttyio.h
* Copyright (C) 1998 Free Software Foundation, Inc. * Copyright (C) 1998, 1999 Free Software Foundation, Inc.
* *
* This file is part of GNUPG. * This file is part of GNUPG.
* *
@ -20,6 +20,7 @@
#ifndef G10_TTYIO_H #ifndef G10_TTYIO_H
#define G10_TTYIO_H #define G10_TTYIO_H
int tty_batchmode( int onoff );
void tty_printf( const char *fmt, ... ); void tty_printf( const char *fmt, ... );
void tty_print_string( byte *p, size_t n ); void tty_print_string( byte *p, size_t n );
char *tty_get( const char *prompt ); char *tty_get( const char *prompt );

View File

@ -1,3 +1,8 @@
Sun Apr 18 10:11:28 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* mpih-mul.c (mpihelp_mul_n): Fixed use of memory region.
(mpihelp_mul): Ditto.
Wed Apr 7 20:51:39 CEST 1999 Werner Koch <wk@isil.d.shuttle.de> Wed Apr 7 20:51:39 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* Makefile.am: Explicit rules to invoke cpp on *.S * Makefile.am: Explicit rules to invoke cpp on *.S

View File

@ -52,7 +52,8 @@ mpi_powm( MPI res, MPI base, MPI exp, MPI mod)
mpi_ptr_t xp_marker=NULL; mpi_ptr_t xp_marker=NULL;
int assign_rp=0; int assign_rp=0;
mpi_ptr_t tspace = NULL; mpi_ptr_t tspace = NULL;
mpi_size_t tsize=0; /* to avoid compiler warning, fixme: check */ mpi_size_t tsize=0; /* to avoid compiler warning */
/* fixme: we should check that the warning is void*/
esize = exp->nlimbs; esize = exp->nlimbs;
msize = mod->nlimbs; msize = mod->nlimbs;

View File

@ -1,6 +1,5 @@
/* mpihelp-mul.c - MPI helper functions /* mpihelp-mul.c - MPI helper functions
* Copyright (C) 1998 Free Software Foundation, Inc. * Copyright (C) 1994, 1996, 1998, 1999 Free Software Foundation, Inc.
* Copyright (C) 1994, 1996 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -346,14 +345,15 @@ mpih_sqr_n( mpi_ptr_t prodp, mpi_ptr_t up, mpi_size_t size, mpi_ptr_t tspace)
void void
mpihelp_mul_n( mpi_ptr_t prodp, mpi_ptr_t up, mpi_ptr_t vp, mpi_size_t size) mpihelp_mul_n( mpi_ptr_t prodp, mpi_ptr_t up, mpi_ptr_t vp, mpi_size_t size)
{ {
/* FIXME: mpi_alloc_limb_space, secure arg is wrong! */ int secure;
if( up == vp ) { if( up == vp ) {
if( size < KARATSUBA_THRESHOLD ) if( size < KARATSUBA_THRESHOLD )
mpih_sqr_n_basecase( prodp, up, size ); mpih_sqr_n_basecase( prodp, up, size );
else { else {
mpi_ptr_t tspace; mpi_ptr_t tspace;
tspace = mpi_alloc_limb_space( 2 * size, 0 ); secure = m_is_secure( up );
tspace = mpi_alloc_limb_space( 2 * size, secure );
mpih_sqr_n( prodp, up, size, tspace ); mpih_sqr_n( prodp, up, size, tspace );
mpi_free_limb_space( tspace ); mpi_free_limb_space( tspace );
} }
@ -363,7 +363,8 @@ mpihelp_mul_n( mpi_ptr_t prodp, mpi_ptr_t up, mpi_ptr_t vp, mpi_size_t size)
mul_n_basecase( prodp, up, vp, size ); mul_n_basecase( prodp, up, vp, size );
else { else {
mpi_ptr_t tspace; mpi_ptr_t tspace;
tspace = mpi_alloc_limb_space( 2 * size, 0 ); secure = m_is_secure( up ) || m_is_secure( vp );
tspace = mpi_alloc_limb_space( 2 * size, secure );
mul_n (prodp, up, vp, size, tspace); mul_n (prodp, up, vp, size, tspace);
mpi_free_limb_space( tspace ); mpi_free_limb_space( tspace );
} }
@ -436,16 +437,16 @@ mpihelp_mul( mpi_ptr_t prodp, mpi_ptr_t up, mpi_size_t usize,
return cy; return cy;
} }
/* FIXME: mpi_alloc_limb_space, secure arg is wrong! */ tspace = mpi_alloc_limb_space( 2 * vsize,
tspace = mpi_alloc_limb_space( 2 * vsize, 0 ); m_is_secure( up ) || m_is_secure( vp ) );
MPN_MUL_N_RECURSE( prodp, up, vp, vsize, tspace ); MPN_MUL_N_RECURSE( prodp, up, vp, vsize, tspace );
prodp += vsize; prodp += vsize;
up += vsize; up += vsize;
usize -= vsize; usize -= vsize;
if( usize >= vsize ) { if( usize >= vsize ) {
/* FIXME: mpi_alloc_limb_space, secure arg is wrong! */ mpi_ptr_t tp = mpi_alloc_limb_space( 2 * vsize, m_is_secure( up )
mpi_ptr_t tp = mpi_alloc_limb_space( 2 * vsize, 0 ); || m_is_secure( vp ) );
do { do {
MPN_MUL_N_RECURSE( tp, up, vp, vsize, tspace ); MPN_MUL_N_RECURSE( tp, up, vp, vsize, tspace );
cy = mpihelp_add_n( prodp, prodp, tp, vsize ); cy = mpihelp_add_n( prodp, prodp, tp, vsize );

View File

@ -37,7 +37,7 @@
#endif #endif
/**************** /****************
* fixme: It was a bad idea to use the number of limbs to allocate * Note: It was a bad idea to use the number of limbs to allocate
* because on a alpha the limbs are large but we normally need * because on a alpha the limbs are large but we normally need
* integers of n bits - So we should chnage this to bits (or bytes). * integers of n bits - So we should chnage this to bits (or bytes).
* *
@ -159,7 +159,11 @@ mpi_resize( MPI a, unsigned nlimbs )
{ {
if( nlimbs <= a->alloced ) if( nlimbs <= a->alloced )
return; /* no need to do it */ return; /* no need to do it */
/* FIXME: add realloc_secure based on a->secure */ /* Note: a->secure is not used - instead the realloc functions
* take care of it. Maybe we should drop a->secure completely
* and rely on a mpi_is_secure function, which would be
* a wrapper around m_is_secure
*/
#ifdef M_DEBUG #ifdef M_DEBUG
if( a->d ) if( a->d )
a->d = m_debug_realloc(a->d, nlimbs * sizeof(mpi_limb_t), info ); a->d = m_debug_realloc(a->d, nlimbs * sizeof(mpi_limb_t), info );

View File

@ -97,7 +97,7 @@ main(int argc, char **argv)
hd = cipher_open( algo, CIPHER_MODE_CFB, 0 ); hd = cipher_open( algo, CIPHER_MODE_CFB, 0 );
cipher_setkey( hd, *argv, strlen(*argv) ); cipher_setkey( hd, *argv, strlen(*argv) );
cipher_setiv( hd, NULL ); cipher_setiv( hd, NULL, 0 );
while( (n = fread( buf, 1, size, stdin )) > 0 ) { while( (n = fread( buf, 1, size, stdin )) > 0 ) {
if( encode ) if( encode )
cipher_encrypt( hd, buf, buf, n ); cipher_encrypt( hd, buf, buf, n );

View File

@ -1,3 +1,9 @@
Sun Apr 18 10:11:28 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* argparse.c (store_alias): Disabled becuase it is not used.
* ttyio.c (tty_batchmode): New
Sat Mar 20 11:44:21 CET 1999 Werner Koch <wk@isil.d.shuttle.de> Sat Mar 20 11:44:21 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* http.c: Swapped to includes. * http.c: Swapped to includes.

View File

@ -197,15 +197,20 @@ initialize( ARGPARSE_ARGS *arg, const char *filename, unsigned *lineno )
} }
static void static void
store_alias( ARGPARSE_ARGS *arg, char *name, char *value ) store_alias( ARGPARSE_ARGS *arg, char *name, char *value )
{ {
/* TODO: replace this dummy function with a rea one
* and fix the probelms IRIX has with (ALIAS_DEV)arg..
* used as lvalue
*/
#if 0
ALIAS_DEF a = m_alloc( sizeof *a ); ALIAS_DEF a = m_alloc( sizeof *a );
a->name = name; a->name = name;
a->value = value; a->value = value;
a->next = (ALIAS_DEF)arg->internal.aliases; a->next = (ALIAS_DEF)arg->internal.aliases;
(ALIAS_DEF)arg->internal.aliases = a; (ALIAS_DEF)arg->internal.aliases = a;
#endif
} }
/**************** /****************
@ -418,7 +423,7 @@ find_long_option( ARGPARSE_ARGS *arg,
/* see whether it is an alias */ /* see whether it is an alias */
for( a = args->internal.aliases; a; a = a->next ) { for( a = args->internal.aliases; a; a = a->next ) {
if( !strcmp( a->name, keyword) ) { if( !strcmp( a->name, keyword) ) {
/* fixme: must parse the alias here */ /* todo: must parse the alias here */
args->internal.cur_alias = a; args->internal.cur_alias = a;
return -3; /* alias available */ return -3; /* alias available */
} }

View File

@ -270,7 +270,7 @@ do_parse_uri( PARSED_URI uri, int only_local_part )
if( !p || !*p ) /* we don't have a path */ if( !p || !*p ) /* we don't have a path */
return 0; /* and this is okay */ return 0; /* and this is okay */
/* fixme: here we have to check params */ /* todo: here we have to check params */
/* do we have a query part */ /* do we have a query part */
if( (p2 = strchr( p, '?' )) ) if( (p2 = strchr( p, '?' )) )
@ -463,7 +463,7 @@ build_rel_path( PARSED_URI uri )
/* count the needed space */ /* count the needed space */
n = insert_escapes( NULL, uri->path, "%;?&" ); n = insert_escapes( NULL, uri->path, "%;?&" );
/* fixme: add params */ /* todo: build params */
for( r=uri->query; r; r = r->next ) { for( r=uri->query; r; r = r->next ) {
n++; /* '?'/'&' */ n++; /* '?'/'&' */
n += insert_escapes( NULL, r->name, "%;?&=" ); n += insert_escapes( NULL, r->name, "%;?&=" );
@ -476,13 +476,13 @@ build_rel_path( PARSED_URI uri )
p = rel_path = m_alloc( n ); p = rel_path = m_alloc( n );
n = insert_escapes( p, uri->path, "%;?&" ); n = insert_escapes( p, uri->path, "%;?&" );
p += n; p += n;
/* fixme: add params */ /* todo: add params */
for( r=uri->query; r; r = r->next ) { for( r=uri->query; r; r = r->next ) {
*p++ = r == uri->query? '?':'&'; *p++ = r == uri->query? '?':'&';
n = insert_escapes( p, r->name, "%;?&=" ); n = insert_escapes( p, r->name, "%;?&=" );
p += n; p += n;
*p++ = '='; *p++ = '=';
/* fixme: use valuelen */ /* todo: use valuelen */
n = insert_escapes( p, r->value, "%;?&=" ); n = insert_escapes( p, r->value, "%;?&=" );
p += n; p += n;
} }
@ -526,7 +526,7 @@ parse_response( HTTP_HD hd )
if( !p2 ) if( !p2 )
return 0; /* assume http 0.9 */ return 0; /* assume http 0.9 */
p = p2; p = p2;
/* fixme: add HTTP version number check here */ /* todo: add HTTP version number check here */
if( (p2 = strpbrk( p, " \t" ) ) ) if( (p2 = strpbrk( p, " \t" ) ) )
*p2++ = 0; *p2++ = 0;
if( !isdigit(p[0]) || !isdigit(p[1]) || !isdigit(p[2]) || p[3] ) { if( !isdigit(p[0]) || !isdigit(p[1]) || !isdigit(p[2]) || p[3] ) {

View File

@ -123,19 +123,20 @@ static void check_allmem( const char *info );
static void static void
add_entry( byte *p, unsigned n, int mode, const char *info, const char *by ) add_entry( byte *p, unsigned n, int mode, const char *info, const char *by )
{ {
unsigned idx; unsigned index;
struct memtbl_entry *e; struct memtbl_entry *e;
struct info_entry *ie; struct info_entry *ie;
if( memtbl_len < memtbl_size ) if( memtbl_len < memtbl_size )
idx = memtbl_len++; index = memtbl_len++;
else { else {
struct memtbl_entry *e;
/* look for a used entry in the table. We take the first one, /* look for a used entry in the table. We take the first one,
* so that freed entries remain as long as possible in the table * so that freed entries remain as long as possible in the table
* (free appends a new one) * (free appends a new one)
*/ */
if( (e = memtbl_unused) ) { if( (e = memtbl_unused) ) {
idx = e - memtbl; index = e - memtbl;
memtbl_unused = e->next; memtbl_unused = e->next;
e->next = NULL; e->next = NULL;
} }
@ -144,33 +145,32 @@ add_entry( byte *p, unsigned n, int mode, const char *info, const char *by )
memtbl_size = 100; memtbl_size = 100;
if( !(memtbl = calloc( memtbl_size, sizeof *memtbl )) ) if( !(memtbl = calloc( memtbl_size, sizeof *memtbl )) )
membug("memory debug table malloc failed\n"); membug("memory debug table malloc failed\n");
idx = 0; index = 0;
memtbl_len = 1; memtbl_len = 1;
atexit( dump_table_at_exit ); atexit( dump_table_at_exit );
} }
else { /* realloc */ else { /* realloc */
unsigned nn = memtbl_size / 4; /* enlarge by 25% */ unsigned n = memtbl_size / 4; /* enlarge by 25% */
if(!(memtbl = realloc(memtbl, (memtbl_size+nn)*sizeof *memtbl))) if(!(memtbl = realloc(memtbl, (memtbl_size+n)*sizeof *memtbl)))
membug("memory debug table realloc failed\n"); membug("memory debug table realloc failed\n");
memset(memtbl+memtbl_size, 0, n*sizeof *memtbl ); memset(memtbl+memtbl_size, 0, n*sizeof *memtbl );
memtbl_size += nn; memtbl_size += n;
idx = memtbl_len++; index = memtbl_len++;
} }
} }
} }
e = memtbl+idx; e = memtbl+index;
if( e->inuse ) if( e->inuse )
membug("Ooops: entry %u is flagged as in use\n", idx); membug("Ooops: entry %u is flagged as in use\n", index);
e->user_p = p + 4; e->user_p = p + 4;
e->user_n = n; e->user_n = n;
e->count++; e->count++;
if( e->next ) if( e->next )
membug("Ooops: entry is in free entry list\n"); membug("Ooops: entry is in free entry list\n");
/* do we already have this info string */ /* do we already have this info string */
for( ie = info_strings[info_hash(info)]; ie; ie = ie->next ) { for( ie = info_strings[info_hash(info)]; ie; ie = ie->next )
if( ie->info == info ) if( ie->info == info )
break; break;
}
if( !ie ) { /* no: make a new entry */ if( !ie ) { /* no: make a new entry */
if( !(ie = malloc( sizeof *ie )) ) if( !(ie = malloc( sizeof *ie )) )
membug("can't allocate info entry\n"); membug("can't allocate info entry\n");
@ -184,9 +184,9 @@ add_entry( byte *p, unsigned n, int mode, const char *info, const char *by )
e->inuse = 1; e->inuse = 1;
/* put the index at the start of the memory */ /* put the index at the start of the memory */
p[0] = idx; p[0] = index;
p[1] = idx >> 8 ; p[1] = index >> 8 ;
p[2] = idx >> 16 ; p[2] = index >> 16 ;
p[3] = mode? MAGIC_SEC_BYTE : MAGIC_NOR_BYTE ; p[3] = mode? MAGIC_SEC_BYTE : MAGIC_NOR_BYTE ;
if( DBG_MEMORY ) if( DBG_MEMORY )
log_debug( "%s allocates %u bytes using %s\n", info, e->user_n, by ); log_debug( "%s allocates %u bytes using %s\n", info, e->user_n, by );

View File

@ -324,6 +324,8 @@ secmem_free( void *a )
mb = (MEMBLOCK*)((char*)a - ((size_t) &((MEMBLOCK*)0)->u.aligned.c)); mb = (MEMBLOCK*)((char*)a - ((size_t) &((MEMBLOCK*)0)->u.aligned.c));
size = mb->size; size = mb->size;
/* This does not make much sense: probably this memory is held in the
* cache. We do it anyway: */
memset(mb, 0xff, size ); memset(mb, 0xff, size );
memset(mb, 0xaa, size ); memset(mb, 0xaa, size );
memset(mb, 0x55, size ); memset(mb, 0x55, size );

View File

@ -47,6 +47,25 @@ static ushort koi82unicode[128] = {
0x042c,0x042b,0x0417,0x0428,0x042d,0x0429,0x0427,0x042a 0x042c,0x042b,0x0417,0x0428,0x042d,0x0429,0x0427,0x042a
}; };
static ushort latin2_unicode[128] = {
0x0080,0x0081,0x0082,0x0083,0x0084,0x0085,0x0086,0x0087,
0x0088,0x0089,0x008A,0x008B,0x008C,0x008D,0x008E,0x008F,
0x0090,0x0091,0x0092,0x0093,0x0094,0x0095,0x0096,0x0097,
0x0098,0x0099,0x009A,0x009B,0x009C,0x009D,0x009E,0x009F,
0x00A0,0x0104,0x02D8,0x0141,0x00A4,0x013D,0x015A,0x00A7,
0x00A8,0x0160,0x015E,0x0164,0x0179,0x00AD,0x017D,0x017B,
0x00B0,0x0105,0x02DB,0x0142,0x00B4,0x013E,0x015B,0x02C7,
0x00B8,0x0161,0x015F,0x0165,0x017A,0x02DD,0x017E,0x017C,
0x0154,0x00C1,0x00C2,0x0102,0x00C4,0x0139,0x0106,0x00C7,
0x010C,0x00C9,0x0118,0x00CB,0x011A,0x00CD,0x00CE,0x010E,
0x0110,0x0143,0x0147,0x00D3,0x00D4,0x0150,0x00D6,0x00D7,
0x0158,0x016E,0x00DA,0x0170,0x00DC,0x00DD,0x0162,0x00DF,
0x0155,0x00E1,0x00E2,0x0103,0x00E4,0x013A,0x0107,0x00E7,
0x010D,0x00E9,0x0119,0x00EB,0x011B,0x00ED,0x00EE,0x010F,
0x0111,0x0144,0x0148,0x00F3,0x00F4,0x0151,0x00F6,0x00F7,
0x0159,0x016F,0x00FA,0x0171,0x00FC,0x00FD,0x0163,0x02D9
};
void void

View File

@ -57,6 +57,7 @@ static FILE *ttyfp = NULL;
static int initialized; static int initialized;
static int last_prompt_len; static int last_prompt_len;
static int batchmode;
#ifdef HAVE_TCGETATTR #ifdef HAVE_TCGETATTR
static struct termios termsave; static struct termios termsave;
@ -108,9 +109,11 @@ init_ttyfp(void)
#elif defined(__EMX__) #elif defined(__EMX__)
ttyfp = stdout; /* Fixme: replace by the real functions: see wklib */ ttyfp = stdout; /* Fixme: replace by the real functions: see wklib */
#else #else
ttyfp = fopen("/dev/tty", "r+"); ttyfp = batchmode? stderr : fopen("/dev/tty", "r+");
if( !ttyfp ) if( !ttyfp ) {
log_fatal("cannot open /dev/tty: %s\n", strerror(errno) ); log_error("cannot open /dev/tty: %s\n", strerror(errno) );
exit(2);
}
#endif #endif
#ifdef HAVE_TCGETATTR #ifdef HAVE_TCGETATTR
atexit( cleanup ); atexit( cleanup );
@ -118,6 +121,14 @@ init_ttyfp(void)
initialized = 1; initialized = 1;
} }
int
tty_batchmode( int onoff )
{
int old = batchmode;
if( onoff != -1 )
batchmode = onoff;
return old;
}
void void
tty_printf( const char *fmt, ... ) tty_printf( const char *fmt, ... )
@ -220,6 +231,11 @@ do_get( const char *prompt, int hidden )
byte cbuf[1]; byte cbuf[1];
int c, n, i; int c, n, i;
if( batchmode ) {
log_error("Sorry, we are in batchmode - can't get input\n");
exit(2);
}
if( !initialized ) if( !initialized )
init_ttyfp(); init_ttyfp();
@ -336,6 +352,8 @@ tty_kill_prompt()
if( !initialized ) if( !initialized )
init_ttyfp(); init_ttyfp();
if( batchmode )
last_prompt_len = 0;
if( !last_prompt_len ) if( !last_prompt_len )
return; return;
#if __MINGW32__ #if __MINGW32__