See ChangeLog: Sat Sep 18 12:16:08 CEST 1999 Werner Koch

cipher/Makefile.am

@@ -99,4 +99,9 @@ rndlinux: $(srcdir)/rndlinux.c
 rndegd: $(srcdir)/rndegd.c
 	$(COMPILE) $(DYNLINK_MOD_CFLAGS) -o rndegd $(srcdir)/rndegd.c
 
+# We need to have a better system for selection which modules
+# to compile.  For now this works.
+rndw32: $(srcdir)/rndw32.c
+	echo "#!/bin/sh" >rndw32
+	echo "Not usable as a module" >>rndw32
 

cipher/cipher.c

@@ -362,6 +362,7 @@ cipher_open( int algo, int mode, int secure )
     if( algo == CIPHER_ALGO_DUMMY )
 	hd->mode = CIPHER_MODE_DUMMY;
     else if( mode == CIPHER_MODE_AUTO_CFB ) {
+	#warning Remove this code and the AUTO:CFB macro.
 	if( algo >= 100 )
 	    hd->mode = CIPHER_MODE_CFB;
 	else

cipher/rndw32.c

@@ -0,0 +1,265 @@
+/* rndw32.c  -	interface to the Winseed DLL
+ *	Copyright (C) 1999 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <assert.h>
+#include <errno.h>
+#include <string.h>
+
+#include <windows.h>
+
+#include "types.h"
+#include "util.h"
+#include "dynload.h"
+
+
+#ifdef IS_MODULE
+  #define _(a) (a)
+#else
+  #include "i18n.h"
+#endif
+
+
+#define WIN32_SLOW_SEEDER	0
+#define WIN32_FAST_SEEDER	1
+
+#define PCP_SUCCESS		0
+#define PCP_NULL_POINTER	1
+#define PCP_SEEDER_FAILED	2
+#define PCP_SEEDER_NO_MEM	3
+#define PCP_SEEDER_TOO_SMALL	4
+#define PCP_DLL_LOAD_FAILED	5
+#define PCP_UNKNOWN_PLATFORM	6
+#define PCP_ERROR_VERSION	7
+#define PCP_DLL_FUNC		8
+#define PCP_UNKNOWN_SEEDER_TYPE 9
+
+typedef void *WIN32_SEEDER;
+
+static WIN32_SEEDER (WINAPI *create_instance)( byte type, unsigned int *reason);
+static void	    (WINAPI *delete_instance)( WIN32_SEEDER that );
+static unsigned int (WINAPI *get_internal_seed_size)( WIN32_SEEDER that );
+static void	    (WINAPI *set_internal_seed_size)( WIN32_SEEDER that,
+						      unsigned int new_size);
+static unsigned int (WINAPI *get_expected_seed_size)( WIN32_SEEDER that);
+static unsigned int (WINAPI *get_seed)( WIN32_SEEDER that, byte *buffer,
+					unsigned int *desired_length);
+
+static WIN32_SEEDER slow_seeder, fast_seeder;
+static byte *entropy_buffer;
+static size_t entropy_buffer_size;
+
+static char *entropy_dll;
+
+/****************
+ * Load and initialize the winseed DLL
+ * NOTE: winseed is not part of the GnuPG distribution.  It should be available
+ * at the GNU crypto FTP server site.
+ * We do not load the DLL on demand to have a better control over the
+ * location of the library.
+ */
+static void
+load_and_init_winseed( void )
+{
+    int hInstance;
+    void *addr;
+    unsigned int reason = 0;
+    unsigned int n1, n2;
+    const char *dllname = entropy_dll? entropy_dll : "c:/gnupg/entropy.dll";
+
+    hInstance = LoadLibrary( dllname );
+    if( !hInstance )
+	goto failure;
+    if( !(addr = GetProcAddress( hInstance, "WS_create_instance" )) )
+	goto failure;
+    create_instance = addr;
+    if( !(addr = GetProcAddress( hInstance, "WS_delete_instance" )) )
+	goto failure;
+    delete_instance = addr;
+    if( !(addr = GetProcAddress( hInstance, "WS_get_internal_seed_size" )) )
+	goto failure;
+    get_internal_seed_size = addr;
+    if( !(addr = GetProcAddress( hInstance, "WS_set_internal_seed_size" )) )
+	goto failure;
+    set_internal_seed_size = addr;
+    if( !(addr = GetProcAddress( hInstance, "WS_get_expected_seed_size" )) )
+	goto failure;
+    get_expected_seed_size = addr;
+    if( !(addr = GetProcAddress( hInstance, "WS_get_seed" )) )
+	goto failure;
+    get_seed = addr;
+
+    /* we have all the functions - init the system */
+    slow_seeder = create_instance( WIN32_SLOW_SEEDER, &reason);
+    if( !slow_seeder ) {
+	g10_log_fatal("error creating winseed slow seeder: rc=%u\n", reason );
+	goto failure;
+    }
+    fast_seeder = create_instance( WIN32_FAST_SEEDER, &reason);
+    if( !fast_seeder ) {
+	g10_log_fatal("error creating winseed fast seeder: rc=%u\n", reason );
+	goto failure;
+    }
+    g10_log_info("slow and fast seeders created.\n");
+    n1 = get_internal_seed_size( slow_seeder );
+    g10_log_info("slow buffer size=%u\n", n1);
+    n2 = get_internal_seed_size( fast_seeder );
+    g10_log_info("fast buffer size=%u\n", n2);
+
+    entropy_buffer_size =  n1 > n2? n1: n2;
+    entropy_buffer = m_alloc( entropy_buffer_size );
+    g10_log_info("using a buffer of size=%u\n", entropy_buffer_size );
+
+    return;
+
+  failure:
+    g10_log_fatal("error loading winseed DLL `%s'\n", dllname );
+}
+
+
+
+
+
+/* Note: we always use the highest level.
+ * TO boost the performance we may want to add some
+ * additional code for level 1
+ */
+static int
+gather_random( void (*add)(const void*, size_t, int), int requester,
+					  size_t length, int level )
+{
+    unsigned int result;
+    unsigned int nbytes;
+
+    if( !slow_seeder )
+	load_and_init_winseed();
+
+    /* Our estimation on how much entropy we should use is very vague.
+     * Winseed delivers some amount of entropy on each slow poll and
+     * we add it to our random pool.  Depending on the required quality
+     * level we adjust the requested length so that for higer quality
+     * we make sure to add more entropy to our pool.  However, as we don't
+     * like to waste any entropy collected by winseed, we always add
+     * at least everything we got from winseed.
+     */
+    if( level > 1 )
+	length *= 100;
+    else if( level > 0 )
+	length *= 10;
+
+    for(;;) {
+	nbytes = entropy_buffer_size;
+	result = get_seed( slow_seeder, entropy_buffer, &nbytes);
+	if( result ) {
+	    g10_log_fatal("rndw32: get_seed(slow) failed: rc=%u\n", result);
+	    return -1; /* actually never reached */
+	}
+	g10_log_info("rndw32: slow poll level %d, need %u, got %u\n",
+		      level, (unsigned int)length, (unsigned int)nbytes );
+	(*add)( entropy_buffer, nbytes, requester );
+	if( length <= nbytes )
+	    return 0; /* okay */
+	length -= nbytes;
+	g10_log_info("rndw32: need more\n");
+    }
+}
+
+static int
+gather_random_fast( void (*add)(const void*, size_t, int), int requester )
+{
+    unsigned int result;
+    unsigned int nbytes;
+
+    if( !fast_seeder )
+	load_and_init_winseed();
+
+    /* winseed delivers a constant ammount of entropy for a fast
+     * poll.  We can simply use this and add it to the pool; no need
+     * a loop like it is used in the slow poll */
+    nbytes = entropy_buffer_size;
+    result = get_seed( fast_seeder, entropy_buffer, &nbytes);
+    if( result ) {
+	g10_log_fatal("rndw32: get_seed(fast) failed: rc=%u\n", result);
+	return -1; /* actually never reached */
+    }
+    /*g10_log_info("rndw32: fast poll got %u\n", (unsigned int)nbytes );*/
+    (*add)( entropy_buffer, nbytes, requester );
+    return 0;
+}
+
+
+
+#ifndef IS_MODULE
+static
+#endif
+const char * const gnupgext_version = "RNDW32 ($Revision$)";
+
+static struct {
+    int class;
+    int version;
+    void *func;
+} func_table[] = {
+    { 40, 1, gather_random },
+    { 41, 1, gather_random_fast },
+};
+
+
+#ifndef IS_MODULE
+static
+#endif
+void *
+gnupgext_enum_func( int what, int *sequence, int *class, int *vers )
+{
+    void *ret;
+    int i = *sequence;
+
+    do {
+	if ( i >= DIM(func_table) || i < 0 ) {
+	    return NULL;
+	}
+	*class = func_table[i].class;
+	*vers  = func_table[i].version;
+	ret = func_table[i].func;
+	i++;
+    } while ( what && what != *class );
+
+    *sequence = i;
+    return ret;
+}
+
+#ifdef USE_STATIC_RNDW32
+void
+rndw32_set_dll_name( const char *name )
+{
+    entropy_dll = m_strdup( name );
+}
+#endif
+
+#ifndef IS_MODULE
+void
+rndw32_constructor(void)
+{
+    register_internal_cipher_extension( gnupgext_version,
+					gnupgext_enum_func );
+}
+#endif
+

g10/ChangeLog

@@ -1,3 +1,13 @@
+Sat Sep 18 12:16:08 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+
+	* filter.h: Changed cipher handle types to the the GCRY_xxx ones.
+	replaces include cipher by system header include gcrypt.h.
+	* cipher.c: replaced the cipher functions by the gcry_ ones.
+	Ditto for the md functions.
+
+	* misc.c (map_gcry_rc): New.
+
 Fri Sep 17 12:56:42 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
 
 

g10/cipher.c

@@ -44,40 +44,58 @@ write_header( cipher_filter_context_t *cfx, IOBUF a )
     PACKET pkt;
     PKT_encrypted ed;
     byte temp[18];
-    unsigned blocksize;
+    int blocksize;
     unsigned nprefix;
     int use_mdc = opt.force_mdc;
+    int rc;
 
     memset( &ed, 0, sizeof ed );
     ed.len = cfx->datalen;
     ed.new_ctb = !ed.len && !opt.rfc1991;
     if( use_mdc ) {
 	ed.mdc_method = DIGEST_ALGO_SHA1;
-	cfx->mdc_hash = md_open( DIGEST_ALGO_SHA1, 0 );
-	md_start_debug( cfx->mdc_hash, "mdccreat" );
+	cfx->mdc_hash = gcry_md_open( DIGEST_ALGO_SHA1, 0 );
+	/*md_start_debug( cfx->mdc_hash, "mdccreat" );*/
     }
     init_packet( &pkt );
     pkt.pkttype = use_mdc? PKT_ENCRYPTED_MDC : PKT_ENCRYPTED;
     pkt.pkt.encrypted = &ed;
     if( build_packet( a, &pkt ))
 	log_bug("build_packet(ENCR_DATA) failed\n");
-    blocksize = cipher_get_blocksize( cfx->dek->algo );
+    blocksize = gcry_cipher_get_algo_blklen( cfx->dek->algo );
     if( blocksize < 8 || blocksize > 16 )
-	log_fatal("unsupported blocksize %u\n", blocksize );
+	log_fatal("unsupported blocksize %d\n", blocksize );
     nprefix = blocksize;
     randomize_buffer( temp, nprefix, 1 );
     temp[nprefix] = temp[nprefix-2];
     temp[nprefix+1] = temp[nprefix-1];
     print_cipher_algo_note( cfx->dek->algo );
-    cfx->cipher_hd = cipher_open( cfx->dek->algo, CIPHER_MODE_AUTO_CFB, 1 );
+    if( gcry_cipher_open( &cfx->cipher_hd,
+			  cfx->dek->algo,
+			  CIPHER_MODE_CFB,
+			  GCRY_CIPHER_SECURE
+			  | (cfy->dek->algo >= 100 ?
+				0 : GCRY_CIPHER_ENABLE_SYNC) )
+			) {
+	/* we should never get an error here cause we already checked, that
+	 * the algorithm is available. */
+	BUG();
+    }
+
 /*   log_hexdump( "thekey", cfx->dek->key, cfx->dek->keylen );*/
-    cipher_setkey( cfx->cipher_hd, cfx->dek->key, cfx->dek->keylen );
-    cipher_setiv( cfx->cipher_hd, NULL, 0 );
+    rc = gcry_cipher_setkey( cfx->cipher_hd, cfx->dek->key, cfx->dek->keylen );
+    if( !rc )
+	rc = gcry_cipher_setiv( cfx->cipher_hd, NULL, 0 );
+    if( rc )
+	log_fatal("set key or IV failed: %s\n", gcry_strerror(rc) );
 /*  log_hexdump( "prefix", temp, nprefix+2 ); */
     if( cfx->mdc_hash )
-	md_write( cfx->mdc_hash, temp, nprefix+2 );
-    cipher_encrypt( cfx->cipher_hd, temp, temp, nprefix+2);
-    cipher_sync( cfx->cipher_hd );
+	gcry_md_write( cfx->mdc_hash, temp, nprefix+2 );
+    rc = cipher_encrypt( cfx->cipher_hd, temp, nprefix+2, NULL, 0 );
+    if( !rc )
+	rc = gcry_cipher_sync( cfx->cipher_hd );
+    if( rc )
+	log_fatal("encrypt failed: %s\n", gcry_strerror(rc) );
     iobuf_write(a, temp, nprefix+2);
     cfx->header=1;
 }
@@ -104,23 +122,26 @@ cipher_filter( void *opaque, int control,
 	    write_header( cfx, a );
 	}
 	if( cfx->mdc_hash )
-	    md_write( cfx->mdc_hash, buf, size );
-	cipher_encrypt( cfx->cipher_hd, buf, buf, size);
+	    gcry_md_write( cfx->mdc_hash, buf, size );
+	rc = gcry_cipher_encrypt( cfx->cipher_hd, buf, size, NULL, 0);
+	if( rc )
+	    log_fatal("encrypt failed: %s\n", gcry_strerror(rc) );
 	if( iobuf_write( a, buf, size ) )
 	    rc = G10ERR_WRITE_FILE;
     }
     else if( control == IOBUFCTRL_FREE ) {
 	if( cfx->mdc_hash ) {
 	    byte *hash;
-	    int hashlen = md_digest_length( md_get_algo( cfx->mdc_hash ) );
-	    md_final( cfx->mdc_hash );
-	    hash = md_read( cfx->mdc_hash, 0 );
-	    cipher_encrypt( cfx->cipher_hd, hash, hash, hashlen );
+	    int hashlen = gcry_md_get_algo_dlen( gcry_md_get_algo( cfx->mdc_hash ) );
+	    hash = gcry_md_read( cfx->mdc_hash, 0 );
+	    rc = gcry_cipher_encrypt( cfx->cipher_hd, hash, hashlen, NULL, 0 );
+	    if( rc )
+		log_fatal("encrypt failed: %s\n", gcry_strerror(rc) );
 	    if( iobuf_write( a, hash, hashlen ) )
 		rc = G10ERR_WRITE_FILE;
-	    md_close( cfx->mdc_hash ); cfx->mdc_hash = NULL;
+	    gcry_md_close( cfx->mdc_hash ); cfx->mdc_hash = NULL;
 	}
-	cipher_close(cfx->cipher_hd);
+	gcry_cipher_close(cfx->cipher_hd);
     }
     else if( control == IOBUFCTRL_DESC ) {
 	*(char**)buf = "cipher_filter";

g10/encr-data.c

@@ -23,6 +23,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <assert.h>
+#include <gcrypt.h>
 #include "util.h"
 #include "memory.h"
 #include "packet.h"
@@ -38,8 +39,8 @@ static int mdc_decode_filter( void *opaque, int control, IOBUF a,
 					byte *buf, size_t *ret_len);
 
 typedef struct {
-    CIPHER_HANDLE cipher_hd;
-    MD_HANDLE mdc_hash;
+    GCRY_CIPHER_HD cipher_hd;
+    GCRY_MD_HD mdc_hash;
     char defer[20];
     int  defer_filled;
     int  eof_seen;
@@ -55,27 +56,28 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
     decode_filter_ctx_t dfx;
     byte *p;
     int rc=0, c, i;
+    int algo_okay;
     byte temp[32];
-    unsigned blocksize;
+    int blocksize;
     unsigned nprefix;
 
     memset( &dfx, 0, sizeof dfx );
-    if( opt.verbose ) {
-	const char *s = cipher_algo_to_string( dek->algo );
-	if( s )
-	    log_info(_("%s encrypted data\n"), s );
-	else
+    if( gcry_cipher_test_algo( dek->algo ) ) {
+	if( opt.verbose )
 	    log_info(_("encrypted with unknown algorithm %d\n"), dek->algo );
-    }
-    if( (rc=check_cipher_algo(dek->algo)) )
+	rc = G10ERR_CIPHER_ALGO;
 	goto leave;
-    blocksize = cipher_get_blocksize(dek->algo);
-    if( !blocksize || blocksize > 16 )
+    }
+    if( opt.verbose )
+	log_info(_("%s encrypted data\n"), gcry_cipher_algo_name( dek->algo ) );
+
+    blocksize = gcry_cipher_get_blklen( dek->algo );
+    if( blocksize < 1 || blocksize > 16 )
 	log_fatal("unsupported blocksize %u\n", blocksize );
     nprefix = blocksize;
     if( ed->len && ed->len < (nprefix+2) )
 	BUG();
-
+-->   We are currently working HERE!!!!
     if( ed->mdc_method )
 	dfx.mdc_hash = md_open( ed->mdc_method, 0 );
     dfx.cipher_hd = cipher_open( dek->algo, CIPHER_MODE_AUTO_CFB, 1 );

g10/filter.h

@@ -20,12 +20,13 @@
 #ifndef G10_FILTER_H
 #define G10_FILTER_H
 
+#include <gcrypt.h>
+
 #include "types.h"
-#include "cipher.h"
 
 typedef struct {
-    MD_HANDLE md;      /* catch all */
-    MD_HANDLE md2;     /* if we want to calculate an alternate hash */
+    GCRY_MD_HD md;	/* catch all */
+    GCRY_MD_HD md2;	/* if we want to calculate an alternate hash */
     size_t maxbuf_size;
 } md_filter_context_t;
 
@@ -76,9 +77,9 @@ typedef struct {
 typedef struct {
     DEK *dek;
     u32 datalen;
-    CIPHER_HANDLE cipher_hd;
+    GCRY_CIPHER_HD cipher_hd;
     int header;
-    MD_HANDLE mdc_hash;
+    GCRY_MD_HD mdc_hash;
 } cipher_filter_context_t;
 
 
@@ -91,7 +92,7 @@ typedef struct {
     int truncated;	    /* number of truncated lines */
     int not_dash_escaped;
     int escape_from;
-    MD_HANDLE md;
+    GCRY_MD_HD md;
     int pending_lf;
     int pending_esc;
 } text_filter_context_t;
@@ -119,7 +120,7 @@ int cipher_filter( void *opaque, int control,
 /*-- textfilter.c --*/
 int text_filter( void *opaque, int control,
 		 IOBUF chain, byte *buf, size_t *ret_len);
-int copy_clearsig_text( IOBUF out, IOBUF inp, MD_HANDLE md,
+int copy_clearsig_text( IOBUF out, IOBUF inp, GCRY_MD_HD md,
 			  int escape_dash, int escape_from, int pgp2mode );
 
 

g10/misc.c

@@ -253,3 +253,15 @@ print_digest_algo_note( int algo )
 
 
 
+/****************
+ * Map errors retuned by libgcrypt to those used by GnuPG.
+ */
+int
+map_gcry_rc( int rc )
+{
+    switch( rc )  {
+      case 0: return 0;
+      default: return G10ERR_GENERAL;
+    }
+}
+