security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

See ChangeLog: Fri Nov 19 17:15:20 CET 1999 Werner Koch

This commit is contained in:
Werner Koch 1999-11-19 16:11:37 +00:00
parent 37f3c09edb
commit 2694bceb45
35 changed files with 422 additions and 289 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
cipher/ChangeLog
View File

@ -1,3 +1,24 @@
Fri Nov 19 17:15:20 CET 1999 Werner Koch <wk@gnupg.de>
* dynload.c (cmp_filenames): New to replaced compare_filename() in
module.
(register_cipher_extension): Removed the tilde expansion stuff.
* rndeg.c (my_make_filename): New.
* : Replaced header util.h by g10lib.h
* random.c (gather_faked): Replaced make_timestamp by time(2).
Disabled wrning printed with tty_printf.
* rndlinux.c (gather_random): Always use fprintf instead of tty_xxx;
this should be replaced by a callback function.
* primegen.c (gen_prime): Use gcry_mpi_randomize.
(is_prime): Ditto.
* elgamal.c (test_keys): Ditto.
* dsa.c (test_keys): Ditto.
* cipher.c (gcry_cipher_close): Die on invalid handle.
Mon Nov 15 21:36:02 CET 1999 Werner Koch <wk@gnupg.de>
* elgamal.c (gen_k): Use the new random API.

8
cipher/cipher.c
View File

@ -26,7 +26,6 @@
#include <assert.h>
#include "g10lib.h"
#include "util.h"
#include "cipher.h"
#include "des.h"
#include "blowfish.h"
@ -418,10 +417,9 @@ gcry_cipher_close( GCRY_CIPHER_HD h )
{
if( !h )
return;
if( h->magic != CTX_MAGIC_SECURE && h->magic != CTX_MAGIC_NORMAL ) {
fatal_invalid_arg("gcry_cipher_close: already closed/invalid handle");
return;
}
if( h->magic != CTX_MAGIC_SECURE && h->magic != CTX_MAGIC_NORMAL )
g10_fatal_error(GCRYERR_INTERNAL,
"gcry_cipher_close: already closed/invalid handle");
h->magic = 0;
g10_free(h);
}

6
cipher/dsa.c
View File

@ -24,7 +24,6 @@
#include <string.h>
#include <assert.h>
#include "g10lib.h"
#include "util.h"
#include "mpi.h"
#include "cipher.h"
#include "dsa.h"
@ -130,10 +129,7 @@ test_keys( DSA_secret_key *sk, unsigned qbits )
pk.q = sk->q;
pk.g = sk->g;
pk.y = sk->y;
{ char *p = gcry_random_bytes( (qbits+7)/8, GCRY_WEAK_RANDOM );
mpi_set_buffer( test, p, (qbits+7)/8, 0 );
g10_free(p);
}
gcry_mpi_randomize( test, qbits, GCRY_WEAK_RANDOM );
sign( out1_a, out1_b, test, sk );
if( !verify( out1_a, out1_b, test, &pk ) )

35
cipher/dynload.c
View File

@ -32,7 +32,6 @@
#include <errno.h>
#endif
#include "g10lib.h"
#include "util.h"
#include "cipher.h"
#include "dynload.h"
@ -102,6 +101,20 @@ static int dld_available;
#endif
static int
cmp_filenames( const char *a, const char *b )
{
/* ? check whether this is an absolute filename and
* resolve symlinks?
*/
#ifdef HAVE_DRIVE_LETTERS
return stricmp(a,b);
#else
return strcmp(a,b);
#endif
}
/****************
* Register an extension module. The last registered module will
* be loaded first. A name may have a list of classes
@ -125,21 +138,9 @@ register_cipher_extension( const char *mainpgm, const char *fname )
if( !mainpgm_path && mainpgm && *mainpgm )
mainpgm_path = m_strdup(mainpgm);
#endif
if( *fname != '/' ) { /* do tilde expansion etc */
char *tmp;
el = g10_xcalloc( 1, sizeof *el + strlen(fname) );
strcpy(el->name, fname );
if( strchr(fname, '/') )
tmp = make_filename(fname, NULL);
else
tmp = make_filename(GNUPG_LIBDIR, fname, NULL);
el = g10_xcalloc( 1, sizeof *el + strlen(tmp) );
strcpy(el->name, tmp );
g10_free(tmp);
}
else {
el = g10_xcalloc( 1, sizeof *el + strlen(fname) );
strcpy(el->name, fname );
}
/* check whether we have a class hint */
if( (p=strchr(el->name,'(')) && (pe=strchr(p+1,')')) && !pe[1] ) {
*p = *pe = 0;
@ -151,7 +152,7 @@ register_cipher_extension( const char *mainpgm, const char *fname )
/* check that it is not already registered */
intex = NULL;
for(r = extensions; r; r = r->next ) {
if( !compare_filenames(r->name, el->name) ) {
if( !cmp_filenames(r->name, el->name) ) {
log_info("extension `%s' already registered\n", el->name );
g10_free(el);
return;
@ -187,7 +188,7 @@ register_internal_cipher_extension(
/* check that it is not already registered */
for(r = extensions; r; r = r->next ) {
if( !compare_filenames(r->name, el->name) ) {
if( !cmp_filenames(r->name, el->name) ) {
log_info("extension `%s' already registered\n", el->name );
g10_free(el);
return;

8
cipher/elgamal.c
View File

@ -27,7 +27,6 @@
#include <stdlib.h>
#include <string.h>
#include "g10lib.h"
#include "util.h"
#include "mpi.h"
#include "cipher.h"
#include "elgamal.h"
@ -77,12 +76,7 @@ test_keys( ELG_secret_key *sk, unsigned nbits )
pk.g = sk->g;
pk.y = sk->y;
/*mpi_set_bytes( test, nbits, get_random_byte, 0 );*/
{ char *p = gcry_random_bytes( (nbits+7)/8, GCRY_WEAK_RANDOM );
mpi_set_buffer( test, p, (nbits+7)/8, 0 );
g10_free(p);
}
gcry_mpi_randomize( test, nbits, GCRY_WEAK_RANDOM );
encrypt( out1_a, out1_b, test, &pk );
decrypt( out2, out1_a, out1_b, sk );

1
cipher/md.c
View File

@ -26,7 +26,6 @@
#include <assert.h>
#include "g10lib.h"
#include "util.h"
#include "cipher.h"
#include "dynload.h"
#include "rmd.h"

2
cipher/md5.c
View File

@ -33,7 +33,7 @@
#include <stdlib.h>
#include <string.h>
#include <assert.h>
#include "util.h"
#include "g10lib.h"
#include "memory.h"
#include "dynload.h"

13
cipher/primegen.c
View File

@ -29,7 +29,6 @@
#include <string.h>
#include <assert.h>
#include "g10lib.h"
#include "util.h"
#include "mpi.h"
#include "cipher.h"
@ -307,10 +306,7 @@ gen_prime( unsigned nbits, int secret, int randomlevel )
int dotcount=0;
/* generate a random number */
{ char *p = get_random_bits( nbits, randomlevel, secret );
mpi_set_buffer( prime, p, (nbits+7)/8, 0 );
g10_free(p);
}
gcry_mpi_randomize( prime, nbits, randomlevel );
/* set high order bit to 1, set low order bit to 1 */
mpi_set_highbit( prime, nbits-1 );
@ -434,11 +430,8 @@ is_prime( MPI n, int steps, int *count )
mpi_set_ui( x, 2 );
}
else {
/*mpi_set_bytes( x, nbits-1, get_random_byte, 0 );*/
{ char *p = get_random_bits( nbits, 0, 0 );
mpi_set_buffer( x, p, (nbits+7)/8, 0 );
g10_free(p);
}
gcry_mpi_randomize( x, nbits, GCRY_WEAK_RANDOM );
/* make sure that the number is smaller than the prime
* and keep the randomness of the high bit */
if( mpi_test_bit( x, nbits-2 ) ) {

1
cipher/pubkey.c
View File

@ -26,7 +26,6 @@
#include <assert.h>
#include "g10lib.h"
#include "util.h"
#include "mpi.h"
#include "cipher.h"
#include "elgamal.h"

11
cipher/random.c
View File

@ -46,7 +46,6 @@
#include <sys/resource.h>
#endif
#include "g10lib.h"
#include "util.h"
#include "rmd.h"
#include "ttyio.h"
#include "random.h"
@ -463,14 +462,20 @@ gather_faked( void (*add)(const void*, size_t, int), int requester,
if( !initialized ) {
log_info(_("WARNING: using insecure random number generator!!\n"));
/* we can't use tty_printf here - do we need this function at
all - does it really make sense or canit be viewed as a potential
security problem ? wk 17.11.99 */
#warning Extended warning disabled
#if 0
tty_printf(_("The random number generator is only a kludge to let\n"
"it run - it is in no way a strong RNG!\n\n"
"DON'T USE ANY DATA GENERATED BY THIS PROGRAM!!\n\n"));
#endif
initialized=1;
#ifdef HAVE_RAND
srand(make_timestamp()*getpid());
srand( time(NULL) * getpid());
#else
srandom(make_timestamp()*getpid());
srandom( time(NULL) * getpid());
#endif
}

2
cipher/rmd160.c
View File

@ -23,7 +23,7 @@
#include <stdlib.h>
#include <string.h>
#include <assert.h>
#include "util.h"
#include "g10lib.h"
#include "memory.h"
#include "rmd.h"
#include "cipher.h" /* only used for the rmd160_hash_buffer() prototype */

41
cipher/rndegd.c
View File

@ -32,7 +32,6 @@
#include <sys/un.h>
#include "types.h"
#include "g10lib.h"
#include "util.h"
#include "ttyio.h"
#include "dynload.h"
#include "cipher.h"
@ -41,6 +40,44 @@
#define offsetof(type, member) ((size_t) &((type *)0)->member)
#endif
/* FIXME: this is duplicated code from util/fileutil
* I don't think that this code should go into libgcrypt anyway.
*/
char *
my_make_filename( const char *first_part, ... )
{
va_list arg_ptr ;
size_t n;
const char *s;
char *name, *home, *p;
va_start( arg_ptr, first_part ) ;
n = strlen(first_part)+1;
while( (s=va_arg(arg_ptr, const char *)) )
n += strlen(s) + 1;
va_end(arg_ptr);
home = NULL;
if( *first_part == '~' && first_part[1] == '/'
&& (home = getenv("HOME")) && *home )
n += strlen(home);
name = m_alloc(n);
p = home ? stpcpy(stpcpy(name,home), first_part+1)
: stpcpy(name, first_part);
va_start( arg_ptr, first_part ) ;
while( (s=va_arg(arg_ptr, const char *)) )
p = stpcpy(stpcpy(p,"/"), s);
va_end(arg_ptr);
return name;
}
static int
do_write( int fd, void *buf, size_t nbytes )
{
@ -104,7 +141,7 @@ gather_random( void (*add)(const void*, size_t, int), int requester,
}
}
if( fd == -1 ) {
char *name = make_filename( g10_opt_homedir, "entropy", NULL );
char *name = my_make_filename( g10_opt_homedir, "entropy", NULL );
struct sockaddr_un addr;
int addr_len;

15
cipher/rndlinux.c
View File

@ -41,8 +41,7 @@
#endif
#endif
#include "types.h"
#include "g10lib.h" /* need this for i18n */
#include "util.h"
#include "g10lib.h"
#include "ttyio.h"
#include "dynload.h"
@ -121,12 +120,9 @@ gather_random( void (*add)(const void*, size_t, int), int requester,
tv.tv_sec = 3;
tv.tv_usec = 0;
if( !(rc=select(fd+1, &rfds, NULL, NULL, &tv)) ) {
#warning FIXME: Replace fprintf by a callback
if( !warn )
#ifdef IS_MODULE
fprintf(stderr,
#else
tty_printf(
#endif
_("\n"
"Not enough random bytes available. Please do some other work to give\n"
"the OS a chance to collect more entropy! (Need %d more bytes)\n"), length );
@ -134,12 +130,7 @@ _("\n"
continue;
}
else if( rc == -1 ) {
#ifdef IS_MODULE
fprintf(stderr,
#else
tty_printf(
#endif
"select() error: %s\n", strerror(errno));
fprintf(stderr, "select() error: %s\n", strerror(errno));
continue;
}

2
cipher/rndunix.c
View File

@ -97,7 +97,7 @@
#ifndef IS_MODULE
#include "dynload.h"
#endif
#include "util.h"
#include "g10lib.h"
#ifndef EAGAIN
#define EAGAIN EWOULDBLOCK

1
cipher/rndw32.c
View File

@ -29,7 +29,6 @@
#include "types.h"
#include "g10lib.h"
#include "util.h"
#include "dynload.h"

2
cipher/sha1.c
View File

@ -36,7 +36,7 @@
#include <stdlib.h>
#include <string.h>
#include <assert.h>
#include "util.h"
#include "g10lib.h"
#include "memory.h"
#include "dynload.h"
#include "bithelp.h"

1
cipher/smallprime.c
View File

@ -21,7 +21,6 @@
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include "util.h"
#include "types.h"
/* Note: 2 is not included because it can be tested more easily

2
cipher/tiger.c
View File

@ -23,7 +23,7 @@
#include <stdlib.h>
#include <string.h>
#include <assert.h>
#include "util.h"
#include "g10lib.h"
#include "memory.h"

1
cipher/twofish.c
View File

@ -28,7 +28,6 @@
#include "types.h" /* for byte and u32 typedefs */
#include "g10lib.h"
#include "util.h"
#include "dynload.h"

4
configure.in
View File

@ -172,8 +172,8 @@ dnl
dnl Build shared libraries only when compilation of libgcrypt
dnl has been requested
dnl
AM_DISABLE_SHARED
enable_shared="$compile_libgcrypt"
dnl AM_DISABLE_STATIC
dnl enable_shared="$compile_libgcrypt"
AM_PROG_LIBTOOL

13
g10/ChangeLog
View File

@ -1,3 +1,16 @@
Fri Nov 19 17:15:20 CET 1999 Werner Koch <wk@gnupg.de>
* g10.c (register_extension): New...
(main): Use it here instead of register_cipher_extesnion.
(strusage): s/strusage/my_strusage/ . Made static.
(main): Use set_strusage().
* tdbdump.c (HEXTOBIN): Changed the name of the argument, so that
traditional cpp don't mess up the macros. Suggested by Jos Backus.
* armor.c (parse_header_line): Stop parsing on a only WS line too.
Suggested by Aric Cyr.
Mon Nov 15 21:36:02 CET 1999 Werner Koch <wk@gnupg.de>
* misc.c (pull_in_libs): Removed.

6
g10/armor.c
View File

@ -311,9 +311,15 @@ parse_header_line( armor_filter_context_t *afx, byte *line, unsigned len )
byte *p;
int hashes=0;
/* fixme: why this double check? I think the original code w/o the
* second check for an empty line was done from an early draft of
* of OpenPGP - or simply very stupid code */
if( *line == '\n' || ( len && (*line == '\r' && line[1]=='\n') ) )
return 0; /* empty line */
len = trim_trailing_ws( line, len );
if( !len )
return 0; /* WS only same as empty line */
p = strchr( line, ':');
if( !p || !p[1] ) {
log_error(_("invalid armor header: "));

29
g10/g10.c
View File

@ -367,8 +367,8 @@ our_pk_test_algo( int algo )
}
const char *
strusage( int level )
static const char *
my_strusage( int level )
{
static char *digests, *pubkeys, *ciphers;
const char *p;
@ -410,7 +410,7 @@ strusage( int level )
p = digests;
break;
default: p = default_strusage(level);
default: p = NULL;
}
return p;
}
@ -486,6 +486,25 @@ make_username( const char *string )
}
static void
register_extension( const char *mainpgm, const char *fname )
{
if( *fname != '/' ) { /* do tilde expansion etc */
char *tmp;
if( strchr(fname, '/') )
tmp = make_filename(fname, NULL);
else
tmp = make_filename(GNUPG_LIBDIR, fname, NULL);
register_cipher_extension( mainpgm, tmp );
m_free(tmp);
}
else
register_cipher_extension( mainpgm, fname );
}
static void
set_debug(void)
{
@ -564,6 +583,7 @@ main( int argc, char **argv )
#endif
trap_unaligned();
set_strusage( my_strusage );
secmem_set_flags( secmem_get_flags() | 2 ); /* suspend warnings */
/* Please note that we may running SUID(ROOT), so be very CAREFUL
* when adding any stuff between here and the call to
@ -782,8 +802,7 @@ main( int argc, char **argv )
case aListSecretKeys: set_cmd( &cmd, aListSecretKeys); break;
case oAlwaysTrust: opt.always_trust = 1; break;
case oLoadExtension:
register_cipher_extension(orig_argc? *orig_argv:NULL,
pargs.r.ret_str);
register_extension(orig_argc? *orig_argv:NULL, pargs.r.ret_str);
break;
case oRFC1991:
opt.rfc1991 = 1;

4
g10/tdbdump.c
View File

@ -43,8 +43,8 @@
#include "tdbio.h"
#define HEXTOBIN(a) ( (a) >= '0' && (a) <= '9' ? ((a)-'0') : \
(a) >= 'A' && (a) <= 'F' ? ((a)-'A'+10) : ((a)-'a'+10))
#define HEXTOBIN(x) ( (x) >= '0' && (x) <= '9' ? ((x)-'0') : \
(x) >= 'A' && (x) <= 'F' ? ((x)-'A'+10) : ((x)-'a'+10))
/****************
* Read a record but die if it does not exist

94
include/g10lib.h
View File

@ -28,8 +28,13 @@
#ifdef _GCRYPT_H
#error gcrypt.h already included
#endif
/* because libgcrypt is distributed along with GnuPG, we need some way
* to do a sanity check. If this macro is defined, we are inside of
* libgcrypt */
#define _GCRYPT_IN_LIBGCRYPT 1
#include <gcrypt.h>
#include "types.h"
#ifdef G10_I18N_H
#error i18n should not be included here
@ -54,20 +59,45 @@ void *g10_xcalloc_secure( size_t n, size_t m );
void *g10_xrealloc( void *a, size_t n );
char *g10_xstrdup( const char * a);
void g10_free( void *p );
int g10_is_secure( const void *a );
void g10_check_heap( const void *a );
/*-- gcrypt/misc.c --*/
#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 5 )
#define G10_GCC_A_NR __attribute__ ((noreturn))
#define G10_GCC_A_PRINTF( f, a ) \
__attribute__ ((format (printf,f,a)))
#define G10_GCC_A_NR_PRINTF( f, a ) \
__attribute__ ((noreturn, format (printf,f,a)))
void g10_bug( const char *file, int line, const char *func ) G10_GCC_A_NR;
#else
#define G10_GCC_A_NR
#define G10_GCC_A_PRINTF( f, a )
#define G10_GCC_A_NR_PRINTF( f, a )
void g10_bug( const char *file, int line );
#endif
const char *g10_gettext( const char *key );
void g10_fatal_error(int rc, const char *text );
void g10_fatal_error(int rc, const char *text ) G10_GCC_A_NR;
void g10_log( int level, const char *fmt, ... ) G10_GCC_A_PRINTF(2,3);
void g10_log_bug( const char *fmt, ... ) G10_GCC_A_NR_PRINTF(1,2);
void g10_log_fatal( const char *fmt, ... ) G10_GCC_A_NR_PRINTF(1,2);
void g10_log_error( const char *fmt, ... ) G10_GCC_A_PRINTF(1,2);
void g10_log_info( const char *fmt, ... ) G10_GCC_A_PRINTF(1,2);
void g10_log_debug( const char *fmt, ... ) G10_GCC_A_PRINTF(1,2);
/*-- util/memory.c --*/
/*-- util/{secmem,memory}.c --*/
void *g10_private_malloc( size_t n );
void *g10_private_malloc_secure( size_t n );
int g10_private_is_secure( const void *p );
void g10_private_check_heap( const void *p );
void *g10_private_realloc( void *a, size_t n );
void g10_private_free( void *p );
#define g10_private_malloc(n) m_alloc((n))
#define g10_private_malloc_secure(n) m_alloc_secure((n))
#define g10_private_is_secure(n) m_is_secure((n))
#define g10_private_realloc(a,n) m_realloc((a),(n))
#define g10_private_free(p) m_free((p))
/*-- cipher/pubkey.c --*/
@ -96,4 +126,54 @@ MPI generate_elg_prime( int mode, unsigned pbits, unsigned qbits,
/* logging macros */
#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 5 )
#define BUG() g10_bug( __FILE__ , __LINE__, __FUNCTION__ )
#else
#define BUG() g10_bug( __FILE__ , __LINE__ )
#endif
#define log_hexdump g10_log_hexdump
#define log_bug g10_log_bug
#define log_fatal g10_log_fatal
#define log_error g10_log_error
#define log_info g10_log_info
#define log_debug g10_log_debug
/* replacements of missing functions */
#ifndef HAVE_MEMICMP
int memicmp( const char *a, const char *b, size_t n );
#endif
#ifndef HAVE_STPCPY
char *stpcpy(char *a,const char *b);
#endif
#ifndef HAVE_STRLWR
char *strlwr(char *a);
#endif
#ifndef HAVE_STRTOUL
#define strtoul(a,b,c) ((unsigned long)strtol((a),(b),(c)))
#endif
#ifndef HAVE_MEMMOVE
#define memmove(d, s, n) bcopy((s), (d), (n))
#endif
#ifndef HAVE_STRICMP
#define stricmp(a,b) strcasecmp( (a), (b) )
#endif
#ifndef HAVE_ATEXIT
#define atexit(a) (on_exit((a),0))
#endif
#ifndef HAVE_RAISE
#define raise(a) kill(getpid(), (a))
#endif
/* some handy macros */
#ifndef STR
#define STR(v) #v
#endif
#define STR2(v) STR(v)
#define DIM(v) (sizeof(v)/sizeof((v)[0]))
#define DIMof(type,member) DIM(((type *)0)->member)
#endif /* G10LIB_H */

1
include/memory.h
View File

@ -67,7 +67,6 @@ void secmem_term( void );
void *secmem_malloc( size_t size );
void *secmem_realloc( void *a, size_t newsize );
void secmem_free( void *a );
int m_is_secure( const void *p );
void secmem_dump_stats(void);
void secmem_set_flags( unsigned flags );
unsigned secmem_get_flags(void);

11
include/util.h
View File

@ -1,5 +1,5 @@
/* util.h
* Copyright (C) 1998 Free Software Foundation, Inc.
* Copyright (C) 1998,1999 Free Software Foundation, Inc.
*
* This file is part of GNUPG.
*
@ -20,6 +20,10 @@
#ifndef G10_UTIL_H
#define G10_UTIL_H
#ifdef _GCRYPT_IN_LIBGCRYPT
#error This header should not be used internally by libgcrypt
#endif
#include "types.h"
#include "errors.h"
#include "types.h"
@ -120,11 +124,8 @@ int arg_parse( ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts);
int optfile_parse( FILE *fp, const char *filename, unsigned *lineno,
ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts);
void usage( int level );
const char *default_strusage( int level );
/*-- (main program) --*/
const char *strusage( int level );
void set_strusage( const char *(*f)( int ) );
/*-- dotlock.c --*/

20
mpi/ChangeLog
View File

@ -1,3 +1,23 @@
Fri Nov 19 17:15:20 CET 1999 Werner Koch <wk@gnupg.de>
* mpicoder.c (g10_log_mpidump): Add a temporary workaround
* mpih-mul.c (mpihelp_mul_n): s/m_is_ecure/g10_is_secure/
* mpiutil.c (mpi_alloc): Remved the debug mode because it has turned
out, that this feature was not very useful in the past. Use the
new alloc functions.
(mpi_alloc_secure): Ditto.
(mpi_alloc_limb_space): Ditto.
(mpi_free_limb_space): Ditto.
(mpi_resize): Ditto.
(mpi_free): Ditto.
(mpi_set_secure): Removed the debug stuff.
(mpi_set_opaque): Ditto.
(mpi_copy): Ditto.
(mpi_alloc_set_ui): Ditto.
(mpi_m_check): Use g10_ wrapper.
Mon Aug 30 20:38:33 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>

14
mpi/mpicoder.c
View File

@ -42,6 +42,9 @@
int
mpi_write( IOBUF out, MPI a )
{
return -1;
#warning Function is disabled
#if 0
int rc;
unsigned nbits = mpi_get_nbits(a);
byte *p, *buf;
@ -57,6 +60,7 @@ mpi_write( IOBUF out, MPI a )
rc = iobuf_write( out, p, n );
m_free(buf);
return rc;
#endif
}
@ -73,6 +77,9 @@ mpi_debug_read(IOBUF inp, unsigned *ret_nread, int secure, const char *info)
mpi_read(IOBUF inp, unsigned *ret_nread, int secure)
#endif
{
return NULL;
#warning Function is disabled
#if 0
int c, i, j;
unsigned nbits, nbytes, nlimbs, nread=0;
mpi_limb_t a;
@ -120,6 +127,7 @@ mpi_read(IOBUF inp, unsigned *ret_nread, int secure)
else
*ret_nread = nread;
return val;
#endif
}
@ -246,6 +254,7 @@ mpi_fromstr(MPI val, const char *str)
/****************
* print an MPI to the given stream and return the number of characters
* printed.
* FIXME: Replace this by the more generic gcry_mpi_print()
*/
int
mpi_print( FILE *fp, MPI a, int mode )
@ -289,9 +298,10 @@ mpi_print( FILE *fp, MPI a, int mode )
void
g10_log_mpidump( const char *text, MPI a )
{
FILE *fp = log_stream();
FILE *fp = stderr; /* used to be log_stream() */
g10_log_print_prefix(text);
/* FIXME: Replace this function by a g10_log_xxx one */
fprintf(fp,"%s: ",text);
mpi_print(fp, a, 1 );
fputc('\n', fp);
}

11
mpi/mpih-mul.c
View File

@ -31,6 +31,7 @@
#include <stdlib.h>
#include "mpi-internal.h"
#include "longlong.h"
#include "g10lib.h" /* for g10_is_secure() */
@ -352,7 +353,7 @@ mpihelp_mul_n( mpi_ptr_t prodp, mpi_ptr_t up, mpi_ptr_t vp, mpi_size_t size)
mpih_sqr_n_basecase( prodp, up, size );
else {
mpi_ptr_t tspace;
secure = m_is_secure( up );
secure = g10_is_secure( up );
tspace = mpi_alloc_limb_space( 2 * size, secure );
mpih_sqr_n( prodp, up, size, tspace );
mpi_free_limb_space( tspace );
@ -363,7 +364,7 @@ mpihelp_mul_n( mpi_ptr_t prodp, mpi_ptr_t up, mpi_ptr_t vp, mpi_size_t size)
mul_n_basecase( prodp, up, vp, size );
else {
mpi_ptr_t tspace;
secure = m_is_secure( up ) || m_is_secure( vp );
secure = g10_is_secure( up ) || g10_is_secure( vp );
tspace = mpi_alloc_limb_space( 2 * size, secure );
mul_n (prodp, up, vp, size, tspace);
mpi_free_limb_space( tspace );
@ -438,15 +439,15 @@ mpihelp_mul( mpi_ptr_t prodp, mpi_ptr_t up, mpi_size_t usize,
}
tspace = mpi_alloc_limb_space( 2 * vsize,
m_is_secure( up ) || m_is_secure( vp ) );
g10_is_secure( up ) || g10_is_secure( vp ) );
MPN_MUL_N_RECURSE( prodp, up, vp, vsize, tspace );
prodp += vsize;
up += vsize;
usize -= vsize;
if( usize >= vsize ) {
mpi_ptr_t tp = mpi_alloc_limb_space( 2 * vsize, m_is_secure( up )
|| m_is_secure( vp ) );
mpi_ptr_t tp = mpi_alloc_limb_space( 2 * vsize, g10_is_secure( up )
|| g10_is_secure( vp ) );
do {
MPN_MUL_N_RECURSE( tp, up, vp, vsize, tspace );
cy = mpihelp_add_n( prodp, prodp, tp, vsize );

173
mpi/mpiutil.c
View File

@ -27,14 +27,7 @@
#include "mpi.h"
#include "mpi-internal.h"
#include "memory.h"
#include "util.h"
#ifdef M_DEBUG
#undef mpi_alloc
#undef mpi_alloc_secure
#undef mpi_free
#endif
#include "g10lib.h"
/****************
* Note: It was a bad idea to use the number of limbs to allocate
@ -44,23 +37,14 @@
* But mpi_alloc is used in a lot of places :-)
*/
MPI
#ifdef M_DEBUG
mpi_debug_alloc( unsigned nlimbs, const char *info )
#else
mpi_alloc( unsigned nlimbs )
#endif
{
MPI a;
if( DBG_MEMORY )
log_debug("mpi_alloc(%u)\n", nlimbs*BITS_PER_MPI_LIMB );
#ifdef M_DEBUG
a = m_debug_alloc( sizeof *a, info );
a->d = nlimbs? mpi_debug_alloc_limb_space( nlimbs, 0, info ) : NULL;
#else
a = m_alloc( sizeof *a );
a = g10_xmalloc( sizeof *a );
a->d = nlimbs? mpi_alloc_limb_space( nlimbs, 0 ) : NULL;
#endif
a->alloced = nlimbs;
a->nlimbs = 0;
a->sign = 0;
@ -72,28 +56,19 @@ mpi_alloc( unsigned nlimbs )
void
mpi_m_check( MPI a )
{
m_check(a);
m_check(a->d);
g10_check_heap(a);
g10_check_heap(a->d);
}
MPI
#ifdef M_DEBUG
mpi_debug_alloc_secure( unsigned nlimbs, const char *info )
#else
mpi_alloc_secure( unsigned nlimbs )
#endif
{
MPI a;
if( DBG_MEMORY )
log_debug("mpi_alloc_secure(%u)\n", nlimbs*BITS_PER_MPI_LIMB );
#ifdef M_DEBUG
a = m_debug_alloc( sizeof *a, info );
a->d = nlimbs? mpi_debug_alloc_limb_space( nlimbs, 1, info ) : NULL;
#else
a = m_alloc( sizeof *a );
a = g10_xmalloc( sizeof *a );
a->d = nlimbs? mpi_alloc_limb_space( nlimbs, 1 ) : NULL;
#endif
a->alloced = nlimbs;
a->flags = 1;
a->nlimbs = 0;
@ -103,90 +78,30 @@ mpi_alloc_secure( unsigned nlimbs )
}
#if 0
static void *unused_limbs_5;
static void *unused_limbs_32;
static void *unused_limbs_64;
#endif
mpi_ptr_t
#ifdef M_DEBUG
mpi_debug_alloc_limb_space( unsigned nlimbs, int secure, const char *info )
#else
mpi_alloc_limb_space( unsigned nlimbs, int secure )
#endif
{
size_t len = nlimbs * sizeof(mpi_limb_t);
mpi_ptr_t p;
if( DBG_MEMORY )
log_debug("mpi_alloc_limb_space(%u)\n", (unsigned)len*8 );
#if 0
if( !secure ) {
if( nlimbs == 5 && unused_limbs_5 ) { /* DSA 160 bits */
p = unused_limbs_5;
unused_limbs_5 = *p;
return p;
}
else if( nlimbs == 32 && unused_limbs_32 ) { /* DSA 1024 bits */
p = unused_limbs_32;
unused_limbs_32 = *p;
return p;
}
else if( nlimbs == 64 && unused_limbs_64 ) { /* DSA 2*1024 bits */
p = unused_limbs_64;
unused_limbs_64 = *p;
return p;
}
}
#endif
#ifdef M_DEBUG
p = secure? m_debug_alloc_secure(len, info):m_debug_alloc( len, info );
#else
p = secure? m_alloc_secure( len ):m_alloc( len );
#endif
p = secure? g10_xmalloc_secure( len ) : g10_xmalloc( len );
return p;
}
void
#ifdef M_DEBUG
mpi_debug_free_limb_space( mpi_ptr_t a, const char *info )
#else
mpi_free_limb_space( mpi_ptr_t a )
#endif
{
if( !a )
return;
if( DBG_MEMORY )
log_debug("mpi_free_limb_space of size %lu\n", (ulong)m_size(a)*8 );
log_debug("mpi_free_limb_space\n" );
#if 0
if( !m_is_secure(a) ) {
size_t nlimbs = m_size(a) / 4 ;
void *p = a;
if( nlimbs == 5 ) { /* DSA 160 bits */
*a = unused_limbs_5;
unused_limbs_5 = a;
return;
}
else if( nlimbs == 32 ) { /* DSA 1024 bits */
*a = unused_limbs_32;
unused_limbs_32 = a;
return;
}
else if( nlimbs == 64 ) { /* DSA 2*1024 bits */
*a = unused_limbs_64;
unused_limbs_64 = a;
return;
}
}
#endif
m_free(a);
g10_free(a);
}
@ -202,33 +117,22 @@ mpi_assign_limb_space( MPI a, mpi_ptr_t ap, unsigned nlimbs )
/****************
* Resize the array of A to NLIMBS. the additional space is cleared
* (set to 0) [done by m_realloc()]
* (set to 0) [done by g10_realloc()]
*/
void
#ifdef M_DEBUG
mpi_debug_resize( MPI a, unsigned nlimbs, const char *info )
#else
mpi_resize( MPI a, unsigned nlimbs )
#endif
{
if( nlimbs <= a->alloced )
return; /* no need to do it */
/* Note: a->secure is not used - instead the realloc functions
* take care of it. Maybe we should drop a->secure completely
* and rely on a mpi_is_secure function, which would be
* a wrapper around m_is_secure
* a wrapper around g10_is_secure
*/
#ifdef M_DEBUG
if( a->d )
a->d = m_debug_realloc(a->d, nlimbs * sizeof(mpi_limb_t), info );
else
a->d = m_debug_alloc_clear( nlimbs * sizeof(mpi_limb_t), info );
#else
if( a->d )
a->d = m_realloc(a->d, nlimbs * sizeof(mpi_limb_t) );
else
a->d = m_alloc_clear( nlimbs * sizeof(mpi_limb_t) );
#endif
a->d = g10_xrealloc(a->d, nlimbs * sizeof(mpi_limb_t) );
else /* FIXME: It may not be allocted in secure memory */
a->d = g10_xcalloc( nlimbs , sizeof(mpi_limb_t) );
a->alloced = nlimbs;
}
@ -242,28 +146,20 @@ mpi_clear( MPI a )
void
#ifdef M_DEBUG
mpi_debug_free( MPI a, const char *info )
#else
mpi_free( MPI a )
#endif
{
if( !a )
return;
if( DBG_MEMORY )
log_debug("mpi_free\n" );
if( a->flags & 4 )
m_free( a->d );
g10_free( a->d );
else {
#ifdef M_DEBUG
mpi_debug_free_limb_space(a->d, info);
#else
mpi_free_limb_space(a->d);
#endif
}
if( a->flags & ~7 )
log_bug("invalid flag value in mpi\n");
m_free(a);
g10_free(a);
}
@ -280,18 +176,10 @@ mpi_set_secure( MPI a )
assert(!ap);
return;
}
#ifdef M_DEBUG
bp = mpi_debug_alloc_limb_space( a->nlimbs, 1, "set_secure" );
#else
bp = mpi_alloc_limb_space( a->nlimbs, 1 );
#endif
MPN_COPY( bp, ap, a->nlimbs );
a->d = bp;
#ifdef M_DEBUG
mpi_debug_free_limb_space(ap, "set_secure");
#else
mpi_free_limb_space(ap);
#endif
}
@ -299,21 +187,13 @@ MPI
mpi_set_opaque( MPI a, void *p, int len )
{
if( !a ) {
#ifdef M_DEBUG
a = mpi_debug_alloc(0,"alloc_opaque");
#else
a = mpi_alloc(0);
#endif
}
if( a->flags & 4 )
m_free( a->d );
g10_free( a->d );
else {
#ifdef M_DEBUG
mpi_debug_free_limb_space(a->d, "alloc_opaque");
#else
mpi_free_limb_space(a->d);
#endif
}
a->d = p;
@ -341,29 +221,20 @@ mpi_get_opaque( MPI a, int *len )
* but copy it transparently.
*/
MPI
#ifdef M_DEBUG
mpi_debug_copy( MPI a, const char *info )
#else
mpi_copy( MPI a )
#endif
{
int i;
MPI b;
if( a && (a->flags & 4) ) {
void *p = m_is_secure(a->d)? m_alloc_secure( a->nbits )
: m_alloc( a->nbits );
void *p = g10_is_secure(a->d)? g10_xmalloc_secure( a->nbits )
: g10_xmalloc( a->nbits );
memcpy( p, a->d, a->nbits );
b = mpi_set_opaque( NULL, p, a->nbits );
}
else if( a ) {
#ifdef M_DEBUG
b = mpi_is_secure(a)? mpi_debug_alloc_secure( a->nlimbs, info )
: mpi_debug_alloc( a->nlimbs, info );
#else
b = mpi_is_secure(a)? mpi_alloc_secure( a->nlimbs )
: mpi_alloc( a->nlimbs );
#endif
b->nlimbs = a->nlimbs;
b->sign = a->sign;
b->flags = a->flags;
@ -388,8 +259,8 @@ mpi_alloc_like( MPI a )
MPI b;
if( a && (a->flags & 4) ) {
void *p = m_is_secure(a->d)? m_alloc_secure( a->nbits )
: m_alloc( a->nbits );
void *p = g10_is_secure(a->d)? g10_malloc_secure( a->nbits )
: g10_malloc( a->nbits );
memcpy( p, a->d, a->nbits );
b = mpi_set_opaque( NULL, p, a->nbits );
}
@ -440,11 +311,7 @@ mpi_set_ui( MPI w, unsigned long u)
MPI
mpi_alloc_set_ui( unsigned long u)
{
#ifdef M_DEBUG
MPI w = mpi_debug_alloc(1,"alloc_set_ui");
#else
MPI w = mpi_alloc(1);
#endif
w->d[0] = u;
w->nlimbs = u? 1:0;
w->sign = 0;

21
util/ChangeLog
View File

@ -1,3 +1,24 @@
Fri Nov 19 17:15:20 CET 1999 Werner Koch <wk@gnupg.de>
* argparse.c (default_strusage): Renamed to strusage. Fall back
to the old behaviour if no sepcial strhandler has been set.
* memory.c (g10_private_check_heap): New.
* secmem.c (m_is_secure): Renamed to ...
(g10_private_is_secure): ... this.
* memory.c (g10_private_malloc): New. Takes core functionalty of ...
(m_alloc): ... and calls it.
(g10_private_malloc_secure): New. Takes core functionalty of ...
(m_alloc_secure): ... and calls it.
(g10_private_realloc): New. Takes core functionalty of ...
(m_realloc): ... and this one calls it.
(g10_private_free): Wraps around m_free().
* argparse.c (g10_set_strusage): New.
(default_strusage): renamed to ...
(g10_default_strusage): .. this.
Sat Nov 13 17:44:23 CET 1999 Werner Koch <wk@gnupg.de>
* g10u.c: Removed.

16
util/argparse.c
View File

@ -135,10 +135,13 @@ struct alias_def_s {
const char *value; /* ptr into name */
};
static const char *(*strusage_handler)( int ) = NULL;
static int set_opt_arg(ARGPARSE_ARGS *arg, unsigned flags, char *s);
static void show_help(ARGPARSE_OPTS *opts, unsigned flags);
static void show_version(void);
static void
initialize( ARGPARSE_ARGS *arg, const char *filename, unsigned *lineno )
{
@ -886,9 +889,13 @@ usage( int level )
* 41: long usage note (with LF)
*/
const char *
default_strusage( int level )
strusage( int level )
{
const char *p = NULL;
const char *p = strusage_handler? strusage_handler(level) : NULL;
if( p )
return p;
switch( level ) {
case 11: p = "foo"; break;
case 13: p = "0.0"; break;
@ -917,6 +924,11 @@ default_strusage( int level )
return p;
}
void
set_strusage( const char *(*f)( int ) )
{
strusage_handler = f;
}
#ifdef TEST

118
util/memory.c
View File

@ -37,6 +37,9 @@
#include "memory.h"
#include "util.h"
/* FXIME: ugly hack. Need a prototype here bug can't include g10lib.h */
int g10_private_is_secure( void *p );
#define MAGIC_NOR_BYTE 0x55
#define MAGIC_SEC_BYTE 0xcc
@ -384,26 +387,60 @@ out_of_core(size_t n, int secure)
}
/****************
* Allocate memory of size n.
* Return NULL if we are out of memory.
*/
void *
g10_private_malloc( size_t n)
{
char *p;
#ifdef M_GUARD
if( !(p = malloc( n + EXTRA_ALIGN+5 )) )
return NULL;
store_len(p,n,0);
used_memory += n;
p[4+EXTRA_ALIGN+n] = MAGIC_END_BYTE;
return p+EXTRA_ALIGN+4;
#else /* fixme: This can be done with a macro */
return malloc( n );
#endif
}
/****************
* Allocate memory of size n.
* This function gives up if we do not have enough memory
*/
void *
FNAME(alloc)( size_t n FNAMEPRT )
{
char *p = g10_private_malloc( n );
if( !p )
out_of_core(n,0);
return p;
}
/****************
* Allocate memory of size n from the secure memory pool.
* Return NULL if we are out of memory.
*/
void *
g10_private_malloc_secure( size_t n)
{
char *p;
#ifdef M_GUARD
if( !(p = malloc( n + EXTRA_ALIGN+5 )) )
out_of_core(n,0);
store_len(p,n,0);
used_memory += n;
if( !(p = secmem_malloc( n +EXTRA_ALIGN+ 5 )) )
return NULL;
store_len(p,n,1);
p[4+EXTRA_ALIGN+n] = MAGIC_END_BYTE;
return p+EXTRA_ALIGN+4;
#else
if( !(p = malloc( n )) )
out_of_core(n,0);
return p;
return secmem_malloc( n );
#endif
}
@ -414,19 +451,10 @@ FNAME(alloc)( size_t n FNAMEPRT )
void *
FNAME(alloc_secure)( size_t n FNAMEPRT )
{
char *p;
#ifdef M_GUARD
if( !(p = secmem_malloc( n +EXTRA_ALIGN+ 5 )) )
out_of_core(n,1);
store_len(p,n,1);
p[4+EXTRA_ALIGN+n] = MAGIC_END_BYTE;
return p+EXTRA_ALIGN+4;
#else
if( !(p = secmem_malloc( n )) )
char *p = g10_private_malloc_secure( n );
if( !p )
out_of_core(n,1);
return p;
#endif
}
void *
@ -447,12 +475,12 @@ FNAME(alloc_secure_clear)( size_t n FNAMEPRT)
return p;
}
/****************
* realloc and clear the old space
* Return NULL if there is not enoug memory.
*/
void *
FNAME(realloc)( void *a, size_t n FNAMEPRT )
g10_private_realloc( void *a, size_t n )
{
#ifdef M_GUARD
unsigned char *p = a;
@ -462,28 +490,39 @@ FNAME(realloc)( void *a, size_t n FNAMEPRT )
if( len >= n ) /* we don't shrink for now */
return a;
if( p[-1] == MAGIC_SEC_BYTE )
b = FNAME(alloc_secure_clear)(n FNAMEARG);
b = g10_private_malloc_secure(n);
else
b = FNAME(alloc_clear)(n FNAMEARG);
b = g10_private_malloc(n);
if( !b )
return NULL;
memset(p, 0, n );
FNAME(check)(NULL FNAMEARG);
memcpy(b, a, len );
FNAME(free)(p FNAMEARG);
return b;
#else
void *b;
if( m_is_secure(a) ) {
if( !(b = secmem_realloc( a, n )) )
out_of_core(n,1);
if( g10_private_is_secure(a) ) {
return secmem_realloc( a, n );
}
else {
if( !(b = realloc( a, n )) )
out_of_core(n,0);
return realloc( a, n );
}
#endif
return b;
}
/****************
* realloc and clear the old space
*/
void *
FNAME(realloc)( void *a, size_t n FNAMEPRT )
{
void *b = g10_private_realloc( a, n );
if( !b )
out_of_core(n, g10_private_is_secure(a));
return b;
}
/****************
* Free a pointer
@ -499,20 +538,25 @@ FNAME(free)( void *a FNAMEPRT )
free_entry(p-EXTRA_ALIGN-4, info);
#elif M_GUARD
m_check(p);
if( m_is_secure(a) )
if( g10_private_is_secure(a) )
secmem_free(p-EXTRA_ALIGN-4);
else {
used_memory -= m_size(a);
free(p-EXTRA_ALIGN-4);
}
#else
if( m_is_secure(a) )
if( g10_private_is_secure(a) )
secmem_free(p);
else
free(p);
#endif
}
void
g10_private_free( void *a )
{
m_free(a);
}
void
FNAME(check)( const void *a FNAMEPRT )
@ -537,6 +581,13 @@ FNAME(check)( const void *a FNAMEPRT )
}
void
g10_private_check_heap( const void *p )
{
m_check(p);
}
size_t
m_size( const void *a )
{
@ -573,7 +624,7 @@ FNAME(copy)( const void *a FNAMEPRT )
return NULL;
n = m_size(a); Aiiiih woher nehmen
if( m_is_secure(a) )
if( g10_private_is_secure(a) )
b = FNAME(alloc_secure)(n FNAMEARG);
else
b = FNAME(alloc)(n FNAMEARG);
@ -591,3 +642,4 @@ FNAME(strdup)( const char *a FNAMEPRT )
return p;
}

3
util/secmem.c
View File

@ -370,8 +370,9 @@ secmem_free( void *a )
cur_alloced -= size;
}
int
m_is_secure( const void *p )
g10_private_is_secure( const void *p )
{
return p >= pool && p < (void*)((char*)pool+poolsize);
}