See ChangeLog: Fri Nov 19 17:15:20 CET 1999 Werner Koch

2025-07-02 22:46:30 +02:00 · 1999-11-19 16:11:37 +00:00 · 1999-11-19 16:11:37 +00:00 · 2694bceb45
commit 2694bceb45
parent 37f3c09edb
35 changed files with 422 additions and 289 deletions
--- a/cipher/ChangeLog
+++ b/cipher/ChangeLog
@ -1,3 +1,24 @@
+Fri Nov 19 17:15:20 CET 1999  Werner Koch  <wk@gnupg.de>
+
+	* dynload.c (cmp_filenames): New to replaced compare_filename() in
+	module.
+	(register_cipher_extension): Removed the tilde expansion stuff.
+	* rndeg.c (my_make_filename): New.
+
+	* : Replaced header util.h by g10lib.h
+
+	* random.c (gather_faked): Replaced make_timestamp by time(2).
+	Disabled wrning printed with tty_printf.
+	* rndlinux.c (gather_random): Always use fprintf instead of tty_xxx;
+	this should be replaced by a callback function.
+
+	* primegen.c (gen_prime): Use gcry_mpi_randomize.
+	(is_prime): Ditto.
+	* elgamal.c (test_keys): Ditto.
+	* dsa.c (test_keys): Ditto.
+
+	* cipher.c (gcry_cipher_close): Die on invalid handle.
+
 Mon Nov 15 21:36:02 CET 1999  Werner Koch  <wk@gnupg.de>

 	* elgamal.c (gen_k): Use the new random API.
--- a/cipher/cipher.c
+++ b/cipher/cipher.c
@ -26,7 +26,6 @@
 #include <assert.h>

 #include "g10lib.h"
-#include "util.h"
 #include "cipher.h"
 #include "des.h"
 #include "blowfish.h"
@ -418,10 +417,9 @@ gcry_cipher_close( GCRY_CIPHER_HD h )
 {
    if( !h )
 	return;
-    if( h->magic != CTX_MAGIC_SECURE && h->magic != CTX_MAGIC_NORMAL )	{
-	fatal_invalid_arg("gcry_cipher_close: already closed/invalid handle");
-	return;
-    }
+    if( h->magic != CTX_MAGIC_SECURE && h->magic != CTX_MAGIC_NORMAL )
+	g10_fatal_error(GCRYERR_INTERNAL,
+			"gcry_cipher_close: already closed/invalid handle");
    h->magic = 0;
    g10_free(h);
 }
--- a/cipher/dsa.c
+++ b/cipher/dsa.c
@ -24,7 +24,6 @@
 #include <string.h>
 #include <assert.h>
 #include "g10lib.h"
-#include "util.h"
 #include "mpi.h"
 #include "cipher.h"
 #include "dsa.h"
@ -130,10 +129,7 @@ test_keys( DSA_secret_key *sk, unsigned qbits )
    pk.q = sk->q;
    pk.g = sk->g;
    pk.y = sk->y;
-    {	char *p = gcry_random_bytes( (qbits+7)/8, GCRY_WEAK_RANDOM );
-	mpi_set_buffer( test, p, (qbits+7)/8, 0 );
-	g10_free(p);
-    }
+    gcry_mpi_randomize( test, qbits, GCRY_WEAK_RANDOM );

    sign( out1_a, out1_b, test, sk );
    if( !verify( out1_a, out1_b, test, &pk ) )
--- a/cipher/dynload.c
+++ b/cipher/dynload.c
@ -32,7 +32,6 @@
  #include <errno.h>
 #endif
 #include "g10lib.h"
-#include "util.h"
 #include "cipher.h"
 #include "dynload.h"

@ -102,6 +101,20 @@ static int dld_available;
 #endif


+static int
+cmp_filenames( const char *a, const char *b )
+{
+    /* ? check whether this is an absolute filename and
+     * resolve symlinks?
+     */
+  #ifdef HAVE_DRIVE_LETTERS
+    return stricmp(a,b);
+  #else
+    return strcmp(a,b);
+  #endif
+}
+
+
 /****************
 * Register an extension module.  The last registered module will
 * be loaded first.  A name may have a list of classes
@ -125,21 +138,9 @@ register_cipher_extension( const char *mainpgm, const char *fname )
    if( !mainpgm_path && mainpgm && *mainpgm )
 	mainpgm_path = m_strdup(mainpgm);
  #endif
-    if( *fname != '/' ) { /* do tilde expansion etc */
-	char *tmp;
+    el = g10_xcalloc( 1, sizeof *el + strlen(fname) );
+    strcpy(el->name, fname );

-	if( strchr(fname, '/') )
-	    tmp = make_filename(fname, NULL);
-	else
-	    tmp = make_filename(GNUPG_LIBDIR, fname, NULL);
-	el = g10_xcalloc( 1, sizeof *el + strlen(tmp) );
-	strcpy(el->name, tmp );
-	g10_free(tmp);
-    }
-    else {
-	el = g10_xcalloc( 1, sizeof *el + strlen(fname) );
-	strcpy(el->name, fname );
-    }
    /* check whether we have a class hint */
    if( (p=strchr(el->name,'(')) && (pe=strchr(p+1,')')) && !pe[1] ) {
 	*p = *pe = 0;
@ -151,7 +152,7 @@ register_cipher_extension( const char *mainpgm, const char *fname )
    /* check that it is not already registered */
    intex = NULL;
    for(r = extensions; r; r = r->next ) {
-	if( !compare_filenames(r->name, el->name) ) {
+	if( !cmp_filenames(r->name, el->name) ) {
 	    log_info("extension `%s' already registered\n", el->name );
 	    g10_free(el);
 	    return;
@ -187,7 +188,7 @@ register_internal_cipher_extension(

    /* check that it is not already registered */
    for(r = extensions; r; r = r->next ) {
-	if( !compare_filenames(r->name, el->name) ) {
+	if( !cmp_filenames(r->name, el->name) ) {
 	    log_info("extension `%s' already registered\n", el->name );
 	    g10_free(el);
 	    return;
--- a/cipher/elgamal.c
+++ b/cipher/elgamal.c
@ -27,7 +27,6 @@
 #include <stdlib.h>
 #include <string.h>
 #include "g10lib.h"
-#include "util.h"
 #include "mpi.h"
 #include "cipher.h"
 #include "elgamal.h"
@ -77,12 +76,7 @@ test_keys( ELG_secret_key *sk, unsigned nbits )
    pk.g = sk->g;
    pk.y = sk->y;

-    /*mpi_set_bytes( test, nbits, get_random_byte, 0 );*/
-    {	char *p = gcry_random_bytes( (nbits+7)/8, GCRY_WEAK_RANDOM );
-	mpi_set_buffer( test, p, (nbits+7)/8, 0 );
-	g10_free(p);
-    }
-
+    gcry_mpi_randomize( test, nbits, GCRY_WEAK_RANDOM );

    encrypt( out1_a, out1_b, test, &pk );
    decrypt( out2, out1_a, out1_b, sk );
--- a/cipher/md.c
+++ b/cipher/md.c
@ -26,7 +26,6 @@
 #include <assert.h>

 #include "g10lib.h"
-#include "util.h"
 #include "cipher.h"
 #include "dynload.h"
 #include "rmd.h"
--- a/cipher/md5.c
+++ b/cipher/md5.c
@ -33,7 +33,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <assert.h>
-#include "util.h"
+#include "g10lib.h"
 #include "memory.h"
 #include "dynload.h"

--- a/cipher/primegen.c
+++ b/cipher/primegen.c
@ -29,7 +29,6 @@
 #include <string.h>
 #include <assert.h>
 #include "g10lib.h"
-#include "util.h"
 #include "mpi.h"
 #include "cipher.h"

@ -307,10 +306,7 @@ gen_prime( unsigned  nbits, int secret, int randomlevel )
 	int dotcount=0;

 	/* generate a random number */
-	{   char *p = get_random_bits( nbits, randomlevel, secret );
-	    mpi_set_buffer( prime, p, (nbits+7)/8, 0 );
-	    g10_free(p);
-	}
+	gcry_mpi_randomize( prime, nbits, randomlevel );

 	/* set high order bit to 1, set low order bit to 1 */
 	mpi_set_highbit( prime, nbits-1 );
@ -434,11 +430,8 @@ is_prime( MPI n, int steps, int *count )
 	    mpi_set_ui( x, 2 );
 	}
 	else {
-	    /*mpi_set_bytes( x, nbits-1, get_random_byte, 0 );*/
-	    {	char *p = get_random_bits( nbits, 0, 0 );
-		mpi_set_buffer( x, p, (nbits+7)/8, 0 );
-		g10_free(p);
-	    }
+	    gcry_mpi_randomize( x, nbits, GCRY_WEAK_RANDOM );
+
 	    /* make sure that the number is smaller than the prime
 	     * and keep the randomness of the high bit */
 	    if( mpi_test_bit( x, nbits-2 ) ) {
--- a/cipher/pubkey.c
+++ b/cipher/pubkey.c
@ -26,7 +26,6 @@
 #include <assert.h>

 #include "g10lib.h"
-#include "util.h"
 #include "mpi.h"
 #include "cipher.h"
 #include "elgamal.h"
--- a/cipher/random.c
+++ b/cipher/random.c
@ -46,7 +46,6 @@
  #include <sys/resource.h>
 #endif
 #include "g10lib.h"
-#include "util.h"
 #include "rmd.h"
 #include "ttyio.h"
 #include "random.h"
@ -463,14 +462,20 @@ gather_faked( void (*add)(const void*, size_t, int), int requester,

    if( !initialized ) {
 	log_info(_("WARNING: using insecure random number generator!!\n"));
+	/* we can't use tty_printf here - do we need this function at
+	  all - does it really make sense or canit be viewed as a potential
+	  security problem ? wk 17.11.99 */
+	#warning Extended warning disabled
+      #if 0
 	tty_printf(_("The random number generator is only a kludge to let\n"
 		   "it run - it is in no way a strong RNG!\n\n"
 		   "DON'T USE ANY DATA GENERATED BY THIS PROGRAM!!\n\n"));
+      #endif
 	initialized=1;
      #ifdef HAVE_RAND
-	srand(make_timestamp()*getpid());
+	srand( time(NULL) * getpid());
      #else
-	srandom(make_timestamp()*getpid());
+	srandom( time(NULL) * getpid());
      #endif
    }

--- a/cipher/rmd160.c
+++ b/cipher/rmd160.c
@ -23,7 +23,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <assert.h>
-#include "util.h"
+#include "g10lib.h"
 #include "memory.h"
 #include "rmd.h"
 #include "cipher.h" /* only used for the rmd160_hash_buffer() prototype */
--- a/cipher/rndegd.c
+++ b/cipher/rndegd.c
@ -32,7 +32,6 @@
 #include <sys/un.h>
 #include "types.h"
 #include "g10lib.h"
-#include "util.h"
 #include "ttyio.h"
 #include "dynload.h"
 #include "cipher.h"
@ -41,6 +40,44 @@
 #define offsetof(type, member) ((size_t) &((type *)0)->member)
 #endif

+
+/* FIXME: this is duplicated code from util/fileutil
+ * I don't think that this code should go into libgcrypt anyway.
+ */
+char *
+my_make_filename( const char *first_part, ... )
+{
+    va_list arg_ptr ;
+    size_t n;
+    const char *s;
+    char *name, *home, *p;
+
+    va_start( arg_ptr, first_part ) ;
+    n = strlen(first_part)+1;
+    while( (s=va_arg(arg_ptr, const char *)) )
+	n += strlen(s) + 1;
+    va_end(arg_ptr);
+
+    home = NULL;
+    if( *first_part == '~' && first_part[1] == '/'
+			   && (home = getenv("HOME")) && *home )
+	n += strlen(home);
+
+    name = m_alloc(n);
+    p = home ? stpcpy(stpcpy(name,home), first_part+1)
+	     : stpcpy(name, first_part);
+    va_start( arg_ptr, first_part ) ;
+    while( (s=va_arg(arg_ptr, const char *)) )
+	p = stpcpy(stpcpy(p,"/"), s);
+    va_end(arg_ptr);
+
+    return name;
+}
+
+
+
+
+
 static int
 do_write( int fd, void *buf, size_t nbytes )
 {
@ -104,7 +141,7 @@ gather_random( void (*add)(const void*, size_t, int), int requester,
 	}
    }
    if( fd == -1 ) {
-	char *name = make_filename( g10_opt_homedir, "entropy", NULL );
+	char *name = my_make_filename( g10_opt_homedir, "entropy", NULL );
 	struct sockaddr_un addr;
 	int addr_len;

--- a/cipher/rndlinux.c
+++ b/cipher/rndlinux.c
@ -41,8 +41,7 @@
  #endif
 #endif
 #include "types.h"
-#include "g10lib.h"  /* need this for i18n */
-#include "util.h"
+#include "g10lib.h"
 #include "ttyio.h"
 #include "dynload.h"

@ -121,12 +120,9 @@ gather_random( void (*add)(const void*, size_t, int), int requester,
 	tv.tv_sec = 3;
 	tv.tv_usec = 0;
 	if( !(rc=select(fd+1, &rfds, NULL, NULL, &tv)) ) {
+	    #warning FIXME: Replace fprintf by a callback
 	    if( !warn )
-	      #ifdef IS_MODULE
 		fprintf(stderr,
-	      #else
-		tty_printf(
-	      #endif
 _("\n"
 "Not enough random bytes available.  Please do some other work to give\n"
 "the OS a chance to collect more entropy! (Need %d more bytes)\n"), length );
@ -134,12 +130,7 @@ _("\n"
 	    continue;
 	}
 	else if( rc == -1 ) {
-	  #ifdef IS_MODULE
-	    fprintf(stderr,
-	  #else
-	    tty_printf(
-	  #endif
-		       "select() error: %s\n", strerror(errno));
+	    fprintf(stderr, "select() error: %s\n", strerror(errno));
 	    continue;
 	}

--- a/cipher/rndunix.c
+++ b/cipher/rndunix.c
@ -97,7 +97,7 @@
 #ifndef IS_MODULE
 #include "dynload.h"
 #endif
-#include "util.h"
+#include "g10lib.h"

 #ifndef EAGAIN
  #define EAGAIN  EWOULDBLOCK
--- a/cipher/rndw32.c
+++ b/cipher/rndw32.c
@ -29,7 +29,6 @@

 #include "types.h"
 #include "g10lib.h"
-#include "util.h"
 #include "dynload.h"


--- a/cipher/sha1.c
+++ b/cipher/sha1.c
@ -36,7 +36,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <assert.h>
-#include "util.h"
+#include "g10lib.h"
 #include "memory.h"
 #include "dynload.h"
 #include "bithelp.h"
--- a/cipher/smallprime.c
+++ b/cipher/smallprime.c
@ -21,7 +21,6 @@
 #include <config.h>
 #include <stdio.h>
 #include <stdlib.h>
-#include "util.h"
 #include "types.h"

 /* Note: 2 is not included because it can be tested more easily
--- a/cipher/tiger.c
+++ b/cipher/tiger.c
@ -23,7 +23,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <assert.h>
-#include "util.h"
+#include "g10lib.h"
 #include "memory.h"


--- a/cipher/twofish.c
+++ b/cipher/twofish.c
@ -28,7 +28,6 @@

 #include "types.h"  /* for byte and u32 typedefs */
 #include "g10lib.h"
-#include "util.h"
 #include "dynload.h"