From 37f3c09edb6d6b866cd8e8bed76c304e26fd7c44 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Mon, 15 Nov 1999 20:32:25 +0000 Subject: [PATCH] See ChangeLog: Mon Nov 15 21:36:02 CET 1999 Werner Koch --- Makefile.am | 2 +- NOTES | 8 ++++++++ cipher/ChangeLog | 7 +++++++ cipher/dsa.c | 20 +++++++++++--------- cipher/elgamal.c | 29 +++++++++++++++++------------ cipher/md.c | 2 +- cipher/primegen.c | 2 +- cipher/pubkey.c | 4 ++-- cipher/random.c | 1 - cipher/rndegd.c | 6 ------ cipher/rndlinux.c | 7 +------ cipher/rndunix.c | 4 ++-- g10/ChangeLog | 4 ++++ g10/Makefile.am | 3 +-- g10/misc.c | 14 -------------- g10/sign.c | 2 +- include/g10lib.h | 12 ++++++++++-- 17 files changed, 67 insertions(+), 60 deletions(-) diff --git a/Makefile.am b/Makefile.am index 20fad9107..b7836126c 100644 --- a/Makefile.am +++ b/Makefile.am @@ -17,7 +17,7 @@ else checks = checks endif -SUBDIRS = intl zlib util mpi cipher ${gcrypt} tools g10 po doc ${checks} +SUBDIRS = intl zlib util mpi cipher ${gcrypt} g10 po doc ${checks} EXTRA_DIST = README-alpha VERSION PROJECTS BUGS # gettext never gets it right, so we take here care of deleting the # symlink. my_clean_gcrypt is just a kludge until we can include diff --git a/NOTES b/NOTES index 35f5183b9..901b51e54 100644 --- a/NOTES +++ b/NOTES @@ -15,6 +15,14 @@ Some other reported cpu-vendor-os strings: i386-pc-sysv4.2 (USL Unixware v1.1.2) + + +Simos Hadjiyiannis + +runs successfully on HP-UX v11.00 as well. (using gcc) + Johan Wevers is working on a NL translation. + + diff --git a/cipher/ChangeLog b/cipher/ChangeLog index 6aed450dd..8231cbedb 100644 --- a/cipher/ChangeLog +++ b/cipher/ChangeLog @@ -1,3 +1,10 @@ +Mon Nov 15 21:36:02 CET 1999 Werner Koch + + * elgamal.c (gen_k): Use the new random API. + (generate): Ditto. + * dsa.c (gen_k): Ditto. + (generate): Ditto. + Sat Nov 13 17:44:23 CET 1999 Werner Koch * pubkey.c (disable_pubkey_algo): Made static. diff --git a/cipher/dsa.c b/cipher/dsa.c index 5a356c9c2..91c797c40 100644 --- a/cipher/dsa.c +++ b/cipher/dsa.c @@ -79,13 +79,14 @@ gen_k( MPI q ) if( !rndbuf || nbits < 32 ) { g10_free(rndbuf); - rndbuf = get_random_bits( nbits, 1, 1 ); + rndbuf = gcry_random_bytes_secure( (nbits+7)/8, + GCRY_STRONG_RANDOM ); } else { /* change only some of the higher bits */ /* we could imporove this by directly requesting more memory - * at the first call to get_random_bits() and use this the here + * at the first call to get_random_bytes() and use this the here * maybe it is easier to do this directly in random.c */ - char *pp = get_random_bits( 32, 1, 1 ); + char *pp = gcry_random_bytes_secure( 4, GCRY_STRONG_RANDOM ); memcpy( rndbuf,pp, 4 ); g10_free(pp); } @@ -129,8 +130,7 @@ test_keys( DSA_secret_key *sk, unsigned qbits ) pk.q = sk->q; pk.g = sk->g; pk.y = sk->y; - /*mpi_set_bytes( test, qbits, get_random_byte, 0 );*/ - { char *p = get_random_bits( qbits, 0, 0 ); + { char *p = gcry_random_bytes( (qbits+7)/8, GCRY_WEAK_RANDOM ); mpi_set_buffer( test, p, (qbits+7)/8, 0 ); g10_free(p); } @@ -199,10 +199,12 @@ generate( DSA_secret_key *sk, unsigned nbits, MPI **ret_factors ) if( DBG_CIPHER ) progress('.'); if( !rndbuf ) - rndbuf = get_random_bits( qbits, 2, 1 ); + rndbuf = gcry_random_bytes_secure( (qbits+7)/8, + GCRY_VERY_STRONG_RANDOM ); else { /* change only some of the higher bits (= 2 bytes)*/ - char *r = get_random_bits( 16, 2, 1 ); - memcpy(rndbuf, r, 16/8 ); + char *r = gcry_random_bytes_secure( 2, + GCRY_VERY_STRONG_RANDOM ); + memcpy(rndbuf, r, 2 ); g10_free(r); } mpi_set_buffer( x, rndbuf, (qbits+7)/8, 0 ); @@ -454,7 +456,7 @@ dsa_get_info( int algo, int *npkey, int *nskey, int *nenc, int *nsig, *nsig = 2; switch( algo ) { - case PUBKEY_ALGO_DSA: *use = PUBKEY_USAGE_SIG; return "DSA"; + case PUBKEY_ALGO_DSA: *use = GCRY_PK_USAGE_SIGN; return "DSA"; default: *use = 0; return NULL; } } diff --git a/cipher/elgamal.c b/cipher/elgamal.c index 48fe22ac8..d57906457 100644 --- a/cipher/elgamal.c +++ b/cipher/elgamal.c @@ -78,11 +78,12 @@ test_keys( ELG_secret_key *sk, unsigned nbits ) pk.y = sk->y; /*mpi_set_bytes( test, nbits, get_random_byte, 0 );*/ - { char *p = get_random_bits( nbits, 0, 0 ); + { char *p = gcry_random_bytes( (nbits+7)/8, GCRY_WEAK_RANDOM ); mpi_set_buffer( test, p, (nbits+7)/8, 0 ); g10_free(p); } + encrypt( out1_a, out1_b, test, &pk ); decrypt( out2, out1_a, out1_b, sk ); if( mpi_cmp( test, out2 ) ) @@ -121,14 +122,14 @@ gen_k( MPI p ) progress('.'); if( !rndbuf || nbits < 32 ) { g10_free(rndbuf); - rndbuf = get_random_bits( nbits, 1, 1 ); + rndbuf = gcry_random_bytes_secure( nbytes, GCRY_STRONG_RANDOM ); } else { /* change only some of the higher bits */ /* we could imporove this by directly requesting more memory - * at the first call to get_random_bits() and use this the here + * at the first call to get_random_bytes() and use this the here * maybe it is easier to do this directly in random.c */ - char *pp = get_random_bits( 32, 1, 1 ); - memcpy( rndbuf,pp, 4 ); + char *pp = gcry_random_bytes_secure( 4, GCRY_STRONG_RANDOM ); + memcpy( rndbuf, pp, 4 ); g10_free(pp); } mpi_set_buffer( k, rndbuf, nbytes, 0 ); @@ -214,16 +215,20 @@ generate( ELG_secret_key *sk, unsigned nbits, MPI **ret_factors ) if( rndbuf ) { /* change only some of the higher bits */ if( nbits < 16 ) {/* should never happen ... */ g10_free(rndbuf); - rndbuf = get_random_bits( nbits, 2, 1 ); + rndbuf = gcry_random_bytes_secure( (nbits+7)/8, + GCRY_VERY_STRONG_RANDOM ); } else { - char *r = get_random_bits( 16, 2, 1 ); - memcpy(rndbuf, r, 16/8 ); + char *r = gcry_random_bytes_secure( 2, + GCRY_VERY_STRONG_RANDOM ); + memcpy(rndbuf, r, 2 ); g10_free(r); } } - else - rndbuf = get_random_bits( nbits, 2, 1 ); + else { + rndbuf = gcry_random_bytes_secure( (nbits+7)/8, + GCRY_VERY_STRONG_RANDOM ); + } mpi_set_buffer( x, rndbuf, (nbits+7)/8, 0 ); mpi_clear_highbit( x, nbits+1 ); } while( !( mpi_cmp_ui( x, 0 )>0 && mpi_cmp( x, p_min1 )<0 ) ); @@ -589,10 +594,10 @@ elg_get_info( int algo, int *npkey, int *nskey, int *nenc, int *nsig, switch( algo ) { case PUBKEY_ALGO_ELGAMAL: - *use = PUBKEY_USAGE_SIG|PUBKEY_USAGE_ENC; + *use = GCRY_PK_USAGE_SIGN|GCRY_PK_USAGE_ENCR; return "ELG"; case PUBKEY_ALGO_ELGAMAL_E: - *use = PUBKEY_USAGE_SIG|PUBKEY_USAGE_ENC; + *use = GCRY_PK_USAGE_SIGN|GCRY_PK_USAGE_ENCR; return "ELG-E"; default: *use = 0; return NULL; } diff --git a/cipher/md.c b/cipher/md.c index bb179b679..480954a67 100644 --- a/cipher/md.c +++ b/cipher/md.c @@ -326,7 +326,7 @@ md_enable( GCRY_MD_HD hd, int algo ) - sizeof(r->context) ) : g10_malloc( sizeof *ac + r->contextsize - sizeof(r->context) ); - if( !rc ) + if( !ac ) return set_lasterr( GCRYERR_NO_MEM ); *ac = *r; diff --git a/cipher/primegen.c b/cipher/primegen.c index ca8e3ee9f..5dc1e1a41 100644 --- a/cipher/primegen.c +++ b/cipher/primegen.c @@ -122,7 +122,7 @@ generate_elg_prime( int mode, unsigned pbits, unsigned qbits, q_factor = mode==1? gen_prime( req_qbits, 0, 1 ) : NULL; /* allocate an array to hold the factors + 2 for later usage */ - factors = g10_xcalloc_clear( n+2, sizeof *factors ); + factors = g10_xcalloc( n+2, sizeof *factors ); /* make a pool of 3n+5 primes (this is an arbitrary value) */ m = n*3+5; diff --git a/cipher/pubkey.c b/cipher/pubkey.c index 8d00d95a4..b77ebffaa 100644 --- a/cipher/pubkey.c +++ b/cipher/pubkey.c @@ -670,7 +670,7 @@ sexp_to_key( GCRY_SEXP sexp, int want_private, MPI **retarray, int *retalgo) elems1 = algo_info_table[i].common_elements; elems2 = want_private? algo_info_table[i].secret_elements : algo_info_table[i].public_elements; - array = g10_calloc( (strlen(elems1)+strlen(elems2)+1, sizeof *array ); + array = g10_calloc( strlen(elems1)+strlen(elems2)+1, sizeof *array ); if( !array ) return GCRYERR_NO_MEM; @@ -825,7 +825,7 @@ gcry_pk_sign( GCRY_SEXP *r_sig, GCRY_SEXP s_hash, GCRY_SEXP s_skey ) release_mpi_array( skey ); return -1; /* fixme: get a real errorcode for this */ } - result = g10_xcalloc_clear( (strlen(algo_elems)+1) , sizeof *result ); + result = g10_xcalloc( (strlen(algo_elems)+1) , sizeof *result ); rc = pubkey_sign( algo, result, hash, skey ); release_mpi_array( skey ); mpi_free( hash ); diff --git a/cipher/random.c b/cipher/random.c index b8a09bb5d..d80b870b4 100644 --- a/cipher/random.c +++ b/cipher/random.c @@ -49,7 +49,6 @@ #include "util.h" #include "rmd.h" #include "ttyio.h" -#include "i18n.h" #include "random.h" #include "rand-internal.h" #include "dynload.h" diff --git a/cipher/rndegd.c b/cipher/rndegd.c index 87d75cf89..d6a6a3943 100644 --- a/cipher/rndegd.c +++ b/cipher/rndegd.c @@ -37,12 +37,6 @@ #include "dynload.h" #include "cipher.h" -#ifdef IS_MODULE - #define _(a) (a) -#else - #include "i18n.h" -#endif - #ifndef offsetof #define offsetof(type, member) ((size_t) &((type *)0)->member) #endif diff --git a/cipher/rndlinux.c b/cipher/rndlinux.c index 78fee1567..63befd251 100644 --- a/cipher/rndlinux.c +++ b/cipher/rndlinux.c @@ -41,16 +41,11 @@ #endif #endif #include "types.h" +#include "g10lib.h" /* need this for i18n */ #include "util.h" #include "ttyio.h" #include "dynload.h" -#ifdef IS_MODULE - #define _(a) (a) -#else - #include "i18n.h" -#endif - static int open_device( const char *name, int minor ); static int gather_random( void (*add)(const void*, size_t, int), int requester, size_t length, int level ); diff --git a/cipher/rndunix.c b/cipher/rndunix.c index 36482dfae..849f1e007 100644 --- a/cipher/rndunix.c +++ b/cipher/rndunix.c @@ -44,8 +44,8 @@ code base to be maintained */ - /* Fixme: We use plain mallocs here beucase it may be used as a module - * should be changed. * +/* Fixme: We use plain mallocs here beucase it may be used as a module + * should be changed. */ /* General includes */ diff --git a/g10/ChangeLog b/g10/ChangeLog index 3ae1255af..4788a4437 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,7 @@ +Mon Nov 15 21:36:02 CET 1999 Werner Koch + + * misc.c (pull_in_libs): Removed. + Sat Nov 13 17:44:23 CET 1999 Werner Koch * mainproc.c (list_node): Print the PK algo in the --with-colon mode. diff --git a/g10/Makefile.am b/g10/Makefile.am index 299ea5131..7c2450f12 100644 --- a/g10/Makefile.am +++ b/g10/Makefile.am @@ -4,8 +4,7 @@ INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/intl EXTRA_DIST = OPTIONS pubring.asc options.skel OMIT_DEPENDENCIES = zlib.h zconf.h LDFLAGS = @LDFLAGS@ @DYNLINK_LDFLAGS@ -##needed_libs = ../util/libutil.la ../gcrypt/libgcrypt.la -needed_libs = +needed_libs = ../util/libutil.la ../gcrypt/libgcrypt.la #noinst_PROGRAMS = gpgd bin_PROGRAMS = gpg diff --git a/g10/misc.c b/g10/misc.c index a3ed841db..7e8e85a9e 100644 --- a/g10/misc.c +++ b/g10/misc.c @@ -38,20 +38,6 @@ #include "i18n.h" -const char *g10m_revision_string(int); -const char *g10c_revision_string(int); -const char *g10u_revision_string(int); - -#ifdef __GNUC__ -volatile -#endif - void -pull_in_libs(void) -{ - g10m_revision_string(0); - g10u_revision_string(0); -} - #if defined(__linux__) && defined(__alpha__) && __GLIBC__ < 2 #warning using trap_unaligned diff --git a/g10/sign.c b/g10/sign.c index 3ec430d2f..d278945a3 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -52,7 +52,7 @@ pk_sign( int algo, MPI *data, MPI hash, MPI *skey ) /* make a sexp from skey */ if( algo == GCRY_PK_DSA ) { - s_skey = SEXP_CONS( SEXP_NEW( "private-key", 0 ), + s_skey = SEXP_CONS( SEXP_NEW( "private-key", 0 ), gcry_sexp_vlist( SEXP_NEW( "dsa", 3 ), gcry_sexp_new_name_mpi( "p", skey[0] ), gcry_sexp_new_name_mpi( "q", skey[1] ), diff --git a/include/g10lib.h b/include/g10lib.h index ee04b655c..aa2977825 100644 --- a/include/g10lib.h +++ b/include/g10lib.h @@ -41,7 +41,6 @@ /*-- gcrypt/global.c --*/ int set_lasterr( int ec ); - void *g10_malloc( size_t n ); void *g10_calloc( size_t n, size_t m ); void *g10_malloc_secure( size_t n ); @@ -59,7 +58,16 @@ void g10_free( void *p ); /*-- gcrypt/misc.c --*/ const char *g10_gettext( const char *key ); -int fatal_invalid_arg(const char *text); +void g10_fatal_error(int rc, const char *text ); + + +/*-- util/memory.c --*/ + +#define g10_private_malloc(n) m_alloc((n)) +#define g10_private_malloc_secure(n) m_alloc_secure((n)) +#define g10_private_is_secure(n) m_is_secure((n)) +#define g10_private_realloc(a,n) m_realloc((a),(n)) +#define g10_private_free(p) m_free((p)) /*-- cipher/pubkey.c --*/