diff --git a/AUTHORS b/AUTHORS index 6fb1fa8fd..54d6eb03e 100644 --- a/AUTHORS +++ b/AUTHORS @@ -20,6 +20,7 @@ Per Tunedal Translations [sv] Daniel Nylander Translations [sv] Daiki Ueno Assigns Past and Future Changes. + (changed:passphrase.c and related code) David Shaw Assigns past and future changes. (all in keyserver/, diff --git a/Makefile.am b/Makefile.am index ecc325797..ae98909e0 100644 --- a/Makefile.am +++ b/Makefile.am @@ -54,6 +54,11 @@ scd = scd else scd = endif +#if BUILD_G13 +#g13 = g13 +#else +#g13 = +#endif if BUILD_TOOLS tools = tools else @@ -72,7 +77,7 @@ tests = tests endif SUBDIRS = m4 gl include jnlib common ${kbx} \ - ${gpg} ${keyserver} ${sm} ${agent} ${scd} ${tools} po ${doc} ${tests} + ${gpg} ${keyserver} ${sm} ${agent} ${scd} ${g13} ${tools} po ${doc} ${tests} dist_doc_DATA = README diff --git a/TODO b/TODO index 45e221bda..e590db886 100644 --- a/TODO +++ b/TODO @@ -20,7 +20,6 @@ ** replace leading zero in integer hack by a cleaner solution * sm/gpgsm.c -** mark all unimplemented commands and options. ** Implement --default-key ** support the anyPolicy semantic ** Should we prefer nonRepudiation certs over plain signing certs? diff --git a/configure.ac b/configure.ac index 31a3516e9..2b769c2fc 100644 --- a/configure.ac +++ b/configure.ac @@ -1453,6 +1453,7 @@ g10/Makefile sm/Makefile agent/Makefile scd/Makefile +g13/Makefile keyserver/Makefile keyserver/gpg2keys_mailto keyserver/gpg2keys_test diff --git a/g10/ChangeLog b/g10/ChangeLog index ef6817037..c3f62394a 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,15 @@ +2009-05-18 Daiki Ueno (wk) + + * encode.c (encode_simple): Tell passphrase_to_dek to cache + the passphrase. + (setup_symkey): Ditto. + * mainproc.c (proc_symkey_enc): Tell passphrase_to_dek to cache + the passphrase. + (proc_encrypted): Ditto. + * passphrase.c (hash_passphrase): Remove arg CREATE. + (passphrase_to_dek): New mode 3 and 4 for caching passphrase for + symmetric encryption. + 2009-05-17 Werner Koch * keygen.c (ask_algo): Add arg R_SUBKEY_ALGO. Change return value diff --git a/g10/encode.c b/g10/encode.c index 10c638f89..0c7dc4e22 100644 --- a/g10/encode.c +++ b/g10/encode.c @@ -216,7 +216,7 @@ encode_simple( const char *filename, int mode, int use_seskey ) s2k->mode = RFC1991? 0:opt.s2k_mode; s2k->hash_algo=S2K_DIGEST_ALGO; cfx.dek = passphrase_to_dek( NULL, 0, - default_cipher_algo(), s2k, 2, + default_cipher_algo(), s2k, 4, NULL, &canceled); if( !cfx.dek || !cfx.dek->keylen ) { rc = gpg_error (canceled? GPG_ERR_CANCELED:GPG_ERR_INV_PASSPHRASE); @@ -397,7 +397,7 @@ setup_symkey(STRING2KEY **symkey_s2k,DEK **symkey_dek) (*symkey_s2k)->hash_algo = S2K_DIGEST_ALGO; *symkey_dek=passphrase_to_dek(NULL,0,opt.s2k_cipher_algo, - *symkey_s2k,2,NULL, &canceled); + *symkey_s2k, 4, NULL, &canceled); if(!*symkey_dek || !(*symkey_dek)->keylen) { xfree(*symkey_dek); diff --git a/g10/mainproc.c b/g10/mainproc.c index 84a9de5f1..beab791b9 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -311,7 +311,7 @@ proc_symkey_enc( CTX c, PACKET *pkt ) } else { - c->dek = passphrase_to_dek (NULL, 0, algo, &enc->s2k, 0, + c->dek = passphrase_to_dek (NULL, 0, algo, &enc->s2k, 3, NULL, NULL); if(c->dek) { @@ -548,7 +548,7 @@ proc_encrypted( CTX c, PACKET *pkt ) log_info (_("assuming %s encrypted data\n"), "IDEA"); } - c->dek = passphrase_to_dek ( NULL, 0, algo, s2k, 0, NULL, NULL ); + c->dek = passphrase_to_dek ( NULL, 0, algo, s2k, 3, NULL, NULL ); if (c->dek) c->dek->algo_info_printed = 1; } diff --git a/g10/passphrase.c b/g10/passphrase.c index f5d301398..84eedc211 100644 --- a/g10/passphrase.c +++ b/g10/passphrase.c @@ -50,11 +50,10 @@ static char *next_pw = NULL; static char *last_pw = NULL; -/* Hash a passphrase using the supplied s2k. If create is true, create - a new salt or what else must be filled into the s2k for a new key. - always needs: dek->algo, s2k->mode, s2k->hash_algo. */ +/* Hash a passphrase using the supplied s2k. + Always needs: dek->algo, s2k->mode, s2k->hash_algo. */ static void -hash_passphrase ( DEK *dek, char *pw, STRING2KEY *s2k, int create ) +hash_passphrase ( DEK *dek, char *pw, STRING2KEY *s2k) { gcry_md_hd_t md; int pass, i; @@ -82,13 +81,6 @@ hash_passphrase ( DEK *dek, char *pw, STRING2KEY *s2k, int create ) int len2 = pwlen + 8; ulong count = len2; - if ( create && !pass ) - { - gcry_randomize (s2k->salt, 8, GCRY_STRONG_RANDOM); - if ( s2k->mode == 3 ) - s2k->count = opt.s2k_count; - } - if ( s2k->mode == 3 ) { count = S2K_DECODE_COUNT(s2k->count); @@ -441,7 +433,9 @@ passphrase_clear_cache ( u32 *keyid, const char *cacheid, int algo ) MODE 0: Allow cached passphrase 1: Ignore cached passphrase - 2: Ditto, but change the text to "repeat entry" + 2: Ditto, but create a new key + 3: Allow cached passphrase; use the S2K salt as the cache ID + 4: Ditto, but create a new key */ DEK * passphrase_to_dek_ext (u32 *keyid, int pubkey_algo, @@ -461,6 +455,7 @@ passphrase_to_dek_ext (u32 *keyid, int pubkey_algo, if ( !s2k ) { + assert (mode != 3 && mode != 4); /* This is used for the old rfc1991 mode * Note: This must match the code in encode.c with opt.rfc1991 set */ s2k = &help_s2k; @@ -468,6 +463,15 @@ passphrase_to_dek_ext (u32 *keyid, int pubkey_algo, s2k->hash_algo = S2K_DIGEST_ALGO; } + /* Create a new salt or what else to be filled into the s2k for a + new key. */ + if ((mode == 2 || mode == 4) && (s2k->mode == 1 || s2k->mode == 3)) + { + gcry_randomize (s2k->salt, 8, GCRY_STRONG_RANDOM); + if ( s2k->mode == 3 ) + s2k->count = opt.s2k_count; + } + /* If we do not have a passphrase available in NEXT_PW and status information are request, we print them now. */ if ( !next_pw && is_status_enabled() ) @@ -565,10 +569,21 @@ passphrase_to_dek_ext (u32 *keyid, int pubkey_algo, } else { + char *cacheid = NULL; + char buf[1+16+1]; + + if ((mode == 3 || mode == 4) && (s2k->mode == 1 || s2k->mode == 3)) + { + memset (buf, 0, sizeof buf); + *buf = 'S'; + bin2hex (s2k->salt, 8, buf + 1); + cacheid = buf; + } + /* Divert to the gpg-agent. */ - pw = passphrase_get ( keyid, mode == 2, NULL, - mode == 2? opt.passwd_repeat: 0, - tryagain_text, custdesc, custprompt, canceled); + pw = passphrase_get (keyid, mode == 2, cacheid, + (mode == 2 || mode == 4)? opt.passwd_repeat : 0, + tryagain_text, custdesc, custprompt, canceled); if (*canceled) { xfree (pw); @@ -585,10 +600,10 @@ passphrase_to_dek_ext (u32 *keyid, int pubkey_algo, get_last_passphrase(). */ dek = xmalloc_secure_clear ( sizeof *dek ); dek->algo = cipher_algo; - if ( !*pw && mode == 2 ) + if ( !*pw && (mode == 2 || mode == 4)) dek->keylen = 0; else - hash_passphrase( dek, pw, s2k, mode==2 ); + hash_passphrase (dek, pw, s2k); xfree(last_pw); last_pw = pw; return dek; diff --git a/po/POTFILES.in b/po/POTFILES.in index 8d574a6e0..9248043f5 100644 --- a/po/POTFILES.in +++ b/po/POTFILES.in @@ -19,6 +19,7 @@ common/miscellaneous.c common/asshelp.c common/audit.c common/helpfile.c +common/gettime.c g10/armor.c g10/build-packet.c diff --git a/sm/ChangeLog b/sm/ChangeLog index 6936128de..150d680a3 100644 --- a/sm/ChangeLog +++ b/sm/ChangeLog @@ -1,3 +1,10 @@ +2009-05-18 Werner Koch + + * server.c (option_handler): New option "no-encrypt-to". + (cmd_encrypt): Make use of it. + + * gpgsm.c: Remove not implemented --verify-files. + 2009-04-02 Werner Koch * keylist.c (list_cert_std): Print card serial number. diff --git a/sm/gpgsm.c b/sm/gpgsm.c index 8a2a1c0b9..cb9aaab44 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -66,7 +66,6 @@ enum cmd_and_opt_values { aDeleteKey, aImport, aVerify, - aVerifyFiles, aListExternalKeys, aListChain, aSendKeys, @@ -191,7 +190,6 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_c (aSym, "symmetric", N_("encryption only with symmetric cipher")), ARGPARSE_c (aDecrypt, "decrypt", N_("decrypt data (default)")), ARGPARSE_c (aVerify, "verify", N_("verify a signature")), - ARGPARSE_c (aVerifyFiles, "verify-files", "@"), ARGPARSE_c (aListKeys, "list-keys", N_("list keys")), ARGPARSE_c (aListExternalKeys, "list-external-keys", N_("list external keys")), @@ -1711,10 +1709,6 @@ main ( int argc, char **argv) } break; - case aVerifyFiles: - log_error (_("this command has not yet been implemented\n")); - break; - case aDecrypt: { FILE *fp = open_fwrite (opt.outfile?opt.outfile:"-"); diff --git a/sm/server.c b/sm/server.c index 6b9eeb82d..dfd4f690f 100644 --- a/sm/server.c +++ b/sm/server.c @@ -51,6 +51,7 @@ struct server_local_s { certlist_t default_recplist; /* As set by main() - don't release. */ int allow_pinentry_notify; /* Set if pinentry notifications should be passed back to the client. */ + int no_encrypt_to; /* Local version of option. */ }; @@ -301,6 +302,10 @@ option_handler (assuan_context_t ctx, const char *key, const char *value) int i = *value? atoi (value) : 0; ctrl->with_ephemeral_keys = i; } + else if (!strcmp (key, "no-encrypt-to")) + { + ctrl->server_local->no_encrypt_to = 1; + } else return gpg_error (GPG_ERR_UNKNOWN_OPTION); @@ -486,7 +491,7 @@ cmd_encrypt (assuan_context_t ctx, char *line) /* Now add all encrypt-to marked recipients from the default list. */ rc = 0; - if (!opt.no_encrypt_to) + if (!opt.no_encrypt_to && !ctrl->server_local->no_encrypt_to) { for (cl=ctrl->server_local->default_recplist; !rc && cl; cl = cl->next) if (cl->is_encrypt_to)