See ChangeLog: Mon May 17 21:54:43 CEST 1999 Werner Koch

2024-10-31 20:08:43 +01:00 · 1999-05-17 20:03:24 +00:00 · 1999-05-17 20:03:24 +00:00 · 3983f30bd2
commit 3983f30bd2
parent a1dcec76c1
24 changed files with 378 additions and 182 deletions
--- a/4
+++ b/4
@ -1,3 +1,7 @@
 Mon May 17 21:54:43 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
 	* configure.in (socket): Fix for Unisys by Katsuhiro Kondou.
 Sat May  8 19:28:08 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
 	* NEWS: Add a marker line which I forgot to do for 0.9.6.
--- a/3
+++ b/3
@ -45,6 +45,7 @@ J
 Jun Kuriyama		kuriyama@sky.rim.or.jp
 Karl Fogel		kfogel@guanabana.onshore.com
 Karsten Thygesen	karthy@kom.auc.dk
 Katsuhiro Kondou	kondou@nec.co.jp
 Kazu Yamamoto		kazu@iijlab.net
 Lars Kellogg-Stedman	lars@bu.edu
 Marco d'Itri            md@linux.it
@ -57,7 +58,7 @@ Max Valianskiy		maxcom@maxcom.ml.org
 Michael Roth		mroth@nessie.de
 Michael Sobolev 	mss@despair.transas.com
 Nicolas Graner		Nicolas.Graner@cri.u-psud.fr
-Niklas Hernaeus 	[Please don't spam him]
+Niklas Hernaeus
 Nimrod Zimerman 	zimerman@forfree.at
 N J Doye		nic@niss.ac.uk
 Oskari Jääskeläinen	f33003a@cc.hut.fi
--- a/3
+++ b/3
@ -1 +1,2 @@
-0.9.6a
+0.9.6b
--- a/cipher/ChangeLog
+++ b/cipher/ChangeLog
@ -1,3 +1,7 @@
 Mon May 17 21:54:43 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
 	* dynload.c (register_internal_cipher_extension): Minor init fix.
 Tue May  4 15:47:53 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
 	* primegen.c (gen_prime): Readded the Fermat test. Fixed the bug
--- a/cipher/dynload.c
+++ b/cipher/dynload.c
@ -170,7 +170,11 @@ register_internal_cipher_extension(
    }
    /* and register */
    el->enumfunc = enumfunc;
  #ifdef HAVE_DL_OPEN
    el->handle = (void*)1;
  #else
    el->handle = 1;
  #endif
    el->next = extensions;
    extensions = el;
 }
--- a/cipher/random.c
+++ b/cipher/random.c
@ -304,10 +304,12 @@ read_pool( byte *buffer, size_t length, int level )
 static void
 add_randomness( const void *buffer, size_t length, int source )
 {
    const byte *p = buffer;
    if( !is_initialized )
 	initialize();
    while( length-- ) {
-	rndpool[pool_writepos++] = *((byte*)buffer)++;
+	rndpool[pool_writepos++] = *p++;
 	if( pool_writepos >= POOLSIZE ) {
 	    if( source > 1 )
 		pool_filled = 1;
--- a/configure.in
+++ b/configure.in
@ -7,6 +7,7 @@ AC_REVISION($Revision$)dnl
 dnl Must reset CDPATH so that bash's cd does not print to stdout
 CDPATH=
 AC_PREREQ(2.13)
 AC_INIT(g10/g10.c)
 AC_CONFIG_AUX_DIR(scripts)
 AM_CONFIG_HEADER(config.h)
@ -221,9 +222,20 @@ if test "$try_gdbm" = yes; then
 AC_CHECK_LIB(gdbm,gdbm_firstkey)
 fi
-dnl Solaris needs -lsocket and -lnsl
+dnl Solaris needs -lsocket and -lnsl. Unisys system includes
-AC_CHECK_LIB(socket, socket)
+dnl gethostbyname in libsocket but needs libnsl for socket.
 AC_CHECK_LIB(nsl, gethostbyname)
 AC_CHECK_LIB(socket, socket, ac_need_libsocket=1, ac_try_nsl=1)
 if test x$ac_need_libsocket = x1; then
    LIBS="$LIBS -lsocket"
 fi
 if test x$ac_try_nsl = x1; then
    AC_CHECK_LIB(nsl, gethostbyname, ac_need_libnsl=1)
    if test x$ac_need_libnsl = x1
    then
        LIBS="$LIBS -lnsl"
    fi
 fi
 if test "$try_dynload" = yes ; then
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,19 @@
 Mon May 17 21:54:43 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
 	* parse-packet.c (parse_encrypted): Support for PKT_ENCRYPTED_MDC.
 	* build-packet.c (do_encrypted_mdc): Ditto.
 	* cipher.c (write_header): Add mdc hashing.
 	(cipher_filter): write out the hash.
 	* mainproc.c (do_proc_packets): Add PKT_ENCRYPTED_MDC.
 	* encr-data.c (decrypt_data): Add mdc hashing.
 	(mdc_decode_filter): New.
 	* parse-packet.c (parse_sig_subpkt): Fixed stupid bug for subpkt
 	length calculation
 	(parse_signature): Fixed even more stupid bug.
 Sat May  8 19:28:08 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
 	* build-packet.c (do_signature): Removed MDC hack.
--- a/g10/build-packet.c
+++ b/g10/build-packet.c
@ -43,6 +43,7 @@ static int do_pubkey_enc( IOBUF out, int ctb, PKT_pubkey_enc *enc );
 static u32 calc_plaintext( PKT_plaintext *pt );
 static int do_plaintext( IOBUF out, int ctb, PKT_plaintext *pt );
 static int do_encrypted( IOBUF out, int ctb, PKT_encrypted *ed );
 static int do_encrypted_mdc( IOBUF out, int ctb, PKT_encrypted *ed );
 static int do_compressed( IOBUF out, int ctb, PKT_compressed *cd );
 static int do_signature( IOBUF out, int ctb, PKT_signature *sig );
 static int do_onepass_sig( IOBUF out, int ctb, PKT_onepass_sig *ops );
@ -74,7 +75,8 @@ build_packet( IOBUF out, PACKET *pkt )
    switch( pkt->pkttype ) {
      case PKT_OLD_COMMENT: pkt->pkttype = PKT_COMMENT; break;
      case PKT_PLAINTEXT: new_ctb = pkt->pkt.plaintext->new_ctb; break;
-      case PKT_ENCRYPTED: new_ctb = pkt->pkt.encrypted->new_ctb; break;
+      case PKT_ENCRYPTED:
      case PKT_ENCRYPTED_MDC: new_ctb = pkt->pkt.encrypted->new_ctb; break;
      case PKT_COMPRESSED:new_ctb = pkt->pkt.compressed->new_ctb; break;
      default: break;
    }
@ -110,6 +112,9 @@ build_packet( IOBUF out, PACKET *pkt )
      case PKT_ENCRYPTED:
 	rc = do_encrypted( out, ctb, pkt->pkt.encrypted );
 	break;
      case PKT_ENCRYPTED_MDC:
 	rc = do_encrypted_mdc( out, ctb, pkt->pkt.encrypted );
 	break;
      case PKT_COMPRESSED:
 	rc = do_compressed( out, ctb, pkt->pkt.compressed );
 	break;
@ -171,7 +176,7 @@ write_fake_data( IOBUF out, MPI a )
 	void *p;
 	p = mpi_get_opaque( a, &i );
-	iobuf_write( a, p, i );
+	iobuf_write( out, p, i );
    }
 }
@ -508,6 +513,24 @@ do_encrypted( IOBUF out, int ctb, PKT_encrypted *ed )
    return rc;
 }
 static int
 do_encrypted_mdc( IOBUF out, int ctb, PKT_encrypted *ed )
 {
    int rc = 0;
    u32 n;
    assert( ed->mdc_method );
    n = ed->len ? (ed->len + 10) : 0;
    write_header(out, ctb, n );
    iobuf_put(out, 1 );  /* version */
    iobuf_put(out, ed->mdc_method );
    /* This is all. The caller has to write the real data */
    return rc;
 }
 static int
 do_compressed( IOBUF out, int ctb, PKT_compressed *cd )
 {
@ -560,6 +583,7 @@ find_subpkt( byte *buffer, sigsubpkttype_t reqtype,
 	    if( buflen < 2 )
 		break;
 	    n = (( n - 192 ) << 8) + *buffer + 192;
 	    buffer++;
 	    buflen--;
 	}
 	if( buflen < n )
--- a/g10/cipher.c
+++ b/g10/cipher.c
@ -46,12 +46,18 @@ write_header( cipher_filter_context_t *cfx, IOBUF a )
    byte temp[18];
    unsigned blocksize;
    unsigned nprefix;
    int use_mdc = opt.force_mdc;
    memset( &ed, 0, sizeof ed );
    ed.len = cfx->datalen;
    ed.new_ctb = !ed.len && !opt.rfc1991;
    if( use_mdc ) {
 	ed.mdc_method = DIGEST_ALGO_SHA1;
 	cfx->mdc_hash = md_open( DIGEST_ALGO_SHA1, 0 );
 	md_start_debug( cfx->mdc_hash, "mdccreat" );
    }
    init_packet( &pkt );
-    pkt.pkttype = PKT_ENCRYPTED;
+    pkt.pkttype = use_mdc? PKT_ENCRYPTED_MDC : PKT_ENCRYPTED;
    pkt.pkt.encrypted = &ed;
    if( build_packet( a, &pkt ))
 	log_bug("build_packet(ENCR_DATA) failed\n");
@ -68,6 +74,8 @@ write_header( cipher_filter_context_t *cfx, IOBUF a )
    cipher_setkey( cfx->cipher_hd, cfx->dek->key, cfx->dek->keylen );
    cipher_setiv( cfx->cipher_hd, NULL, 0 );
 /*  log_hexdump( "prefix", temp, nprefix+2 ); */
    if( cfx->mdc_hash )
 	md_write( cfx->mdc_hash, temp, nprefix+2 );
    cipher_encrypt( cfx->cipher_hd, temp, temp, nprefix+2);
    cipher_sync( cfx->cipher_hd );
    iobuf_write(a, temp, nprefix+2);
@ -75,6 +83,7 @@ write_header( cipher_filter_context_t *cfx, IOBUF a )
 }
 /****************
 * This filter is used to en/de-cipher data with a conventional algorithm
 */
@ -94,11 +103,23 @@ cipher_filter( void *opaque, int control,
 	if( !cfx->header ) {
 	    write_header( cfx, a );
 	}
 	if( cfx->mdc_hash )
 	    md_write( cfx->mdc_hash, buf, size );
 	cipher_encrypt( cfx->cipher_hd, buf, buf, size);
 	if( iobuf_write( a, buf, size ) )
 	    rc = G10ERR_WRITE_FILE;
    }
    else if( control == IOBUFCTRL_FREE ) {
 	if( cfx->mdc_hash ) {
 	    byte *hash;
 	    int hashlen = md_digest_length( md_get_algo( cfx->mdc_hash ) );
 	    md_final( cfx->mdc_hash );
 	    hash = md_read( cfx->mdc_hash, 0 );
 	    cipher_encrypt( cfx->cipher_hd, hash, hash, hashlen );
 	    if( iobuf_write( a, hash, hashlen ) )
 		rc = G10ERR_WRITE_FILE;
 	    md_close( cfx->mdc_hash ); cfx->mdc_hash = NULL;
 	}
 	cipher_close(cfx->cipher_hd);
    }
    else if( control == IOBUFCTRL_DESC ) {
@ -108,5 +129,3 @@ cipher_filter( void *opaque, int control,
 }
--- a/g10/encode.c
+++ b/g10/encode.c
@ -64,6 +64,7 @@ encode_store( const char *filename )
 }
 static int
 encode_simple( const char *filename, int mode )
 {
--- a/g10/encr-data.c
+++ b/g10/encr-data.c
@ -34,13 +34,18 @@
 static int decode_filter( void *opaque, int control, IOBUF a,
 					byte *buf, size_t *ret_len);
 static int mdc_decode_filter( void *opaque, int control, IOBUF a,
 					byte *buf, size_t *ret_len);
 typedef struct {
    CIPHER_HANDLE cipher_hd;
    MD_HANDLE mdc_hash;
    char defer[20];
    int  defer_filled;
    int  eof_seen;
 } decode_filter_ctx_t;
 /****************
 * Decrypt the data, specified by ED with the key DEK.
 */
@ -49,11 +54,12 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
 {
    decode_filter_ctx_t dfx;
    byte *p;
-    int rc, c, i;
+    int rc=0, c, i;
    byte temp[32];
    unsigned blocksize;
    unsigned nprefix;
    memset( &dfx, 0, sizeof dfx );
    if( opt.verbose ) {
 	const char *s = cipher_algo_to_string( dek->algo );
 	if( s )
@ -62,7 +68,7 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
 	    log_info(_("encrypted with unknown algorithm %d\n"), dek->algo );
    }
    if( (rc=check_cipher_algo(dek->algo)) )
-	return rc;
+	goto leave;
    blocksize = cipher_get_blocksize(dek->algo);
    if( !blocksize || blocksize > 16 )
 	log_fatal("unsupported blocksize %u\n", blocksize );
@ -70,14 +76,18 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
    if( ed->len && ed->len < (nprefix+2) )
 	BUG();
    if( ed->mdc_method )
 	dfx.mdc_hash = md_open( ed->mdc_method, 0 );
    dfx.cipher_hd = cipher_open( dek->algo, CIPHER_MODE_AUTO_CFB, 1 );
 /* log_hexdump( "thekey", dek->key, dek->keylen );*/
    rc = cipher_setkey( dfx.cipher_hd, dek->key, dek->keylen );
    if( rc == G10ERR_WEAK_KEY )
 	log_info(_("WARNING: message was encrypted with "
 		    "a weak key in the symmetric cipher.\n"));
-    else if( rc )
+    else if( rc ) {
 	log_error("key setup failed: %s\n", g10_errstr(rc) );
 	goto leave;
    }
    cipher_setiv( dfx.cipher_hd, NULL, 0 );
@ -97,18 +107,108 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
 		temp[i] = c;
    }
    cipher_decrypt( dfx.cipher_hd, temp, temp, nprefix+2);
    if( dfx.mdc_hash )
 	md_write( dfx.mdc_hash, temp, nprefix+2 );
    cipher_sync( dfx.cipher_hd );
    p = temp;
 /* log_hexdump( "prefix", temp, nprefix+2 ); */
    if( p[nprefix-2] != p[nprefix] || p[nprefix-1] != p[nprefix+1] ) {
-	cipher_close(dfx.cipher_hd);
+	rc = G10ERR_BAD_KEY;
-	return G10ERR_BAD_KEY;
+	goto leave;
    }
    if( ed->mdc_method )
 	iobuf_push_filter( ed->buf, mdc_decode_filter, &dfx );
    else
 	iobuf_push_filter( ed->buf, decode_filter, &dfx );
    proc_packets( procctx, ed->buf);
    ed->buf = NULL;
    if( ed->mdc_method && dfx.eof_seen == 2 )
 	rc = G10ERR_INVALID_PACKET;
    else if( ed->mdc_method ) { /* check the mdc */
 	int datalen = md_digest_length( ed->mdc_method );
 	md_final( dfx.mdc_hash );
 	if( datalen != 20
 	    || memcmp(md_read( dfx.mdc_hash, 0 ), dfx.defer, datalen) )
 	    rc = G10ERR_BAD_SIGN;
 	log_hexdump("MDC calculated:", md_read( dfx.mdc_hash, 0), datalen);
 	log_hexdump("MDC message   :", dfx.defer, 20);
    }
  leave:
    cipher_close(dfx.cipher_hd);
-    return 0;
+    md_close( dfx.mdc_hash );
    return rc;
 }
 /* I think we should merge this with cipher_filter */
 static int
 mdc_decode_filter( void *opaque, int control, IOBUF a,
 					      byte *buf, size_t *ret_len)
 {
    decode_filter_ctx_t *dfx = opaque;
    size_t n, size = *ret_len;
    int rc = 0;
    int c;
    if( control == IOBUFCTRL_UNDERFLOW && dfx->eof_seen ) {
 	*ret_len = 0;
 	rc = -1;
    }
    else if( control == IOBUFCTRL_UNDERFLOW ) {
 	assert(a);
 	assert( size > 40 );
 	/* get at least 20 bytes and put it somewhere ahead in the buffer */
 	for(n=20; n < 40 ; n++ ) {
 	    if( (c = iobuf_get(a)) == -1 )
 		break;
 	    buf[n] = c;
 	}
 	if( n == 40 ) {
 	    /* we have enough stuff - flush the deferred stuff */
 	    /* (we have asserted that the buffer is large enough */
 	    if( !dfx->defer_filled ) /* the first time */
 		memcpy(buf, buf+20, 20 );
 	    else
 		memcpy(buf, dfx->defer, 20 );
 	    /* now fill up */
 	    for(; n < size; n++ ) {
 		if( (c = iobuf_get(a)) == -1 )
 		    break;
 		buf[n] = c;
 	    }
 	    /* move the last 20 bytes back to the defer buffer */
 	    /* (okay, we are wasting 20 bytes of supplied buffer) */
 	    n -= 20;
 	    memcpy( dfx->defer, buf+n, 20 );
 	    dfx->defer_filled = 1;
 	}
 	else if( !dfx->defer_filled ) { /* eof seen buf empty defer */
 	    /* this is very bad because there is an incomplete hash */
 	    n -= 20;
 	    memcpy(buf, buf+20, n );
 	    dfx->eof_seen = 2; /* eof with incomplete hash */
 	}
 	else { /* eof seen */
 	    memcpy(buf, dfx->defer, 20 );
 	    n -= 20;
 	    memcpy( dfx->defer, buf+n, 20 );
 	    dfx->eof_seen = 1; /* normal eof */
 	}
 	if( n ) {
 	    cipher_decrypt( dfx->cipher_hd, buf, buf, n);
 	    md_write( dfx->mdc_hash, buf, n );
 	}
 	else {
 	    assert( dfx->eof_seen );
 	    rc = -1; /* eof */
 	}
 	*ret_len = n;
    }
    else if( control == IOBUFCTRL_DESC ) {
 	*(char**)buf = "mdc_decode_filter";
    }
    return rc;
 }
 static int
@ -139,4 +239,3 @@ decode_filter( void *opaque, int control, IOBUF a, byte *buf, size_t *ret_len)
    return rc;
 }
--- a/g10/filter.h
+++ b/g10/filter.h
@ -76,6 +76,7 @@ typedef struct {
    u32 datalen;
    CIPHER_HANDLE cipher_hd;
    int header;
    MD_HANDLE mdc_hash;
 } cipher_filter_context_t;
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@ -1,4 +1,4 @@
-/* mainproc.c - handle packets
+/* maPPPPinproc.c - handle packets
 *	Copyright (C) 1998, 1999 Free Software Foundation, Inc.
 *
 * This file is part of GnuPG.
@ -44,7 +44,7 @@
 */
 typedef struct mainproc_context *CTX;
 struct mainproc_context {
-    struct mainproc_context *anchor;
+    struct mainproc_context *anchor;  /* may be useful in the future */
    PKT_public_key *last_pubkey;
    PKT_secret_key *last_seckey;
    PKT_user_id     *last_user_id;
@ -60,7 +60,6 @@ struct mainproc_context {
    IOBUF iobuf;    /* used to get the filename etc. */
    int trustletter; /* temp usage in list_node */
    ulong local_id;    /* ditto */
    int is_encrypted;  /* used to check the MDC */
 };
@ -229,7 +228,6 @@ proc_encrypted( CTX c, PACKET *pkt )
    int result = 0;
    /*log_debug("dat: %sencrypted data\n", c->dek?"":"conventional ");*/
    c->is_encrypted = 1;
    if( !c->dek && !c->last_was_session_key ) {
 	/* assume this is old conventional encrypted data */
 	c->dek = passphrase_to_dek( NULL,
@ -247,6 +245,12 @@ proc_encrypted( CTX c, PACKET *pkt )
 	write_status( STATUS_DECRYPTION_OKAY );
 	if( opt.verbose > 1 )
 	    log_info(_("decryption okay\n"));
 	if( pkt->pkt.encrypted->mdc_method )
 	    write_status( STATUS_GOODMDC );
    }
    else if( result == G10ERR_BAD_SIGN ) {
 	log_error(_("WARNING: encrypted message has been manipulated!\n"));
 	write_status( STATUS_BADMDC );
    }
    else {
 	write_status( STATUS_DECRYPTION_FAILED );
@ -259,6 +263,7 @@ proc_encrypted( CTX c, PACKET *pkt )
 }
 static void
 proc_plaintext( CTX c, PACKET *pkt )
 {
@ -353,16 +358,6 @@ proc_compressed( CTX c, PACKET *pkt )
    c->last_was_session_key = 0;
 }
 static int
 is_encrypted( CTX c )
 {
    for( ; c; c = c->anchor ) {
 	if( c->is_encrypted )
 	    return 1;
    }
    return 0;
 }
 /****************
 * check the signature
 * Returns: 0 = valid signature or an error code
@ -763,7 +758,8 @@ do_proc_packets( CTX c, IOBUF a )
 	    switch( pkt->pkttype ) {
 	      case PKT_PUBKEY_ENC:  proc_pubkey_enc( c, pkt ); break;
 	      case PKT_SYMKEY_ENC:  proc_symkey_enc( c, pkt ); break;
-	      case PKT_ENCRYPTED:   proc_encrypted( c, pkt ); break;
+	      case PKT_ENCRYPTED:
 	      case PKT_ENCRYPTED_MDC: proc_encrypted( c, pkt ); break;
 	      case PKT_COMPRESSED:  proc_compressed( c, pkt ); break;
 	      default: newpkt = 0; break;
 	    }
@ -776,6 +772,7 @@ do_proc_packets( CTX c, IOBUF a )
 	      case PKT_SYMKEY_ENC:
 	      case PKT_PUBKEY_ENC:
 	      case PKT_ENCRYPTED:
 	      case PKT_ENCRYPTED_MDC:
 		rc = G10ERR_UNEXPECTED;
 		goto leave;
 	      case PKT_SIGNATURE:   newpkt = add_signature( c, pkt ); break;
@ -795,7 +792,8 @@ do_proc_packets( CTX c, IOBUF a )
 	      case PKT_SIGNATURE:   newpkt = add_signature( c, pkt ); break;
 	      case PKT_SYMKEY_ENC:  proc_symkey_enc( c, pkt ); break;
 	      case PKT_PUBKEY_ENC:  proc_pubkey_enc( c, pkt ); break;
-	      case PKT_ENCRYPTED:   proc_encrypted( c, pkt ); break;
+	      case PKT_ENCRYPTED:
 	      case PKT_ENCRYPTED_MDC: proc_encrypted( c, pkt ); break;
 	      case PKT_PLAINTEXT:   proc_plaintext( c, pkt ); break;
 	      case PKT_COMPRESSED:  proc_compressed( c, pkt ); break;
 	      case PKT_ONEPASS_SIG: newpkt = add_onepass_sig( c, pkt ); break;
@ -818,7 +816,8 @@ do_proc_packets( CTX c, IOBUF a )
 	      case PKT_SIGNATURE:   newpkt = add_signature( c, pkt ); break;
 	      case PKT_PUBKEY_ENC:  proc_pubkey_enc( c, pkt ); break;
 	      case PKT_SYMKEY_ENC:  proc_symkey_enc( c, pkt ); break;
-	      case PKT_ENCRYPTED:   proc_encrypted( c, pkt ); break;
+	      case PKT_ENCRYPTED:
 	      case PKT_ENCRYPTED_MDC: proc_encrypted( c, pkt ); break;
 	      case PKT_PLAINTEXT:   proc_plaintext( c, pkt ); break;
 	      case PKT_COMPRESSED:  proc_compressed( c, pkt ); break;
 	      case PKT_ONEPASS_SIG: newpkt = add_onepass_sig( c, pkt ); break;
@ -855,22 +854,6 @@ do_proc_packets( CTX c, IOBUF a )
 }
 #if 0 /* old MDC hack code preserved to reuse the messages later */
 	if( !rc ) {
 	    if( opt.verbose )
 		log_info(_("encrypted message is valid\n"));
 	    write_status( STATUS_GOODMDC );
 	}
 	else if( rc == G10ERR_BAD_SIGN ) {
 	    log_error(_("WARNING: encrypted message has been manipulated!\n"));
 	    write_status( STATUS_BADMDC );
 	}
 	else {
 	    write_status( STATUS_ERRMDC );
 	    log_error(_("Can't check MDC: %s\n"), g10_errstr(rc) );
 	}
 #endif
 static int
 check_sig_and_print( CTX c, KBNODE node )
 {
--- a/g10/packet.h
+++ b/g10/packet.h
@ -46,7 +46,8 @@ typedef enum {
 	PKT_USER_ID	  =13, /* user id packet */
 	PKT_PUBLIC_SUBKEY =14, /* public subkey (OpenPGP) */
 	PKT_OLD_COMMENT   =16, /* comment packet from an OpenPGP draft */
-	PKT_COMMENT	  =61  /* new comment packet (private) */
+	PKT_COMMENT	  =61, /* new comment packet (private) */
 	PKT_ENCRYPTED_MDC =62, /* test: encrypted data with MDC */
 } pkttype_t;
 typedef struct packet_struct PACKET;
@ -166,7 +167,8 @@ typedef struct {
 typedef struct {
    u32  len;		  /* length of encrypted data */
-    byte  new_ctb;
+    byte new_ctb;	  /* uses a new CTB */
    byte mdc_method;	  /* test: > 0: this is is an encrypted_mdc packet */
    IOBUF buf;		  /* IOBUF reference */
 } PKT_encrypted;
@ -180,6 +182,7 @@ typedef struct {
    char name[1];
 } PKT_plaintext;
 /* combine all packets into a union */
 struct packet_struct {
    pkttype_t pkttype;
@ -194,7 +197,7 @@ struct packet_struct {
 	PKT_comment	*comment;	/* PKT_COMMENT */
 	PKT_user_id	*user_id;	/* PKT_USER_ID */
 	PKT_compressed	*compressed;	/* PKT_COMPRESSED */
-	PKT_encrypted	*encrypted;	/* PKT_ENCRYPTED */
+	PKT_encrypted	*encrypted;	/* PKT_ENCRYPTED[_MDC] */
 	PKT_plaintext	*plaintext;	/* PKT_PLAINTEXT */
    } pkt;
 };
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@ -71,7 +71,6 @@ static int  parse_compressed( IOBUF inp, int pkttype, unsigned long pktlen,
 static int  parse_encrypted( IOBUF inp, int pkttype, unsigned long pktlen,
 					       PACKET *packet, int new_ctb);
 static unsigned short
 read_16(IOBUF inp)
 {
@ -432,6 +431,7 @@ parse( IOBUF inp, PACKET *pkt, int reqtype, ulong *retpos,
 	rc = parse_compressed(inp, pkttype, pktlen, pkt, new_ctb );
 	break;
      case PKT_ENCRYPTED:
      case PKT_ENCRYPTED_MDC:
 	rc = parse_encrypted(inp, pkttype, pktlen, pkt, new_ctb );
 	break;
      default:
@ -852,6 +852,7 @@ parse_sig_subpkt( const byte *buffer, sigsubpkttype_t reqtype, size_t *ret_n )
 	    if( buflen < 2 )
 		goto too_short;
 	    n = (( n - 192 ) << 8) + *buffer + 192;
 	    buffer++;
 	    buflen--;
 	}
 	if( buflen < n )
@ -966,7 +967,7 @@ parse_signature( IOBUF inp, int pkttype, unsigned long pktlen,
 	}
 	if( n ) {
 	    sig->hashed_data = m_alloc( n + 2 );
-	    sig->hashed_data[0] = n << 8;
+	    sig->hashed_data[0] = n >> 8;
 	    sig->hashed_data[1] = n;
 	    if( iobuf_read(inp, sig->hashed_data+2, n ) != n ) {
 		log_error("premature eof while reading hashed signature data\n");
@ -983,7 +984,7 @@ parse_signature( IOBUF inp, int pkttype, unsigned long pktlen,
 	}
 	if( n ) {
 	    sig->unhashed_data = m_alloc( n + 2 );
-	    sig->unhashed_data[0] = n << 8;
+	    sig->unhashed_data[0] = n >> 8;
 	    sig->unhashed_data[1] = n;
 	    if( iobuf_read(inp, sig->unhashed_data+2, n ) != n ) {
 		log_error("premature eof while reading unhashed signature data\n");
@ -1536,6 +1537,25 @@ parse_encrypted( IOBUF inp, int pkttype, unsigned long pktlen,
    ed->len = pktlen;
    ed->buf = NULL;
    ed->new_ctb = new_ctb;
    ed->mdc_method = 0;
    if( pkttype == PKT_ENCRYPTED_MDC ) {
 	/* test: this is the new encrypted_mdc packet */
 	/* fixme: add some pktlen sanity checks */
 	int version, method;
 	version = iobuf_get_noeof(inp); pktlen--;
 	if( version != 1 ) {
 	    log_error("encrypted_mdc packet with unknown version %d\n",
 								version);
 	    goto leave;
 	}
 	method = iobuf_get_noeof(inp); pktlen--;
 	if( method != DIGEST_ALGO_SHA1 ) {
 	    log_error("encrypted_mdc does not use SHA1 method\n" );
 	    goto leave;
 	}
 	ed->mdc_method = method;
    }
    if( pktlen && pktlen < 10 ) { /* actually this is blocksize+2 */
 	log_error("packet(%d) too short\n", pkttype);
 	skip_rest(inp, pktlen);
@ -1546,6 +1566,8 @@ parse_encrypted( IOBUF inp, int pkttype, unsigned long pktlen,
 	    printf(":encrypted data packet:\n\tlength: %lu\n", pktlen);
 	else
 	    printf(":encrypted data packet:\n\tlength: unknown\n");
 	if( ed->mdc_method )
 	    printf("\tmdc_method: %d\n", ed->mdc_method );
    }
    ed->buf = inp;
@ -1555,5 +1577,3 @@ parse_encrypted( IOBUF inp, int pkttype, unsigned long pktlen,
    return 0;
 }
--- a/include/util.h
+++ b/include/util.h
@ -62,7 +62,7 @@ void log_set_name( const char *name );
 const char *log_get_name(void);
 void log_set_pid( int pid );
 int  log_get_errorcount( int clear );
-void g10_log_hexdump( const char *text, char *buf, size_t len );
+void g10_log_hexdump( const char *text, const char *buf, size_t len );
 void g10_log_mpidump( const char *text, MPI a );
 #if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 5 )
--- a/po/ChangeLog
+++ b/po/ChangeLog
@ -1,3 +1,7 @@
 Mon May 17 21:54:43 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
 	* de.po, de.glo:  New version from Walter.
 Wed Apr  7 20:51:39 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
 	* fr.po: Imported new version.
--- a/po/de.glo
+++ b/po/de.glo
@ -5,15 +5,19 @@
 # It will _not_ be read or processed automatically by any program 
 ........		Authentisierung
 aka			alias
 algorithm		Verfahren          
 anonymous		ungenannter
 argument
 armor			ASCII-Hülle
 available		vorhanden [besser?: verfügbar]
 bad [signature]		falsch[e] Unterschrift 
 bad [MPI]		fehlerhafte MPI 
 bug			"Bug (Programmfehler)"
 cache			Lager [ ob das ernst gemeint ist? :-) ]
 certificate		Zertifikat
 character set		Zeichensatz
 check (verb)		pr|fen, gepr|ft
 checksum		Prüfsumme
 cipher algorithm	Verschlüsselungsverfahren
 clearsig header		Klartextsignatur-Einleitung
@ -21,31 +25,39 @@ command 		Befehl
 compress algorithm	Komprimierverfahren *
 core dump		core-dump-Datei
 corrupted		beschädigter
 critical bit		???
 dash escaped 		mit Bindestrich \"escapte\" 
 decryption		Enschlüsselung
 DEK 			???
 delete			entfernen
-depreciated		nicht viel wert
+depreciated		taugt nicht mehr viel
 digest algorithm	Hashmethode
 disabled		abgeschaltet
 encrypted		verschlüsselte
 expire date		Verfallsdatum
 failed			fehlgeschlagen
 faked [RNG]		
 fingerprint  		Fingerabdruck
 for-your-eyes-only	Vertraulichkeit (\"for-your-eyes-only\")
 generated		erzeugter
 good certificate	Korrektes Zertifikat
 handle			benutzt
 hint			Tip
 init			-
 key-ID			Schlüssel-ID
 key binding		Schlüsselanbindung
 keyblock		Schlüsselblock
 keyring 		Schlüsselbund
 keyserver               - Schl€sselserver
 lookup			- Suche
 main key		Hauptschlüssel
 maintenance utility	Wartungs-Hilfsprogramm
 malformed		ungünstig aufgebaute
 MDC			Manipulation detection code (Siegel ?)
 message 		Botschaft
 mode			Modus, Methode   *
 move			schieben
 network error		Netzwerkfehler
 note			Hinweis
 okay			in Ordnung
 Ooops			Huch
@ -62,9 +74,14 @@ protection algorithm	Schutzverfahren
 pubkey algorithm	Public-Key Verfahren	 (*)
 public key		öffentlicher Schüssel
 public key algorithm 	Public-Key Verfahren
 quit
 radix64			radix64
-retry			????
+random 			Zufall
-revo... 		Widerruf
+random bytes		Zufallswerte
 retry			???? (Wiederholung?, Wiederaufnahme?)
 revoke			widerrufen
 revocation 		Widerruf
 RNG			Zufallsgenerator
 secondary key		Zweitschlüssel
 secret key		geheimer Schlüssel
 self-signature		Eigenbeglaubigung     
@ -75,7 +92,8 @@ signature (keys)	Beglaubigung	      *
 simple S2K mode		????
 skipped			übergangen, übersprungen, ignoriert
 stdin			- stdin                 
-terminal charset	Terminalzeichensatz
+subkey			Unterschlüssel
 terminal charset 	- Terminalzeichensatz
 throw			verwerfe
 Timestamp conflict	Zeitangaben differieren
 Trust-DB		'Trust'-Datenbank
@ -89,11 +107,9 @@ User			- User
 user ID 		User-ID
 user IDs		User-IDs
 username		Username
-untrusted		- nichtvertruenswürdigen
+untrusted		- nichtvertruenswürdig 
 warning			Warnung
 weak key		unsicherer Schlüssel
 (*) Uneinheitlich verwendet
  -  Gefällt mir nicht so toll
--- a/po/de.po
+++ b/po/de.po
@ -3,22 +3,13 @@
 # Walter Koch <walterk@dip.de>, 1998.
 msgid ""
 msgstr ""
-"POT-Creation-Date: 1999-05-06 13:37+0200\n"
+"POT-Creation-Date: 1999-05-08 17:55+0200\n"
-"PO-Revision-Date: 1999-03-08 13:34+0100\n"
+"PO-Revision-Date: 1999-05-08 20:24+0200\n"
 "Last-Translator: Walter Koch <walterk@mail.dip.de>\n"
 "Language-Team: German <de@li.org>\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=iso-8859-1\n"
 "Content-Transfer-Encoding: 8bit\n"
 "Date: 1998-01-26 22:08:36+0100\n"
 "From: Werner Koch <wk@frodo>\n"
 "Xgettext-Options: --default-domain=gnupg --directory=.. --add-comments "
 "--keyword=_ --keyword=N_ --files-from=./POTFILES.in\n"
 "Files: util/secmem.c util/argparse.c cipher/random.c cipher/rand-dummy.c "
 "cipher/rand-unix.c cipher/rand-w32.c g10/g10.c g10/pkclist.c g10/keygen.c "
 "g10/decrypt.c g10/encode.c g10/import.c g10/keyedit.c g10/keylist.c "
 "g10/mainproc.c g10/passphrase.c g10/plaintext.c g10/pref.c g10/seckey-cert.c "
 "g10/sig-check.c g10/sign.c g10/trustdb.c g10/verify.c\n"
 #: util/secmem.c:76
 msgid "Warning: using insecure memory!\n"
@ -232,9 +223,8 @@ msgid "network error"
 msgstr "Netzwerkfehler"
 #: util/errors.c:102
 #, fuzzy
 msgid "not encrypted"
-msgstr "%s verschlüsselte Daten\n"
+msgstr "nicht verschlüsselt"
 #: util/logger.c:178
 #, c-format
@ -249,7 +239,7 @@ msgstr "Sie haben eine Bug (Programmfehler) gefunden ... (%s:%d)\n"
 #: cipher/random.c:408
 msgid "WARNING: using insecure random number generator!!\n"
 msgstr ""
-"WARNUNG: Der Zufallszahlengenerator erzeugt keine echten Zufallszahlen!\n"
+"WARNUNG: Der Zufallsgenerator erzeugt keine echten Zufallszahlen!\n"
 #: cipher/random.c:409
 msgid ""
@ -259,7 +249,7 @@ msgid ""
 "DON'T USE ANY DATA GENERATED BY THIS PROGRAM!!\n"
 "\n"
 msgstr ""
-"Der Zufallszahlengenerator (RNG) ist lediglich ein \"kludge\", damit das\n"
+"Der Zufallsgenerator (RNG) ist lediglich ein \"kludge\", damit das\n"
 "Programms überhaupt läuft - es ist KEINESFALLS ein starker RNG!\n"
 "\n"
 "BENUTZEN SIE DIE DURCH DIESES PROGRAMM ERZEUGTEN DATEN NICHT!\n"
@ -362,9 +352,8 @@ msgid "export keys to a key server"
 msgstr "Schlüssel zu einem Schlüsselserver exportieren"
 #: g10/g10.c:185
 #, fuzzy
 msgid "import keys from a key server"
-msgstr "Schlüssel zu einem Schlüsselserver exportieren"
+msgstr "Schlüssel von einem Schlüsselserver importieren"
 #: g10/g10.c:188
 msgid "import/merge keys"
@ -457,9 +446,8 @@ msgid "force v3 signatures"
 msgstr "v3 Signaturen erzwingen"
 #: g10/g10.c:224
 #, fuzzy
 msgid "always use a MDC for encryption"
-msgstr "Verschlüsseln für diese User-ID"
+msgstr "Beim Verschlüssen ein Siegel (MDC) verwenden"
 #: g10/g10.c:225
 msgid "do not make any changes"
@ -491,7 +479,7 @@ msgstr "|NAME|NAME als voreingestellten Schl
 #: g10/g10.c:232
 msgid "|HOST|use this keyserver to lookup keys"
-msgstr "|HOST|diesen Schlüsselserver zur Suche verwenden"
+msgstr "|HOST|Schlüssel bei diesen Server nachschlagen"
 #: g10/g10.c:233
 msgid "|NAME|set terminal charset to NAME"
@ -823,7 +811,7 @@ msgid ""
 "quoted printable character in armor - probably a buggy MTA has been used\n"
 msgstr ""
 "\"quoted printable\" Zeichen in der ASCII-Hülle gefunden - möglicherweise\n"
-" war ein fehlerhafter E-Mail-Spediteur(\"MTA\") die Ursache\n"
+" war ein fehlerhafter E-Mail-Transporter(\"MTA\") die Ursache\n"
 #: g10/pkclist.c:137
 #, c-format
@ -924,9 +912,9 @@ msgid "Use this key anyway? "
 msgstr "Diesen Schlüssel trotzdem benutzen?"
 #: g10/pkclist.c:291
-#, fuzzy, c-format
+#, c-format
 msgid "key %08lX: subkey has been revoked!\n"
-msgstr "Schlüssel %08lX: Schlüssel wurde widerrufen\n"
+msgstr "Schlüssel %08lX: Unterschlüssel wurde widerrufen\n"
 #: g10/pkclist.c:321
 #, c-format
@ -989,9 +977,8 @@ msgid "         This could mean that the signature is forgery.\n"
 msgstr "         Das könnte bedeuten, daß die Signatur gefälscht ist.\n"
 #: g10/pkclist.c:452
 #, fuzzy
 msgid "WARNING: This subkey has been revoked by its owner!\n"
-msgstr "WARNUNG: Dieser Schlüssel wurde von seinem Besitzer widerrufen!\n"
+msgstr "WARNUNG: Dieser Unterschlüssel wurde von seinem Besitzer widerrufen!\n"
 #: g10/pkclist.c:473
 msgid "Note: This key has expired!\n"
@ -1144,9 +1131,9 @@ msgstr "zu kurz; 768 ist die kleinste m
 #. * you start a discussion with Marvin about this theme and then
 #. * do whatever you want.
 #: g10/keygen.c:466
-#, fuzzy, c-format
+#, c-format
 msgid "keysize too large; %d is largest value allowed.\n"
-msgstr "zu kurz; 768 ist die kleinste mögliche Schlüssellänge.\n"
+msgstr "Schüsselgröße zu hoch; %d ist der Maximalwert.\n"
 #: g10/keygen.c:471
 msgid ""
@ -1271,7 +1258,7 @@ msgstr "Ung
 #: g10/keygen.c:669
 #, c-format
 msgid "You are using the `%s' character set.\n"
-msgstr ""
+msgstr "Sie benutzen den Zeichensatz `%s'\n"
 #: g10/keygen.c:675
 #, c-format
@ -1318,16 +1305,15 @@ msgstr ""
 "\n"
 #: g10/keygen.c:775
 #, fuzzy
 msgid ""
 "We need to generate a lot of random bytes. It is a good idea to perform\n"
 "some other action (type on the keyboard, move the mouse, utilize the\n"
 "disks) during the prime generation; this gives the random number\n"
 "generator a better chance to gain enough entropy.\n"
 msgstr ""
-"Wir müßen eine ganze Menge Zufallszahlen erzeugen.  Sie können dies\n"
+"Wir müssen eine ganze Menge Zufallswerte erzeugen.  Sie können dies\n"
 "unterstützen, indem Sie z.B. in einem anderen Fenster/Konsole irgendetwas\n"
-"tippen oder irgendwelche anderen Programme benutzen.\n"
+"tippen, die Maus verwenden oder irgendwelche anderen Programme benutzen.\n"
 #: g10/keygen.c:845
 msgid "Key generation can only be used in interactive mode\n"
@ -1717,9 +1703,9 @@ msgstr "Schl
 #. * the secret key used to create this signature - it
 #. * seems that this makes sense
 #: g10/import.c:812
-#, fuzzy, c-format
+#, c-format
 msgid "key %08lX: non exportable signature (class %02x) - skipped\n"
-msgstr "Schlüssel %08lX: Widerrufzertifikat an falschem Platz - übergangen\n"
+msgstr "Schlüssel %08lX: Nicht exportfähige Unterschrift - übergangen\n"
 #: g10/import.c:821
 #, c-format
@ -1748,7 +1734,7 @@ msgstr "%s: Benutzer nicht gefunden\n"
 #: g10/keyedit.c:177
 msgid "[revocation]"
-msgstr ""
+msgstr "[Widerruf]"
 #: g10/keyedit.c:178
 msgid "[self-signature]"
@ -1756,7 +1742,7 @@ msgstr "[Eigenbeglaubigung]"
 #: g10/keyedit.c:196
 msgid "1 bad signature\n"
-msgstr "%d schlechte Signaturen\n"
+msgstr "1 falsche Beglaubigung\n"
 #: g10/keyedit.c:198
 #, c-format
@ -1815,6 +1801,8 @@ msgid ""
 "The signature will be marked as non-exportable.\n"
 "\n"
 msgstr ""
 "Die Unterschrift wird als nicht exportfähig markiert werden.\n"
 "\n"
 #: g10/keyedit.c:321
 msgid "Really sign? "
@ -1951,14 +1939,12 @@ msgid "s"
 msgstr "s"
 #: g10/keyedit.c:549
 #, fuzzy
 msgid "lsign"
-msgstr "sign"
+msgstr "lsign"
 #: g10/keyedit.c:549
 #, fuzzy
 msgid "sign the key locally"
-msgstr "Den Schlüssel signieren"
+msgstr "Den Schlüssel nur auf diesem Rechner signieren"
 #: g10/keyedit.c:550
 msgid "debug"
@ -2046,9 +2032,8 @@ msgid "revsig"
 msgstr "sign"
 #: g10/keyedit.c:562
 #, fuzzy
 msgid "revoke signatures"
-msgstr "v3 Signaturen erzwingen"
+msgstr "Signaturen widerrufen"
 #: g10/keyedit.c:563
 #, fuzzy
@ -2056,9 +2041,8 @@ msgid "revkey"
 msgstr "key"
 #: g10/keyedit.c:563
 #, fuzzy
 msgid "revoke a secondary key"
-msgstr "Einen Zweitschlüssel entfernen"
+msgstr "Einen Zweitschlüssel widerrufen"
 #: g10/keyedit.c:582
 msgid "can't do that in batchmode\n"
@ -2142,14 +2126,12 @@ msgid "Do you really want to delete this key? "
 msgstr "Möchten Sie diesen Schlüssel wirklich entfernen? "
 #: g10/keyedit.c:842
 #, fuzzy
 msgid "Do you really want to revoke the selected keys? "
-msgstr "Möchten Sie die ausgewählten Schlüssel wirklich entfernen? "
+msgstr "Möchten Sie die ausgewählten Schlüssel wirklich widerrufen? "
 #: g10/keyedit.c:843
 #, fuzzy
 msgid "Do you really want to revoke this key? "
-msgstr "Möchten Sie diesen Schlüssel wirklich entfernen? "
+msgstr "Möchten Sie diesen Schlüssel wirklich wiederrufen? "
 #: g10/keyedit.c:897
 msgid "Invalid command  (try \"help\")\n"
@ -2190,36 +2172,34 @@ msgid "No secondary key with index %d\n"
 msgstr "Kein Zweitschlüssel mit Index %d\n"
 #: g10/keyedit.c:1562
 #, fuzzy
 msgid "user ID: \""
-msgstr "Geben Sie die User-ID ein: "
+msgstr "User-ID: \""
 #: g10/keyedit.c:1565
 #, fuzzy, c-format
 msgid ""
 "\"\n"
 "signed with your key %08lX at %s\n"
-msgstr "Nichts zu beglaubigen für Schlüssel %08lX\n"
+msgstr ""
 "\"\n"
 "unterschrieben mit Ihrem Schlüssel %08lX um %s\n"
 #: g10/keyedit.c:1569
 #, fuzzy
 msgid "Create a revocation certificate for this signature? (y/N)"
-msgstr "Ein Schlüsselwiderruf-Zertifikat erzeugen"
+msgstr "Ein Widerrufszertifikat für diese Unterschrift erzeugen (j/N)"
 #: g10/keyedit.c:1649
 #, fuzzy
 msgid "Really create the revocation certificates? (y/N)"
-msgstr "Ein Schlüsselwiderruf-Zertifikat erzeugen"
+msgstr "Wirklich ein Unterschrift-Widerrufszertifikat erzeugen? (j/N) "
 #: g10/keyedit.c:1672
 #, fuzzy
 msgid "no secret key\n"
-msgstr "Falscher geheimer Schlüssel"
+msgstr "Kein geheimer Schlüssel\n"
 #: g10/mainproc.c:185
-#, fuzzy, c-format
+#, c-format
 msgid "public key is %08lX\n"
-msgstr "Öffentlicher Schlüssel nicht gefunden"
+msgstr "Öffentlicher Schlüssel ist %08lX\n"
 #: g10/mainproc.c:213
 msgid "public key encrypted data: good DEK\n"
@ -2264,18 +2244,17 @@ msgid "Signature made %.*s using %s key ID %08lX\n"
 msgstr "Unterschrift vom %.*s, %s Schlüssel ID %08lX\n"
 #: g10/mainproc.c:895
 #, fuzzy
 msgid "encrypted message is valid\n"
-msgstr "Das ausgewählte Hashverfahren ist ungültig\n"
+msgstr "verschlüsselte Botschaft ist gültig\n"
 #: g10/mainproc.c:899
 msgid "WARNING: encrypted message has been manipulated!\n"
-msgstr ""
+msgstr "Warnung: Verschlüsselte Botschaft ist manipuliert worden!\n"
 #: g10/mainproc.c:904
-#, fuzzy, c-format
+#, c-format
 msgid "Can't check MDC: %s\n"
-msgstr "Unterschrift kann nicht geprüft werden: %s\n"
+msgstr "Siegel (MDC) kann nicht geprüft werden: %s\n"
 #. just in case that we have no userid
 #: g10/mainproc.c:925 g10/mainproc.c:936
@ -2420,10 +2399,9 @@ msgstr ""
 "         bitte Mantra nochmals wechseln.\n"
 #: g10/sig-check.c:186
 #, fuzzy
 msgid "assuming bad MDC due to an unknown critical bit\n"
 msgstr ""
-"Vermutlich eine FALSCHE Unterschrift, wegen unbekanntem \"critical bit\"\n"
+"Vermutlich ist das Siegel (MDC) BESCHÄDIGT (wegen unbekanntem \"critical bit\")\n"
 #: g10/sig-check.c:282
 msgid ""
@ -2474,9 +2452,9 @@ msgid "can't handle text lines longer than %d characters\n"
 msgstr "Textzeilen länger als %d Zeichen können nicht benutzt werden\n"
 #: g10/textfilter.c:189
-#, fuzzy, c-format
+#, c-format
 msgid "input line longer than %d characters\n"
-msgstr "ungültige ASCII-Hülle: Zeile ist länger als %d Zeichen\n"
+msgstr "Eingabezeile ist länger als %d Zeichen\n"
 #: g10/tdbio.c:116 g10/tdbio.c:1505
 #, c-format
@ -2834,9 +2812,8 @@ msgid "duplicated certificate - deleted"
 msgstr "Doppelte Zertifikate - entfernt"
 #: g10/trustdb.c:1692
 #, fuzzy
 msgid "public key not anymore available"
-msgstr "Geheimer Schlüssel ist nicht vorhanden"
+msgstr "Öffentlicher Schlüssel ist nicht mehr vorhanden"
 #: g10/trustdb.c:1702 g10/trustdb.c:1791
 msgid "Invalid certificate revocation"
@ -3045,8 +3022,8 @@ msgstr "Bitte diesen potentiellen Sicherheitsmangel beseitigen\n"
 #: g10/skclist.c:88 g10/skclist.c:125
 msgid "key is not flagged as insecure - can't use it with the faked RNG!\n"
 msgstr ""
-"Schlüssel ist nicht als unsicher gekennzeichnet - er ist mit dem\n"
+"Schlüssel ist nicht als unsicher gekennzeichnet - er ist nur mit einem\n"
-"angetäuschten Zufallsgenerator nicht verwendbar\n"
+"echten Zufallsgenerator verwendbar\n"
 #: g10/skclist.c:113
 #, c-format
@ -3465,41 +3442,32 @@ msgstr "Keine Hilfe f
 #~ msgid "You will see a list of signators etc. here\n"
 #~ msgstr "Sie sollten hier eigentlich eine Liste der Signierer sehen.\n"
 #, fuzzy
 #~ msgid "key %08lX.%lu, uid %02X%02X, sig %08lX: good signature (3)\n"
 #~ msgstr "Schlüssel %08lX: Ungültige Eigenbeglaubigung\n"
 #, fuzzy
 #~ msgid ""
 #~ "key %08lX.%lu, uid %02X%02X, sig %08lX: very strange: no public key\n"
 #~ msgstr "Schlüssel %08lX: Keine User-ID für Signatur\n"
 #, fuzzy
 #~ msgid "key %08lX.%lu, uid %02X%02X, sig %08lX: invalid signature: %s\n"
 #~ msgstr "Schlüssel %08lX: Ungültige Eigenbeglaubigung\n"
 #, fuzzy
 #~ msgid "key %08lX.%lu, uid %02X%02X: good self-signature\n"
 #~ msgstr "Schlüssel %08lX: Ungültige Eigenbeglaubigung\n"
 #, fuzzy
 #~ msgid ""
 #~ "key %08lX.%lu, uid %02X%02X, sig %08lX: duplicated signature - deleted\n"
 #~ msgstr "Schlüssel %08lX: Ungültige Eigensignatur\n"
 #, fuzzy
 #~ msgid "key %08lX.%lu, uid %02X%02X, sig %08lX: good signature (1)\n"
 #~ msgstr "Schlüssel %08lX: Ungültige Eigensignatur\n"
 #, fuzzy
 #~ msgid "key %08lX.%lu, uid %02X%02X, sig %08lX: weird: no public key\n"
 #~ msgstr "Schlüssel %08lX: Keine User-ID für Signatur\n"
 #, fuzzy
 #~ msgid "key %08lX.%lu, uid %02X%02X, sig %08lX: good signature (2)\n"
 #~ msgstr "Schlüssel %08lX: Ungültige Eigensignatur\n"
 #, fuzzy
 #~ msgid "key %08lX.%lu, uid %02X%02X, sig %08lX: no public key\n"
 #~ msgstr "Schlüssel %08lX: Keine User-ID für Signatur\n"
--- a/scripts/gnupg.spec.in
+++ b/scripts/gnupg.spec.in
@ -17,6 +17,12 @@ BuildRoot: /tmp/rpmbuild_%{name}
 %changelog
 * Mon May 17 1999 Fabio Coatti <cova@felix.unife.it>
 - Added French description, provided by Christophe Labouisse <labouiss@cybercable.fr>
 * Thu May 06 1999 Fabio Coatti <cova@felix.unife.it> 
 - Upgraded for 0.9.6 (removed gpgm)
 * Tue Jan 12 1999 Fabio Coatti <cova@felix.unife.it>
 - LINGUAS variable is now unset in configure to ensure that all
  languages will be built. (Thanks to Luca Olivetti <luca@luca.ddns.org>)
@ -42,6 +48,11 @@ GnuPG
 IDEA o RSA può essere utilizzato senza restrizioni. GnuPG è conforme
 alle specifiche OpenPGP (RFC2440).
 %description -l fr
 GnuPG est remplacement complet et "libre" de PGP. Comme il n'utilise
 ni IDEA ni RSA il peut être utilisé sans restriction. GnuPG est conforme
 avec la spécification OpenPGP (RFC2440).                     
 %prep
 rm -rf $RPM_BUILD_ROOT
 rm -rf $RPM_BUILD_DIR/%{name}-%{version}
@ -57,9 +68,6 @@ make
 %install
 make install-strip prefix=$RPM_BUILD_ROOT/usr
 rm $RPM_BUILD_ROOT/usr/man/man1/gpgm.1
 cd $RPM_BUILD_ROOT/usr/man/man1/
 ln -s gpg.1 gpgm.1
 %files
@ -77,11 +85,10 @@ ln -s gpg.1 gpgm.1
 %doc %attr (-,root,root) doc/HACKING
 %doc %attr (-,root,root) doc/OpenPGP
 %doc %attr (-,root,root) g10/pubring.asc
 %doc %attr (-,root,root) g10/OPTIONS
 %attr (-,root,root) /usr/man/man1/gpg.1
 %attr (-,root,root) /usr/man/man1/gpgm.1
 %attr (4755,root,root) /usr/bin/gpg
 %attr (755,root,root) /usr/bin/gpgm
 %attr (-,root,root) /usr/share/locale/de/LC_MESSAGES/%{name}.mo
 %attr (-,root,root) /usr/share/locale/it/LC_MESSAGES/%{name}.mo
--- a/util/ChangeLog
+++ b/util/ChangeLog
@ -1,3 +1,7 @@
 Mon May 17 21:54:43 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
 	* logger.c (g10_log_hexdump): Made 2nd arg a const.
 Wed Apr 28 13:03:03 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
 	* miscutil.c (asctimestamp): Use nl_langinfo (Gaël Quéri).
--- a/util/iobuf.c
+++ b/util/iobuf.c
@ -424,6 +424,12 @@ print_chain( IOBUF a )
    }
 }
 int
 iobuf_print_chain( IOBUF a )
 {
    print_chain(a);
 }
 /****************
 * Allocate a new io buffer, with no function assigned.
 * Use is the desired usage: 1 for input, 2 for output, 3 for temp buffer
@ -787,7 +793,7 @@ iobuf_push_filter2( IOBUF a,
 /****************
 * Remove an i/o filter.
 */
-static int
+int
 pop_filter( IOBUF a, int (*f)(void *opaque, int control,
 		      IOBUF chain, byte *buf, size_t *len), void *ov )
 {
@ -856,7 +862,6 @@ pop_filter( IOBUF a, int (*f)(void *opaque, int control,
 }
 /****************
 * read underflow: read more bytes into the buffer and return
 * the first byte or -1 on EOF.
@ -949,8 +954,6 @@ underflow(IOBUF a)
 		memcpy(a,b, sizeof *a);
 		m_free(b);
 		print_chain(a);
 	    }
 	}
 	else if( rc )
--- a/util/logger.c
+++ b/util/logger.c
@ -210,13 +210,13 @@ g10_log_debug_f( const char *fname, const char *fmt, ... )
 void
-g10_log_hexdump( const char *text, char *buf, size_t len )
+g10_log_hexdump( const char *text, const char *buf, size_t len )
 {
    int i;
    print_prefix(text);
    for(i=0; i < len; i++ )
-	fprintf(stderr, " %02X", ((byte*)buf)[i] );
+	fprintf(stderr, " %02X", ((const byte*)buf)[i] );
    fputc('\n', stderr);
 }