security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-06-07 23:27:48 +02:00
Code Activity

Expiration time works (I hope so)

Browse Source
This commit is contained in:
Werner Koch 1998-11-20 17:42:18 +00:00
parent f9d2bd8cb9
commit 47c61bafe3
35 changed files with 7147 additions and 2848 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
INSTALL
View File

@ -34,7 +34,8 @@ Problems
======== ========
If you get unresolved externals "gettext" you should run configure again If you get unresolved externals "gettext" you should run configure again
with the option "--with-included-gettext". with the option "--with-included-gettext"; this is version 0.10.35 which
is available at alpha.gnu.org.
If you have other compile problems, try the configure options If you have other compile problems, try the configure options
"--with-included-zlib" or "--disable-nls" (See ABOUT-NLS) "--with-included-zlib" or "--disable-nls" (See ABOUT-NLS)

14
NEWS
View File

@ -1,6 +1,10 @@
This is NOT a released version! This is NOT a released version!
------------------------------- -------------------------------
* Fixed the way the key expiration time is stored. If you have
an expiration time on your key you should fix it with --edit-key
and the command "expire". I apologize for this inconvenience.
* Add option --charset to support "koi8-r" encoding of user ids. * Add option --charset to support "koi8-r" encoding of user ids.
(Not yet tested). (Not yet tested).
@ -14,6 +18,16 @@ This is NOT a released version!
* Spanish translation by Urko Lusa. * Spanish translation by Urko Lusa.
* Patch files are from now on signed. See the man page
for the new option --not-dash-escaped.
* New syntax: --edit-key <userID> [<commands>]
If you run it without --batch the commands are executed and then
you are put into normal mode unless you use "quit" or "save" as
one of the commands. When in batch mode, the program quits after
the last command, so you have to use "save" if you did some changes.
It does not yet work completey, but may be used to list so the
keys etc.
Noteworthy changes in version 0.4.3 Noteworthy changes in version 0.4.3

21
PROJECTS
View File

@ -1,22 +1,27 @@
* Urko Lusa <ulusa@lacueva.ddns.org> is working on es.po
* Check if an object (a message, detached sign, public key, or whatever) * Check if an object (a message, detached sign, public key, or whatever)
is signed by definite user, i.e. define user is signed by definite user, i.e. define user
(userid, or any other unique identification) on command line. (userid, or any other unique identification) on command line.
* Change the internal represention of keyid into a struct which
can also hold the localid and extend the localid to hold information
of the subkey number because two subkeys may have the same keyid.
* signature verification is done duplicated on import: in import.c and
tehn in trustdb.c too. Maybe we can use a flag to skip the actual
verification process (this should work if we use the same keyblock,
but I'm not sure how to accomplish that). Another way is to allow
the import of bogus data and let trustdb mark these keys as invalid;
I see an advantage in this that it may help to prevent a DoS on a
keyserver by sending him a lot of bogus signatures which he has
to check - Needs further investigation.
* abstraction of the MPI * abstraction of the MPI
* Add a way to override the current cipher/md implementations * Add a way to override the current cipher/md implementations
by others (using extensions) by others (using extensions)
* add a fast-import command which does not do the signature checks * Not GnuPG replated: What about option completion in bash?
of other keys (processing of the sdir hintlist). The signatures
may then be verified by a maintainence pass.
* Not GnupG replated: What about option completion in bash?
Can "--dump-options" be used for this or should we place the Can "--dump-options" be used for this or should we place the
options in a special ELF segment? options in a special ELF segment?

34
TODO
View File

@ -4,9 +4,9 @@
* Check Berkeley BD - it is in glibc -any licensing problems? * Check Berkeley BD - it is in glibc -any licensing problems?
* I noticed, that we sometimes have only 3 items in atrustrecord, but * I noticed, that we sometimes have only 3 items in a trustrecord, but
a next pointer ro more records - check wehther the reuse code really a next pointer ro more records - check wehther the reuse code really
works. Maybe this is the reason for the "Hmmm puiblic key lost" works. Maybe this is the reason for the "Hmmm public key lost"
* Update the keyring at ftp.guug.de * Update the keyring at ftp.guug.de
@ -14,9 +14,6 @@
* check support for mpi/powerpc * check support for mpi/powerpc
* add a note, that gettext 10.35 is needed (for gettext) - and install
it on tobold.
* use zlib 1.1.13 to avoid a bug with 13 bit windows * use zlib 1.1.13 to avoid a bug with 13 bit windows
but there are more problems with large files but there are more problems with large files
@ -24,12 +21,17 @@
#define USE_DYNAMIC_LINKING #define USE_DYNAMIC_LINKING
#define HAVE_DL_DLOPEN #define HAVE_DL_DLOPEN
and the ld option -export-dynamic. and the ld option -export-dynamic.
Why does autoconf not figure that out?
* clearsig: keep lineendings as they are. Remember that trailings * clearsig: keep lineendings as they are. Remember that trailings
blanks are not hashed. blanks are not hashed.
* Check revocation and expire stuff. * Check revocation and expire stuff.
* Always use the latest key signature (import). This is needed, so
that we are able to chnage the expiration time or other info in the
selfsignature
* OpenBSD: dynamic loading with dlopen works on OpenBSD, but: * OpenBSD: dynamic loading with dlopen works on OpenBSD, but:
OpenBSD binaries are a.out, so every symbol begins with "_" OpenBSD binaries are a.out, so every symbol begins with "_"
@ -58,8 +60,6 @@
* add some sanity checks to read_keyblock, so that we are sure that * add some sanity checks to read_keyblock, so that we are sure that
the minimal requirements are met (?) the minimal requirements are met (?)
* decryption of message with multiple recipients does not work.
* preferences of hash algorithms are not yet used. * preferences of hash algorithms are not yet used.
* rewrite --list-packets or put it into another tool. * rewrite --list-packets or put it into another tool.
@ -67,31 +67,19 @@
* Burn the buffers used by fopen(), or use read(2). Does this * Burn the buffers used by fopen(), or use read(2). Does this
really make sense? really make sense?
* Change the buffering to a mbuf like scheme? Need it for PSST anyway. * Change the buffering to a mbuf like scheme? Need it for PSST anyway;
see Michael's proposal.
* add checking of armor trailers * add checking of armor trailers
* remove all "Fixmes" * remove all "Fixmes" ;-)
* Change the internal represention of keyid into a struct which
can also hold the localid and extend the localid to hold information
of the subkey number because two subkeys may have the same keyid.
* add an option to re-create a public key from a secret key; we * add an option to re-create a public key from a secret key; we
can do this in trustdb.c:verify_own_keys. can do this in trustdb.c:verify_own_keys.
* signature verification is done duplicated on import: in import.c and
tehn in trustdb.c too. Maybe we can use a flag to skip the actual
verification process (this should work if we use the same keyblock,
but I'm not sure how to accomplish that). Another way is to allow
the import of bogus data and let trustdb mark these keys as invalid;
I see an advantage in this that it may help to prevent a DoS on a
keyserver by sending him a lot of bogus signatures which he has
to check - Needs further investigation.
* change the fake_data stuff to mpi_set_opaque * change the fake_data stuff to mpi_set_opaque
* Is it okay to use gettext for the help system? * Is it okay to use gettext for the help system?
* Add some stuff for DU cc * Add some stuff for DU cc
* Use "user ID", "trustdb" and "WARNING". * Use "user ID", "trustdb", "NOTE" and "WARNING".

2
VERSION
View File

@ -1 +1 @@
0.4.3b 0.4.3c

3
doc/OpenPGP
View File

@ -1,7 +1,8 @@
GnuPG and OpenPGP GnuPG and OpenPGP
================= =================
See RFC2440 for a description of OpenPGP. See RFC2440 for a description of OpenPGP. I have an annotated version
of this RFC online: http://www.d.shuttle.de/isil/gnupg/rfc2440.html

10
doc/gpg.1pod
View File

@ -401,6 +401,16 @@ B<--throw-keyid>
against traffic analysis. It may slow down the decryption against traffic analysis. It may slow down the decryption
process because all available secret keys are tried. process because all available secret keys are tried.
B<--not-dash-escaped>
This option changes the behaviour of cleartext signature
so that they can be used for patch files. You should not
send such an armored file via email because all spaces
and line endings are hashed too. You can not use this
option for data which has 5 dashes somewhere at the
beginning of a line - patch files don't have this.
A special armor header line tells GnuPG about this
cleartext signature framework.
B<--passphrase-fd> I<n> B<--passphrase-fd> I<n>
Read the passphrase from file descriptor I<n>. If you use Read the passphrase from file descriptor I<n>. If you use
0 for I<n>, the passphrase will be read from stdin. This 0 for I<n>, the passphrase will be read from stdin. This

22
g10/ChangeLog
View File

@ -1,3 +1,25 @@
Fri Nov 20 16:54:52 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c (main): New option --not-dash-escaped
* sign.c (write_dashed_escaped): Ditto.
* armor.c (find_header): Support for NotDashEscaped header.
Thu Nov 19 07:17:31 1998 Werner Koch <werner.koch@guug.de>
* parse-packet.c (dump_sig_subpkt): Fixed expire listing
* getkey.c (merge_keys_and_selfsig): Fixed expire calculation.
(merge_one_pk_and_selfsig): Ditto.
* keyedit.c (menu_expire). Ditto.
* keygen.c (keygen_add_key_expire): Ditto.
(ask_expire_interval): New and changed all local function to use
this instead.
(keygen_add_key_expire): Opaque should now be a public key;
changed all callers.
* parse.packet.c (parse): use skip_rest to skip packets.
* keyedit.c (keyedit_menu): New arg for cmdline cmds.
Wed Nov 18 20:33:50 1998 Werner Koch (wk@isil.d.shuttle.de) Wed Nov 18 20:33:50 1998 Werner Koch (wk@isil.d.shuttle.de)
* trustdb.c (check_trustdb): Now rechecks all gived userids. * trustdb.c (check_trustdb): Now rechecks all gived userids.

67
g10/armor.c
View File

@ -1,4 +1,4 @@
/* armor.c - Armor filter /* armor.c - Armor flter
* Copyright (C) 1998 Free Software Foundation, Inc. * Copyright (C) 1998 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
@ -74,7 +74,10 @@ typedef enum {
fhdrENDClearsig, fhdrENDClearsig,
fhdrENDClearsigHelp, fhdrENDClearsigHelp,
fhdrTESTSpaces, fhdrTESTSpaces,
fhdrCLEARSIGSimple,
fhdrCLEARSIGSimpleNext,
fhdrTEXT, fhdrTEXT,
fhdrTEXTSimple,
fhdrERROR, fhdrERROR,
fhdrERRORShow, fhdrERRORShow,
fhdrEOF fhdrEOF
@ -110,7 +113,7 @@ static fhdr_state_t find_header( fhdr_state_t state,
byte *buf, size_t *r_buflen, byte *buf, size_t *r_buflen,
IOBUF a, size_t n, IOBUF a, size_t n,
unsigned *r_empty, int *r_hashes, unsigned *r_empty, int *r_hashes,
int only_keyblocks ); int only_keyblocks, int *not_dashed );
static void static void
@ -262,7 +265,7 @@ parse_hash_header( const char *line )
static fhdr_state_t static fhdr_state_t
find_header( fhdr_state_t state, byte *buf, size_t *r_buflen, find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
IOBUF a, size_t n, unsigned *r_empty, int *r_hashes, IOBUF a, size_t n, unsigned *r_empty, int *r_hashes,
int only_keyblocks ) int only_keyblocks, int *not_dashed )
{ {
int c=0, i; int c=0, i;
const char *s; const char *s;
@ -343,8 +346,15 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
putc('\n', stderr); putc('\n', stderr);
} }
if( clearsig && !(hashes=parse_hash_header( buf )) ) { if( clearsig && !(hashes=parse_hash_header( buf )) ) {
log_error(_("invalid clearsig header\n")); if( strlen(buf) > 15
state = fhdrERROR; && !memcmp( buf, "NotDashEscaped:", 15 ) ) {
*not_dashed = 1;
state = fhdrWAITHeader;
}
else {
log_error(_("invalid clearsig header\n"));
state = fhdrERROR;
}
} }
else { else {
state = fhdrWAITHeader; state = fhdrWAITHeader;
@ -449,6 +459,31 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
log_info(_("armor: %s\n"), head_strings[hdr_line]); log_info(_("armor: %s\n"), head_strings[hdr_line]);
break; break;
case fhdrCLEARSIGSimple:
/* we are at the begin of a new line */
case fhdrCLEARSIGSimpleNext:
n = 0;
c = 0;
while( n < buflen && (c=iobuf_get(a)) != -1 ) {
buf[n++] = c;
if( c == '\n' )
break;
}
buf[n] = 0;
if( c == -1 )
state = fhdrEOF;
else if( state == fhdrCLEARSIGSimple
&& n > 15 && !memcmp(buf, "-----", 5 ) ) {
if( c == '\n' )
buf[n-1] = 0;
state = fhdrENDClearsig;
}
else if( c == '\n' )
state = fhdrCLEARSIGSimple;
else
state = fhdrCLEARSIGSimpleNext;
break;
case fhdrCLEARSIG: case fhdrCLEARSIG:
case fhdrEMPTYClearsig: case fhdrEMPTYClearsig:
case fhdrREADClearsig: case fhdrREADClearsig:
@ -472,6 +507,10 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
break; break;
case fhdrCHECKDashEscaped3: case fhdrCHECKDashEscaped3:
if( *not_dashed ) {
state = fhdrTEXTSimple;
break;
}
if( !(n > 1 && buf[0] == '-' && buf[1] == ' ' ) ) { if( !(n > 1 && buf[0] == '-' && buf[1] == ' ' ) ) {
state = fhdrTEXT; state = fhdrTEXT;
break; break;
@ -501,7 +540,7 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
/* check the clearsig line */ /* check the clearsig line */
if( n > 15 && !memcmp(buf, "-----", 5 ) ) if( n > 15 && !memcmp(buf, "-----", 5 ) )
state = fhdrENDClearsig; state = fhdrENDClearsig;
else if( buf[0] == '-' && buf[1] == ' ' ) else if( buf[0] == '-' && buf[1] == ' ' && !*not_dashed )
state = fhdrCHECKDashEscaped; state = fhdrCHECKDashEscaped;
else { else {
state = fhdrTESTSpaces; state = fhdrTESTSpaces;
@ -512,7 +551,7 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
/* check the clearsig line */ /* check the clearsig line */
if( n > 15 && !memcmp(buf, "-----", 5 ) ) if( n > 15 && !memcmp(buf, "-----", 5 ) )
state = fhdrENDClearsig; state = fhdrENDClearsig;
else if( buf[0] == '-' && buf[1] == ' ' ) else if( buf[0] == '-' && buf[1] == ' ' && !*not_dashed )
state = fhdrCHECKDashEscaped2; state = fhdrCHECKDashEscaped2;
else { else {
state = fhdrREADClearsig; state = fhdrREADClearsig;
@ -591,6 +630,11 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
if( clearsig && state == fhdrTEXT ) if( clearsig && state == fhdrTEXT )
state = fhdrCLEARSIG; state = fhdrCLEARSIG;
else if( clearsig && state == fhdrTEXTSimple ) {
state = fhdrCLEARSIGSimple;
buf[n] = '\n';
n++;
}
if( state == fhdrCLEARSIG || state == fhdrREADClearsig ) { if( state == fhdrCLEARSIG || state == fhdrREADClearsig ) {
/* append CR,LF after removing trailing wspaces */ /* append CR,LF after removing trailing wspaces */
@ -631,7 +675,7 @@ check_input( armor_filter_context_t *afx, IOBUF a )
n = DIM(afx->helpbuf); n = DIM(afx->helpbuf);
state = find_header( state, afx->helpbuf, &n, a, state = find_header( state, afx->helpbuf, &n, a,
afx->helplen, &emplines, &afx->hashes, afx->helplen, &emplines, &afx->hashes,
afx->only_keyblocks ); afx->only_keyblocks, &afx->not_dash_escaped );
switch( state ) { switch( state ) {
case fhdrNOArmor: case fhdrNOArmor:
afx->inp_checked = 1; afx->inp_checked = 1;
@ -649,6 +693,8 @@ check_input( armor_filter_context_t *afx, IOBUF a )
case fhdrNullClearsig: case fhdrNullClearsig:
case fhdrCLEARSIG: /* start fake package mode (for clear signatures) */ case fhdrCLEARSIG: /* start fake package mode (for clear signatures) */
case fhdrCLEARSIGSimple:
case fhdrCLEARSIGSimpleNext:
afx->helplen = n; afx->helplen = n;
afx->helpidx = 0; afx->helpidx = 0;
afx->faked = 1; afx->faked = 1;
@ -718,7 +764,8 @@ fake_packet( armor_filter_context_t *afx, IOBUF a,
state = find_header( state, afx->helpbuf, &n, a, state = find_header( state, afx->helpbuf, &n, a,
state == fhdrNullClearsig? afx->helplen:0, state == fhdrNullClearsig? afx->helplen:0,
&emplines, &afx->hashes, &emplines, &afx->hashes,
afx->only_keyblocks ); afx->only_keyblocks,
&afx->not_dash_escaped );
switch( state) { switch( state) {
case fhdrERROR: case fhdrERROR:
invalid_armor(); invalid_armor();
@ -733,6 +780,8 @@ fake_packet( armor_filter_context_t *afx, IOBUF a,
case fhdrREADClearsig: case fhdrREADClearsig:
case fhdrREADClearsigNext: case fhdrREADClearsigNext:
case fhdrCLEARSIGSimple:
case fhdrCLEARSIGSimpleNext:
afx->helplen = n; afx->helplen = n;
break; break;

1
g10/filter.h
View File

@ -45,6 +45,7 @@ typedef struct {
int inp_bypass; /* set if the input is not armored */ int inp_bypass; /* set if the input is not armored */
int any_data; int any_data;
const char *hdrlines; const char *hdrlines;
int not_dash_escaped;
} armor_filter_context_t; } armor_filter_context_t;

17
g10/g10.c
View File

@ -146,6 +146,7 @@ enum cmd_and_opt_values { aNull = 0,
oS2KDigest, oS2KDigest,
oS2KCipher, oS2KCipher,
oCharset, oCharset,
oNotDashEscaped,
aTest }; aTest };
@ -294,6 +295,7 @@ static ARGPARSE_OPTS opts[] = {
{ oRunAsShmCP, "run-as-shm-coprocess", 4, "@" }, { oRunAsShmCP, "run-as-shm-coprocess", 4, "@" },
{ oSetFilename, "set-filename", 2, "@" }, { oSetFilename, "set-filename", 2, "@" },
{ oComment, "comment", 2, "@" }, { oComment, "comment", 2, "@" },
{ oNotDashEscaped, "not-dash-escaped", 0, "@" },
{0} }; {0} };
@ -767,6 +769,7 @@ main( int argc, char **argv )
log_error(_("%s is not a valid character set\n"), log_error(_("%s is not a valid character set\n"),
pargs.r.ret_str); pargs.r.ret_str);
break; break;
case oNotDashEscaped: opt.not_dash_escaped = 1; break;
default : pargs.err = configfp? 1:2; break; default : pargs.err = configfp? 1:2; break;
} }
@ -988,9 +991,17 @@ main( int argc, char **argv )
case aSignKey: /* sign the key given as argument */ case aSignKey: /* sign the key given as argument */
case aEditKey: /* Edit a key signature */ case aEditKey: /* Edit a key signature */
if( argc != 1 ) if( !argc )
wrong_args(_("--edit-key username")); wrong_args(_("--edit-key username [commands]"));
keyedit_menu(fname, locusr ); if( argc > 1 ) {
sl = NULL;
for( argc--, argv++ ; argc; argc--, argv++ )
append_to_strlist( &sl, *argv );
keyedit_menu( fname, locusr, sl );
free_strlist(sl);
}
else
keyedit_menu(fname, locusr, NULL );
break; break;
#endif /* IS_G10 */ #endif /* IS_G10 */

12
g10/getkey.c
View File

@ -721,7 +721,7 @@ merge_one_pk_and_selfsig( KBNODE keyblock, KBNODE knode )
*/ */
const byte *p; const byte *p;
p = parse_sig_subpkt( sig->hashed_data, SIGSUBPKT_KEY_EXPIRE, NULL ); p = parse_sig_subpkt( sig->hashed_data, SIGSUBPKT_KEY_EXPIRE, NULL );
pk->expiredate = p? buffer_to_u32(p):0; pk->expiredate = p? pk->timestamp + buffer_to_u32(p):0;
/* fixme: add usage etc. to pk */ /* fixme: add usage etc. to pk */
break; break;
} }
@ -739,7 +739,7 @@ merge_keys_and_selfsig( KBNODE keyblock )
PKT_secret_key *sk = NULL; PKT_secret_key *sk = NULL;
PKT_signature *sig; PKT_signature *sig;
KBNODE k; KBNODE k;
u32 kid[2]; u32 kid[2] = { 0, 0 };
for(k=keyblock; k; k = k->next ) { for(k=keyblock; k; k = k->next ) {
if( k->pkt->pkttype == PKT_PUBLIC_KEY if( k->pkt->pkttype == PKT_PUBLIC_KEY
@ -747,7 +747,7 @@ merge_keys_and_selfsig( KBNODE keyblock )
pk = k->pkt->pkt.public_key; sk = NULL; pk = k->pkt->pkt.public_key; sk = NULL;
if( pk->version < 4 ) if( pk->version < 4 )
pk = NULL; /* not needed for old keys */ pk = NULL; /* not needed for old keys */
else else if( k->pkt->pkttype == PKT_PUBLIC_KEY )
keyid_from_pk( pk, kid ); keyid_from_pk( pk, kid );
} }
else if( k->pkt->pkttype == PKT_SECRET_KEY else if( k->pkt->pkttype == PKT_SECRET_KEY
@ -755,7 +755,7 @@ merge_keys_and_selfsig( KBNODE keyblock )
pk = NULL; sk = k->pkt->pkt.secret_key; pk = NULL; sk = k->pkt->pkt.secret_key;
if( sk->version < 4 ) if( sk->version < 4 )
sk = NULL; sk = NULL;
else else if( k->pkt->pkttype == PKT_SECRET_KEY )
keyid_from_sk( sk, kid ); keyid_from_sk( sk, kid );
} }
else if( (pk || sk ) && k->pkt->pkttype == PKT_SIGNATURE else if( (pk || sk ) && k->pkt->pkttype == PKT_SIGNATURE
@ -770,12 +770,12 @@ merge_keys_and_selfsig( KBNODE keyblock )
const byte *p; const byte *p;
p = parse_sig_subpkt( sig->hashed_data, SIGSUBPKT_KEY_EXPIRE, NULL ); p = parse_sig_subpkt( sig->hashed_data, SIGSUBPKT_KEY_EXPIRE, NULL );
if( pk ) { if( pk ) {
pk->expiredate = p? buffer_to_u32(p):0; pk->expiredate = p? pk->timestamp + buffer_to_u32(p):0;
/* fixme: add usage etc. */ /* fixme: add usage etc. */
pk = NULL; /* use only the first self signature */ pk = NULL; /* use only the first self signature */
} }
else { else {
sk->expiredate = p? buffer_to_u32(p):0; sk->expiredate = p? sk->timestamp + buffer_to_u32(p):0;
sk = NULL; /* use only the first self signature */ sk = NULL; /* use only the first self signature */
} }
} }

67
g10/keyedit.c
View File

@ -475,7 +475,7 @@ fix_keyblock( KBNODE keyblock )
*/ */
void void
keyedit_menu( const char *username, STRLIST locusr ) keyedit_menu( const char *username, STRLIST locusr, STRLIST commands )
{ {
enum cmdids { cmdNONE = 0, enum cmdids { cmdNONE = 0,
cmdQUIT, cmdHELP, cmdFPR, cmdLIST, cmdSELUID, cmdCHECK, cmdSIGN, cmdQUIT, cmdHELP, cmdFPR, cmdLIST, cmdSELUID, cmdCHECK, cmdSIGN,
@ -527,9 +527,10 @@ keyedit_menu( const char *username, STRLIST locusr )
int modified = 0; int modified = 0;
int sec_modified = 0; int sec_modified = 0;
int toggle; int toggle;
int have_commands = !!commands;
if( opt.batch ) { if( opt.batch && !have_commands ) {
log_error(_("can't do that in batchmode\n")); log_error(_("can't do that in batchmode\n"));
goto leave; goto leave;
} }
@ -574,8 +575,21 @@ keyedit_menu( const char *username, STRLIST locusr )
} }
do { do {
m_free(answer); m_free(answer);
answer = cpr_get(N_("keyedit.cmd"), _("Command> ")); if( have_commands ) {
cpr_kill_prompt(); if( commands ) {
answer = m_strdup( commands->d );
commands = commands->next;
}
else if( opt.batch ) {
answer = m_strdup("quit");
}
else
have_commands = 0;
}
if( !have_commands ) {
answer = cpr_get(N_("keyedit.cmd"), _("Command> "));
cpr_kill_prompt();
}
trim_spaces(answer); trim_spaces(answer);
} while( *answer == '#' ); } while( *answer == '#' );
@ -617,6 +631,8 @@ keyedit_menu( const char *username, STRLIST locusr )
break; break;
case cmdQUIT: case cmdQUIT:
if( have_commands )
goto leave;
if( !modified && !sec_modified ) if( !modified && !sec_modified )
goto leave; goto leave;
if( !cpr_get_answer_is_yes(N_("keyedit.save.okay"), if( !cpr_get_answer_is_yes(N_("keyedit.save.okay"),
@ -1023,7 +1039,7 @@ menu_adduid( KBNODE pub_keyblock, KBNODE sec_keyblock )
assert(pk && sk ); assert(pk && sk );
rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x13, 0, rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x13, 0,
keygen_add_std_prefs, sk ); keygen_add_std_prefs, pk );
free_secret_key( sk ); free_secret_key( sk );
if( rc ) { if( rc ) {
log_error("signing failed: %s\n", g10_errstr(rc) ); log_error("signing failed: %s\n", g10_errstr(rc) );
@ -1168,7 +1184,7 @@ menu_delkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
static int static int
menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock ) menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock )
{ {
int n1, rc; int n1, signumber, rc;
u32 expiredate; u32 expiredate;
int mainkey=0; int mainkey=0;
PKT_secret_key *sk; /* copy of the main sk */ PKT_secret_key *sk; /* copy of the main sk */
@ -1195,26 +1211,24 @@ menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock )
} }
expiredate = ask_expiredate(); expiredate = ask_expiredate();
/* fixme: check that expiredate is > key creation date */
/* get the secret key , make a copy and set the expiration time into
* that key (because keygen_add-key-expire expects it there)
*/
node = find_kbnode( sec_keyblock, PKT_SECRET_KEY ); node = find_kbnode( sec_keyblock, PKT_SECRET_KEY );
sk = copy_secret_key( NULL, node->pkt->pkt.secret_key); sk = copy_secret_key( NULL, node->pkt->pkt.secret_key);
sk->expiredate = expiredate;
/* Now we can actually change the self signature(s) */ /* Now we can actually change the self signature(s) */
main_pk = sub_pk = NULL; main_pk = sub_pk = NULL;
uid = NULL; uid = NULL;
signumber = 0;
for( node=pub_keyblock; node; node = node->next ) { for( node=pub_keyblock; node; node = node->next ) {
if( node->pkt->pkttype == PKT_PUBLIC_KEY ) { if( node->pkt->pkttype == PKT_PUBLIC_KEY ) {
main_pk = node->pkt->pkt.public_key; main_pk = node->pkt->pkt.public_key;
keyid_from_pk( main_pk, keyid ); keyid_from_pk( main_pk, keyid );
main_pk->expiredate = expiredate;
} }
else if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY else if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY
&& (node->flag & NODFLG_SELKEY ) ) && (node->flag & NODFLG_SELKEY ) ) {
sub_pk = node->pkt->pkt.public_key; sub_pk = node->pkt->pkt.public_key;
sub_pk->expiredate = expiredate;
}
else if( node->pkt->pkttype == PKT_USER_ID ) else if( node->pkt->pkttype == PKT_USER_ID )
uid = node->pkt->pkt.user_id; uid = node->pkt->pkt.user_id;
else if( main_pk && node->pkt->pkttype == PKT_SIGNATURE ) { else if( main_pk && node->pkt->pkttype == PKT_SIGNATURE ) {
@ -1222,16 +1236,31 @@ menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock )
if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
&& ( (mainkey && uid && (sig->sig_class&~3) == 0x10) && ( (mainkey && uid && (sig->sig_class&~3) == 0x10)
|| (!mainkey && sig->sig_class == 0x18) ) ) { || (!mainkey && sig->sig_class == 0x18) ) ) {
/* this is a selfsignature which should be replaced */ /* this is a selfsignature which is to be replaced */
PKT_signature *newsig; PKT_signature *newsig;
PACKET *newpkt; PACKET *newpkt;
KBNODE sn; KBNODE sn;
int signumber2 = 0;
signumber++;
if( (mainkey && main_pk->version < 4)
|| (!mainkey && sub_pk->version < 4 ) ) {
log_info(_(
"You can't change the expiration date of a v3 key\n"));
free_secret_key( sk );
return 0;
}
/* find the corresponding secret self-signature */ /* find the corresponding secret self-signature */
for( sn=sec_keyblock; sn; sn = sn->next ) { for( sn=sec_keyblock; sn; sn = sn->next ) {
if( sn->pkt->pkttype == PKT_SIGNATURE if( sn->pkt->pkttype == PKT_SIGNATURE ) {
&& !cmp_signatures( sn->pkt->pkt.signature, sig ) ) PKT_signature *b = sn->pkt->pkt.signature;
break; if( keyid[0] == b->keyid[0] && keyid[1] == b->keyid[1]
&& sig->sig_class == b->sig_class
&& ++signumber2 == signumber )
break;
}
} }
if( !sn ) if( !sn )
log_info(_("No corresponding signature in secret ring\n")); log_info(_("No corresponding signature in secret ring\n"));
@ -1240,11 +1269,11 @@ menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock )
if( mainkey ) if( mainkey )
rc = make_keysig_packet( &newsig, main_pk, uid, NULL, rc = make_keysig_packet( &newsig, main_pk, uid, NULL,
sk, 0x13, 0, sk, 0x13, 0,
keygen_add_std_prefs, sk ); keygen_add_std_prefs, main_pk );
else else
rc = make_keysig_packet( &newsig, main_pk, NULL, sub_pk, rc = make_keysig_packet( &newsig, main_pk, NULL, sub_pk,
sk, 0x18, 0, sk, 0x18, 0,
keygen_add_key_expire, sk ); keygen_add_key_expire, sub_pk );
if( rc ) { if( rc ) {
log_error("make_keysig_packet failed: %s\n", log_error("make_keysig_packet failed: %s\n",
g10_errstr(rc)); g10_errstr(rc));

66
g10/keygen.c
View File

@ -54,12 +54,13 @@ write_uid( KBNODE root, const char *s )
int int
keygen_add_key_expire( PKT_signature *sig, void *opaque ) keygen_add_key_expire( PKT_signature *sig, void *opaque )
{ {
PKT_secret_key *sk = opaque; PKT_public_key *pk = opaque;
byte buf[8]; byte buf[8];
u32 u; u32 u;
if( sk->expiredate ) { if( pk->expiredate ) {
u = sk->expiredate; u = pk->expiredate > pk->timestamp? pk->expiredate - pk->timestamp
: pk->timestamp;
buf[0] = (u >> 24) & 0xff; buf[0] = (u >> 24) & 0xff;
buf[1] = (u >> 16) & 0xff; buf[1] = (u >> 16) & 0xff;
buf[2] = (u >> 8) & 0xff; buf[2] = (u >> 8) & 0xff;
@ -135,7 +136,7 @@ write_selfsig( KBNODE root, KBNODE pub_root, PKT_secret_key *sk )
/* and make the signature */ /* and make the signature */
rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x13, 0, rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x13, 0,
keygen_add_std_prefs, sk ); keygen_add_std_prefs, pk );
if( rc ) { if( rc ) {
log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) ); log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );
return rc; return rc;
@ -176,7 +177,7 @@ write_keybinding( KBNODE root, KBNODE pub_root, PKT_secret_key *sk )
/* and make the signature */ /* and make the signature */
rc = make_keysig_packet( &sig, pk, NULL, subpk, sk, 0x18, 0, rc = make_keysig_packet( &sig, pk, NULL, subpk, sk, 0x18, 0,
keygen_add_key_expire, sk ); keygen_add_key_expire, subpk );
if( rc ) { if( rc ) {
log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) ); log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );
return rc; return rc;
@ -192,7 +193,7 @@ write_keybinding( KBNODE root, KBNODE pub_root, PKT_secret_key *sk )
static int static int
gen_elg(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek, gen_elg(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
STRING2KEY *s2k, PKT_secret_key **ret_sk, u32 expiredate, STRING2KEY *s2k, PKT_secret_key **ret_sk, u32 expireval,
int version ) int version )
{ {
int rc; int rc;
@ -214,9 +215,9 @@ gen_elg(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
pk = m_alloc_clear( sizeof *pk ); pk = m_alloc_clear( sizeof *pk );
sk->timestamp = pk->timestamp = make_timestamp(); sk->timestamp = pk->timestamp = make_timestamp();
sk->version = pk->version = version; sk->version = pk->version = version;
if( expiredate && expiredate < sk->timestamp ) if( expireval ) {
expiredate = sk->timestamp; /* key generatio may take long */ sk->expiredate = pk->expiredate = sk->timestamp + expireval;
sk->expiredate = pk->expiredate = expiredate; }
sk->pubkey_algo = pk->pubkey_algo = algo; sk->pubkey_algo = pk->pubkey_algo = algo;
pk->pkey[0] = mpi_copy( skey[0] ); pk->pkey[0] = mpi_copy( skey[0] );
pk->pkey[1] = mpi_copy( skey[1] ); pk->pkey[1] = mpi_copy( skey[1] );
@ -268,7 +269,7 @@ gen_elg(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
*/ */
static int static int
gen_dsa(unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek, gen_dsa(unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
STRING2KEY *s2k, PKT_secret_key **ret_sk, u32 expiredate ) STRING2KEY *s2k, PKT_secret_key **ret_sk, u32 expireval )
{ {
int rc; int rc;
int i; int i;
@ -291,9 +292,9 @@ gen_dsa(unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
pk = m_alloc_clear( sizeof *pk ); pk = m_alloc_clear( sizeof *pk );
sk->timestamp = pk->timestamp = make_timestamp(); sk->timestamp = pk->timestamp = make_timestamp();
sk->version = pk->version = 4; sk->version = pk->version = 4;
if( expiredate && expiredate < pk->timestamp ) if( expireval ) {
expiredate = pk->timestamp; /* key generation may take long */ sk->expiredate = pk->expiredate = sk->timestamp + expireval;
sk->expiredate = pk->expiredate = expiredate; }
sk->pubkey_algo = pk->pubkey_algo = PUBKEY_ALGO_DSA; sk->pubkey_algo = pk->pubkey_algo = PUBKEY_ALGO_DSA;
pk->pkey[0] = mpi_copy( skey[0] ); pk->pkey[0] = mpi_copy( skey[0] );
pk->pkey[1] = mpi_copy( skey[1] ); pk->pkey[1] = mpi_copy( skey[1] );
@ -481,12 +482,12 @@ ask_keysize( int algo )
} }
u32 static u32
ask_expiredate() ask_expire_interval()
{ {
char *answer; char *answer;
int valid_days=0; int valid_days=0;
u32 expiredate = 0; u32 interval = 0;
tty_printf(_("Please specify how long the key should be valid.\n" tty_printf(_("Please specify how long the key should be valid.\n"
" 0 = key does not expire\n" " 0 = key does not expire\n"
@ -494,7 +495,7 @@ ask_expiredate()
" <n>w = key expires in n weeks\n" " <n>w = key expires in n weeks\n"
" <n>m = key expires in n months\n" " <n>m = key expires in n months\n"
" <n>y = key expires in n years\n")); " <n>y = key expires in n years\n"));
/* Note: The elgamal subkey for DSA has no exiration date because /* Note: The elgamal subkey for DSA has no expiration date because
* it must be signed with the DSA key and this one has the expiration * it must be signed with the DSA key and this one has the expiration
* date */ * date */
@ -520,12 +521,13 @@ ask_expiredate()
if( !valid_days ) { if( !valid_days ) {
tty_printf(_("Key does not expire at all\n")); tty_printf(_("Key does not expire at all\n"));
expiredate = 0; interval = 0;
} }
else { else {
expiredate = make_timestamp() + valid_days * 86400L; interval = valid_days * 86400L;
/* print the date when the key expires */ /* print the date when the key expires */
tty_printf(_("Key expires at %s\n"), asctimestamp(expiredate) ); tty_printf(_("Key expires at %s\n"),
asctimestamp(make_timestamp() + interval ) );
} }
if( !cpr_enabled() if( !cpr_enabled()
@ -534,9 +536,15 @@ ask_expiredate()
break; break;
} }
m_free(answer); m_free(answer);
return expiredate; return interval;
} }
u32
ask_expiredate()
{
u32 x = ask_expire_interval();
return x? make_timestamp() + x : 0;
}
static int static int
has_invalid_email_chars( const char *s ) has_invalid_email_chars( const char *s )
@ -804,7 +812,7 @@ generate_keypair()
STRING2KEY *s2k; STRING2KEY *s2k;
int rc; int rc;
int algo; int algo;
u32 expiredate; u32 expire;
int v4; int v4;
int both = 0; int both = 0;
@ -820,7 +828,7 @@ generate_keypair()
tty_printf(_("DSA keypair will have 1024 bits.\n")); tty_printf(_("DSA keypair will have 1024 bits.\n"));
} }
nbits = ask_keysize( algo ); nbits = ask_keysize( algo );
expiredate = ask_expiredate(); expire = ask_expire_interval();
uid = ask_user_id(0); uid = ask_user_id(0);
if( !uid ) { if( !uid ) {
log_error(_("Key generation cancelled.\n")); log_error(_("Key generation cancelled.\n"));
@ -847,10 +855,10 @@ generate_keypair()
if( both ) if( both )
rc = do_create( PUBKEY_ALGO_DSA, 1024, pub_root, sec_root, rc = do_create( PUBKEY_ALGO_DSA, 1024, pub_root, sec_root,
dek, s2k, &sk, expiredate, 1); dek, s2k, &sk, expire, 1);
else else
rc = do_create( algo, nbits, pub_root, sec_root, rc = do_create( algo, nbits, pub_root, sec_root,
dek, s2k, &sk, expiredate, v4); dek, s2k, &sk, expire, v4);
if( !rc ) if( !rc )
write_uid(pub_root, uid ); write_uid(pub_root, uid );
if( !rc ) if( !rc )
@ -862,7 +870,7 @@ generate_keypair()
if( both ) { if( both ) {
rc = do_create( algo, nbits, pub_root, sec_root, rc = do_create( algo, nbits, pub_root, sec_root,
dek, s2k, NULL, expiredate, 1 ); dek, s2k, NULL, expire, 1 );
if( !rc ) if( !rc )
rc = write_keybinding(pub_root, pub_root, sk); rc = write_keybinding(pub_root, pub_root, sk);
if( !rc ) if( !rc )
@ -951,7 +959,7 @@ generate_subkeypair( KBNODE pub_keyblock, KBNODE sec_keyblock )
KBNODE node; KBNODE node;
PKT_secret_key *sk = NULL; /* this is the primary sk */ PKT_secret_key *sk = NULL; /* this is the primary sk */
int v4, algo; int v4, algo;
u32 expiredate; u32 expire;
unsigned nbits; unsigned nbits;
char *passphrase = NULL; char *passphrase = NULL;
DEK *dek = NULL; DEK *dek = NULL;
@ -988,7 +996,7 @@ generate_subkeypair( KBNODE pub_keyblock, KBNODE sec_keyblock )
algo = ask_algo( &v4, 1 ); algo = ask_algo( &v4, 1 );
assert(algo); assert(algo);
nbits = ask_keysize( algo ); nbits = ask_keysize( algo );
expiredate = ask_expiredate(); expire = ask_expire_interval();
if( !cpr_enabled() && !cpr_get_answer_is_yes(N_("keygen.sub.okay"), if( !cpr_enabled() && !cpr_get_answer_is_yes(N_("keygen.sub.okay"),
_("Really create? ") ) ) _("Really create? ") ) )
goto leave; goto leave;
@ -1002,7 +1010,7 @@ generate_subkeypair( KBNODE pub_keyblock, KBNODE sec_keyblock )
} }
rc = do_create( algo, nbits, pub_keyblock, sec_keyblock, rc = do_create( algo, nbits, pub_keyblock, sec_keyblock,
dek, s2k, NULL, expiredate, v4 ); dek, s2k, NULL, expire, v4 );
if( !rc ) if( !rc )
rc = write_keybinding(pub_keyblock, pub_keyblock, sk); rc = write_keybinding(pub_keyblock, pub_keyblock, sk);
if( !rc ) if( !rc )

2
g10/keyid.c
View File

@ -310,7 +310,7 @@ expirestr_from_pk( PKT_public_key *pk )
if( !pk->expiredate ) if( !pk->expiredate )
return "never "; return "never ";
atime = pk->expiredate; atime = pk->expiredate;
tp = gmtime( &atime ); tp = gmtime( &atime );
sprintf(buffer,"%04d-%02d-%02d", 1900+tp->tm_year, tp->tm_mon+1, tp->tm_mday ); sprintf(buffer,"%04d-%02d-%02d", 1900+tp->tm_year, tp->tm_mon+1, tp->tm_mday );
return buffer; return buffer;

2
g10/main.h
View File

@ -77,7 +77,7 @@ int check_key_signature( KBNODE root, KBNODE node, int *is_selfsig );
int delete_key( const char *username, int secure ); int delete_key( const char *username, int secure );
/*-- keyedit.c --*/ /*-- keyedit.c --*/
void keyedit_menu( const char *username, STRLIST locusr ); void keyedit_menu( const char *username, STRLIST locusr, STRLIST cmds );
/*-- keygen.c --*/ /*-- keygen.c --*/
u32 ask_expiredate(void); u32 ask_expiredate(void);

8
g10/mainproc.c
View File

@ -278,13 +278,7 @@ proc_plaintext( CTX c, PACKET *pkt )
md_enable( c->mfx.md, DIGEST_ALGO_SHA1 ); md_enable( c->mfx.md, DIGEST_ALGO_SHA1 );
md_enable( c->mfx.md, DIGEST_ALGO_MD5 ); md_enable( c->mfx.md, DIGEST_ALGO_MD5 );
} }
#if 0
if( c->mfx.md ) {
m_check(c->mfx.md);
if( c->mfx.md->list )
m_check( c->mfx.md->list );
}
#endif
rc = handle_plaintext( pt, &c->mfx, c->sigs_only, clearsig ); rc = handle_plaintext( pt, &c->mfx, c->sigs_only, clearsig );
if( rc == G10ERR_CREATE_FILE && !c->sigs_only) { if( rc == G10ERR_CREATE_FILE && !c->sigs_only) {
/* can't write output but we hash it anyway to /* can't write output but we hash it anyway to

1
g10/options.h
View File

@ -64,6 +64,7 @@ struct {
int s2k_mode; int s2k_mode;
int s2k_digest_algo; int s2k_digest_algo;
int s2k_cipher_algo; int s2k_cipher_algo;
int not_dash_escaped;
} opt; } opt;

8
g10/parse-packet.c
View File

@ -288,7 +288,7 @@ parse( IOBUF inp, PACKET *pkt, int reqtype, ulong *retpos,
} }
if( do_skip || !pkttype || (reqtype && pkttype != reqtype) ) { if( do_skip || !pkttype || (reqtype && pkttype != reqtype) ) {
skip_packet(inp, pkttype, pktlen); skip_rest(inp, pktlen);
*skip = 1; *skip = 1;
rc = 0; rc = 0;
goto leave; goto leave;
@ -636,7 +636,8 @@ dump_sig_subpkt( int hashed, int type, int critical,
break; break;
case SIGSUBPKT_SIG_EXPIRE: case SIGSUBPKT_SIG_EXPIRE:
if( length >= 4 ) if( length >= 4 )
printf("sig expires %s", strtimestamp( buffer_to_u32(buffer) ) ); printf("sig expires after %s",
strtimevalue( buffer_to_u32(buffer) ) );
break; break;
case SIGSUBPKT_EXPORTABLE: case SIGSUBPKT_EXPORTABLE:
if( length ) if( length )
@ -653,7 +654,8 @@ dump_sig_subpkt( int hashed, int type, int critical,
break; break;
case SIGSUBPKT_KEY_EXPIRE: case SIGSUBPKT_KEY_EXPIRE:
if( length >= 4 ) if( length >= 4 )
printf("key expires %s", strtimestamp( buffer_to_u32(buffer) ) ); printf("key expires after %s",
strtimevalue( buffer_to_u32(buffer) ) );
break; break;
case SIGSUBPKT_ARR: case SIGSUBPKT_ARR:
p = "additional recipient request"; p = "additional recipient request";

19
g10/pubring.asc
View File

@ -1,18 +1,19 @@
pub 1024D/57548DCD 1998-07-07 Werner Koch (gnupg sig) <dd9jn@gnu.org> pub 1024D/57548DCD 1998-07-07 Werner Koch (gnupg sig) <dd9jn@gnu.org>
Key fingerprint = 6BD9 050F D8FC 941B 4341 2DCC 68B7 AB89 5754 8DCD Key fingerprint = 6BD9 050F D8FC 941B 4341 2DCC 68B7 AB89 5754 8DCD
pub 1024D/621CC013 1998-07-07 Werner Koch <werner.koch@guug.de> pub 1024D/621CC013 1998-07-07 Werner Koch <werner.koch@guug.de>
Key fingerprint = ECAF 7590 EB34 43B5 C7CF 3ACB 6C7E E1B8 621C C013 Key fingerprint = ECAF 7590 EB34 43B5 C7CF 3ACB 6C7E E1B8 621C C013
sub 1536G/B5A18FF4 1998-07-07
pub 768R/0C9857A5 1995-09-30 Werner Koch <werner.koch@guug.de> pub 768R/0C9857A5 1995-09-30 Werner Koch <werner.koch@guug.de>
Key fingerprint = 62 9E 97 C0 D5 55 76 3B 90 5A FA E9 81 1C 64 09 Key fingerprint = 62 9E 97 C0 D5 55 76 3B 90 5A FA E9 81 1C 64 09
uid Werner Koch (mein alter key) <wk@computer.org>
pub 768g/E1D81275 1998-02-09 werner <dd9jn@amsat.org> pub 768g/E1D81275 1998-02-09 werner <dd9jn@amsat.org>
Key fingerprint = 86E2 6681 6C0B 6DD5 4C06 BA6C E113 9763 E1D8 1275 Key fingerprint = 86E2 6681 6C0B 6DD5 4C06 BA6C E113 9763 E1D8 1275
-----BEGIN PGP PUBLIC KEY BLOCK----- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GNUPG v0.4.3b (GNU/Linux) Version: GnuPG v0.4.3c (GNU/Linux)
Comment: For info finger gcrypt@ftp.guug.de Comment: For info finger gcrypt@ftp.guug.de
mQGiBDWiHh4RBAD+l0rg5p9rW4M3sKvmeyzhs2mDxhRKDTVVUnTwpMIR2kIA9pT4 mQGiBDWiHh4RBAD+l0rg5p9rW4M3sKvmeyzhs2mDxhRKDTVVUnTwpMIR2kIA9pT4
@ -24,9 +25,9 @@ TR641BceGHNdYiR/PiDBJsGQ3ac7n7pwhV4qex3IViRDJWz5Dzr88x+Oju63KtxY
urUIBACi7d1rUlHr4ok7iBRlWHYXU2hpUIQ8C+UOE1XXT+HB7mZLSRONQnWMyXnq urUIBACi7d1rUlHr4ok7iBRlWHYXU2hpUIQ8C+UOE1XXT+HB7mZLSRONQnWMyXnq
bAAW+EUUX2xpb54CevAg4eOilt0es8GZMmU6c0wdUsnMWWqOKHBFFlDIvyI27aZ9 bAAW+EUUX2xpb54CevAg4eOilt0es8GZMmU6c0wdUsnMWWqOKHBFFlDIvyI27aZ9
quf0yvby63kFCanQKc0QnqGXQKzuXbFqBYW2UQrYgjXji8rd8bQnV2VybmVyIEtv quf0yvby63kFCanQKc0QnqGXQKzuXbFqBYW2UQrYgjXji8rd8bQnV2VybmVyIEtv
Y2ggKGdudXBnIHNpZykgPGRkOWpuQGdudS5vcmc+iF0EExECAB0FAjYp/BsFCTns Y2ggKGdudXBnIHNpZykgPGRkOWpuQGdudS5vcmc+iF0EExECAB0FAjZVoKYFCQht
YxYDCwQDBRUDAgYBAxYCAQIXgAAKCRBot6uJV1SNzUUWAJ452cFtgpR+KSYpF7xI DIgDCwQDBRUDAgYBAxYCAQIXgAAKCRBot6uJV1SNzS4+AKCHdeYHMmKQV9mC7REE
uTv/g2jE/QCfbggYOCUK9h4d6JNOuuI2ptbeUl6JAV8DBRA1oh5DA28RuP8+qgsQ 5Vz6d5rRBgCfVMcyRP7dxBwhytmwCDpAcCFvCLSJAV8DBRA1oh5DA28RuP8+qgsQ
A2MyBR0eiPUovYMz0DUXBbNs5606eaVeTJOn9WqkYGcS9xOKlGd8Xj0IcAKN30st A2MyBR0eiPUovYMz0DUXBbNs5606eaVeTJOn9WqkYGcS9xOKlGd8Xj0IcAKN30st
5AsC5hRqr82rrUjB5/CuVdbvk+Qkh6ixWCqo+RRrbgf8cKCg1x+lDj9PpeSD/B9U 5AsC5hRqr82rrUjB5/CuVdbvk+Qkh6ixWCqo+RRrbgf8cKCg1x+lDj9PpeSD/B9U
U45ntxYamoXnPszxtzU+e73Nkbtrej5rgMK8tgTLkhTAbO8M15Mgtw2yOeDFfiCj U45ntxYamoXnPszxtzU+e73Nkbtrej5rgMK8tgTLkhTAbO8M15Mgtw2yOeDFfiCj
@ -45,8 +46,8 @@ eUQrRDD9MTQ+XxcvEN0IpAj4kBJe9bR6HzAD/iecCmGwSlHUZZrgqWzv78o79XxD
dcuLdl4i2fL7kwEOf9jsDe7hGs27yrdJEmAG9QF9TOF9LJFmE1CqkgW+EpKxsY01 dcuLdl4i2fL7kwEOf9jsDe7hGs27yrdJEmAG9QF9TOF9LJFmE1CqkgW+EpKxsY01
Wjm0BFJB1R7iPUaUtFRZxYqfgXarmPjql2iBi+cVjLzGu+4BSojVAPgP/hhcnIow Wjm0BFJB1R7iPUaUtFRZxYqfgXarmPjql2iBi+cVjLzGu+4BSojVAPgP/hhcnIow
f4M4edPiICMP1GVjtCFXZXJuZXIgS29jaCA8d2VybmVyLmtvY2hAZ3V1Zy5kZT6I f4M4edPiICMP1GVjtCFXZXJuZXIgS29jaCA8d2VybmVyLmtvY2hAZ3V1Zy5kZT6I
XQQTEQIAHQUCNin7pQUJO82WDAMLBAMFFQMCBgEDFgIBAheAAAoJEGx+4bhiHMAT XQQTEQIAHQUCNlWgGQUJCDhNJgMLBAMFFQMCBgEDFgIBAheAAAoJEGx+4bhiHMAT
k1QAn1vonMj+ydyZK020qCf40h6Ig2MTAJ9LehZbevQB1mZJud2MnXqiNxs65IkA vRgAoJc50QYEJmqS7No1oKy1s1g2XuY3AJ9QekKaTlaTdxcrNRMb7tGFiLc//YkA
dQMFEDWjdxQdGfTBDJhXpQEBPfMC/0cxo+4xYVAplFO0nIYyjQgP7D8O0ufzPsIw dQMFEDWjdxQdGfTBDJhXpQEBPfMC/0cxo+4xYVAplFO0nIYyjQgP7D8O0ufzPsIw
F3kvb7b5FNNjfp+DAhN6G0HOIgkL3GsWtCfH5UHali+mtNFIKDpTtr+F/lPpZP3O F3kvb7b5FNNjfp+DAhN6G0HOIgkL3GsWtCfH5UHali+mtNFIKDpTtr+F/lPpZP3O
PzzsLZS4hYTqmMs1O/ACq8axKgAilYkBXwMFEDWiJw4DbxG4/z6qCxADB9wFH0i6 PzzsLZS4hYTqmMs1O/ACq8axKgAilYkBXwMFEDWiJw4DbxG4/z6qCxADB9wFH0i6
@ -184,6 +185,6 @@ o/ZDQfya+BlmbUbjNaEp0qr2BR4ypoz5jQSiQPUFN3I0RLRzR6bS+a1pUVucNMXQ
uu5GsvJpQW47DznFDDteZcpf+QaiKKcMfpUtbWOIIlWhMAtIAodBJxCqrgGWbVGE uu5GsvJpQW47DznFDDteZcpf+QaiKKcMfpUtbWOIIlWhMAtIAodBJxCqrgGWbVGE
kGtcrK7IW8NUDfpe/+KLcFzvx2XPo8+RHWrTlgf1RhEXdNx2up7gbuiHf+CD8kAB kGtcrK7IW8NUDfpe/+KLcFzvx2XPo8+RHWrTlgf1RhEXdNx2up7gbuiHf+CD8kAB
zkINfmdYizmD1/JE8+DO8gCMopcY2hYmStG4E2lUCq79qCCBeORg5A== zkINfmdYizmD1/JE8+DO8gCMopcY2hYmStG4E2lUCq79qCCBeORg5A==
=ahHm =7eJ9
-----END PGP PUBLIC KEY BLOCK----- -----END PGP PUBLIC KEY BLOCK-----

25
g10/sign.c
View File

@ -458,6 +458,22 @@ write_dash_escaped( IOBUF inp, IOBUF out, MD_HANDLE md )
int lastlf = 1; int lastlf = 1;
int state = 0; int state = 0;
if( opt.not_dash_escaped ) {
lastlf = 0;
while( (c = iobuf_get(inp)) != -1 ) {
md_putc(md, c );
iobuf_put( out, c );
lastlf = c;
}
if( lastlf != '\n' ) {
/* add a missing trailing LF */
md_putc(md, '\n' );
iobuf_put( out, '\n' );
}
return 0;
}
while( (c = iobuf_get(inp)) != -1 ) { while( (c = iobuf_get(inp)) != -1 ) {
/* Note: We don't escape "From " because the MUA should cope with it */ /* Note: We don't escape "From " because the MUA should cope with it */
if( lastlf ) { if( lastlf ) {
@ -579,7 +595,11 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
} }
} }
assert(any); assert(any);
iobuf_writestr(out, "\n\n" ); iobuf_writestr(out, "\n" );
if( opt.not_dash_escaped )
iobuf_writestr( out,
"NotDashEscaped: You need GnuPG to verify this message\n" );
iobuf_writestr(out, "\n" );
} }
@ -588,7 +608,8 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
PKT_secret_key *sk = sk_rover->sk; PKT_secret_key *sk = sk_rover->sk;
md_enable(textmd, hash_for(sk->pubkey_algo)); md_enable(textmd, hash_for(sk->pubkey_algo));
} }
iobuf_push_filter( inp, text_filter, &tfx ); if( !opt.not_dash_escaped )
iobuf_push_filter( inp, text_filter, &tfx );
rc = write_dash_escaped( inp, out, textmd ); rc = write_dash_escaped( inp, out, textmd );
if( rc ) if( rc )
goto leave; goto leave;

1
include/util.h
View File

@ -137,6 +137,7 @@ const char *print_fname_stdout( const char *s );
/*-- miscutil.c --*/ /*-- miscutil.c --*/
u32 make_timestamp(void); u32 make_timestamp(void);
u32 add_days_to_timestamp( u32 stamp, u16 days ); u32 add_days_to_timestamp( u32 stamp, u16 days );
const char *strtimevalue( u32 stamp );
const char *strtimestamp( u32 stamp ); /* GMT */ const char *strtimestamp( u32 stamp ); /* GMT */
const char *asctimestamp( u32 stamp ); /* localized */ const char *asctimestamp( u32 stamp ); /* localized */
void print_string( FILE *fp, byte *p, size_t n, int delim ); void print_string( FILE *fp, byte *p, size_t n, int delim );

5
po/ChangeLog
View File

@ -1,3 +1,8 @@
Fri Nov 20 11:46:22 1998 Werner Koch (wk@isil.d.shuttle.de)
* de.po: Imported new version
* de.glo: Glossary used for de.po.
Sat Nov 14 10:16:59 1998 Werner Koch (wk@isil.d.shuttle.de) Sat Nov 14 10:16:59 1998 Werner Koch (wk@isil.d.shuttle.de)
* es_ES.po: New translation by Urko Lusa. * es_ES.po: New translation by Urko Lusa.

2
po/Makefile.in.in
View File

@ -44,7 +44,7 @@ INCLUDES = -I.. -I$(top_srcdir)/intl
COMPILE = $(CC) -c $(DEFS) $(INCLUDES) $(CPPFLAGS) $(CFLAGS) $(XCFLAGS) COMPILE = $(CC) -c $(DEFS) $(INCLUDES) $(CPPFLAGS) $(CFLAGS) $(XCFLAGS)
SOURCES = cat-id-tbl.c SOURCES = cat-id-tbl.c de.glo
POFILES = @POFILES@ POFILES = @POFILES@
GMOFILES = @GMOFILES@ GMOFILES = @GMOFILES@
DISTFILES = ChangeLog Makefile.in.in POTFILES.in $(PACKAGE).pot \ DISTFILES = ChangeLog Makefile.in.in POTFILES.in $(PACKAGE).pot \

51
po/de.glo Normal file
View File

@ -0,0 +1,51 @@
algorithm Verfahren
anonymous ungenannter
armor ASCII-Hülle
bug Wanze (Programmfehler)
certificate Zertifikat
checksum Prüfsumme
cipher algorithm Verschlüsselungsverfahren
compress algorithm Komprimierverfahren
corrupted beschädigter
digest algorithm Hashmethode
expire date Verfallsdatum
generated erzeugter
Good certificate Korrektes Zertifikat
hint Tip
key-ID Schlüssel-ID
keyring Schlüsselring -> Schlüsselbund
malformed Ungünstig aufgebaute
message Botschaft
note Hinweis
ownertrust \"Owner trust\"
packet Paket
packet type Pakettyp
passphrase \"Passphrase\"
preferences bevorzugt
primary keys Hauptschlüssel
protection algorithm Schutzmethode
pubkey algorithm Public-Key Verfahren (*1)
public key öffentlicher Schüssel
........ Authentisierung
retry ????
revo... Widerruf
secondary key Zweitschlüssel
secret key geheimer Schlüssel
self-signature Eigensignatur
sender Absender
sign user id User-ID beglaubigen
throw verwerfe
Timestamp conflict Zeitangaben differieren
Trust-DB 'Trust'-Datenbank
trying Versuch
update
user ID User-ID
user IDs User-IDs
weak key unsicherer Schlüssel
(*1) Uneinheitlich verwendet
--
Walter Koch Hochdahl am Neandertal
walterk@mail.dip.de ham:dg9ep@db0iz
http://home.pages.de/~dg9ep/ qrv:db0iz-9

1939
po/de.po
View File

File diff suppressed because it is too large Load Diff

1447
po/en.po
View File

File diff suppressed because it is too large Load Diff

1864
po/es_ES.po
View File

File diff suppressed because it is too large Load Diff

1419
po/fr.po
View File

File diff suppressed because it is too large Load Diff

1408
po/it.po
View File

File diff suppressed because it is too large Load Diff

1405
po/ru.po
View File

File diff suppressed because it is too large Load Diff

4
scripts/ChangeLog
View File

@ -1,3 +1,7 @@
Fri Nov 20 12:01:57 1998 Werner Koch (wk@isil.d.shuttle.de)
* mkdiff: signs the pacth file
Sat Oct 17 16:10:16 1998 Werner Koch (wk@isil.d.shuttle.de) Sat Oct 17 16:10:16 1998 Werner Koch (wk@isil.d.shuttle.de)
* autogen.sh: New. * autogen.sh: New.

13
scripts/mkdiff
View File

@ -33,6 +33,10 @@ cat <<EOF > $diff_name
This is a patch file against $prev_ver. This is a patch file against $prev_ver.
Please check the signature of this patch file:
zcat somepath/gnupg-$curr_ver.diff.gz | gpg --verify
Change to directory gnupg-$prev_ver (or however you renamed it) Change to directory gnupg-$prev_ver (or however you renamed it)
and give this command: and give this command:
@ -52,8 +56,9 @@ sed -e '/^diff.*VERSION/,/^+[0-9][0-9]*/ d' $tmp_name >> $diff_name
rm $tmp_name rm $tmp_name
echo "Compressing patch file" echo "Signing and compressing patch file"
gzip -9 $diff_name ../gnupg/g10/gpg --clearsign --not-dash-escaped -u "(gnupg sig)" \
< $diff_name | gzip --best > $diff_name.gz
echo "Checking patch file" echo "Checking patch file"
cd gnupg-$prev_ver cd gnupg-$prev_ver
@ -66,6 +71,10 @@ if ! diff -urN "gnupg-$prev_ver/" "gnupg-$curr_ver/" >/dev/null ; then
exit 1 exit 1
fi fi
if ! zcat $diff_name.gz | ../gnupg/g10/gpg --batch --verify ; then
exit 1
fi
echo "cleaning up" echo "cleaning up"

4
util/ChangeLog
View File

@ -1,3 +1,7 @@
Thu Nov 19 07:09:55 1998 Werner Koch <werner.koch@guug.de>
* miscutil.c (strtimevalue): New.
Tue Nov 10 10:01:53 1998 Werner Koch (wk@isil.d.shuttle.de) Tue Nov 10 10:01:53 1998 Werner Koch (wk@isil.d.shuttle.de)
* strgutil.c (set_native_charset): New. * strgutil.c (set_native_charset): New.

29
util/miscutil.c
View File

@ -39,6 +39,35 @@ add_days_to_timestamp( u32 stamp, u16 days )
return stamp + days*86400L; return stamp + days*86400L;
} }
/****************
* Return a string with a time value in the form: x Y, n D, n H
*/
const char *
strtimevalue( u32 value )
{
static char buffer[30];
unsigned int years, days, hours, minutes;
value /= 60;
minutes = value % 60;
value /= 60;
hours = value % 24;
value /= 24;
days = value % 365;
value /= 365;
years = value;
sprintf(buffer,"%uy%ud%uh%um", years, days, hours, minutes );
if( years )
return buffer;
if( days )
return strchr( buffer, 'y' ) + 1;
return strchr( buffer, 'd' ) + 1;
}
/**************** /****************
* Note: this function returns GMT * Note: this function returns GMT
*/ */