security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-30 16:17:02 +01:00
Code Activity

fixed clearsig stuff

Browse Source
This commit is contained in:
Werner Koch 1998-07-08 09:29:43 +00:00
parent ccb3140ab2
commit 5aed77d1db
28 changed files with 1428 additions and 584 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
TODO
View File

@ -1,7 +1,7 @@
* add option --restore-ownertrust
* add options: --default-signature-user, --default-encryption-user
* always put key signatures before the first subkey.
* Change the formatting of log_xxxx to GNU standards
("name:filename:line: text")

2
VERSION
View File

@ -1 +1 @@
0.3.1
0.3.1a

4
checks/ChangeLog
View File

@ -1,3 +1,7 @@
Wed Jul 8 10:43:47 1998 Werner Koch (wk@isil.d.shuttle.de)
* seat.test: New.
Mon May 18 15:40:02 1998 Werner Koch (wk@isil.d.shuttle.de)
* Makefile.am: Now uses mk-tdata to produce random test data.

2
checks/Makefile.am
View File

@ -4,7 +4,7 @@ TESTS = version.test mds.test \
decrypt.test decrypt-dsa.test \
sigs.test sigs-dsa.test \
encrypt.test encrypt-dsa.test \
clearsig.test encryptp.test detach.test \
seat.test clearsig.test encryptp.test detach.test \
armsigs.test armencrypt.test armencryptp.test \
signencrypt.test signencrypt-dsa.test \
armsignencrypt.test armdetach.test \

22
checks/clearsig.test
View File

@ -2,19 +2,17 @@
. defs.inc || exit 3
#info Checking cleartext signatures
# There is a minor glitch, which appends an lf to the cleartext.
# I do not consider that a bug, but I have to use the head .. mimic.
# It is not clear what should happen to leading LFs, we must
# change the defintion of cleartext, so that only 1 empty line
# must follow the headers, but some specs say: any number of empty lines ..
# clean-sat removes leading LFs
# I know that this does not work for random data files (due to large lines
# or what ever) - I hope we can live with it.
# I can't compare the out because plain-3 has no LF as last charcater
# but the output has always one. I do not thinkl this is a bug, because
# it is clear text and not binary text.
for i in $plain_files; do
echo "$usrpass1" | ./run-gpg --passphrase-fd 0 -sat -o x --yes $i
./run-gpg -o y --yes x
../tools/clean-sat < $i > z
head -c $[ $(cat y | wc -c) - 1 ] y | diff - z || error "$i: mismatch"
./run-gpg --verify x
done
# and once more to check rfc1991
for i in $plain_files; do
echo "$usrpass1" | ./run-gpg --passphrase-fd 0 \
--rfc1991 --digest-algo md5 -sat -o x --yes $i
./run-gpg --verify x
done

3
checks/defs.inc
View File

@ -21,9 +21,8 @@ dsa_usrname2="0xCB879DE9"
dsa_keyrings="--keyring ./pubring.pkr --secret-keyring ./secring.skr"
#plain_files="plain-1 plain-2 plain-3"
plain_files="plain-1 plain-2 plain-3"
#data_files="data-500 data-9000 data-32000 data-80000"
plain_files="plain-1 plain-2"
data_files="data-500 data-9000"
exp_files=""

10
checks/seat.test Executable file
View File

@ -0,0 +1,10 @@
#!/bin/sh
. defs.inc || exit 3
for i in $plain_files ; do
echo "$usrpass1" | ./run-gpg --passphrase-fd 0 -seat -r two -o x --yes $i
./run-gpg -o y --yes x
cmp $i y || error "$i: mismatch"
done

27
doc/gpg.1pod
View File

@ -61,7 +61,7 @@ B<--verify> [[I<sigfile>] {I<signed-files>}]
B<-k> [I<username>] [I<keyring>]
Kludge to be somewhat compatible with PGP.
Without arguments, all public key-rings are listed.
Without arguments, all public keyrings are listed.
With one argument, only I<keyring> is listed.
Special combinations are also allowed, but it may
give strange results when combined with more options.
@ -129,8 +129,8 @@ B<--gen-revoke>
Generate a revocation certificate.
B<--export> [I<names>]
Either export all keys from all key-rings (default
key-rings and those registered via option B<--keyring>),
Either export all keys from all keyrings (default
keyrings and those registered via option B<--keyring>),
or if at least one name is given, those of the given
name. The new keyring is written to F<stdout> or to
the file given with option "output". Use together
@ -165,6 +165,11 @@ B<-u> I<name>, B<--local-user> I<name>
This option is silently ignored for the list commands,
so that it can be used in an options file.
B<--default-key> I<name>
Use I<name> as default user-id for signatures. If this
is not used the default user-id is the first user-id in
the secret keyring.
B<-r> I<name>, B<--remote-user> I<name>
Use I<name> as the user-id for encryption.
This option is silently ignored for the list commands,
@ -202,14 +207,15 @@ B<--no>
Assume no on most questions.
B<--keyring> I<file>
Add I<file> to the list of key-rings.
Add I<file> to the list of keyrings.
If I<file> begins with a tilde and a slash, these
are replaced by the HOME directory. If the filename
does not contain a slash, it is assumed to be in the
home-directory (F<~/.gnupg> if B<--homedir>) is not used.
B<--secret-keyring> I<file>
Same as B<--keyring> but for secret key-rings.
Same as B<--keyring> but for secret keyrings.
B<--homedir> I<dir>
Set the name of the home directory to I<dir>. If this
@ -287,8 +293,8 @@ B<--no-armor>
Assume the input data is not in ASCCI armored format.
B<--no-default-keyring>
Do not add the default key-rings to the list of
key-rings.
Do not add the default keyrings to the list of
keyrings.
B<--skip-verify>
Skip the signature verification step. This may be used to
@ -329,17 +335,14 @@ C<GNUPGHOME> If set, direcory used instead of F<~/.gnupg>.
=head1 FILES
F<~/.gnupg/secring.gpg> The secret key-ring
F<~/.gnupg/secring.gpg> The secret keyring
F<~/.gnupg/pubring.gpg> The public key-ring
F<~/.gnupg/pubring.gpg> The public keyring
F<~/.gnupg/trustdb.gpg> The trust database
F<~/.gnupg/gnupg.gpg> Signature of GNUPG files.
F<~/.gnupg/options> May contain options
=head1 SEE ALSO
gpgm(1) gpgd(1)

17
g10/ChangeLog
View File

@ -1,3 +1,20 @@
Wed Jul 8 10:45:28 1998 Werner Koch (wk@isil.d.shuttle.de)
* plaintext.c (special_md_putc): New.
(handle_plaintext): add clearsig argument
* mainproc.c (proc_plaintext): detection of clearsig
* sign.c (write_dased_escaped): Changed clearsig format
Tue Jul 7 18:56:19 1998 Werner Koch (wk@isil.d.shuttle.de)
* armor.c (find_header): Now makes sure that there is only one
empty line for clearsigs, as this is what OP now says.
Mon Jul 6 13:09:07 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c (main): New option default-secret-key
* getkey.c (get_seckey_byname): support for this option.
Mon Jul 6 09:03:49 1998 Werner Koch (wk@isil.d.shuttle.de)
* getkey.c (add_keyring): Keyrings are now added to end of the

15
g10/armor.c
View File

@ -380,16 +380,13 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
state = fhdrEOF;
break;
case fhdrWAITClearsig: /* skip all empty lines (for clearsig) */
case fhdrWAITClearsig: /* skip the empty line (for clearsig) */
c = 0;
for(n=0; n < buflen && (c=iobuf_get2(a)) != -1 && c != '\n'; )
buf[n++] = c;
if( n < buflen || c == '\n' ) {
buf[n] = 0;
if( !n || (buf[0]=='\r' && !buf[1]) ) /* empty line */
;
else
state = fhdrCHECKDashEscaped3;
state = fhdrCHECKDashEscaped3;
}
else {
/* fixme: we should check whether this line continues
@ -590,6 +587,7 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
buf[1] = '\n';
n = 2;
}
}
@ -715,13 +713,6 @@ fake_packet( armor_filter_context_t *afx, IOBUF a,
break;
case fhdrENDClearsig:
/* FIXME: this is wrong: Only the last CRLF should
* not be included in the hash, muts rewrite the FSM again
* This proble does only occur if the last line does not end
* in with a LF?
*/
if( emplines )
emplines--; /* don't count the last one */
state = fhdrENDClearsigHelp;
afx->helplen = n;
break;

18
g10/export.c
View File

@ -125,6 +125,24 @@ do_export( STRLIST users, int secret )
/* and write it */
for( kbctx=NULL; (node = walk_kbnode( keyblock, &kbctx, 0 )); ) {
if( opt.do_not_export_rsa ) {
int algo;
switch( node->pkt->pkttype ) {
/* note: we can´ do this for subkeys here */
case PKT_PUBLIC_KEY:
algo = node->pkt->pkt.public_key->pubkey_algo;
break;
case PKT_SECRET_KEY:
algo = node->pkt->pkt.secret_key->pubkey_algo;
break;
case PKT_SIGNATURE:
algo = node->pkt->pkt.signature->pubkey_algo;
break;
default: algo = 0;
}
if( is_RSA(algo) )
continue;
}
if( (rc = build_packet( out, node->pkt )) ) {
log_error("build_packet(%d) failed: %s\n",
node->pkt->pkttype, g10_errstr(rc) );

6
g10/g10.c
View File

@ -76,6 +76,7 @@ static ARGPARSE_OPTS opts[] = {
#endif
{ 537, "export" , 0, N_("export keys") },
{ 563, "export-secret-keys" , 0, "@" },
{ 565, "do-not-export-rsa", 0, "@" },
{ 530, "import", 0 , N_("import/merge keys")},
{ 521, "list-packets",0,N_("list only the sequence of packets")},
#ifdef IS_G10MAINT
@ -105,6 +106,7 @@ static ARGPARSE_OPTS opts[] = {
{ 502, "no", 0, N_("assume no on most questions")},
{ 509, "keyring" ,2, N_("add this keyring to the list of keyrings")},
{ 517, "secret-keyring" ,2, N_("add this secret keyring to the list")},
{ 541, "default-key" ,2, N_("|NAME|use NAME as default secret key")},
{ 518, "options" , 2, N_("read options from file")},
{ 510, "debug" ,4|16, N_("set debugging flags")},
@ -168,8 +170,6 @@ static ARGPARSE_OPTS opts[] = {
{0} };
/* (Free numbers: 541) */
enum cmd_values { aNull = 0,
aSym, aStore, aEncr, aKeygen, aSign, aSignEncr,
@ -575,6 +575,7 @@ main( int argc, char **argv )
case 536: opt.marginals_needed = pargs.r.ret_int; break;
case 537: set_cmd( &cmd, aExport); break;
case 538: trustdb_name = pargs.r.ret_str; break;
case 541: opt.def_secret_key = pargs.r.ret_str; break;
case 543: break; /* no-options */
case 544: opt.homedir = pargs.r.ret_str; break;
case 545: opt.batch = 0; break;
@ -591,6 +592,7 @@ main( int argc, char **argv )
case 561: opt.rfc1991 = 1; break;
case 562: opt.emulate_bugs |= 1; break;
case 563: set_cmd( &cmd, aExportSecret); break;
case 565: opt.do_not_export_rsa = 1; break;
default : errors++; pargs.err = configfp? 1:2; break;
}
}

8
g10/getkey.c
View File

@ -532,8 +532,12 @@ get_seckey_byname( PKT_secret_key *sk, const char *name, int unprotect )
{
int rc;
rc = name ? key_byname( 1, NULL, sk, name )
: lookup_sk( sk, 15, NULL, NULL );
if( !name && opt.def_secret_key && *opt.def_secret_key )
rc = key_byname( 1, NULL, sk, opt.def_secret_key );
else if( !name ) /* use the first one as default key */
rc = lookup_sk( sk, 15, NULL, NULL );
else
rc = key_byname( 1, NULL, sk, name );
if( !rc && unprotect )
rc = check_secret_key( sk );

190
g10/import.c
View File

@ -33,6 +33,7 @@
#include "util.h"
#include "trustdb.h"
#include "main.h"
#include "i18n.h"
static int read_block( IOBUF a, compress_filter_context_t *cfx,
@ -101,7 +102,7 @@ import_keys( const char *fname )
if( !fname )
fname = "[stdin]";
if( !inp ) {
log_error("%s: can't open file: %s\n", fname, strerror(errno) );
log_error_f(fname, _("can't open file: %s\n"), strerror(errno) );
return G10ERR_OPEN_FILE;
}
@ -116,9 +117,10 @@ import_keys( const char *fname )
else if( keyblock->pkt->pkttype == PKT_SIGNATURE
&& keyblock->pkt->pkt.signature->sig_class == 0x20 )
rc = import_revoke_cert( fname, keyblock );
else
log_info("%s: skipping block of type %d\n",
fname, keyblock->pkt->pkttype );
else {
log_info_f(fname, _("skipping block of type %d\n"),
keyblock->pkt->pkttype );
}
release_kbnode(keyblock);
if( rc )
break;
@ -126,7 +128,7 @@ import_keys( const char *fname )
if( rc == -1 )
rc = 0;
else if( rc && rc != G10ERR_INV_KEYRING )
log_error("%s: read error: %s\n", fname, g10_errstr(rc));
log_error_f( fname, _("read error: %s\n"), g10_errstr(rc));
iobuf_close(inp);
return rc;
@ -255,7 +257,7 @@ import_one( const char *fname, KBNODE keyblock )
uidnode = find_next_kbnode( keyblock, PKT_USER_ID );
if( opt.verbose ) {
log_info("%s: pub %4u%c/%08lX %s ", fname,
log_info_f( fname, "pub %4u%c/%08lX %s ",
nbits_from_pk( pk ),
pubkey_letter( pk->pubkey_algo ),
(ulong)keyid[1], datestr_from_pk(pk) );
@ -265,7 +267,7 @@ import_one( const char *fname, KBNODE keyblock )
putc('\n', stderr);
}
if( !uidnode ) {
log_error("%s: No user id for key %08lX\n", fname, (ulong)keyid[1]);
log_error_f(fname, _("key %08lX: no user id\n"), (ulong)keyid[1]);
return 0;
}
@ -275,8 +277,8 @@ import_one( const char *fname, KBNODE keyblock )
return rc== -1? 0:rc;
if( !delete_inv_parts( fname, keyblock, keyid ) ) {
log_info("%s: key %08lX, no valid user ids\n",
fname, (ulong)keyid[1]);
log_info_f( fname, _("key %08lX: no valid user ids\n"),
(ulong)keyid[1]);
return 0;
}
@ -284,27 +286,27 @@ import_one( const char *fname, KBNODE keyblock )
pk_orig = m_alloc_clear( sizeof *pk_orig );
rc = get_pubkey( pk_orig, keyid );
if( rc && rc != G10ERR_NO_PUBKEY ) {
log_error("%s: key %08lX, public key not found: %s\n",
fname, (ulong)keyid[1], g10_errstr(rc));
log_error_f( fname, _("key %08lX: public key not found: %s\n"),
(ulong)keyid[1], g10_errstr(rc));
}
else if( rc ) { /* insert this key */
/* get default resource */
if( get_keyblock_handle( NULL, 0, &kbpos ) ) {
log_error("no default public keyring\n");
log_error(_("no default public keyring\n"));
return G10ERR_GENERAL;
}
if( opt.verbose > 1 )
log_info("%s: writing to '%s'\n",
fname, keyblock_resource_name(&kbpos) );
log_info_f( fname, _("writing to '%s'\n"),
keyblock_resource_name(&kbpos) );
if( (rc=lock_keyblock( &kbpos )) )
log_error("can't lock public keyring '%s': %s\n",
keyblock_resource_name(&kbpos), g10_errstr(rc) );
log_error_f( keyblock_resource_name(&kbpos),
_("can't lock public keyring: %s\n"), g10_errstr(rc) );
else if( (rc=insert_keyblock( &kbpos, keyblock )) )
log_error("%s: can't write to '%s': %s\n", fname,
keyblock_resource_name(&kbpos), g10_errstr(rc) );
log_error_f( keyblock_resource_name(&kbpos),
_("can't write to keyring: %s\n"), g10_errstr(rc) );
unlock_keyblock( &kbpos );
/* we are ready */
log_info("%s: key %08lX imported\n", fname, (ulong)keyid[1]);
log_info_f( fname, _("key %08lX: public key imported\n"), (ulong)keyid[1]);
}
else { /* merge */
int n_uids, n_sigs, n_subk;
@ -312,8 +314,8 @@ import_one( const char *fname, KBNODE keyblock )
/* Compare the original against the new key; just to be sure nothing
* weird is going on */
if( cmp_public_keys( pk_orig, pk ) ) {
log_error("%s: key %08lX, doesn't match our copy\n",
fname, (ulong)keyid[1]);
log_error_f( fname, _("key %08lX: doesn't match our copy\n"),
(ulong)keyid[1]);
rc = G10ERR_GENERAL;
goto leave;
}
@ -324,14 +326,16 @@ import_one( const char *fname, KBNODE keyblock )
/* now read the original keyblock */
rc = find_keyblock_bypk( &kbpos, pk_orig );
if( rc ) {
log_error("%s: key %08lX, can't locate original keyblock: %s\n",
fname, (ulong)keyid[1], g10_errstr(rc));
log_error_f(fname,
_("key %08lX: can't locate original keyblock: %s\n"),
(ulong)keyid[1], g10_errstr(rc));
goto leave;
}
rc = read_keyblock( &kbpos, &keyblock_orig );
if( rc ) {
log_error("%s: key %08lX, can't read original keyblock: %s\n",
fname, (ulong)keyid[1], g10_errstr(rc));
log_error_f(fname,
_("key %08lX: can't read original keyblock: %s\n"),
(ulong)keyid[1], g10_errstr(rc));
goto leave;
}
/* and try to merge the block */
@ -345,37 +349,37 @@ import_one( const char *fname, KBNODE keyblock )
if( n_uids || n_sigs || n_subk ) {
/* keyblock_orig has been updated; write */
if( opt.verbose > 1 )
log_info("%s: writing to '%s'\n",
fname, keyblock_resource_name(&kbpos) );
log_info_f(keyblock_resource_name(&kbpos),
_("writing keyblock\n"));
if( (rc=lock_keyblock( &kbpos )) )
log_error("can't lock public keyring '%s': %s\n",
keyblock_resource_name(&kbpos), g10_errstr(rc) );
log_error_f(keyblock_resource_name(&kbpos),
_("can't lock public keyring: %s\n"), g10_errstr(rc) );
else if( (rc=update_keyblock( &kbpos, keyblock )) )
log_error("%s: can't write to '%s': %s\n", fname,
keyblock_resource_name(&kbpos), g10_errstr(rc) );
log_error_f( keyblock_resource_name(&kbpos),
_("can't write keyblock: %s\n"), g10_errstr(rc) );
unlock_keyblock( &kbpos );
/* we are ready */
if( n_uids == 1 )
log_info("%s: key %08lX, 1 new user-id\n",
fname, (ulong)keyid[1]);
log_info_f(fname, _("key %08lX: 1 new user-id\n"),
(ulong)keyid[1]);
else if( n_uids )
log_info("%s: key %08lX, %d new user-ids\n",
fname, (ulong)keyid[1], n_uids );
log_info_f(fname, _("key %08lX: %d new user-ids\n"),
(ulong)keyid[1], n_uids );
if( n_sigs == 1 )
log_info("%s: key %08lX, 1 new signature\n",
fname, (ulong)keyid[1]);
log_info_f(fname, _("key %08lX: 1 new signature\n"),
(ulong)keyid[1]);
else if( n_sigs )
log_info("%s: key %08lX, %d new signatures\n",
fname, (ulong)keyid[1], n_sigs );
log_info_f(fname, _("key %08lX: %d new signatures\n"),
(ulong)keyid[1], n_sigs );
if( n_subk == 1 )
log_info("%s: key %08lX, 1 new subkey\n",
fname, (ulong)keyid[1]);
log_info_f(fname, _("key %08lX: 1 new subkey\n"),
(ulong)keyid[1]);
else if( n_subk )
log_info("%s: key %08lX, %d new subkeys\n",
fname, (ulong)keyid[1], n_subk );
log_info_f(fname, _("key %08lX: %d new subkeys\n"),
(ulong)keyid[1], n_subk );
}
else
log_info("%s: key %08lX, not changed\n", fname, (ulong)keyid[1] );
log_info_f(fname, _("key %08lX: not changed\n"), (ulong)keyid[1] );
}
leave:
@ -408,7 +412,7 @@ import_secret_one( const char *fname, KBNODE keyblock )
uidnode = find_next_kbnode( keyblock, PKT_USER_ID );
if( opt.verbose ) {
log_info("%s: sec %4u%c/%08lX %s ", fname,
log_info_f(fname, "sec %4u%c/%08lX %s ",
nbits_from_sk( sk ),
pubkey_letter( sk->pubkey_algo ),
(ulong)keyid[1], datestr_from_sk(sk) );
@ -418,7 +422,7 @@ import_secret_one( const char *fname, KBNODE keyblock )
putc('\n', stderr);
}
if( !uidnode ) {
log_error("%s: No user id for key %08lX\n", fname, (ulong)keyid[1]);
log_error_f(fname, _("key %08lX: no user id\n"), (ulong)keyid[1]);
return 0;
}
@ -433,25 +437,24 @@ import_secret_one( const char *fname, KBNODE keyblock )
return G10ERR_GENERAL;
}
if( opt.verbose > 1 )
log_info("%s: writing to '%s'\n",
fname, keyblock_resource_name(&kbpos) );
log_info_f(keyblock_resource_name(&kbpos), _("writing keyblock\n"));
if( (rc=lock_keyblock( &kbpos )) )
log_error("can't lock secret keyring '%s': %s\n",
keyblock_resource_name(&kbpos), g10_errstr(rc) );
log_error_f( keyblock_resource_name(&kbpos),
_("can't lock secret keyring: %s\n"), g10_errstr(rc) );
else if( (rc=insert_keyblock( &kbpos, keyblock )) )
log_error("%s: can't write to '%s': %s\n", fname,
keyblock_resource_name(&kbpos), g10_errstr(rc) );
log_error_f(keyblock_resource_name(&kbpos),
_("can't write keyring\n"), g10_errstr(rc) );
unlock_keyblock( &kbpos );
/* we are ready */
log_info("%s: key %08lX imported\n", fname, (ulong)keyid[1]);
log_info_f(fname, _("key %08lX: secret key imported\n"), (ulong)keyid[1]);
}
else if( !rc ) { /* we can't merge secret keys */
log_error("%s: key %08lX already in secret keyring\n",
fname, (ulong)keyid[1]);
log_error_f(fname, _("key %08lX: already in secret keyring\n"),
(ulong)keyid[1]);
}
else
log_error("%s: key %08lX, secret key not found: %s\n",
fname, (ulong)keyid[1], g10_errstr(rc));
log_error_f(fname, _("key %08lX: secret key not found: %s\n"),
(ulong)keyid[1], g10_errstr(rc));
release_kbnode( keyblock_orig );
return rc;
@ -480,29 +483,30 @@ import_revoke_cert( const char *fname, KBNODE node )
pk = m_alloc_clear( sizeof *pk );
rc = get_pubkey( pk, keyid );
if( rc == G10ERR_NO_PUBKEY ) {
log_info("%s: key %08lX, no public key - "
"can't apply revocation certificate\n",
fname, (ulong)keyid[1]);
log_info_f(fname, _("key %08lX: no public key - "
"can't apply revocation certificate\n"), (ulong)keyid[1]);
rc = 0;
goto leave;
}
else if( rc ) {
log_error("%s: key %08lX, public key not found: %s\n",
fname, (ulong)keyid[1], g10_errstr(rc));
log_error_f(fname, _("key %08lX: public key not found: %s\n"),
(ulong)keyid[1], g10_errstr(rc));
goto leave;
}
/* read the original keyblock */
rc = find_keyblock_bypk( &kbpos, pk );
if( rc ) {
log_error("%s: key %08lX, can't locate original keyblock: %s\n",
fname, (ulong)keyid[1], g10_errstr(rc));
log_error_f(fname,
_("key %08lX: can't locate original keyblock: %s\n"),
(ulong)keyid[1], g10_errstr(rc));
goto leave;
}
rc = read_keyblock( &kbpos, &keyblock );
if( rc ) {
log_error("%s: key %08lX, can't read original keyblock: %s\n",
fname, (ulong)keyid[1], g10_errstr(rc));
log_error_f(fname,
_("key %08lX: can't read original keyblock: %s\n"),
(ulong)keyid[1], g10_errstr(rc));
goto leave;
}
@ -512,9 +516,8 @@ import_revoke_cert( const char *fname, KBNODE node )
* special case. */
rc = check_key_signature( keyblock, node, NULL);
if( rc ) {
log_error("%s: key %08lX, invalid revocation certificate"
": %s - rejected\n",
fname, (ulong)keyid[1], g10_errstr(rc));
log_error_f(fname, _("key %08lX: invalid revocation certificate"
": %s - rejected\n"), (ulong)keyid[1], g10_errstr(rc));
}
@ -537,18 +540,17 @@ import_revoke_cert( const char *fname, KBNODE node )
/* and write the keyblock back */
if( opt.verbose > 1 )
log_info("%s: writing to '%s'\n",
fname, keyblock_resource_name(&kbpos) );
log_info_f( keyblock_resource_name(&kbpos), _("writing keyblock\n"));
if( (rc=lock_keyblock( &kbpos )) )
log_error("can't lock public keyring '%s': %s\n",
keyblock_resource_name(&kbpos), g10_errstr(rc) );
log_error_f( keyblock_resource_name(&kbpos),
_("can't lock public keyring: %s\n"), g10_errstr(rc) );
else if( (rc=update_keyblock( &kbpos, keyblock )) )
log_error("%s: can't write to '%s': %s\n", fname,
keyblock_resource_name(&kbpos), g10_errstr(rc) );
log_error_f(keyblock_resource_name(&kbpos),
_("can't write keyblock: %s\n"), g10_errstr(rc) );
unlock_keyblock( &kbpos );
/* we are ready */
log_info("%s: key %08lX, added revocation certificate\n",
fname, (ulong)keyid[1]);
log_info_f(fname, _("key %08lX: revocation certificate imported\n"),
(ulong)keyid[1]);
leave:
release_kbnode( keyblock );
@ -577,16 +579,16 @@ chk_self_sigs( const char *fname, KBNODE keyblock,
if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] ) {
unode = find_prev_kbnode( keyblock, n, PKT_USER_ID );
if( !unode ) {
log_error("%s: key %08lX, no user-id for signature\n",
fname, (ulong)keyid[1]);
log_error_f(fname, _("key %08lX: no user-id for signature\n"),
(ulong)keyid[1]);
return -1; /* the complete keyblock is invalid */
}
rc = check_key_signature( keyblock, n, NULL);
if( rc ) {
log_error( rc == G10ERR_PUBKEY_ALGO ?
"%s: key %08lX, unsupported public key algorithm\n":
"%s: key %08lX, invalid self-signature\n",
fname, (ulong)keyid[1]);
log_error_f( fname, rc == G10ERR_PUBKEY_ALGO ?
_("key %08lX: unsupported public key algorithm\n"):
_("key %08lX: invalid self-signature\n"),
(ulong)keyid[1]);
unode->flag |= 2; /* mark as invalid */
}
@ -614,8 +616,8 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid )
uid_seen = 1;
if( (node->flag & 2) || !(node->flag & 1) ) {
if( opt.verbose ) {
log_info("%s: key %08lX, removed userid '",
fname, (ulong)keyid[1]);
log_info_f(fname, _("key %08lX: skipped userid '"),
(ulong)keyid[1]);
print_string( stderr, node->pkt->pkt.user_id->name,
node->pkt->pkt.user_id->len, 0 );
fputs("'\n", stderr );
@ -637,15 +639,15 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid )
else if( node->pkt->pkttype == PKT_SIGNATURE
&& node->pkt->pkt.signature->sig_class == 0x20 ) {
if( uid_seen ) {
log_error("%s: key %08lX, revocation certificate at wrong "
"place - removed\n", fname, (ulong)keyid[1]);
log_error_f(fname, _("key %08lX: revocation certificate at wrong "
"place - skipped\n"), fname, (ulong)keyid[1]);
delete_kbnode( node );
}
else {
int rc = check_key_signature( keyblock, node, NULL);
if( rc ) {
log_error("%s: key %08lX, invalid revocation certificate"
": %s - removed\n",
log_error_f(fname, _("key %08lX: invalid revocation certificate"
": %s - skipped\n"),
fname, (ulong)keyid[1], g10_errstr(rc));
delete_kbnode( node );
}
@ -706,8 +708,8 @@ merge_blocks( const char *fname, KBNODE keyblock_orig, KBNODE keyblock,
insert_kbnode( keyblock_orig, n2, 0 );
n2->flag |= 1;
node->flag |= 1;
log_info("%s: key %08lX, added revocation certificate\n",
fname, (ulong)keyid[1]);
log_info_f(fname, _("key %08lX: revocation certificate added\n"),
(ulong)keyid[1]);
}
}
}
@ -769,7 +771,7 @@ append_uid( KBNODE keyblock, KBNODE node, int *n_sigs,
assert(node->pkt->pkttype == PKT_USER_ID );
/* at lease a self signature comes next to the user-id */
if( node->next->pkt->pkttype == PKT_USER_ID ) {
log_error("%s: key %08lX, our copy has no self-signature\n",
log_error_f(fname, _("key %08lX: our copy has no self-signature\n"),
fname, (ulong)keyid[1]);
return G10ERR_GENERAL;
}
@ -805,8 +807,8 @@ merge_sigs( KBNODE dst, KBNODE src, int *n_sigs,
/* at least a self signature comes next to the user-ids */
assert(src->next->pkt->pkttype != PKT_USER_ID );
if( dst->next->pkt->pkttype == PKT_USER_ID ) {
log_error("%s: key %08lX, our copy has no self-signature\n",
fname, (ulong)keyid[1]);
log_error_f(fname, _("key %08lX: our copy has no self-signature\n"),
(ulong)keyid[1]);
return 0;
}

32
g10/mainproc.c
View File

@ -232,22 +232,34 @@ static void
proc_plaintext( CTX c, PACKET *pkt )
{
PKT_plaintext *pt = pkt->pkt.plaintext;
int any, rc;
int any, clearsig, rc;
KBNODE n;
if( opt.verbose )
log_info("original file name='%.*s'\n", pt->namelen, pt->name);
free_md_filter_context( &c->mfx );
/* fixme: look at the sigclass to check whether we should use the
* textmode filter (sigclass 0x01)
*/
c->mfx.md = md_open( 0, 0);
any = 0;
/* fixme: we may need to push the textfilter if we have sigclass 1
* and no armoring - Not yet tested */
any = clearsig = 0;
for(n=c->list; n; n = n->next ) {
if( n->pkt->pkttype == PKT_ONEPASS_SIG
&& n->pkt->pkt.onepass_sig->digest_algo ) {
md_enable( c->mfx.md, n->pkt->pkt.onepass_sig->digest_algo );
any = 1;
if( n->pkt->pkttype == PKT_ONEPASS_SIG ) {
if( n->pkt->pkt.onepass_sig->digest_algo ) {
md_enable( c->mfx.md, n->pkt->pkt.onepass_sig->digest_algo );
any = 1;
}
/* Check whether this is a cleartext signature. We assume that
* we have one if the sig_class is 1 and the keyid is 0, that
* are the faked packets produced by armor.c. There is a
* possibility that this fails, but there is no other easy way
* to do it. (We could use a special packet type to indicate
* this, but this may also be faked - it simply can't be verified
* and is _no_ security issue)
*/
if( n->pkt->pkt.onepass_sig->sig_class == 0x01
&& !n->pkt->pkt.onepass_sig->keyid[0]
&& !n->pkt->pkt.onepass_sig->keyid[1] )
clearsig = 1;
}
}
if( !any ) { /* no onepass sig packet: enable all algos */
@ -260,7 +272,7 @@ proc_plaintext( CTX c, PACKET *pkt )
if( c->mfx.md->list )
m_check( c->mfx.md->list );
}
rc = handle_plaintext( pt, &c->mfx, c->sigs_only );
rc = handle_plaintext( pt, &c->mfx, c->sigs_only, clearsig );
if( rc )
log_error( "handle plaintext failed: %s\n", g10_errstr(rc));
if( c->mfx.md ) {

3
g10/options.h
View File

@ -37,9 +37,10 @@ struct {
int no_armor;
int list_packets; /* list-packets mode */
int def_cipher_algo;
int reserved;
int do_not_export_rsa;
int def_digest_algo;
int def_compress_algo;
const char *def_secret_key;
int no_comment;
int marginals_needed;
int completes_needed;

3
g10/packet.h
View File

@ -282,7 +282,8 @@ int decrypt_data( PKT_encrypted *ed, DEK *dek );
int encrypt_data( PKT_encrypted *ed, DEK *dek );
/*-- plaintext.c --*/
int handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,int nooutput);
int handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
int nooutput, int clearsig );
int ask_for_detached_datafile( md_filter_context_t *mfx, const char *inname );
/*-- comment.c --*/

66
g10/plaintext.c
View File

@ -33,6 +33,46 @@
#include "i18n.h"
/****************
* Defer the last CR,LF
*/
static void
special_md_putc( MD_HANDLE md, int c, int *state )
{
if( c == -1 ) { /* flush */
if( *state == 1 ) {
md_putc(md, '\r');
}
*state = 0;
return;
}
again:
switch( *state ) {
case 0:
if( c == '\r' )
*state = 1;
else
md_putc(md, c );
break;
case 1:
if( c == '\n' )
*state = 2;
else {
md_putc(md, '\r');
*state = 0;
goto again;
}
break;
case 2:
md_putc(md, '\r');
md_putc(md, '\n');
*state = 0;
goto again;
default: BUG();
}
}
/****************
* Handle a plaintext packet. If MFX is not NULL, update the MDs
* Note: we should use the filter stuff here, but we have to add some
@ -40,13 +80,15 @@
* bytes from the plaintext.
*/
int
handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx, int nooutput )
handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
int nooutput, int clearsig )
{
char *fname = NULL;
FILE *fp = NULL;
int rc = 0;
int c;
int convert = pt->mode == 't';
int special_state = 0;
/* create the filename as C string */
if( nooutput )
@ -86,10 +128,14 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx, int nooutput )
rc = G10ERR_READ_FILE;
goto leave;
}
if( mfx->md )
md_putc(mfx->md, c );
if( mfx->md ) {
if( convert && clearsig )
special_md_putc(mfx->md, c, &special_state );
else
md_putc(mfx->md, c );
}
if( convert && c == '\r' )
continue; /* FIXME: this hack is too simple */
continue; /* fixme: this hack might be too simple */
if( fp ) {
if( putc( c, fp ) == EOF ) {
log_error("Error writing to '%s': %s\n",
@ -102,10 +148,14 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx, int nooutput )
}
else {
while( (c = iobuf_get(pt->buf)) != -1 ) {
if( mfx->md )
md_putc(mfx->md, c );
if( mfx->md ) {
if( convert && clearsig )
special_md_putc(mfx->md, c, &special_state );
else
md_putc(mfx->md, c );
}
if( convert && c == '\r' )
continue; /* FIXME: this hack is too simple */
continue; /* fixme: this hack might be too simple */
if( fp ) {
if( putc( c, fp ) == EOF ) {
log_error("Error writing to '%s': %s\n",
@ -117,6 +167,8 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx, int nooutput )
}
iobuf_clear_eof(pt->buf);
}
if( mfx->md && convert && clearsig )
special_md_putc(mfx->md, -1, &special_state ); /* flush */
if( fp && fp != stdout && fclose(fp) ) {
log_error("Error closing '%s': %s\n", fname, strerror(errno) );

44
g10/sign.c
View File

@ -416,14 +416,14 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
/****************
* note: we do not count empty lines at the beginning
* Note: We do not calculate the hash over the last CR,LF
*/
static int
write_dash_escaped( IOBUF inp, IOBUF out, MD_HANDLE md )
{
int c;
int lastlf = 1;
int skip_empty = 1;
int state = 0;
while( (c = iobuf_get(inp)) != -1 ) {
/* Note: We don't escape "From " because the MUA should cope with it */
@ -431,21 +431,41 @@ write_dash_escaped( IOBUF inp, IOBUF out, MD_HANDLE md )
if( c == '-' ) {
iobuf_put( out, c );
iobuf_put( out, ' ' );
skip_empty = 0;
}
else if( skip_empty && c == '\r' )
skip_empty = 2;
else
skip_empty = 0;
}
if( !skip_empty )
md_putc(md, c );
again:
switch( state ) {
case 0:
if( c == '\r' )
state = 1;
else
md_putc(md, c );
break;
case 1:
if( c == '\n' )
state = 2;
else {
md_putc(md, '\r');
state = 0;
goto again;
}
break;
case 2:
md_putc(md, '\r');
md_putc(md, '\n');
state = 0;
goto again;
default: BUG();
}
iobuf_put( out, c );
lastlf = c == '\n';
if( skip_empty == 2 )
skip_empty = lastlf ? 0 : 1;
}
if( state == 1 )
md_putc(md, '\r');
if( !lastlf )
iobuf_put( out, '\n' );
return 0; /* fixme: add error handling */
}
@ -537,13 +557,11 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
PKT_secret_key *sk = sk_rover->sk;
md_enable(textmd, hash_for(sk->pubkey_algo));
}
iobuf_push_filter( inp, text_filter, &tfx );
rc = write_dash_escaped( inp, out, textmd );
if( rc )
goto leave;
iobuf_writestr(out, "\n" );
afx.what = 2;
iobuf_push_filter( out, armor_filter, &afx );

5
g10/textfilter.c
View File

@ -51,8 +51,11 @@ read_line( byte *buf, size_t *r_buflen, IOBUF a )
for(c=0, n=0; n < buflen && (c=iobuf_get2(a)) != -1 && c != '\n'; )
buf[n++] = c;
buf[n] = 0;
if( c == -1 )
if( c == -1 ) {
rc = -1;
if( !n || buf[n-1] != '\n' )
no_lf = 1;
}
else if( c != '\n' ) {
IOBUF b = iobuf_temp();
while( (c=iobuf_get2(a)) != -1 && c != '\n' ) {

5
include/cipher.h
View File

@ -44,6 +44,9 @@
#define PUBKEY_ALGO_DSA 17
#define PUBKEY_ALGO_ELGAMAL 20 /* sign and encrypt elgamal */
#define PUBKEY_USAGE_SIG 1 /* key is good for signatures */
#define PUBKEY_USAGE_ENC 2 /* key is good for encryption */
#define DIGEST_ALGO_MD5 1
#define DIGEST_ALGO_SHA1 2
#define DIGEST_ALGO_RMD160 3
@ -79,9 +82,7 @@ typedef struct {
int bufcount;
int secure;
FILE *debug;
int guard1;
struct md_digest_list_s *list;
int guard2;
} *MD_HANDLE;

17
include/util.h
View File

@ -72,6 +72,14 @@ void g10_log_mpidump( const char *text, MPI a );
void g10_log_error( const char *fmt, ... ) __attribute__ ((format (printf,1,2)));
void g10_log_info( const char *fmt, ... ) __attribute__ ((format (printf,1,2)));
void g10_log_debug( const char *fmt, ... ) __attribute__ ((format (printf,1,2)));
void g10_log_fatal_f( const char *fname, const char *fmt, ... )
__attribute__ ((noreturn, format (printf,2,3)));
void g10_log_error_f( const char *fname, const char *fmt, ... )
__attribute__ ((format (printf,2,3)));
void g10_log_info_f( const char *fname, const char *fmt, ... )
__attribute__ ((format (printf,2,3)));
void g10_log_debug_f( const char *fname, const char *fmt, ... )
__attribute__ ((format (printf,2,3)));
#define BUG() g10_log_bug0( __FILE__ , __LINE__, __FUNCTION__ )
#else
void g10_log_bug( const char *fmt, ... );
@ -80,6 +88,10 @@ void g10_log_mpidump( const char *text, MPI a );
void g10_log_error( const char *fmt, ... );
void g10_log_info( const char *fmt, ... );
void g10_log_debug( const char *fmt, ... );
void g10_log_fatal_f( const char *fname, const char *fmt, ... );
void g10_log_error_f( const char *fname, const char *fmt, ... );
void g10_log_info_f( const char *fname, const char *fmt, ... );
void g10_log_debug_f( const char *fname, const char *fmt, ... );
#define BUG() g10_log_bug0( __FILE__ , __LINE__ )
#endif
@ -91,7 +103,10 @@ void g10_log_mpidump( const char *text, MPI a );
#define log_error g10_log_error
#define log_info g10_log_info
#define log_debug g10_log_debug
#define log_fatal_f g10_log_fatal_f
#define log_error_f g10_log_error_f
#define log_info_f g10_log_info_f
#define log_debug_f g10_log_debug_f
/*-- errors.c --*/

21
po/POTFILES.in
View File

@ -3,14 +3,33 @@
# utility
util/secmem.c
util/argparse.c
# cipher
cipher/random.c
cipher/rand-dummy.c
cipher/rand-unix.c
cipher/rand-w32.c
# main program
g10/g10.c
g10/pkclist.c
g10/keygen.c
g10/decrypt.c
g10/encode.c
g10/import.c
g10/keyedit.c
g10/keylist.c
g10/mainproc.c
g10/passphrase.c
g10/plaintext.c
g10/pref.c
g10/seckey-cert.c
g10/sig-check.c
g10/sign.c
g10/trustdb.c
g10/verify.c
#---end--

1426
po/de.po
View File

File diff suppressed because it is too large Load Diff

4
util/ChangeLog
View File

@ -1,3 +1,7 @@
Tue Jul 7 11:49:25 1998 Werner Koch (wk@isil.d.shuttle.de)
* logger.c (log_set_filename): New.
Mon Jul 6 09:03:49 1998 Werner Koch (wk@isil.d.shuttle.de)
* strgutil.c (append_to_strlist): New.

2
util/iobuf.c
View File

@ -893,6 +893,8 @@ iobuf_peek(IOBUF a, byte *buf, unsigned buflen )
{
int n=0;
if( a->filter_eof )
return -1;
if( !(a->d.start < a->d.len) ) {
if( underflow(a) == -1 )
return -1;

56
util/logger.c
View File

@ -73,6 +73,15 @@ print_prefix(const char *text)
fprintf(stderr, "?%s: %s", pidstring, text );
}
static void
print_prefix_f(const char *text, const char *fname)
{
if( pgm_name )
fprintf(stderr, "%s%s:%s: %s", pgm_name, pidstring, fname, text );
else
fprintf(stderr, "?%s:%s: %s", pidstring, fname, text );
}
void
g10_log_info( const char *fmt, ... )
{
@ -84,6 +93,17 @@ g10_log_info( const char *fmt, ... )
va_end(arg_ptr);
}
void
g10_log_info_f( const char *fname, const char *fmt, ... )
{
va_list arg_ptr ;
print_prefix_f("", fname);
va_start( arg_ptr, fmt ) ;
vfprintf(stderr,fmt,arg_ptr) ;
va_end(arg_ptr);
}
void
g10_log_error( const char *fmt, ... )
{
@ -96,6 +116,18 @@ g10_log_error( const char *fmt, ... )
errorcount++;
}
void
g10_log_error_f( const char *fname, const char *fmt, ... )
{
va_list arg_ptr ;
print_prefix_f("", fname);
va_start( arg_ptr, fmt ) ;
vfprintf(stderr,fmt,arg_ptr) ;
va_end(arg_ptr);
errorcount++;
}
void
g10_log_fatal( const char *fmt, ... )
{
@ -109,6 +141,19 @@ g10_log_fatal( const char *fmt, ... )
exit(2);
}
void
g10_log_fatal_f( const char *fname, const char *fmt, ... )
{
va_list arg_ptr ;
print_prefix_f("fatal: ", fname);
va_start( arg_ptr, fmt ) ;
vfprintf(stderr,fmt,arg_ptr) ;
va_end(arg_ptr);
secmem_dump_stats();
exit(2);
}
void
g10_log_bug( const char *fmt, ... )
{
@ -149,6 +194,17 @@ g10_log_debug( const char *fmt, ... )
va_end(arg_ptr);
}
void
g10_log_debug_f( const char *fname, const char *fmt, ... )
{
va_list arg_ptr ;
print_prefix_f("DBG: ", fname);
va_start( arg_ptr, fmt ) ;
vfprintf(stderr,fmt,arg_ptr) ;
va_end(arg_ptr);
}
void

2
zlib/Makefile
View File

@ -92,7 +92,7 @@ POSUB = po
RANLIB = ranlib
USE_INCLUDED_LIBINTL = yes
USE_NLS = yes
VERSION = 0.3.1
VERSION = 0.3.1a
ZLIBS =
l =