mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-08 12:44:23 +01:00
gpg: Fix --version output and explicitly disable ECC.
* g10/misc.c (openpgp_pk_algo_name): New. Replace all calls in g10/ to gcry_pk_algo_name by a call to this function. (map_pk_openpgp_to_gcry): Map algo PUBKEY_ALGO_ELGAMAL_E to GCRY_PK_ELG. (openpgp_pk_test_algo): Use PUBKEY_ALGO_ELGAMAL_E instead of GCRY_PK_ELG_E. Return an error for ECC algos. (openpgp_pk_test_algo2): Return an error for ECC algos. * g10/gpg.c (build_list): Avoid printing ECC two times. * include/cipher.h: Do not use GCRY_PK_* macros for PUBKEY_ALGO_*. -- Due to recent changes to adjust for use with Libgcrypt 1.6, "gpg --version" printed two question marks. This patches fixes that and also make sure that gpg does advertise any ECC features. The patch in build_list is not really needed. Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
parent
3544beff86
commit
6286d01ba3
@ -846,7 +846,7 @@ write_pubkey_enc_from_list( PK_LIST pk_list, DEK *dek, IOBUF out )
|
||||
if( opt.verbose ) {
|
||||
char *ustr = get_user_id_string_native (enc->keyid);
|
||||
log_info(_("%s/%s encrypted for: \"%s\"\n"),
|
||||
gcry_pk_algo_name (enc->pubkey_algo),
|
||||
openpgp_pk_algo_name (enc->pubkey_algo),
|
||||
openpgp_cipher_algo_name (dek->algo),
|
||||
ustr );
|
||||
xfree(ustr);
|
||||
|
@ -854,8 +854,8 @@ my_strusage( int level )
|
||||
case 33: p = _("\nSupported algorithms:\n"); break;
|
||||
case 34:
|
||||
if (!pubkeys)
|
||||
pubkeys = build_list (_("Pubkey: "), 0,
|
||||
gcry_pk_algo_name,
|
||||
pubkeys = build_list (_("Pubkey: "), 'P',
|
||||
openpgp_pk_algo_name,
|
||||
openpgp_pk_test_algo );
|
||||
p = pubkeys;
|
||||
break;
|
||||
@ -906,6 +906,9 @@ build_list (const char *text, char letter,
|
||||
|
||||
for (i=0; i <= 110; i++ )
|
||||
{
|
||||
if (letter == 'P' && i == 19 )
|
||||
continue; /* No need to print a second "ECC" string. */
|
||||
|
||||
if (!chkf (i) && (s = mapf (i)))
|
||||
{
|
||||
if (mb.len - len > 60)
|
||||
@ -921,7 +924,7 @@ build_list (const char *text, char letter,
|
||||
put_membuf_str (&mb, text);
|
||||
|
||||
put_membuf_str (&mb, s);
|
||||
if (opt.verbose && letter)
|
||||
if (opt.verbose && letter && letter != 'P')
|
||||
{
|
||||
char num[20];
|
||||
snprintf (num, sizeof num, " (%c%d)", letter, i);
|
||||
|
@ -2810,7 +2810,7 @@ show_key_with_all_names( KBNODE keyblock, int only_marked, int with_revoker,
|
||||
if(pk->is_revoked)
|
||||
{
|
||||
char *user=get_user_id_string_native(pk->revoked.keyid);
|
||||
const char *algo = gcry_pk_algo_name (pk->revoked.algo);
|
||||
const char *algo = openpgp_pk_algo_name (pk->revoked.algo);
|
||||
tty_printf (_("The following key was revoked on"
|
||||
" %s by %s key %s\n"),
|
||||
revokestr_from_pk(pk),algo?algo:"?",user);
|
||||
@ -2828,7 +2828,7 @@ show_key_with_all_names( KBNODE keyblock, int only_marked, int with_revoker,
|
||||
char *user;
|
||||
const char *algo;
|
||||
|
||||
algo = gcry_pk_algo_name (pk->revkey[i].algid);
|
||||
algo = openpgp_pk_algo_name (pk->revkey[i].algid);
|
||||
keyid_from_fingerprint(pk->revkey[i].fpr,
|
||||
MAX_FINGERPRINT_LEN,r_keyid);
|
||||
|
||||
|
@ -1603,7 +1603,7 @@ ask_key_flags(int algo,int subkey)
|
||||
{
|
||||
tty_printf("\n");
|
||||
tty_printf(_("Possible actions for a %s key: "),
|
||||
gcry_pk_algo_name (algo));
|
||||
openpgp_pk_algo_name (algo));
|
||||
print_key_flags(possible);
|
||||
tty_printf("\n");
|
||||
tty_printf(_("Current allowed actions: "));
|
||||
@ -1807,7 +1807,7 @@ ask_keysize (int algo, unsigned int primary_keysize)
|
||||
}
|
||||
|
||||
tty_printf(_("%s keys may be between %u and %u bits long.\n"),
|
||||
gcry_pk_algo_name (algo), min, max);
|
||||
openpgp_pk_algo_name (algo), min, max);
|
||||
|
||||
for(;;)
|
||||
{
|
||||
@ -1826,7 +1826,7 @@ ask_keysize (int algo, unsigned int primary_keysize)
|
||||
|
||||
if(nbits<min || nbits>max)
|
||||
tty_printf(_("%s keysizes must be in the range %u-%u\n"),
|
||||
gcry_pk_algo_name (algo), min, max);
|
||||
openpgp_pk_algo_name (algo), min, max);
|
||||
else
|
||||
break;
|
||||
}
|
||||
|
@ -485,7 +485,7 @@ print_keyrec(int number,struct keyrec *keyrec)
|
||||
{
|
||||
const char *str;
|
||||
|
||||
str = gcry_pk_algo_name (map_pk_openpgp_to_gcry (keyrec->type));
|
||||
str = openpgp_pk_algo_name (keyrec->type);
|
||||
if(str && strcmp (str, "?"))
|
||||
printf("%s ",str);
|
||||
else
|
||||
|
@ -93,6 +93,7 @@ int map_pk_openpgp_to_gcry (int algo);
|
||||
int openpgp_pk_test_algo( int algo );
|
||||
int openpgp_pk_test_algo2 ( int algo, unsigned int use );
|
||||
int openpgp_pk_algo_usage ( int algo );
|
||||
const char *openpgp_pk_algo_name (int algo);
|
||||
int openpgp_md_test_algo( int algo );
|
||||
|
||||
#ifdef USE_IDEA
|
||||
|
@ -455,7 +455,7 @@ print_pkenc_list( struct kidlist_item *list, int failed )
|
||||
if ( !failed && list->reason )
|
||||
continue;
|
||||
|
||||
algstr = gcry_pk_algo_name ( list->pubkey_algo );
|
||||
algstr = openpgp_pk_algo_name ( list->pubkey_algo );
|
||||
pk = xmalloc_clear( sizeof *pk );
|
||||
|
||||
if( !algstr )
|
||||
@ -1644,7 +1644,7 @@ check_sig_and_print( CTX c, KBNODE node )
|
||||
|
||||
/* (Indendation below not yet changed to GNU style.) */
|
||||
|
||||
astr = gcry_pk_algo_name ( sig->pubkey_algo );
|
||||
astr = openpgp_pk_algo_name ( sig->pubkey_algo );
|
||||
if(keystrlen()>8)
|
||||
{
|
||||
log_info(_("Signature made %s\n"),asctimestamp(sig->timestamp));
|
||||
|
32
g10/misc.c
32
g10/misc.c
@ -297,7 +297,7 @@ print_pubkey_algo_note( int algo )
|
||||
{
|
||||
warn=1;
|
||||
log_info (_("WARNING: using experimental public key algorithm %s\n"),
|
||||
gcry_pk_algo_name (map_pk_openpgp_to_gcry (algo)));
|
||||
openpgp_pk_algo_name (algo));
|
||||
}
|
||||
}
|
||||
else if (algo == 20)
|
||||
@ -425,6 +425,7 @@ map_pk_openpgp_to_gcry (int algo)
|
||||
{
|
||||
case PUBKEY_ALGO_ECDSA: return 301 /*GCRY_PK_ECDSA*/;
|
||||
case PUBKEY_ALGO_ECDH: return 302 /*GCRY_PK_ECDH*/;
|
||||
case PUBKEY_ALGO_ELGAMAL_E: return GCRY_PK_ELG;
|
||||
default: return algo;
|
||||
}
|
||||
}
|
||||
@ -433,11 +434,15 @@ map_pk_openpgp_to_gcry (int algo)
|
||||
int
|
||||
openpgp_pk_test_algo( int algo )
|
||||
{
|
||||
/* ECC is not yet supported even if supported by Libgcrypt. */
|
||||
if (algo == PUBKEY_ALGO_ECDH || algo == PUBKEY_ALGO_ECDSA)
|
||||
return gpg_error (GPG_ERR_PUBKEY_ALGO);
|
||||
|
||||
/* Dont't allow type 20 keys unless in rfc2440 mode. */
|
||||
if (!RFC2440 && algo == 20)
|
||||
return gpg_error (GPG_ERR_PUBKEY_ALGO);
|
||||
|
||||
if (algo == GCRY_PK_ELG_E)
|
||||
if (algo == PUBKEY_ALGO_ELGAMAL_E)
|
||||
algo = GCRY_PK_ELG;
|
||||
|
||||
if (algo < 0 || algo > 110)
|
||||
@ -450,11 +455,15 @@ openpgp_pk_test_algo2( int algo, unsigned int use )
|
||||
{
|
||||
size_t use_buf = use;
|
||||
|
||||
/* ECC is not yet supported even if supported by Libgcrypt. */
|
||||
if (algo == PUBKEY_ALGO_ECDH || algo == PUBKEY_ALGO_ECDSA)
|
||||
return gpg_error (GPG_ERR_PUBKEY_ALGO);
|
||||
|
||||
/* Dont't allow type 20 keys unless in rfc2440 mode. */
|
||||
if (!RFC2440 && algo == 20)
|
||||
return gpg_error (GPG_ERR_PUBKEY_ALGO);
|
||||
|
||||
if (algo == GCRY_PK_ELG_E)
|
||||
if (algo == PUBKEY_ALGO_ELGAMAL_E)
|
||||
algo = GCRY_PK_ELG;
|
||||
|
||||
if (algo < 0 || algo > 110)
|
||||
@ -491,12 +500,29 @@ openpgp_pk_algo_usage ( int algo )
|
||||
case PUBKEY_ALGO_DSA:
|
||||
use = PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG | PUBKEY_USAGE_AUTH;
|
||||
break;
|
||||
case PUBKEY_ALGO_ECDH:
|
||||
use = PUBKEY_USAGE_ENC;
|
||||
break;
|
||||
case PUBKEY_ALGO_ECDSA:
|
||||
use = PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG | PUBKEY_USAGE_AUTH;
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
return use;
|
||||
}
|
||||
|
||||
|
||||
/* Map the OpenPGP cipher algorithm whose ID is contained in ALGORITHM to a
|
||||
string representation of the algorithm name. For unknown algorithm
|
||||
IDs this function returns "?". */
|
||||
const char *
|
||||
openpgp_pk_algo_name (int algo)
|
||||
{
|
||||
return gcry_pk_algo_name (map_pk_openpgp_to_gcry (algo));
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
openpgp_md_test_algo( int algo )
|
||||
{
|
||||
|
@ -334,7 +334,7 @@ passphrase_get ( u32 *keyid, int mode, const char *cacheid, int repeat,
|
||||
{
|
||||
char *uid;
|
||||
size_t uidlen;
|
||||
const char *algo_name = gcry_pk_algo_name ( pk->pubkey_algo );
|
||||
const char *algo_name = openpgp_pk_algo_name (pk->pubkey_algo);
|
||||
const char *timestr;
|
||||
char *maink;
|
||||
|
||||
@ -595,7 +595,7 @@ passphrase_to_dek_ext (u32 *keyid, int pubkey_algo,
|
||||
|
||||
if ( !get_pubkey( pk, keyid ) )
|
||||
{
|
||||
const char *s = gcry_pk_algo_name ( pk->pubkey_algo );
|
||||
const char *s = openpgp_pk_algo_name (pk->pubkey_algo);
|
||||
|
||||
tty_printf (_("%u-bit %s key, ID %s, created %s"),
|
||||
nbits_from_pk( pk ), s?s:"?", keystr(keyid),
|
||||
|
@ -318,7 +318,7 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig,
|
||||
if( opt.verbose ) {
|
||||
char *ustr = get_user_id_string_native (sig->keyid);
|
||||
log_info(_("%s/%s signature from: \"%s\"\n"),
|
||||
gcry_pk_algo_name (sk->pubkey_algo),
|
||||
openpgp_pk_algo_name (sk->pubkey_algo),
|
||||
gcry_md_algo_name (sig->digest_algo),
|
||||
ustr );
|
||||
xfree(ustr);
|
||||
|
@ -51,14 +51,14 @@
|
||||
#define CIPHER_ALGO_CAMELLIA256 13
|
||||
#define CIPHER_ALGO_DUMMY 110 /* No encryption at all. */
|
||||
|
||||
#define PUBKEY_ALGO_RSA /* 1 */ GCRY_PK_RSA
|
||||
#define PUBKEY_ALGO_RSA_E /* 2 */ GCRY_PK_RSA_E /* RSA encrypt only. */
|
||||
#define PUBKEY_ALGO_RSA_S /* 3 */ GCRY_PK_RSA_S /* RSA sign only. */
|
||||
#define PUBKEY_ALGO_ELGAMAL_E /* 16 */ GCRY_PK_ELG_E /* Elgamal encr only */
|
||||
#define PUBKEY_ALGO_DSA /* 17 */ GCRY_PK_DSA
|
||||
#define PUBKEY_ALGO_RSA 1
|
||||
#define PUBKEY_ALGO_RSA_E 2 /* RSA encrypt only. */
|
||||
#define PUBKEY_ALGO_RSA_S 3 /* RSA sign only. */
|
||||
#define PUBKEY_ALGO_ELGAMAL_E 16 /* Elgamal encr only */
|
||||
#define PUBKEY_ALGO_DSA 17
|
||||
#define PUBKEY_ALGO_ECDH 18
|
||||
#define PUBKEY_ALGO_ECDSA 19
|
||||
#define PUBKEY_ALGO_ELGAMAL /* 20 */ GCRY_PK_ELG /* Elgamal encr+sign */
|
||||
#define PUBKEY_ALGO_ELGAMAL 20 /* Elgamal encr+sign */
|
||||
|
||||
#define PUBKEY_USAGE_SIG GCRY_PK_USAGE_SIGN /* Good for signatures. */
|
||||
#define PUBKEY_USAGE_ENC GCRY_PK_USAGE_ENCR /* Good for encryption. */
|
||||
|
Loading…
x
Reference in New Issue
Block a user