security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-06-08 23:37:47 +02:00
Code Activity

gpg: Fix --version output and explicitly disable ECC.

Browse Source 
* g10/misc.c (openpgp_pk_algo_name): New.  Replace all calls in g10/
to gcry_pk_algo_name by a call to this function.
(map_pk_openpgp_to_gcry): Map algo PUBKEY_ALGO_ELGAMAL_E to GCRY_PK_ELG.
(openpgp_pk_test_algo): Use PUBKEY_ALGO_ELGAMAL_E instead of
GCRY_PK_ELG_E.  Return an error for ECC algos.
(openpgp_pk_test_algo2):  Return an error for ECC algos.
* g10/gpg.c (build_list): Avoid printing ECC two times.
* include/cipher.h: Do not use GCRY_PK_* macros for PUBKEY_ALGO_*.
--

Due to recent changes to adjust for use with Libgcrypt 1.6, "gpg
--version" printed two question marks.  This patches fixes that and
also make sure that gpg does advertise any ECC features.  The patch in
build_list is not really needed.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2013-10-08 15:29:36 +02:00
parent 3544beff86
commit 6286d01ba3
11 changed files with 111 additions and 81 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
g10/encode.c
View File

@ -846,7 +846,7 @@ write_pubkey_enc_from_list( PK_LIST pk_list, DEK *dek, IOBUF out )
if( opt.verbose ) {
char *ustr = get_user_id_string_native (enc->keyid);
log_info(_("%s/%s encrypted for: \"%s\"\n"),
gcry_pk_algo_name (enc->pubkey_algo),
openpgp_pk_algo_name (enc->pubkey_algo),
openpgp_cipher_algo_name (dek->algo),
ustr );
xfree(ustr);

9
g10/gpg.c
View File

@ -854,8 +854,8 @@ my_strusage( int level )
case 33: p = _("\nSupported algorithms:\n"); break;
case 34:
if (!pubkeys)
pubkeys = build_list (_("Pubkey: "), 0,
gcry_pk_algo_name,
pubkeys = build_list (_("Pubkey: "), 'P',
openpgp_pk_algo_name,
openpgp_pk_test_algo );
p = pubkeys;
break;
@ -906,6 +906,9 @@ build_list (const char *text, char letter,
for (i=0; i <= 110; i++ )
{
if (letter == 'P' && i == 19 )
continue; /* No need to print a second "ECC" string. */
if (!chkf (i) && (s = mapf (i)))
{
if (mb.len - len > 60)
@ -921,7 +924,7 @@ build_list (const char *text, char letter,
put_membuf_str (&mb, text);
put_membuf_str (&mb, s);
if (opt.verbose && letter)
if (opt.verbose && letter && letter != 'P')
{
char num[20];
snprintf (num, sizeof num, " (%c%d)", letter, i);

4
g10/keyedit.c
View File

@ -2810,7 +2810,7 @@ show_key_with_all_names( KBNODE keyblock, int only_marked, int with_revoker,
if(pk->is_revoked)
{
char *user=get_user_id_string_native(pk->revoked.keyid);
const char *algo = gcry_pk_algo_name (pk->revoked.algo);
const char *algo = openpgp_pk_algo_name (pk->revoked.algo);
tty_printf (_("The following key was revoked on"
" %s by %s key %s\n"),
revokestr_from_pk(pk),algo?algo:"?",user);
@ -2828,7 +2828,7 @@ show_key_with_all_names( KBNODE keyblock, int only_marked, int with_revoker,
char *user;
const char *algo;
algo = gcry_pk_algo_name (pk->revkey[i].algid);
algo = openpgp_pk_algo_name (pk->revkey[i].algid);
keyid_from_fingerprint(pk->revkey[i].fpr,
MAX_FINGERPRINT_LEN,r_keyid);

6
g10/keygen.c
View File

@ -1603,7 +1603,7 @@ ask_key_flags(int algo,int subkey)
{
tty_printf("\n");
tty_printf(_("Possible actions for a %s key: "),
gcry_pk_algo_name (algo));
openpgp_pk_algo_name (algo));
print_key_flags(possible);
tty_printf("\n");
tty_printf(_("Current allowed actions: "));
@ -1807,7 +1807,7 @@ ask_keysize (int algo, unsigned int primary_keysize)
}
tty_printf(_("%s keys may be between %u and %u bits long.\n"),
gcry_pk_algo_name (algo), min, max);
openpgp_pk_algo_name (algo), min, max);
for(;;)
{
@ -1826,7 +1826,7 @@ ask_keysize (int algo, unsigned int primary_keysize)
if(nbits<min || nbits>max)
tty_printf(_("%s keysizes must be in the range %u-%u\n"),
gcry_pk_algo_name (algo), min, max);
openpgp_pk_algo_name (algo), min, max);
else
break;
}

2
g10/keyserver.c
View File

@ -485,7 +485,7 @@ print_keyrec(int number,struct keyrec *keyrec)
{
const char *str;
str = gcry_pk_algo_name (map_pk_openpgp_to_gcry (keyrec->type));
str = openpgp_pk_algo_name (keyrec->type);
if(str && strcmp (str, "?"))
printf("%s ",str);
else

1
g10/main.h
View File

@ -93,6 +93,7 @@ int map_pk_openpgp_to_gcry (int algo);
int openpgp_pk_test_algo( int algo );
int openpgp_pk_test_algo2 ( int algo, unsigned int use );
int openpgp_pk_algo_usage ( int algo );
const char *openpgp_pk_algo_name (int algo);
int openpgp_md_test_algo( int algo );
#ifdef USE_IDEA

4
g10/mainproc.c
View File

@ -455,7 +455,7 @@ print_pkenc_list( struct kidlist_item *list, int failed )
if ( !failed && list->reason )
continue;
algstr = gcry_pk_algo_name ( list->pubkey_algo );
algstr = openpgp_pk_algo_name ( list->pubkey_algo );
pk = xmalloc_clear( sizeof *pk );
if( !algstr )
@ -1644,7 +1644,7 @@ check_sig_and_print( CTX c, KBNODE node )
/* (Indendation below not yet changed to GNU style.) */
astr = gcry_pk_algo_name ( sig->pubkey_algo );
astr = openpgp_pk_algo_name ( sig->pubkey_algo );
if(keystrlen()>8)
{
log_info(_("Signature made %s\n"),asctimestamp(sig->timestamp));

36
g10/misc.c
View File

@ -297,7 +297,7 @@ print_pubkey_algo_note( int algo )
{
warn=1;
log_info (_("WARNING: using experimental public key algorithm %s\n"),
gcry_pk_algo_name (map_pk_openpgp_to_gcry (algo)));
openpgp_pk_algo_name (algo));
}
}
else if (algo == 20)
@ -423,8 +423,9 @@ map_pk_openpgp_to_gcry (int algo)
{
switch (algo)
{
case PUBKEY_ALGO_ECDSA: return 301 /*GCRY_PK_ECDSA*/;
case PUBKEY_ALGO_ECDH: return 302 /*GCRY_PK_ECDH*/;
case PUBKEY_ALGO_ECDSA: return 301 /*GCRY_PK_ECDSA*/;
case PUBKEY_ALGO_ECDH: return 302 /*GCRY_PK_ECDH*/;
case PUBKEY_ALGO_ELGAMAL_E: return GCRY_PK_ELG;
default: return algo;
}
}
@ -433,11 +434,15 @@ map_pk_openpgp_to_gcry (int algo)
int
openpgp_pk_test_algo( int algo )
{
/* ECC is not yet supported even if supported by Libgcrypt. */
if (algo == PUBKEY_ALGO_ECDH || algo == PUBKEY_ALGO_ECDSA)
return gpg_error (GPG_ERR_PUBKEY_ALGO);
/* Dont't allow type 20 keys unless in rfc2440 mode. */
if (!RFC2440 && algo == 20)
return gpg_error (GPG_ERR_PUBKEY_ALGO);
if (algo == GCRY_PK_ELG_E)
if (algo == PUBKEY_ALGO_ELGAMAL_E)
algo = GCRY_PK_ELG;
if (algo < 0 || algo > 110)
@ -450,11 +455,15 @@ openpgp_pk_test_algo2( int algo, unsigned int use )
{
size_t use_buf = use;
/* ECC is not yet supported even if supported by Libgcrypt. */
if (algo == PUBKEY_ALGO_ECDH || algo == PUBKEY_ALGO_ECDSA)
return gpg_error (GPG_ERR_PUBKEY_ALGO);
/* Dont't allow type 20 keys unless in rfc2440 mode. */
if (!RFC2440 && algo == 20)
return gpg_error (GPG_ERR_PUBKEY_ALGO);
if (algo == GCRY_PK_ELG_E)
if (algo == PUBKEY_ALGO_ELGAMAL_E)
algo = GCRY_PK_ELG;
if (algo < 0 || algo > 110)
@ -491,12 +500,29 @@ openpgp_pk_algo_usage ( int algo )
case PUBKEY_ALGO_DSA:
use = PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG | PUBKEY_USAGE_AUTH;
break;
case PUBKEY_ALGO_ECDH:
use = PUBKEY_USAGE_ENC;
break;
case PUBKEY_ALGO_ECDSA:
use = PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG | PUBKEY_USAGE_AUTH;
break;
default:
break;
}
return use;
}
/* Map the OpenPGP cipher algorithm whose ID is contained in ALGORITHM to a
string representation of the algorithm name. For unknown algorithm
IDs this function returns "?". */
const char *
openpgp_pk_algo_name (int algo)
{
return gcry_pk_algo_name (map_pk_openpgp_to_gcry (algo));
}
int
openpgp_md_test_algo( int algo )
{

4
g10/passphrase.c
View File

@ -334,7 +334,7 @@ passphrase_get ( u32 *keyid, int mode, const char *cacheid, int repeat,
{
char *uid;
size_t uidlen;
const char *algo_name = gcry_pk_algo_name ( pk->pubkey_algo );
const char *algo_name = openpgp_pk_algo_name (pk->pubkey_algo);
const char *timestr;
char *maink;
@ -595,7 +595,7 @@ passphrase_to_dek_ext (u32 *keyid, int pubkey_algo,
if ( !get_pubkey( pk, keyid ) )
{
const char *s = gcry_pk_algo_name ( pk->pubkey_algo );
const char *s = openpgp_pk_algo_name (pk->pubkey_algo);
tty_printf (_("%u-bit %s key, ID %s, created %s"),
nbits_from_pk( pk ), s?s:"?", keystr(keyid),

2
g10/sign.c
View File

@ -318,7 +318,7 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig,
if( opt.verbose ) {
char *ustr = get_user_id_string_native (sig->keyid);
log_info(_("%s/%s signature from: \"%s\"\n"),
gcry_pk_algo_name (sk->pubkey_algo),
openpgp_pk_algo_name (sk->pubkey_algo),
gcry_md_algo_name (sig->digest_algo),
ustr );
xfree(ustr);

12
include/cipher.h
View File

@ -51,14 +51,14 @@
#define CIPHER_ALGO_CAMELLIA256 13
#define CIPHER_ALGO_DUMMY 110 /* No encryption at all. */
#define PUBKEY_ALGO_RSA /* 1 */ GCRY_PK_RSA
#define PUBKEY_ALGO_RSA_E /* 2 */ GCRY_PK_RSA_E /* RSA encrypt only. */
#define PUBKEY_ALGO_RSA_S /* 3 */ GCRY_PK_RSA_S /* RSA sign only. */
#define PUBKEY_ALGO_ELGAMAL_E /* 16 */ GCRY_PK_ELG_E /* Elgamal encr only */
#define PUBKEY_ALGO_DSA /* 17 */ GCRY_PK_DSA
#define PUBKEY_ALGO_RSA 1
#define PUBKEY_ALGO_RSA_E 2 /* RSA encrypt only. */
#define PUBKEY_ALGO_RSA_S 3 /* RSA sign only. */
#define PUBKEY_ALGO_ELGAMAL_E 16 /* Elgamal encr only */
#define PUBKEY_ALGO_DSA 17
#define PUBKEY_ALGO_ECDH 18
#define PUBKEY_ALGO_ECDSA 19
#define PUBKEY_ALGO_ELGAMAL /* 20 */ GCRY_PK_ELG /* Elgamal encr+sign */
#define PUBKEY_ALGO_ELGAMAL 20 /* Elgamal encr+sign */
#define PUBKEY_USAGE_SIG GCRY_PK_USAGE_SIGN /* Good for signatures. */
#define PUBKEY_USAGE_ENC GCRY_PK_USAGE_ENCR /* Good for encryption. */