diff --git a/TODO b/TODO index 21e51d0c1..486b40fc0 100644 --- a/TODO +++ b/TODO @@ -30,4 +30,6 @@ signature packets should be implemented to avoid this. * compress does not work always! + * complete cipher/cast.c + * complete cipher/dsa.c diff --git a/cipher/Makefile.am b/cipher/Makefile.am index 939a48303..40b131dd9 100644 --- a/cipher/Makefile.am +++ b/cipher/Makefile.am @@ -5,7 +5,6 @@ INCLUDES = -I$(top_srcdir)/include noinst_LIBRARIES = cipher -# please add "rsa.c" and "rsa.h" manually in Makefile.am cipher_SOURCES = blowfish.c \ blowfish.h \ elgamal.c \ @@ -18,6 +17,10 @@ cipher_SOURCES = blowfish.c \ random.c \ rmd.h \ rmd160.c \ + sha1.h \ + sha1.c \ + dsa.h \ + dsa.c \ md.c \ smallprime.c diff --git a/cipher/Makefile.in b/cipher/Makefile.in index 96081b73f..8391d9e9c 100644 --- a/cipher/Makefile.in +++ b/cipher/Makefile.in @@ -42,7 +42,6 @@ INCLUDES = -I$(top_srcdir)/include noinst_LIBRARIES = cipher -# please add "rsa.c" and "rsa.h" manually in Makefile.am cipher_SOURCES = blowfish.c \ blowfish.h \ elgamal.c \ @@ -55,6 +54,10 @@ cipher_SOURCES = blowfish.c \ random.c \ rmd.h \ rmd160.c \ + sha1.h \ + sha1.c \ + dsa.h \ + dsa.c \ md.c \ smallprime.c @@ -78,7 +81,7 @@ LIBS = @LIBS@ COMPILE = $(CC) -c $(DEFS) $(INCLUDES) $(CPPFLAGS) $(CFLAGS) LINK = $(CC) $(LDFLAGS) -o $@ cipher_OBJECTS = blowfish.o elgamal.o gost.o md5.o primegen.o random.o \ -rmd160.o md.o smallprime.o +rmd160.o sha1.o dsa.o md.o smallprime.o EXTRA_cipher_SOURCES = LIBFILES = libcipher.a AR = ar @@ -95,10 +98,11 @@ DEP_DISTFILES = $(DIST_COMMON) $(SOURCES) $(BUILT_SOURCES) $(HEADERS) \ $(TEXINFOS) $(INFO_DEPS) $(MANS) $(EXTRA_DIST) $(DATA) TAR = tar -DEP_FILES = $(srcdir)/.deps/blowfish.P $(srcdir)/.deps/elgamal.P \ -$(srcdir)/.deps/gost.P $(srcdir)/.deps/md.P $(srcdir)/.deps/md5.P \ -$(srcdir)/.deps/primegen.P $(srcdir)/.deps/random.P \ -$(srcdir)/.deps/rmd160.P $(srcdir)/.deps/smallprime.P +DEP_FILES = $(srcdir)/.deps/blowfish.P $(srcdir)/.deps/dsa.P \ +$(srcdir)/.deps/elgamal.P $(srcdir)/.deps/gost.P $(srcdir)/.deps/md.P \ +$(srcdir)/.deps/md5.P $(srcdir)/.deps/primegen.P \ +$(srcdir)/.deps/random.P $(srcdir)/.deps/rmd160.P \ +$(srcdir)/.deps/sha1.P $(srcdir)/.deps/smallprime.P SOURCES = $(cipher_SOURCES) OBJECTS = $(cipher_OBJECTS) diff --git a/cipher/cast5.c b/cipher/cast5.c new file mode 100644 index 000000000..ef6c220a2 --- /dev/null +++ b/cipher/cast5.c @@ -0,0 +1,615 @@ +/* cast5.c - CAST5 cipher (RFC2144) + * Copyright (c) 1997 by Werner Koch (dd9jn) + * + * This file is part of G10. + * + * G10 is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * G10 is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +#include +#include +#include +#include +#include +#include "util.h" +#include "types.h" +#include "cast5.h" + +static const u32 s1[256] = { +0x30fb40d4, 0x9fa0ff0b, 0x6beccd2f, 0x3f258c7a, 0x1e213f2f, 0x9c004dd3, 0x6003e540, 0xcf9fc949, +0xbfd4af27, 0x88bbbdb5, 0xe2034090, 0x98d09675, 0x6e63a0e0, 0x15c361d2, 0xc2e7661d, 0x22d4ff8e, +0x28683b6f, 0xc07fd059, 0xff2379c8, 0x775f50e2, 0x43c340d3, 0xdf2f8656, 0x887ca41a, 0xa2d2bd2d, +0xa1c9e0d6, 0x346c4819, 0x61b76d87, 0x22540f2f, 0x2abe32e1, 0xaa54166b, 0x22568e3a, 0xa2d341d0, +0x66db40c8, 0xa784392f, 0x004dff2f, 0x2db9d2de, 0x97943fac, 0x4a97c1d8, 0x527644b7, 0xb5f437a7, +0xb82cbaef, 0xd751d159, 0x6ff7f0ed, 0x5a097a1f, 0x827b68d0, 0x90ecf52e, 0x22b0c054, 0xbc8e5935, +0x4b6d2f7f, 0x50bb64a2, 0xd2664910, 0xbee5812d, 0xb7332290, 0xe93b159f, 0xb48ee411, 0x4bff345d, +0xfd45c240, 0xad31973f, 0xc4f6d02e, 0x55fc8165, 0xd5b1caad, 0xa1ac2dae, 0xa2d4b76d, 0xc19b0c50, +0x882240f2, 0x0c6e4f38, 0xa4e4bfd7, 0x4f5ba272, 0x564c1d2f, 0xc59c5319, 0xb949e354, 0xb04669fe, +0xb1b6ab8a, 0xc71358dd, 0x6385c545, 0x110f935d, 0x57538ad5, 0x6a390493, 0xe63d37e0, 0x2a54f6b3, +0x3a787d5f, 0x6276a0b5, 0x19a6fcdf, 0x7a42206a, 0x29f9d4d5, 0xf61b1891, 0xbb72275e, 0xaa508167, +0x38901091, 0xc6b505eb, 0x84c7cb8c, 0x2ad75a0f, 0x874a1427, 0xa2d1936b, 0x2ad286af, 0xaa56d291, +0xd7894360, 0x425c750d, 0x93b39e26, 0x187184c9, 0x6c00b32d, 0x73e2bb14, 0xa0bebc3c, 0x54623779, +0x64459eab, 0x3f328b82, 0x7718cf82, 0x59a2cea6, 0x04ee002e, 0x89fe78e6, 0x3fab0950, 0x325ff6c2, +0x81383f05, 0x6963c5c8, 0x76cb5ad6, 0xd49974c9, 0xca180dcf, 0x380782d5, 0xc7fa5cf6, 0x8ac31511, +0x35e79e13, 0x47da91d0, 0xf40f9086, 0xa7e2419e, 0x31366241, 0x051ef495, 0xaa573b04, 0x4a805d8d, +0x548300d0, 0x00322a3c, 0xbf64cddf, 0xba57a68e, 0x75c6372b, 0x50afd341, 0xa7c13275, 0x915a0bf5, +0x6b54bfab, 0x2b0b1426, 0xab4cc9d7, 0x449ccd82, 0xf7fbf265, 0xab85c5f3, 0x1b55db94, 0xaad4e324, +0xcfa4bd3f, 0x2deaa3e2, 0x9e204d02, 0xc8bd25ac, 0xeadf55b3, 0xd5bd9e98, 0xe31231b2, 0x2ad5ad6c, +0x954329de, 0xadbe4528, 0xd8710f69, 0xaa51c90f, 0xaa786bf6, 0x22513f1e, 0xaa51a79b, 0x2ad344cc, +0x7b5a41f0, 0xd37cfbad, 0x1b069505, 0x41ece491, 0xb4c332e6, 0x032268d4, 0xc9600acc, 0xce387e6d, +0xbf6bb16c, 0x6a70fb78, 0x0d03d9c9, 0xd4df39de, 0xe01063da, 0x4736f464, 0x5ad328d8, 0xb347cc96, +0x75bb0fc3, 0x98511bfb, 0x4ffbcc35, 0xb58bcf6a, 0xe11f0abc, 0xbfc5fe4a, 0xa70aec10, 0xac39570a, +0x3f04442f, 0x6188b153, 0xe0397a2e, 0x5727cb79, 0x9ceb418f, 0x1cacd68d, 0x2ad37c96, 0x0175cb9d, +0xc69dff09, 0xc75b65f0, 0xd9db40d8, 0xec0e7779, 0x4744ead4, 0xb11c3274, 0xdd24cb9e, 0x7e1c54bd, +0xf01144f9, 0xd2240eb1, 0x9675b3fd, 0xa3ac3755, 0xd47c27af, 0x51c85f4d, 0x56907596, 0xa5bb15e6, +0x580304f0, 0xca042cf1, 0x011a37ea, 0x8dbfaadb, 0x35ba3e4a, 0x3526ffa0, 0xc37b4d09, 0xbc306ed9, +0x98a52666, 0x5648f725, 0xff5e569d, 0x0ced63d0, 0x7c63b2cf, 0x700b45e1, 0xd5ea50f1, 0x85a92872, +0xaf1fbda7, 0xd4234870, 0xa7870bf3, 0x2d3b4d79, 0x42e04198, 0x0cd0ede7, 0x26470db8, 0xf881814c, +0x474d6ad7, 0x7c0c5e5c, 0xd1231959, 0x381b7298, 0xf5d2f4db, 0xab838653, 0x6e2f1e23, 0x83719c9e, +0xbd91e046, 0x9a56456e, 0xdc39200c, 0x20c8c571, 0x962bda1c, 0xe1e696ff, 0xb141ab08, 0x7cca89b9, +0x1a69e783, 0x02cc4843, 0xa2f7c579, 0x429ef47d, 0x427b169c, 0x5ac9f049, 0xdd8f0f00, 0x5c8165bf +}; +static const u32 s2[256] = { +0x1f201094, 0xef0ba75b, 0x69e3cf7e, 0x393f4380, 0xfe61cf7a, 0xeec5207a, 0x55889c94, 0x72fc0651, +0xada7ef79, 0x4e1d7235, 0xd55a63ce, 0xde0436ba, 0x99c430ef, 0x5f0c0794, 0x18dcdb7d, 0xa1d6eff3, +0xa0b52f7b, 0x59e83605, 0xee15b094, 0xe9ffd909, 0xdc440086, 0xef944459, 0xba83ccb3, 0xe0c3cdfb, +0xd1da4181, 0x3b092ab1, 0xf997f1c1, 0xa5e6cf7b, 0x01420ddb, 0xe4e7ef5b, 0x25a1ff41, 0xe180f806, +0x1fc41080, 0x179bee7a, 0xd37ac6a9, 0xfe5830a4, 0x98de8b7f, 0x77e83f4e, 0x79929269, 0x24fa9f7b, +0xe113c85b, 0xacc40083, 0xd7503525, 0xf7ea615f, 0x62143154, 0x0d554b63, 0x5d681121, 0xc866c359, +0x3d63cf73, 0xcee234c0, 0xd4d87e87, 0x5c672b21, 0x071f6181, 0x39f7627f, 0x361e3084, 0xe4eb573b, +0x602f64a4, 0xd63acd9c, 0x1bbc4635, 0x9e81032d, 0x2701f50c, 0x99847ab4, 0xa0e3df79, 0xba6cf38c, +0x10843094, 0x2537a95e, 0xf46f6ffe, 0xa1ff3b1f, 0x208cfb6a, 0x8f458c74, 0xd9e0a227, 0x4ec73a34, +0xfc884f69, 0x3e4de8df, 0xef0e0088, 0x3559648d, 0x8a45388c, 0x1d804366, 0x721d9bfd, 0xa58684bb, +0xe8256333, 0x844e8212, 0x128d8098, 0xfed33fb4, 0xce280ae1, 0x27e19ba5, 0xd5a6c252, 0xe49754bd, +0xc5d655dd, 0xeb667064, 0x77840b4d, 0xa1b6a801, 0x84db26a9, 0xe0b56714, 0x21f043b7, 0xe5d05860, +0x54f03084, 0x066ff472, 0xa31aa153, 0xdadc4755, 0xb5625dbf, 0x68561be6, 0x83ca6b94, 0x2d6ed23b, +0xeccf01db, 0xa6d3d0ba, 0xb6803d5c, 0xaf77a709, 0x33b4a34c, 0x397bc8d6, 0x5ee22b95, 0x5f0e5304, +0x81ed6f61, 0x20e74364, 0xb45e1378, 0xde18639b, 0x881ca122, 0xb96726d1, 0x8049a7e8, 0x22b7da7b, +0x5e552d25, 0x5272d237, 0x79d2951c, 0xc60d894c, 0x488cb402, 0x1ba4fe5b, 0xa4b09f6b, 0x1ca815cf, +0xa20c3005, 0x8871df63, 0xb9de2fcb, 0x0cc6c9e9, 0x0beeff53, 0xe3214517, 0xb4542835, 0x9f63293c, +0xee41e729, 0x6e1d2d7c, 0x50045286, 0x1e6685f3, 0xf33401c6, 0x30a22c95, 0x31a70850, 0x60930f13, +0x73f98417, 0xa1269859, 0xec645c44, 0x52c877a9, 0xcdff33a6, 0xa02b1741, 0x7cbad9a2, 0x2180036f, +0x50d99c08, 0xcb3f4861, 0xc26bd765, 0x64a3f6ab, 0x80342676, 0x25a75e7b, 0xe4e6d1fc, 0x20c710e6, +0xcdf0b680, 0x17844d3b, 0x31eef84d, 0x7e0824e4, 0x2ccb49eb, 0x846a3bae, 0x8ff77888, 0xee5d60f6, +0x7af75673, 0x2fdd5cdb, 0xa11631c1, 0x30f66f43, 0xb3faec54, 0x157fd7fa, 0xef8579cc, 0xd152de58, +0xdb2ffd5e, 0x8f32ce19, 0x306af97a, 0x02f03ef8, 0x99319ad5, 0xc242fa0f, 0xa7e3ebb0, 0xc68e4906, +0xb8da230c, 0x80823028, 0xdcdef3c8, 0xd35fb171, 0x088a1bc8, 0xbec0c560, 0x61a3c9e8, 0xbca8f54d, +0xc72feffa, 0x22822e99, 0x82c570b4, 0xd8d94e89, 0x8b1c34bc, 0x301e16e6, 0x273be979, 0xb0ffeaa6, +0x61d9b8c6, 0x00b24869, 0xb7ffce3f, 0x08dc283b, 0x43daf65a, 0xf7e19798, 0x7619b72f, 0x8f1c9ba4, +0xdc8637a0, 0x16a7d3b1, 0x9fc393b7, 0xa7136eeb, 0xc6bcc63e, 0x1a513742, 0xef6828bc, 0x520365d6, +0x2d6a77ab, 0x3527ed4b, 0x821fd216, 0x095c6e2e, 0xdb92f2fb, 0x5eea29cb, 0x145892f5, 0x91584f7f, +0x5483697b, 0x2667a8cc, 0x85196048, 0x8c4bacea, 0x833860d4, 0x0d23e0f9, 0x6c387e8a, 0x0ae6d249, +0xb284600c, 0xd835731d, 0xdcb1c647, 0xac4c56ea, 0x3ebd81b3, 0x230eabb0, 0x6438bc87, 0xf0b5b1fa, +0x8f5ea2b3, 0xfc184642, 0x0a036b7a, 0x4fb089bd, 0x649da589, 0xa345415e, 0x5c038323, 0x3e5d3bb9, +0x43d79572, 0x7e6dd07c, 0x06dfdf1e, 0x6c6cc4ef, 0x7160a539, 0x73bfbe70, 0x83877605, 0x4523ecf1 +}; +static const u32 s3[256] = { +0x8defc240, 0x25fa5d9f, 0xeb903dbf, 0xe810c907, 0x47607fff, 0x369fe44b, 0x8c1fc644, 0xaececa90, +0xbeb1f9bf, 0xeefbcaea, 0xe8cf1950, 0x51df07ae, 0x920e8806, 0xf0ad0548, 0xe13c8d83, 0x927010d5, +0x11107d9f, 0x07647db9, 0xb2e3e4d4, 0x3d4f285e, 0xb9afa820, 0xfade82e0, 0xa067268b, 0x8272792e, +0x553fb2c0, 0x489ae22b, 0xd4ef9794, 0x125e3fbc, 0x21fffcee, 0x825b1bfd, 0x9255c5ed, 0x1257a240, +0x4e1a8302, 0xbae07fff, 0x528246e7, 0x8e57140e, 0x3373f7bf, 0x8c9f8188, 0xa6fc4ee8, 0xc982b5a5, +0xa8c01db7, 0x579fc264, 0x67094f31, 0xf2bd3f5f, 0x40fff7c1, 0x1fb78dfc, 0x8e6bd2c1, 0x437be59b, +0x99b03dbf, 0xb5dbc64b, 0x638dc0e6, 0x55819d99, 0xa197c81c, 0x4a012d6e, 0xc5884a28, 0xccc36f71, +0xb843c213, 0x6c0743f1, 0x8309893c, 0x0feddd5f, 0x2f7fe850, 0xd7c07f7e, 0x02507fbf, 0x5afb9a04, +0xa747d2d0, 0x1651192e, 0xaf70bf3e, 0x58c31380, 0x5f98302e, 0x727cc3c4, 0x0a0fb402, 0x0f7fef82, +0x8c96fdad, 0x5d2c2aae, 0x8ee99a49, 0x50da88b8, 0x8427f4a0, 0x1eac5790, 0x796fb449, 0x8252dc15, +0xefbd7d9b, 0xa672597d, 0xada840d8, 0x45f54504, 0xfa5d7403, 0xe83ec305, 0x4f91751a, 0x925669c2, +0x23efe941, 0xa903f12e, 0x60270df2, 0x0276e4b6, 0x94fd6574, 0x927985b2, 0x8276dbcb, 0x02778176, +0xf8af918d, 0x4e48f79e, 0x8f616ddf, 0xe29d840e, 0x842f7d83, 0x340ce5c8, 0x96bbb682, 0x93b4b148, +0xef303cab, 0x984faf28, 0x779faf9b, 0x92dc560d, 0x224d1e20, 0x8437aa88, 0x7d29dc96, 0x2756d3dc, +0x8b907cee, 0xb51fd240, 0xe7c07ce3, 0xe566b4a1, 0xc3e9615e, 0x3cf8209d, 0x6094d1e3, 0xcd9ca341, +0x5c76460e, 0x00ea983b, 0xd4d67881, 0xfd47572c, 0xf76cedd9, 0xbda8229c, 0x127dadaa, 0x438a074e, +0x1f97c090, 0x081bdb8a, 0x93a07ebe, 0xb938ca15, 0x97b03cff, 0x3dc2c0f8, 0x8d1ab2ec, 0x64380e51, +0x68cc7bfb, 0xd90f2788, 0x12490181, 0x5de5ffd4, 0xdd7ef86a, 0x76a2e214, 0xb9a40368, 0x925d958f, +0x4b39fffa, 0xba39aee9, 0xa4ffd30b, 0xfaf7933b, 0x6d498623, 0x193cbcfa, 0x27627545, 0x825cf47a, +0x61bd8ba0, 0xd11e42d1, 0xcead04f4, 0x127ea392, 0x10428db7, 0x8272a972, 0x9270c4a8, 0x127de50b, +0x285ba1c8, 0x3c62f44f, 0x35c0eaa5, 0xe805d231, 0x428929fb, 0xb4fcdf82, 0x4fb66a53, 0x0e7dc15b, +0x1f081fab, 0x108618ae, 0xfcfd086d, 0xf9ff2889, 0x694bcc11, 0x236a5cae, 0x12deca4d, 0x2c3f8cc5, +0xd2d02dfe, 0xf8ef5896, 0xe4cf52da, 0x95155b67, 0x494a488c, 0xb9b6a80c, 0x5c8f82bc, 0x89d36b45, +0x3a609437, 0xec00c9a9, 0x44715253, 0x0a874b49, 0xd773bc40, 0x7c34671c, 0x02717ef6, 0x4feb5536, +0xa2d02fff, 0xd2bf60c4, 0xd43f03c0, 0x50b4ef6d, 0x07478cd1, 0x006e1888, 0xa2e53f55, 0xb9e6d4bc, +0xa2048016, 0x97573833, 0xd7207d67, 0xde0f8f3d, 0x72f87b33, 0xabcc4f33, 0x7688c55d, 0x7b00a6b0, +0x947b0001, 0x570075d2, 0xf9bb88f8, 0x8942019e, 0x4264a5ff, 0x856302e0, 0x72dbd92b, 0xee971b69, +0x6ea22fde, 0x5f08ae2b, 0xaf7a616d, 0xe5c98767, 0xcf1febd2, 0x61efc8c2, 0xf1ac2571, 0xcc8239c2, +0x67214cb8, 0xb1e583d1, 0xb7dc3e62, 0x7f10bdce, 0xf90a5c38, 0x0ff0443d, 0x606e6dc6, 0x60543a49, +0x5727c148, 0x2be98a1d, 0x8ab41738, 0x20e1be24, 0xaf96da0f, 0x68458425, 0x99833be5, 0x600d457d, +0x282f9350, 0x8334b362, 0xd91d1120, 0x2b6d8da0, 0x642b1e31, 0x9c305a00, 0x52bce688, 0x1b03588a, +0xf7baefd5, 0x4142ed9c, 0xa4315c11, 0x83323ec5, 0xdfef4636, 0xa133c501, 0xe9d3531c, 0xee353783 +}; +static const u32 s4[256] = { +0x9db30420, 0x1fb6e9de, 0xa7be7bef, 0xd273a298, 0x4a4f7bdb, 0x64ad8c57, 0x85510443, 0xfa020ed1, +0x7e287aff, 0xe60fb663, 0x095f35a1, 0x79ebf120, 0xfd059d43, 0x6497b7b1, 0xf3641f63, 0x241e4adf, +0x28147f5f, 0x4fa2b8cd, 0xc9430040, 0x0cc32220, 0xfdd30b30, 0xc0a5374f, 0x1d2d00d9, 0x24147b15, +0xee4d111a, 0x0fca5167, 0x71ff904c, 0x2d195ffe, 0x1a05645f, 0x0c13fefe, 0x081b08ca, 0x05170121, +0x80530100, 0xe83e5efe, 0xac9af4f8, 0x7fe72701, 0xd2b8ee5f, 0x06df4261, 0xbb9e9b8a, 0x7293ea25, +0xce84ffdf, 0xf5718801, 0x3dd64b04, 0xa26f263b, 0x7ed48400, 0x547eebe6, 0x446d4ca0, 0x6cf3d6f5, +0x2649abdf, 0xaea0c7f5, 0x36338cc1, 0x503f7e93, 0xd3772061, 0x11b638e1, 0x72500e03, 0xf80eb2bb, +0xabe0502e, 0xec8d77de, 0x57971e81, 0xe14f6746, 0xc9335400, 0x6920318f, 0x081dbb99, 0xffc304a5, +0x4d351805, 0x7f3d5ce3, 0xa6c866c6, 0x5d5bcca9, 0xdaec6fea, 0x9f926f91, 0x9f46222f, 0x3991467d, +0xa5bf6d8e, 0x1143c44f, 0x43958302, 0xd0214eeb, 0x022083b8, 0x3fb6180c, 0x18f8931e, 0x281658e6, +0x26486e3e, 0x8bd78a70, 0x7477e4c1, 0xb506e07c, 0xf32d0a25, 0x79098b02, 0xe4eabb81, 0x28123b23, +0x69dead38, 0x1574ca16, 0xdf871b62, 0x211c40b7, 0xa51a9ef9, 0x0014377b, 0x041e8ac8, 0x09114003, +0xbd59e4d2, 0xe3d156d5, 0x4fe876d5, 0x2f91a340, 0x557be8de, 0x00eae4a7, 0x0ce5c2ec, 0x4db4bba6, +0xe756bdff, 0xdd3369ac, 0xec17b035, 0x06572327, 0x99afc8b0, 0x56c8c391, 0x6b65811c, 0x5e146119, +0x6e85cb75, 0xbe07c002, 0xc2325577, 0x893ff4ec, 0x5bbfc92d, 0xd0ec3b25, 0xb7801ab7, 0x8d6d3b24, +0x20c763ef, 0xc366a5fc, 0x9c382880, 0x0ace3205, 0xaac9548a, 0xeca1d7c7, 0x041afa32, 0x1d16625a, +0x6701902c, 0x9b757a54, 0x31d477f7, 0x9126b031, 0x36cc6fdb, 0xc70b8b46, 0xd9e66a48, 0x56e55a79, +0x026a4ceb, 0x52437eff, 0x2f8f76b4, 0x0df980a5, 0x8674cde3, 0xedda04eb, 0x17a9be04, 0x2c18f4df, +0xb7747f9d, 0xab2af7b4, 0xefc34d20, 0x2e096b7c, 0x1741a254, 0xe5b6a035, 0x213d42f6, 0x2c1c7c26, +0x61c2f50f, 0x6552daf9, 0xd2c231f8, 0x25130f69, 0xd8167fa2, 0x0418f2c8, 0x001a96a6, 0x0d1526ab, +0x63315c21, 0x5e0a72ec, 0x49bafefd, 0x187908d9, 0x8d0dbd86, 0x311170a7, 0x3e9b640c, 0xcc3e10d7, +0xd5cad3b6, 0x0caec388, 0xf73001e1, 0x6c728aff, 0x71eae2a1, 0x1f9af36e, 0xcfcbd12f, 0xc1de8417, +0xac07be6b, 0xcb44a1d8, 0x8b9b0f56, 0x013988c3, 0xb1c52fca, 0xb4be31cd, 0xd8782806, 0x12a3a4e2, +0x6f7de532, 0x58fd7eb6, 0xd01ee900, 0x24adffc2, 0xf4990fc5, 0x9711aac5, 0x001d7b95, 0x82e5e7d2, +0x109873f6, 0x00613096, 0xc32d9521, 0xada121ff, 0x29908415, 0x7fbb977f, 0xaf9eb3db, 0x29c9ed2a, +0x5ce2a465, 0xa730f32c, 0xd0aa3fe8, 0x8a5cc091, 0xd49e2ce7, 0x0ce454a9, 0xd60acd86, 0x015f1919, +0x77079103, 0xdea03af6, 0x78a8565e, 0xdee356df, 0x21f05cbe, 0x8b75e387, 0xb3c50651, 0xb8a5c3ef, +0xd8eeb6d2, 0xe523be77, 0xc2154529, 0x2f69efdf, 0xafe67afb, 0xf470c4b2, 0xf3e0eb5b, 0xd6cc9876, +0x39e4460c, 0x1fda8538, 0x1987832f, 0xca007367, 0xa99144f8, 0x296b299e, 0x492fc295, 0x9266beab, +0xb5676e69, 0x9bd3ddda, 0xdf7e052f, 0xdb25701c, 0x1b5e51ee, 0xf65324e6, 0x6afce36c, 0x0316cc04, +0x8644213e, 0xb7dc59d0, 0x7965291f, 0xccd6fd43, 0x41823979, 0x932bcdf6, 0xb657c34d, 0x4edfd282, +0x7ae5290c, 0x3cb9536b, 0x851e20fe, 0x9833557e, 0x13ecf0b0, 0xd3ffb372, 0x3f85c5c1, 0x0aef7ed2 +}; +static const u32 s5[256] = { +0x7ec90c04, 0x2c6e74b9, 0x9b0e66df, 0xa6337911, 0xb86a7fff, 0x1dd358f5, 0x44dd9d44, 0x1731167f, +0x08fbf1fa, 0xe7f511cc, 0xd2051b00, 0x735aba00, 0x2ab722d8, 0x386381cb, 0xacf6243a, 0x69befd7a, +0xe6a2e77f, 0xf0c720cd, 0xc4494816, 0xccf5c180, 0x38851640, 0x15b0a848, 0xe68b18cb, 0x4caadeff, +0x5f480a01, 0x0412b2aa, 0x259814fc, 0x41d0efe2, 0x4e40b48d, 0x248eb6fb, 0x8dba1cfe, 0x41a99b02, +0x1a550a04, 0xba8f65cb, 0x7251f4e7, 0x95a51725, 0xc106ecd7, 0x97a5980a, 0xc539b9aa, 0x4d79fe6a, +0xf2f3f763, 0x68af8040, 0xed0c9e56, 0x11b4958b, 0xe1eb5a88, 0x8709e6b0, 0xd7e07156, 0x4e29fea7, +0x6366e52d, 0x02d1c000, 0xc4ac8e05, 0x9377f571, 0x0c05372a, 0x578535f2, 0x2261be02, 0xd642a0c9, +0xdf13a280, 0x74b55bd2, 0x682199c0, 0xd421e5ec, 0x53fb3ce8, 0xc8adedb3, 0x28a87fc9, 0x3d959981, +0x5c1ff900, 0xfe38d399, 0x0c4eff0b, 0x062407ea, 0xaa2f4fb1, 0x4fb96976, 0x90c79505, 0xb0a8a774, +0xef55a1ff, 0xe59ca2c2, 0xa6b62d27, 0xe66a4263, 0xdf65001f, 0x0ec50966, 0xdfdd55bc, 0x29de0655, +0x911e739a, 0x17af8975, 0x32c7911c, 0x89f89468, 0x0d01e980, 0x524755f4, 0x03b63cc9, 0x0cc844b2, +0xbcf3f0aa, 0x87ac36e9, 0xe53a7426, 0x01b3d82b, 0x1a9e7449, 0x64ee2d7e, 0xcddbb1da, 0x01c94910, +0xb868bf80, 0x0d26f3fd, 0x9342ede7, 0x04a5c284, 0x636737b6, 0x50f5b616, 0xf24766e3, 0x8eca36c1, +0x136e05db, 0xfef18391, 0xfb887a37, 0xd6e7f7d4, 0xc7fb7dc9, 0x3063fcdf, 0xb6f589de, 0xec2941da, +0x26e46695, 0xb7566419, 0xf654efc5, 0xd08d58b7, 0x48925401, 0xc1bacb7f, 0xe5ff550f, 0xb6083049, +0x5bb5d0e8, 0x87d72e5a, 0xab6a6ee1, 0x223a66ce, 0xc62bf3cd, 0x9e0885f9, 0x68cb3e47, 0x086c010f, +0xa21de820, 0xd18b69de, 0xf3f65777, 0xfa02c3f6, 0x407edac3, 0xcbb3d550, 0x1793084d, 0xb0d70eba, +0x0ab378d5, 0xd951fb0c, 0xded7da56, 0x4124bbe4, 0x94ca0b56, 0x0f5755d1, 0xe0e1e56e, 0x6184b5be, +0x580a249f, 0x94f74bc0, 0xe327888e, 0x9f7b5561, 0xc3dc0280, 0x05687715, 0x646c6bd7, 0x44904db3, +0x66b4f0a3, 0xc0f1648a, 0x697ed5af, 0x49e92ff6, 0x309e374f, 0x2cb6356a, 0x85808573, 0x4991f840, +0x76f0ae02, 0x083be84d, 0x28421c9a, 0x44489406, 0x736e4cb8, 0xc1092910, 0x8bc95fc6, 0x7d869cf4, +0x134f616f, 0x2e77118d, 0xb31b2be1, 0xaa90b472, 0x3ca5d717, 0x7d161bba, 0x9cad9010, 0xaf462ba2, +0x9fe459d2, 0x45d34559, 0xd9f2da13, 0xdbc65487, 0xf3e4f94e, 0x176d486f, 0x097c13ea, 0x631da5c7, +0x445f7382, 0x175683f4, 0xcdc66a97, 0x70be0288, 0xb3cdcf72, 0x6e5dd2f3, 0x20936079, 0x459b80a5, +0xbe60e2db, 0xa9c23101, 0xeba5315c, 0x224e42f2, 0x1c5c1572, 0xf6721b2c, 0x1ad2fff3, 0x8c25404e, +0x324ed72f, 0x4067b7fd, 0x0523138e, 0x5ca3bc78, 0xdc0fd66e, 0x75922283, 0x784d6b17, 0x58ebb16e, +0x44094f85, 0x3f481d87, 0xfcfeae7b, 0x77b5ff76, 0x8c2302bf, 0xaaf47556, 0x5f46b02a, 0x2b092801, +0x3d38f5f7, 0x0ca81f36, 0x52af4a8a, 0x66d5e7c0, 0xdf3b0874, 0x95055110, 0x1b5ad7a8, 0xf61ed5ad, +0x6cf6e479, 0x20758184, 0xd0cefa65, 0x88f7be58, 0x4a046826, 0x0ff6f8f3, 0xa09c7f70, 0x5346aba0, +0x5ce96c28, 0xe176eda3, 0x6bac307f, 0x376829d2, 0x85360fa9, 0x17e3fe2a, 0x24b79767, 0xf5a96b20, +0xd6cd2595, 0x68ff1ebf, 0x7555442c, 0xf19f06be, 0xf9e0659a, 0xeeb9491d, 0x34010718, 0xbb30cab8, +0xe822fe15, 0x88570983, 0x750e6249, 0xda627e55, 0x5e76ffa8, 0xb1534546, 0x6d47de08, 0xefe9e7d4 +}; +static const u32 s6[256] = { +0xf6fa8f9d, 0x2cac6ce1, 0x4ca34867, 0xe2337f7c, 0x95db08e7, 0x016843b4, 0xeced5cbc, 0x325553ac, +0xbf9f0960, 0xdfa1e2ed, 0x83f0579d, 0x63ed86b9, 0x1ab6a6b8, 0xde5ebe39, 0xf38ff732, 0x8989b138, +0x33f14961, 0xc01937bd, 0xf506c6da, 0xe4625e7e, 0xa308ea99, 0x4e23e33c, 0x79cbd7cc, 0x48a14367, +0xa3149619, 0xfec94bd5, 0xa114174a, 0xeaa01866, 0xa084db2d, 0x09a8486f, 0xa888614a, 0x2900af98, +0x01665991, 0xe1992863, 0xc8f30c60, 0x2e78ef3c, 0xd0d51932, 0xcf0fec14, 0xf7ca07d2, 0xd0a82072, +0xfd41197e, 0x9305a6b0, 0xe86be3da, 0x74bed3cd, 0x372da53c, 0x4c7f4448, 0xdab5d440, 0x6dba0ec3, +0x083919a7, 0x9fbaeed9, 0x49dbcfb0, 0x4e670c53, 0x5c3d9c01, 0x64bdb941, 0x2c0e636a, 0xba7dd9cd, +0xea6f7388, 0xe70bc762, 0x35f29adb, 0x5c4cdd8d, 0xf0d48d8c, 0xb88153e2, 0x08a19866, 0x1ae2eac8, +0x284caf89, 0xaa928223, 0x9334be53, 0x3b3a21bf, 0x16434be3, 0x9aea3906, 0xefe8c36e, 0xf890cdd9, +0x80226dae, 0xc340a4a3, 0xdf7e9c09, 0xa694a807, 0x5b7c5ecc, 0x221db3a6, 0x9a69a02f, 0x68818a54, +0xceb2296f, 0x53c0843a, 0xfe893655, 0x25bfe68a, 0xb4628abc, 0xcf222ebf, 0x25ac6f48, 0xa9a99387, +0x53bddb65, 0xe76ffbe7, 0xe967fd78, 0x0ba93563, 0x8e342bc1, 0xe8a11be9, 0x4980740d, 0xc8087dfc, +0x8de4bf99, 0xa11101a0, 0x7fd37975, 0xda5a26c0, 0xe81f994f, 0x9528cd89, 0xfd339fed, 0xb87834bf, +0x5f04456d, 0x22258698, 0xc9c4c83b, 0x2dc156be, 0x4f628daa, 0x57f55ec5, 0xe2220abe, 0xd2916ebf, +0x4ec75b95, 0x24f2c3c0, 0x42d15d99, 0xcd0d7fa0, 0x7b6e27ff, 0xa8dc8af0, 0x7345c106, 0xf41e232f, +0x35162386, 0xe6ea8926, 0x3333b094, 0x157ec6f2, 0x372b74af, 0x692573e4, 0xe9a9d848, 0xf3160289, +0x3a62ef1d, 0xa787e238, 0xf3a5f676, 0x74364853, 0x20951063, 0x4576698d, 0xb6fad407, 0x592af950, +0x36f73523, 0x4cfb6e87, 0x7da4cec0, 0x6c152daa, 0xcb0396a8, 0xc50dfe5d, 0xfcd707ab, 0x0921c42f, +0x89dff0bb, 0x5fe2be78, 0x448f4f33, 0x754613c9, 0x2b05d08d, 0x48b9d585, 0xdc049441, 0xc8098f9b, +0x7dede786, 0xc39a3373, 0x42410005, 0x6a091751, 0x0ef3c8a6, 0x890072d6, 0x28207682, 0xa9a9f7be, +0xbf32679d, 0xd45b5b75, 0xb353fd00, 0xcbb0e358, 0x830f220a, 0x1f8fb214, 0xd372cf08, 0xcc3c4a13, +0x8cf63166, 0x061c87be, 0x88c98f88, 0x6062e397, 0x47cf8e7a, 0xb6c85283, 0x3cc2acfb, 0x3fc06976, +0x4e8f0252, 0x64d8314d, 0xda3870e3, 0x1e665459, 0xc10908f0, 0x513021a5, 0x6c5b68b7, 0x822f8aa0, +0x3007cd3e, 0x74719eef, 0xdc872681, 0x073340d4, 0x7e432fd9, 0x0c5ec241, 0x8809286c, 0xf592d891, +0x08a930f6, 0x957ef305, 0xb7fbffbd, 0xc266e96f, 0x6fe4ac98, 0xb173ecc0, 0xbc60b42a, 0x953498da, +0xfba1ae12, 0x2d4bd736, 0x0f25faab, 0xa4f3fceb, 0xe2969123, 0x257f0c3d, 0x9348af49, 0x361400bc, +0xe8816f4a, 0x3814f200, 0xa3f94043, 0x9c7a54c2, 0xbc704f57, 0xda41e7f9, 0xc25ad33a, 0x54f4a084, +0xb17f5505, 0x59357cbe, 0xedbd15c8, 0x7f97c5ab, 0xba5ac7b5, 0xb6f6deaf, 0x3a479c3a, 0x5302da25, +0x653d7e6a, 0x54268d49, 0x51a477ea, 0x5017d55b, 0xd7d25d88, 0x44136c76, 0x0404a8c8, 0xb8e5a121, +0xb81a928a, 0x60ed5869, 0x97c55b96, 0xeaec991b, 0x29935913, 0x01fdb7f1, 0x088e8dfa, 0x9ab6f6f5, +0x3b4cbf9f, 0x4a5de3ab, 0xe6051d35, 0xa0e1d855, 0xd36b4cf1, 0xf544edeb, 0xb0e93524, 0xbebb8fbd, +0xa2d762cf, 0x49c92f54, 0x38b5f331, 0x7128a454, 0x48392905, 0xa65b1db8, 0x851c97bd, 0xd675cf2f +}; +static const u32 s7[256] = { +0x85e04019, 0x332bf567, 0x662dbfff, 0xcfc65693, 0x2a8d7f6f, 0xab9bc912, 0xde6008a1, 0x2028da1f, +0x0227bce7, 0x4d642916, 0x18fac300, 0x50f18b82, 0x2cb2cb11, 0xb232e75c, 0x4b3695f2, 0xb28707de, +0xa05fbcf6, 0xcd4181e9, 0xe150210c, 0xe24ef1bd, 0xb168c381, 0xfde4e789, 0x5c79b0d8, 0x1e8bfd43, +0x4d495001, 0x38be4341, 0x913cee1d, 0x92a79c3f, 0x089766be, 0xbaeeadf4, 0x1286becf, 0xb6eacb19, +0x2660c200, 0x7565bde4, 0x64241f7a, 0x8248dca9, 0xc3b3ad66, 0x28136086, 0x0bd8dfa8, 0x356d1cf2, +0x107789be, 0xb3b2e9ce, 0x0502aa8f, 0x0bc0351e, 0x166bf52a, 0xeb12ff82, 0xe3486911, 0xd34d7516, +0x4e7b3aff, 0x5f43671b, 0x9cf6e037, 0x4981ac83, 0x334266ce, 0x8c9341b7, 0xd0d854c0, 0xcb3a6c88, +0x47bc2829, 0x4725ba37, 0xa66ad22b, 0x7ad61f1e, 0x0c5cbafa, 0x4437f107, 0xb6e79962, 0x42d2d816, +0x0a961288, 0xe1a5c06e, 0x13749e67, 0x72fc081a, 0xb1d139f7, 0xf9583745, 0xcf19df58, 0xbec3f756, +0xc06eba30, 0x07211b24, 0x45c28829, 0xc95e317f, 0xbc8ec511, 0x38bc46e9, 0xc6e6fa14, 0xbae8584a, +0xad4ebc46, 0x468f508b, 0x7829435f, 0xf124183b, 0x821dba9f, 0xaff60ff4, 0xea2c4e6d, 0x16e39264, +0x92544a8b, 0x009b4fc3, 0xaba68ced, 0x9ac96f78, 0x06a5b79a, 0xb2856e6e, 0x1aec3ca9, 0xbe838688, +0x0e0804e9, 0x55f1be56, 0xe7e5363b, 0xb3a1f25d, 0xf7debb85, 0x61fe033c, 0x16746233, 0x3c034c28, +0xda6d0c74, 0x79aac56c, 0x3ce4e1ad, 0x51f0c802, 0x98f8f35a, 0x1626a49f, 0xeed82b29, 0x1d382fe3, +0x0c4fb99a, 0xbb325778, 0x3ec6d97b, 0x6e77a6a9, 0xcb658b5c, 0xd45230c7, 0x2bd1408b, 0x60c03eb7, +0xb9068d78, 0xa33754f4, 0xf430c87d, 0xc8a71302, 0xb96d8c32, 0xebd4e7be, 0xbe8b9d2d, 0x7979fb06, +0xe7225308, 0x8b75cf77, 0x11ef8da4, 0xe083c858, 0x8d6b786f, 0x5a6317a6, 0xfa5cf7a0, 0x5dda0033, +0xf28ebfb0, 0xf5b9c310, 0xa0eac280, 0x08b9767a, 0xa3d9d2b0, 0x79d34217, 0x021a718d, 0x9ac6336a, +0x2711fd60, 0x438050e3, 0x069908a8, 0x3d7fedc4, 0x826d2bef, 0x4eeb8476, 0x488dcf25, 0x36c9d566, +0x28e74e41, 0xc2610aca, 0x3d49a9cf, 0xbae3b9df, 0xb65f8de6, 0x92aeaf64, 0x3ac7d5e6, 0x9ea80509, +0xf22b017d, 0xa4173f70, 0xdd1e16c3, 0x15e0d7f9, 0x50b1b887, 0x2b9f4fd5, 0x625aba82, 0x6a017962, +0x2ec01b9c, 0x15488aa9, 0xd716e740, 0x40055a2c, 0x93d29a22, 0xe32dbf9a, 0x058745b9, 0x3453dc1e, +0xd699296e, 0x496cff6f, 0x1c9f4986, 0xdfe2ed07, 0xb87242d1, 0x19de7eae, 0x053e561a, 0x15ad6f8c, +0x66626c1c, 0x7154c24c, 0xea082b2a, 0x93eb2939, 0x17dcb0f0, 0x58d4f2ae, 0x9ea294fb, 0x52cf564c, +0x9883fe66, 0x2ec40581, 0x763953c3, 0x01d6692e, 0xd3a0c108, 0xa1e7160e, 0xe4f2dfa6, 0x693ed285, +0x74904698, 0x4c2b0edd, 0x4f757656, 0x5d393378, 0xa132234f, 0x3d321c5d, 0xc3f5e194, 0x4b269301, +0xc79f022f, 0x3c997e7e, 0x5e4f9504, 0x3ffafbbd, 0x76f7ad0e, 0x296693f4, 0x3d1fce6f, 0xc61e45be, +0xd3b5ab34, 0xf72bf9b7, 0x1b0434c0, 0x4e72b567, 0x5592a33d, 0xb5229301, 0xcfd2a87f, 0x60aeb767, +0x1814386b, 0x30bcc33d, 0x38a0c07d, 0xfd1606f2, 0xc363519b, 0x589dd390, 0x5479f8e6, 0x1cb8d647, +0x97fd61a9, 0xea7759f4, 0x2d57539d, 0x569a58cf, 0xe84e63ad, 0x462e1b78, 0x6580f87e, 0xf3817914, +0x91da55f4, 0x40a230f3, 0xd1988f35, 0xb6e318d2, 0x3ffa50bc, 0x3d40f021, 0xc3c0bdae, 0x4958c24c, +0x518f36b2, 0x84b1d370, 0x0fedce83, 0x878ddada, 0xf2a279c7, 0x94e01be8, 0x90716f4b, 0x954b8aa3 +}; +static const u32 s8[256] = { +0xe216300d, 0xbbddfffc, 0xa7ebdabd, 0x35648095, 0x7789f8b7, 0xe6c1121b, 0x0e241600, 0x052ce8b5, +0x11a9cfb0, 0xe5952f11, 0xece7990a, 0x9386d174, 0x2a42931c, 0x76e38111, 0xb12def3a, 0x37ddddfc, +0xde9adeb1, 0x0a0cc32c, 0xbe197029, 0x84a00940, 0xbb243a0f, 0xb4d137cf, 0xb44e79f0, 0x049eedfd, +0x0b15a15d, 0x480d3168, 0x8bbbde5a, 0x669ded42, 0xc7ece831, 0x3f8f95e7, 0x72df191b, 0x7580330d, +0x94074251, 0x5c7dcdfa, 0xabbe6d63, 0xaa402164, 0xb301d40a, 0x02e7d1ca, 0x53571dae, 0x7a3182a2, +0x12a8ddec, 0xfdaa335d, 0x176f43e8, 0x71fb46d4, 0x38129022, 0xce949ad4, 0xb84769ad, 0x965bd862, +0x82f3d055, 0x66fb9767, 0x15b80b4e, 0x1d5b47a0, 0x4cfde06f, 0xc28ec4b8, 0x57e8726e, 0x647a78fc, +0x99865d44, 0x608bd593, 0x6c200e03, 0x39dc5ff6, 0x5d0b00a3, 0xae63aff2, 0x7e8bd632, 0x70108c0c, +0xbbd35049, 0x2998df04, 0x980cf42a, 0x9b6df491, 0x9e7edd53, 0x06918548, 0x58cb7e07, 0x3b74ef2e, +0x522fffb1, 0xd24708cc, 0x1c7e27cd, 0xa4eb215b, 0x3cf1d2e2, 0x19b47a38, 0x424f7618, 0x35856039, +0x9d17dee7, 0x27eb35e6, 0xc9aff67b, 0x36baf5b8, 0x09c467cd, 0xc18910b1, 0xe11dbf7b, 0x06cd1af8, +0x7170c608, 0x2d5e3354, 0xd4de495a, 0x64c6d006, 0xbcc0c62c, 0x3dd00db3, 0x708f8f34, 0x77d51b42, +0x264f620f, 0x24b8d2bf, 0x15c1b79e, 0x46a52564, 0xf8d7e54e, 0x3e378160, 0x7895cda5, 0x859c15a5, +0xe6459788, 0xc37bc75f, 0xdb07ba0c, 0x0676a3ab, 0x7f229b1e, 0x31842e7b, 0x24259fd7, 0xf8bef472, +0x835ffcb8, 0x6df4c1f2, 0x96f5b195, 0xfd0af0fc, 0xb0fe134c, 0xe2506d3d, 0x4f9b12ea, 0xf215f225, +0xa223736f, 0x9fb4c428, 0x25d04979, 0x34c713f8, 0xc4618187, 0xea7a6e98, 0x7cd16efc, 0x1436876c, +0xf1544107, 0xbedeee14, 0x56e9af27, 0xa04aa441, 0x3cf7c899, 0x92ecbae6, 0xdd67016d, 0x151682eb, +0xa842eedf, 0xfdba60b4, 0xf1907b75, 0x20e3030f, 0x24d8c29e, 0xe139673b, 0xefa63fb8, 0x71873054, +0xb6f2cf3b, 0x9f326442, 0xcb15a4cc, 0xb01a4504, 0xf1e47d8d, 0x844a1be5, 0xbae7dfdc, 0x42cbda70, +0xcd7dae0a, 0x57e85b7a, 0xd53f5af6, 0x20cf4d8c, 0xcea4d428, 0x79d130a4, 0x3486ebfb, 0x33d3cddc, +0x77853b53, 0x37effcb5, 0xc5068778, 0xe580b3e6, 0x4e68b8f4, 0xc5c8b37e, 0x0d809ea2, 0x398feb7c, +0x132a4f94, 0x43b7950e, 0x2fee7d1c, 0x223613bd, 0xdd06caa2, 0x37df932b, 0xc4248289, 0xacf3ebc3, +0x5715f6b7, 0xef3478dd, 0xf267616f, 0xc148cbe4, 0x9052815e, 0x5e410fab, 0xb48a2465, 0x2eda7fa4, +0xe87b40e4, 0xe98ea084, 0x5889e9e1, 0xefd390fc, 0xdd07d35b, 0xdb485694, 0x38d7e5b2, 0x57720101, +0x730edebc, 0x5b643113, 0x94917e4f, 0x503c2fba, 0x646f1282, 0x7523d24a, 0xe0779695, 0xf9c17a8f, +0x7a5b2121, 0xd187b896, 0x29263a4d, 0xba510cdf, 0x81f47c9f, 0xad1163ed, 0xea7b5965, 0x1a00726e, +0x11403092, 0x00da6d77, 0x4a0cdd61, 0xad1f4603, 0x605bdfb0, 0x9eedc364, 0x22ebe6a8, 0xcee7d28a, +0xa0e736a0, 0x5564a6b9, 0x10853209, 0xc7eb8f37, 0x2de705ca, 0x8951570f, 0xdf09822b, 0xbd691a6c, +0xaa12e4f2, 0x87451c0f, 0xe0f6a27a, 0x3ada4819, 0x4cf1764f, 0x0d771c2b, 0x67cdb156, 0x350d8384, +0x5938fa0f, 0x42399ef3, 0x36997b07, 0x0e84093d, 0x4aa93e61, 0x8360d87b, 0x1fa98b0c, 0x1149382c, +0xe97625a5, 0x0614d1b7, 0x0e25244b, 0x0c768347, 0x589e8d82, 0x0d2059d1, 0xa466bb1e, 0xf8da0a82, +0x04f19130, 0xba6e4ec0, 0x99265164, 0x1ee7230d, 0x50b2ad80, 0xeaee6801, 0x8db2a283, 0xea8bf59e +}; + + + + + +static u32 +function_F( CAST5_context *bc, u32 x ) +{ + u16 a, b, c, d, y; + + d = x & 0x00ff; + x >>= 8; + c = x & 0x00ff; + x >>= 8; + b = x & 0x00ff; + x >>= 8; + a = x & 0x00ff; + y = bc->s0[a] + bc->s1[b]; + y ^= bc->s2[c]; + y += bc->s3[d]; + + return y; +} + + +static void +encrypt( CAST5_context *bc, u32 *ret_xl, u32 *ret_xr ) +{ + u32 xl, xr, temp; + int i; + + /* (L0,R0) <-- (m1...m64). (Split the plaintext into left and + * right 32-bit halves L0 = m1...m32 and R0 = m33...m64.) + */ + xl = *ret_xl; + xr = *ret_xr; + + for(i=0; i < 16; i++ ) { + /* (16 rounds) for i from 1 to 16, compute Li and Ri as follows: + * Li = Ri-1; + * Ri = Li-1 ^ f(Ri-1,Kmi,Kri), where f is defined in Section 2.2 + * (f is of Type 1, Type 2, or Type 3, depending on i). + */ + xl ^= bc->p[i]; + xr ^= function_F(bc, xl); + temp = xl; + xl = xr; + xr = temp; + } + + /* c1...c64 <-- (R16,L16). (Exchange final blocks L16, R16 and + * concatenate to form the ciphertext.) */ + temp = xl; + xl = xr; + xr = temp; + + xr ^= bc->p[CAST5_ROUNDS]; + xl ^= bc->p[CAST5_ROUNDS+1]; + + *ret_xl = xl; + *ret_xr = xr; +} + +static void +decrypted( CAST5_context *bc, u32 *ret_xl, u32 *ret_xr ) +{ + u32 xl, xr, temp; + int i; + + xl = *ret_xl; + xr = *ret_xr; + + for(i=CAST5_ROUNDS+1; i > 1; i-- ) { + xl ^= bc->p[i]; + xr ^= function_F(bc, xl); + temp = xl; + xl = xr; + xr = temp; + } + + temp = xl; + xl = xr; + xr = temp; + + xr ^= bc->p[1]; + xl ^= bc->p[0]; + + *ret_xl = xl; + *ret_xr = xr; +} + +static void +encrypted_block( CAST5_context *bc, byte *outbuf, byte *inbuf ) +{ + u32 d1, d2; + + d1 = ((u32*)inbuf)[0]; + d2 = ((u32*)inbuf)[1]; + encrypted( bc, &d1, &d2 ); + ((u32*)outbuf)[0] = d1; + ((u32*)outbuf)[1] = d2; +} + +static void +decrypted_block( CAST5_context *bc, byte *outbuf, byte *inbuf ) +{ + u32 d1, d2; + + d1 = ((u32*)inbuf)[0]; + d2 = ((u32*)inbuf)[1]; + decrypted( bc, &d1, &d2 ); + ((u32*)outbuf)[0] = d1; + ((u32*)outbuf)[1] = d2; +} + + +void +cast5_setkey( CAST5_context *c, byte *key, unsigned keylen ) +{ + int i, j, k; + u32 data, datal, datar; + + for(i=0; i < CAST5_ROUNDS+2; i++ ) + c->p[i] = ps[i]; + for(i=0; i < 256; i++ ) { + c->s0[i] = ks0[i]; + c->s1[i] = ks1[i]; + c->s2[i] = ks2[i]; + c->s3[i] = ks3[i]; + } + + for(i=j=0; i < BLOWFISH_ROUNDS+2; i++ ) { + data = 0; + for(k=0; k < 4; k++) { + data = (data << 8) | key[j]; + if( ++j >= keylen ) + j = 0; + } + c->p[i] ^= data; + } + + datal = datar = 0; + for(i=0; i < CAST5_ROUNDS+2; i += 2 ) { + encrypted( c, &datal, &datar ); + c->p[i] = datal; + c->p[i+1] = datar; + } + for(i=0; i < 256; i += 2 ) { + encrypted( c, &datal, &datar ); + c->s0[i] = datal; + c->s0[i+1] = datar; + } + for(i=0; i < 256; i += 2 ) { + encrypted( c, &datal, &datar ); + c->s1[i] = datal; + c->s1[i+1] = datar; + } + for(i=0; i < 256; i += 2 ) { + encrypted( c, &datal, &datar ); + c->s2[i] = datal; + c->s2[i+1] = datar; + } + for(i=0; i < 256; i += 2 ) { + encrypted( c, &datal, &datar ); + c->s3[i] = datal; + c->s3[i+1] = datar; + } +} + + +void +cast5_setiv( CAST5_context *c, byte *iv ) +{ + if( iv ) + memcpy( c->iv, iv, CAST5_BLOCKSIZE ); + else + memset( c->iv, 0, CAST5_BLOCKSIZE ); + c->count = 0; + encrypted_block( c, c->eniv, c->iv ); +} + + +void +cast5_encode( CAST5_context *c, byte *outbuf, byte *inbuf, + unsigned nblocks ) +{ + unsigned n; + + for(n=0; n < nblocks; n++ ) { + encrypted_block( c, outbuf, inbuf ); + inbuf += CAST5_BLOCKSIZE;; + outbuf += CAST5_BLOCKSIZE; + } +} + +void +cast5_decode( CAST5_context *c, byte *outbuf, byte *inbuf, + unsigned nblocks ) +{ + unsigned n; + + for(n=0; n < nblocks; n++ ) { + decrypted_block( c, outbuf, inbuf ); + inbuf += CAST5_BLOCKSIZE;; + outbuf += CAST5_BLOCKSIZE; + } +} + + + +/**************** + * FIXME: Make use of bigger chunks + * (out may overlap with a or b) + */ +static void +xorblock( byte *out, byte *a, byte *b, unsigned count ) +{ + for( ; count ; count--, a++, b++ ) + *out++ = *a ^ *b ; +} + + + +/**************** + * Encode buffer in CFB mode. nbytes can be an arbitrary value. + */ +void +cast5_encode_cfb( CAST5_context *c, byte *outbuf, + byte *inbuf, unsigned nbytes) +{ + unsigned n; + + if( c->count ) { /* must make a full block first */ + assert( c->count < CAST5_BLOCKSIZE ); + n = CAST5_BLOCKSIZE - c->count; + if( n > nbytes ) + n = nbytes; + xorblock( outbuf, c->eniv+c->count, inbuf, n); + memcpy( c->iv+c->count, outbuf, n); + c->count += n; + nbytes -= n; + inbuf += n; + outbuf += n; + assert( c->count <= CAST5_BLOCKSIZE); + if( c->count == CAST5_BLOCKSIZE ) { + encrypted_block( c, c->eniv, c->iv ); + c->count = 0; + } + else + return; + } + assert(!c->count); + while( nbytes >= CAST5_BLOCKSIZE ) { + xorblock( outbuf, c->eniv, inbuf, CAST5_BLOCKSIZE); + memcpy( c->iv, outbuf, CAST5_BLOCKSIZE); + encrypted_block( c, c->eniv, c->iv ); + nbytes -= CAST5_BLOCKSIZE; + inbuf += CAST5_BLOCKSIZE; + outbuf += CAST5_BLOCKSIZE; + } + + if( nbytes ) { + xorblock( outbuf, c->eniv, inbuf, nbytes ); + memcpy( c->iv, outbuf, nbytes ); + c->count = nbytes; + } + +} + + +void +cast5_decode_cfb( CAST5_context *c, byte *outbuf, + byte *inbuf, unsigned nbytes) +{ + unsigned n; + + if( c->count ) { /* must make a full block first */ + assert( c->count < CAST5_BLOCKSIZE ); + n = CAST5_BLOCKSIZE - c->count; + if( n > nbytes ) + n = nbytes; + memcpy( c->iv+c->count, inbuf, n); + xorblock( outbuf, c->eniv+c->count, inbuf, n); + c->count += n; + nbytes -= n; + inbuf += n; + outbuf += n; + assert( c->count <= CAST5_BLOCKSIZE); + if( c->count == CAST5_BLOCKSIZE ) { + encrypted_block( c, c->eniv, c->iv ); + c->count = 0; + } + else + return; + } + + assert(!c->count); + while( nbytes >= CAST5_BLOCKSIZE ) { + memcpy( c->iv, inbuf, CAST5_BLOCKSIZE); + xorblock( outbuf, c->eniv, inbuf, CAST5_BLOCKSIZE); + encrypted_block( c, c->eniv, c->iv ); + nbytes -= CAST5_BLOCKSIZE; + inbuf += CAST5_BLOCKSIZE; + outbuf += CAST5_BLOCKSIZE; + } + + if( nbytes ) { + memcpy( c->iv, inbuf, nbytes ); + xorblock( outbuf, c->eniv, inbuf, nbytes ); + c->count = nbytes; + } + +} + diff --git a/cipher/cast5.h b/cipher/cast5.h new file mode 100644 index 000000000..6e0b795f9 --- /dev/null +++ b/cipher/cast5.h @@ -0,0 +1,50 @@ +/* cast5.h + * Copyright (c) 1997 by Werner Koch (dd9jn) + * + * This file is part of G10. + * + * G10 is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * G10 is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ +#ifndef G10_CAST5_H +#define G10_CAST5_H + +#include "types.h" + +#define CAST5_BLOCKSIZE 8 + +typedef struct { + u32 s0[256]; + u32 s1[256]; + u32 s2[256]; + u32 s3[256]; + u32 p[16+2]; + byte iv[CAST5_BLOCKSIZE]; + byte eniv[CAST5_BLOCKSIZE]; + int count; +} CAST5_context; + +void cast5_setkey( CAST5_context *c, byte *key, unsigned keylen ); +void cast5_setiv( CAST5_context *c, byte *iv ); +void cast5_encode( CAST5_context *c, byte *outbuf, byte *inbuf, + unsigned nblocks ); +void cast5_decode( CAST5_context *c, byte *outbuf, byte *inbuf, + unsigned nblocks ); +void cast5_encode_cfb( CAST5_context *c, byte *outbuf, + byte *inbuf, unsigned nbytes); +void cast5_decode_cfb( CAST5_context *c, byte *outbuf, + byte *inbuf, unsigned nbytes); + + +#endif /*G10_CAST5_H*/ diff --git a/cipher/dsa.c b/cipher/dsa.c new file mode 100644 index 000000000..dd9100dfb --- /dev/null +++ b/cipher/dsa.c @@ -0,0 +1,245 @@ +/* dsa.c - DSA signature scheme + * Copyright (c) 1997 by Werner Koch (dd9jn) + * + * This file is part of G10. + * + * G10 is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * G10 is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +#include +#include +#include +#include +#include "util.h" +#include "mpi.h" +#include "cipher.h" +#include "dsa.h" + + +void +dsa_free_public_key( DSA_public_key *pk ) +{ + mpi_free( pk->p ); pk->p = NULL; + mpi_free( pk->g ); pk->g = NULL; + mpi_free( pk->y ); pk->y = NULL; +} + +void +dsa_free_secret_key( DSA_secret_key *sk ) +{ + mpi_free( sk->p ); sk->p = NULL; + mpi_free( sk->g ); sk->g = NULL; + mpi_free( sk->y ); sk->y = NULL; + mpi_free( sk->x ); sk->x = NULL; +} + + +static void +test_keys( DSA_public_key *pk, DSA_secret_key *sk, unsigned nbits ) +{ + MPI test = mpi_alloc( nbits / BITS_PER_MPI_LIMB ); + MPI out1_a = mpi_alloc( nbits / BITS_PER_MPI_LIMB ); + MPI out1_b = mpi_alloc( nbits / BITS_PER_MPI_LIMB ); + MPI out2 = mpi_alloc( nbits / BITS_PER_MPI_LIMB ); + + mpi_set_bytes( test, nbits, get_random_byte, 0 ); + + dsa_sign( out1_a, out1_b, test, sk ); + if( !dsa_verify( out1_a, out1_b, test, pk ) ) + log_fatal("DSA operation: sign, verify failed\n"); + + mpi_free( test ); + mpi_free( out1_a ); + mpi_free( out1_b ); + mpi_free( out2 ); +} + + +/**************** + * generate a random secret exponent k from prime p, so + * that k is relatively prime to p-1 + */ +static MPI +gen_k( MPI p ) +{ + MPI k = mpi_alloc_secure( mpi_get_nlimbs(p) ); + MPI temp = mpi_alloc( mpi_get_nlimbs(p) ); + MPI p_1 = mpi_copy(p); + unsigned nbits = mpi_get_nbits(p); + + if( DBG_CIPHER ) + log_debug("choosing a random k "); + mpi_sub_ui( p_1, p, 1); + for(;;) { + if( DBG_CIPHER ) + fputc('.', stderr); + mpi_set_bytes( k, nbits, get_random_byte, 1 ); + mpi_set_bit( k, nbits-1 ); /* make sure it's high (really needed?) */ + if( mpi_cmp( k, p_1 ) >= 0 ) + continue; /* is not smaller than (p-1) */ + if( mpi_gcd( temp, k, p_1 ) ) + break; /* okay, k is relatively prime to (p-1) */ + } + if( DBG_CIPHER ) + fputc('\n', stderr); + mpi_free(p_1); + mpi_free(temp); + + return k; +} + +/**************** + * Generate a key pair with a key of size NBITS + * Returns: 2 structures filles with all needed values + */ +void +dsa_generate( DSA_public_key *pk, DSA_secret_key *sk, unsigned nbits ) +{ + MPI p; /* the prime */ + MPI g; + MPI x; /* the secret exponent */ + MPI y; + + p = generate_public_prime( nbits ); + /* FIXME: check wether we shall assert that (p-1)/2 is also prime + * Schneier votes against it + */ + g = mpi_alloc_set_ui(3); + + /* select a random number */ + x = mpi_alloc_secure( nbits/BITS_PER_MPI_LIMB ); + if( DBG_CIPHER ) + log_debug("choosing a random x "); + do { + if( DBG_CIPHER ) + fputc('.', stderr); + mpi_set_bytes( x, nbits, get_random_byte, 1 ); /* fixme: should be 2 */ + mpi_set_bit( x, nbits-1 ); /* make sure it's high (needed?) */ + } while( mpi_cmp( x, p ) >= 0 ); /* x must be smaller than p */ + + y = mpi_alloc(nbits/BITS_PER_MPI_LIMB); + mpi_powm( y, g, x, p ); + + if( DBG_CIPHER ) { + fputc('\n', stderr); + log_mpidump("dsa p= ", p ); + log_mpidump("dsa g= ", g ); + log_mpidump("dsa y= ", y ); + log_mpidump("dsa x= ", x ); + } + + + /* copy the stuff to the key structures */ + pk->p = mpi_copy(p); + pk->g = mpi_copy(g); + pk->y = mpi_copy(y); + sk->p = p; + sk->g = g; + sk->y = y; + sk->x = x; + + /* now we can test our keys (this should never fail!) */ + test_keys( pk, sk, nbits - 64 ); +} + + +/**************** + * Test wether the secret key is valid. + * Returns: if this is a valid key. + */ +int +dsa_check_secret_key( DSA_secret_key *sk ) +{ + int rc; + MPI y = mpi_alloc( mpi_get_nlimbs(sk->y) ); + + mpi_powm( y, sk->g, sk->x, sk->p ); + rc = !mpi_cmp( y, sk->y ); + mpi_free( y ); + return rc; +} + + + +/**************** + * Make an Elgamal signature out of INPUT + */ + +void +dsa_sign(MPI a, MPI b, MPI input, DSA_secret_key *skey ) +{ + MPI k; + MPI t = mpi_alloc( mpi_get_nlimbs(a) ); + MPI inv = mpi_alloc( mpi_get_nlimbs(a) ); + MPI p_1 = mpi_copy(skey->p); + + /* + * b = (t * inv) mod (p-1) + * b = (t * inv(k,(p-1),(p-1)) mod (p-1) + * b = (((M-x*a) mod (p-1)) * inv(k,(p-1),(p-1))) mod (p-1) + * + */ + mpi_sub_ui(p_1, p_1, 1); + k = gen_k( skey->p ); + mpi_powm( a, skey->g, k, skey->p ); + mpi_mul(t, skey->x, a ); + mpi_subm(t, input, t, p_1 ); + while( mpi_is_neg(t) ) + mpi_add(t, t, p_1); + mpi_invm(inv, k, p_1 ); + mpi_mulm(b, t, inv, p_1 ); + + #if 0 + if( DBG_CIPHER ) { + log_mpidump("dsa sign p= ", skey->p); + log_mpidump("dsa sign g= ", skey->g); + log_mpidump("dsa sign y= ", skey->y); + log_mpidump("dsa sign x= ", skey->x); + log_mpidump("dsa sign k= ", k); + log_mpidump("dsa sign M= ", input); + log_mpidump("dsa sign a= ", a); + log_mpidump("dsa sign b= ", b); + } + #endif + mpi_free(k); + mpi_free(t); + mpi_free(inv); + mpi_free(p_1); +} + + +/**************** + * Returns true if the signature composed from A and B is valid. + */ +int +dsa_verify(MPI a, MPI b, MPI input, DSA_public_key *pkey ) +{ + int rc; + MPI t1 = mpi_alloc( mpi_get_nlimbs(a) ); + MPI t2 = mpi_alloc( mpi_get_nlimbs(a) ); + + mpi_powm( t1, pkey->y, a, pkey->p ); + mpi_powm( t2, a, b, pkey->p ); + mpi_mulm( t1, t1, t2, pkey->p ); + + mpi_powm( t2, pkey->g, input, pkey->p ); + + rc = !mpi_cmp( t1, t2 ); + + mpi_free(t1); + mpi_free(t2); + return rc; +} + diff --git a/cipher/dsa.h b/cipher/dsa.h new file mode 100644 index 000000000..7ed38a4b3 --- /dev/null +++ b/cipher/dsa.h @@ -0,0 +1,49 @@ +/* dsa.h - DSA signature scheme + * Copyright (c) 1997 by Werner Koch (dd9jn) + * + * This file is part of G10. + * + * G10 is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * G10 is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ +#ifndef G10_DSA_H +#define G10_DSA_H + +#include "mpi.h" + +typedef struct { + MPI p; /* prime */ + MPI q; /* group order */ + MPI g; /* group generator */ + MPI y; /* g^x mod p */ +} DSA_public_key; + + +typedef struct { + MPI p; /* prime */ + MPI q; /* group order */ + MPI g; /* group generator */ + MPI y; /* g^x mod p */ + MPI x; /* secret exponent */ +} DSA_secret_key; + + +void dsa_free_public_key( DSA_public_key *pk ); +void dsa_free_secret_key( DSA_secret_key *sk ); +void dsa_generate( DSA_public_key *pk, DSA_secret_key *sk, unsigned nbits ); +int dsa_check_secret_key( DSA_secret_key *sk ); +void dsa_sign(MPI a, MPI b, MPI input, DSA_secret_key *skey); +int dsa_verify(MPI a, MPI b, MPI input, DSA_public_key *pkey); + +#endif /*G10_DSA_H*/ diff --git a/cipher/elgamal.c b/cipher/elgamal.c index 63ec06f57..4252b48d1 100644 --- a/cipher/elgamal.c +++ b/cipher/elgamal.c @@ -60,10 +60,10 @@ test_keys( ELG_public_key *pk, ELG_secret_key *sk, unsigned nbits ) mpi_set_bytes( test, nbits, get_random_byte, 0 ); - elg_encrypted( out1_a, out1_b, test, pk ); - elg_decrypted( out2, out1_a, out1_b, sk ); + elg_encrypt( out1_a, out1_b, test, pk ); + elg_decrypt( out2, out1_a, out1_b, sk ); if( mpi_cmp( test, out2 ) ) - log_fatal("ElGamal operation: encrypted, decrypted failed\n"); + log_fatal("ElGamal operation: encrypt, decrypt failed\n"); elg_sign( out1_a, out1_b, test, sk ); if( !elg_verify( out1_a, out1_b, test, pk ) ) @@ -95,9 +95,10 @@ gen_k( MPI p ) if( DBG_CIPHER ) fputc('.', stderr); mpi_set_bytes( k, nbits, get_random_byte, 1 ); - mpi_set_bit( k, nbits-1 ); /* make sure it's high (really needed?) */ - if( mpi_cmp( k, p_1 ) >= 0 ) - continue; /* is not smaller than (p-1) */ + if( !(mpi_cmp( k, p_1 ) < 0) ) /* check: k < (p-1) */ + continue; /* no */ + if( !(mpi_cmp_ui( k, 0 ) > 0) ) /* check: k > 0 */ + continue; /* no */ if( mpi_gcd( temp, k, p_1 ) ) break; /* okay, k is relatively prime to (p-1) */ } @@ -117,17 +118,27 @@ void elg_generate( ELG_public_key *pk, ELG_secret_key *sk, unsigned nbits ) { MPI p; /* the prime */ + MPI p_min1; MPI g; MPI x; /* the secret exponent */ MPI y; + MPI temp; - p = generate_public_prime( nbits ); - /* FIXME: check wether we shall assert that (p-1)/2 is also prime - * Schneier votes against it + p = NULL; + p_min1 = mpi_alloc( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB ); + temp = mpi_alloc( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB ); + /*do {*/ + mpi_free(p); + /* FIXME!!!! Should generate a strong prime */ + p = generate_public_prime( nbits ); + mpi_sub_ui(p_min1, p, 1); + /*} while if( mpi_gcd( temp, k, p_1 ) )*/ + + + g = mpi_alloc_set_ui(3); /* fixme: 3 is bad (but better than 2)*/ + /* select a random number which has these properties: + * 0 < x < p-1 */ - g = mpi_alloc_set_ui(3); - - /* select a random number */ x = mpi_alloc_secure( nbits/BITS_PER_MPI_LIMB ); if( DBG_CIPHER ) log_debug("choosing a random x "); @@ -135,8 +146,7 @@ elg_generate( ELG_public_key *pk, ELG_secret_key *sk, unsigned nbits ) if( DBG_CIPHER ) fputc('.', stderr); mpi_set_bytes( x, nbits, get_random_byte, 1 ); /* fixme: should be 2 */ - mpi_set_bit( x, nbits-1 ); /* make sure it's high (needed?) */ - } while( mpi_cmp( x, p ) >= 0 ); /* x must be smaller than p */ + } while( !( mpi_cmp_ui( x, 0 )>0 && mpi_cmp( x, p_min1 )<0 ) ); y = mpi_alloc(nbits/BITS_PER_MPI_LIMB); mpi_powm( y, g, x, p ); @@ -149,7 +159,6 @@ elg_generate( ELG_public_key *pk, ELG_secret_key *sk, unsigned nbits ) log_mpidump("elg x= ", x ); } - /* copy the stuff to the key structures */ pk->p = mpi_copy(p); pk->g = mpi_copy(g); @@ -161,6 +170,9 @@ elg_generate( ELG_public_key *pk, ELG_secret_key *sk, unsigned nbits ) /* now we can test our keys (this should never fail!) */ test_keys( pk, sk, nbits - 64 ); + + mpi_free( p_min1 ); + mpi_free( temp ); } @@ -182,7 +194,7 @@ elg_check_secret_key( ELG_secret_key *sk ) void -elg_encrypted(MPI a, MPI b, MPI input, ELG_public_key *pkey ) +elg_encrypt(MPI a, MPI b, MPI input, ELG_public_key *pkey ) { MPI k; @@ -212,7 +224,7 @@ elg_encrypted(MPI a, MPI b, MPI input, ELG_public_key *pkey ) void -elg_decrypted(MPI output, MPI a, MPI b, ELG_secret_key *skey ) +elg_decrypt(MPI output, MPI a, MPI b, ELG_secret_key *skey ) { MPI t1 = mpi_alloc_secure( mpi_get_nlimbs( skey->p ) ); @@ -288,13 +300,24 @@ int elg_verify(MPI a, MPI b, MPI input, ELG_public_key *pkey ) { int rc; - MPI t1 = mpi_alloc( mpi_get_nlimbs(a) ); - MPI t2 = mpi_alloc( mpi_get_nlimbs(a) ); + MPI t1; + MPI t2; + if( !(mpi_cmp_ui( a, 0 ) > 0 && mpi_cmp( a, pkey->p ) < 0) ) + return 0; /* assertion 0 < a < p failed */ + + t1 = mpi_alloc( mpi_get_nlimbs(a) ); + t2 = mpi_alloc( mpi_get_nlimbs(a) ); + /* t1 = (y^a mod p) * (a^b mod p) mod p + * fixme: should be calculated by a call which evalutes + * t1 = y^a * a^b mod p + * direct. + */ mpi_powm( t1, pkey->y, a, pkey->p ); mpi_powm( t2, a, b, pkey->p ); mpi_mulm( t1, t1, t2, pkey->p ); + /* t2 = g ^ input mod p */ mpi_powm( t2, pkey->g, input, pkey->p ); rc = !mpi_cmp( t1, t2 ); diff --git a/cipher/elgamal.h b/cipher/elgamal.h index 4086a8fc5..15121f55c 100644 --- a/cipher/elgamal.h +++ b/cipher/elgamal.h @@ -41,8 +41,8 @@ void elg_free_public_key( ELG_public_key *pk ); void elg_free_secret_key( ELG_secret_key *sk ); void elg_generate( ELG_public_key *pk, ELG_secret_key *sk, unsigned nbits ); int elg_check_secret_key( ELG_secret_key *sk ); -void elg_encrypted(MPI a, MPI b, MPI input, ELG_public_key *pkey ); -void elg_decrypted(MPI output, MPI a, MPI b, ELG_secret_key *skey ); +void elg_encrypt(MPI a, MPI b, MPI input, ELG_public_key *pkey ); +void elg_decrypt(MPI output, MPI a, MPI b, ELG_secret_key *skey ); void elg_sign(MPI a, MPI b, MPI input, ELG_secret_key *skey); int elg_verify(MPI a, MPI b, MPI input, ELG_public_key *pkey); diff --git a/cipher/md.c b/cipher/md.c index a14d62f32..71403c8c9 100644 --- a/cipher/md.c +++ b/cipher/md.c @@ -32,6 +32,7 @@ md_okay( int algo ) switch( algo ) { case DIGEST_ALGO_MD5: case DIGEST_ALGO_RMD160: + case DIGEST_ALGO_SHA1: return 0; default: return G10ERR_DIGEST_ALGO; @@ -51,6 +52,8 @@ md_open( int algo, int secure ) hd->u.md5 = md5_open( secure ); else if( algo == DIGEST_ALGO_RMD160 ) hd->u.rmd= rmd160_open( secure ); + else if( algo == DIGEST_ALGO_SHA1 ) + hd->u.sha1 = sha1_open( secure ); else return NULL; @@ -70,6 +73,8 @@ md_copy( MD_HANDLE *a ) hd->u.md5 = md5_copy( a->u.md5 ); else if( a->algo == DIGEST_ALGO_RMD160 ) hd->u.rmd= rmd160_copy( a->u.rmd ); + else if( a->algo == DIGEST_ALGO_SHA1 ) + hd->u.sha1= sha1_copy( a->u.sha1 ); else log_bug(NULL); return hd; @@ -89,6 +94,8 @@ md_makecontainer( int algo ) ; else if( algo == DIGEST_ALGO_RMD160 ) ; + else if( algo == DIGEST_ALGO_SHA1 ) + ; else log_bug(NULL); return hd; @@ -103,6 +110,8 @@ md_close(MD_HANDLE *a) md5_close( a->u.md5 ); else if( a->algo == DIGEST_ALGO_RMD160 ) rmd160_close( a->u.rmd ); + else if( a->algo == DIGEST_ALGO_SHA1 ) + sha1_close( a->u.sha1 ); else log_bug(NULL); m_free(a); @@ -116,6 +125,8 @@ md_write( MD_HANDLE *a, byte *inbuf, size_t inlen) md5_write( a->u.md5, inbuf, inlen ); else if( a->algo == DIGEST_ALGO_RMD160 ) rmd160_write( a->u.rmd, inbuf, inlen ); + else if( a->algo == DIGEST_ALGO_SHA1 ) + sha1_write( a->u.sha1, inbuf, inlen ); else log_bug(NULL); } @@ -128,6 +139,8 @@ md_putchar( MD_HANDLE *a, int c ) md5_putchar( a->u.md5, c ); else if( a->algo == DIGEST_ALGO_RMD160 ) rmd160_putchar( a->u.rmd, c ); + else if( a->algo == DIGEST_ALGO_SHA1 ) + sha1_putchar( a->u.sha1, c ); else log_bug(NULL); } @@ -151,6 +164,13 @@ md_final(MD_HANDLE *a) } return a->data; } + else if( a->algo == DIGEST_ALGO_SHA1 ) { + if( !a->datalen ) { + memcpy(a->data, sha1_final( a->u.sha1 ), 20 ); + a->datalen = 20; + } + return a->data; + } else log_bug(NULL); } diff --git a/cipher/random.c b/cipher/random.c index b4abbdda9..2848aad74 100644 --- a/cipher/random.c +++ b/cipher/random.c @@ -22,14 +22,23 @@ #include #include #include +#include +#include +#include #include "util.h" #include "cipher.h" -static struct { - int level; +struct cache { int len; - byte buffer[100]; /* fixme: should this be allocated in secure space? */ -} cache; + byte buffer[100]; /* fixme: should be allocalted with m_alloc_secure()*/ +}; + +static struct cache cache[3]; +#define MASK_LEVEL(a) do {if( a > 2 ) a = 2; else if( a < 0 ) a = 0; } while(0) + + +static int open_device( const char *name, int minor ); +static void fill_buffer( byte *buffer, size_t length, int level ); /**************** * Fill the buffer with LENGTH bytes of cryptologic strong @@ -39,30 +48,77 @@ static struct { void randomize_buffer( byte *buffer, size_t length, int level ) { - FILE *fp; - - if( level == 2 ) - level = 1; /* 2 is much too slow */ - /* FIXME: do a stat and check that we have the correct device numbers*/ - fp = fopen(level < 2? "/dev/urandom":"/dev/random", "r"); - if( !fp ) - log_fatal("can't open random device: %s\n", strerror(errno) ); for( ; length; length-- ) - *buffer++ = getc(fp); - fclose(fp); + *buffer++ = get_random_byte(level); } byte get_random_byte( int level ) { - if( !cache.len || cache.level < level ) { - randomize_buffer(cache.buffer, DIM(cache.buffer), level ); - cache.level = level; - cache.len = DIM(cache.buffer); + MASK_LEVEL(level); + if( !cache[level].len ) { + fill_buffer(cache[level].buffer, DIM(cache[level].buffer), level ); + cache[level].len = DIM(cache[level].buffer); } - return cache.buffer[--cache.len]; + return cache[level].buffer[--cache[level].len]; } + + +static int +open_device( const char *name, int minor ) +{ + int fd; + struct stat sb; + + fd = open( name, O_RDONLY ); + if( fd == -1 ) + log_fatal("can't open %s: %s\n", name, strerror(errno) ); + if( fstat( fd, &sb ) ) + log_fatal("stat() off %s failed: %s\n", name, strerror(errno) ); + if( !S_ISCHR(sb.st_mode) + #ifdef __linux__ + || (sb.st_rdev >> 8) != 1 + || (sb.st_rdev & 0xff) != minor + #endif + ) + log_fatal("invalid random device!\n" ); + return fd; +} + + +static void +fill_buffer( byte *buffer, size_t length, int level ) +{ + FILE *fp; + static int fd_urandom = -1; + static int fd_random = -1; + int fd; + int n; + + if( level == 2 ) { + if( fd_random == -1 ) + fd_random = open_device( "/dev/random", 8 ); + fd = fd_random; + } + else { + if( fd_urandom == -1 ) + fd_urandom = open_device( "/dev/urandom", 9 ); + fd = fd_urandom; + } + + + do { + do { + n = read(fd, buffer, length ); + } while( n == -1 && errno == EINTR ); + if( n == -1 ) + log_fatal("read error on random device: %s\n", strerror(errno) ); + buffer += n; + length -= n; + } while( length ); +} + diff --git a/cipher/rsa.c b/cipher/rsa.c deleted file mode 100644 index db82b48d7..000000000 --- a/cipher/rsa.c +++ /dev/null @@ -1,214 +0,0 @@ -/* rsa.c - RSA function - * Copyright (c) 1997 by Werner Koch (dd9jn) - * - * ATTENTION: This code should not be exported from the United States - * nor should it be used their without a license agreement with PKP. - * The RSA alorithm is protected by U.S. Patent #4,405,829 which - * expires on September 20, 2000! - * - * For a description of the algorithm, see: - * Bruce Schneier: Applied Cryptography. John Wiley & Sons, 1996. - * ISBN 0-471-11709-9. Pages 466 ff. - * - * This file is part of G10. - * - * G10 is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * G10 is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA - */ - -#include -#include -#include -#include -#include "util.h" -#include "mpi.h" -#include "cipher.h" - - -void -rsa_free_public_key( RSA_public_key *pk ) -{ - mpi_free( pk->n ); pk->n = NULL; - mpi_free( pk->e ); pk->e = NULL; -} - -void -rsa_free_secret_key( RSA_secret_key *sk ) -{ - mpi_free( sk->e ); sk->e = NULL; - mpi_free( sk->n ); sk->n = NULL; - mpi_free( sk->p ); sk->p = NULL; - mpi_free( sk->q ); sk->q = NULL; - mpi_free( sk->d ); sk->d = NULL; - mpi_free( sk->u ); sk->u = NULL; -} - - -static void -test_keys( RSA_public_key *pk, RSA_secret_key *sk, unsigned nbits ) -{ - MPI test = mpi_alloc( nbits / BITS_PER_MPI_LIMB ); - MPI out1 = mpi_alloc( nbits / BITS_PER_MPI_LIMB ); - MPI out2 = mpi_alloc( nbits / BITS_PER_MPI_LIMB ); - - mpi_set_bytes( test, nbits, get_random_byte, 0 ); - - rsa_public( out1, test, pk ); - rsa_secret( out2, out1, sk ); - if( mpi_cmp( test, out2 ) ) - log_fatal("RSA operation: public, secret failed\n"); - rsa_secret( out1, test, sk ); - rsa_public( out2, out1, pk ); - if( mpi_cmp( test, out2 ) ) - log_fatal("RSA operation: secret, public failed\n"); - mpi_free( test ); - mpi_free( out1 ); - mpi_free( out2 ); -} - -/**************** - * Generate a key pair with a key of size NBITS - * Returns: 2 structures filles with all needed values - */ -void -rsa_generate( RSA_public_key *pk, RSA_secret_key *sk, unsigned nbits ) -{ - MPI p, q; /* the two primes */ - MPI d; /* the private key */ - MPI u; - MPI t1, t2; - MPI n; /* the public key */ - MPI e; /* the exponent */ - MPI phi; /* helper: (p-a)(q-1) */ - MPI g; - MPI f; - - /* select two (very secret) primes */ - p = generate_secret_prime( nbits / 2 ); - q = generate_secret_prime( nbits / 2 ); - if( mpi_cmp( p, q ) > 0 ) /* p shall be smaller than q (for calc of u)*/ - mpi_swap(p,q); - /* calculate Euler totient: phi = (p-1)(q-1) */ - t1 = mpi_alloc_secure( mpi_get_nlimbs(p) ); - t2 = mpi_alloc_secure( mpi_get_nlimbs(p) ); - phi = mpi_alloc_secure( nbits / BITS_PER_MPI_LIMB ); - g = mpi_alloc_secure( nbits / BITS_PER_MPI_LIMB ); - f = mpi_alloc_secure( nbits / BITS_PER_MPI_LIMB ); - mpi_sub_ui( t1, p, 1 ); - mpi_sub_ui( t2, q, 1 ); - mpi_mul( phi, t1, t2 ); - mpi_gcd(g, t1, t2); - mpi_fdiv_q(f, phi, g); - /* multiply them to make the private key */ - n = mpi_alloc( nbits / BITS_PER_MPI_LIMB ); - mpi_mul( n, p, q ); - /* find a public exponent */ - e = mpi_alloc(1); - mpi_set_ui( e, 17); /* start with 17 */ - while( !mpi_gcd(t1, e, phi) ) /* (while gcd is not 1) */ - mpi_add_ui( e, e, 2); - /* calculate the secret key d = e^1 mod phi */ - d = mpi_alloc( nbits / BITS_PER_MPI_LIMB ); - mpi_invm(d, e, f ); - /* calculate the inverse of p and q (used for chinese remainder theorem)*/ - u = mpi_alloc( nbits / BITS_PER_MPI_LIMB ); - mpi_invm(u, p, q ); - - if( DBG_CIPHER ) { - log_mpidump(" p= ", p ); - log_mpidump(" q= ", q ); - log_mpidump("phi= ", phi ); - log_mpidump(" g= ", g ); - log_mpidump(" f= ", f ); - log_mpidump(" n= ", n ); - log_mpidump(" e= ", e ); - log_mpidump(" d= ", d ); - log_mpidump(" u= ", u ); - } - - mpi_free(t1); - mpi_free(t2); - mpi_free(phi); - mpi_free(f); - mpi_free(g); - - pk->n = mpi_copy(n); - pk->e = mpi_copy(e); - sk->n = n; - sk->e = e; - sk->p = p; - sk->q = q; - sk->d = d; - sk->u = u; - - /* now we can test our keys (this should never fail!) */ - test_keys( pk, sk, nbits - 64 ); -} - - -/**************** - * Test wether the secret key is valid. - * Returns: true if this is a valid key. - */ -int -rsa_check_secret_key( RSA_secret_key *sk ) -{ - int rc; - MPI temp = mpi_alloc( mpi_get_nlimbs(sk->p)*2 ); - - mpi_mul(temp, sk->p, sk->q ); - rc = mpi_cmp( temp, sk->n ); - mpi_free(temp); - return !rc; -} - - - -/**************** - * Public key operation. Encrypt INPUT with PKEY and put result into OUTPUT. - * - * c = m^e mod n - * - * Where c is OUTPUT, m is INPUT and e,n are elements of PKEY. - */ -void -rsa_public(MPI output, MPI input, RSA_public_key *pkey ) -{ - if( output == input ) { /* powm doesn't like output and input the same */ - MPI x = mpi_alloc( mpi_get_nlimbs(input)*2 ); - mpi_powm( x, input, pkey->e, pkey->n ); - mpi_set(output, x); - mpi_free(x); - } - else - mpi_powm( output, input, pkey->e, pkey->n ); -} - -/**************** - * Secret key operation. Encrypt INPUT with SKEY and put result into OUTPUT. - * - * m = c^d mod n - * - * Where m is OUTPUT, c is INPUT and d,n are elements of PKEY. - * - * FIXME: We should better use the Chinese Remainder Theorem - */ -void -rsa_secret(MPI output, MPI input, RSA_secret_key *skey ) -{ - mpi_powm( output, input, skey->d, skey->n ); -} - - - diff --git a/cipher/rsa.h b/cipher/rsa.h deleted file mode 100644 index 1b6d189bf..000000000 --- a/cipher/rsa.h +++ /dev/null @@ -1,54 +0,0 @@ -/* rsa.h - * Copyright (c) 1997 by Werner Koch (dd9jn) - * - * ATTENTION: This code should not be exported from the United States - * nor should it be used their without a license agreement with PKP. - * The RSA alorithm is protected by U.S. Patent #4,405,829 which - * expires on September 20, 2000! - * - * This file is part of G10. - * - * G10 is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * G10 is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA - */ -#ifndef G10_RSA_H -#define G10_RSA_H - -#include "mpi.h" - -typedef struct { - MPI e; /* exponent */ - MPI n; /* modulus */ -} RSA_public_key; - - -typedef struct { - MPI e; /* public exponent */ - MPI n; /* public modulus */ - MPI p; /* prime p. */ - MPI q; /* prime q. */ - MPI d; /* exponent */ - MPI u; /* inverse of p mod q. */ -} RSA_secret_key; - - -void rsa_free_public_key( RSA_public_key *pk ); -void rsa_free_secret_key( RSA_secret_key *sk ); -void rsa_generate( RSA_public_key *pk, RSA_secret_key *sk, unsigned nbits ); -int rsa_check_secret_key( RSA_secret_key *sk ); -void rsa_public(MPI output, MPI input, RSA_public_key *skey ); -void rsa_secret(MPI output, MPI input, RSA_secret_key *skey ); - - -#endif /*G10_RSA_H*/ diff --git a/cipher/sha1.c b/cipher/sha1.c new file mode 100644 index 000000000..95d6cc949 --- /dev/null +++ b/cipher/sha1.c @@ -0,0 +1,400 @@ +/* sha1.c - SHA1 hash function + * Copyright (c) 1997 by Werner Koch (dd9jn) + * + * Please see below for more legal informations! + * + * This file is part of G10. + * + * G10 is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * G10 is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +/* I took the code for transform() from the Linux kernel + * (/usr/src/linux/drivers/char/random.c) which has + * + * a) This notice: + * --------------- + * SHA transform algorithm, taken from code written by Peter Gutman, + * and apparently in the public domain. + * + * b) This copyright notice: + * ------------------------- + * Version 1.00, last modified 26-May-96 + * + * Copyright Theodore Ts'o, 1994, 1995, 1996. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, and the entire permission notice in its entirety, + * including the disclaimer of warranties. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior + * written permission. + * + * ALTERNATIVELY, this product may be distributed under the terms of + * the GNU Public License, in which case the provisions of the GPL are + * required INSTEAD OF the above restrictions. (This clause is + * necessary due to a potential bad interaction between the GPL and + * the restrictions contained in a BSD-style copyright.) + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED + * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + */ + + +/* Test vectors: + * + * "abc" + * A999 3E36 4706 816A BA3E 2571 7850 C26C 9CD0 D89D + * + * "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" + * 8498 3E44 1C3B D26E BAAE 4AA1 F951 29E5 E546 70F1 + */ + + +#include +#include +#include +#include +#include +#include "util.h" +#include "memory.h" +#include "cipher.h" /* grrrr */ +#include "sha1.h" + + +/* The SHA f()-functions. */ +#define f1(x,y,z) ( z ^ ( x & ( y ^ z ) ) ) /* Rounds 0-19 */ +#define f2(x,y,z) ( x ^ y ^ z ) /* Rounds 20-39 */ +#define f3(x,y,z) ( ( x & y ) | ( z & ( x | y ) ) ) /* Rounds 40-59 */ +#define f4(x,y,z) ( x ^ y ^ z ) /* Rounds 60-79 */ + +/* The SHA Mysterious Constants */ +#define K1 0x5A827999L /* Rounds 0-19 */ +#define K2 0x6ED9EBA1L /* Rounds 20-39 */ +#define K3 0x8F1BBCDCL /* Rounds 40-59 */ +#define K4 0xCA62C1D6L /* Rounds 60-79 */ + +#define ROTL(n,X) ( ( ( X ) << n ) | ( ( X ) >> ( 32 - n ) ) ) + +#define expand(W,i) ( W[ i & 15 ] = \ + ROTL( 1, ( W[ i & 15 ] ^ W[ (i - 14) & 15 ] ^ \ + W[ (i - 8) & 15 ] ^ W[ (i - 3) & 15 ] ) ) ) + +#define subRound(a, b, c, d, e, f, k, data) \ + ( e += ROTL( 5, a ) + f( b, c, d ) + k + data, b = ROTL( 30, b ) ) + + +static void +initialize( SHA1HANDLE hd ) +{ + hd->h0 = 0x67452301; + hd->h1 = 0xefcdab89; + hd->h2 = 0x98badcfe; + hd->h3 = 0x10325476; + hd->h4 = 0xc3d2e1f0; + hd->bufcount = 0; + hd->nblocks = 0; +} + + +/**************** + * Transform the message X which consists of 16 32-bit-words + */ +static void +transform( SHA1HANDLE hd, byte *data ) +{ + u32 A, B, C, D, E; /* Local vars */ + u32 eData[ 16 ]; /* Expanded data */ + + /* Set up first buffer and local data buffer */ + A = hd->h0; + B = hd->h1; + C = hd->h2; + D = hd->h3; + E = hd->h4; + + #ifdef HAVE_BIG_ENDIAN + memcpy( eData, data, 64 ); + #else + { int i; + byte *p2; + for(i=0, p2=(byte*)eData; i < 16; i++, p2 += 4 ) { + p2[3] = *data++; + p2[2] = *data++; + p2[1] = *data++; + p2[0] = *data++; + } + } + #endif + + /* Heavy mangling, in 4 sub-rounds of 20 iterations each. */ + subRound( A, B, C, D, E, f1, K1, eData[ 0 ] ); + subRound( E, A, B, C, D, f1, K1, eData[ 1 ] ); + subRound( D, E, A, B, C, f1, K1, eData[ 2 ] ); + subRound( C, D, E, A, B, f1, K1, eData[ 3 ] ); + subRound( B, C, D, E, A, f1, K1, eData[ 4 ] ); + subRound( A, B, C, D, E, f1, K1, eData[ 5 ] ); + subRound( E, A, B, C, D, f1, K1, eData[ 6 ] ); + subRound( D, E, A, B, C, f1, K1, eData[ 7 ] ); + subRound( C, D, E, A, B, f1, K1, eData[ 8 ] ); + subRound( B, C, D, E, A, f1, K1, eData[ 9 ] ); + subRound( A, B, C, D, E, f1, K1, eData[ 10 ] ); + subRound( E, A, B, C, D, f1, K1, eData[ 11 ] ); + subRound( D, E, A, B, C, f1, K1, eData[ 12 ] ); + subRound( C, D, E, A, B, f1, K1, eData[ 13 ] ); + subRound( B, C, D, E, A, f1, K1, eData[ 14 ] ); + subRound( A, B, C, D, E, f1, K1, eData[ 15 ] ); + subRound( E, A, B, C, D, f1, K1, expand( eData, 16 ) ); + subRound( D, E, A, B, C, f1, K1, expand( eData, 17 ) ); + subRound( C, D, E, A, B, f1, K1, expand( eData, 18 ) ); + subRound( B, C, D, E, A, f1, K1, expand( eData, 19 ) ); + + subRound( A, B, C, D, E, f2, K2, expand( eData, 20 ) ); + subRound( E, A, B, C, D, f2, K2, expand( eData, 21 ) ); + subRound( D, E, A, B, C, f2, K2, expand( eData, 22 ) ); + subRound( C, D, E, A, B, f2, K2, expand( eData, 23 ) ); + subRound( B, C, D, E, A, f2, K2, expand( eData, 24 ) ); + subRound( A, B, C, D, E, f2, K2, expand( eData, 25 ) ); + subRound( E, A, B, C, D, f2, K2, expand( eData, 26 ) ); + subRound( D, E, A, B, C, f2, K2, expand( eData, 27 ) ); + subRound( C, D, E, A, B, f2, K2, expand( eData, 28 ) ); + subRound( B, C, D, E, A, f2, K2, expand( eData, 29 ) ); + subRound( A, B, C, D, E, f2, K2, expand( eData, 30 ) ); + subRound( E, A, B, C, D, f2, K2, expand( eData, 31 ) ); + subRound( D, E, A, B, C, f2, K2, expand( eData, 32 ) ); + subRound( C, D, E, A, B, f2, K2, expand( eData, 33 ) ); + subRound( B, C, D, E, A, f2, K2, expand( eData, 34 ) ); + subRound( A, B, C, D, E, f2, K2, expand( eData, 35 ) ); + subRound( E, A, B, C, D, f2, K2, expand( eData, 36 ) ); + subRound( D, E, A, B, C, f2, K2, expand( eData, 37 ) ); + subRound( C, D, E, A, B, f2, K2, expand( eData, 38 ) ); + subRound( B, C, D, E, A, f2, K2, expand( eData, 39 ) ); + + subRound( A, B, C, D, E, f3, K3, expand( eData, 40 ) ); + subRound( E, A, B, C, D, f3, K3, expand( eData, 41 ) ); + subRound( D, E, A, B, C, f3, K3, expand( eData, 42 ) ); + subRound( C, D, E, A, B, f3, K3, expand( eData, 43 ) ); + subRound( B, C, D, E, A, f3, K3, expand( eData, 44 ) ); + subRound( A, B, C, D, E, f3, K3, expand( eData, 45 ) ); + subRound( E, A, B, C, D, f3, K3, expand( eData, 46 ) ); + subRound( D, E, A, B, C, f3, K3, expand( eData, 47 ) ); + subRound( C, D, E, A, B, f3, K3, expand( eData, 48 ) ); + subRound( B, C, D, E, A, f3, K3, expand( eData, 49 ) ); + subRound( A, B, C, D, E, f3, K3, expand( eData, 50 ) ); + subRound( E, A, B, C, D, f3, K3, expand( eData, 51 ) ); + subRound( D, E, A, B, C, f3, K3, expand( eData, 52 ) ); + subRound( C, D, E, A, B, f3, K3, expand( eData, 53 ) ); + subRound( B, C, D, E, A, f3, K3, expand( eData, 54 ) ); + subRound( A, B, C, D, E, f3, K3, expand( eData, 55 ) ); + subRound( E, A, B, C, D, f3, K3, expand( eData, 56 ) ); + subRound( D, E, A, B, C, f3, K3, expand( eData, 57 ) ); + subRound( C, D, E, A, B, f3, K3, expand( eData, 58 ) ); + subRound( B, C, D, E, A, f3, K3, expand( eData, 59 ) ); + + subRound( A, B, C, D, E, f4, K4, expand( eData, 60 ) ); + subRound( E, A, B, C, D, f4, K4, expand( eData, 61 ) ); + subRound( D, E, A, B, C, f4, K4, expand( eData, 62 ) ); + subRound( C, D, E, A, B, f4, K4, expand( eData, 63 ) ); + subRound( B, C, D, E, A, f4, K4, expand( eData, 64 ) ); + subRound( A, B, C, D, E, f4, K4, expand( eData, 65 ) ); + subRound( E, A, B, C, D, f4, K4, expand( eData, 66 ) ); + subRound( D, E, A, B, C, f4, K4, expand( eData, 67 ) ); + subRound( C, D, E, A, B, f4, K4, expand( eData, 68 ) ); + subRound( B, C, D, E, A, f4, K4, expand( eData, 69 ) ); + subRound( A, B, C, D, E, f4, K4, expand( eData, 70 ) ); + subRound( E, A, B, C, D, f4, K4, expand( eData, 71 ) ); + subRound( D, E, A, B, C, f4, K4, expand( eData, 72 ) ); + subRound( C, D, E, A, B, f4, K4, expand( eData, 73 ) ); + subRound( B, C, D, E, A, f4, K4, expand( eData, 74 ) ); + subRound( A, B, C, D, E, f4, K4, expand( eData, 75 ) ); + subRound( E, A, B, C, D, f4, K4, expand( eData, 76 ) ); + subRound( D, E, A, B, C, f4, K4, expand( eData, 77 ) ); + subRound( C, D, E, A, B, f4, K4, expand( eData, 78 ) ); + subRound( B, C, D, E, A, f4, K4, expand( eData, 79 ) ); + + /* Build message digest */ + hd->h0 += A; + hd->h1 += B; + hd->h2 += C; + hd->h3 += D; + hd->h4 += E; +} + + + + +SHA1HANDLE +sha1_open( int secure ) +{ + SHA1HANDLE hd; + + hd = secure? m_alloc_secure( sizeof *hd ) + : m_alloc( sizeof *hd ); + initialize(hd); + return hd; +} + + +SHA1HANDLE +sha1_copy( SHA1HANDLE a ) +{ + SHA1HANDLE b; + + assert(a); + b = m_is_secure(a)? m_alloc_secure( sizeof *b ) + : m_alloc( sizeof *b ); + memcpy( b, a, sizeof *a ); + return b; +} + + +/* BAD Kludge!!! */ +MD_HANDLE * +sha1_copy2md( SHA1HANDLE a ) +{ + MD_HANDLE *md = md_makecontainer( DIGEST_ALGO_SHA1 ); + md->u.sha1 = sha1_copy( a ); + return md; +} + + + +void +sha1_close(SHA1HANDLE hd) +{ + if( hd ) + m_free(hd); +} + + + +/* Update the message digest with the contents + * of INBUF with length INLEN. + */ +void +sha1_write( SHA1HANDLE hd, byte *inbuf, size_t inlen) +{ + if( hd->bufcount == 64 ) { /* flush the buffer */ + transform( hd, hd->buffer ); + hd->bufcount = 0; + hd->nblocks++; + } + if( !inbuf ) + return; + if( hd->bufcount ) { + for( ; inlen && hd->bufcount < 64; inlen-- ) + hd->buffer[hd->bufcount++] = *inbuf++; + sha1_write( hd, NULL, 0 ); + if( !inlen ) + return; + } + + while( inlen >= 64 ) { + transform( hd, inbuf ); + hd->bufcount = 0; + hd->nblocks++; + inlen -= 64; + inbuf += 64; + } + for( ; inlen && hd->bufcount < 64; inlen-- ) + hd->buffer[hd->bufcount++] = *inbuf++; +} + + +/* The routine final terminates the computation and + * returns the digest. + * The handle is prepared for a new cycle, but adding bytes to the + * handle will the destroy the returned buffer. + * Returns: 20 bytes representing the digest. + */ + +byte * +sha1_final(SHA1HANDLE hd) +{ + u32 t, msb, lsb; + byte *p; + + sha1_write(hd, NULL, 0); /* flush */; + + msb = 0; + t = hd->nblocks; + if( (lsb = t << 6) < t ) /* multiply by 64 to make a byte count */ + msb++; + msb += t >> 26; + t = lsb; + if( (lsb = t + hd->bufcount) < t ) /* add the bufcount */ + msb++; + t = lsb; + if( (lsb = t << 3) < t ) /* multiply by 8 to make a bit count */ + msb++; + msb += t >> 29; + + if( hd->bufcount < 56 ) { /* enough room */ + hd->buffer[hd->bufcount++] = 0x80; /* pad */ + while( hd->bufcount < 56 ) + hd->buffer[hd->bufcount++] = 0; /* pad */ + } + else { /* need one extra block */ + hd->buffer[hd->bufcount++] = 0x80; /* pad character */ + while( hd->bufcount < 64 ) + hd->buffer[hd->bufcount++] = 0; + sha1_write(hd, NULL, 0); /* flush */; + memset(hd->buffer, 0, 56 ); /* fill next block with zeroes */ + } + /* append the 64 bit count */ + hd->buffer[56] = msb >> 24; + hd->buffer[57] = msb >> 16; + hd->buffer[58] = msb >> 8; + hd->buffer[59] = msb ; + hd->buffer[60] = lsb >> 24; + hd->buffer[61] = lsb >> 16; + hd->buffer[62] = lsb >> 8; + hd->buffer[63] = lsb ; + transform( hd, hd->buffer ); + + p = hd->buffer; + #ifdef HAVE_BIG_ENDIAN + #define X(a) do { *(u32*)p = hd->h##a ; p += 4; } while(0) + #else /* little endian */ + #define X(a) do { *p++ = hd->h##a >> 24; *p++ = hd->h##a >> 16; \ + *p++ = hd->h##a >> 8; *p++ = hd->h##a; } while(0) + #endif + X(0); + X(1); + X(2); + X(3); + X(4); + #undef X + + initialize( hd ); /* prepare for next cycle */ + return hd->buffer; /* now contains the digest */ +} + + + diff --git a/cipher/sha1.h b/cipher/sha1.h new file mode 100644 index 000000000..ca03936f2 --- /dev/null +++ b/cipher/sha1.h @@ -0,0 +1,50 @@ +/* sha1.h - SHA1 hash function + * Copyright (c) 1997 by Werner Koch (dd9jn) + * + * This file is part of G10. + * + * G10 is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * G10 is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ +#ifndef G10_SHA1_H +#define G10_SHA1_H + +#include "types.h" + +typedef struct { + u32 h0,h1,h2,h3,h4; + u32 nblocks; + byte buffer[64]; + int bufcount; +} *SHA1HANDLE; + + +/**************** + * Process a single character, this character will be buffered to + * increase performance. + */ +#define sha1_putchar(h,c) \ + do { \ + if( (h)->bufcount == 64 ) \ + sha1_write( (h), NULL, 0 ); \ + (h)->buffer[(h)->bufcount++] = (c) & 0xff; \ + } while(0) + +SHA1HANDLE sha1_open( int secure ); +SHA1HANDLE sha1_copy( SHA1HANDLE a ); +void sha1_close( SHA1HANDLE hd ); +void sha1_write( SHA1HANDLE hd, byte *inbuf, size_t inlen ); +byte * sha1_final( SHA1HANDLE hd ); + +#endif /*G10_SHA1_H*/ diff --git a/g10/Makefile.am b/g10/Makefile.am index c6361004d..eb3e8b238 100644 --- a/g10/Makefile.am +++ b/g10/Makefile.am @@ -13,6 +13,8 @@ g10_SOURCES = g10.c \ free-packet.c \ getkey.c \ keydb.h \ + ringedit.c \ + kbnode.c \ keygen.c \ main.h \ mainproc.c \ @@ -37,5 +39,5 @@ g10_SOURCES = g10.c \ LDADD = -L ../cipher -L ../mpi -L ../util -lcipher -lmpi -lutil -$(PROGRAMS): ../cipher/libcipher.a ../mpi/libmpi.a +$(PROGRAMS): ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a diff --git a/g10/Makefile.in b/g10/Makefile.in index 17a4df10b..8aeca74c4 100644 --- a/g10/Makefile.in +++ b/g10/Makefile.in @@ -51,6 +51,8 @@ g10_SOURCES = g10.c \ free-packet.c \ getkey.c \ keydb.h \ + ringedit.c \ + kbnode.c \ keygen.c \ main.h \ mainproc.c \ @@ -90,9 +92,10 @@ LIBS = @LIBS@ COMPILE = $(CC) -c $(DEFS) $(INCLUDES) $(CPPFLAGS) $(CFLAGS) LINK = $(CC) $(LDFLAGS) -o $@ g10_OBJECTS = g10.o build-packet.o compress.o encode.o encr-data.o \ -free-packet.o getkey.o keygen.o mainproc.o armor.o mdfilter.o cipher.o \ -openfile.o keyid.o parse-packet.o passphrase.o plaintext.o pubkey-enc.o \ -seckey-cert.o seskey.o sign.o comment.o sig-check.o +free-packet.o getkey.o ringedit.o kbnode.o keygen.o mainproc.o armor.o \ +mdfilter.o cipher.o openfile.o keyid.o parse-packet.o passphrase.o \ +plaintext.o pubkey-enc.o seckey-cert.o seskey.o sign.o comment.o \ +sig-check.o EXTRA_g10_SOURCES = g10_LDADD = $(LDADD) DIST_COMMON = Makefile.am Makefile.in @@ -111,11 +114,12 @@ DEP_FILES = $(srcdir)/.deps/armor.P $(srcdir)/.deps/build-packet.P \ $(srcdir)/.deps/cipher.P $(srcdir)/.deps/comment.P \ $(srcdir)/.deps/compress.P $(srcdir)/.deps/encode.P \ $(srcdir)/.deps/encr-data.P $(srcdir)/.deps/free-packet.P \ -$(srcdir)/.deps/g10.P $(srcdir)/.deps/getkey.P $(srcdir)/.deps/keygen.P \ -$(srcdir)/.deps/keyid.P $(srcdir)/.deps/mainproc.P \ -$(srcdir)/.deps/mdfilter.P $(srcdir)/.deps/openfile.P \ -$(srcdir)/.deps/parse-packet.P $(srcdir)/.deps/passphrase.P \ -$(srcdir)/.deps/plaintext.P $(srcdir)/.deps/pubkey-enc.P \ +$(srcdir)/.deps/g10.P $(srcdir)/.deps/getkey.P $(srcdir)/.deps/kbnode.P \ +$(srcdir)/.deps/keygen.P $(srcdir)/.deps/keyid.P \ +$(srcdir)/.deps/mainproc.P $(srcdir)/.deps/mdfilter.P \ +$(srcdir)/.deps/openfile.P $(srcdir)/.deps/parse-packet.P \ +$(srcdir)/.deps/passphrase.P $(srcdir)/.deps/plaintext.P \ +$(srcdir)/.deps/pubkey-enc.P $(srcdir)/.deps/ringedit.P \ $(srcdir)/.deps/seckey-cert.P $(srcdir)/.deps/seskey.P \ $(srcdir)/.deps/sig-check.P $(srcdir)/.deps/sign.P SOURCES = $(g10_SOURCES) @@ -285,7 +289,7 @@ mostlyclean-generic distclean-generic clean-generic \ maintainer-clean-generic clean mostlyclean distclean maintainer-clean -$(PROGRAMS): ../cipher/libcipher.a ../mpi/libmpi.a +$(PROGRAMS): ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a .SUFFIXES: .SUFFIXES: .c .o diff --git a/g10/compress.c b/g10/compress.c index d0e2bc539..2b10c983b 100644 --- a/g10/compress.c +++ b/g10/compress.c @@ -106,7 +106,13 @@ init_uncompress( compress_filter_context_t *zfx, z_stream *zs ) int level; - if( (rc = inflateInit( zs )) != Z_OK ) { + /**************** + * PGP uses a windowsize of 13 bits. Using a negative value for + * it forces zlib not to expect a zlib header. This is a + * undocumented feature, Peter Gutmann told me about. + */ + if( (rc = zfx->pgpmode? inflateInit2( zs, -13) + : inflateInit( zs )) != Z_OK ) { log_fatal("zlib problem: %s\n", zs->msg? zs->msg : rc == Z_MEM_ERROR ? "out of core" : rc == Z_VERSION_ERROR ? "invalid lib version" : @@ -265,7 +271,9 @@ handle_compressed( PKT_compressed *cd ) compress_filter_context_t cfx; memset( &cfx, 0, sizeof cfx ); - if( cd->algorithm != 2 ) + if( cd->algorithm == 1 ) + cfx.pgpmode = 1; + else if( cd->algorithm != 2 ) return G10ERR_COMPR_ALGO; iobuf_push_filter( cd->buf, compress_filter, &cfx ); diff --git a/g10/encode.c b/g10/encode.c index 99c9adfa2..3bcdbe909 100644 --- a/g10/encode.c +++ b/g10/encode.c @@ -239,7 +239,7 @@ encode_crypt( const char *filename, STRLIST remusr ) pkey.y = pkc->d.elg.y; if( DBG_CIPHER ) log_mpidump("Plain DEK frame: ", frame); - elg_encrypted( enc->d.elg.a, enc->d.elg.b, frame, &pkey); + elg_encrypt( enc->d.elg.a, enc->d.elg.b, frame, &pkey); mpi_free( frame ); if( DBG_CIPHER ) { log_mpidump("Encry DEK a: ", enc->d.elg.a ); diff --git a/g10/filter.h b/g10/filter.h index ec34696a4..72029c61f 100644 --- a/g10/filter.h +++ b/g10/filter.h @@ -48,6 +48,7 @@ typedef struct { unsigned inbufsize; byte *outbuf; unsigned outbufsize; + int pgpmode; } compress_filter_context_t; diff --git a/g10/g10.c b/g10/g10.c index 88bde47cc..495875ce2 100644 --- a/g10/g10.c +++ b/g10/g10.c @@ -19,6 +19,7 @@ */ #include +#include #include #include #include @@ -34,6 +35,8 @@ #include "cipher.h" #include "filter.h" +static void print_hex( byte *p, size_t n ); +static void print_mds( const char *fname ); static void do_test(int); const char * @@ -126,29 +129,86 @@ main( int argc, char **argv ) { 514, "test" , 0, "\rdevelopment usage" }, { 515, "change-passphrase", 0, "change the passphrase of your secret keyring"}, { 515, "fingerprint", 0, "show the fingerprints"}, + { 516, "print-mds" , 0, "print all message digests"}, + { 517, "secret-keyring" ,2, "add this secret keyring to the list" }, + { 518, "config" , 2, "use this config file" }, + {0} }; - ARGPARSE_ARGS pargs = { &argc, &argv, 0 }; + ARGPARSE_ARGS pargs; IOBUF a; int rc; enum { aNull, aSym, aStore, aEncr, aPrimegen, aKeygen, aSign, aSignEncr, - aTest, + aTest, aPrintMDs, } action = aNull; + int orig_argc; + char **orig_argv; const char *fname, *fname_print; STRLIST sl, remusr= NULL, locusr=NULL; - int nrings=0; + int nrings=0, sec_nrings=0; armor_filter_context_t afx; const char *s; int detached_sig = 0; + FILE *configfp = NULL; + char *configname = NULL; + unsigned configlineno; + int parse_verbose = 0; + int default_config =1; + int errors=0; + opt.compress = -1; /* defaults to default compression level */ + + /* check wether we have a config file on the commandline */ + orig_argc = argc; + orig_argv = argv; + pargs.argc = &argc; + pargs.argv = &argv; + pargs.flags= 1; /* do not remove the args */ while( arg_parse( &pargs, opts) ) { + if( pargs.r_opt == 'v' ) + parse_verbose++; + else if( pargs.r_opt == 518 ) { + /* yes there is one, so we do not try the default one, but + * read the option file when it is encountered at the commandline + */ + default_config = 0; + } + } + + if( default_config ) + configname = make_filename("~/.g10", "options", NULL ); + + argc = orig_argc; + argv = orig_argv; + pargs.argc = &argc; + pargs.argv = &argv; + pargs.flags= 1; /* do not remove the args */ + next_pass: + if( configname ) { + configlineno = 0; + configfp = fopen( configname, "r" ); + if( !configfp ) { + if( default_config ) { + if( parse_verbose ) + log_info("note: no default option file '%s'\n", configname ); + } + else + log_fatal("option file '%s': %s\n", + configname, strerror(errno) ); + m_free(configname); configname = NULL; + } + if( parse_verbose ) + log_info("reading options from '%s'\n", configname ); + default_config = 0; + } + + while( optfile_parse( configfp, configname, &configlineno, + &pargs, opts) ) { switch( pargs.r_opt ) { case 'v': opt.verbose++; opt.list_sigs=1; break; - case 'z': - opt.compress = pargs.r.ret_int; - break; + case 'z': opt.compress = pargs.r.ret_int; break; case 'a': opt.armor = 1; break; case 'c': action = aSym; break; case 'o': opt.outfile = pargs.r.ret_str; @@ -184,9 +244,29 @@ main( int argc, char **argv ) case 513: action = aPrimegen; break; case 514: action = aTest; break; case 515: opt.fingerprint = 1; break; - default : pargs.err = 2; break; + case 516: action = aPrintMDs; break; + case 517: add_secret_keyring(pargs.r.ret_str); sec_nrings++; break; + case 518: + /* config files may not be nested (silently ignore them) */ + if( !configfp ) { + m_free(configname); + configname = m_strdup(pargs.r.ret_str); + goto next_pass; + } + break; + default : errors++; pargs.err = configfp? 1:2; break; } } + if( configfp ) { + fclose( configfp ); + configfp = NULL; + m_free(configname); configname = NULL; + goto next_pass; + } + m_free( configname ); configname = NULL; + if( errors ) + exit(2); + set_debug(); if( opt.verbose > 1 ) set_packet_list_mode(1); @@ -197,6 +277,9 @@ main( int argc, char **argv ) fputs(s, stderr); } + if( !sec_nrings ) { /* add default secret rings */ + add_keyring("../keys/secring.g10"); + } if( !nrings ) { /* add default rings */ add_keyring("../keys/ring.pgp"); add_keyring("../keys/pubring.g10"); @@ -251,6 +334,15 @@ main( int argc, char **argv ) putchar('\n'); break; + case aPrintMDs: + if( !argc ) + print_mds(NULL); + else { + for(; argc; argc--, argv++ ) + print_mds(*argv); + } + break; + case aKeygen: /* generate a key (interactive) */ if( argc ) usage(1); @@ -279,6 +371,78 @@ main( int argc, char **argv ) } +static void +print_hex( byte *p, size_t n ) +{ + int i; + + if( n == 20 ) { + for(i=0; i < n ; i++, i++, p += 2 ) { + if( i == 10 ) + putchar(' '); + printf(" %02X%02X", *p, p[1] ); + } + } + else { + for(i=0; i < n ; i++, p++ ) { + if( i && !(i%8) ) + putchar(' '); + printf(" %02X", *p ); + } + } +} + +static void +print_mds( const char *fname ) +{ + FILE *fp; + char buf[1024]; + size_t n; + MD5HANDLE md5; + RMDHANDLE rmd160; + SHA1HANDLE sha1; + + if( !fname ) { + fp = stdin; + fname = "[stdin]"; + } + else + fp = fopen( fname, "rb" ); + if( !fp ) { + log_error("%s: %s\n", fname, strerror(errno) ); + return; + } + + md5 = md5_open(0); + rmd160 = rmd160_open(0); + sha1 = sha1_open(0); + + while( (n=fread( buf, 1, DIM(buf), fp )) ) { + md5_write( md5, buf, n ); + rmd160_write( rmd160, buf, n ); + sha1_write( sha1, buf, n ); + } + if( ferror(fp) ) + log_error("%s: %s\n", fname, strerror(errno) ); + else { + byte *p; + + md5_final(md5); + printf( "%s: MD5 =", fname ); print_hex(md5_read(md5), 16 ); + printf("\n%s: RMD160 =", fname ); print_hex(rmd160_final(rmd160), 20 ); + printf("\n%s: SHA1 =", fname ); print_hex(sha1_final(sha1), 20 ); + putchar('\n'); + } + + + md5_close(md5); + rmd160_close(rmd160); + sha1_close(sha1); + + if( fp != stdin ) + fclose(fp); +} + static void do_test(int times) diff --git a/g10/getkey.c b/g10/getkey.c index c7ea1686a..b079cca19 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -52,6 +52,7 @@ typedef struct pkc_cache_entry { } *pkc_cache_entry_t; static STRLIST keyrings; +static STRLIST secret_keyrings; static keyid_list_t unknown_keyids; static user_id_db_t user_id_db; @@ -69,6 +70,7 @@ void add_keyring( const char *name ) { STRLIST sl; + int rc; /* FIXME: check wether this one is available etc */ /* my be we should do this later */ @@ -76,6 +78,28 @@ add_keyring( const char *name ) strcpy(sl->d, name ); sl->next = keyrings; keyrings = sl; + + /* FIXME: We should remove much out of this mpdule and + * combine it with the keyblock stuff from ringedit.c + * For now we will simple add the filename as keyblock resource + */ + rc = add_keyblock_resource( name ); + if( rc ) + log_error("keyblock resource '%s': %s\n", name, rc ); +} + +void +add_secret_keyring( const char *name ) +{ + STRLIST sl; + int rc; + + /* FIXME: check wether this one is available etc */ + /* my be we should do this later */ + sl = m_alloc( sizeof *sl + strlen(name) ); + strcpy(sl->d, name ); + sl->next = secret_keyrings; + secret_keyrings = sl; } @@ -255,10 +279,12 @@ get_pubkey_by_name( PKT_public_cert *pkc, const char *name ) int get_seckey( PKT_secret_cert *skc, u32 *keyid ) { + STRLIST sl; int rc=0; - if( !(rc=scan_secret_keyring( skc, keyid, NULL, "../keys/secring.g10" ) ) ) - goto found; + for(sl = secret_keyrings; sl; sl = sl->next ) + if( !(rc=scan_secret_keyring( skc, keyid, NULL, sl->d )) ) + goto found; /* fixme: look at other places */ goto leave; @@ -280,10 +306,12 @@ get_seckey( PKT_secret_cert *skc, u32 *keyid ) int get_seckey_by_name( PKT_secret_cert *skc, const char *name ) { + STRLIST sl; int rc=0; - if( !(rc=scan_secret_keyring( skc, NULL, name, "../keys/secring.g10" ) ) ) - goto found; + for(sl = secret_keyrings; sl; sl = sl->next ) + if( !(rc=scan_secret_keyring( skc, NULL, name, sl->d ) ) ) + goto found; /* fixme: look at other places */ goto leave; diff --git a/g10/kbnode.c b/g10/kbnode.c new file mode 100644 index 000000000..d148cb450 --- /dev/null +++ b/g10/kbnode.c @@ -0,0 +1,79 @@ +/* kbnode.c - keyblock node utility functions + * Copyright (c) 1997 by Werner Koch (dd9jn) + * + * This file is part of G10. + * + * G10 is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * G10 is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +#include +#include +#include +#include +#include +#include "util.h" +#include "memory.h" +#include "packet.h" +#include "keydb.h" + + + +KBNODE +new_kbnode( PACKET *pkt ) +{ + KBNODE n = m_alloc( sizeof *n ); + n->next = NULL; + n->pkt = pkt; + n->child = NULL; + return n; +} + + +void +release_kbnode( KBNODE n ) +{ + KBNODE n2; + + while( n ) { + n2 = n->next; + release_kbnode( n->child ); + free_packet( n->pkt ); + m_free( n ); + n = n2; + } +} + + +/**************** + * Return the parent node of KBNODE from the tree with ROOT + */ +KBNODE +find_kbparent( KBNODE root, KBNODE node ) +{ + KBNODE n, n2; + + for( ; root; root = root->child) { + for( n = root; n; n = n->next) { + for( n2 = n->child; n2; n2 = n2->next ) { + if( n2 == node ) + return n; + } + } + } + log_bug(NULL); +} + + + diff --git a/g10/keydb.h b/g10/keydb.h index bd8928086..a81b258d7 100644 --- a/g10/keydb.h +++ b/g10/keydb.h @@ -26,12 +26,43 @@ #include "cipher.h" + +/**************** + * A Keyblock are all packets which form an entire certificate; + * i.e. the public key, certificate, trust packets, user ids, + * signatures, and subkey. + * + * This structure is also used to bind arbitrary packets together. + */ + +typedef struct kbnode_struct *KBNODE; +struct kbnode_struct { + PACKET *pkt; + KBNODE next; /* used to form a link list */ + KBNODE child; +}; + +/**************** + * A data structre to hold informations about the external position + * of a keyblock. + */ +struct keyblock_pos_struct { + int resno; /* resource number */ + ulong offset; /* position information */ + ulong length; /* length of thge keyblock */ + int last_block; +}; +typedef struct keyblock_pos_struct KBPOS; + + + /*-- passphrase.h --*/ DEK *get_passphrase_hash( u32 *keyid, char *text ); int make_dek_from_passphrase( DEK *dek, int mode ); /*-- getkey.c --*/ void add_keyring( const char *name ); +void add_secret_keyring( const char *name ); void cache_public_cert( PKT_public_cert *pkc ); void cache_user_id( PKT_user_id *uid, u32 *keyid ); int get_pubkey( PKT_public_cert *pkc, u32 *keyid ); @@ -53,6 +84,21 @@ const char *datestr_from_sig( PKT_signature *sig ); byte *fingerprint_from_skc( PKT_secret_cert *skc, size_t *ret_len ); byte *fingerprint_from_pkc( PKT_public_cert *pkc, size_t *ret_len ); +/*-- kbnode.c --*/ +KBNODE new_kbnode( PACKET *pkt ); +void release_kbnode( KBNODE n ); +KBNODE find_kbparent( KBNODE root, KBNODE node ); + +/*-- ringedit.c --*/ +int add_keyblock_resource( const char *filename ); +int get_keyblock_handle( const char *filename, KBPOS *kbpos ); +int search_keyblock( PACKET *pkt, KBPOS *kbpos ); +int lock_keyblock( KBPOS *kbpos ); +int unlock_keyblock( KBPOS *kbpos ); +int read_keyblock( KBPOS *kbpos, KBNODE *ret_root ); +int insert_keyblock( KBPOS *kbpos, KBNODE root ); +int delete_keyblock( KBPOS *kbpos ); +int update_keyblock( KBPOS *kbpos, KBNODE root ); #endif /*G10_KEYDB_H*/ diff --git a/g10/mainproc.c b/g10/mainproc.c index a04b0fc1f..a8b621289 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -35,25 +35,6 @@ #include "main.h" -/**************** - * We need to glue the packets together. This done by a - * tree of packets, which will released whenever a new start packet - * is encounterd. Start packets are: [FIXME] - * - * pubkey - * userid userid - * sig, sig, sig sig, sig - * - */ - -typedef struct node_struct *NODE; -struct node_struct { - PACKET *pkt; - NODE next; /* used to form a link list */ - NODE child; -}; - - /**************** * Structure to hold the context */ @@ -66,17 +47,14 @@ typedef struct { DEK *dek; int last_was_pubkey_enc; int opt_list; - NODE cert; /* the current certificate */ + KBNODE cert; /* the current certificate */ int have_data; } *CTX; - - - -static void list_node( CTX c, NODE node ); -static void proc_tree( CTX c, NODE node ); +static void list_node( CTX c, KBNODE node ); +static void proc_tree( CTX c, KBNODE node ); static int pubkey_letter( int algo ) @@ -92,60 +70,13 @@ pubkey_letter( int algo ) } - -static NODE -new_node( PACKET *pkt ) -{ - NODE n = m_alloc( sizeof *n ); - n->next = NULL; - n->pkt = pkt; - n->child = NULL; - return n; -} - - -static void -release_node( NODE n ) -{ - NODE n2; - - while( n ) { - n2 = n->next; - release_node( n->child ); - free_packet( n->pkt ); - m_free( n ); - n = n2; - } -} - - -/**************** - * Return the parent node of NODE from the tree with ROOT - */ -static NODE -find_parent( NODE root, NODE node ) -{ - NODE n, n2; - - for( ; root; root = root->child) { - for( n = root; n; n = n->next) { - for( n2 = n->child; n2; n2 = n2->next ) { - if( n2 == node ) - return n; - } - } - } - log_bug(NULL); -} - - static void release_cert( CTX c ) { if( !c->cert ) return; proc_tree(c, c->cert ); - release_node( c->cert ); + release_kbnode( c->cert ); c->cert = NULL; } @@ -153,7 +84,7 @@ release_cert( CTX c ) static int add_onepass_sig( CTX c, PACKET *pkt ) { - NODE node; + KBNODE node; if( c->cert ) { /* add another packet */ @@ -161,12 +92,12 @@ add_onepass_sig( CTX c, PACKET *pkt ) log_error("add_onepass_sig: another packet is in the way\n"); release_cert( c ); } - node = new_node( pkt ); + node = new_kbnode( pkt ); node->next = c->cert; c->cert = node; } else /* insert the first one */ - c->cert = node = new_node( pkt ); + c->cert = node = new_kbnode( pkt ); return 1; } @@ -176,7 +107,7 @@ static int add_public_cert( CTX c, PACKET *pkt ) { release_cert( c ); - c->cert = new_node( pkt ); + c->cert = new_kbnode( pkt ); return 1; } @@ -184,7 +115,7 @@ static int add_secret_cert( CTX c, PACKET *pkt ) { release_cert( c ); - c->cert = new_node( pkt ); + c->cert = new_kbnode( pkt ); return 1; } @@ -193,7 +124,7 @@ static int add_user_id( CTX c, PACKET *pkt ) { u32 keyid[2]; - NODE node, n1, n2; + KBNODE node, n1, n2; if( !c->cert ) { log_error("orphaned user id\n" ); @@ -209,7 +140,7 @@ add_user_id( CTX c, PACKET *pkt ) return 0; } /* add a new user id node at the end */ - node = new_node( pkt ); + node = new_kbnode( pkt ); if( !(n2=n1->child) ) n1->child = node; else { @@ -225,7 +156,7 @@ static int add_signature( CTX c, PACKET *pkt ) { u32 keyid[2]; - NODE node, n1, n2; + KBNODE node, n1, n2; if( !c->cert ) { /* orphaned signature (no certificate) @@ -239,7 +170,7 @@ add_signature( CTX c, PACKET *pkt ) * The childs direct under the root are the signatures * (there is no need to keep the correct sequence of packets) */ - node = new_node( pkt ); + node = new_kbnode( pkt ); node->next = c->cert->child; c->cert->child = node; return 1; @@ -259,7 +190,7 @@ add_signature( CTX c, PACKET *pkt ) return 0; } /* and add a new signature node id at the end */ - node = new_node( pkt ); + node = new_kbnode( pkt ); if( !(n2=n1->child) ) n1->child = node; else { @@ -380,7 +311,7 @@ proc_compressed( CTX c, PACKET *pkt ) * Returns: 0 = valid signature or an error code */ static int -do_check_sig( CTX c, NODE node ) +do_check_sig( CTX c, KBNODE node ) { PKT_signature *sig; MD_HANDLE *md; @@ -403,7 +334,7 @@ do_check_sig( CTX c, NODE node ) } else if( (sig->sig_class&~3) == 0x10 ) { /* classes 0x10 .. 0x13 */ if( c->cert->pkt->pkttype == PKT_PUBLIC_CERT ) { - NODE n1 = find_parent( c->cert, node ); + KBNODE n1 = find_kbparent( c->cert, node ); if( n1 && n1->pkt->pkttype == PKT_USER_ID ) { @@ -483,9 +414,9 @@ print_fingerprint( PKT_public_cert *pkc, PKT_secret_cert *skc ) */ static void -list_node( CTX c, NODE node ) +list_node( CTX c, KBNODE node ) { - register NODE n2; + register KBNODE n2; if( !node ) ; @@ -645,9 +576,9 @@ print_keyid( FILE *fp, u32 *keyid ) * Preocess the tree which starts at node */ static void -proc_tree( CTX c, NODE node ) +proc_tree( CTX c, KBNODE node ) { - NODE n1; + KBNODE n1; int rc; if( node->pkt->pkttype == PKT_PUBLIC_CERT ) diff --git a/g10/packet.h b/g10/packet.h index 57adebe5f..609bf8853 100644 --- a/g10/packet.h +++ b/g10/packet.h @@ -53,12 +53,12 @@ typedef struct { u32 keyid[2]; /* 64 bit keyid */ byte pubkey_algo; /* algorithm used for public key scheme */ union { - struct { - MPI rsa_integer; /* integer containing the DEK */ - } rsa; struct { MPI a, b; /* integers with the encrypteded DEK */ } elg; + struct { + MPI rsa_integer; /* integer containing the DEK */ + } rsa; } d; } PKT_pubkey_enc; @@ -82,13 +82,13 @@ typedef struct { struct { byte digest_algo; /* algorithm used for digest (DIGEST_ALGO_xxxx) */ byte digest_start[2]; /* first 2 byte of the digest */ - MPI rsa_integer; /* the encrypted digest */ - } rsa; + MPI a, b; /* integers with the digest */ + } elg; struct { byte digest_algo; /* algorithm used for digest (DIGEST_ALGO_xxxx) */ byte digest_start[2]; /* first 2 byte of the digest */ - MPI a, b; /* integers with the digest */ - } elg; + MPI rsa_integer; /* the encrypted digest */ + } rsa; } d; } PKT_signature; @@ -99,15 +99,15 @@ typedef struct { byte pubkey_algo; /* algorithm used for public key scheme */ md_filter_context_t mfx; union { - struct { - MPI rsa_n; /* public modulus */ - MPI rsa_e; /* public exponent */ - } rsa; struct { MPI p; /* prime */ MPI g; /* group generator */ MPI y; /* g^x mod p */ } elg; + struct { + MPI rsa_n; /* public modulus */ + MPI rsa_e; /* public exponent */ + } rsa; } d; } PKT_public_cert; @@ -116,6 +116,23 @@ typedef struct { u16 valid_days; /* valid for this number of days */ byte pubkey_algo; /* algorithm used for public key scheme */ union { + struct { + MPI p; /* prime */ + MPI g; /* group generator */ + MPI y; /* g^x mod p */ + MPI x; /* secret exponent */ + u16 csum; /* checksum */ + byte is_protected; /* The above infos are protected and must */ + /* be decrypteded before use */ + byte protect_algo; /* cipher used to protect the secret informations*/ + union { /* information for the protection */ + struct { + byte iv[8]; /* initialization vector for CFB mode */ + /* when protected, the MPIs above are pointers + * to plain storage */ + } blowfish; + } protect; + } elg; struct { MPI rsa_n; /* public modulus */ MPI rsa_e; /* public exponent */ @@ -135,23 +152,6 @@ typedef struct { } blowfish; } protect; } rsa; - struct { - MPI p; /* prime */ - MPI g; /* group generator */ - MPI y; /* g^x mod p */ - MPI x; /* secret exponent */ - u16 csum; /* checksum */ - byte is_protected; /* The above infos are protected and must */ - /* be decrypteded before use */ - byte protect_algo; /* cipher used to protect the secret informations*/ - union { /* information for the protection */ - struct { - byte iv[8]; /* initialization vector for CFB mode */ - /* when protected, the MPIs above are pointers - * to plain storage */ - } blowfish; - } protect; - } elg; } d; } PKT_secret_cert; @@ -213,6 +213,7 @@ int proc_packets( IOBUF a ); /*-- parse-packet.c --*/ int set_packet_list_mode( int mode ); +int search_packet( IOBUF inp, PACKET *pkt, int pkttype, ulong *retpos ); int parse_packet( IOBUF inp, PACKET *ret_pkt); /*-- build-packet.c --*/ diff --git a/g10/parse-packet.c b/g10/parse-packet.c index 5badb0ec4..70eef4007 100644 --- a/g10/parse-packet.c +++ b/g10/parse-packet.c @@ -36,6 +36,8 @@ static mpi_print_mode = 0; static list_mode = 0; +static int parse( IOBUF inp, PACKET *pkt, int reqtype, + ulong *retpos, int *skip ); static void skip_packet( IOBUF inp, int pkttype, unsigned long pktlen ); static void skip_rest( IOBUF inp, unsigned long pktlen ); static int parse_publickey( IOBUF inp, int pkttype, unsigned long pktlen, @@ -108,13 +110,48 @@ set_packet_list_mode( int mode ) */ int parse_packet( IOBUF inp, PACKET *pkt ) +{ + int skip, rc; + + do { + rc = parse( inp, pkt, 0, NULL, &skip ); + } while( skip ); + return rc; +} + +/**************** + * Like parse packet, but do only return packet of the given type. + */ +int +search_packet( IOBUF inp, PACKET *pkt, int pkttype, ulong *retpos ) +{ + int skip, rc; + + do { + rc = parse( inp, pkt, pkttype, retpos, &skip ); + } while( skip ); + return rc; +} + + +/**************** + * Parse packet. Set the variable skip points to to 1 if the packet + * should be skipped; this is the case if either there is a + * requested packet type and the parsed packet doesn't match or the + * packet-type is 0, indicating deleted stuff. + */ +static int +parse( IOBUF inp, PACKET *pkt, int reqtype, ulong *retpos, int *skip ) { int rc, ctb, pkttype, lenbytes; unsigned long pktlen; byte hdr[5]; int hdrlen; + *skip = 0; assert( !pkt->pkt.generic ); + if( retpos ) + *retpos = iobuf_tell(inp); if( (ctb = iobuf_get(inp)) == -1 ) return -1; hdrlen=0; @@ -139,6 +176,12 @@ parse_packet( IOBUF inp, PACKET *pkt ) } } + if( !pkttype || (reqtype && pkttype != reqtype) ) { + skip_packet(inp, pkttype, pktlen); + *skip = 1; + return 0; + } + if( DBG_PACKET ) log_debug("parse_packet(iob=%d): type=%d length=%lu\n", iobuf_id(inp), pkttype, pktlen ); diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c index ba6a6f15a..f3f02abde 100644 --- a/g10/pubkey-enc.c +++ b/g10/pubkey-enc.c @@ -58,7 +58,7 @@ get_session_key( PKT_pubkey_enc *k, DEK *dek ) skey.g = skc->d.elg.g; skey.y = skc->d.elg.y; skey.x = skc->d.elg.x; - elg_decrypted( dek_frame, k->d.elg.a, k->d.elg.b, &skey ); + elg_decrypt( dek_frame, k->d.elg.a, k->d.elg.b, &skey ); memset( &skey, 0, sizeof skey ); } #ifdef HAVE_RSA_CIPHER diff --git a/g10/ringedit.c b/g10/ringedit.c new file mode 100644 index 000000000..e4380c3d1 --- /dev/null +++ b/g10/ringedit.c @@ -0,0 +1,469 @@ +/* ringedit.c - Function for key ring editing + * Copyright (c) 1997 by Werner Koch (dd9jn) + * + * This file is part of G10. + * + * G10 is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * G10 is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + + +/**************** + * This module supplies function for: + * + * - Search for a key block (pubkey and all other stuff) and return a + * handle for it. + * + * - Lock/Unlock a key block + * + * - Read a key block into a tree + * + * - Update a key block + * + * - Insert a new key block + * + * - Delete a key block + * + * FIXME: Add backup stuff + * FIXME: Keep track of all nodes, so that a change is propagated + * to all nodes. (or use shallow copies and ref-counting?) + */ + + + +#include +#include +#include +#include +#include +#include "util.h" +#include "packet.h" +#include "memory.h" +#include "mpi.h" +#include "iobuf.h" +#include "keydb.h" + + +struct resource_table_struct { + int used; + char *fname; + IOBUF iobuf; +}; + +#define MAX_RESOURCES 10 +static struct resource_table_struct resource_table[MAX_RESOURCES]; + + +static int keyring_search( PACKET *pkt, KBPOS *kbpos, IOBUF iobuf ); +static int keyring_read( KBPOS *kbpos, KBNODE *ret_root ); +static int keyring_insert( KBPOS *kbpos, KBNODE root ); +static int keyring_delete( KBPOS *kbpos ); + + + +static int +check_pos( KBPOS *kbpos ) +{ + if( kbpos->resno < 0 || kbpos->resno >= MAX_RESOURCES ) + return G10ERR_GENERAL; + if( !resource_table[kbpos->resno].used ) + return G10ERR_GENERAL; + return 0; +} + + + +/**************************************************************** + ****************** public functions **************************** + ****************************************************************/ + +/**************** + * Register a resource (which currently may ionly be a keyring file). + */ +int +add_keyblock_resource( const char *filename ) +{ + IOBUF iobuf; + int i; + + for(i=0; i < MAX_RESOURCES; i++ ) + if( !resource_table[i].used ) + break; + if( i == MAX_RESOURCES ) + return G10ERR_RESOURCE_LIMIT; + + iobuf = iobuf_open( filename ); + if( !iobuf ) + return G10ERR_OPEN_FILE; + resource_table[i].used = 1; + resource_table[i].fname = m_strdup(filename); + resource_table[i].iobuf = iobuf; + return 0; +} + + +/**************** + * Get a keyblock handle KBPOS from a filename. This can be used + * to get a handle for insert_keyblock for a new keyblock. + */ +int +get_keyblock_handle( const char *filename, KBPOS *kbpos ) +{ + int i; + + for(i=0; i < MAX_RESOURCES; i++ ) + if( resource_table[i].used ) { + /* fixme: dos needs case insensitive file compare */ + if( !strcmp( resource_table[i].fname, filename ) ) { + memset( kbpos, 0, sizeof *kbpos ); + kbpos->resno = i; + return 0; + } + } + return -1; /* not found */ +} + +/**************** + * Search a keyblock which starts with the given packet and put all + * informations into KBPOS, which can be used later to access this key block. + * This function looks into all registered keyblock sources. + * PACKET must be a packet with either a secret_cert or a public_cert + * + * This function is intended to check wether a given certificate + * is already in a keyring or to prepare it for editing. + * + * Returns: 0 if found, -1 if not found or an errorcode. + */ +int +search_keyblock( PACKET *pkt, KBPOS *kbpos ) +{ + int i, rc, last_rc=-1; + + for(i=0; i < MAX_RESOURCES; i++ ) { + if( resource_table[i].used ) { + /* note: here we have to add different search functions, + * depending on the type of the resource */ + rc = keyring_search( pkt, kbpos, resource_table[i].iobuf ); + if( !rc ) { + kbpos->resno = i; + return 0; + } + if( rc != -1 ) { + log_error("error searching resource %d: %s\n", + i, g10_errstr(rc)); + last_rc = rc; + } + } + } + return last_rc; +} + + + +/**************** + * Lock the keyblock; wait until it's available + * This function may change the internal data in kbpos, in cases + * when the to be locked keyblock has been modified. + * fixme: remove this function and add an option to search_keyblock()? + */ +int +lock_keyblock( KBPOS *kbpos ) +{ + int rc; + + if( (rc=check_pos(kbpos)) ) + return rc; + return 0; +} + +/**************** + * Release a lock on a keyblock + */ +int +unlock_keyblock( KBPOS *kbpos ) +{ + int rc; + + if( (rc=check_pos(kbpos)) ) + return rc; + return 0; +} + +/**************** + * Read a complete keyblock and return the root in ret_root. + */ +int +read_keyblock( KBPOS *kbpos, KBNODE *ret_root ) +{ + int rc; + + if( (rc=check_pos(kbpos)) ) + return rc; + return keyring_read( kbpos, ret_root ); +} + +/**************** + * Insert the keyblock described by ROOT into the keyring described + * by KBPOS. This actually appends the data to the keyfile. + */ +int +insert_keyblock( KBPOS *kbpos, KBNODE root ) +{ + int rc; + + if( (rc=check_pos(kbpos)) ) + return rc; + + rc = keyring_insert( kbpos, root ); + + return rc; +} + +/**************** + * Delete the keyblock described by KBPOS. + * The current code simply changes the keyblock in the keyring + * to packet of type 0 with the correct length. To help detecting errors, + * zero bytes are written. + */ +int +delete_keyblock( KBPOS *kbpos ) +{ + int rc; + + if( (rc=check_pos(kbpos)) ) + return rc; + + rc = keyring_delete( kbpos ); + + return rc; +} + + +/**************** + * Update the keyblock at KBPOS with the one in ROOT. + */ +int +update_keyblock( KBPOS *kbpos, KBNODE root ) +{ + int rc; + KBPOS kbpos2; + + /* we do it the simple way: */ + memset( &kbpos2, 0, sizeof kbpos2 ); + kbpos2.resno = kbpos->resno; + rc = insert_keyblock( &kbpos2, root ); + if( !rc ) + rc = delete_keyblock( kbpos ); + + return rc; +} + + +/**************************************************************** + ********** Functions which operates on regular keyrings ******** + ****************************************************************/ + + +/**************** + * search one keyring, return 0 if found, -1 if not found or an errorcode. + */ +static int +keyring_search( PACKET *req, KBPOS *kbpos, IOBUF iobuf ) +{ + int rc; + PACKET pkt; + int save_mode; + ulong offset; + int pkttype = req->pkttype; + PKT_public_cert *req_pkc = req->pkt.public_cert; + PKT_secret_cert *req_skc = req->pkt.secret_cert; + + init_packet(&pkt); + save_mode = set_packet_list_mode(0); + + if( iobuf_seek( iobuf, 0 ) ) { + log_error("can't rewind keyring file: %s\n", g10_errstr(rc)); + rc = G10ERR_KEYRING_OPEN; + goto leave; + } + + while( !(rc=search_packet(iobuf, &pkt, pkttype, &offset)) ) { + if( pkt.pkttype == PKT_SECRET_CERT ) { + PKT_secret_cert *skc = pkt.pkt.secret_cert; + + if( req_skc->timestamp == skc->timestamp + && req_skc->valid_days == skc->valid_days + && req_skc->pubkey_algo == skc->pubkey_algo + && ( ( skc->pubkey_algo == PUBKEY_ALGO_ELGAMAL + && !mpi_cmp( req_skc->d.elg.p, skc->d.elg.p ) + && !mpi_cmp( req_skc->d.elg.g, skc->d.elg.g ) + && !mpi_cmp( req_skc->d.elg.y, skc->d.elg.y ) + && !mpi_cmp( req_skc->d.elg.x, skc->d.elg.x ) + ) + || ( skc->pubkey_algo == PUBKEY_ALGO_RSA + && !mpi_cmp( req_skc->d.rsa.rsa_n, skc->d.rsa.rsa_n ) + && !mpi_cmp( req_skc->d.rsa.rsa_e, skc->d.rsa.rsa_e ) + && !mpi_cmp( req_skc->d.rsa.rsa_d, skc->d.rsa.rsa_d ) + ) + ) + ) + break; /* found */ + } + else if( pkt.pkttype == PKT_PUBLIC_CERT ) { + PKT_public_cert *pkc = pkt.pkt.public_cert; + + if( req_pkc->timestamp == pkc->timestamp + && req_pkc->valid_days == pkc->valid_days + && req_pkc->pubkey_algo == pkc->pubkey_algo + && ( ( pkc->pubkey_algo == PUBKEY_ALGO_ELGAMAL + && !mpi_cmp( req_pkc->d.elg.p, pkc->d.elg.p ) + && !mpi_cmp( req_pkc->d.elg.g, pkc->d.elg.g ) + && !mpi_cmp( req_pkc->d.elg.y, pkc->d.elg.y ) + ) + || ( pkc->pubkey_algo == PUBKEY_ALGO_RSA + && !mpi_cmp( req_pkc->d.rsa.rsa_n, pkc->d.rsa.rsa_n ) + && !mpi_cmp( req_pkc->d.rsa.rsa_e, pkc->d.rsa.rsa_e ) + ) + ) + ) + break; /* found */ + } + else + log_bug(NULL); + free_packet(&pkt); + } + if( !rc ) + kbpos->offset = offset; + + leave: + free_packet(&pkt); + set_packet_list_mode(save_mode); + return rc; +} + + +static int +keyring_read( KBPOS *kbpos, KBNODE *ret_root ) +{ + PACKET *pkt; + int rc; + KBNODE root = NULL; + KBNODE node, n1, n2; + IOBUF a; + + if( (rc=check_pos(kbpos)) ) + return rc; + a = resource_table[kbpos->resno].iobuf; + + pkt = m_alloc( sizeof *pkt ); + init_packet(pkt); + while( (rc=parse_packet(a, pkt)) != -1 ) { + if( rc ) { /* ignore errors */ + free_packet( pkt ); + continue; + } + switch( pkt->pkttype ) { + case PKT_PUBLIC_CERT: + case PKT_SECRET_CERT: + if( root ) + break; + root = new_kbnode( pkt ); + pkt = m_alloc( sizeof *pkt ); + init_packet(pkt); + break; + + case PKT_USER_ID: + if( !root ) { + log_error("read_keyblock: orphaned user id\n" ); + rc = G10ERR_INV_KEYRING; /* or wron kbpos */ + break; + } + /* append the user id */ + node = new_kbnode( pkt ); + if( !(n1=root->child) ) + root->child = node; + else { + for( ; n1->next; n1 = n1->next) + ; + n1->next = node; + } + pkt = m_alloc( sizeof *pkt ); + init_packet(pkt); + break; + + case PKT_SIGNATURE: + if( !root ) { + log_error("read_keyblock: no root for signature\n" ); + rc = G10ERR_INV_KEYRING; /* or wrong kbpos */ + break; + } + if( !root->child ) { + log_error("read_keyblock: no userid for signature\n" ); + rc = G10ERR_INV_KEYRING; + break; + } + /* goto the last user id */ + for(n1=root->child; n1->next; n1 = n1->next ) + ; + /* append the signature node */ + node = new_kbnode( pkt ); + if( !(n2=n1->child) ) + n1->child = node; + else { + for( ; n2->next; n2 = n2->next) + ; + n2->next = node; + } + pkt = m_alloc( sizeof *pkt ); + init_packet(pkt); + break; + + default: /* ignore all other packets. FIXME: we should not do this */ + free_packet( pkt ); + break; + } + } + kbpos->last_block = rc == -1; /* flag, that this is the last block */ + if( rc == -1 && root ) + rc = 0; + + if( rc ) + release_kbnode( root ); + else { + *ret_root = root; + kbpos->length = iobuf_tell( a ) - kbpos->offset; + } + free_packet( pkt ); + m_free( pkt ); + return rc; +} + + +static int +keyring_insert( KBPOS *kbpos, KBNODE root ) +{ + return -1; +} + +static int +keyring_delete( KBPOS *kbpos ) +{ + return -1; +} + + +/**************************************************************** + ********** Functions which operates on databases *************** + ****************************************************************/ + diff --git a/include/cipher.h b/include/cipher.h index f918dcf08..2fab4daa2 100644 --- a/include/cipher.h +++ b/include/cipher.h @@ -30,6 +30,7 @@ #include "mpi.h" #include "../cipher/md5.h" #include "../cipher/rmd.h" +#include "../cipher/sha1.h" #ifdef HAVE_RSA_CIPHER #include "../cipher/rsa.h" #endif @@ -71,6 +72,7 @@ typedef struct { union { MD5HANDLE md5; RMDHANDLE rmd; + SHA1HANDLE sha1; } u; int datalen; char data[1]; diff --git a/include/errors.h b/include/errors.h index cdd4a0549..9679e9153 100644 --- a/include/errors.h +++ b/include/errors.h @@ -50,5 +50,7 @@ #define G10ERR_NI_CIPHER 28 #define G10ERR_SIG_CLASS 29 #define G10ERR_BAD_MPI 30 +#define G10ERR_RESOURCE_LIMIT 31 +#define G10ERR_INV_KEYRING 32 #endif /*G10_ERRORS_H*/ diff --git a/include/iobuf.h b/include/iobuf.h index 789ffde07..f2e6b3f21 100644 --- a/include/iobuf.h +++ b/include/iobuf.h @@ -39,18 +39,14 @@ typedef struct iobuf_struct *IOBUF; struct iobuf_struct { int usage; /* 1 input , 2 output, 3 temp */ unsigned long nlimit; - unsigned long nbytes; + unsigned long nbytes; /* used together with nlimit */ + unsigned long ntotal; /* total bytes read (position of stream) */ struct { size_t size; /* allocated size */ size_t start; /* number of invalid bytes at the begin of the buffer */ size_t len; /* currently filled to this size */ byte *buf; } d; - struct { - size_t size; - size_t len; - char *buf; - } recorder; int filter_eof; int (*filter)( void *opaque, int control, IOBUF chain, byte *buf, size_t *len); @@ -80,6 +76,9 @@ void iobuf_clear_eof(IOBUF a); void iobuf_set_limit( IOBUF a, unsigned long nlimit ); +ulong iobuf_tell( IOBUF a ); +int iobuf_seek( IOBUF a, ulong newpos ); + int iobuf_readbyte(IOBUF a); int iobuf_writebyte(IOBUF a, unsigned c); int iobuf_write(IOBUF a, byte *buf, unsigned buflen ); @@ -88,10 +87,6 @@ int iobuf_writestr(IOBUF a, const char *buf ); int iobuf_write_temp( IOBUF a, IOBUF temp ); size_t iobuf_temp_to_buffer( IOBUF a, byte *buffer, size_t buflen ); -void iobuf_start_recorder( IOBUF a ); -void iobuf_push_recorder( IOBUF a, int c ); -char *iobuf_stop_recorder( IOBUF a, size_t *n ); - u32 iobuf_get_filelength( IOBUF a ); const char *iobuf_get_fname( IOBUF a ); @@ -104,8 +99,7 @@ int iobuf_in_block_mode( IOBUF a ); * returned value to be in the range 0 ..255. */ #define iobuf_get(a) \ - ( ((a)->recorder.buf || (a)->nlimit \ - || (a)->d.start >= (a)->d.len )? \ + ( ((a)->nlimit || (a)->d.start >= (a)->d.len )? \ iobuf_readbyte((a)) : ( (a)->nbytes++, (a)->d.buf[(a)->d.start++] ) ) #define iobuf_get_noeof(a) (iobuf_get((a))&0xff) diff --git a/include/memory.h b/include/memory.h index 32eb3906b..6a9ed84df 100644 --- a/include/memory.h +++ b/include/memory.h @@ -34,6 +34,7 @@ #define m_free(n) m_debug_free((n), M_DBGINFO(__LINE__) ) #define m_check(n) m_debug_check((n), M_DBGINFO(__LINE__) ) #define m_copy(a) m_debug_copy((a), M_DBGINFO(__LINE__) ) +#define m_strdup(a) m_debug_strdup((a), M_DBGINFO(__LINE__) ) void *m_debug_alloc( size_t n, const char *info ); void *m_debug_alloc_clear( size_t n, const char *info ); @@ -43,6 +44,7 @@ void *m_debug_realloc( void *a, size_t n, const char *info ); void m_debug_free( void *p, const char *info ); void m_debug_check( const void *a, const char *info ); void *m_debug_copy( const void *a, const char *info ); +char *m_debug_strdup( const char *a, const char *info ); #else void *m_alloc( size_t n ); @@ -52,10 +54,10 @@ void *m_alloc_secure_clear( size_t n ); void *m_realloc( void *a, size_t n ); void m_free( void *p ); void m_check( const void *a ); -void *m_copy( void *a ); +void *m_copy( const void *a ); +char *m_strdup( const char * a); #endif - size_t m_size( const void *a ); int m_is_secure( const void *p ); diff --git a/include/util.h b/include/util.h index 0b6d4e9bc..23514ad1f 100644 --- a/include/util.h +++ b/include/util.h @@ -79,6 +79,7 @@ const char *strusage( int level ); /*-- fileutil.c --*/ +char *make_filename( const char *first_part, ... ); /*-- miscutil.c --*/ u32 make_timestamp(void); diff --git a/util/argparse.c b/util/argparse.c index 2f733eb4b..10cfd5c1d 100644 --- a/util/argparse.c +++ b/util/argparse.c @@ -23,6 +23,7 @@ #include #include #include +#include #include #include "util.h" @@ -124,10 +125,202 @@ */ -static void set_opt_arg(ARGPARSE_ARGS *arg, unsigned flags, char *s); +static int set_opt_arg(ARGPARSE_ARGS *arg, unsigned flags, char *s); static void show_help(ARGPARSE_OPTS *opts, unsigned flags); static void show_version(void); +static void +initialize( ARGPARSE_ARGS *arg, const char *filename, unsigned *lineno ) +{ + if( !(arg->flags & (1<<15)) ) { /* initialize this instance */ + arg->internal.index = 0; + arg->internal.last = NULL; + arg->internal.inarg = 0; + arg->internal.stopped= 0; + arg->err = 0; + arg->flags |= 1<<15; /* mark initialized */ + if( *arg->argc < 0 ) + log_bug("Invalid argument for ArgParse\n"); + } + + if( arg->err ) { /* last option was erroneous */ + const char *s; + + if( filename ) { + if( arg->r_opt == -6 ) + s = "%s:%u: argument not expected\n"; + else if( arg->r_opt == -5 ) + s = "%s:%u: read error\n"; + else if( arg->r_opt == -4 ) + s = "%s:%u: keyword too long\n"; + else if( arg->r_opt == -3 ) + s = "%s:%u: missing argument\n"; + else + s = "%s:%u: invalid option\n"; + log_error(s, filename, *lineno ); + } + else { + if( arg->r_opt == -3 ) + s = "Missing argument for option \"%.50s\"\n"; + else + s = "Invalid option \"%.50s\"\n"; + log_error(s, arg->internal.last? arg->internal.last:"[??]" ); + } + if( arg->err != 1 ) + exit(2); + arg->err = 0; + } +} + + + +/**************** + * Get options from a file. + * Lines starting with '#' are comment lines. + * Syntax is simply a keyword and the argument. + * Valid keywords are all keywords from the long_opt list without + * the leading dashes. The special keywords help, warranty and version + * are not valid here. + * Caller must free returned strings. + * If called with FP set to NULL command line args are parse instead. + */ +int +optfile_parse( FILE *fp, const char *filename, unsigned *lineno, + ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts) +{ + char *s, *s2; + int state, i, c; + int index=0; + char keyword[100]; + char *buffer = NULL; + size_t buflen = 0; + + if( !fp ) /* same as arg_parse() in this case */ + return arg_parse( arg, opts ); + + initialize( arg, filename, lineno ); + + /* find the next keyword */ + state = i = 0; + for(;;) { + c=getc(fp); + if( c == '\n' || c== EOF ) { + if( c != EOF ) + ++*lineno; + if( state == -1 ) + break; + else if( state == 2 ) { + keyword[i] = 0; + for(i=0; opts[i].short_opt; i++ ) + if( opts[i].long_opt && !strcmp( opts[i].long_opt, keyword) ) + break; + index = i; + arg->r_opt = opts[index].short_opt; + if( !opts[index].short_opt ) + arg->r_opt = -2; /* unknown option */ + else if( (opts[index].flags & 8) ) /* no optional argument */ + arg->r_type = 0; /* okay */ + else /* no required argument */ + arg->r_opt = -3; /* error */ + break; + } + else if( state == 3 ) { /* no argument found */ + if( !(opts[index].flags & 7) ) /* does not take an argument */ + arg->r_type = 0; /* okay */ + else if( (opts[index].flags & 8) ) /* no optional argument */ + arg->r_type = 0; /* okay */ + else /* no required argument */ + arg->r_opt = -3; /* error */ + break; + } + else if( state == 4 ) { /* have an argument */ + if( !(opts[index].flags & 7) ) /* does not take an argument */ + arg->r_opt = -6; /* error */ + else { + if( !buffer ) { + keyword[i] = 0; + buffer = m_strdup(keyword); + } + else + buffer[i] = 0; + + if( !set_opt_arg(arg, opts[index].flags, buffer) ) + m_free(buffer); + } + break; + } + else if( c == EOF ) { + if( ferror(fp) ) + arg->r_opt = -5; /* read error */ + else + arg->r_opt = 0; /* eof */ + break; + } + state = 0; + i = 0; + } + else if( state == -1 ) + ; /* skip */ + else if( !state && isspace(c) ) + ; /* skip leading white space */ + else if( !state && c == '#' ) + state = 1; /* start of a comment */ + else if( state == 1 ) + ; /* skip comments */ + else if( state == 2 && isspace(c) ) { + keyword[i] = 0; + for(i=0; opts[i].short_opt; i++ ) + if( opts[i].long_opt && !strcmp( opts[i].long_opt, keyword) ) + break; + index = i; + arg->r_opt = opts[index].short_opt; + if( !opts[index].short_opt ) { + arg->r_opt = -2; /* unknown option */ + state = -1; /* skip rest of line and leave */ + } + else + state = 3; + } + else if( state == 3 ) { /* skip leading spaces of the argument */ + if( !isspace(c) ) { + i = 0; + keyword[i] = c; + state = 4; + } + } + else if( state == 4 ) { /* collect the argument */ + if( buffer ) { + if( i < buflen-1 ) + buffer[i++] = c; + else { + buflen += 50; + buffer = m_realloc(buffer, buflen); + buffer[i++] = c; + } + } + else if( i < DIM(keyword)-1 ) + keyword[i++] = c; + else { + buflen = DIM(keyword)+50; + buffer = m_alloc(buflen); + memcpy(buffer, keyword, i); + buffer[i++] = c; + } + } + else if( i >= DIM(keyword)-1 ) { + arg->r_opt = -4; /* keyword to long */ + state = -1; /* skip rest of line and leave */ + } + else { + keyword[i++] = c; + state = 2; + } + } + + return arg->r_opt; +} + + int arg_parse( ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts) @@ -138,31 +331,11 @@ arg_parse( ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts) char *s, *s2; int i; - if( !(arg->flags & (1<<15)) ) { /* initialize this instance */ - arg->internal.index = 0; - arg->internal.last = NULL; - arg->internal.inarg = 0; - arg->internal.stopped= 0; - arg->err = 0; - arg->flags |= 1<<15; /* mark initialized */ - if( *arg->argc < 0 ) - log_bug("Invalid argument for ArgParse\n"); - } + initialize( arg, NULL, NULL ); argc = *arg->argc; argv = *arg->argv; index = arg->internal.index; - if( arg->err ) { /* last option was erroneous */ - if( arg->r_opt == -3 ) - s = "Missing argument for option \"%.50s\"\n"; - else - s = "Invalid option \"%.50s\"\n"; - log_error(s, arg->internal.last? arg->internal.last:"[??]" ); - if( arg->err != 1 ) - exit(2); - arg->err = 0; - } - if( !index && argc && !(arg->flags & (1<<4)) ) { /* skip the first entry */ argc--; argv++; index++; } @@ -322,7 +495,7 @@ arg_parse( ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts) -static void +static int set_opt_arg(ARGPARSE_ARGS *arg, unsigned flags, char *s) { int base = (flags & 16)? 0 : 10; @@ -330,17 +503,17 @@ set_opt_arg(ARGPARSE_ARGS *arg, unsigned flags, char *s) switch( arg->r_type = (flags & 7) ) { case 1: /* takes int argument */ arg->r.ret_int = (int)strtol(s,NULL,base); - break; - default: - case 2: /* takes string argument */ - arg->r.ret_str = s; - break; + return 0; case 3: /* takes long argument */ arg->r.ret_long= strtol(s,NULL,base); - break; + return 0; case 4: /* takes ulong argument */ arg->r.ret_ulong= strtoul(s,NULL,base); - break; + return 0; + case 2: /* takes string argument */ + default: + arg->r.ret_str = s; + return 1; } } diff --git a/util/fileutil.c b/util/fileutil.c index e2ea9b20e..28bd866c5 100644 --- a/util/fileutil.c +++ b/util/fileutil.c @@ -21,6 +21,7 @@ #include #include #include +#include #include #include #include @@ -29,3 +30,37 @@ #include "ttyio.h" +/**************** + * Construct a filename form the NULL terminated list of parts. + * Tilde expansion is done here. + */ +char * +make_filename( const char *first_part, ... ) +{ + va_list arg_ptr ; + size_t n; + const char *s; + char *name, *home, *p; + + va_start( arg_ptr, first_part ) ; + n = strlen(first_part)+1; + while( (s=va_arg(arg_ptr, const char *)) ) + n += strlen(s) + 1; + va_end(arg_ptr); + + home = NULL; + if( *first_part == '~' && first_part[1] == '/' + && (home = getenv("HOME")) && *home ) + n += strlen(home); + + name = m_alloc(n); + p = home ? stpcpy(stpcpy(name,home), first_part+1) + : stpcpy(name, first_part); + va_start( arg_ptr, first_part ) ; + while( (s=va_arg(arg_ptr, const char *)) ) + p = stpcpy(stpcpy(p,"/"), s); + va_end(arg_ptr); + + return name; +} + diff --git a/util/iobuf.c b/util/iobuf.c index 61e1c5909..da8fea479 100644 --- a/util/iobuf.c +++ b/util/iobuf.c @@ -271,7 +271,6 @@ iobuf_close( IOBUF a ) if( a->filter && (rc = a->filter(a->filter_ov, IOBUFCTRL_FREE, a->chain, NULL, &dummy_len)) ) log_error("IOBUFCTRL_FREE failed on close: %s\n", g10_errstr(rc) ); - m_free(a->recorder.buf); m_free(a->d.buf); m_free(a); } @@ -406,9 +405,8 @@ iobuf_push_filter( IOBUF a, a->d.start = 0; } /* disable nlimit for the new stream */ + a->ntotal = b->ntotal + b->nbytes; a->nlimit = a->nbytes = 0; - /* disable recorder for the original stream */ - b->recorder.buf = NULL; /* make a link from the new stream to the original stream */ a->chain = b; a->opaque = b->opaque; @@ -601,14 +599,6 @@ iobuf_readbyte(IOBUF a) return -1; /* EOF */ a->nbytes++; - - if( a->recorder.buf ) { - if( a->recorder.len >= a->recorder.size ) { - a->recorder.size += 500; - a->recorder.buf = m_realloc( a->recorder.buf, a->recorder.size ); - } - ((byte*)a->recorder.buf)[a->recorder.len++] = c; - } return c; } @@ -678,47 +668,12 @@ void iobuf_set_limit( IOBUF a, unsigned long nlimit ) { a->nlimit = nlimit; + a->ntotal += a->nbytes; a->nbytes = 0; } -void -iobuf_start_recorder( IOBUF a ) -{ - m_free(a->recorder.buf); - a->recorder.size = 500; - a->recorder.buf = m_alloc(a->recorder.size); - a->recorder.len = 0; -} - -void -iobuf_push_recorder( IOBUF a, int c ) -{ - if( a->recorder.buf ) { - if( a->recorder.len >= a->recorder.size ) { - a->recorder.size += 500; - a->recorder.buf = m_realloc( a->recorder.buf, a->recorder.size ); - } - ((byte*)a->recorder.buf)[a->recorder.len++] = c; - } -} - - -char * -iobuf_stop_recorder( IOBUF a, size_t *n ) -{ - char *p; - if( !a->recorder.buf ) - log_bug("iobuf_recorder not started\n"); - p = a->recorder.buf; - if( n ) - *n = a->recorder.len; - a->recorder.buf = NULL; - return p; -} - - /**************** * Return the length of an open file */ @@ -741,6 +696,28 @@ iobuf_get_filelength( IOBUF a ) return 0; } +/**************** + * Tell the file position, where the next read will take place + */ +ulong +iobuf_tell( IOBUF a ) +{ + return a->ntotal + a->nbytes; +} + + +int +iobuf_seek( IOBUF a, ulong newpos ) +{ + + return -1; +} + + + + + + /**************** * Retrieve the filename */ diff --git a/util/memory.c b/util/memory.c index 9ba9a8e82..1a60b4931 100644 --- a/util/memory.c +++ b/util/memory.c @@ -54,6 +54,7 @@ const void membug( const char *fmt, ... ); #undef m_realloc #undef m_free #undef m_check + #undef m_strdup #define FNAME(a) m_debug_ ##a #define FNAMEPRT , const char *info #define FNAMEARG , info @@ -370,7 +371,7 @@ FNAME(alloc_secure_clear)( size_t n FNAMEPRT) /**************** - * realloc and clear the new space + * realloc and clear the old space */ void * FNAME(realloc)( void *a, size_t n FNAMEPRT ) @@ -461,13 +462,13 @@ m_is_secure( const void *p ) * Make a copy of the memory block at a */ void * -FNAME(copy)( void *a FNAMEPRT ) +FNAME(copy)( const void *a FNAMEPRT ) { void *b; size_t n; if( !a ) - return a; + return NULL; n = m_size(a); if( m_is_secure(a) ) @@ -479,3 +480,12 @@ FNAME(copy)( void *a FNAMEPRT ) } +char * +FNAME(strdup)( const char *a FNAMEPRT ) +{ + size_t n = strlen(a); + char *p = FNAME(alloc)(n+1 FNAMEARG); + strcpy(p, a); + return p; +} +