mirror of git://git.gnupg.org/gnupg.git
A couple of fixes. gpg2's key generation does now work.
This commit is contained in:
Werner Koch
parent
6c4ae71b5d
commit
6c208fea32
3
TODO
3
TODO
|
|
@ -103,6 +103,9 @@ might want to have an agent context for each service request
|
||||||
* sm/
|
* sm/
|
||||||
** check that we issue NO_SECKEY xxx if a -u key was not found
|
** check that we issue NO_SECKEY xxx if a -u key was not found
|
||||||
|
|
||||||
|
* jnlib/
|
||||||
|
** provide jnlib_malloc and try to remove all jnlib_xmalloc.
|
||||||
|
|
||||||
* gpg/
|
* gpg/
|
||||||
** issue a NO_SECKEY xxxx if a -u key was not found.
|
** issue a NO_SECKEY xxxx if a -u key was not found.
|
||||||
** Replace DIGEST_ALGO_SHA224
|
** Replace DIGEST_ALGO_SHA224
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,24 @@
|
||||||
|
2006-06-30 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
|
* misc.c (checksum_mpi): No need for nbits as they are alredy
|
||||||
|
included in the buffer.
|
||||||
|
|
||||||
|
2006-06-29 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
|
* parse-packet.c (parse_signature, parse_key): Need store the
|
||||||
|
length of opaque data as number of bits.
|
||||||
|
* card-util.c (card_store_subkey): Ditto.
|
||||||
|
|
||||||
|
* mainproc.c (print_pkenc_list, check_sig_and_print): Replaced
|
||||||
|
log_get_stream by calls to log_printf. This avoids the extra LFs
|
||||||
|
inserted by the logging function. They are a bit too smart
|
||||||
|
sometimes.
|
||||||
|
* pkclist.c (do_show_revocation_reason): Print final LF through
|
||||||
|
log_printf to avoid extra LFs.
|
||||||
|
* pubkey-enc.c (get_it): Ditto.
|
||||||
|
|
||||||
|
* seskey.c (encode_md_value): Fix call to gcry.
|
||||||
|
|
||||||
2006-06-27 Werner Koch <wk@g10code.com>
|
2006-06-27 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
Applied patches from 1.4.x (2006-05-22 to 2006-06-23) from David:
|
Applied patches from 1.4.x (2006-05-22 to 2006-06-23) from David:
|
||||||
|
|
|
||||||
|
|
@ -1271,7 +1271,7 @@ card_store_subkey (KBNODE node, int use)
|
||||||
sk->skey[i] = NULL;
|
sk->skey[i] = NULL;
|
||||||
}
|
}
|
||||||
i = pubkey_get_npkey (sk->pubkey_algo);
|
i = pubkey_get_npkey (sk->pubkey_algo);
|
||||||
sk->skey[i] = mpi_set_opaque (NULL, xstrdup ("dummydata"), 10);
|
sk->skey[i] = gcry_mpi_set_opaque (NULL, xstrdup ("dummydata"), 10*8);
|
||||||
sk->is_protected = 1;
|
sk->is_protected = 1;
|
||||||
sk->protect.s2k.mode = 1002;
|
sk->protect.s2k.mode = 1002;
|
||||||
s = info.serialno;
|
s = info.serialno;
|
||||||
|
|
|
||||||
|
|
@ -3701,7 +3701,7 @@ gen_card_key_with_backup (int algo, int keyno, int is_primary,
|
||||||
sk->skey[i] = NULL;
|
sk->skey[i] = NULL;
|
||||||
}
|
}
|
||||||
i = pubkey_get_npkey (sk->pubkey_algo);
|
i = pubkey_get_npkey (sk->pubkey_algo);
|
||||||
sk->skey[i] = mpi_set_opaque (NULL, xstrdup ("dummydata"), 10);
|
sk->skey[i] = gcry_mpi_set_opaque (NULL, xstrdup ("dummydata"), 10*8);
|
||||||
sk->is_protected = 1;
|
sk->is_protected = 1;
|
||||||
sk->protect.s2k.mode = 1002;
|
sk->protect.s2k.mode = 1002;
|
||||||
s = get_parameter_value (para, pSERIALNO);
|
s = get_parameter_value (para, pSERIALNO);
|
||||||
|
|
|
||||||
|
|
@ -445,7 +445,7 @@ print_pkenc_list( struct kidlist_item *list, int failed )
|
||||||
nbits_from_pk( pk ), algstr, keystr_from_pk(pk),
|
nbits_from_pk( pk ), algstr, keystr_from_pk(pk),
|
||||||
strtimestamp(pk->timestamp) );
|
strtimestamp(pk->timestamp) );
|
||||||
p=get_user_id_native(list->kid);
|
p=get_user_id_native(list->kid);
|
||||||
fprintf(log_get_stream(),_(" \"%s\"\n"),p);
|
log_printf (_(" \"%s\"\n"),p);
|
||||||
xfree(p);
|
xfree(p);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
|
@ -1527,7 +1527,7 @@ check_sig_and_print( CTX c, KBNODE node )
|
||||||
not going to even try to make two strings here :) */
|
not going to even try to make two strings here :) */
|
||||||
log_info(_("Key available at: ") );
|
log_info(_("Key available at: ") );
|
||||||
print_utf8_string( log_get_stream(), p, n );
|
print_utf8_string( log_get_stream(), p, n );
|
||||||
putc( '\n', log_get_stream() );
|
log_printf ("\n");
|
||||||
|
|
||||||
if(opt.keyserver_options.options&KEYSERVER_AUTO_KEY_RETRIEVE
|
if(opt.keyserver_options.options&KEYSERVER_AUTO_KEY_RETRIEVE
|
||||||
&& opt.keyserver_options.options&KEYSERVER_HONOR_KEYSERVER_URL)
|
&& opt.keyserver_options.options&KEYSERVER_HONOR_KEYSERVER_URL)
|
||||||
|
|
@ -1667,9 +1667,9 @@ check_sig_and_print( CTX c, KBNODE node )
|
||||||
xfree(p);
|
xfree(p);
|
||||||
|
|
||||||
if(opt.verify_options&VERIFY_SHOW_UID_VALIDITY)
|
if(opt.verify_options&VERIFY_SHOW_UID_VALIDITY)
|
||||||
fprintf(log_get_stream()," [%s]\n",trust_value_to_string(valid));
|
log_printf (" [%s]\n",trust_value_to_string(valid));
|
||||||
else
|
else
|
||||||
fputs("\n", log_get_stream() );
|
log_printf ("\n");
|
||||||
count++;
|
count++;
|
||||||
}
|
}
|
||||||
if( !count ) { /* just in case that we have no valid textual
|
if( !count ) { /* just in case that we have no valid textual
|
||||||
|
|
@ -1712,11 +1712,8 @@ check_sig_and_print( CTX c, KBNODE node )
|
||||||
else
|
else
|
||||||
log_info(_("Good signature from \"%s\""),p);
|
log_info(_("Good signature from \"%s\""),p);
|
||||||
if (opt.trust_model!=TM_ALWAYS && un)
|
if (opt.trust_model!=TM_ALWAYS && un)
|
||||||
{
|
log_printf (" %s",_("[uncertain]") );
|
||||||
putc(' ', log_get_stream() );
|
log_printf ("\n");
|
||||||
fputs(_("[uncertain]"), log_get_stream() );
|
|
||||||
}
|
|
||||||
fputs("\n", log_get_stream() );
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* If we have a good signature and already printed
|
/* If we have a good signature and already printed
|
||||||
|
|
@ -1760,10 +1757,10 @@ check_sig_and_print( CTX c, KBNODE node )
|
||||||
valid=trust_value_to_string(get_validity(pk,
|
valid=trust_value_to_string(get_validity(pk,
|
||||||
un->pkt->
|
un->pkt->
|
||||||
pkt.user_id));
|
pkt.user_id));
|
||||||
fprintf(log_get_stream()," [%s]\n",valid);
|
log_printf (" [%s]\n",valid);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
fputs("\n", log_get_stream() );
|
log_printf ("\n");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
release_kbnode( keyblock );
|
release_kbnode( keyblock );
|
||||||
|
|
|
||||||
|
|
@ -297,7 +297,6 @@ checksum_mpi (gcry_mpi_t a)
|
||||||
u16 csum;
|
u16 csum;
|
||||||
byte *buffer;
|
byte *buffer;
|
||||||
unsigned int nbytes;
|
unsigned int nbytes;
|
||||||
unsigned int nbits;
|
|
||||||
|
|
||||||
if ( gcry_mpi_print (GCRYMPI_FMT_PGP, NULL, 0, &nbytes, a) )
|
if ( gcry_mpi_print (GCRYMPI_FMT_PGP, NULL, 0, &nbytes, a) )
|
||||||
BUG ();
|
BUG ();
|
||||||
|
|
@ -308,9 +307,7 @@ checksum_mpi (gcry_mpi_t a)
|
||||||
gcry_xmalloc_secure (nbytes) : gcry_xmalloc (nbytes));
|
gcry_xmalloc_secure (nbytes) : gcry_xmalloc (nbytes));
|
||||||
if ( gcry_mpi_print (GCRYMPI_FMT_PGP, buffer, nbytes, NULL, a) )
|
if ( gcry_mpi_print (GCRYMPI_FMT_PGP, buffer, nbytes, NULL, a) )
|
||||||
BUG ();
|
BUG ();
|
||||||
nbits = gcry_mpi_get_nbits (a);
|
csum = checksum (buffer, nbytes);
|
||||||
csum = checksum_u16 (nbits);
|
|
||||||
csum += checksum (buffer, nbytes);
|
|
||||||
xfree (buffer);
|
xfree (buffer);
|
||||||
return csum;
|
return csum;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1490,9 +1490,10 @@ parse_signature( IOBUF inp, int pkttype, unsigned long pktlen,
|
||||||
if( list_mode )
|
if( list_mode )
|
||||||
fprintf (listfp, "\tunknown algorithm %d\n", sig->pubkey_algo );
|
fprintf (listfp, "\tunknown algorithm %d\n", sig->pubkey_algo );
|
||||||
unknown_pubkey_warning( sig->pubkey_algo );
|
unknown_pubkey_warning( sig->pubkey_algo );
|
||||||
/* we store the plain material in data[0], so that we are able
|
/* We store the plain material in data[0], so that we are able
|
||||||
* to write it back with build_packet() */
|
* to write it back with build_packet() */
|
||||||
sig->data[0]= mpi_set_opaque(NULL, read_rest(inp, pktlen, 0), pktlen );
|
sig->data[0]= gcry_mpi_set_opaque (NULL, read_rest(inp, pktlen, 0),
|
||||||
|
pktlen*8 );
|
||||||
pktlen = 0;
|
pktlen = 0;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
|
@ -1715,8 +1716,8 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
|
||||||
size_t snlen = 0;
|
size_t snlen = 0;
|
||||||
|
|
||||||
if( !npkey ) {
|
if( !npkey ) {
|
||||||
sk->skey[0] = mpi_set_opaque( NULL,
|
sk->skey[0] = gcry_mpi_set_opaque (NULL, read_rest(inp, pktlen, 0),
|
||||||
read_rest(inp, pktlen, 0), pktlen );
|
pktlen*8 );
|
||||||
pktlen = 0;
|
pktlen = 0;
|
||||||
goto leave;
|
goto leave;
|
||||||
}
|
}
|
||||||
|
|
@ -1894,15 +1895,17 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
|
||||||
if( sk->protect.s2k.mode == 1001
|
if( sk->protect.s2k.mode == 1001
|
||||||
|| sk->protect.s2k.mode == 1002 ) {
|
|| sk->protect.s2k.mode == 1002 ) {
|
||||||
/* better set some dummy stuff here */
|
/* better set some dummy stuff here */
|
||||||
sk->skey[npkey] = mpi_set_opaque(NULL, xstrdup("dummydata"), 10);
|
sk->skey[npkey] = gcry_mpi_set_opaque(NULL,
|
||||||
|
xstrdup("dummydata"), 10*8);
|
||||||
pktlen = 0;
|
pktlen = 0;
|
||||||
}
|
}
|
||||||
else if( is_v4 && sk->is_protected ) {
|
else if( is_v4 && sk->is_protected ) {
|
||||||
/* ugly; the length is encrypted too, so we read all
|
/* ugly; the length is encrypted too, so we read all
|
||||||
* stuff up to the end of the packet into the first
|
* stuff up to the end of the packet into the first
|
||||||
* skey element */
|
* skey element */
|
||||||
sk->skey[npkey] = mpi_set_opaque(NULL,
|
sk->skey[npkey] = gcry_mpi_set_opaque (NULL,
|
||||||
read_rest(inp, pktlen, 0),pktlen);
|
read_rest(inp, pktlen, 0),
|
||||||
|
pktlen*8);
|
||||||
pktlen = 0;
|
pktlen = 0;
|
||||||
if( list_mode ) {
|
if( list_mode ) {
|
||||||
fprintf (listfp, "\tencrypted stuff follows\n");
|
fprintf (listfp, "\tencrypted stuff follows\n");
|
||||||
|
|
@ -1942,8 +1945,9 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
|
||||||
PKT_public_key *pk = pkt->pkt.public_key;
|
PKT_public_key *pk = pkt->pkt.public_key;
|
||||||
|
|
||||||
if( !npkey ) {
|
if( !npkey ) {
|
||||||
pk->pkey[0] = mpi_set_opaque( NULL,
|
pk->pkey[0] = gcry_mpi_set_opaque ( NULL,
|
||||||
read_rest(inp, pktlen, 0), pktlen );
|
read_rest(inp, pktlen, 0),
|
||||||
|
pktlen*8 );
|
||||||
pktlen = 0;
|
pktlen = 0;
|
||||||
goto leave;
|
goto leave;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -76,7 +76,7 @@ do_show_revocation_reason( PKT_signature *sig )
|
||||||
fputs( text, log_get_stream() );
|
fputs( text, log_get_stream() );
|
||||||
else
|
else
|
||||||
fprintf( log_get_stream(), "code=%02x", *p );
|
fprintf( log_get_stream(), "code=%02x", *p );
|
||||||
putc( '\n', log_get_stream() );
|
log_printf ("\n");
|
||||||
n--; p++;
|
n--; p++;
|
||||||
pp = NULL;
|
pp = NULL;
|
||||||
do {
|
do {
|
||||||
|
|
@ -88,9 +88,9 @@ do_show_revocation_reason( PKT_signature *sig )
|
||||||
if( n ) {
|
if( n ) {
|
||||||
pp = memchr( p, '\n', n );
|
pp = memchr( p, '\n', n );
|
||||||
nn = pp? pp - p : n;
|
nn = pp? pp - p : n;
|
||||||
log_info( _("revocation comment: ") );
|
log_info ( _("revocation comment: ") );
|
||||||
print_string( log_get_stream(), p, nn, 0 );
|
print_string ( log_get_stream(), p, nn, 0 );
|
||||||
putc( '\n', log_get_stream() );
|
log_printf ("\n");
|
||||||
p += nn; n -= nn;
|
p += nn; n -= nn;
|
||||||
}
|
}
|
||||||
} while( pp );
|
} while( pp );
|
||||||
|
|
|
||||||
|
|
@ -308,7 +308,7 @@ get_it( PKT_pubkey_enc *enc, DEK *dek, PKT_secret_key *sk, u32 *keyid )
|
||||||
|
|
||||||
if ( pk && pk->is_revoked ) {
|
if ( pk && pk->is_revoked ) {
|
||||||
log_info( _("NOTE: key has been revoked") );
|
log_info( _("NOTE: key has been revoked") );
|
||||||
putc( '\n', log_get_stream() );
|
log_printf ("\n");
|
||||||
show_revocation_reason( pk, 1 );
|
show_revocation_reason( pk, 1 );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -220,8 +220,7 @@ encode_md_value (PKT_public_key *pk, PKT_secret_key *sk,
|
||||||
{
|
{
|
||||||
/* It's a DSA signature, so find out the size of q. */
|
/* It's a DSA signature, so find out the size of q. */
|
||||||
|
|
||||||
unsigned int qbytes = gcry_mpi_get_nbits (pk?pk->pkey[1]:sk->skey[1]);
|
size_t qbytes = gcry_mpi_get_nbits (pk?pk->pkey[1]:sk->skey[1]);
|
||||||
size_t n;
|
|
||||||
|
|
||||||
/* Make sure it is a multiple of 8 bits. */
|
/* Make sure it is a multiple of 8 bits. */
|
||||||
|
|
||||||
|
|
@ -259,7 +258,7 @@ encode_md_value (PKT_public_key *pk, PKT_secret_key *sk,
|
||||||
}
|
}
|
||||||
|
|
||||||
if (gcry_mpi_scan (&frame, GCRYMPI_FMT_USG,
|
if (gcry_mpi_scan (&frame, GCRYMPI_FMT_USG,
|
||||||
gcry_md_read (md, hash_algo), n, &n))
|
gcry_md_read (md, hash_algo), qbytes, &qbytes))
|
||||||
BUG();
|
BUG();
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,9 @@
|
||||||
|
2006-06-28 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
|
* app-openpgp.c (do_writekey): Fixed computation of memmove
|
||||||
|
length. This led to garbled keys if E was larger than one byte.
|
||||||
|
Thanks to Achim Pietig for hinting at the garbled E.
|
||||||
|
|
||||||
2006-06-09 Marcus Brinkmann <marcus@g10code.de>
|
2006-06-09 Marcus Brinkmann <marcus@g10code.de>
|
||||||
|
|
||||||
* Makefile.am (scdaemon_LDADD): Add $(NETLIBS).
|
* Makefile.am (scdaemon_LDADD): Add $(NETLIBS).
|
||||||
|
|
|
||||||
|
|
@ -1828,7 +1828,7 @@ do_writekey (app_t app, ctrl_t ctrl,
|
||||||
if (rsa_e_len < 4)
|
if (rsa_e_len < 4)
|
||||||
{
|
{
|
||||||
/* Right justify E. */
|
/* Right justify E. */
|
||||||
memmove (tp+4-rsa_e_len, tp, 4-rsa_e_len);
|
memmove (tp+4-rsa_e_len, tp, rsa_e_len);
|
||||||
memset (tp, 0, 4-rsa_e_len);
|
memset (tp, 0, 4-rsa_e_len);
|
||||||
}
|
}
|
||||||
tp += 4;
|
tp += 4;
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue