ready for a new release

NEWS

@@ -1,5 +1,24 @@
 Noteworthy changes in version 0.3.3
 -----------------------------------
+    * IMPORTANT: I found yet another bug in the way the secret keys
+      are encrypted - I did it the way pgp 2.x did it, but OpenPGP
+      and pgp 5.x specifiy another (in some aspects simpler) method.
+      To convert your secret keys you have to do this:
+	1. Build the new release but don't install it and keep
+	   a copy of the old program.
+	2. Disable the network, make sure that you are the only
+	   user, be sure that there are no trojan horses etc ....
+	3. Use your old gpg (version 0.3.[12]) and set the
+	   passphrases of ALL your secret keys to empty!
+	   (gpg --change-passphrase your-user-id).
+	4. Save your ownertrusts (see the next point)
+	5. rm ~/.gnupg/trustd.gpg
+	6. install the new version of gpg (0.3.3)
+	7. For every secret key call "gpg --edit-key your-user-id",
+	   enter "passwd" at the prompt, follow the instructions and
+	   change your passward back, enter "save" to store it.
+	8. Restore the ownertrust (see next point).
+
     * The format of the trust database has changed; you must delete
       the old one, so gnupg can create a new one.
       IMPORTANT: Use version 0.3.[12] to save your assigned ownertrusts
@@ -43,8 +62,13 @@ Noteworthy changes in version 0.3.3
       Twofish is the AES submission from Schneier et al.; see
       "www.counterpane.com/twofish.html" for more information.
 
-    * [talk about --emulate-encr-mpi-bug]
+    * Started with a help system: If you enter a question mark at some
+      prompt; you should get a specific help for this prompt.
 
+    * There is no more backup copy of the secret keyring.
+
+    * A lot of new bugs. I think this release is not as stable as
+      the previous one.
 
 
 Noteworthy changes in version 0.3.2

README

@@ -2,6 +2,10 @@
 		 -------------------------------
 			  Version 0.3
 
+    WARNING: IF YOU ARE ALREADY USING GNUPG YOU SHOULD NOW MAKE A BACKUP
+    OF "gpg" BECAUSE YOU NEED IT TO CONVERT YOUR PASSPHRASE AND OTHER
+    THINGS - SEE "NEWS"!
+
 
     As you can see from the version number, the program may have some
     bugs and some features may not work at all - please report this to

TODO

@@ -1,4 +1,5 @@
-    * Fix Oscaris problems with the trustdb.
+
+    * salted and iterated S2Ks don't work (see passphrase.c).
 
     * Replace the SIGUSR1 stuff by semaphores to avoid loss of a signal.
 
@@ -11,6 +12,7 @@
       what does pgp 5 do, what does OpenPGP say=
       ==> I think it is okay, should be tested against pgp5
 
+    * Fix Oscaris problems with the trustdb.
     * invalid packets (Marco)  und Markus Gruber
 
     * add some sanity checks to read_keyblock, so that we are sure that
@@ -47,4 +49,5 @@
 
     * change the fake_data stuff to mpi_set_opaque
 
+    * Is it okay to use gettext for the help system???
 

VERSION

@@ -1 +1 @@
-0.3.2b
+0.3.2c

checks/run-gpg

@@ -1,12 +1,18 @@
 #!/bin/sh
 
+[ -n "$show_cmds" ] && echo "../g10/gpg --homedir . $*"
+
 if ! ../g10/gpg --homedir . $* 2>err.tmp.$$ ; then
     echo "(../g10/gpg --homedir . $*) failed" >&2
     cat err.tmp.$$ >&2
     rm err.tmp.$$
     exit 1
 fi
-grep -v 'gpg: Good signature from' err.tmp.$$ \
+fgrep -v -f - err.tmp.$$ <<EOF
- | grep -v 'gpg: Signature made ' || true
+gpg: Good signature from
+gpg: Signature made
+gpg: note: cipher algorithm 3 not found in preferences
+gpg: note: cipher algorithm 4 not found in preferences
+EOF
 rm err.tmp.$$
 

cipher/g10c.c

@@ -36,3 +36,9 @@ g10c_generate_secret_prime( unsigned nbits )
 }
 
 
+char *
+g10c_get_random_bits( unsigned nbits, int level, int secure )
+{
+    return (char*)get_random_bits( nbits, level, secure );
+}
+

configure.in

@@ -21,7 +21,7 @@ fi
 
 VERSION=`cat $srcdir/VERSION`
 PACKAGE=gnupg
-ALL_LINGUAS="de it"
+ALL_LINGUAS="en de it"
 AC_SUBST(VERSION)
 AC_SUBST(PACKAGE)
 AC_DEFINE_UNQUOTED(VERSION, "$VERSION")

g10/ChangeLog

@@ -1,3 +1,11 @@
+Sat Aug  8 17:26:12 1998  Werner Koch  (wk@(none))
+
+	* openfile (overwrite_filep): Changed semantics and all callers.
+
+Sat Aug  8 12:17:07 1998  Werner Koch  (wk@(none))
+
+	* status.c (display_help): New.
+
 Thu Aug  6 16:30:41 1998  Werner Koch,mobil,,,	(wk@tobold)
 
 	* seskey.c (encode_session_key): Now uses get_random_bits().

g10/build-packet.c

@@ -310,9 +310,11 @@ do_secret_key( IOBUF out, int ctb, PKT_secret_key *sk )
     }
     else
 	iobuf_put(a, 0 );
-    if( sk->is_protected && sk->version >= 4
+    if( sk->is_protected && sk->version >= 4 ) {
-			 && !(opt.emulate_bugs & EMUBUG_ENCR_MPI) ) {
+	byte *p;
-	BUG();
+	assert( mpi_is_opaque( sk->skey[npkey] ) );
+	p = mpi_get_opaque( sk->skey[npkey], &i );
+	iobuf_write(a, p, i );
     }
     else {
 	for(   ; i < nskey; i++ )

g10/g10.c

@@ -173,7 +173,7 @@ static ARGPARSE_OPTS opts[] = {
     { 559, "always-trust", 0, "@"},
     { 562, "emulate-checksum-bug", 0, "@"},
     { 554, "run-as-shm-coprocess", 4, "@" },
-    { 568, "emulate-encr-mpi-bug", 0, "@"},
+     /* 568 unused */
 {0} };
 
 
@@ -598,7 +598,6 @@ main( int argc, char **argv )
 	    log_error("shared memory coprocessing is not available\n");
 	  #endif
 	    break;
-	  case 568: opt.emulate_bugs |= EMUBUG_ENCR_MPI; break;
 	  default : errors++; pargs.err = configfp? 1:2; break;
 	}
     }

g10/keyedit.c

@@ -266,7 +266,7 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified )
 	tty_print_string( p, n );
 	tty_printf("\"\n\n");
 	m_free(p);
-	p = cpr_get("sign_uid.really", _("Really sign? "));
+	p = cpr_get(N_("sign_uid.okay"), _("Really sign? "));
 	cpr_kill_prompt();
 	if( !answer_is_yes(p) ) {
 	    m_free(p);
@@ -400,7 +400,8 @@ delete_key( const char *username, int secret )
 	m_free(p);
 	tty_printf("\n\n");
 
-	p = cpr_get( secret? "delete_key.secret.really":"delete_key.really",
+	p = cpr_get( secret? N_("delete_key.secret.okay")
+			   : N_("delete_key.okay"),
 			      _("Delete this key from the keyring? "));
 	cpr_kill_prompt();
 	if( !cpr_enabled() && secret && answer_is_yes(p)) {
@@ -410,7 +411,8 @@ delete_key( const char *username, int secret )
 	     * basic texts about security.
 	     */
 	    m_free(p);
-	    p = tty_get(_("This is a secret key! - really delete? "));
+	    p = cpr_get(N_("delete_key.secret.okay"),
+			 _("This is a secret key! - really delete? "));
 	}
 	if( answer_is_yes(p) )
 	    okay++;
@@ -496,7 +498,7 @@ change_passphrase( KBNODE keyblock )
 		rc = 0;
 		tty_printf(_( "You don't want a passphrase -"
 			    " this is probably a *bad* idea!\n\n"));
-		if( cpr_get_answer_is_yes("change_passwd.empty",
+		if( cpr_get_answer_is_yes(N_("change_passwd.empty.okay"),
 			       _("Do you really want to do this? ")))
 		    changed++;
 		break;
@@ -632,7 +634,7 @@ keyedit_menu( const char *username, STRLIST locusr )
 	    redisplay = 0;
 	}
 	m_free(answer);
-	answer = cpr_get("keyedit.cmd", _("Command> "));
+	answer = cpr_get(N_("keyedit.cmd"), _("Command> "));
 	cpr_kill_prompt();
 	trim_spaces(answer);
 
@@ -674,9 +676,11 @@ keyedit_menu( const char *username, STRLIST locusr )
 	  case cmdQUIT:
 	    if( !modified && !sec_modified )
 		goto leave;
-	    if( !cpr_get_answer_is_yes("keyedit.save",_("Save changes? ")) ) {
+	    if( !cpr_get_answer_is_yes(N_("keyedit.save.okay"),
+					_("Save changes? ")) ) {
 		if( cpr_enabled()
-		    || tty_get_answer_is_yes(_("Quit without saving? ")) )
+		    || cpr_get_answer_is_yes(N_("keyedit.cancel.okay"),
+					     _("Quit without saving? ")) )
 		    goto leave;
 		break;
 	    }
@@ -731,7 +735,8 @@ keyedit_menu( const char *username, STRLIST locusr )
 
 	  case cmdSIGN: /* sign (only the public key) */
 	    if( count_uids(keyblock) > 1 && !count_selected_uids(keyblock) ) {
-		if( !tty_get_answer_is_yes(_("Really sign all user ids? ")) ) {
+		if( !cpr_get_answer_is_yes(N_("keyedit.signall.okay"),
+					   _("Really sign all user ids? ")) ) {
 		    tty_printf(_("Hint: Select the user ids to sign\n"));
 		    break;
 		}
@@ -763,7 +768,8 @@ keyedit_menu( const char *username, STRLIST locusr )
 		    tty_printf(_("You must select at least one user id.\n"));
 		else if( count_uids(keyblock) - n1 < 1 )
 		    tty_printf(_("You can't delete the last user id!\n"));
-		else if( tty_get_answer_is_yes(
+		else if( cpr_get_answer_is_yes(
+			    N_("keyedit.remove.uid.okay"),
 			n1 > 1? _("Really remove all selected user ids? ")
 			      : _("Really remove this user id? ")
 		       ) ) {
@@ -789,7 +795,8 @@ keyedit_menu( const char *username, STRLIST locusr )
 
 		if( !(n1=count_selected_keys( keyblock )) )
 		    tty_printf(_("You must select at least one key.\n"));
-		else if( sec_keyblock && !tty_get_answer_is_yes(
+		else if( sec_keyblock && !cpr_get_answer_is_yes(
+			    N_("keyedit.remove.subkey.okay"),
 		       n1 > 1?
 			_("Do you really want to delete the selected keys? "):
 			_("Do you really want to delete this key? ")

g10/keygen.c

@@ -390,8 +390,8 @@ ask_algo( int *ret_v4, int addmode )
 
     *ret_v4 = 1;
     for(;;) {
-	answer = cpr_get("keygen.algo",_("Your selection? "));
+	answer = cpr_get(N_("keygen.algo"),_("Your selection? "));
-	tty_kill_prompt();
+	cpr_kill_prompt();
 	algo = *answer? atoi(answer): 1;
 	m_free(answer);
 	if( algo == 1 && !addmode ) {
@@ -434,8 +434,9 @@ ask_keysize( int algo )
 		 "    highest suggested keysize is 2048 bits\n"),
 					pubkey_algo_to_string(algo) );
     for(;;) {
-	answer = cpr_get("keygen.size",_("What keysize do you want? (1024) "));
+	answer = cpr_get(N_("keygen.size"),
-	tty_kill_prompt();
+			  _("What keysize do you want? (1024) "));
+	cpr_kill_prompt();
 	nbits = *answer? atoi(answer): 1024;
 	m_free(answer);
 	if( algo == PUBKEY_ALGO_DSA && (nbits < 512 || nbits > 1024) )
@@ -445,7 +446,7 @@ ask_keysize( int algo )
 	else if( nbits > 2048 && !cpr_enabled() ) {
 	    tty_printf(_("Keysizes larger than 2048 are not suggested because "
 			 "computations take REALLY long!\n"));
-	    if( tty_get_answer_is_yes(_(
+	    if( cpr_get_answer_is_yes(N_("keygen.size.huge.okay"),_(
 			"Are you sure that you want this keysize? ")) ) {
 		tty_printf(_("Okay, but keep in mind that your monitor "
 			     "and keyboard radiation is also very vulnerable "
@@ -454,7 +455,7 @@ ask_keysize( int algo )
 	    }
 	}
 	else if( nbits > 1536 && !cpr_enabled() ) {
-	    if( tty_get_answer_is_yes(_(
+	    if( cpr_get_answer_is_yes(N_("keygen.size.large.okay"),_(
 		    "Do you really need such a large keysize? ")) )
 		break;
 	}
@@ -495,8 +496,8 @@ ask_valid_days()
 	int mult;
 
 	m_free(answer);
-	answer = cpr_get("keygen.valid",_("Key is valid for? (0) "));
+	answer = cpr_get(N_("keygen.valid"),_("Key is valid for? (0) "));
-	tty_kill_prompt();
+	cpr_kill_prompt();
 	trim_spaces(answer);
 	if( !*answer )
 	    valid_days = 0;
@@ -519,7 +520,8 @@ ask_valid_days()
 	}
 
 	if( !cpr_enabled()
-	     && tty_get_answer_is_yes(_("Is this correct (y/n)? ")) )
+	     && cpr_get_answer_is_yes(N_("keygen.valid.okay"),
+				       _("Is this correct (y/n)? ")) )
 	    break;
     }
     m_free(answer);
@@ -558,9 +560,9 @@ ask_user_id( int mode )
 	if( !aname ) {
 	    for(;;) {
 		m_free(aname);
-		aname = cpr_get("keygen.name",_("Real name: "));
+		aname = cpr_get(N_("keygen.name"),_("Real name: "));
 		trim_spaces(aname);
-		tty_kill_prompt();
+		cpr_kill_prompt();
 		if( strpbrk( aname, "<([])>" ) )
 		    tty_printf(_("Invalid character in name\n"));
 		else if( isdigit(*aname) )
@@ -574,10 +576,10 @@ ask_user_id( int mode )
 	if( !amail ) {
 	    for(;;) {
 		m_free(amail);
-		amail = cpr_get("keygen.email",_("Email address: "));
+		amail = cpr_get(N_("keygen.email"),_("Email address: "));
 		trim_spaces(amail);
 		strlwr(amail);
-		tty_kill_prompt();
+		cpr_kill_prompt();
 		if( !*amail )
 		    break;   /* no email address is okay */
 		else if( has_invalid_email_chars(amail)
@@ -594,9 +596,9 @@ ask_user_id( int mode )
 	if( !acomment ) {
 	    for(;;) {
 		m_free(acomment);
-		acomment = cpr_get("keygen.comment",_("Comment: "));
+		acomment = cpr_get(N_("keygen.comment"),_("Comment: "));
 		trim_spaces(acomment);
-		tty_kill_prompt();
+		cpr_kill_prompt();
 		if( !*acomment )
 		    break;   /* no comment is okay */
 		else if( strpbrk( acomment, "()" ) )
@@ -630,9 +632,9 @@ ask_user_id( int mode )
 		answer[1] = 0;
 	    }
 	    else {
-		answer = tty_get(_(
+		answer = cpr_get(N_("keygen.userid.cmd"),_(
 		    "Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? "));
-		tty_kill_prompt();
+		cpr_kill_prompt();
 	    }
 	    if( strlen(answer) > 1 )
 		;
@@ -959,7 +961,8 @@ generate_subkeypair( KBNODE pub_keyblock, KBNODE sec_keyblock )
     assert(algo);
     nbits = ask_keysize( algo );
     ndays = ask_valid_days();
-    if( !cpr_enabled() && !tty_get_answer_is_yes( _("Really create? ") ) )
+    if( !cpr_enabled() && !cpr_get_answer_is_yes(N_("keygen.sub.okay"),
+						  _("Really create? ") ) )
 	goto leave;
 
     if( passphrase ) {

g10/openfile.c

@@ -30,51 +30,35 @@
 #include "ttyio.h"
 #include "options.h"
 #include "main.h"
+#include "status.h"
+#include "i18n.h"
 
 
 /****************
  * Check whether FNAME exists and ask if it's okay to overwrite an
  * existing one.
- * Returns: -1 : Do not overwrite
+ * Returns: True: it's okay to overwrite or the file does not exist
- *	    0 : it's okay to overwrite or the file does not exist
+ *	    False: Do not overwrite
- *	    >0 : other error
  */
 int
 overwrite_filep( const char *fname )
 {
     if( !fname || (*fname == '-' && !fname[1]) )
-	return 0; /* stdout */
+	return 1; /* writing to stdout is always okay */
-    if( !access( fname, F_OK ) ) {
-	char *p;
-	int okay;
-	int first = 1;
 
+    if( access( fname, F_OK ) )
+	return 1; /* does not exist */
+
+    /* fixme: add some backup stuff in case of overwrite */
     if( opt.answer_yes )
-	    okay = 1;
+	return 1;
-	else if( opt.answer_no || opt.batch )
+    if( opt.answer_no || opt.batch )
-	    okay = 2;
+	return 0;  /* do not overwrite */
-	else
-	    okay = 0;
 
-	while( !okay ) {
+    tty_printf(_("File '%s' exists. "), fname);
-	    if( first ) {
+    if( cpr_get_answer_is_yes(N_("openfile.overwrite.okay"),
-		tty_printf("File '%s' exists. ", fname);
+			       _("Overwrite (y/N)? ")) )
-		first = 0;
+	return 1;
-	    }
-	    p = tty_get("Overwrite (y/N)? ");
-	    tty_kill_prompt();
-	    if( (*p == 'y' || *p == 'Y') && !p[1] )
-		okay = 1;
-	    else if( !*p || ((*p == 'n' || *p == 'N') && !p[1]) )
-		okay = 2;
-	    else
-		okay = 0;
-	    m_free(p);
-	}
-	if( okay == 2 )
-	    return -1;
-	/* fixme: add some backup stuff */
-    }
     return 0;
 }
 
@@ -90,7 +74,6 @@ IOBUF
 open_outfile( const char *iname, int mode )
 {
     IOBUF a = NULL;
-    int rc;
 
     if( (!iname || (*iname=='-' && !iname[1])) && !opt.outfile ) {
 	if( !(a = iobuf_create(NULL)) )
@@ -110,14 +93,12 @@ open_outfile( const char *iname, int mode )
 				      mode==2 ? ".sig" : ".gpg");
 	    name = buf;
 	}
-	if( !(rc=overwrite_filep( name )) ) {
+	if( overwrite_filep( name ) ) {
 	    if( !(a = iobuf_create( name )) )
 		log_error("can't create %s: %s\n", name, strerror(errno) );
 	    else if( opt.verbose )
 		log_info("writing to '%s'\n", name );
 	}
-	else if( rc != -1 )
-	    log_error("oops: overwrite_filep(%s): %s\n", name, g10_errstr(rc) );
 	m_free(buf);
     }
     return a;

g10/options.h

@@ -56,7 +56,6 @@ struct {
 
 
 #define EMUBUG_GPGCHKSUM  1
-#define EMUBUG_ENCR_MPI   2
 
 #define DBG_PACKET_VALUE  1	/* debug packet reading/writing */
 #define DBG_MPI_VALUE	  2	/* debug mpi details */

g10/parse-packet.c

@@ -1102,8 +1102,8 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
 	 * If the user is so careless, not to protect his secret key,
 	 * we can assume, that he operates an open system :=(.
 	 * So we put the key into secure memory when we unprotect it. */
-	if( is_v4 && sk->is_protected && !(opt.emulate_bugs & EMUBUG_ENCR_MPI)){
+	if( is_v4 && sk->is_protected ){
-	    /* ugly; the length is encrypted too, so wee read all
+	    /* ugly; the length is encrypted too, so we read all
 	     * stuff up to the end of the packet into the first
 	     * skey element */
 	    sk->skey[npkey] = mpi_set_opaque(NULL,

g10/passphrase.c

@@ -32,6 +32,7 @@
 #include "keydb.h"
 #include "main.h"
 #include "i18n.h"
+#include "status.h"
 
 static int pwfd = -1;
 static char *next_pw = NULL;
@@ -129,6 +130,12 @@ passphrase_to_dek( u32 *keyid, int cipher_algo, STRING2KEY *s2k, int mode )
 	tty_printf("\n");
 	free_public_key( pk );
     }
+    else if( keyid && !next_pw ) {
+	char buf[20];
+	sprintf( buf, "%08lX%08lX", (ulong)keyid[0], (ulong)keyid[1] );
+	write_status_text( STATUS_NEED_PASSPHRASE, buf );
+    }
+
     if( next_pw ) {
 	pw = next_pw;
 	next_pw = NULL;
@@ -157,10 +164,11 @@ passphrase_to_dek( u32 *keyid, int cipher_algo, STRING2KEY *s2k, int mode )
     else if( opt.batch )
 	log_fatal("Can't query password in batchmode\n");
     else {
-	pw = tty_get_hidden("Enter pass phrase: " );
+	pw = cpr_get_hidden(N_("passphrase.enter"), _("Enter pass phrase: ") );
 	tty_kill_prompt();
-	if( mode == 2 ) {
+	if( mode == 2 && !cpr_enabled() ) {
-	    char *pw2 = tty_get_hidden("Repeat pass phrase: " );
+	    char *pw2 = cpr_get_hidden(N_("passphrase.repeat"),
+				       _("Repeat pass phrase: ") );
 	    tty_kill_prompt();
 	    if( strcmp(pw, pw2) ) {
 		m_free(pw2);
@@ -205,7 +213,7 @@ hash_passphrase( DEK *dek, char *pw, STRING2KEY *s2k, int create )
 
 	if( s2k->mode == 3 ) {
 	    count = (16ul + (s2k->count & 15)) << ((s2k->count >> 4) + 6);
-	    log_info("s2k iteration count=%lu\n", count );
+	    log_debug("s2k iteration count=%lu\n", count );
 	}
 	for(;;) {
 	    md_write( md, s2k->salt, 8 );

g10/pkclist.c

@@ -84,17 +84,11 @@ edit_ownertrust( ulong lid, int mode )
 " s = please show me more information\n\n") );
 
     for(;;) {
-	p = tty_get(_("Your decision? "));
+	p = cpr_get(N_("edit_ownertrust.value"),_("Your decision? "));
 	trim_spaces(p);
-	tty_kill_prompt();
+	cpr_kill_prompt();
 	if( *p && p[1] )
 	    ;
-	else if( *p == '?' ) {
-	    tty_printf(_(
-"It's up to you to assign a value here; this value will never be exported\n"
-"to any 3rd party.  We need it to implement the web-of-trust; it has nothing\n"
-"to do with the (implicitly created) web-of-certificates.\n"));
-	}
 	else if( !p[1] && (*p >= '1' && *p <= '4') ) {
 	    unsigned trust;
 	    switch( *p ) {
@@ -173,18 +167,12 @@ do_we_trust( PKT_public_key *pk, int trustlevel )
     int rc;
 
     if( (trustlevel & TRUST_FLAG_REVOKED) ) {
-	char *answer;
-	int yes;
-
 	log_info("key has been revoked!\n");
 	if( opt.batch )
 	    return 0;
 
-	answer = tty_get("Use this key anyway? ");
+	if( !cpr_get_answer_is_yes(N_("revoked_key.override"),
-	tty_kill_prompt();
+				    _("Use this key anyway? ")) )
-	yes = answer_is_yes(answer);
-	m_free(answer);
-	if( !yes )
 	    return 0;
     }
 
@@ -265,18 +253,14 @@ do_we_trust_pre( PKT_public_key *pk, int trustlevel )
     int rc = do_we_trust( pk, trustlevel );
 
     if( !opt.batch && !rc ) {
-	char *answer;
-
 	tty_printf(_(
 "It is NOT certain that the key belongs to its owner.\n"
 "If you *really* know what you are doing, you may answer\n"
 "the next question with yes\n\n") );
 
-	answer = tty_get("Use this key anyway? ");
+	if( cpr_get_answer_is_yes(N_("untrusted_key.override"),
-	tty_kill_prompt();
+				   _("Use this key anyway? "))  )
-	if( answer_is_yes(answer) )
 	    rc = 1;
-	m_free(answer);
     }
     else if( opt.always_trust && !rc ) {
 	log_info(_("WARNING: Using untrusted key!\n"));
@@ -421,9 +405,10 @@ build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned usage )
 	for(;;) {
 	    rc = 0;
 	    m_free(answer);
-	    answer = tty_get(_("Enter the user ID: "));
+	    answer = cpr_get(N_("pklist.user_id.enter"),
+			      _("Enter the user ID: "));
 	    trim_spaces(answer);
-	    tty_kill_prompt();
+	    cpr_kill_prompt();
 	    if( !*answer )
 		break;
 	    if( pk )

g10/plaintext.c

@@ -30,6 +30,7 @@
 #include "ttyio.h"
 #include "filter.h"
 #include "main.h"
+#include "status.h"
 #include "i18n.h"
 
 
@@ -109,8 +110,7 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
 	/* no filename or "-" given; write to stdout */
 	fp = stdout;
     }
-    else if( (rc=overwrite_filep( fname )) ) {
+    else if( !overwrite_filep( fname ) ) {
-	if( rc == -1 )
 	rc = G10ERR_CREATE_FILE;
 	goto leave;
     }
@@ -207,8 +207,9 @@ ask_for_detached_datafile( md_filter_context_t *mfx, const char *inname )
 	tty_printf("Detached signature.\n");
 	do {
 	    m_free(answer);
-	    answer = tty_get("Please enter name of data file: ");
+	    answer = cpr_get(N_("detached_signature.filename"),
-	    tty_kill_prompt();
+			      _("Please enter name of data file: "));
+	    cpr_kill_prompt();
 	    if( any && !*answer ) {
 		rc = G10ERR_READ_FILE;
 		goto leave;

g10/pubkey-enc.c

@@ -31,6 +31,7 @@
 #include "trustdb.h"
 #include "cipher.h"
 #include "status.h"
+#include "i18n.h"
 
 
 /****************
@@ -134,7 +135,7 @@ get_session_key( PKT_pubkey_enc *k, DEK *dek )
 	    log_error("can't check algorithm against preferences\n");
 	else if( dek->algo != CIPHER_ALGO_3DES
 	    && !is_algo_in_prefs( pk->local_id, PREFTYPE_SYM, dek->algo ) )
-	    log_info("note: cipher algorithm %d not found in preferences\n",
+	    log_info(_("note: cipher algorithm %d not found in preferences\n"),
 								 dek->algo );
 	free_public_key( pk );
 	rc = 0;

g10/revoke.c

@@ -33,6 +33,8 @@
 #include "util.h"
 #include "main.h"
 #include "ttyio.h"
+#include "status.h"
+#include "i18n.h"
 
 
 /****************
@@ -53,8 +55,6 @@ gen_revoke( const char *uname )
     KBNODE keyblock = NULL;
     KBNODE node;
     KBPOS kbpos;
-    char *answer;
-    int yes;
 
     if( opt.batch ) {
 	log_error("sorry, can't do this in batch mode\n");
@@ -117,11 +117,8 @@ gen_revoke( const char *uname )
     }
 
     tty_printf("\n");
-    answer = tty_get("Create a revocation certificate for this key? ");
+    if( !cpr_get_answer_is_yes(N_("gen_revoke.okay"),
-    tty_kill_prompt();
+			_("Create a revocation certificate for this key? ")) ){
-    yes = answer_is_yes(answer);
-    m_free(answer);
-    if( !yes ) {
 	rc = 0;
 	goto leave;
     }

g10/seckey-cert.c

@@ -67,10 +67,11 @@ do_check( PKT_secret_key *sk )
 	memcpy(save_iv, sk->protect.iv, 8 );
 	cipher_decrypt( cipher_hd, sk->protect.iv, sk->protect.iv, 8 );
 	csum = 0;
-	if( sk->version >= 4 && !(opt.emulate_bugs & EMUBUG_ENCR_MPI) ) {
+	if( sk->version >= 4 ) {
 	    int ndata;
 	    byte *p, *data;
 
+
 	    i = pubkey_get_npkey(sk->pubkey_algo);
 	    assert( mpi_is_opaque( sk->skey[i] ) );
 	    p = mpi_get_opaque( sk->skey[i], &ndata );
@@ -78,10 +79,15 @@ do_check( PKT_secret_key *sk )
 	    cipher_decrypt( cipher_hd, data, p, ndata );
 	    mpi_free( sk->skey[i] ); sk->skey[i] = NULL ;
 	    p = data;
-	    csum = checksum( data, ndata);
+	    if( ndata < 2 ) {
-	    if( ndata < 2 )
+		log_error("not enough bytes for checksum\n");
-		log_bug("not enough bytes for checksum\n");
+		sk->csum = 0;
+		csum = 1;
+	    }
+	    else {
+		csum = checksum( data, ndata-2);
 		sk->csum = data[ndata-2] << 8 | data[ndata-1];
+	    }
 	    /* must check it here otherwise the mpi_read_xx would fail
 	     * because the length das an abritary value */
 	    if( sk->csum == csum ) {
@@ -198,7 +204,7 @@ is_secret_key_protected( PKT_secret_key *sk )
 int
 protect_secret_key( PKT_secret_key *sk, DEK *dek )
 {
-    int i, rc = 0;
+    int i,j, rc = 0;
     byte *buffer;
     unsigned nbytes;
     u16 csum;
@@ -219,12 +225,53 @@ protect_secret_key( PKT_secret_key *sk, DEK *dek )
 	    cipher_setkey( cipher_hd, dek->key, dek->keylen );
 	    cipher_setiv( cipher_hd, NULL );
 	    cipher_encrypt( cipher_hd, sk->protect.iv, sk->protect.iv, 8 );
-	    if( sk->version >= 4 && !(opt.emulate_bugs & EMUBUG_ENCR_MPI) ) {
+	    if( sk->version >= 4 ) {
-		BUG();
+	      #define NMPIS (PUBKEY_MAX_NSKEY - PUBKEY_MAX_NPKEY)
+		byte *buffer[NMPIS];
+		unsigned nbytes[NMPIS];
+		unsigned nbits[NMPIS];
+		int ndata=0;
+		byte *p, *data;
+
+		for(j=0, i = pubkey_get_npkey(sk->pubkey_algo);
+			i < pubkey_get_nskey(sk->pubkey_algo); i++, j++ ) {
+		    assert( !mpi_is_opaque( sk->skey[i] ) );
+		    buffer[j] = mpi_get_buffer( sk->skey[i], &nbytes[j], NULL );
+		    nbits[j]  = mpi_get_nbits( sk->skey[i] );
+		    ndata += nbytes[j] + 2;
+		}
+		for( ; j < NMPIS; j++ )
+		    buffer[j] = NULL;
+		ndata += 2; /* for checksum */
+
+		data = m_alloc_secure( ndata );
+		p = data;
+		for(j=0; j < NMPIS && buffer[j]; j++ ) {
+		    p[0] = nbits[j] >> 8 ;
+		    p[1] = nbits[j];
+		    p += 2;
+		    memcpy(p, buffer[j], nbytes[j] );
+		    p += nbytes[j];
+		    m_free(buffer[j]);
+		}
+	      #undef NMPIS
+		csum = checksum( data, ndata-2);
+		sk->csum = csum;
+		*p++ =	csum >> 8;
+		*p++ =	csum;
+		assert( p == data+ndata );
+		cipher_encrypt( cipher_hd, data, data, ndata );
+		for(i = pubkey_get_npkey(sk->pubkey_algo);
+			i < pubkey_get_nskey(sk->pubkey_algo); i++ ) {
+		    mpi_free( sk->skey[i] );
+		    sk->skey[i] = NULL;
+		}
+		i = pubkey_get_npkey(sk->pubkey_algo);
+		sk->skey[i] = mpi_set_opaque(NULL, data, ndata );
 	    }
 	    else {
 		/* NOTE: we always recalculate the checksum because there
-		 * are some * test releases which calculated it wrong */
+		 * are some test releases which calculated it wrong */
 		csum = 0;
 		for(i=pubkey_get_npkey(sk->pubkey_algo);
 			i < pubkey_get_nskey(sk->pubkey_algo); i++ ) {

g10/seskey.c

@@ -87,6 +87,24 @@ encode_session_key( DEK *dek, unsigned nbits )
     i = nframe - 6 - dek->keylen;
     assert( i > 0 );
     p = get_random_bits( i*8, 1, 1 );
+    /* replace zero bytes by new values */
+    for(;;) {
+	int j, k;
+	byte *pp;
+
+	/* count the zero bytes */
+	for(j=k=0; j < i; j++ )
+	    if( !p[j] )
+		k++;
+	if( !k )
+	    break; /* okay: no zero bytes */
+	k += k/128; /* better get some more */
+	pp = get_random_bits( k*8, 1, 1);
+	for(j=0; j < i && k ; j++ )
+	    if( !p[j] )
+		p[j] = pp[--k];
+	m_free(pp);
+    }
     memcpy( frame+n, p, i );
     m_free(p);
     n += i;

g10/status.c

@@ -37,6 +37,7 @@
 #include "ttyio.h"
 #include "options.h"
 #include "main.h"
+#include "i18n.h"
 
 static int fd = -1;
 #ifdef USE_SHM_COPROCESSING
@@ -87,6 +88,7 @@ write_status_text ( int no, const char *text)
       case STATUS_SHM_GET	 : s = "SHM_GET\n"; break;
       case STATUS_SHM_GET_BOOL	 : s = "SHM_GET_BOOL\n"; break;
       case STATUS_SHM_GET_HIDDEN : s = "SHM_GET_HIDDEN\n"; break;
+      case STATUS_NEED_PASSPHRASE: s = "NEED_PASSPHRASE\n"; break;
       default: s = "?\n"; break;
     }
 
@@ -194,6 +196,32 @@ do_shm_get( const char *keyword, int hidden, int bool )
 
 #endif /* USE_SHM_COPROCESSING */
 
+static void
+display_help( const char *keyword )
+{
+    char *p;
+    int hint = 0;
+
+    tty_kill_prompt();
+    if( !keyword ) {
+	tty_printf(_("No help available") );
+	hint++;
+    }
+    else {
+	p = _(keyword);
+	if( !strcmp( p, keyword ) ) {
+	    tty_printf(_("No help available for '%s'"), keyword );
+	    hint++;
+	}
+	else
+	    tty_printf("%s", p );
+    }
+    tty_printf("\n");
+    if( hint )
+	tty_printf("You should set your LANG variable to a valid value.\n"
+		   "Set LANG to \"en\" to see the English help texts.\n" );
+}
+
 
 int
 cpr_enabled()
@@ -208,21 +236,41 @@ cpr_enabled()
 char *
 cpr_get( const char *keyword, const char *prompt )
 {
+    char *p;
+
   #ifdef USE_SHM_COPROCESSING
     if( opt.shm_coprocess )
 	return do_shm_get( keyword, 0, 0 );
   #endif
-    return tty_get( prompt );
+    for(;;) {
+	p = tty_get( prompt );
+	if( *p == '?' && !p[1] ) {
+	    m_free(p);
+	    display_help( keyword );
+	}
+	else
+	    return p;
+    }
 }
 
 char *
 cpr_get_hidden( const char *keyword, const char *prompt )
 {
+    char *p;
+
   #ifdef USE_SHM_COPROCESSING
     if( opt.shm_coprocess )
 	return do_shm_get( keyword, 1, 0 );
   #endif
-    return tty_get_hidden( prompt );
+    for(;;) {
+	p = tty_get_hidden( prompt );
+	if( *p == '?' && !p[1] ) {
+	    m_free(p);
+	    display_help( keyword );
+	}
+	else
+	    return p;
+    }
 }
 
 void

g10/status.h

@@ -47,6 +47,7 @@
 #define STATUS_SHM_GET_BOOL    18
 #define STATUS_SHM_GET_HIDDEN  19
 
+#define STATUS_NEED_PASSPHRASE 20
 
 /*-- status.c --*/
 void set_status_fd ( int fd );

include/g10lib.h

@@ -70,6 +70,8 @@ int  g10m_invm( MPI x, MPI u, MPI v );
 unsigned g10m_get_nbits( MPI a );
 unsigned g10m_get_size( MPI a );
 
+void g10m_set_buffer( MPI a, const char *buffer, unsigned nbytes, int sign );
+
 
 /********************************************
  *******  symmetric cipher functions  *******
@@ -98,7 +100,7 @@ const char *g10c_revision_string(int mode);
 const char *g10u_revision_string(int mode);
 
 MPI   g10c_generate_secret_prime( unsigned nbits );
-unsigned char g10c_get_random_byte( int level );
+char *g10c_get_random_bits( unsigned nbits, int level, int secure );
 
 
 void *g10_malloc( size_t n );

mpi/g10m.c

@@ -85,3 +85,11 @@ g10m_get_size( MPI a )
     return mpi_get_nlimbs( a ) * BITS_PER_MPI_LIMB;
 }
 
+
+void
+g10m_set_buffer( MPI a, const char *buffer, unsigned nbytes, int sign )
+{
+    mpi_set_buffer( a, buffer, nbytes, sign );
+}
+
+

po/POTFILES.in

@@ -30,6 +30,8 @@ g10/sig-check.c
 g10/sign.c
 g10/trustdb.c
 g10/verify.c
+g10/status.c
+g10/pubkey-enc.c
 
 
 #---end--

po/de.po

@@ -1259,3 +1259,31 @@ msgid "key %08lX.%lu: trust check failed: %s\n"
 msgstr "Schlüssel %08lX.%lu: Vertrauensprüfung fehlgeschlagen: %s\n"
 
 
+
+
+
+#################################
+######## Help msgids ############
+#################################
+
+msgid "passphrase.enter"
+msgstr ""
+"Bitte geben Sie die \"Passhrase\" ein; dies ist ein geheimer Satz der aus\n"
+"beliebigen Zeichen bestehen kann.  Was Sie eingegeben wird nicht angezeigt.\n"
+"Zur ihrer eigenen Sicherbeit benutzen Sie biite einen Satz, den sie sich\n"
+"gut merken könne, der aber nicht leicht zu raten ist; Zitate und andere\n"
+"bekannte Texte sind eine SCHLECHTE Wahl, da diese mit Sicherheit Online\n"
+"verfügbar sind und durch entsprechende Programme zum Raten der \"Passphrase\"\n"
+"benutzt werden.  Sätze mit persönlicher Bedeutung die auch noch durch\n"
+"falsche Groß-/Kleinschreibung und eingestreute Sonderzeichen verändert werden,\n"
+"sind i.d.R. eine gute Wahl"
+
+msgid "passphrase.repeat"
+msgstr ""
+"Um sicher zugehen, daß Sie sich bei der Eingabe der \"Passphrase\" nicht\n"
+"vertippt haben, geben Sie diese bitte nochmal ein.  Nur wenn beide Eingaben\n"
+"übereinstimmen, wird die \"Passphrase\" akzeptiert."
+
+msgid "keyedit.cmd"
+msgstr "Geben Sie bitte \"help\" ein."
+

po/en.po

@@ -1,29 +1,128 @@
-
+msgid ""
-msgid "passphrase.enter"
 msgstr ""
-"Please enter the passhrase; this is a secret sentence which consists\n"
+"Date: 1998-08-08 18:07:50+0200\n"
-"beliebigen Zeichen bestehen kann.  Was Sie eingegeben wird nicht angezeigt.\n"
+"From: Werner Koch <wk@frodo>\n"
-"Zur ihrer eigenen Sicherbeit benutzen Sie biite einen Satz, den sie sich\n"
+"Content-Type: text/plain; charset=\n"
-"gut merken könne, der aber nicht leicht zu raten ist; Zitate und andere\n"
+"Xgettext-Options: --default-domain=gnupg --directory=.. --add-comments --keyword=_ --keyword=N_ --files-from=./POTFILES.in\n"
-"bekannte Texte sind eine SCHLECHTE Wahl, da diese mit Sicherheit Online\n"
+"Files: util/secmem.c util/argparse.c cipher/random.c cipher/rand-dummy.c cipher/rand-unix.c cipher/rand-w32.c g10/g10.c g10/pkclist.c g10/keygen.c g10/decrypt.c g10/encode.c g10/import.c g10/keyedit.c g10/keylist.c g10/mainproc.c g10/passphrase.c g10/plaintext.c g10/pref.c g10/seckey-cert.c g10/sig-check.c g10/sign.c g10/trustdb.c g10/verify.c g10/status.c g10/pubkey-enc.c\n"
-"verfügbar sind und durch entsprechende Programme zum Raten der \"Passphrase\"\n"
-"benutzt werden.  Sätze mit persönlicher Bedeutung die auch noch durch\n"
-"falsche Groß-/Kleinschreibung und eingestreute Sonderzeichen verändert werden,\n"
-"sind i.d.R. eine gute Wahl"
-
-msgid "passphrase.repeat"
-msgstr ""
-"Um sicher zugehen, daß Sie sich bei der Eingabe der \"Passphrase\" nicht\n"
-"vertippt haben, geben Sie diese bitte nochmal ein.  Nur wenn beide Eingaben\n"
-"übereinstimmen, wird die \"Passphrase\" akzeptiert."
-
-msgid "keyedit.cmd"
-msgstr "Please enter \"help\"."
-
 
+#: g10/pkclist.c:87
 msgid "edit_ownertrust.value"
 msgstr ""
 "It's up to you to assign a value here; this value will never be exported\n"
 "to any 3rd party.  We need it to implement the web-of-trust; it has nothing\n"
 "to do with the (implicitly created) web-of-certificates."
 
+#: g10/pkclist.c:174
+msgid "revoked_key.override"
+msgstr "If you want to use this revoked key anyway, answer \"yes\"."
+
+#: g10/pkclist.c:261
+msgid "untrusted_key.override"
+msgstr "If you want to use this untrusted key anyway, answer \"yes\"."
+
+#: g10/pkclist.c:408
+msgid "pklist.user_id.enter"
+msgstr "Enter the user id of the addresse to whom you want to send the message."
+
+#: g10/keygen.c:393
+msgid "keygen.algo"
+msgstr "Select the algorithm to use:"
+"Needs more explanation here."
+
+#: g10/keygen.c:437
+msgid "keygen.size"
+msgstr ""
+
+#: g10/keygen.c:449
+msgid "keygen.size.huge.okay"
+msgstr ""
+
+#: g10/keygen.c:458
+msgid "keygen.size.large.okay"
+msgstr ""
+
+#: g10/keygen.c:499
+msgid "keygen.valid"
+msgstr ""
+
+#: g10/keygen.c:523
+msgid "keygen.valid.okay"
+msgstr ""
+
+#: g10/keygen.c:563
+msgid "keygen.name"
+msgstr ""
+
+#: g10/keygen.c:579
+msgid "keygen.email"
+msgstr ""
+
+#: g10/keygen.c:599
+msgid "keygen.comment"
+msgstr ""
+
+#: g10/keygen.c:635
+msgid "keygen.userid.cmd"
+msgstr ""
+"N  to change the name.\n"
+"C  to change the comment.\n"
+"E  to change the email address.\n"
+"O  to continue with key generation.\n"
+"Q  to to quit the key generation."
+
+#: g10/keygen.c:964
+msgid "keygen.sub.okay"
+msgstr "Answer \"yes\" (or just \"y\") if it is okay to generate the sub key."
+
+#: g10/keyedit.c:269
+msgid "sign_uid.okay"
+msgstr ""
+
+#: g10/keyedit.c:403 g10/keyedit.c:414
+msgid "delete_key.secret.okay"
+msgstr ""
+
+#: g10/keyedit.c:404
+msgid "delete_key.okay"
+msgstr ""
+
+#: g10/keyedit.c:501
+msgid "change_passwd.empty.okay"
+msgstr ""
+
+#: g10/keyedit.c:637
+msgid "keyedit.cmd"
+msgstr "Please enter \"help\"."
+
+#: g10/keyedit.c:679
+msgid "keyedit.save.okay"
+msgstr ""
+
+#: g10/keyedit.c:682
+msgid "keyedit.cancel.okay"
+msgstr ""
+
+#: g10/keyedit.c:738
+msgid "keyedit.signall.okay"
+msgstr ""
+
+#: g10/keyedit.c:772
+msgid "keyedit.remove.uid.okay"
+msgstr ""
+
+#: g10/keyedit.c:799
+msgid "keyedit.remove.subkey.okay"
+msgstr ""
+
+#: g10/passphrase.c:167
+msgid "passphrase.enter"
+msgstr ""
+"Please enter the passhrase; this is a secret sentence \n"
+"  Blurb, blurb,.... "
+
+#: g10/passphrase.c:170
+msgid "passphrase.repeat"
+msgstr ""
+"Please repeat the last passphrase, so you are sure what you typed in."
+

util/ChangeLog

@@ -1,3 +1,7 @@
+Sat Aug  8 18:35:00 1998  Werner Koch  (wk@(none))
+
+	* ttyio.c (cleanup): New.
+
 Mon Aug  3 17:06:00 1998  Werner Koch  (wk@(none))
 
 	* secmem.c (MAP_ANON): Add a macro test

util/ttyio.c

@@ -56,9 +56,22 @@ static FILE *ttyfp = NULL;
 static int initialized;
 static int last_prompt_len;
 
+#ifdef HAVE_TCGETATTR
+static struct termios termsave;
+static int restore_termios;
+#endif
 
-
+#ifdef HAVE_TCGETATTR
-
+static void
+cleanup(void)
+{
+    if( restore_termios ) {
+	restore_termios = 0; /* do it prios in case it is interrupted again */
+	if( tcsetattr(fileno(ttyfp), TCSAFLUSH, &termsave) )
+	    log_error("tcsetattr() failed: %s\n", strerror(errno) );
+    }
+}
+#endif
 
 static void
 init_ttyfp()
@@ -94,6 +107,9 @@ init_ttyfp()
     ttyfp = fopen("/dev/tty", "r+");
     if( !ttyfp )
 	log_fatal("cannot open /dev/tty: %s\n", strerror(errno) );
+  #endif
+  #ifdef HAVE_TCGETATTR
+    atexit( cleanup );
   #endif
     initialized = 1;
 }
@@ -199,9 +215,6 @@ do_get( const char *prompt, int hidden )
     char *buf;
     byte cbuf[1];
     int c, n, i;
-  #ifdef HAVE_TCGETATTR
-    struct termios termsave;
-  #endif
 
     if( !initialized )
 	init_ttyfp();
@@ -252,6 +265,7 @@ do_get( const char *prompt, int hidden )
 
 	if( tcgetattr(fileno(ttyfp), &termsave) )
 	    log_fatal("tcgetattr() failed: %s\n", strerror(errno) );
+	restore_termios = 1;
 	term = termsave;
 	term.c_lflag &= ~(ECHO | ECHOE | ECHOK | ECHONL);
 	if( tcsetattr( fileno(ttyfp), TCSAFLUSH, &term ) )
@@ -284,6 +298,7 @@ do_get( const char *prompt, int hidden )
       #ifdef HAVE_TCGETATTR
 	if( tcsetattr(fileno(ttyfp), TCSAFLUSH, &termsave) )
 	    log_error("tcsetattr() failed: %s\n", strerror(errno) );
+	restore_termios = 0;
       #endif
     }
   #endif /* end unix version */

zlib/Makefile

@@ -66,7 +66,7 @@ host_alias = i586-pc-linux-gnu
 host_triplet = i586-pc-linux-gnu
 target_alias = i586-pc-linux-gnu
 target_triplet = i586-pc-linux-gnu
-CATALOGS =  de.gmo it.gmo
+CATALOGS =  en.gmo de.gmo it.gmo
 CATOBJEXT = .gmo
 CC = gcc
 CPP = gcc -E
@@ -74,7 +74,7 @@ DATADIRNAME = share
 DYNLINK_LDFLAGS = -rdynamic
 G10_LOCALEDIR = /usr/local/share/locale
 GENCAT = 
-GMOFILES =  de.gmo it.gmo
+GMOFILES =  en.gmo de.gmo it.gmo
 GMSGFMT = /usr/local/bin/msgfmt
 GT_NO = 
 GT_YES = #YES#
@@ -87,12 +87,12 @@ MKINSTALLDIRS = scripts/mkinstalldirs
 MPI_EXTRA_ASM_OBJS = 
 MSGFMT = /usr/local/bin/msgfmt
 PACKAGE = gnupg
-POFILES =  de.po it.po
+POFILES =  en.po de.po it.po
 POSUB = po
 RANLIB = ranlib
 USE_INCLUDED_LIBINTL = yes
 USE_NLS = yes
-VERSION = 0.3.2b
+VERSION = 0.3.2c
 ZLIBS = 
 l =