mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
applied Mathews typo and grammar fixes
This commit is contained in:
parent
3c7368a33d
commit
700c438def
@ -1,3 +1,7 @@
|
|||||||
|
Tue Apr 14 19:08:05 1998 Werner Koch (wk@isil.d.shuttle.de)
|
||||||
|
|
||||||
|
* [all files]: Applied Matthew Skala's typo and grammar fixes.
|
||||||
|
|
||||||
Wed Mar 4 10:32:40 1998 Werner Koch (wk@isil.d.shuttle.de)
|
Wed Mar 4 10:32:40 1998 Werner Koch (wk@isil.d.shuttle.de)
|
||||||
|
|
||||||
* configure.in (getrusage,gettimeofday): New tests.
|
* configure.in (getrusage,gettimeofday): New tests.
|
||||||
|
6
INSTALL
6
INSTALL
@ -7,7 +7,7 @@ Configure options for GNUPG
|
|||||||
--with-included-zlib Forces usage of the local zlib sources. Default is
|
--with-included-zlib Forces usage of the local zlib sources. Default is
|
||||||
to use the (shared) library of the system.
|
to use the (shared) library of the system.
|
||||||
|
|
||||||
--with-included-gettext Forces usage of the local gettext sources instead of.
|
--with-included-gettext Forces usage of the local gettext sources instead of
|
||||||
the one provided by your system.
|
the one provided by your system.
|
||||||
|
|
||||||
--disable-nls Disable NLS support (See ABOUT-NLS)
|
--disable-nls Disable NLS support (See ABOUT-NLS)
|
||||||
@ -32,12 +32,12 @@ Problems
|
|||||||
If you have compile problems, try the configure options "--with-included-zlib"
|
If you have compile problems, try the configure options "--with-included-zlib"
|
||||||
or "--disable-nls" (See ABOUT-NLS).
|
or "--disable-nls" (See ABOUT-NLS).
|
||||||
|
|
||||||
I cant check all assembler files; so if you have problems assembling them
|
I can't check all assembler files, so if you have problems assembling them
|
||||||
(or the program crashes), simply delete the files in the mpi/<cpu> directory.
|
(or the program crashes), simply delete the files in the mpi/<cpu> directory.
|
||||||
The configure scripts may consider several subdirectories to get all
|
The configure scripts may consider several subdirectories to get all
|
||||||
available assembler files; be sure to delete the correct ones. The
|
available assembler files; be sure to delete the correct ones. The
|
||||||
assembler replacements are in C and in mpi/generic; never delete udiv-qrnnd.S
|
assembler replacements are in C and in mpi/generic; never delete udiv-qrnnd.S
|
||||||
in any CPU directory, because there maybe no C substitute.
|
in any CPU directory, because there may be no C substitute.
|
||||||
Don't forget to delete "config.cache" and run "./config.status --recheck".
|
Don't forget to delete "config.cache" and run "./config.status --recheck".
|
||||||
|
|
||||||
|
|
||||||
|
50
README
50
README
@ -5,7 +5,7 @@
|
|||||||
THIS IS ALPHA SOFTWARE, YOU MAY ENCOUNTER SOOME BUGS.
|
THIS IS ALPHA SOFTWARE, YOU MAY ENCOUNTER SOOME BUGS.
|
||||||
|
|
||||||
On a Linux box (version 2.x.x, alpha or x86 CPU) it should
|
On a Linux box (version 2.x.x, alpha or x86 CPU) it should
|
||||||
work reliable. You may create your key on such a machine and
|
work reliably. You may create your key on such a machine and
|
||||||
use it. Please verify the tar file; there is a PGP and a GNUPG
|
use it. Please verify the tar file; there is a PGP and a GNUPG
|
||||||
signature available. My PGP key is well known and published in
|
signature available. My PGP key is well known and published in
|
||||||
the "Global Trust Register for 1998", ISBN 0-9532397-0-5.
|
the "Global Trust Register for 1998", ISBN 0-9532397-0-5.
|
||||||
@ -25,14 +25,14 @@
|
|||||||
See the file COPYING for copyright and warranty information.
|
See the file COPYING for copyright and warranty information.
|
||||||
|
|
||||||
Due to the fact that GNUPG does not use use any patented algorithm,
|
Due to the fact that GNUPG does not use use any patented algorithm,
|
||||||
it cannot be compatible to old PGP versions, because those use
|
it cannot be compatible with old PGP versions, because those use
|
||||||
IDEA (which is worldwide patented) and RSA (which is patented in
|
IDEA (which is patented worldwide) and RSA (which is patented in
|
||||||
the United States until Sep 20, 2000). I'm sorry about this, but
|
the United States until Sep 20, 2000). I'm sorry about this, but
|
||||||
this is the world we have created (e.g. by using proprietary software).
|
this is the world we have created (e.g. by using proprietary software).
|
||||||
|
|
||||||
Because the OpenPGP standard is still a draft, GNUPG is not yet
|
Because the OpenPGP standard is still a draft, GNUPG is not yet
|
||||||
compatible to it (or PGP 5) - but it will. The data structures
|
compatible with it (or PGP 5) - but it will be. The data structures
|
||||||
used are compatible with PGP 2.x, so it can parse an list such files
|
used are compatible with PGP 2.x, so it can parse and list such files
|
||||||
and PGP should be able to parse data created by GNUPG and complain
|
and PGP should be able to parse data created by GNUPG and complain
|
||||||
about unsupported algorithms.
|
about unsupported algorithms.
|
||||||
|
|
||||||
@ -40,9 +40,9 @@
|
|||||||
encryption and signing; Blowfish with a 160 bit key for protecting
|
encryption and signing; Blowfish with a 160 bit key for protecting
|
||||||
the secret-key components, conventional and session encryption;
|
the secret-key components, conventional and session encryption;
|
||||||
RIPE MD-160 to create message digest. DSA, SHA-1 and CAST are
|
RIPE MD-160 to create message digest. DSA, SHA-1 and CAST are
|
||||||
also implemented, but not used on default. I decided not
|
also implemented, but not used by default. I decided not
|
||||||
to use DSA as default signing algorithm, because it allows only for
|
to use DSA as the default signing algorithm, because it allows only
|
||||||
1024 bit keys and this may be not enough in a couple of years.
|
for 1024 bit keys and this may not be enough in a couple of years.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -70,16 +70,16 @@
|
|||||||
|
|
||||||
This asks some questions and then starts key generation. To create
|
This asks some questions and then starts key generation. To create
|
||||||
good random numbers for prime number generation, it uses a /dev/random
|
good random numbers for prime number generation, it uses a /dev/random
|
||||||
which will emit only bytes if the kernel can gather enough entropy.
|
which will only emit bytes if the kernel can gather enough entropy.
|
||||||
If you see no progress, you should start some other activities such
|
If you see no progress, you should start some other activities such
|
||||||
as mouse moves, "find /" or using the keyboard (on another window).
|
as mouse moves, "find /" or using the keyboard (in another window).
|
||||||
Because we have no hardware device to generate random we have to use
|
Because we have no hardware device to generate randomness we have to
|
||||||
this method.
|
use this method.
|
||||||
|
|
||||||
Key generation shows progress by printing different characters to
|
Key generation shows progress by printing different characters to
|
||||||
stderr:
|
stderr:
|
||||||
"." Last 10 Miller-Rabin tests failed.
|
"." Last 10 Miller-Rabin tests failed
|
||||||
"+" Miller-Rabin test succeeded.
|
"+" Miller-Rabin test succeeded
|
||||||
"!" Reloading the pool with fresh prime numbers
|
"!" Reloading the pool with fresh prime numbers
|
||||||
"^" Checking a new value for the generator
|
"^" Checking a new value for the generator
|
||||||
"<" Size of one factor decreased
|
"<" Size of one factor decreased
|
||||||
@ -87,10 +87,10 @@
|
|||||||
|
|
||||||
The prime number for ElGamal is generated this way:
|
The prime number for ElGamal is generated this way:
|
||||||
|
|
||||||
1) Make a prime number q of 160, 200, 240 bits (depending on the keysize).
|
1) Make a prime number q of 160, 200, 240 bits (depending on the keysize)
|
||||||
2) Select the length of the other prime factors to be at least the size
|
2) Select the length of the other prime factors to be at least the size
|
||||||
of q and calculate the number of prime factors needed
|
of q and calculate the number of prime factors needed
|
||||||
3) Make a pool of prime number, each of the length determined in step 2
|
3) Make a pool of prime numbers, each of the length determined in step 2
|
||||||
4) Get a new permutation out of the pool or continue with step 3
|
4) Get a new permutation out of the pool or continue with step 3
|
||||||
if we have tested all permutations.
|
if we have tested all permutations.
|
||||||
5) Calculate a candidate prime p = 2 * q * p[1] * ... * p[n] + 1
|
5) Calculate a candidate prime p = 2 * q * p[1] * ... * p[n] + 1
|
||||||
@ -121,9 +121,9 @@
|
|||||||
|
|
||||||
This let you sign the key of of "Donald" with the userids of "Karl"
|
This let you sign the key of of "Donald" with the userids of "Karl"
|
||||||
and "Joe".
|
and "Joe".
|
||||||
All existing signatures are checked, if some are invalid, a menu is
|
All existing signatures are checked; if some are invalid, a menu is
|
||||||
offered to delete some of them, and the you are asked for every user
|
offered to delete some of them, and then you are asked for every user
|
||||||
wether you want to sign this key.
|
whether you want to sign this key.
|
||||||
|
|
||||||
You may remove a signature at any time using the option "--edit-sig",
|
You may remove a signature at any time using the option "--edit-sig",
|
||||||
which asks for the sigs to remove. Self-signatures are not removable.
|
which asks for the sigs to remove. Self-signatures are not removable.
|
||||||
@ -253,7 +253,7 @@
|
|||||||
Batch mode
|
Batch mode
|
||||||
----------
|
----------
|
||||||
If you use the option "--batch", GNUPG runs in non-interactive mode and
|
If you use the option "--batch", GNUPG runs in non-interactive mode and
|
||||||
never prompts for input data. This even does not allow to enter
|
never prompts for input data. This does not even allow entering the
|
||||||
passphrase; until we have a better solution (something like ssh-agent),
|
passphrase; until we have a better solution (something like ssh-agent),
|
||||||
you can use the option "--passhrase-fd n", which works like PGPs
|
you can use the option "--passhrase-fd n", which works like PGPs
|
||||||
PGPPASSFD.
|
PGPPASSFD.
|
||||||
@ -267,7 +267,7 @@
|
|||||||
GNUPG returns with an exit status of 1 if in batch mode and a bad signature
|
GNUPG returns with an exit status of 1 if in batch mode and a bad signature
|
||||||
has been detected or 2 or higher for all other errors. You should parse
|
has been detected or 2 or higher for all other errors. You should parse
|
||||||
stderr or the output of the fd specified with --status-fd to get detailed
|
stderr or the output of the fd specified with --status-fd to get detailed
|
||||||
informations about the errors.
|
information about the errors.
|
||||||
|
|
||||||
|
|
||||||
Esoteric commands
|
Esoteric commands
|
||||||
@ -291,7 +291,7 @@
|
|||||||
|
|
||||||
List the possible trust paths for the given username, up to the specified
|
List the possible trust paths for the given username, up to the specified
|
||||||
depth. If depth is negative, duplicate introducers are not listed,
|
depth. If depth is negative, duplicate introducers are not listed,
|
||||||
because those would increase the trust probabilty only minimal.
|
because those would increase the trust probability only minimally.
|
||||||
(you must use the special option "--" to stop option parsing when
|
(you must use the special option "--" to stop option parsing when
|
||||||
using a negative number). This option may create new entries in the
|
using a negative number). This option may create new entries in the
|
||||||
trustdb.
|
trustdb.
|
||||||
@ -307,7 +307,7 @@
|
|||||||
gpgm --gen-prime n q
|
gpgm --gen-prime n q
|
||||||
|
|
||||||
Generate a prime number suitable for ElGamal signatures of size n with
|
Generate a prime number suitable for ElGamal signatures of size n with
|
||||||
a q as largest primefactor of n-1.
|
a q as largest prime factor of n-1.
|
||||||
|
|
||||||
gpgm --gen-prime n q 1
|
gpgm --gen-prime n q 1
|
||||||
|
|
||||||
@ -319,7 +319,7 @@
|
|||||||
|
|
||||||
Debug Flags
|
Debug Flags
|
||||||
-----------
|
-----------
|
||||||
Use the option "--debug n" to output debug informations. This option
|
Use the option "--debug n" to output debug information. This option
|
||||||
can be used multiple times, all values are ORed; n maybe prefixed with
|
can be used multiple times, all values are ORed; n maybe prefixed with
|
||||||
0x to use hex-values.
|
0x to use hex-values.
|
||||||
|
|
||||||
@ -339,7 +339,7 @@
|
|||||||
Other Notes
|
Other Notes
|
||||||
-----------
|
-----------
|
||||||
This is work in progress, so you may find duplicated code fragments,
|
This is work in progress, so you may find duplicated code fragments,
|
||||||
ugly data structures, weird usage of filenames and other thinks.
|
ugly data structures, weird usage of filenames and other things.
|
||||||
I will run "indent" over the source when making a real distribution,
|
I will run "indent" over the source when making a real distribution,
|
||||||
but for now I stick to my own formatting rules.
|
but for now I stick to my own formatting rules.
|
||||||
|
|
||||||
|
11
THANKS
11
THANKS
@ -1,8 +1,7 @@
|
|||||||
GNUPG has originally been written by Werner Koch. Other people contributed
|
GNUPG was originally written by Werner Koch. Other people contributed by
|
||||||
by reporting problems, suggesting various improvements or submitting actual
|
reporting problems, suggesting various improvements or submitting actual
|
||||||
code. Here is a list of these people. Help me keeping it complete and
|
code. Here is a list of those people. Help me keep it complete and free of
|
||||||
exempt of errors.
|
errors.
|
||||||
|
|
||||||
|
|
||||||
Anand Kumria wildfire@progsoc.uts.edu.au
|
Anand Kumria wildfire@progsoc.uts.edu.au
|
||||||
Daniel Eisenbud eisenbud@cs.swarthmore.edu
|
Daniel Eisenbud eisenbud@cs.swarthmore.edu
|
||||||
@ -16,6 +15,7 @@ Jens Bachem bachem@rrz.uni-koeln.de
|
|||||||
Marco d'Itri md@linux.it
|
Marco d'Itri md@linux.it
|
||||||
Mark Adler madler@alumni.caltech.edu
|
Mark Adler madler@alumni.caltech.edu
|
||||||
Martin Schulte schulte@thp.uni-koeln.de
|
Martin Schulte schulte@thp.uni-koeln.de
|
||||||
|
Matthew Skala mskala@ansuz.sooke.bc.ca
|
||||||
Peter Gutmann pgut001@cs.auckland.ac.nz
|
Peter Gutmann pgut001@cs.auckland.ac.nz
|
||||||
Ralph Gillen gillen@theochem.uni-duesseldorf.de
|
Ralph Gillen gillen@theochem.uni-duesseldorf.de
|
||||||
Thomas Roessler roessler@guug.de
|
Thomas Roessler roessler@guug.de
|
||||||
@ -25,7 +25,6 @@ Walter Koch walterk@ddorf.rhein-ruhr.de
|
|||||||
Werner Koch werner.koch@guug.de
|
Werner Koch werner.koch@guug.de
|
||||||
Wim Vandeputte bunbun@reptile.rug.ac.be
|
Wim Vandeputte bunbun@reptile.rug.ac.be
|
||||||
|
|
||||||
|
|
||||||
Thanks to the German Unix User Group for providing FTP space and
|
Thanks to the German Unix User Group for providing FTP space and
|
||||||
Martin Hamilton for hosting the mailing list.
|
Martin Hamilton for hosting the mailing list.
|
||||||
|
|
||||||
|
@ -10,7 +10,7 @@ define(WK_MSG_PRINT,
|
|||||||
|
|
||||||
|
|
||||||
dnl WK_CHECK_TYPEDEF(TYPE, HAVE_NAME)
|
dnl WK_CHECK_TYPEDEF(TYPE, HAVE_NAME)
|
||||||
dnl Check wether a typedef exists and create a #define $2 if it exists
|
dnl Check whether a typedef exists and create a #define $2 if it exists
|
||||||
dnl
|
dnl
|
||||||
AC_DEFUN(WK_CHECK_TYPEDEF,
|
AC_DEFUN(WK_CHECK_TYPEDEF,
|
||||||
[ AC_MSG_CHECKING(for $1 typedef)
|
[ AC_MSG_CHECKING(for $1 typedef)
|
||||||
|
@ -3,7 +3,7 @@
|
|||||||
. defs.inc || exit 3
|
. defs.inc || exit 3
|
||||||
|
|
||||||
#info Checking cleartext signatures
|
#info Checking cleartext signatures
|
||||||
# There is a minor glitch, which appends a lf to the cleartext.
|
# There is a minor glitch, which appends an lf to the cleartext.
|
||||||
# I do not consider that a bug, but I have to use the head .. mimic.
|
# I do not consider that a bug, but I have to use the head .. mimic.
|
||||||
# It is not clear what should happen to leading LFs, we must
|
# It is not clear what should happen to leading LFs, we must
|
||||||
# change the defintion of cleartext, so that only 1 empty line
|
# change the defintion of cleartext, so that only 1 empty line
|
||||||
|
@ -408,7 +408,7 @@ cipher_decrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nbytes )
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Used for PGP's somewhat strange CFB mode. Does only work if
|
* Used for PGP's somewhat strange CFB mode. Only works if
|
||||||
* the handle is in PHILS_CFB mode
|
* the handle is in PHILS_CFB mode
|
||||||
*/
|
*/
|
||||||
void
|
void
|
||||||
|
@ -75,7 +75,7 @@ dsa_free_secret_key( DSA_secret_key *sk )
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Test wether the secret key is valid.
|
* Test whether the secret key is valid.
|
||||||
* Returns: if this is a valid key.
|
* Returns: if this is a valid key.
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
|
@ -203,7 +203,7 @@ elg_generate( ELG_public_key *pk, ELG_secret_key *sk,
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Test wether the secret key is valid.
|
* Test whether the secret key is valid.
|
||||||
* Returns: if this is a valid key.
|
* Returns: if this is a valid key.
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
@ -320,7 +320,7 @@ elg_sign(MPI a, MPI b, MPI input, ELG_secret_key *skey )
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Returns true if the signature composed from A and B is valid.
|
* Returns true if the signature composed of A and B is valid.
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
elg_verify(MPI a, MPI b, MPI input, ELG_public_key *pkey )
|
elg_verify(MPI a, MPI b, MPI input, ELG_public_key *pkey )
|
||||||
|
@ -107,9 +107,9 @@ transform( MD5_CONTEXT *ctx, const void *buffer, size_t len )
|
|||||||
u32 D_save = D;
|
u32 D_save = D;
|
||||||
|
|
||||||
/* First round: using the given function, the context and a constant
|
/* First round: using the given function, the context and a constant
|
||||||
the next context is computed. Because the algorithms processing
|
the next context is computed. Because the algorithm's processing
|
||||||
unit is a 32-bit word and it is determined to work on words in
|
unit is a 32-bit word, and it is determined to work on words in
|
||||||
little endian byte order we perhaps have to change the byte order
|
little endian byte order, we perhaps have to change the byte order
|
||||||
before the computation. To reduce the work for the next steps
|
before the computation. To reduce the work for the next steps
|
||||||
we store the swapped words in the array CORRECT_WORDS. */
|
we store the swapped words in the array CORRECT_WORDS. */
|
||||||
|
|
||||||
@ -127,7 +127,7 @@ transform( MD5_CONTEXT *ctx, const void *buffer, size_t len )
|
|||||||
cyclic rotation. Hope the C compiler is smart enough. */
|
cyclic rotation. Hope the C compiler is smart enough. */
|
||||||
#define CYCLIC(w, s) (w = (w << s) | (w >> (32 - s)))
|
#define CYCLIC(w, s) (w = (w << s) | (w >> (32 - s)))
|
||||||
|
|
||||||
/* Before we start, one word to the strange constants.
|
/* Before we start, one word about the strange constants.
|
||||||
They are defined in RFC 1321 as
|
They are defined in RFC 1321 as
|
||||||
|
|
||||||
T[i] = (int) (4294967296.0 * fabs (sin (i))), i=1..64
|
T[i] = (int) (4294967296.0 * fabs (sin (i))), i=1..64
|
||||||
|
@ -327,7 +327,7 @@ gen_prime( unsigned nbits, int secret, int randomlevel )
|
|||||||
}
|
}
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Returns: true if this is may me a prime
|
* Returns: true if this may be a prime
|
||||||
*/
|
*/
|
||||||
static int
|
static int
|
||||||
check_prime( MPI prime )
|
check_prime( MPI prime )
|
||||||
@ -365,7 +365,7 @@ check_prime( MPI prime )
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Return true if n is propably a prime
|
* Return true if n is probably a prime
|
||||||
*/
|
*/
|
||||||
static int
|
static int
|
||||||
is_prime( MPI n, int steps, int *count )
|
is_prime( MPI n, int steps, int *count )
|
||||||
|
@ -134,7 +134,7 @@ quick_random_gen( int onoff )
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Fill the buffer with LENGTH bytes of cryptologic strong
|
* Fill the buffer with LENGTH bytes of cryptographically strong
|
||||||
* random bytes. level 0 is not very strong, 1 is strong enough
|
* random bytes. level 0 is not very strong, 1 is strong enough
|
||||||
* for most usage, 2 is good for key generation stuff but may be very slow.
|
* for most usage, 2 is good for key generation stuff but may be very slow.
|
||||||
*/
|
*/
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
/* sha1.c - SHA1 hash function
|
/* sha1.c - SHA1 hash function
|
||||||
* Copyright (C) 1998 Free Software Foundation, Inc.
|
* Copyright (C) 1998 Free Software Foundation, Inc.
|
||||||
*
|
*
|
||||||
* Please see below for more legal informations!
|
* Please see below for more legal information!
|
||||||
*
|
*
|
||||||
* This file is part of GNUPG.
|
* This file is part of GNUPG.
|
||||||
*
|
*
|
||||||
|
@ -24,7 +24,7 @@
|
|||||||
#include "util.h"
|
#include "util.h"
|
||||||
#include "types.h"
|
#include "types.h"
|
||||||
|
|
||||||
/* Note: 2 is not included because it can be testest more easily
|
/* Note: 2 is not included because it can be tested more easily
|
||||||
* by looking at bit 0. The last entry in this list is marked by a zero
|
* by looking at bit 0. The last entry in this list is marked by a zero
|
||||||
*/
|
*/
|
||||||
ushort
|
ushort
|
||||||
|
@ -137,7 +137,7 @@ AC_CHECK_FUNCS(gettimeofday getrusage)
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
dnl check wether we have a random device
|
dnl check whether we have a random device
|
||||||
AC_CACHE_CHECK(for random device, ac_cv_have_dev_random,
|
AC_CACHE_CHECK(for random device, ac_cv_have_dev_random,
|
||||||
[if test -c /dev/random && test -c /dev/urandom ; then
|
[if test -c /dev/random && test -c /dev/urandom ; then
|
||||||
ac_cv_have_dev_random=yes; else ac_cv_have_dev_random=no; fi])
|
ac_cv_have_dev_random=yes; else ac_cv_have_dev_random=no; fi])
|
||||||
|
32
doc/DETAILS
32
doc/DETAILS
@ -6,7 +6,7 @@
|
|||||||
a rmd160 hash value from it. This is used as the
|
a rmd160 hash value from it. This is used as the
|
||||||
fingerprint and the low 64 bits are the keyid.
|
fingerprint and the low 64 bits are the keyid.
|
||||||
|
|
||||||
* Revocation certificates consists only of the signature packet;
|
* Revocation certificates consist only of the signature packet;
|
||||||
"import" knows how to handle this. The rationale behind it is
|
"import" knows how to handle this. The rationale behind it is
|
||||||
to keep them small.
|
to keep them small.
|
||||||
|
|
||||||
@ -17,7 +17,7 @@ Layout of the TrustDB
|
|||||||
=====================
|
=====================
|
||||||
FIXME: use a directory record as top node instead of the pubkey record
|
FIXME: use a directory record as top node instead of the pubkey record
|
||||||
|
|
||||||
The TrustDB is build from fixed length records, where the first bytes
|
The TrustDB is built from fixed length records, where the first byte
|
||||||
describes the record type. All numeric values are stored in network
|
describes the record type. All numeric values are stored in network
|
||||||
byte order. The length of each record is 40 bytes. The first record of
|
byte order. The length of each record is 40 bytes. The first record of
|
||||||
the DB is always of type 1 and this is the only record of this type.
|
the DB is always of type 1 and this is the only record of this type.
|
||||||
@ -29,7 +29,7 @@ Record type 0:
|
|||||||
Record type 1:
|
Record type 1:
|
||||||
--------------
|
--------------
|
||||||
Version information for this TrustDB. This is always the first
|
Version information for this TrustDB. This is always the first
|
||||||
record of the DB and the onyl one with type 1.
|
record of the DB and the only one with type 1.
|
||||||
1 byte value 1
|
1 byte value 1
|
||||||
3 bytes 'gpg' magic value
|
3 bytes 'gpg' magic value
|
||||||
1 byte Version of the TrustDB
|
1 byte Version of the TrustDB
|
||||||
@ -74,7 +74,7 @@ Record type 3:
|
|||||||
1 byte reserved
|
1 byte reserved
|
||||||
1 u32 owner This is used to bind all records for
|
1 u32 owner This is used to bind all records for
|
||||||
a given certificate together. It is valid only in this TrustDB
|
a given certificate together. It is valid only in this TrustDB
|
||||||
and usefull if we have duplicate keyids
|
and useful if we have duplicate keyids
|
||||||
It points back to the directory node.
|
It points back to the directory node.
|
||||||
1 byte pubkey algorithm
|
1 byte pubkey algorithm
|
||||||
1 byte reserved
|
1 byte reserved
|
||||||
@ -86,7 +86,7 @@ Record type 3:
|
|||||||
Record type 4: (cache record)
|
Record type 4: (cache record)
|
||||||
--------------
|
--------------
|
||||||
Used to bind the trustDB to the concrete instance of keyblock in
|
Used to bind the trustDB to the concrete instance of keyblock in
|
||||||
a pubring. This is used to cache informations.
|
a pubring. This is used to cache information.
|
||||||
|
|
||||||
1 byte value 4
|
1 byte value 4
|
||||||
1 byte reserved
|
1 byte reserved
|
||||||
@ -132,14 +132,14 @@ Record Type 6 (hash table)
|
|||||||
-------------
|
-------------
|
||||||
Due to the fact that we use the keyid to lookup keys, we can
|
Due to the fact that we use the keyid to lookup keys, we can
|
||||||
implement quick access by some simple hash methods, and avoid
|
implement quick access by some simple hash methods, and avoid
|
||||||
the overhead gdbm. A property of keyids is that they can be
|
the overhead of gdbm. A property of keyids is that they can be
|
||||||
used directly as hash value (They can be considered as strong
|
used directly as hash values. (They can be considered as strong
|
||||||
random numbers.
|
random numbers.)
|
||||||
What we use is a dynamic multilevel architecture, which combines
|
What we use is a dynamic multilevel architecture, which combines
|
||||||
Hashtables, record lists, and linked list.
|
Hashtables, record lists, and linked lists.
|
||||||
|
|
||||||
This record is a hashtable of 256 entries; a special property
|
This record is a hashtable of 256 entries; a special property
|
||||||
is, that all these records are adjacent stored to make up one
|
is that all these records are stored consecutively to make one
|
||||||
big table. The hash value is simple the 1st, 2nd, ... byte of
|
big table. The hash value is simple the 1st, 2nd, ... byte of
|
||||||
the keyid (depending on the indirection level).
|
the keyid (depending on the indirection level).
|
||||||
|
|
||||||
@ -154,15 +154,15 @@ Record Type 6 (hash table)
|
|||||||
which is 29 for a record length of 40.
|
which is 29 for a record length of 40.
|
||||||
|
|
||||||
To look up a key we use its lsb to get the recnum from this
|
To look up a key we use its lsb to get the recnum from this
|
||||||
hashtable and look up this addressed record:
|
hashtable and look up the addressed record:
|
||||||
- If this record is another hashtable, we use 2nd lsb
|
- If this record is another hashtable, we use 2nd lsb
|
||||||
to index this hast table and so on.
|
to index this hast table and so on.
|
||||||
- if this record is of hashlist, we lwalk thru these
|
- if this record is a hashlist, we walk thru the
|
||||||
reclist record until we found one whos hash fields
|
reclist records until we found one whose hash field
|
||||||
matches the MSB of our keyid, and lookup this record
|
matches the MSB of our keyid, and lookup this record
|
||||||
- if this record is a dir record, we compare the
|
- if this record is a dir record, we compare the
|
||||||
keyid and if this is correct, we get the keyrecod and compare
|
keyid and if this is correct, we get the keyrecod and compare
|
||||||
the fingerprint to decide wether it is the requested key;
|
the fingerprint to decide whether it is the requested key;
|
||||||
if this is not the correct dir record, we look at the next
|
if this is not the correct dir record, we look at the next
|
||||||
dir record which is linked by the link field.
|
dir record which is linked by the link field.
|
||||||
|
|
||||||
@ -185,8 +185,8 @@ Record type 7 (hash list)
|
|||||||
Packet Headers
|
Packet Headers
|
||||||
===============
|
===============
|
||||||
|
|
||||||
GNUPG uses PGP 2 packet headers and also understand OpenPGP packet header.
|
GNUPG uses PGP 2 packet headers and also understands OpenPGP packet header.
|
||||||
There is one enhavement used ith the old style packet headers:
|
There is one enhancement used with the old style packet headers:
|
||||||
|
|
||||||
CTB bits 10, the "packet-length length bits", have values listed in
|
CTB bits 10, the "packet-length length bits", have values listed in
|
||||||
the following table:
|
the following table:
|
||||||
|
50
doc/gpg.1pod
50
doc/gpg.1pod
@ -8,14 +8,14 @@ B<gpg> [--homedir name] [--options file] [options] command [args]
|
|||||||
|
|
||||||
=head1 DESCRIPTION
|
=head1 DESCRIPTION
|
||||||
|
|
||||||
This is the main program from the GNUPG system.
|
This is the main program for the GNUPG system.
|
||||||
|
|
||||||
=head1 COMMANDS
|
=head1 COMMANDS
|
||||||
|
|
||||||
B<gpg> recognizes these commands:
|
B<gpg> recognizes these commands:
|
||||||
|
|
||||||
B<-s>, B<--sign>
|
B<-s>, B<--sign>
|
||||||
Make a signature. This option maybe combined
|
Make a signature. This option may be combined
|
||||||
with B<--encrypt>.
|
with B<--encrypt>.
|
||||||
|
|
||||||
B<--clearsign>
|
B<--clearsign>
|
||||||
@ -28,7 +28,7 @@ B<-e>, B<--encrypt>
|
|||||||
Encrypt data. This option may be combined with B<--sign>.
|
Encrypt data. This option may be combined with B<--sign>.
|
||||||
|
|
||||||
B<-c>, B<--symmetric>
|
B<-c>, B<--symmetric>
|
||||||
Encrypt only with symmetric cipher
|
Encrypt with symmetric cipher only
|
||||||
This command asks for a passphrase.
|
This command asks for a passphrase.
|
||||||
|
|
||||||
B<--store>
|
B<--store>
|
||||||
@ -39,8 +39,8 @@ B<--decrypt> [I<file>]
|
|||||||
write it to stdout (or the file specified with
|
write it to stdout (or the file specified with
|
||||||
B<--output>). If the decrypted file is signed, the
|
B<--output>). If the decrypted file is signed, the
|
||||||
signature is also verified. This command differs
|
signature is also verified. This command differs
|
||||||
from the default operation, as it never write to the
|
from the default operation, as it never writes to the
|
||||||
filename which is included in the file and that it
|
filename which is included in the file and it
|
||||||
rejects files which don't begin with an encrypted
|
rejects files which don't begin with an encrypted
|
||||||
message.
|
message.
|
||||||
|
|
||||||
@ -49,27 +49,27 @@ B<--verify> [[I<sigfile>] {I<signed-files>}]
|
|||||||
without generating any output. With no arguments,
|
without generating any output. With no arguments,
|
||||||
the signature packet is read from stdin (it may be a
|
the signature packet is read from stdin (it may be a
|
||||||
detached signature when not used in batch mode). If
|
detached signature when not used in batch mode). If
|
||||||
only a sigfile is given, is maybe a complete signature
|
only a sigfile is given, it may be a complete signature
|
||||||
or a detached signature in which case the signed stuff
|
or a detached signature, in which case the signed stuff
|
||||||
is expected from stdin. With more than 1 argument, the
|
is expected from stdin. With more than 1 argument, the
|
||||||
first should be a detached signature and the remaining
|
first should be a detached signature and the remaining
|
||||||
files are the signed stuff.
|
files are the signed stuff.
|
||||||
|
|
||||||
B<-k> [I<username>] [I<keyring>]
|
B<-k> [I<username>] [I<keyring>]
|
||||||
Kludge to be somewhat compatibe to PGP.
|
Kludge to be somewhat compatible with PGP.
|
||||||
Without arguments, all public key-rings are listed,
|
Without arguments, all public key-rings are listed.
|
||||||
with one argument, only I<keyring> is listed.
|
With one argument, only I<keyring> is listed.
|
||||||
Special combinations are also allowed, but it may
|
Special combinations are also allowed, but it may
|
||||||
give starnge results when combined with more options.
|
give strange results when combined with more options.
|
||||||
B<-kv> Same as B<-k>
|
B<-kv> Same as B<-k>
|
||||||
B<-kvv> List the signatures with every key.
|
B<-kvv> List the signatures with every key.
|
||||||
B<-kvvv> Additional check all signatures.
|
B<-kvvv> Additionally check all signatures.
|
||||||
B<-kvc> List fingerprints
|
B<-kvc> List fingerprints
|
||||||
B<-kvvc> List fingerprints and signatures
|
B<-kvvc> List fingerprints and signatures
|
||||||
|
|
||||||
B<--list-keys> [I<names>]
|
B<--list-keys> [I<names>]
|
||||||
List all keys from the default public keyring or just the ones
|
List all keys from the default public keyring, or just the ones
|
||||||
given on the commandline.
|
given on the command line.
|
||||||
|
|
||||||
B<--list-sigs> [I<names>]
|
B<--list-sigs> [I<names>]
|
||||||
Same as B<--list-keys>, but the signatures are listed too.
|
Same as B<--list-keys>, but the signatures are listed too.
|
||||||
@ -97,8 +97,8 @@ B<--sign-key> I<name>
|
|||||||
all existing signatures of this key. If the key is
|
all existing signatures of this key. If the key is
|
||||||
not yet signed by the default user (or the users given
|
not yet signed by the default user (or the users given
|
||||||
with B<-u>), the program displays the information of
|
with B<-u>), the program displays the information of
|
||||||
the key again, together with it's fingerprint and
|
the key again, together with its fingerprint and
|
||||||
asked whether it should be signed. This question
|
asks whether it should be signed. This question
|
||||||
is repeated for all users specified with B<-u>.
|
is repeated for all users specified with B<-u>.
|
||||||
The key is then signed and the keyring which
|
The key is then signed and the keyring which
|
||||||
contains the key is updated.
|
contains the key is updated.
|
||||||
@ -121,7 +121,7 @@ B<--gen-revoke>
|
|||||||
|
|
||||||
B<--export> [I<names>]
|
B<--export> [I<names>]
|
||||||
Either export all keys from all key-rings (default
|
Either export all keys from all key-rings (default
|
||||||
key-rings and those registered via option B<--keyring>,
|
key-rings and those registered via option B<--keyring>),
|
||||||
or if at least one name is given, those of the given
|
or if at least one name is given, those of the given
|
||||||
name. The new keyring is written to F<stdout> or to
|
name. The new keyring is written to F<stdout> or to
|
||||||
the file given with option "output". Use together
|
the file given with option "output". Use together
|
||||||
@ -135,8 +135,8 @@ B<--import>
|
|||||||
|
|
||||||
Long options can be put in an options file (default F<~/.gnupg/options>);
|
Long options can be put in an options file (default F<~/.gnupg/options>);
|
||||||
do not write the 2 dashes, but simply the name of the option and any
|
do not write the 2 dashes, but simply the name of the option and any
|
||||||
arguments if required, lines with a hash as the first non-white-space
|
arguments if required. Lines with a hash as the first non-white-space
|
||||||
character are ignored. Commands maybe put in this file too, but that
|
character are ignored. Commands may be put in this file too, but that
|
||||||
does not make sense.
|
does not make sense.
|
||||||
|
|
||||||
B<gpg> recognizes these options:
|
B<gpg> recognizes these options:
|
||||||
@ -159,8 +159,8 @@ B<-r> I<name>, B<--remote-user> I<name>
|
|||||||
so that it can be used in an options file.
|
so that it can be used in an options file.
|
||||||
|
|
||||||
B<-v>, B<--verbose>
|
B<-v>, B<--verbose>
|
||||||
Give more informations during processing. If used
|
Give more information during processing. If used
|
||||||
2 times, the input data is listed in detail.
|
twice, the input data is listed in detail.
|
||||||
|
|
||||||
|
|
||||||
B<-z> I<n>
|
B<-z> I<n>
|
||||||
@ -229,7 +229,7 @@ B<--no-comment>
|
|||||||
Do not write comment packets.
|
Do not write comment packets.
|
||||||
|
|
||||||
B<--completes-needed> I<n>
|
B<--completes-needed> I<n>
|
||||||
Number of completey trusted users to introduce a new
|
Number of completely trusted users to introduce a new
|
||||||
key signator (defaults to 1).
|
key signator (defaults to 1).
|
||||||
|
|
||||||
B<--marginals-needed> I<n>
|
B<--marginals-needed> I<n>
|
||||||
@ -238,17 +238,17 @@ B<--marginals-needed> I<n>
|
|||||||
|
|
||||||
B<--cipher-algo> I<name>
|
B<--cipher-algo> I<name>
|
||||||
Use I<name> as cipher algorithm. Running the program
|
Use I<name> as cipher algorithm. Running the program
|
||||||
with the option B<--verbose> yields a list off supported
|
with the option B<--verbose> yields a list of supported
|
||||||
algorithms.
|
algorithms.
|
||||||
|
|
||||||
B<--pubkey-algo> I<name>
|
B<--pubkey-algo> I<name>
|
||||||
Use I<name> as puplic key algorithm. Running the program
|
Use I<name> as puplic key algorithm. Running the program
|
||||||
with the option B<--verbose> yields a list off supported
|
with the option B<--verbose> yields a list of supported
|
||||||
algorithms.
|
algorithms.
|
||||||
|
|
||||||
B<--digest-algo> I<name>
|
B<--digest-algo> I<name>
|
||||||
Use I<name> as message digest algorithm. Running the
|
Use I<name> as message digest algorithm. Running the
|
||||||
program with the option B<--verbose> yields a list off
|
program with the option B<--verbose> yields a list of
|
||||||
supported algorithms.
|
supported algorithms.
|
||||||
|
|
||||||
B<--passphrase-fd> I<n>
|
B<--passphrase-fd> I<n>
|
||||||
|
@ -1,8 +1,8 @@
|
|||||||
# This is a sample option file
|
# This is a sample option file
|
||||||
#
|
#
|
||||||
# Unless you you specify which option file to use with the
|
# Unless you you specify which option file to use with the
|
||||||
# commandline option "--options filename", gpg uses per
|
# commandline option "--options filename", gpg uses the
|
||||||
# default the file ~/.gnupg/options.
|
# file ~/.gnupg/options by default.
|
||||||
#
|
#
|
||||||
# An option file can contain all long options which are
|
# An option file can contain all long options which are
|
||||||
# available in GNUPG. If the first non white space character of
|
# available in GNUPG. If the first non white space character of
|
||||||
@ -17,7 +17,7 @@
|
|||||||
#-----------------------------------------------
|
#-----------------------------------------------
|
||||||
#------------------- Commands ------------------
|
#------------------- Commands ------------------
|
||||||
#-----------------------------------------------
|
#-----------------------------------------------
|
||||||
# With some expections, those cannot be combined
|
# With some expections, these cannot be combined
|
||||||
|
|
||||||
gen-prime
|
gen-prime
|
||||||
# Generate a prime.
|
# Generate a prime.
|
||||||
|
34
g10/armor.c
34
g10/armor.c
@ -80,7 +80,7 @@ typedef enum {
|
|||||||
|
|
||||||
|
|
||||||
/* if we encounter this armor string with this index, go
|
/* if we encounter this armor string with this index, go
|
||||||
* into a mode, which fakes packets and wait for the next armor */
|
* into a mode which fakes packets and wait for the next armor */
|
||||||
#define BEGIN_SIGNED_MSG_IDX 3
|
#define BEGIN_SIGNED_MSG_IDX 3
|
||||||
static char *head_strings[] = {
|
static char *head_strings[] = {
|
||||||
"BEGIN PGP MESSAGE",
|
"BEGIN PGP MESSAGE",
|
||||||
@ -136,7 +136,7 @@ initialize(void)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Check wether this is a armored file or not
|
* Check whether this is an armored file or not
|
||||||
* See also parse-packet.c for details on this code
|
* See also parse-packet.c for details on this code
|
||||||
* Returns: True if it seems to be armored
|
* Returns: True if it seems to be armored
|
||||||
*/
|
*/
|
||||||
@ -167,7 +167,7 @@ is_armored( byte *buf )
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Try to check wether the iobuf is armored
|
* Try to check whether the iobuf is armored
|
||||||
* Returns true if this may be the case; the caller should use the
|
* Returns true if this may be the case; the caller should use the
|
||||||
* filter to do further processing.
|
* filter to do further processing.
|
||||||
*/
|
*/
|
||||||
@ -179,7 +179,7 @@ use_armor_filter( IOBUF a )
|
|||||||
|
|
||||||
n = iobuf_peek(a, buf, 1 );
|
n = iobuf_peek(a, buf, 1 );
|
||||||
if( n == -1 )
|
if( n == -1 )
|
||||||
return 0; /* EOF, doesn't matter wether armored or not */
|
return 0; /* EOF, doesn't matter whether armored or not */
|
||||||
if( !n )
|
if( !n )
|
||||||
return 1; /* can't check it: try armored */
|
return 1; /* can't check it: try armored */
|
||||||
return is_armored(buf);
|
return is_armored(buf);
|
||||||
@ -197,11 +197,11 @@ invalid_armor(void)
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* check wether the armor header is valid on a signed message.
|
* check whether the armor header is valid on a signed message.
|
||||||
* this is for security reasons: the header lines are not included in the
|
* this is for security reasons: the header lines are not included in the
|
||||||
* hash and by using some creative formatting rules, Mallory could fake
|
* hash and by using some creative formatting rules, Mallory could fake
|
||||||
* any text at the beginning of a document; assuming it is read with
|
* any text at the beginning of a document; assuming it is read with
|
||||||
* a simple viewer. We do only allow the Hash Header.
|
* a simple viewer. We only allow the Hash Header.
|
||||||
*/
|
*/
|
||||||
static int
|
static int
|
||||||
parse_hash_header( const char *line )
|
parse_hash_header( const char *line )
|
||||||
@ -268,7 +268,7 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
|
|||||||
do {
|
do {
|
||||||
switch( state ) {
|
switch( state ) {
|
||||||
case fhdrHASArmor:
|
case fhdrHASArmor:
|
||||||
/* read at least the first byte to check wether it is armored
|
/* read at least the first byte to check whether it is armored
|
||||||
* or not */
|
* or not */
|
||||||
c = 0;
|
c = 0;
|
||||||
for(n=0; n < 28 && (c=iobuf_get2(a)) != -1 && c != '\n'; )
|
for(n=0; n < 28 && (c=iobuf_get2(a)) != -1 && c != '\n'; )
|
||||||
@ -382,8 +382,8 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
|
|||||||
state = fhdrCHECKDashEscaped3;
|
state = fhdrCHECKDashEscaped3;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
/* fixme: we should check wether this line continues
|
/* fixme: we should check whether this line continues
|
||||||
* it is poosible that we have only read ws until here
|
* it is possible that we have only read ws until here
|
||||||
* and more stuff is to come */
|
* and more stuff is to come */
|
||||||
state = fhdrEOF;
|
state = fhdrEOF;
|
||||||
}
|
}
|
||||||
@ -425,7 +425,7 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
|
|||||||
case fhdrEMPTYClearsig:
|
case fhdrEMPTYClearsig:
|
||||||
case fhdrREADClearsig:
|
case fhdrREADClearsig:
|
||||||
/* we are at the start of a line: read a clearsig into the buffer
|
/* we are at the start of a line: read a clearsig into the buffer
|
||||||
* we have to look for a the header line or dashed escaped text*/
|
* we have to look for a header line or dashed escaped text*/
|
||||||
n = 0;
|
n = 0;
|
||||||
c = 0;
|
c = 0;
|
||||||
while( n < buflen && (c=iobuf_get2(a)) != -1 && c != '\n' )
|
while( n < buflen && (c=iobuf_get2(a)) != -1 && c != '\n' )
|
||||||
@ -508,11 +508,11 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
case fhdrTESTSpaces: {
|
case fhdrTESTSpaces: {
|
||||||
/* but must check wether the rest of the line
|
/* but must check whether the rest of the line
|
||||||
* does only contain white spaces; this is problematic
|
* only contains white spaces; this is problematic
|
||||||
* since we may have to restore the stuffs. simply
|
* since we may have to restore the stuff. simply
|
||||||
* counting spaces is not enough, because it may be a
|
* counting spaces is not enough, because it may be a
|
||||||
* mix of different white space chacters */
|
* mix of different white space characters */
|
||||||
IOBUF b = iobuf_temp();
|
IOBUF b = iobuf_temp();
|
||||||
while( (c=iobuf_get2(a)) != -1 && c != '\n' ) {
|
while( (c=iobuf_get2(a)) != -1 && c != '\n' ) {
|
||||||
iobuf_put(b,c);
|
iobuf_put(b,c);
|
||||||
@ -589,7 +589,7 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/* figure out wether the data is armored or not */
|
/* figure out whether the data is armored or not */
|
||||||
static int
|
static int
|
||||||
check_input( armor_filter_context_t *afx, IOBUF a )
|
check_input( armor_filter_context_t *afx, IOBUF a )
|
||||||
{
|
{
|
||||||
@ -844,7 +844,7 @@ radix64_read( armor_filter_context_t *afx, IOBUF a, size_t *retn,
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* The filter is used to handle the armor stuff
|
* This filter is used to handle the armor stuff
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
armor_filter( void *opaque, int control,
|
armor_filter( void *opaque, int control,
|
||||||
@ -906,7 +906,7 @@ armor_filter( void *opaque, int control,
|
|||||||
* is easy to construct the packets */
|
* is easy to construct the packets */
|
||||||
|
|
||||||
/* first a onepass signature packet */
|
/* first a onepass signature packet */
|
||||||
buf[0] = 0x90; /* old packet forma, type 4, 1 length byte */
|
buf[0] = 0x90; /* old packet format, type 4, 1 length byte */
|
||||||
buf[1] = 13; /* length */
|
buf[1] = 13; /* length */
|
||||||
buf[2] = 3; /* version */
|
buf[2] = 3; /* version */
|
||||||
buf[3] = 0x01; /* sigclass 0x01 (data in canonical text mode)*/
|
buf[3] = 0x01; /* sigclass 0x01 (data in canonical text mode)*/
|
||||||
|
@ -542,7 +542,7 @@ write_header( IOBUF out, int ctb, u32 len )
|
|||||||
|
|
||||||
/****************
|
/****************
|
||||||
* if HDRLEN is > 0, try to build a header of this length.
|
* if HDRLEN is > 0, try to build a header of this length.
|
||||||
* we need this, so hat we can hash packets without reading them again.
|
* we need this, so that we can hash packets without reading them again.
|
||||||
*/
|
*/
|
||||||
static int
|
static int
|
||||||
write_header2( IOBUF out, int ctb, u32 len, int hdrlen, int blkmode )
|
write_header2( IOBUF out, int ctb, u32 len, int hdrlen, int blkmode )
|
||||||
|
@ -37,7 +37,7 @@
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* This filter is used to en/de-cipher data with a conventinal algorithm
|
* This filter is used to en/de-cipher data with a conventional algorithm
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
cipher_filter( void *opaque, int control,
|
cipher_filter( void *opaque, int control,
|
||||||
|
@ -102,7 +102,7 @@ init_uncompress( compress_filter_context_t *zfx, z_stream *zs )
|
|||||||
/****************
|
/****************
|
||||||
* PGP uses a windowsize of 13 bits. Using a negative value for
|
* PGP uses a windowsize of 13 bits. Using a negative value for
|
||||||
* it forces zlib not to expect a zlib header. This is a
|
* it forces zlib not to expect a zlib header. This is a
|
||||||
* undocumented feature, Peter Gutmann told me about.
|
* undocumented feature Peter Gutmann told me about.
|
||||||
*/
|
*/
|
||||||
if( (rc = zfx->pgpmode? inflateInit2( zs, -13)
|
if( (rc = zfx->pgpmode? inflateInit2( zs, -13)
|
||||||
: inflateInit( zs )) != Z_OK ) {
|
: inflateInit( zs )) != Z_OK ) {
|
||||||
|
@ -39,9 +39,9 @@
|
|||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Assume that the input is an encrypted message and decrypt
|
* Assume that the input is an encrypted message and decrypt
|
||||||
* (and if signed, verify the signature) it.
|
* (and if signed, verify the signature on) it.
|
||||||
* This command differs from the default operation, as it never
|
* This command differs from the default operation, as it never
|
||||||
* write to the filename which is included in the file and that it
|
* writes to the filename which is included in the file and it
|
||||||
* rejects files which don't begin with an encrypted message.
|
* rejects files which don't begin with an encrypted message.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
@ -42,7 +42,7 @@ static int write_pubkey_enc_from_list( PKC_LIST pkc_list, DEK *dek, IOBUF out );
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Encode FILENAME only with the symmetric cipher. Take input from
|
* Encode FILENAME with only the symmetric cipher. Take input from
|
||||||
* stdin if FILENAME is NULL.
|
* stdin if FILENAME is NULL.
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
@ -52,7 +52,7 @@ encode_symmetric( const char *filename )
|
|||||||
}
|
}
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Encode FILENAME as literal data packet only. Take input from
|
* Encode FILENAME as a literal data packet only. Take input from
|
||||||
* stdin if FILENAME is NULL.
|
* stdin if FILENAME is NULL.
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
|
@ -35,9 +35,9 @@
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Export the public keys (to standard out or --outout).
|
* Export the public keys (to standard out or --output).
|
||||||
* Depending on opt.armor the output is armored.
|
* Depending on opt.armor the output is armored.
|
||||||
* If USERS is NULL, the complete ring wil. be exported.
|
* If USERS is NULL, the complete ring will be exported.
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
export_pubkeys( STRLIST users )
|
export_pubkeys( STRLIST users )
|
||||||
@ -80,7 +80,7 @@ export_pubkeys( STRLIST users )
|
|||||||
all = 2;
|
all = 2;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* use the correct sequence. strlist_last,prev do work correct with
|
/* use the correct sequence. strlist_last,prev do work correctly with
|
||||||
* NULL pointers :-) */
|
* NULL pointers :-) */
|
||||||
for( sl=strlist_last(users); sl || all ; sl=strlist_prev( users, sl )) {
|
for( sl=strlist_last(users); sl || all ; sl=strlist_prev( users, sl )) {
|
||||||
if( all ) { /* get the next user */
|
if( all ) { /* get the next user */
|
||||||
|
@ -65,7 +65,7 @@ free_seckey_enc( PKT_signature *sig )
|
|||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Return the digest algorithm from the signature packet.
|
* Return the digest algorithm from the signature packet.
|
||||||
* We need this function because the digeste algo depends on the
|
* We need this function because the digest algo depends on the
|
||||||
* used pubkey algorithm.
|
* used pubkey algorithm.
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
@ -215,7 +215,7 @@ void
|
|||||||
free_compressed( PKT_compressed *zd )
|
free_compressed( PKT_compressed *zd )
|
||||||
{
|
{
|
||||||
if( zd->buf ) { /* have to skip some bytes */
|
if( zd->buf ) { /* have to skip some bytes */
|
||||||
/* don't have any informations about the length, so
|
/* don't have any information about the length, so
|
||||||
* we assume this is the last packet */
|
* we assume this is the last packet */
|
||||||
while( iobuf_get(zd->buf) != -1 )
|
while( iobuf_get(zd->buf) != -1 )
|
||||||
;
|
;
|
||||||
|
23
g10/g10.c
23
g10/g10.c
@ -116,8 +116,12 @@ static ARGPARSE_OPTS opts[] = {
|
|||||||
{ 536, "marginals-needed", 1, N_("(default is 3)")},
|
{ 536, "marginals-needed", 1, N_("(default is 3)")},
|
||||||
#ifdef IS_G10
|
#ifdef IS_G10
|
||||||
{ 527, "cipher-algo", 2 , N_("select default cipher algorithm")},
|
{ 527, "cipher-algo", 2 , N_("select default cipher algorithm")},
|
||||||
{ 528, "pubkey-algo", 2 , N_("select default puplic key algorithm")},
|
{ 528, "pubkey-algo", 2 , N_("select default public key algorithm")},
|
||||||
{ 529, "digest-algo", 2 , N_("select default message digest algorithm")},
|
{ 529, "digest-algo", 2 , N_("select default message digest algorithm")},
|
||||||
|
#else /* some dummies */
|
||||||
|
{ 527, "cipher-algo", 2 , "\r"},
|
||||||
|
{ 528, "pubkey-algo", 2 , "\r"},
|
||||||
|
{ 529, "digest-algo", 2 , "\r"},
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifdef IS_G10
|
#ifdef IS_G10
|
||||||
@ -412,7 +416,7 @@ main( int argc, char **argv )
|
|||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
/* check wether we have a config file on the commandline */
|
/* check whether we have a config file on the commandline */
|
||||||
orig_argc = argc;
|
orig_argc = argc;
|
||||||
orig_argv = argv;
|
orig_argv = argv;
|
||||||
pargs.argc = &argc;
|
pargs.argc = &argc;
|
||||||
@ -509,7 +513,12 @@ main( int argc, char **argv )
|
|||||||
case 540: secmem_set_flags( secmem_get_flags() | 1 ); break;
|
case 540: secmem_set_flags( secmem_get_flags() | 1 ); break;
|
||||||
case 542: set_cmd( &cmd, aGenRevoke); break;
|
case 542: set_cmd( &cmd, aGenRevoke); break;
|
||||||
case 550: set_cmd( &cmd, aVerify); break;
|
case 550: set_cmd( &cmd, aVerify); break;
|
||||||
#endif /* IS_G10 */
|
#else
|
||||||
|
case 527:
|
||||||
|
case 528:
|
||||||
|
case 529:
|
||||||
|
break;
|
||||||
|
#endif /* !IS_G10 */
|
||||||
|
|
||||||
#ifdef IS_G10MAINT
|
#ifdef IS_G10MAINT
|
||||||
case 513: set_cmd( &cmd, aPrimegen); break;
|
case 513: set_cmd( &cmd, aPrimegen); break;
|
||||||
@ -632,9 +641,9 @@ main( int argc, char **argv )
|
|||||||
else {
|
else {
|
||||||
fname = NULL;
|
fname = NULL;
|
||||||
if( get_passphrase_fd() == 0 ) {
|
if( get_passphrase_fd() == 0 ) {
|
||||||
/* reading data and passphrase form stdin:
|
/* reading data and passphrase from stdin:
|
||||||
* we assume the first line is the passphrase, so
|
* we assume the first line is the passphrase, so
|
||||||
* we better should read it now.
|
* we should read it now.
|
||||||
*
|
*
|
||||||
* We should do it here, but for now it is not needed.
|
* We should do it here, but for now it is not needed.
|
||||||
* Anyway, this password scheme is not quite good
|
* Anyway, this password scheme is not quite good
|
||||||
@ -804,7 +813,7 @@ main( int argc, char **argv )
|
|||||||
#ifdef IS_G10
|
#ifdef IS_G10
|
||||||
case aKeygen: /* generate a key (interactive) */
|
case aKeygen: /* generate a key (interactive) */
|
||||||
if( argc )
|
if( argc )
|
||||||
wrong_args(_("--gen-key"));
|
wrong_args("--gen-key");
|
||||||
generate_keypair();
|
generate_keypair();
|
||||||
break;
|
break;
|
||||||
#endif
|
#endif
|
||||||
@ -932,7 +941,7 @@ main( int argc, char **argv )
|
|||||||
case aListPackets:
|
case aListPackets:
|
||||||
opt.list_packets=1;
|
opt.list_packets=1;
|
||||||
default:
|
default:
|
||||||
/* fixme: g10maint should to regular maintenace tasks here */
|
/* fixme: g10maint should do regular maintenace tasks here */
|
||||||
if( argc > 1 )
|
if( argc > 1 )
|
||||||
wrong_args(_("[filename]"));
|
wrong_args(_("[filename]"));
|
||||||
if( !(a = iobuf_open(fname)) )
|
if( !(a = iobuf_open(fname)) )
|
||||||
|
@ -148,7 +148,7 @@ add_secret_keyring( const char *name )
|
|||||||
sl->next = secret_keyrings;
|
sl->next = secret_keyrings;
|
||||||
secret_keyrings = sl;
|
secret_keyrings = sl;
|
||||||
|
|
||||||
/* fixme: We should remove much out of this mpdule and
|
/* fixme: We should remove much out of this module and
|
||||||
* combine it with the keyblock stuff from ringedit.c
|
* combine it with the keyblock stuff from ringedit.c
|
||||||
* For now we will simple add the filename as keyblock resource
|
* For now we will simple add the filename as keyblock resource
|
||||||
*/
|
*/
|
||||||
@ -239,7 +239,7 @@ get_pubkey( PKT_public_cert *pkc, u32 *keyid )
|
|||||||
int rc = 0;
|
int rc = 0;
|
||||||
pkc_cache_entry_t ce;
|
pkc_cache_entry_t ce;
|
||||||
|
|
||||||
/* lets see wether we checked the keyid already */
|
/* let's see whether we checked the keyid already */
|
||||||
for( kl = unknown_keyids; kl; kl = kl->next )
|
for( kl = unknown_keyids; kl; kl = kl->next )
|
||||||
if( kl->keyid[0] == keyid[0] && kl->keyid[1] == keyid[1] )
|
if( kl->keyid[0] == keyid[0] && kl->keyid[1] == keyid[1] )
|
||||||
return G10ERR_NO_PUBKEY; /* already checked and not found */
|
return G10ERR_NO_PUBKEY; /* already checked and not found */
|
||||||
@ -307,7 +307,7 @@ hextobyte( const byte *s )
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Try to get the pubkey by the userid. This functions looks for the
|
* Try to get the pubkey by the userid. This function looks for the
|
||||||
* first pubkey certificate which has the given name in a user_id.
|
* first pubkey certificate which has the given name in a user_id.
|
||||||
* if pkc has the pubkey algo set, the function will only return
|
* if pkc has the pubkey algo set, the function will only return
|
||||||
* a pubkey with that algo.
|
* a pubkey with that algo.
|
||||||
@ -499,7 +499,7 @@ get_seckey( PKT_secret_cert *skc, u32 *keyid )
|
|||||||
}
|
}
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Check wether the secret key is available
|
* Check whether the secret key is available
|
||||||
* Returns: 0 := key is available
|
* Returns: 0 := key is available
|
||||||
* G10ERR_NO_SECKEY := not availabe
|
* G10ERR_NO_SECKEY := not availabe
|
||||||
*/
|
*/
|
||||||
|
@ -153,7 +153,7 @@ main( int argc, char **argv )
|
|||||||
opt.compress = -1; /* defaults to standard compress level */
|
opt.compress = -1; /* defaults to standard compress level */
|
||||||
opt.batch = 1;
|
opt.batch = 1;
|
||||||
|
|
||||||
/* check wether we have a config file on the commandline */
|
/* check whether we have a config file on the commandline */
|
||||||
orig_argc = argc;
|
orig_argc = argc;
|
||||||
orig_argv = argv;
|
orig_argv = argv;
|
||||||
pargs.argc = &argc;
|
pargs.argc = &argc;
|
||||||
@ -290,7 +290,7 @@ become_daemon()
|
|||||||
log_fatal("chdir to root failed: %s\n", strerror(errno) );
|
log_fatal("chdir to root failed: %s\n", strerror(errno) );
|
||||||
umask(0);
|
umask(0);
|
||||||
|
|
||||||
/* do not let possible childs become zombies */
|
/* do not let possible children become zombies */
|
||||||
signal(SIGCHLD, SIG_IGN);
|
signal(SIGCHLD, SIG_IGN);
|
||||||
if( opt.verbose )
|
if( opt.verbose )
|
||||||
log_info("now running as daemon\n");
|
log_info("now running as daemon\n");
|
||||||
|
44
g10/import.c
44
g10/import.c
@ -52,9 +52,9 @@ static int merge_sigs( KBNODE dst, KBNODE src, int *n_sigs,
|
|||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Import the public keys from the given filename. Input may be armored.
|
* Import the public keys from the given filename. Input may be armored.
|
||||||
* This function rejects alls keys which are not valid self signed on at
|
* This function rejects all keys which are not validly self signed on at
|
||||||
* least one userid. Only user ids which are self signed will be imported.
|
* least one userid. Only user ids which are self signed will be imported.
|
||||||
* Other signatures are not not checked.
|
* Other signatures are not checked.
|
||||||
*
|
*
|
||||||
* Actually this functtion does a merge. It works like this:
|
* Actually this functtion does a merge. It works like this:
|
||||||
*
|
*
|
||||||
@ -62,23 +62,23 @@ static int merge_sigs( KBNODE dst, KBNODE src, int *n_sigs,
|
|||||||
* - check self-signatures and remove all userids and their signatures
|
* - check self-signatures and remove all userids and their signatures
|
||||||
* without/invalid self-signatures.
|
* without/invalid self-signatures.
|
||||||
* - reject the keyblock, if we have no valid userid.
|
* - reject the keyblock, if we have no valid userid.
|
||||||
* - See wether we have this key already in one of our pubrings.
|
* - See whether we have this key already in one of our pubrings.
|
||||||
* If not, simply add it to the default keyring.
|
* If not, simply add it to the default keyring.
|
||||||
* - Compare the key and the self-signatures of the new and the one in
|
* - Compare the key and the self-signatures of the new and the one in
|
||||||
* our keyring. If they are differen something weird is going on;
|
* our keyring. If they are different something weird is going on;
|
||||||
* ask what to do.
|
* ask what to do.
|
||||||
* - See wether we have only non-self-signature on one user id; if not
|
* - See whether we have only non-self-signature on one user id; if not
|
||||||
* ask the user what to do.
|
* ask the user what to do.
|
||||||
* - compare the signatures: If we already have this signature, check
|
* - compare the signatures: If we already have this signature, check
|
||||||
* that they compare okay; if not, issue a warning and ask the user.
|
* that they compare okay; if not, issue a warning and ask the user.
|
||||||
* (consider to look at the timestamp and use the newest?)
|
* (consider looking at the timestamp and use the newest?)
|
||||||
* - Simply add the signature. Can't verify here because we may not have
|
* - Simply add the signature. Can't verify here because we may not have
|
||||||
* the signatures public key yet; verification is done when putting it
|
* the signature's public key yet; verification is done when putting it
|
||||||
* into the trustdb, which is done automagically as soon as this pubkey
|
* into the trustdb, which is done automagically as soon as this pubkey
|
||||||
* is used.
|
* is used.
|
||||||
* - Proceed with next signature.
|
* - Proceed with next signature.
|
||||||
*
|
*
|
||||||
* Key revocation certificates have a special handling.
|
* Key revocation certificates have special handling.
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
@ -241,7 +241,7 @@ import_one( const char *fname, KBNODE keyblock )
|
|||||||
u32 keyid[2];
|
u32 keyid[2];
|
||||||
int rc = 0;
|
int rc = 0;
|
||||||
|
|
||||||
/* get the key and print some infos about it */
|
/* get the key and print some info about it */
|
||||||
node = find_kbnode( keyblock, PKT_PUBLIC_CERT );
|
node = find_kbnode( keyblock, PKT_PUBLIC_CERT );
|
||||||
if( !node ) {
|
if( !node ) {
|
||||||
log_error("%s: Oops; public key not found anymore!\n", fname);
|
log_error("%s: Oops; public key not found anymore!\n", fname);
|
||||||
@ -316,7 +316,7 @@ import_one( const char *fname, KBNODE keyblock )
|
|||||||
goto leave;
|
goto leave;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* See wether we have only non-self-signature on one user id; if not
|
/* See whether we have only non-self-signature on one user id; if not
|
||||||
* ask the user what to do. <--- fixme */
|
* ask the user what to do. <--- fixme */
|
||||||
|
|
||||||
/* now read the original keyblock */
|
/* now read the original keyblock */
|
||||||
@ -377,7 +377,7 @@ import_one( const char *fname, KBNODE keyblock )
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Import a revocation certificate, this is a single signature packet.
|
* Import a revocation certificate; this is a single signature packet.
|
||||||
*/
|
*/
|
||||||
static int
|
static int
|
||||||
import_revoke_cert( const char *fname, KBNODE node )
|
import_revoke_cert( const char *fname, KBNODE node )
|
||||||
@ -436,7 +436,7 @@ import_revoke_cert( const char *fname, KBNODE node )
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/* check wether we already have this */
|
/* check whether we already have this */
|
||||||
for(onode=keyblock->next; onode; onode=onode->next ) {
|
for(onode=keyblock->next; onode; onode=onode->next ) {
|
||||||
if( onode->pkt->pkttype == PKT_USER_ID )
|
if( onode->pkt->pkttype == PKT_USER_ID )
|
||||||
break;
|
break;
|
||||||
@ -476,7 +476,7 @@ import_revoke_cert( const char *fname, KBNODE node )
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* loop over the keyblock an check all self signatures.
|
* loop over the keyblock and check all self signatures.
|
||||||
* Mark all user-ids with a self-signature by setting flag bit 0.
|
* Mark all user-ids with a self-signature by setting flag bit 0.
|
||||||
* Mark all user-ids with an invalid self-signature by setting bit 1.
|
* Mark all user-ids with an invalid self-signature by setting bit 1.
|
||||||
*/
|
*/
|
||||||
@ -515,8 +515,8 @@ chk_self_sigs( const char *fname, KBNODE keyblock,
|
|||||||
}
|
}
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* delete all parts which are invalidand those signatures whos
|
* delete all parts which are invalid and those signatures whose
|
||||||
* public key algorithm is not availabe in this implemenation;
|
* public key algorithm is not available in this implemenation;
|
||||||
* but consider RSA as valid, because parse/build_packets knows
|
* but consider RSA as valid, because parse/build_packets knows
|
||||||
* about it.
|
* about it.
|
||||||
* returns: true if at least one valid user-id is left over.
|
* returns: true if at least one valid user-id is left over.
|
||||||
@ -583,10 +583,10 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid )
|
|||||||
*
|
*
|
||||||
* o compare the signatures: If we already have this signature, check
|
* o compare the signatures: If we already have this signature, check
|
||||||
* that they compare okay; if not, issue a warning and ask the user.
|
* that they compare okay; if not, issue a warning and ask the user.
|
||||||
* FIXME: add the check, that we don't have duplicate signatures and the
|
* FIXME: add the check that we don't have duplicate signatures and the
|
||||||
* warning in cases that the old/new signatures don't match.
|
* warning in cases where the old/new signatures don't match.
|
||||||
* o Simply add the signature. Can't verify here because we may not have
|
* o Simply add the signature. Can't verify here because we may not have
|
||||||
* the signatures public key yet; verification is done when putting it
|
* the signature's public key yet; verification is done when putting it
|
||||||
* into the trustdb, which is done automagically as soon as this pubkey
|
* into the trustdb, which is done automagically as soon as this pubkey
|
||||||
* is used.
|
* is used.
|
||||||
* Note: We indicate newly inserted packets with flag bit 0
|
* Note: We indicate newly inserted packets with flag bit 0
|
||||||
@ -604,7 +604,7 @@ merge_blocks( const char *fname, KBNODE keyblock_orig, KBNODE keyblock,
|
|||||||
break;
|
break;
|
||||||
else if( node->pkt->pkttype == PKT_SIGNATURE
|
else if( node->pkt->pkttype == PKT_SIGNATURE
|
||||||
&& node->pkt->pkt.signature->sig_class == 0x20 ) {
|
&& node->pkt->pkt.signature->sig_class == 0x20 ) {
|
||||||
/* check wether we already have this */
|
/* check whether we already have this */
|
||||||
found = 0;
|
found = 0;
|
||||||
for(onode=keyblock_orig->next; onode; onode=onode->next ) {
|
for(onode=keyblock_orig->next; onode; onode=onode->next ) {
|
||||||
if( onode->pkt->pkttype == PKT_USER_ID )
|
if( onode->pkt->pkttype == PKT_USER_ID )
|
||||||
@ -742,9 +742,9 @@ merge_sigs( KBNODE dst, KBNODE src, int *n_sigs,
|
|||||||
|
|
||||||
if( found ) { /* we already have this signature */
|
if( found ) { /* we already have this signature */
|
||||||
/* Hmmm: should we compare the timestamp etc?
|
/* Hmmm: should we compare the timestamp etc?
|
||||||
* but then we have first to see wether this signature is valid
|
* but then we have first to see whether this signature is valid
|
||||||
* - or - simply add it in such a case and let trustdb logic
|
* - or simply add it in such a case and let trustdb logic
|
||||||
* decide wether to remove the old one
|
* decide whether to remove the old one
|
||||||
*/
|
*/
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
12
g10/kbnode.c
12
g10/kbnode.c
@ -70,8 +70,8 @@ release_kbnode( KBNODE n )
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Delete NODE from ROOT, ROOT must exist!
|
* Delete NODE from ROOT. ROOT must exist!
|
||||||
* Note: This does only work with walk_kbnode!!
|
* Note: This only works with walk_kbnode!!
|
||||||
*/
|
*/
|
||||||
void
|
void
|
||||||
delete_kbnode( KBNODE node )
|
delete_kbnode( KBNODE node )
|
||||||
@ -81,7 +81,7 @@ delete_kbnode( KBNODE node )
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Append NODE to ROOT, ROOT must exist!
|
* Append NODE to ROOT. ROOT must exist!
|
||||||
*/
|
*/
|
||||||
void
|
void
|
||||||
add_kbnode( KBNODE root, KBNODE node )
|
add_kbnode( KBNODE root, KBNODE node )
|
||||||
@ -178,7 +178,7 @@ find_kbnode( KBNODE node, int pkttype )
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Walk through a list of kbnodes. This functions returns
|
* Walk through a list of kbnodes. This function returns
|
||||||
* the next kbnode for each call; before using the function the first
|
* the next kbnode for each call; before using the function the first
|
||||||
* time, the caller must set CONTEXT to NULL (This has simply the effect
|
* time, the caller must set CONTEXT to NULL (This has simply the effect
|
||||||
* to start with ROOT).
|
* to start with ROOT).
|
||||||
@ -213,9 +213,9 @@ clear_kbnode_flags( KBNODE n )
|
|||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Commit changes made to the kblist at ROOT. Note that ROOT my change,
|
* Commit changes made to the kblist at ROOT. Note that ROOT my change,
|
||||||
* and it is therefor passed by reference.
|
* and it is therefore passed by reference.
|
||||||
* The function has the effect of removing all nodes marked as deleted.
|
* The function has the effect of removing all nodes marked as deleted.
|
||||||
* returns true, if any node has been changed
|
* returns true if any node has been changed
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
commit_kbnode( KBNODE *root )
|
commit_kbnode( KBNODE *root )
|
||||||
|
@ -28,7 +28,7 @@
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* A Keyblock are all packets which form an entire certificate;
|
* A Keyblock is all packets which form an entire certificate;
|
||||||
* i.e. the public key, certificate, trust packets, user ids,
|
* i.e. the public key, certificate, trust packets, user ids,
|
||||||
* signatures, and subkey.
|
* signatures, and subkey.
|
||||||
*
|
*
|
||||||
@ -44,7 +44,7 @@ struct kbnode_struct {
|
|||||||
};
|
};
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* A data structre to hold informations about the external position
|
* A data structre to hold information about the external position
|
||||||
* of a keyblock.
|
* of a keyblock.
|
||||||
*/
|
*/
|
||||||
struct keyblock_pos_struct {
|
struct keyblock_pos_struct {
|
||||||
@ -73,7 +73,7 @@ struct skc_list {
|
|||||||
int mark;
|
int mark;
|
||||||
};
|
};
|
||||||
|
|
||||||
/* structure to collect all informations which can be used to
|
/* structure to collect all information which can be used to
|
||||||
* identify a public key */
|
* identify a public key */
|
||||||
typedef struct pubkey_find_info *PUBKEY_FIND_INFO;
|
typedef struct pubkey_find_info *PUBKEY_FIND_INFO;
|
||||||
struct pubkey_find_info {
|
struct pubkey_find_info {
|
||||||
|
14
g10/keygen.c
14
g10/keygen.c
@ -147,8 +147,8 @@ gen_elg(unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
|
|||||||
pkt->pkt.public_cert = pkc;
|
pkt->pkt.public_cert = pkc;
|
||||||
add_kbnode(pub_root, new_kbnode( pkt ));
|
add_kbnode(pub_root, new_kbnode( pkt ));
|
||||||
|
|
||||||
/* don't know wether it make sense to have the factors, so for now
|
/* don't know whether it makes sense to have the factors, so for now
|
||||||
* we store them in the secret keyring (but they are of secret) */
|
* we store them in the secret keyring (but they are secret) */
|
||||||
pkt = m_alloc_clear(sizeof *pkt);
|
pkt = m_alloc_clear(sizeof *pkt);
|
||||||
pkt->pkttype = PKT_SECRET_CERT;
|
pkt->pkttype = PKT_SECRET_CERT;
|
||||||
pkt->pkt.secret_cert = skc;
|
pkt->pkt.secret_cert = skc;
|
||||||
@ -338,7 +338,7 @@ generate_keypair()
|
|||||||
nbits = *answer? atoi(answer): 1024;
|
nbits = *answer? atoi(answer): 1024;
|
||||||
m_free(answer);
|
m_free(answer);
|
||||||
if( algo == PUBKEY_ALGO_DSA && (nbits < 512 || nbits > 1024) )
|
if( algo == PUBKEY_ALGO_DSA && (nbits < 512 || nbits > 1024) )
|
||||||
tty_printf(_("DSA does only allow keysizes from 512 to 1024\n"));
|
tty_printf(_("DSA only allows keysizes from 512 to 1024\n"));
|
||||||
else if( nbits < 768 )
|
else if( nbits < 768 )
|
||||||
tty_printf(_("keysize too small; 768 is smallest value allowed.\n"));
|
tty_printf(_("keysize too small; 768 is smallest value allowed.\n"));
|
||||||
else if( nbits > 2048 ) {
|
else if( nbits > 2048 ) {
|
||||||
@ -495,7 +495,7 @@ generate_keypair()
|
|||||||
|
|
||||||
|
|
||||||
tty_printf(_("You selected this USER-ID:\n \"%s\"\n\n"), uid);
|
tty_printf(_("You selected this USER-ID:\n \"%s\"\n\n"), uid);
|
||||||
/* fixme: add a warning if this the user-id already exists */
|
/* fixme: add a warning if this user-id already exists */
|
||||||
for(;;) {
|
for(;;) {
|
||||||
answer = tty_get(_("Edit (N)ame, (C)omment, (E)mail or (O)kay? "));
|
answer = tty_get(_("Edit (N)ame, (C)omment, (E)mail or (O)kay? "));
|
||||||
tty_kill_prompt();
|
tty_kill_prompt();
|
||||||
@ -539,8 +539,8 @@ generate_keypair()
|
|||||||
if( rc == -1 ) {
|
if( rc == -1 ) {
|
||||||
m_free(dek); dek = NULL;
|
m_free(dek); dek = NULL;
|
||||||
tty_printf(_(
|
tty_printf(_(
|
||||||
"You don't what a passphrase - this is probably a *bad* idea!\n"
|
"You don't want a passphrase - this is probably a *bad* idea!\n"
|
||||||
"I will do it anyway. You can change your passphrase at anytime,\n"
|
"I will do it anyway. You can change your passphrase at any time,\n"
|
||||||
"using this program with the option \"--change-passphrase\"\n\n"));
|
"using this program with the option \"--change-passphrase\"\n\n"));
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@ -558,7 +558,7 @@ generate_keypair()
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/* now check wether we a are allowed to write to the keyrings */
|
/* now check whether we are allowed to write to the keyrings */
|
||||||
pub_fname = make_filename(opt.homedir, "pubring.gpg", NULL );
|
pub_fname = make_filename(opt.homedir, "pubring.gpg", NULL );
|
||||||
sec_fname = make_filename(opt.homedir, "secring.gpg", NULL );
|
sec_fname = make_filename(opt.homedir, "secring.gpg", NULL );
|
||||||
if( opt.verbose ) {
|
if( opt.verbose ) {
|
||||||
|
@ -47,7 +47,7 @@ typedef struct {
|
|||||||
PKT_user_id *last_user_id;
|
PKT_user_id *last_user_id;
|
||||||
md_filter_context_t mfx;
|
md_filter_context_t mfx;
|
||||||
int sigs_only; /* process only signatures and reject all other stuff */
|
int sigs_only; /* process only signatures and reject all other stuff */
|
||||||
int encrypt_only; /* process onyl encrytion messages */
|
int encrypt_only; /* process only encrytion messages */
|
||||||
STRLIST signed_data;
|
STRLIST signed_data;
|
||||||
DEK *dek;
|
DEK *dek;
|
||||||
int last_was_pubkey_enc;
|
int last_was_pubkey_enc;
|
||||||
@ -123,12 +123,12 @@ add_signature( CTX c, PACKET *pkt )
|
|||||||
KBNODE node;
|
KBNODE node;
|
||||||
|
|
||||||
if( pkt->pkttype == PKT_SIGNATURE && !c->list ) {
|
if( pkt->pkttype == PKT_SIGNATURE && !c->list ) {
|
||||||
/* This is the first signature for a following datafile.
|
/* This is the first signature for the following datafile.
|
||||||
* G10 does not write such packets, instead it always uses
|
* G10 does not write such packets; instead it always uses
|
||||||
* onepass-sig packets. The drawback of PGP's method
|
* onepass-sig packets. The drawback of PGP's method
|
||||||
* of prepending the signtaure to the data is,
|
* of prepending the signature to the data is
|
||||||
* that it is not possible to make a signature from data read
|
* that it is not possible to make a signature from data read
|
||||||
* from stdin. (Anyway, G10 is able to read these stuff) */
|
* from stdin. (G10 is able to read PGP stuff anyway.) */
|
||||||
node = new_kbnode( pkt );
|
node = new_kbnode( pkt );
|
||||||
c->list = node;
|
c->list = node;
|
||||||
return 1;
|
return 1;
|
||||||
@ -222,7 +222,7 @@ proc_plaintext( CTX c, PACKET *pkt )
|
|||||||
free_md_filter_context( &c->mfx );
|
free_md_filter_context( &c->mfx );
|
||||||
/* fixme: take the digest algo(s) to use from the
|
/* fixme: take the digest algo(s) to use from the
|
||||||
* onepass_sig packet (if we have these)
|
* onepass_sig packet (if we have these)
|
||||||
* And look at the sigclass to check wether we should use the
|
* And look at the sigclass to check whether we should use the
|
||||||
* textmode filter (sigclass 0x01)
|
* textmode filter (sigclass 0x01)
|
||||||
*/
|
*/
|
||||||
c->mfx.md = md_open( DIGEST_ALGO_RMD160, 0);
|
c->mfx.md = md_open( DIGEST_ALGO_RMD160, 0);
|
||||||
|
@ -34,7 +34,7 @@
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* The filter is used to collect a message digest
|
* This filter is used to collect a message digest
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
md_filter( void *opaque, int control,
|
md_filter( void *opaque, int control,
|
||||||
|
@ -33,7 +33,7 @@
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Check wether FNAME exists and ask if it's okay to overwrite an
|
* Check whether FNAME exists and ask if it's okay to overwrite an
|
||||||
* existing one.
|
* existing one.
|
||||||
* Returns: -1 : Do not overwrite
|
* Returns: -1 : Do not overwrite
|
||||||
* 0 : it's okay to overwrite or the file does not exist
|
* 0 : it's okay to overwrite or the file does not exist
|
||||||
|
@ -124,12 +124,12 @@ typedef struct {
|
|||||||
byte hdrbytes; /* number of header bytes */
|
byte hdrbytes; /* number of header bytes */
|
||||||
byte version;
|
byte version;
|
||||||
byte pubkey_algo; /* algorithm used for public key scheme */
|
byte pubkey_algo; /* algorithm used for public key scheme */
|
||||||
byte is_protected; /* The secret infos are protected and must */
|
byte is_protected; /* The secret info is protected and must */
|
||||||
/* be decrypteded before use, the protected */
|
/* be decrypted before use, the protected */
|
||||||
/* MPIs are simply (void*) pointers to memory */
|
/* MPIs are simply (void*) pointers to memory */
|
||||||
/* and should never be passed to a mpi_xxx() */
|
/* and should never be passed to a mpi_xxx() */
|
||||||
struct {
|
struct {
|
||||||
byte algo; /* cipher used to protect the secret informations*/
|
byte algo; /* cipher used to protect the secret information*/
|
||||||
byte s2k;
|
byte s2k;
|
||||||
byte hash;
|
byte hash;
|
||||||
byte salt[8];
|
byte salt[8];
|
||||||
|
@ -33,8 +33,8 @@
|
|||||||
#include "filter.h"
|
#include "filter.h"
|
||||||
#include "options.h"
|
#include "options.h"
|
||||||
|
|
||||||
static mpi_print_mode = 0;
|
static int mpi_print_mode = 0;
|
||||||
static list_mode = 0;
|
static int list_mode = 0;
|
||||||
|
|
||||||
static int parse( IOBUF inp, PACKET *pkt, int reqtype,
|
static int parse( IOBUF inp, PACKET *pkt, int reqtype,
|
||||||
ulong *retpos, int *skip, IOBUF out, int do_skip );
|
ulong *retpos, int *skip, IOBUF out, int do_skip );
|
||||||
@ -122,7 +122,7 @@ parse_packet( IOBUF inp, PACKET *pkt )
|
|||||||
}
|
}
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Like parse packet, but do only return packets of the given type.
|
* Like parse packet, but only return packets of the given type.
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
search_packet( IOBUF inp, PACKET *pkt, int pkttype, ulong *retpos )
|
search_packet( IOBUF inp, PACKET *pkt, int pkttype, ulong *retpos )
|
||||||
@ -151,7 +151,7 @@ copy_all_packets( IOBUF inp, IOBUF out )
|
|||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Copy some packets from INP to OUT, thereby removing unused spaces.
|
* Copy some packets from INP to OUT, thereby removing unused spaces.
|
||||||
* Stop after at offset STOPoff (i.e. don't copy the packet at this offset)
|
* Stop at offset STOPoff (i.e. don't copy packets at this or later offsets)
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
copy_some_packets( IOBUF inp, IOBUF out, ulong stopoff )
|
copy_some_packets( IOBUF inp, IOBUF out, ulong stopoff )
|
||||||
@ -629,7 +629,7 @@ parse_signature( IOBUF inp, int pkttype, unsigned long pktlen,
|
|||||||
sig->digest_start[0] = iobuf_get_noeof(inp); pktlen--;
|
sig->digest_start[0] = iobuf_get_noeof(inp); pktlen--;
|
||||||
sig->digest_start[1] = iobuf_get_noeof(inp); pktlen--;
|
sig->digest_start[1] = iobuf_get_noeof(inp); pktlen--;
|
||||||
|
|
||||||
if( is_v4 ) { /*extract required informations */
|
if( is_v4 ) { /*extract required information */
|
||||||
const byte *p;
|
const byte *p;
|
||||||
p = parse_subpkt( sig->hashed_data, 2 );
|
p = parse_subpkt( sig->hashed_data, 2 );
|
||||||
if( !p )
|
if( !p )
|
||||||
@ -926,7 +926,7 @@ parse_certificate( IOBUF inp, int pkttype, unsigned long pktlen,
|
|||||||
/* It does not make sense to read it into secure memory.
|
/* It does not make sense to read it into secure memory.
|
||||||
* If the user is so careless, not to protect his secret key,
|
* If the user is so careless, not to protect his secret key,
|
||||||
* we can assume, that he operates an open system :=(.
|
* we can assume, that he operates an open system :=(.
|
||||||
* So we put the key into secure memory when we unprotect him. */
|
* So we put the key into secure memory when we unprotect it. */
|
||||||
n = pktlen; cert->d.elg.x = mpi_read(inp, &n, 0 ); pktlen -=n;
|
n = pktlen; cert->d.elg.x = mpi_read(inp, &n, 0 ); pktlen -=n;
|
||||||
|
|
||||||
cert->csum = read_16(inp); pktlen -= 2;
|
cert->csum = read_16(inp); pktlen -= 2;
|
||||||
@ -1056,7 +1056,7 @@ parse_certificate( IOBUF inp, int pkttype, unsigned long pktlen,
|
|||||||
/* It does not make sense to read it into secure memory.
|
/* It does not make sense to read it into secure memory.
|
||||||
* If the user is so careless, not to protect his secret key,
|
* If the user is so careless, not to protect his secret key,
|
||||||
* we can assume, that he operates an open system :=(.
|
* we can assume, that he operates an open system :=(.
|
||||||
* So we put the key into secure memory when we unprotect him. */
|
* So we put the key into secure memory when we unprotect it. */
|
||||||
n = pktlen; cert->d.dsa.x = mpi_read(inp, &n, 0 ); pktlen -=n;
|
n = pktlen; cert->d.dsa.x = mpi_read(inp, &n, 0 ); pktlen -=n;
|
||||||
|
|
||||||
cert->csum = read_16(inp); pktlen -= 2;
|
cert->csum = read_16(inp); pktlen -= 2;
|
||||||
@ -1288,11 +1288,12 @@ parse_encrypted( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *pkt )
|
|||||||
skip_rest(inp, pktlen);
|
skip_rest(inp, pktlen);
|
||||||
goto leave;
|
goto leave;
|
||||||
}
|
}
|
||||||
if( list_mode )
|
if( list_mode ) {
|
||||||
if( pktlen )
|
if( pktlen )
|
||||||
printf(":encrypted data packet:\n\tlength: %lu\n", pktlen-10);
|
printf(":encrypted data packet:\n\tlength: %lu\n", pktlen-10);
|
||||||
else
|
else
|
||||||
printf(":encrypted data packet:\n\tlength: unknown\n");
|
printf(":encrypted data packet:\n\tlength: unknown\n");
|
||||||
|
}
|
||||||
|
|
||||||
ed->buf = inp;
|
ed->buf = inp;
|
||||||
pktlen = 0;
|
pktlen = 0;
|
||||||
|
@ -36,7 +36,7 @@
|
|||||||
#include "i18n.h"
|
#include "i18n.h"
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Returns true if a ownertrust has changed.
|
* Returns true if an ownertrust has changed.
|
||||||
*/
|
*/
|
||||||
static int
|
static int
|
||||||
query_ownertrust( ulong lid )
|
query_ownertrust( ulong lid )
|
||||||
@ -70,14 +70,14 @@ query_ownertrust( ulong lid )
|
|||||||
tty_print_string( p, n ),
|
tty_print_string( p, n ),
|
||||||
m_free(p);
|
m_free(p);
|
||||||
tty_printf(_("\"\n\n"
|
tty_printf(_("\"\n\n"
|
||||||
"Please decide in how far do you trust this user to\n"
|
"Please decide how far you trust this user to correctly\n"
|
||||||
"correctly sign other users keys (looking at his passport,\n"
|
"verify other users' keys (by looking at passports,\n"
|
||||||
"checking the fingerprints from different sources ...)?\n\n"
|
"checking fingerprints from different sources...)?\n\n"
|
||||||
" 1 = Don't know\n"
|
" 1 = Don't know\n"
|
||||||
" 2 = I do NOT trust\n"
|
" 2 = I do NOT trust\n"
|
||||||
" 3 = I trust marginally\n"
|
" 3 = I trust marginally\n"
|
||||||
" 4 = I trust fully\n"
|
" 4 = I trust fully\n"
|
||||||
" s = please show me more informations\n\n") );
|
" s = please show me more information\n\n") );
|
||||||
|
|
||||||
for(;;) {
|
for(;;) {
|
||||||
p = tty_get(_("Your decision? "));
|
p = tty_get(_("Your decision? "));
|
||||||
@ -129,7 +129,7 @@ add_ownertrust( PKT_public_cert *pkc )
|
|||||||
int any=0;
|
int any=0;
|
||||||
|
|
||||||
tty_printf(
|
tty_printf(
|
||||||
_("Could not find a valid trust path to the key. Lets see, wether we\n"
|
_("Could not find a valid trust path to the key. Let's see whether we\n"
|
||||||
"can assign some missing owner trust values.\n\n"));
|
"can assign some missing owner trust values.\n\n"));
|
||||||
|
|
||||||
rc = query_trust_record( pkc );
|
rc = query_trust_record( pkc );
|
||||||
@ -160,7 +160,7 @@ _("Could not find a valid trust path to the key. Lets see, wether we\n"
|
|||||||
}
|
}
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Check wether we can trust this pkc which has a trustlevel of TRUSTLEVEL
|
* Check whether we can trust this pkc which has a trustlevel of TRUSTLEVEL
|
||||||
* Returns: true if we trust.
|
* Returns: true if we trust.
|
||||||
*/
|
*/
|
||||||
static int
|
static int
|
||||||
@ -215,7 +215,7 @@ do_we_trust( PKT_public_cert *pkc, int trustlevel )
|
|||||||
if( rc )
|
if( rc )
|
||||||
log_fatal("trust check after add_ownertrust failed: %s\n",
|
log_fatal("trust check after add_ownertrust failed: %s\n",
|
||||||
g10_errstr(rc) );
|
g10_errstr(rc) );
|
||||||
/* fixme: this is recursive; we better should unroll it */
|
/* fixme: this is recursive; we should unroll it */
|
||||||
return do_we_trust( pkc, trustlevel );
|
return do_we_trust( pkc, trustlevel );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -226,7 +226,7 @@ do_we_trust( PKT_public_cert *pkc, int trustlevel )
|
|||||||
return 0; /* no */
|
return 0; /* no */
|
||||||
|
|
||||||
case TRUST_MARGINAL:
|
case TRUST_MARGINAL:
|
||||||
log_info("I'm not sure wether this keys really belongs to the owner\n"
|
log_info("I'm not sure whether this key really belongs to the owner\n"
|
||||||
"but I proceed anyway\n");
|
"but I proceed anyway\n");
|
||||||
return 1; /* yes */
|
return 1; /* yes */
|
||||||
|
|
||||||
@ -252,7 +252,7 @@ do_we_trust( PKT_public_cert *pkc, int trustlevel )
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* wrapper arounf do_we_trust, so we can ask wether to use the
|
* wrapper around do_we_trust, so we can ask whether to use the
|
||||||
* key anyway.
|
* key anyway.
|
||||||
*/
|
*/
|
||||||
static int
|
static int
|
||||||
@ -264,7 +264,7 @@ do_we_trust_pre( PKT_public_cert *pkc, int trustlevel )
|
|||||||
char *answer;
|
char *answer;
|
||||||
|
|
||||||
tty_printf(_(
|
tty_printf(_(
|
||||||
"It is NOT certain, that the key belongs to his owner.\n"
|
"It is NOT certain that the key belongs to its owner.\n"
|
||||||
"If you *really* know what you are doing, you may answer\n"
|
"If you *really* know what you are doing, you may answer\n"
|
||||||
"the next question with yes\n\n") );
|
"the next question with yes\n\n") );
|
||||||
|
|
||||||
|
@ -176,11 +176,11 @@ gen_revoke( const char *uname )
|
|||||||
|
|
||||||
/* and issue a usage notice */
|
/* and issue a usage notice */
|
||||||
tty_printf("Revocation certificate created.\n\n"
|
tty_printf("Revocation certificate created.\n\n"
|
||||||
"Please move it to a media, which you can hide away; if Mallory gets\n"
|
"Please move it to a medium which you can hide away; if Mallory gets\n"
|
||||||
"access to this certificate he can use it to make your key unusable.\n"
|
"access to this certificate he can use it to make your key unusable.\n"
|
||||||
"It is clever to print this certificate and store it away, just in the case\n"
|
"It is smart to print this certificate and store it away, just in case\n"
|
||||||
"your media gets unreadable. But have some caution: The printer system of\n"
|
"your media become unreadable. But have some caution: The print system of\n"
|
||||||
"your machine might store the data and make it availabe to others!\n");
|
"your machine might store the data and make it available to others!\n");
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@ -98,7 +98,7 @@ check_pos( KBPOS *kbpos )
|
|||||||
****************************************************************/
|
****************************************************************/
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Register a resource (which currently may ionly be a keyring file).
|
* Register a resource (which currently may only be a keyring file).
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
add_keyblock_resource( const char *filename, int force, int secret )
|
add_keyblock_resource( const char *filename, int force, int secret )
|
||||||
@ -165,12 +165,12 @@ get_keyblock_handle( const char *filename, int secret, KBPOS *kbpos )
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Search a keyblock which starts with the given packet and put all
|
* Search a keyblock which starts with the given packet and puts all
|
||||||
* informations into KBPOS, which can be used later to access this key block.
|
* information into KBPOS, which can be used later to access this key block.
|
||||||
* This function looks into all registered keyblock sources.
|
* This function looks into all registered keyblock sources.
|
||||||
* PACKET must be a packet with either a secret_cert or a public_cert
|
* PACKET must be a packet with either a secret_cert or a public_cert
|
||||||
*
|
*
|
||||||
* This function is intended to check wether a given certificate
|
* This function is intended to check whether a given certificate
|
||||||
* is already in a keyring or to prepare it for editing.
|
* is already in a keyring or to prepare it for editing.
|
||||||
*
|
*
|
||||||
* Returns: 0 if found, -1 if not found or an errorcode.
|
* Returns: 0 if found, -1 if not found or an errorcode.
|
||||||
@ -276,7 +276,7 @@ find_secret_keyblock_byname( KBPOS *kbpos, const char *username )
|
|||||||
/****************
|
/****************
|
||||||
* Lock the keyblock; wait until it's available
|
* Lock the keyblock; wait until it's available
|
||||||
* This function may change the internal data in kbpos, in cases
|
* This function may change the internal data in kbpos, in cases
|
||||||
* when the to be locked keyblock has been modified.
|
* when the keyblock to be locked has been modified.
|
||||||
* fixme: remove this function and add an option to search()?
|
* fixme: remove this function and add an option to search()?
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
@ -310,7 +310,7 @@ read_keyblock( KBPOS *kbpos, KBNODE *ret_root )
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* This functions can be used to read trough a complete keyring.
|
* This functions can be used to read through a complete keyring.
|
||||||
* Mode is: 0 = open
|
* Mode is: 0 = open
|
||||||
* 1 = read
|
* 1 = read
|
||||||
* 2 = close
|
* 2 = close
|
||||||
@ -410,7 +410,7 @@ insert_keyblock( KBPOS *kbpos, KBNODE root )
|
|||||||
/****************
|
/****************
|
||||||
* Delete the keyblock described by KBPOS.
|
* Delete the keyblock described by KBPOS.
|
||||||
* The current code simply changes the keyblock in the keyring
|
* The current code simply changes the keyblock in the keyring
|
||||||
* to packet of type 0 with the correct length. To help detecting errors,
|
* to packet of type 0 with the correct length. To help detect errors,
|
||||||
* zero bytes are written.
|
* zero bytes are written.
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
@ -671,7 +671,7 @@ keyring_enum( KBPOS *kbpos, KBNODE *ret_root, int skipsigs )
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
/* skip pakets at the begin of a keyring, until we find
|
/* skip pakets at the beginning of a keyring, until we find
|
||||||
* a start packet; issue a warning if it is not a comment */
|
* a start packet; issue a warning if it is not a comment */
|
||||||
if( !root && pkt->pkttype != PKT_COMMENT )
|
if( !root && pkt->pkttype != PKT_COMMENT )
|
||||||
log_info("keyring_enum: skipped packet of type %d\n",
|
log_info("keyring_enum: skipped packet of type %d\n",
|
||||||
@ -703,7 +703,7 @@ keyring_enum( KBPOS *kbpos, KBNODE *ret_root, int skipsigs )
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Peromf insert/delete/update operation.
|
* Perform insert/delete/update operation.
|
||||||
* mode 1 = insert
|
* mode 1 = insert
|
||||||
* 2 = delete
|
* 2 = delete
|
||||||
* 3 = update
|
* 3 = update
|
||||||
|
@ -105,7 +105,7 @@ do_check( PKT_secret_cert *cert )
|
|||||||
default: BUG();
|
default: BUG();
|
||||||
}
|
}
|
||||||
cipher_close( cipher_hd );
|
cipher_close( cipher_hd );
|
||||||
/* now let's see wether we have used the right passphrase */
|
/* now let's see whether we have used the right passphrase */
|
||||||
if( csum != cert->csum ) {
|
if( csum != cert->csum ) {
|
||||||
if( cert->pubkey_algo == PUBKEY_ALGO_ELGAMAL ) {
|
if( cert->pubkey_algo == PUBKEY_ALGO_ELGAMAL ) {
|
||||||
/* very bad kludge to work around an early bug */
|
/* very bad kludge to work around an early bug */
|
||||||
@ -205,7 +205,7 @@ do_check( PKT_secret_cert *cert )
|
|||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Check the secret key certificate
|
* Check the secret key certificate
|
||||||
* Ask up to 3 time for a correct passphrase
|
* Ask up to 3 times for a correct passphrase
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
check_secret_key( PKT_secret_cert *cert )
|
check_secret_key( PKT_secret_cert *cert )
|
||||||
@ -230,7 +230,7 @@ check_secret_key( PKT_secret_cert *cert )
|
|||||||
}
|
}
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* check wether the secret key is protected.
|
* check whether the secret key is protected.
|
||||||
* Returns: 0 not protected, -1 on error or the protection algorithm
|
* Returns: 0 not protected, -1 on error or the protection algorithm
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
|
@ -66,8 +66,8 @@ encode_session_key( DEK *dek, unsigned nbits )
|
|||||||
u16 csum;
|
u16 csum;
|
||||||
MPI a;
|
MPI a;
|
||||||
|
|
||||||
/* the current limitation is, that we can only use a session key
|
/* the current limitation is that we can only use a session key
|
||||||
* which length is a multiple of BITS_PER_MPI_LIMB
|
* whose length is a multiple of BITS_PER_MPI_LIMB
|
||||||
* I think we can live with that.
|
* I think we can live with that.
|
||||||
*/
|
*/
|
||||||
if( dek->keylen + 7 > nframe || !nframe )
|
if( dek->keylen + 7 > nframe || !nframe )
|
||||||
@ -79,7 +79,7 @@ encode_session_key( DEK *dek, unsigned nbits )
|
|||||||
* 0 2 RND(n bytes) 0 A DEK(k bytes) CSUM(2 bytes)
|
* 0 2 RND(n bytes) 0 A DEK(k bytes) CSUM(2 bytes)
|
||||||
*
|
*
|
||||||
* (But how can we store the leading 0 - the external representaion
|
* (But how can we store the leading 0 - the external representaion
|
||||||
* of MPIs don't allow leading zeroes =:-)
|
* of MPIs doesn't allow leading zeroes =:-)
|
||||||
*
|
*
|
||||||
* RND are non-zero random bytes.
|
* RND are non-zero random bytes.
|
||||||
* A is the cipher algorithm
|
* A is the cipher algorithm
|
||||||
|
@ -235,9 +235,9 @@ do_check( PKT_public_cert *pkc, PKT_signature *sig, MD_HANDLE digest )
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* check the signature pointed to by NODE. This is a key signatures.
|
* check the signature pointed to by NODE. This is a key signature.
|
||||||
* If the function detects a self-signature, it uses the PKC from
|
* If the function detects a self-signature, it uses the PKC from
|
||||||
* NODE and does not read the any public key.
|
* NODE and does not read any public key.
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
check_key_signature( KBNODE root, KBNODE node, int *is_selfsig )
|
check_key_signature( KBNODE root, KBNODE node, int *is_selfsig )
|
||||||
|
@ -55,7 +55,7 @@ complete_sig( PKT_signature *sig, PKT_secret_cert *skc, MD_HANDLE md )
|
|||||||
else
|
else
|
||||||
BUG();
|
BUG();
|
||||||
|
|
||||||
/* fixme: should we check wether the signature is okay?
|
/* fixme: should we check whether the signature is okay?
|
||||||
* maybe by using an option */
|
* maybe by using an option */
|
||||||
|
|
||||||
return rc;
|
return rc;
|
||||||
|
@ -266,7 +266,7 @@ release_lid_table( LOCAL_ID_INFO *tbl )
|
|||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Add a new item to the table or return 1 if we already have this item
|
* Add a new item to the table or return 1 if we already have this item
|
||||||
* fixme: maybe its a good idea to take items from an unused item list.
|
* fixme: maybe it's a good idea to take items from an unused item list.
|
||||||
*/
|
*/
|
||||||
static int
|
static int
|
||||||
ins_lid_table_item( LOCAL_ID_INFO *tbl, ulong lid, unsigned flag )
|
ins_lid_table_item( LOCAL_ID_INFO *tbl, ulong lid, unsigned flag )
|
||||||
@ -677,7 +677,7 @@ search_record( PKT_public_cert *pkc, TRUSTREC *rec )
|
|||||||
|
|
||||||
/****************
|
/****************
|
||||||
* If we do not have a local_id in a signature packet, find the owner of
|
* If we do not have a local_id in a signature packet, find the owner of
|
||||||
* the signature packet in our trustdb or insert him into the trustdb
|
* the signature packet in our trustdb or insert them into the trustdb
|
||||||
*/
|
*/
|
||||||
static int
|
static int
|
||||||
set_signature_packets_local_id( PKT_signature *sig )
|
set_signature_packets_local_id( PKT_signature *sig )
|
||||||
@ -728,7 +728,7 @@ keyid_from_local_id( ulong lid, u32 *keyid )
|
|||||||
}
|
}
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Walk throug the signatures of a public key.
|
* Walk through the signatures of a public key.
|
||||||
* The caller must provide a context structure, with all fields set
|
* The caller must provide a context structure, with all fields set
|
||||||
* to zero, but the local_id field set to the requested key;
|
* to zero, but the local_id field set to the requested key;
|
||||||
* This function does not change this field. On return the context
|
* This function does not change this field. On return the context
|
||||||
@ -823,7 +823,7 @@ walk_sigrecs( SIGREC_CONTEXT *c, int create )
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Verify, that all our public keys are in the trustDB.
|
* Verify that all our public keys are in the trustDB.
|
||||||
*/
|
*/
|
||||||
static int
|
static int
|
||||||
verify_own_certs()
|
verify_own_certs()
|
||||||
@ -848,7 +848,7 @@ verify_own_certs()
|
|||||||
if( DBG_TRUST )
|
if( DBG_TRUST )
|
||||||
log_debug("checking secret key %08lX\n", (ulong)keyid[1] );
|
log_debug("checking secret key %08lX\n", (ulong)keyid[1] );
|
||||||
|
|
||||||
/* look wether we can access the public key of this secret key */
|
/* see whether we can access the public key of this secret key */
|
||||||
memset( pkc, 0, sizeof *pkc );
|
memset( pkc, 0, sizeof *pkc );
|
||||||
rc = get_pubkey( pkc, keyid );
|
rc = get_pubkey( pkc, keyid );
|
||||||
if( rc ) {
|
if( rc ) {
|
||||||
@ -944,7 +944,7 @@ do_list_sigs( ulong root, ulong pubkey, int depth,
|
|||||||
else {
|
else {
|
||||||
printf("%6u: %*s%08lX(%lu:%02x) ", *lineno, depth*4, "",
|
printf("%6u: %*s%08lX(%lu:%02x) ", *lineno, depth*4, "",
|
||||||
(ulong)keyid[1], sx.sig_id, sx.sig_flag );
|
(ulong)keyid[1], sx.sig_id, sx.sig_flag );
|
||||||
/* check wether we already checked this pubkey */
|
/* check whether we already checked this pubkey */
|
||||||
if( !qry_lid_table_flag( ultikey_table, sx.sig_id, NULL ) ) {
|
if( !qry_lid_table_flag( ultikey_table, sx.sig_id, NULL ) ) {
|
||||||
print_user_id("[ultimately trusted]", keyid);
|
print_user_id("[ultimately trusted]", keyid);
|
||||||
++*lineno;
|
++*lineno;
|
||||||
@ -1023,7 +1023,7 @@ do_list_path( TRUST_INFO *stack, int depth, int max_depth,
|
|||||||
|
|
||||||
/*printf("%2lu/%d: scrutinizig\n", stack[depth-1], depth);*/
|
/*printf("%2lu/%d: scrutinizig\n", stack[depth-1], depth);*/
|
||||||
if( depth >= max_depth || depth >= MAX_LIST_SIGS_DEPTH-1 ) {
|
if( depth >= max_depth || depth >= MAX_LIST_SIGS_DEPTH-1 ) {
|
||||||
/*printf("%2lu/%d: to deeply nested\n", stack[depth-1], depth);*/
|
/*printf("%2lu/%d: too deeply nested\n", stack[depth-1], depth);*/
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
memset( &sx, 0, sizeof sx );
|
memset( &sx, 0, sizeof sx );
|
||||||
@ -1085,7 +1085,7 @@ do_list_path( TRUST_INFO *stack, int depth, int max_depth,
|
|||||||
* Check all the sigs of the given keyblock and mark them
|
* Check all the sigs of the given keyblock and mark them
|
||||||
* as checked. Valid signatures which are duplicates are
|
* as checked. Valid signatures which are duplicates are
|
||||||
* also marked [shall we check them at all?]
|
* also marked [shall we check them at all?]
|
||||||
* FIXME: what shall we do if we have duplicate signatures were only
|
* FIXME: what shall we do if we have duplicate signatures where only
|
||||||
* some of them are bad?
|
* some of them are bad?
|
||||||
*/
|
*/
|
||||||
static int
|
static int
|
||||||
@ -1204,9 +1204,9 @@ build_sigrecs( ulong pubkeyid )
|
|||||||
/* the next function should always succeed, because
|
/* the next function should always succeed, because
|
||||||
* we have already checked the signature, and for this
|
* we have already checked the signature, and for this
|
||||||
* it was necessary to have the pubkey. The only reason
|
* it was necessary to have the pubkey. The only reason
|
||||||
* this can fail are I/o errors of the trustdb or a
|
* this can fail are I/O errors of the trustdb or a
|
||||||
* remove operation on the pubkey database - which should
|
* remove operation on the pubkey database - which should
|
||||||
* not disturb us, because we have to chace them anyway. */
|
* not disturb us, because we have to chance them anyway. */
|
||||||
rc = set_signature_packets_local_id( node->pkt->pkt.signature );
|
rc = set_signature_packets_local_id( node->pkt->pkt.signature );
|
||||||
if( rc )
|
if( rc )
|
||||||
log_fatal("set_signature_packets_local_id failed: %s\n",
|
log_fatal("set_signature_packets_local_id failed: %s\n",
|
||||||
@ -1339,7 +1339,7 @@ make_tsl( ulong pubkey_id, TRUST_SEG_LIST *ret_tslist )
|
|||||||
* to assign a trustvalue to the first segment (which is the requested key)
|
* to assign a trustvalue to the first segment (which is the requested key)
|
||||||
* of each path.
|
* of each path.
|
||||||
*
|
*
|
||||||
* FIXME: We have to do more thinks here. e.g. we should never increase
|
* FIXME: We have to do more thinking here. e.g. we should never increase
|
||||||
* the trust value.
|
* the trust value.
|
||||||
*
|
*
|
||||||
* Do not do it for duplicates.
|
* Do not do it for duplicates.
|
||||||
@ -1355,7 +1355,7 @@ propagate_trust( TRUST_SEG_LIST tslist )
|
|||||||
if( tsl->dup )
|
if( tsl->dup )
|
||||||
continue;
|
continue;
|
||||||
assert( tsl->nseg );
|
assert( tsl->nseg );
|
||||||
/* the last segment is always a ultimately trusted one, so we can
|
/* the last segment is always an ultimately trusted one, so we can
|
||||||
* assign a fully trust to the next one */
|
* assign a fully trust to the next one */
|
||||||
i = tsl->nseg-1;
|
i = tsl->nseg-1;
|
||||||
tsl->seg[i].trust = TRUST_ULTIMATE;
|
tsl->seg[i].trust = TRUST_ULTIMATE;
|
||||||
@ -1409,7 +1409,7 @@ do_check( ulong pubkeyid, TRUSTREC *dr, unsigned *trustlevel )
|
|||||||
tflags |= TRUST_FLAG_REVOKED;
|
tflags |= TRUST_FLAG_REVOKED;
|
||||||
|
|
||||||
if( !rc && !dr->r.dir.sigrec ) {
|
if( !rc && !dr->r.dir.sigrec ) {
|
||||||
/* See wether this is our own key */
|
/* See whether this is our own key */
|
||||||
if( !qry_lid_table_flag( ultikey_table, pubkeyid, NULL ) )
|
if( !qry_lid_table_flag( ultikey_table, pubkeyid, NULL ) )
|
||||||
*trustlevel = tflags | TRUST_ULTIMATE;
|
*trustlevel = tflags | TRUST_ULTIMATE;
|
||||||
return 0;
|
return 0;
|
||||||
@ -1439,7 +1439,7 @@ do_check( ulong pubkeyid, TRUSTREC *dr, unsigned *trustlevel )
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* and look wether there is a trusted path.
|
/* and see whether there is a trusted path.
|
||||||
* We only have to look at the first segment, because
|
* We only have to look at the first segment, because
|
||||||
* propagate_trust has investigated all other segments */
|
* propagate_trust has investigated all other segments */
|
||||||
marginal = fully = 0;
|
marginal = fully = 0;
|
||||||
@ -1478,9 +1478,9 @@ do_check( ulong pubkeyid, TRUSTREC *dr, unsigned *trustlevel )
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/*********************************************************
|
/***********************************************
|
||||||
**************** API Interface ************************
|
**************** API ************************
|
||||||
*********************************************************/
|
***********************************************/
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Perform some checks over the trustdb
|
* Perform some checks over the trustdb
|
||||||
@ -1536,11 +1536,11 @@ init_trustdb( int level, const char *dbname )
|
|||||||
* in ~/.gnupg/ here */
|
* in ~/.gnupg/ here */
|
||||||
rc = verify_private_data();
|
rc = verify_private_data();
|
||||||
if( !rc ) {
|
if( !rc ) {
|
||||||
/* verify, that our own certificates are in the trustDB
|
/* verify that our own certificates are in the trustDB
|
||||||
* or move them to the trustdb. */
|
* or move them to the trustdb. */
|
||||||
rc = verify_own_certs();
|
rc = verify_own_certs();
|
||||||
|
|
||||||
/* should we check wether there is no other ultimately trusted
|
/* should we check whether there is no other ultimately trusted
|
||||||
* key in the database? */
|
* key in the database? */
|
||||||
|
|
||||||
}
|
}
|
||||||
@ -1769,7 +1769,7 @@ check_trust( PKT_public_cert *pkc, unsigned *r_trustlevel )
|
|||||||
* 3) call this function as long as it does not return -1
|
* 3) call this function as long as it does not return -1
|
||||||
* to indicate EOF. LID does contain the next key used to build the web
|
* to indicate EOF. LID does contain the next key used to build the web
|
||||||
* 4) Always call this function a last time with LID set to NULL,
|
* 4) Always call this function a last time with LID set to NULL,
|
||||||
* so that it can free it's context.
|
* so that it can free its context.
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
enum_trust_web( void **context, ulong *lid )
|
enum_trust_web( void **context, ulong *lid )
|
||||||
@ -1874,7 +1874,7 @@ query_trust_record( PKT_public_cert *pkc )
|
|||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Insert a trust record into the TrustDB
|
* Insert a trust record into the TrustDB
|
||||||
* This function failes if this record already exists.
|
* This function fails if this record already exists.
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
insert_trust_record( PKT_public_cert *pkc )
|
insert_trust_record( PKT_public_cert *pkc )
|
||||||
|
@ -26,7 +26,7 @@
|
|||||||
#define TRUST_MASK 15
|
#define TRUST_MASK 15
|
||||||
#define TRUST_UNKNOWN 0 /* not yet calculated */
|
#define TRUST_UNKNOWN 0 /* not yet calculated */
|
||||||
#define TRUST_EXPIRED 1 /* calculation may be invalid */
|
#define TRUST_EXPIRED 1 /* calculation may be invalid */
|
||||||
#define TRUST_UNDEFINED 2 /* not enough informations for calculation */
|
#define TRUST_UNDEFINED 2 /* not enough information for calculation */
|
||||||
#define TRUST_NEVER 3 /* never trust this pubkey */
|
#define TRUST_NEVER 3 /* never trust this pubkey */
|
||||||
#define TRUST_MARGINAL 4 /* marginally trusted */
|
#define TRUST_MARGINAL 4 /* marginally trusted */
|
||||||
#define TRUST_FULLY 5 /* fully trusted */
|
#define TRUST_FULLY 5 /* fully trusted */
|
||||||
|
@ -41,9 +41,9 @@
|
|||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Assume that the input is a signature and verify it without
|
* Assume that the input is a signature and verify it without
|
||||||
* generating any output. With no arguments, the sigature packet
|
* generating any output. With no arguments, the signature packet
|
||||||
* is read from stdin (it may be a detached signature when not
|
* is read from stdin (it may be a detached signature when not
|
||||||
* used in batch mode). If only a sigfile is given, is maybe a complete
|
* used in batch mode). If only a sigfile is given, it may be a complete
|
||||||
* signature or a detached signature in which case the signed stuff
|
* signature or a detached signature in which case the signed stuff
|
||||||
* is expected from stdin. With more than 1 argument, the first should
|
* is expected from stdin. With more than 1 argument, the first should
|
||||||
* be a detached signature and the remaining files are the signed stuff.
|
* be a detached signature and the remaining files are the signed stuff.
|
||||||
|
@ -75,7 +75,7 @@ mpi_get_nbits( MPI a )
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Test wether bit N is set.
|
* Test whether bit N is set.
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
mpi_test_bit( MPI a, unsigned n )
|
mpi_test_bit( MPI a, unsigned n )
|
||||||
|
@ -311,7 +311,7 @@ mpi_tdiv_q_2exp( MPI w, MPI u, unsigned count )
|
|||||||
}
|
}
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Check wether dividend is divisible by divisor
|
* Check whether dividend is divisible by divisor
|
||||||
* (note: divisor must fit into a limb)
|
* (note: divisor must fit into a limb)
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
|
@ -125,7 +125,7 @@ mpi_read(IOBUF inp, unsigned *ret_nread, int secure)
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Make a mpi from a character string.
|
* Make an mpi from a character string.
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
mpi_fromstr(MPI val, const char *str)
|
mpi_fromstr(MPI val, const char *str)
|
||||||
@ -200,7 +200,7 @@ mpi_fromstr(MPI val, const char *str)
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* print an MPI to the give stream and return the number of characters
|
* print an MPI to the given stream and return the number of characters
|
||||||
* printed.
|
* printed.
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
@ -236,9 +236,9 @@ mpi_print( FILE *fp, MPI a, int mode )
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Special function to get the low 8 bytes from a mpi,
|
* Special function to get the low 8 bytes from an mpi.
|
||||||
* this can be used as a keyid, KEYID is an 2 element array.
|
* This can be used as a keyid; KEYID is an 2 element array.
|
||||||
* Does return the low 4 bytes.
|
* Return the low 4 bytes.
|
||||||
*/
|
*/
|
||||||
u32
|
u32
|
||||||
mpi_get_keyid( MPI a, u32 *keyid )
|
mpi_get_keyid( MPI a, u32 *keyid )
|
||||||
@ -262,7 +262,7 @@ mpi_get_keyid( MPI a, u32 *keyid )
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Return a m_alloced buffer with the MPI (msb first).
|
* Return an m_alloced buffer with the MPI (msb first).
|
||||||
* NBYTES receives the length of this buffer. Caller must free the
|
* NBYTES receives the length of this buffer. Caller must free the
|
||||||
* return string (This function does return a 0 byte buffer with NBYTES
|
* return string (This function does return a 0 byte buffer with NBYTES
|
||||||
* set to zero if the value of A is zero. If sign is not NULL, it will
|
* set to zero if the value of A is zero. If sign is not NULL, it will
|
||||||
|
@ -120,7 +120,7 @@ mul_n( mpi_ptr_t prodp, mpi_ptr_t up, mpi_ptr_t vp,
|
|||||||
mpi_size_t size, mpi_ptr_t tspace )
|
mpi_size_t size, mpi_ptr_t tspace )
|
||||||
{
|
{
|
||||||
if( size & 1 ) {
|
if( size & 1 ) {
|
||||||
/* The size is odd, the code code below doesn't handle that.
|
/* The size is odd, and the code below doesn't handle that.
|
||||||
* Multiply the least significant (size - 1) limbs with a recursive
|
* Multiply the least significant (size - 1) limbs with a recursive
|
||||||
* call, and handle the most significant limb of S1 and S2
|
* call, and handle the most significant limb of S1 and S2
|
||||||
* separately.
|
* separately.
|
||||||
@ -269,7 +269,7 @@ void
|
|||||||
mpih_sqr_n( mpi_ptr_t prodp, mpi_ptr_t up, mpi_size_t size, mpi_ptr_t tspace)
|
mpih_sqr_n( mpi_ptr_t prodp, mpi_ptr_t up, mpi_size_t size, mpi_ptr_t tspace)
|
||||||
{
|
{
|
||||||
if( size & 1 ) {
|
if( size & 1 ) {
|
||||||
/* The size is odd, the code code below doesn't handle that.
|
/* The size is odd, and the code below doesn't handle that.
|
||||||
* Multiply the least significant (size - 1) limbs with a recursive
|
* Multiply the least significant (size - 1) limbs with a recursive
|
||||||
* call, and handle the most significant limb of S1 and S2
|
* call, and handle the most significant limb of S1 and S2
|
||||||
* separately.
|
* separately.
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
# Makefile for program source directory in GNU NLS utilities package.
|
# Makefile for program source directory in GNU NLS utilities package.
|
||||||
# Copyright (C) 1995, 1996, 1997 by Ulrich Drepper <drepper@gnu.ai.mit.edu>
|
# Copyright (C) 1995, 1996, 1997 by Ulrich Drepper <drepper@gnu.ai.mit.edu>
|
||||||
#
|
#
|
||||||
# This file file be copied and used freely without restrictions. It can
|
# This file may be copied and used freely without restrictions. It can
|
||||||
# be used in projects which are not available under the GNU Public License
|
# be used in projects which are not available under the GNU Public License
|
||||||
# but which still want to provide support for the GNU gettext functionality.
|
# but which still want to provide support for the GNU gettext functionality.
|
||||||
# Please note that the actual code is *not* freely available.
|
# Please note that the actual code is *not* freely available.
|
||||||
|
82
po/de.po
82
po/de.po
@ -78,6 +78,14 @@ msgstr "Aufruf: gpgm [Optionen] [Dateien] (-h f
|
|||||||
msgid "Usage: gpg [options] [files] (-h for help)"
|
msgid "Usage: gpg [options] [files] (-h for help)"
|
||||||
msgstr "Aufruf: gpg [Optionen] [Dateien] (-h für Hilfe)"
|
msgstr "Aufruf: gpg [Optionen] [Dateien] (-h für Hilfe)"
|
||||||
|
|
||||||
|
#: g10/g10.c:298
|
||||||
|
msgid "usage: gpgm [options] "
|
||||||
|
msgstr "Aufruf: gpgm [Optionen] "
|
||||||
|
|
||||||
|
#: g10/g10.c:300
|
||||||
|
msgid "usage: gpg [options] "
|
||||||
|
msgstr "Aufruf: gpg [Optionen] "
|
||||||
|
|
||||||
|
|
||||||
#: g10/g10.c:152
|
#: g10/g10.c:152
|
||||||
msgid "conflicting commands\n"
|
msgid "conflicting commands\n"
|
||||||
@ -262,7 +270,7 @@ msgid "select default cipher algorithm"
|
|||||||
msgstr "Den Cipher Algorithmus auswählen"
|
msgstr "Den Cipher Algorithmus auswählen"
|
||||||
|
|
||||||
#: g10/g10.c:206
|
#: g10/g10.c:206
|
||||||
msgid "select default puplic key algorithm"
|
msgid "select default public key algorithm"
|
||||||
msgstr "Den Public-Key Algorithmus auswählen"
|
msgstr "Den Public-Key Algorithmus auswählen"
|
||||||
|
|
||||||
#: g10/g10.c:207
|
#: g10/g10.c:207
|
||||||
@ -339,6 +347,9 @@ msgstr "Die Trust-DB kann nicht initialisiert werden: %s\n"
|
|||||||
msgid "can't open '%s'\n"
|
msgid "can't open '%s'\n"
|
||||||
msgstr "Datei '%s' kann nicht geöffnet werden\n"
|
msgstr "Datei '%s' kann nicht geöffnet werden\n"
|
||||||
|
|
||||||
|
#: g10/g10.c:799
|
||||||
|
msgid "can't open %s: %s\n"
|
||||||
|
msgstr "Datei '%s' kann nicht geöffnet werden: %s\n"
|
||||||
|
|
||||||
#: g10/g10.c:113
|
#: g10/g10.c:113
|
||||||
msgid "write status info to this fd"
|
msgid "write status info to this fd"
|
||||||
@ -417,6 +428,31 @@ msgstr "--delete-key Benutzername"
|
|||||||
msgid "--change-passphrase [username]"
|
msgid "--change-passphrase [username]"
|
||||||
msgstr "--change-passphrase [Benutzername]"
|
msgstr "--change-passphrase [Benutzername]"
|
||||||
|
|
||||||
|
#: g10/g10.c:810
|
||||||
|
msgid "-k[v][v][v][c] [userid] [keyring]"
|
||||||
|
msgstr "-h[v][v][v][c] [Benutzername] [Keyring]"
|
||||||
|
|
||||||
|
#: g10/g10.c:857
|
||||||
|
msgid "dearmoring failed: %s\n"
|
||||||
|
msgstr "De-Armor fehlgeschlagen: %s\n"
|
||||||
|
|
||||||
|
#: g10/g10.c:865
|
||||||
|
msgid "enarmoring failed: %s\n"
|
||||||
|
msgstr "En-Armor fehlgeschlagen: %s\n"
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
#: g10/pkclist.c:157
|
||||||
|
msgid ""
|
||||||
|
"No ownertrust values changed.\n"
|
||||||
|
"\n"
|
||||||
|
msgstr "Keine \"Ownertrust\" Werte geändert.\n"
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -432,15 +468,15 @@ msgstr ""
|
|||||||
msgid ""
|
msgid ""
|
||||||
"\"\n"
|
"\"\n"
|
||||||
"\n"
|
"\n"
|
||||||
"Please decide in how far do you trust this user to\n"
|
"Please decide how far you trust this user to correctly\n"
|
||||||
"correctly sign other users keys (looking at his passport,\n"
|
"verify other users' keys (by looking at passports,\n"
|
||||||
"checking the fingerprints from different sources ...)?\n"
|
"checking fingerprints from different sources...)?\n"
|
||||||
"\n"
|
"\n"
|
||||||
" 1 = Don't know\n"
|
" 1 = Don't know\n"
|
||||||
" 2 = I do NOT trust\n"
|
" 2 = I do NOT trust\n"
|
||||||
" 3 = I trust marginally\n"
|
" 3 = I trust marginally\n"
|
||||||
" 4 = I trust fully\n"
|
" 4 = I trust fully\n"
|
||||||
" s = please show me more informations\n"
|
" s = please show me more information\n"
|
||||||
"\n"
|
"\n"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
"\"\n"
|
"\"\n"
|
||||||
@ -473,7 +509,7 @@ msgstr "Sie sollten hier eigentlich eine Liste der Signierer sehen.\n"
|
|||||||
|
|
||||||
#: g10/pkclist.c:132
|
#: g10/pkclist.c:132
|
||||||
msgid ""
|
msgid ""
|
||||||
"Could not find a valid trust path to the key. Lets see, wether we\n"
|
"Could not find a valid trust path to the key. Let's see whether we\n"
|
||||||
"can assign some missing owner trust values.\n"
|
"can assign some missing owner trust values.\n"
|
||||||
"\n"
|
"\n"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
@ -481,6 +517,34 @@ msgstr ""
|
|||||||
"Mal sehen ob wir now weitere Ownertrust Werte zuordnen können.\n"
|
"Mal sehen ob wir now weitere Ownertrust Werte zuordnen können.\n"
|
||||||
"\n"
|
"\n"
|
||||||
|
|
||||||
|
|
||||||
|
#: g10/pkclist.c:267
|
||||||
|
msgid ""
|
||||||
|
"It is NOT certain that the key belongs to its owner.\n"
|
||||||
|
"If you *really* know what you are doing, you may answer\n"
|
||||||
|
"the next question with yes\n"
|
||||||
|
"\n"
|
||||||
|
msgstr ""
|
||||||
|
"Es ist NICHT sicher, daß der Key dem vorgeblichen Besitzer gehört.\n"
|
||||||
|
"Wenn Sie *wirklich* wissen, was Sie tun, können Sie die nächste\n"
|
||||||
|
"Frage mit ja beantworten\n"
|
||||||
|
|
||||||
|
|
||||||
|
#: g10/pkclist.c:304
|
||||||
|
msgid ""
|
||||||
|
"You did not specify a user ID. (you may use \"-r\")\n"
|
||||||
|
"\n"
|
||||||
|
msgstr ""
|
||||||
|
"Sie gaben keine User-ID angegeben. (benutzen Sie die Option \"-r\")\n"
|
||||||
|
"\n"
|
||||||
|
|
||||||
|
|
||||||
|
#: g10/pkclist.c:308
|
||||||
|
msgid "Enter the user ID: "
|
||||||
|
msgstr "Geben Sie die User-ID ein: "
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
#: g10/keygen.c:109
|
#: g10/keygen.c:109
|
||||||
msgid "writing self signature\n"
|
msgid "writing self signature\n"
|
||||||
msgstr "Die Selbst-Signatur wird geschrieben\n"
|
msgstr "Die Selbst-Signatur wird geschrieben\n"
|
||||||
@ -532,7 +596,7 @@ msgid "What keysize do you want? (1024) "
|
|||||||
msgstr "Welche Schlüssellänge wünschen Sie? (1024)"
|
msgstr "Welche Schlüssellänge wünschen Sie? (1024)"
|
||||||
|
|
||||||
#: g10/keygen.c:357
|
#: g10/keygen.c:357
|
||||||
msgid "DSA does only allow keysizes from 512 to 1024\n"
|
msgid "DSA only allows keysizes from 512 to 1024\n"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: g10/keygen.c:359
|
#: g10/keygen.c:359
|
||||||
@ -636,8 +700,8 @@ msgstr ""
|
|||||||
|
|
||||||
#: g10/keygen.c:508
|
#: g10/keygen.c:508
|
||||||
msgid ""
|
msgid ""
|
||||||
"You don't what a passphrase - this is probably a *bad* idea!\n"
|
"You don't want a passphrase - this is probably a *bad* idea!\n"
|
||||||
"I will do it anyway. You can change your passphrase at anytime,\n"
|
"I will do it anyway. You can change your passphrase at any time,\n"
|
||||||
"using this program with the option \"--change-passphrase\"\n"
|
"using this program with the option \"--change-passphrase\"\n"
|
||||||
"\n"
|
"\n"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
33
po/it.po
33
po/it.po
@ -242,7 +242,7 @@ msgid "select default cipher algorithm"
|
|||||||
msgstr "seleziona l'algoritmo di cifratura predefinito"
|
msgstr "seleziona l'algoritmo di cifratura predefinito"
|
||||||
|
|
||||||
#: g10/g10.c:119
|
#: g10/g10.c:119
|
||||||
msgid "select default puplic key algorithm"
|
msgid "select default public key algorithm"
|
||||||
msgstr "seleziona l'algoritmo a chiave pubblica predefinito"
|
msgstr "seleziona l'algoritmo a chiave pubblica predefinito"
|
||||||
|
|
||||||
#: g10/g10.c:120
|
#: g10/g10.c:120
|
||||||
@ -410,10 +410,6 @@ msgstr "impossibile aprire '%s': %s\n"
|
|||||||
msgid "-k[v][v][v][c] [userid] [keyring]"
|
msgid "-k[v][v][v][c] [userid] [keyring]"
|
||||||
msgstr "-k[v][v][v][c] [userid] [portachiavi]"
|
msgstr "-k[v][v][v][c] [userid] [portachiavi]"
|
||||||
|
|
||||||
#: g10/g10.c:804
|
|
||||||
msgid "--gen-key"
|
|
||||||
msgstr ""
|
|
||||||
|
|
||||||
#: g10/g10.c:845
|
#: g10/g10.c:845
|
||||||
#, c-format
|
#, c-format
|
||||||
msgid "dearmoring failed: %s\n"
|
msgid "dearmoring failed: %s\n"
|
||||||
@ -447,15 +443,15 @@ msgstr ""
|
|||||||
msgid ""
|
msgid ""
|
||||||
"\"\n"
|
"\"\n"
|
||||||
"\n"
|
"\n"
|
||||||
"Please decide in how far do you trust this user to\n"
|
"Please decide how far you trust this user to correctly\n"
|
||||||
"correctly sign other users keys (looking at his passport,\n"
|
"verify other users' keys (by looking at passports,\n"
|
||||||
"checking the fingerprints from different sources ...)?\n"
|
"checking fingerprints from different sources...)?\n"
|
||||||
"\n"
|
"\n"
|
||||||
" 1 = Don't know\n"
|
" 1 = Don't know\n"
|
||||||
" 2 = I do NOT trust\n"
|
" 2 = I do NOT trust\n"
|
||||||
" 3 = I trust marginally\n"
|
" 3 = I trust marginally\n"
|
||||||
" 4 = I trust fully\n"
|
" 4 = I trust fully\n"
|
||||||
" s = please show me more informations\n"
|
" s = please show me more information\n"
|
||||||
"\n"
|
"\n"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
"\"\n"
|
"\"\n"
|
||||||
@ -493,7 +489,7 @@ msgstr "Qui vedrai una lista di firmatari, ecc.\n"
|
|||||||
|
|
||||||
#: g10/pkclist.c:132
|
#: g10/pkclist.c:132
|
||||||
msgid ""
|
msgid ""
|
||||||
"Could not find a valid trust path to the key. Lets see, wether we\n"
|
"Could not find a valid trust path to the key. Let's see whether we\n"
|
||||||
"can assign some missing owner trust values.\n"
|
"can assign some missing owner trust values.\n"
|
||||||
"\n"
|
"\n"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
@ -511,7 +507,7 @@ msgstr ""
|
|||||||
|
|
||||||
#: g10/pkclist.c:267
|
#: g10/pkclist.c:267
|
||||||
msgid ""
|
msgid ""
|
||||||
"It is NOT certain, that the key belongs to his owner.\n"
|
"It is NOT certain that the key belongs to its owner.\n"
|
||||||
"If you *really* know what you are doing, you may answer\n"
|
"If you *really* know what you are doing, you may answer\n"
|
||||||
"the next question with yes\n"
|
"the next question with yes\n"
|
||||||
"\n"
|
"\n"
|
||||||
@ -564,7 +560,7 @@ msgid "Your selection? (1,2) "
|
|||||||
msgstr "Cosa scegli? (1,2) "
|
msgstr "Cosa scegli? (1,2) "
|
||||||
|
|
||||||
#: g10/keygen.c:336
|
#: g10/keygen.c:336
|
||||||
msgid "Sorry; DSA is not yet supported.\n"
|
msgid "Sorry; DSA key generation is not yet supported.\n"
|
||||||
msgstr "Mi spiace, DSA non è gestito.\n"
|
msgstr "Mi spiace, DSA non è gestito.\n"
|
||||||
|
|
||||||
#: g10/keygen.c:349
|
#: g10/keygen.c:349
|
||||||
@ -585,7 +581,7 @@ msgid "What keysize do you want? (1024) "
|
|||||||
msgstr "Di che dimensioni vuoi la chiave? (1024) "
|
msgstr "Di che dimensioni vuoi la chiave? (1024) "
|
||||||
|
|
||||||
#: g10/keygen.c:363
|
#: g10/keygen.c:363
|
||||||
msgid "DSA does only allow keysizes from 512 to 1024\n"
|
msgid "DSA only allows keysizes from 512 to 1024\n"
|
||||||
msgstr "DSA permette solo chiavi di dimensioni da 512 a 1024\n"
|
msgstr "DSA permette solo chiavi di dimensioni da 512 a 1024\n"
|
||||||
|
|
||||||
#: g10/keygen.c:365
|
#: g10/keygen.c:365
|
||||||
@ -625,17 +621,16 @@ msgstr "arrotondate a %u bit"
|
|||||||
#: g10/keygen.c:397
|
#: g10/keygen.c:397
|
||||||
msgid ""
|
msgid ""
|
||||||
"\n"
|
"\n"
|
||||||
"You need a User-ID to identify your key; the software constructs the user "
|
"You need a User-ID to identify your key; the software constructs the user id\n"
|
||||||
"id\n"
|
|
||||||
"from Real Name, Comment and Email Address in this form:\n"
|
"from Real Name, Comment and Email Address in this form:\n"
|
||||||
" \"Heinrich Heine (Der Dichter) <heinrichh@uni-duesseldorf.de>\"\n"
|
" \"Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>\"\n"
|
||||||
"\n"
|
"\n"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
"\n"
|
"\n"
|
||||||
"Ti serve un User ID per identificare la tua chiave; il software costruisce "
|
"Ti serve un User ID per identificare la tua chiave; il software costruisce "
|
||||||
"l'user id a partire da Nome e Cognome, Commento e Indirizzo di Email "
|
"l'user id a partire da Nome e Cognome, Commento e Indirizzo di Email "
|
||||||
"indicati in questa forma:\n"
|
"indicati in questa forma:\n"
|
||||||
" \"Heinrich Heine (Der Dichter) <heinrichh@uni-duesseldorf.de>\"\n"
|
" \"Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>\"\n"
|
||||||
"\n"
|
"\n"
|
||||||
|
|
||||||
#: g10/keygen.c:409
|
#: g10/keygen.c:409
|
||||||
@ -695,8 +690,8 @@ msgstr ""
|
|||||||
|
|
||||||
#: g10/keygen.c:516
|
#: g10/keygen.c:516
|
||||||
msgid ""
|
msgid ""
|
||||||
"You don't what a passphrase - this is probably a *bad* idea!\n"
|
"You don't want a passphrase - this is probably a *bad* idea!\n"
|
||||||
"I will do it anyway. You can change your passphrase at anytime,\n"
|
"I will do it anyway. You can change your passphrase at any time,\n"
|
||||||
"using this program with the option \"--change-passphrase\"\n"
|
"using this program with the option \"--change-passphrase\"\n"
|
||||||
"\n"
|
"\n"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
@ -1,10 +1,10 @@
|
|||||||
/* mpitest.c - test the mpi functions
|
/* mpitest.c - test the mpi functions
|
||||||
* Copyright (C) 1998 Free Software Foundation, Inc.
|
* Copyright (C) 1998 Free Software Foundation, Inc.
|
||||||
*
|
*
|
||||||
* This is a RPN calculator; values must be given in hex.
|
* This is an RPN calculator; values must be given in hex.
|
||||||
* Operaion is like dc(1) except that the input/output radix is
|
* Operation is like dc(1) except that the input/output radix is
|
||||||
* always 16 and you can use a '-' to prefix a negative number.
|
* always 16 and you can use a '-' to prefix a negative number.
|
||||||
* Addition operators: ++ and --. All operators must be delimeted by a blank
|
* Addition operators: ++ and --. All operators must be delimited by a blank
|
||||||
*
|
*
|
||||||
*
|
*
|
||||||
* This file is part of GNUPG.
|
* This file is part of GNUPG.
|
||||||
|
@ -659,7 +659,7 @@ usage( int level )
|
|||||||
* 18: Optional thanks list (with LFs)
|
* 18: Optional thanks list (with LFs)
|
||||||
* 19: Bug report info
|
* 19: Bug report info
|
||||||
*20..29: Additional lib version strings.
|
*20..29: Additional lib version strings.
|
||||||
*30..39: Additional program infos (with LFs)
|
*30..39: Additional program info (with LFs)
|
||||||
* 40: short usage note (with LF)
|
* 40: short usage note (with LF)
|
||||||
* 41: long usage note (with LF)
|
* 41: long usage note (with LF)
|
||||||
*/
|
*/
|
||||||
|
@ -31,7 +31,7 @@
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Construct a filename form the NULL terminated list of parts.
|
* Construct a filename from the NULL terminated list of parts.
|
||||||
* Tilde expansion is done here.
|
* Tilde expansion is done here.
|
||||||
*/
|
*/
|
||||||
char *
|
char *
|
||||||
@ -66,7 +66,7 @@ make_filename( const char *first_part, ... )
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* A simple function to decide, wether the filename ist stdout
|
* A simple function to decide whether the filename is stdout
|
||||||
* or a real filename.
|
* or a real filename.
|
||||||
*/
|
*/
|
||||||
const char *
|
const char *
|
||||||
|
20
util/iobuf.c
20
util/iobuf.c
@ -50,7 +50,7 @@ static int underflow(IOBUF a);
|
|||||||
* Read data from a file into buf which has an allocated length of *LEN.
|
* Read data from a file into buf which has an allocated length of *LEN.
|
||||||
* return the number of read bytes in *LEN. OPAQUE is the FILE * of
|
* return the number of read bytes in *LEN. OPAQUE is the FILE * of
|
||||||
* the stream. A is not used.
|
* the stream. A is not used.
|
||||||
* control maybe:
|
* control may be:
|
||||||
* IOBUFCTRL_INIT: called just before the function is linked into the
|
* IOBUFCTRL_INIT: called just before the function is linked into the
|
||||||
* list of function. This can be used to prepare internal
|
* list of function. This can be used to prepare internal
|
||||||
* data structures of the function.
|
* data structures of the function.
|
||||||
@ -392,7 +392,7 @@ iobuf_open( const char *fname )
|
|||||||
}
|
}
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* create a iobuf for writing to a file; the file will be created.
|
* create an iobuf for writing to a file; the file will be created.
|
||||||
*/
|
*/
|
||||||
IOBUF
|
IOBUF
|
||||||
iobuf_create( const char *fname )
|
iobuf_create( const char *fname )
|
||||||
@ -423,8 +423,8 @@ iobuf_create( const char *fname )
|
|||||||
}
|
}
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* append to a iobuf if the file does not exits; create it.
|
* append to an iobuf; if the file does not exist, create it.
|
||||||
* cannont be used for stdout.
|
* cannot be used for stdout.
|
||||||
*/
|
*/
|
||||||
IOBUF
|
IOBUF
|
||||||
iobuf_append( const char *fname )
|
iobuf_append( const char *fname )
|
||||||
@ -579,7 +579,7 @@ iobuf_pop_filter( IOBUF a, int (*f)(void *opaque, int control,
|
|||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* and look how to remove it */
|
/* and see how to remove it */
|
||||||
if( a == b && !b->chain )
|
if( a == b && !b->chain )
|
||||||
log_bug("can't remove the last filter from the chain\n");
|
log_bug("can't remove the last filter from the chain\n");
|
||||||
else if( a == b ) { /* remove the first iobuf from the chain */
|
else if( a == b ) { /* remove the first iobuf from the chain */
|
||||||
@ -743,7 +743,7 @@ iobuf_read(IOBUF a, byte *buf, unsigned buflen )
|
|||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Have a look at the iobuf.
|
* Have a look at the iobuf.
|
||||||
* NOTE: This does only work in special cases.
|
* NOTE: This only works in special cases.
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
iobuf_peek(IOBUF a, byte *buf, unsigned buflen )
|
iobuf_peek(IOBUF a, byte *buf, unsigned buflen )
|
||||||
@ -845,7 +845,7 @@ iobuf_unget_and_close_temp( IOBUF a, IOBUF temp )
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Set a limit, how much bytes may be read from the input stream A.
|
* Set a limit on how many bytes may be read from the input stream A.
|
||||||
* Setting the limit to 0 disables this feature.
|
* Setting the limit to 0 disables this feature.
|
||||||
*/
|
*/
|
||||||
void
|
void
|
||||||
@ -893,7 +893,7 @@ iobuf_tell( IOBUF a )
|
|||||||
|
|
||||||
/****************
|
/****************
|
||||||
* This is a very limited implementation. It simply discards all internal
|
* This is a very limited implementation. It simply discards all internal
|
||||||
* buffering and remove all filters but the first one.
|
* buffering and removes all filters but the first one.
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
iobuf_seek( IOBUF a, ulong newpos )
|
iobuf_seek( IOBUF a, ulong newpos )
|
||||||
@ -968,7 +968,7 @@ iobuf_set_block_mode( IOBUF a, size_t n )
|
|||||||
}
|
}
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* enable patial block mode as descriped in the OpenPGP draft.
|
* enable partial block mode as described in the OpenPGP draft.
|
||||||
* LEN is the first length
|
* LEN is the first length
|
||||||
*/
|
*/
|
||||||
void
|
void
|
||||||
@ -990,7 +990,7 @@ iobuf_set_partial_block_mode( IOBUF a, size_t len )
|
|||||||
|
|
||||||
|
|
||||||
/****************
|
/****************
|
||||||
* Checks wether the stream is in block mode
|
* Checks whether the stream is in block mode
|
||||||
* Note: This does not work if other filters are pushed on the stream.
|
* Note: This does not work if other filters are pushed on the stream.
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
* We use our own memory allocation functions instead of plain malloc(),
|
* We use our own memory allocation functions instead of plain malloc(),
|
||||||
* so that we can provide some special enhancements:
|
* so that we can provide some special enhancements:
|
||||||
* a) functions to provide memory from a secure memory.
|
* a) functions to provide memory from a secure memory.
|
||||||
* b) By looking at the requested allocation size we
|
* b) by looking at the requested allocation size we
|
||||||
* can reuse memory very quickly (e.g. MPI storage)
|
* can reuse memory very quickly (e.g. MPI storage)
|
||||||
* (really needed?)
|
* (really needed?)
|
||||||
* c) memory usage reporting if compiled with M_DEBUG
|
* c) memory usage reporting if compiled with M_DEBUG
|
||||||
@ -103,7 +103,7 @@ struct memtbl_entry {
|
|||||||
#define info_hash(p) ( *(u32*)((p)) % INFO_BUCKETS )
|
#define info_hash(p) ( *(u32*)((p)) % INFO_BUCKETS )
|
||||||
static struct info_entry *info_strings[INFO_BUCKETS]; /* hash table */
|
static struct info_entry *info_strings[INFO_BUCKETS]; /* hash table */
|
||||||
|
|
||||||
static struct memtbl_entry *memtbl; /* the table with the memory infos */
|
static struct memtbl_entry *memtbl; /* the table with the memory info */
|
||||||
static unsigned memtbl_size; /* number of allocated entries */
|
static unsigned memtbl_size; /* number of allocated entries */
|
||||||
static unsigned memtbl_len; /* number of used entries */
|
static unsigned memtbl_len; /* number of used entries */
|
||||||
static struct memtbl_entry *memtbl_unused;/* to keep track of unused entries */
|
static struct memtbl_entry *memtbl_unused;/* to keep track of unused entries */
|
||||||
@ -127,7 +127,7 @@ add_entry( byte *p, unsigned n, int mode, const char *info, const char *by )
|
|||||||
index = memtbl_len++;
|
index = memtbl_len++;
|
||||||
else {
|
else {
|
||||||
struct memtbl_entry *e;
|
struct memtbl_entry *e;
|
||||||
/* look for an used entry in the table. We take the first one,
|
/* look for a used entry in the table. We take the first one,
|
||||||
* so that freed entries remain as long as possible in the table
|
* so that freed entries remain as long as possible in the table
|
||||||
* (free appends a new one)
|
* (free appends a new one)
|
||||||
*/
|
*/
|
||||||
@ -193,9 +193,9 @@ add_entry( byte *p, unsigned n, int mode, const char *info, const char *by )
|
|||||||
/****************
|
/****************
|
||||||
* Check that the memory block is correct. The magic byte has already been
|
* Check that the memory block is correct. The magic byte has already been
|
||||||
* checked. Checks which are done here:
|
* checked. Checks which are done here:
|
||||||
* - see wether the index points into our memory table
|
* - see whether the index points into our memory table
|
||||||
* - see wether P is the same as the one stored in the table
|
* - see whether P is the same as the one stored in the table
|
||||||
* - see wether we have already freed this block.
|
* - see whether we have already freed this block.
|
||||||
*/
|
*/
|
||||||
struct memtbl_entry *
|
struct memtbl_entry *
|
||||||
check_mem( const byte *p, const char *info )
|
check_mem( const byte *p, const char *info )
|
||||||
|
@ -75,7 +75,7 @@ strlist_last( STRLIST node )
|
|||||||
/****************
|
/****************
|
||||||
* look for the substring SUB in buffer and return a pointer to that
|
* look for the substring SUB in buffer and return a pointer to that
|
||||||
* substring in BUF or NULL if not found.
|
* substring in BUF or NULL if not found.
|
||||||
* Comparison is case-in-sensitive.
|
* Comparison is case-insensitive.
|
||||||
*/
|
*/
|
||||||
const char *
|
const char *
|
||||||
memistr( const char *buf, size_t buflen, const char *sub )
|
memistr( const char *buf, size_t buflen, const char *sub )
|
||||||
|
Loading…
x
Reference in New Issue
Block a user