security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

Remove hacks which are not anymore needed since we now require Libgcrypt 1.4

This commit is contained in:
Werner Koch 2008-09-29 15:02:55 +00:00
parent d62ca1bf4a
commit 7d63aa42e5
27 changed files with 348 additions and 271 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@ -1,3 +1,7 @@
2008-09-29 Werner Koch <wk@g10code.com>
* configure.ac: Require libgcrypt 1.4.
2008-08-27 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Use printf for the most portable SVN version

4
NEWS
View File

@ -16,6 +16,8 @@ Noteworthy changes in version 2.0.10 (unreleased)
* [gpg] New options --with-sig-list and --with-sig-check.
* [gpg] The option "-sat" is no longer an alias for --clearsign.
* [gpgsm] Made --output option work with --export-secret-key-p12.
* gpg-connect-agent accepts commands given as command line arguments.
@ -33,6 +35,8 @@ Noteworthy changes in version 2.0.10 (unreleased)
* Support for version 2 OpenPGP cards.
* Libgcrypt 1.4 is now required.
Noteworthy changes in version 2.0.9 (2008-03-26)
------------------------------------------------

24
TODO
View File

@ -51,7 +51,7 @@
* sm/export.c
** Return an error code or a status info per user ID.
* scd/tlv.c
* common/tlv.c
The parse_sexp function should not go into this file. Check whether
we can change all S-expression handling code to make use of this
function.
@ -85,33 +85,13 @@
Replace by an estream based implementation.
* jnlib/
** provide jnlib_malloc and try to remove all jnlib_xmalloc.
** Try to remove all jnlib_xmalloc.
* g10/
** issue a NO_SECKEY xxxx if a -u key was not found.
* When switching to libgcrypt 1.4
** scd#encode_md_for_card, g10#encode_md_value, sm@do_encode_md
Remove the extra test for a valid algorithm as libgcrypt will do it
then in gcry_md_algo_info.
** skclist.c
Remove the hard coded constant in random_is_faked.
** g10/ Replace DIGEST_ALGO_SHA224
We can't do that right now because it is only defined by newer
versions of libgcrypt.
** GCRY_MD_USER
Remove these definitions.
** MY_GCRY_PK_ECDSA
Remove this.
** MY_GCRY_MD_SHA224
Remove this.
* Extend selinux support to other modules
* Remove -sat PGP2 compatibility hack
* UTF-8 specific TODOs
None.

6
agent/ChangeLog
View File

@ -1,3 +1,9 @@
2008-09-29 Werner Koch <wk@g10code.com>
* agent.h (GCRY_MD_USER): Rename to GCRY_MODULE_ID_USER.
(GCRY_MD_USER_TLS_MD5SHA1): Rename to MD_USER_TLS_MD5SHA1 and
change all users.
2008-09-25 Werner Koch <wk@g10code.com>
* divert-scd.c (getpin_cb): Support a Reset Code style PINs..

6
agent/agent.h
View File

@ -36,10 +36,10 @@
/* To convey some special hash algorithms we use algorithm numbers
reserved for application use. */
#ifndef GCRY_MD_USER
#define GCRY_MD_USER 1024
#ifndef GCRY_MODULE_ID_USER
#define GCRY_MODULE_ID_USER 1024
#endif
#define GCRY_MD_USER_TLS_MD5SHA1 (GCRY_MD_USER+1)
#define MD_USER_TLS_MD5SHA1 (GCRY_MODULE_ID_USER+1)
/* Maximum length of a digest. */
#define MAX_DIGEST_LEN 36

4
agent/command.c
View File

@ -597,7 +597,7 @@ cmd_sethash (assuan_context_t ctx, char *line)
else if (has_option (line, "--hash=md5"))
algo = GCRY_MD_MD5;
else if (has_option (line, "--hash=tls-md5sha1"))
algo = GCRY_MD_USER_TLS_MD5SHA1;
algo = MD_USER_TLS_MD5SHA1;
else
return set_error (GPG_ERR_ASS_PARAMETER, "invalid hash algorithm");
}
@ -622,7 +622,7 @@ cmd_sethash (assuan_context_t ctx, char *line)
if (rc)
return rc;
n /= 2;
if (algo == GCRY_MD_USER_TLS_MD5SHA1 && n == 36)
if (algo == MD_USER_TLS_MD5SHA1 && n == 36)
;
else if (n != 16 && n != 20 && n != 24 && n != 32)
return set_error (GPG_ERR_ASS_PARAMETER, "unsupported length of hash");

2
agent/divert-scd.c
View File

@ -335,7 +335,7 @@ divert_pksign (ctrl_t ctrl,
if (rc)
return rc;
if (algo == GCRY_MD_USER_TLS_MD5SHA1)
if (algo == MD_USER_TLS_MD5SHA1)
{
int save = ctrl->use_auth_call;
ctrl->use_auth_call = 1;

2
agent/pksign.c
View File

@ -181,7 +181,7 @@ agent_pksign_do (ctrl_t ctrl, const char *desc_text,
gcry_sexp_t s_hash = NULL;
/* Put the hash into a sexp */
if (ctrl->digest.algo == GCRY_MD_USER_TLS_MD5SHA1)
if (ctrl->digest.algo == MD_USER_TLS_MD5SHA1)
rc = do_encode_raw_pkcs1 (ctrl->digest.value,
ctrl->digest.valuelen,
gcry_pk_get_nbits (s_skey),

2
configure.ac
View File

@ -39,7 +39,7 @@ development_version=no
NEED_GPG_ERROR_VERSION=1.4
NEED_LIBGCRYPT_API=1
NEED_LIBGCRYPT_VERSION=1.2.2
NEED_LIBGCRYPT_VERSION=1.4.0
NEED_LIBASSUAN_API=1
NEED_LIBASSUAN_VERSION=1.0.4

11
g10/ChangeLog
View File

@ -1,3 +1,14 @@
2008-09-29 Werner Koch <wk@g10code.com>
* gpg.c (main): Remove -sat kludge. Note that we printed a
warning for two years.
* seskey.c (encode_md_value): Remove extra gcry_md_test_algo since
it is not needed with Libgcrypt 1.4.
* skclist.c (random_is_faked): Simplify.
* sign.c (match_dsa_hash): Remove runtime check for SHA224.
* gpg.c (print_mds): Use GCRY_MD_SHA224 constant.
2008-09-25 David Shaw <dshaw@jabberwocky.com>
* keyedit.c (keyedit_menu): Fix bug where a modified keyring loses

23
g10/gpg.c
View File

@ -1,6 +1,6 @@
/* gpg.c - The GnuPG utility (main for gpg)
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
* 2006, 2007 Free Software Foundation, Inc.
* 2006, 2007, 2008 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@ -3285,15 +3285,6 @@ main (int argc, char **argv)
set_cmd( &cmd, aListKeys);
}
/* kludge to let -sat generate a clear text signature */
if( opt.textmode == 2 && !detached_sig && opt.armor && cmd == aSign )
{
log_info ("compatibility note:\n");
log_info ("\"-sat\" won't generate clear signed messages in "
"future versions\n");
log_info ("Use \"--clearsign\" instead of \"-sat\"\n");
cmd = aClearsign;
}
if( opt.verbose > 1 )
set_packet_list_mode(1);
@ -4155,8 +4146,8 @@ print_mds( const char *fname, int algo )
gcry_md_enable (md, GCRY_MD_MD5);
gcry_md_enable (md, GCRY_MD_SHA1);
gcry_md_enable (md, GCRY_MD_RMD160);
if (!openpgp_md_test_algo (DIGEST_ALGO_SHA224))
gcry_md_enable (md, DIGEST_ALGO_SHA224);
if (!openpgp_md_test_algo (GCRY_MD_SHA224))
gcry_md_enable (md, GCRY_MD_SHA224);
if (!openpgp_md_test_algo (GCRY_MD_SHA256))
gcry_md_enable (md, GCRY_MD_SHA256);
if (!openpgp_md_test_algo (GCRY_MD_SHA384))
@ -4178,8 +4169,8 @@ print_mds( const char *fname, int algo )
print_hashline( md, GCRY_MD_MD5, fname );
print_hashline( md, GCRY_MD_SHA1, fname );
print_hashline( md, GCRY_MD_RMD160, fname );
if (!gcry_md_test_algo (DIGEST_ALGO_SHA224))
print_hashline (md, DIGEST_ALGO_SHA224, fname);
if (!gcry_md_test_algo (GCRY_MD_SHA224))
print_hashline (md, GCRY_MD_SHA224, fname);
if (!gcry_md_test_algo (GCRY_MD_SHA256))
print_hashline( md, GCRY_MD_SHA256, fname );
if (!gcry_md_test_algo (GCRY_MD_SHA384))
@ -4195,8 +4186,8 @@ print_mds( const char *fname, int algo )
print_hex( md, GCRY_MD_MD5, fname );
print_hex( md, GCRY_MD_SHA1, fname );
print_hex( md, GCRY_MD_RMD160, fname );
if (!gcry_md_test_algo (DIGEST_ALGO_SHA224))
print_hex (md, DIGEST_ALGO_SHA224, fname);
if (!gcry_md_test_algo (GCRY_MD_SHA224))
print_hex (md, GCRY_MD_SHA224, fname);
if (!gcry_md_test_algo (GCRY_MD_SHA256))
print_hex( md, GCRY_MD_SHA256, fname );
if (!gcry_md_test_algo (GCRY_MD_SHA384))

1
g10/options.skel
View File

@ -128,6 +128,7 @@ require-cross-certification
# the "--keyserver-options debug".
keyserver hkp://keys.gnupg.net
#keyserver http://http-keys.gnupg.net
#keyserver mailto:pgp-public-keys@keys.nl.pgp.net
#keyserver ldap://pgp.surfnet.nl:11370
#keyserver ldap://keyserver.pgp.com

6
g10/seskey.c
View File

@ -265,11 +265,9 @@ encode_md_value (PKT_public_key *pk, PKT_secret_key *sk,
byte *asn;
size_t asnlen;
rc = gcry_md_test_algo (hash_algo);
if (!rc)
rc = gcry_md_algo_info (hash_algo, GCRYCTL_GET_ASNOID, NULL, &asnlen);
rc = gcry_md_algo_info (hash_algo, GCRYCTL_GET_ASNOID, NULL, &asnlen);
if (rc)
log_fatal ("can't get OID of algo %d: %s\n",
log_fatal ("can't get OID of digest algorithm %d: %s\n",
hash_algo, gpg_strerror (rc));
asn = xmalloc (asnlen);
if ( gcry_md_algo_info (hash_algo, GCRYCTL_GET_ASNOID, asn, &asnlen) )

4
g10/sign.c
View File

@ -346,9 +346,7 @@ match_dsa_hash (unsigned int qbytes)
if (qbytes <= 20)
return DIGEST_ALGO_SHA1;
/* SHA244 is only available with libgcrypt 1.4 - thus do a runtime
test. */
if (qbytes <= 28 && !gcry_md_test_algo (DIGEST_ALGO_SHA224))
if (qbytes <= 28)
return DIGEST_ALGO_SHA224;
if (qbytes <= 32)

13
g10/skclist.c
View File

@ -41,18 +41,7 @@
int
random_is_faked (void)
{
/* We use a runtime check to allow for slow migrattion of libgcrypt.
We can't use the constant becuase that one is actually an enum
value. */
gpg_error_t err = gcry_control ( 51 /*GCRYCTL_FAKED_RANDOM_P*/, 0);
if (!err)
return 0;
if (gpg_err_code (err) != GPG_ERR_INV_OP)
return 1;
log_info ("WARNING: libgcrypt too old.\n");
log_info (" can't check whether we are in faked RNG mode\n");
return 0; /* Need to return false. */
return !!gcry_control ( GCRYCTL_FAKED_RANDOM_P, 0);
}

7
jnlib/ChangeLog
View File

@ -1,3 +1,10 @@
2008-09-29 Werner Koch <wk@g10code.com>
* argparse.c (ARGERR_): Use constants for error values.
(optfile_parse): Prettify. Replace xmalloc and xrealloc by malloc
and realloc.
* libjnlib-config.h (jnlib_strdup, jnlib_realloc): New.
2008-06-26 Werner Koch <wk@g10code.com>
* stringhelp.c (print_sanitized_buffer2): Loose check for control

433
jnlib/argparse.c
View File

@ -34,6 +34,7 @@
#include "argparse.h"
/*********************************
* @Summary arg_parse
* #include <wk/lib.h>
@ -172,18 +173,20 @@ initialize( ARGPARSE_ARGS *arg, const char *filename, unsigned *lineno )
if (filename)
{
if ( arg->r_opt == -6 )
if ( arg->r_opt == ARGPARSE_UNEXPECTED_ARG )
s = _("argument not expected");
else if ( arg->r_opt == -5 )
else if ( arg->r_opt == ARGPARSE_READ_ERROR )
s = _("read error");
else if ( arg->r_opt == -4 )
else if ( arg->r_opt == ARGPARSE_KEYWORD_TOO_LONG )
s = _("keyword too long");
else if ( arg->r_opt == -3 )
else if ( arg->r_opt == ARGPARSE_MISSING_ARG )
s = _("missing argument");
else if ( arg->r_opt == -7 )
else if ( arg->r_opt == ARGPARSE_INVALID_COMMAND )
s = _("invalid command");
else if ( arg->r_opt == -10 )
else if ( arg->r_opt == ARGPARSE_INVALID_ALIAS )
s = _("invalid alias definition");
else if ( arg->r_opt == ARGPARSE_OUT_OF_CORE )
s = _("out of core");
else
s = _("invalid option");
jnlib_log_error ("%s:%u: %s\n", filename, *lineno, s);
@ -192,17 +195,19 @@ initialize( ARGPARSE_ARGS *arg, const char *filename, unsigned *lineno )
{
s = arg->internal.last? arg->internal.last:"[??]";
if ( arg->r_opt == -3 )
if ( arg->r_opt == ARGPARSE_MISSING_ARG )
jnlib_log_error (_("missing argument for option \"%.50s\"\n"), s);
else if ( arg->r_opt == -6 )
else if ( arg->r_opt == ARGPARSE_UNEXPECTED_ARG )
jnlib_log_error (_("option \"%.50s\" does not expect an "
"argument\n"), s );
else if ( arg->r_opt == -7 )
else if ( arg->r_opt == ARGPARSE_INVALID_COMMAND )
jnlib_log_error (_("invalid command \"%.50s\"\n"), s);
else if ( arg->r_opt == -8 )
else if ( arg->r_opt == ARGPARSE_AMBIGUOUS_OPTION )
jnlib_log_error (_("option \"%.50s\" is ambiguous\n"), s);
else if ( arg->r_opt == -9 )
else if ( arg->r_opt == ARGPARSE_AMBIGUOUS_OPTION )
jnlib_log_error (_("command \"%.50s\" is ambiguous\n"),s );
else if ( arg->r_opt == ARGPARSE_OUT_OF_CORE )
jnlib_log_error ("%s\n", _("out of core\n"));
else
jnlib_log_error (_("invalid option \"%.50s\"\n"), s);
}
@ -251,181 +256,246 @@ store_alias( ARGPARSE_ARGS *arg, char *name, char *value )
* Note: Abbreviation of options is here not allowed.
*/
int
optfile_parse( FILE *fp, const char *filename, unsigned *lineno,
optfile_parse (FILE *fp, const char *filename, unsigned *lineno,
ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts)
{
int state, i, c;
int idx=0;
char keyword[100];
char *buffer = NULL;
size_t buflen = 0;
int inverse=0;
int in_alias=0;
int state, i, c;
int idx=0;
char keyword[100];
char *buffer = NULL;
size_t buflen = 0;
int in_alias=0;
if (!fp) /* Divert to to arg_parse() in this case. */
return arg_parse (arg, opts);
initialize (arg, filename, lineno);
if( !fp ) /* same as arg_parse() in this case */
return arg_parse( arg, opts );
/* Find the next keyword. */
state = i = 0;
for (;;)
{
c = getc (fp);
if (c == '\n' || c== EOF )
{
if ( c != EOF )
++*lineno;
if (state == -1)
break;
else if (state == 2)
{
keyword[i] = 0;
for (i=0; opts[i].short_opt; i++ )
{
if (opts[i].long_opt && !strcmp (opts[i].long_opt, keyword))
break;
}
idx = i;
arg->r_opt = opts[idx].short_opt;
if (!opts[idx].short_opt )
arg->r_opt = ((opts[idx].flags & 256)
? ARGPARSE_INVALID_COMMAND
: ARGPARSE_INVALID_OPTION);
else if (!(opts[idx].flags & 7))
arg->r_type = 0; /* Does not take an arg. */
else if ((opts[idx].flags & 8) )
arg->r_type = 0; /* Arg is optional. */
else
arg->r_opt = ARGPARSE_MISSING_ARG;
initialize( arg, filename, lineno );
/* find the next keyword */
state = i = 0;
for(;;) {
c=getc(fp);
if( c == '\n' || c== EOF ) {
if( c != EOF )
++*lineno;
if( state == -1 )
break;
else if( state == 2 ) {
keyword[i] = 0;
for(i=0; opts[i].short_opt; i++ )
if( opts[i].long_opt && !strcmp( opts[i].long_opt, keyword) )
break;
idx = i;
arg->r_opt = opts[idx].short_opt;
if( inverse ) /* this does not have an effect, hmmm */
arg->r_opt = -arg->r_opt;
if( !opts[idx].short_opt ) /* unknown command/option */
arg->r_opt = (opts[idx].flags & 256)? -7:-2;
else if( !(opts[idx].flags & 7) ) /* does not take an arg */
arg->r_type = 0; /* okay */
else if( (opts[idx].flags & 8) ) /* argument is optional */
arg->r_type = 0; /* okay */
else /* required argument */
arg->r_opt = -3; /* error */
break;
break;
}
else if( state == 3 ) { /* no argument found */
if( in_alias )
arg->r_opt = -3; /* error */
else if( !(opts[idx].flags & 7) ) /* does not take an arg */
arg->r_type = 0; /* okay */
else if( (opts[idx].flags & 8) ) /* no optional argument */
arg->r_type = 0; /* okay */
else /* no required argument */
arg->r_opt = -3; /* error */
break;
}
else if( state == 4 ) { /* have an argument */
if( in_alias ) {
if( !buffer )
arg->r_opt = -6;
else {
char *p;
else if (state == 3)
{
/* No argument found. */
if (in_alias)
arg->r_opt = ARGPARSE_MISSING_ARG;
else if (!(opts[idx].flags & 7))
arg->r_type = 0; /* Does not take an arg. */
else if ((opts[idx].flags & 8))
arg->r_type = 0; /* No optional argument. */
else
arg->r_opt = ARGPARSE_MISSING_ARG;
buffer[i] = 0;
p = strpbrk( buffer, " \t" );
if( p ) {
*p++ = 0;
trim_spaces( p );
}
if( !p || !*p ) {
jnlib_free( buffer );
arg->r_opt = -10;
}
else {
store_alias( arg, buffer, p );
break;
}
else if (state == 4)
{
/* Has an argument. */
if (in_alias)
{
if (!buffer)
arg->r_opt = ARGPARSE_UNEXPECTED_ARG;
else
{
char *p;
buffer[i] = 0;
p = strpbrk (buffer, " \t");
if (p)
{
*p++ = 0;
trim_spaces (p);
}
if (!p || !*p)
{
jnlib_free (buffer);
arg->r_opt = ARGPARSE_INVALID_ALIAS;
}
else
{
store_alias (arg, buffer, p);
}
}
}
else if( !(opts[idx].flags & 7) ) /* does not take an arg */
arg->r_opt = -6; /* error */
else {
char *p;
if( !buffer ) {
keyword[i] = 0;
buffer = jnlib_xstrdup(keyword);
}
else
buffer[i] = 0;
else if (!(opts[idx].flags & 7))
arg->r_opt = ARGPARSE_UNEXPECTED_ARG;
else
{
char *p;
trim_spaces( buffer );
p = buffer;
if( *p == '"' ) { /* remove quotes */
p++;
if( *p && p[strlen(p)-1] == '"' )
p[strlen(p)-1] = 0;
if (!buffer)
{
keyword[i] = 0;
buffer = jnlib_strdup (keyword);
if (!buffer)
arg->r_opt = ARGPARSE_OUT_OF_CORE;
}
if( !set_opt_arg(arg, opts[idx].flags, p) )
else
buffer[i] = 0;
if (buffer)
{
trim_spaces (buffer);
p = buffer;
if (*p == '"')
{
/* Remove quotes. */
p++;
if (*p && p[strlen(p)-1] == '\"' )
p[strlen(p)-1] = 0;
}
if (!set_opt_arg (arg, opts[idx].flags, p))
jnlib_free(buffer);
}
break;
}
else if( c == EOF ) {
if( ferror(fp) )
arg->r_opt = -5; /* read error */
else
arg->r_opt = 0; /* eof */
break;
}
state = 0;
i = 0;
}
else if( state == -1 )
; /* skip */
else if( !state && isspace(c) )
; /* skip leading white space */
else if( !state && c == '#' )
state = 1; /* start of a comment */
else if( state == 1 )
; /* skip comments */
else if( state == 2 && isspace(c) ) {
keyword[i] = 0;
for(i=0; opts[i].short_opt; i++ )
if( opts[i].long_opt && !strcmp( opts[i].long_opt, keyword) )
break;
idx = i;
arg->r_opt = opts[idx].short_opt;
if( !opts[idx].short_opt ) {
if( !strcmp( keyword, "alias" ) ) {
in_alias = 1;
state = 3;
}
else {
arg->r_opt = (opts[idx].flags & 256)? -7:-2;
state = -1; /* skip rest of line and leave */
}
}
else
state = 3;
}
else if( state == 3 ) { /* skip leading spaces of the argument */
if( !isspace(c) ) {
i = 0;
keyword[i++] = c;
state = 4;
}
}
else if( state == 4 ) { /* collect the argument */
if( buffer ) {
if( i < buflen-1 )
buffer[i++] = c;
else {
buflen += 50;
buffer = jnlib_xrealloc(buffer, buflen);
buffer[i++] = c;
}
}
else if( i < DIM(keyword)-1 )
keyword[i++] = c;
else {
buflen = DIM(keyword)+50;
buffer = jnlib_xmalloc(buflen);
memcpy(buffer, keyword, i);
buffer[i++] = c;
}
}
else if( i >= DIM(keyword)-1 ) {
arg->r_opt = -4; /* keyword to long */
state = -1; /* skip rest of line and leave */
}
else {
keyword[i++] = c;
state = 2;
}
}
}
}
break;
}
else if (c == EOF)
{
if (ferror (fp))
arg->r_opt = ARGPARSE_READ_ERROR;
else
arg->r_opt = 0; /* EOF. */
break;
}
state = 0;
i = 0;
}
else if (state == -1)
; /* Skip. */
else if (state == 0 && isascii (c) && isspace(c))
; /* Skip leading white space. */
else if (state == 0 && c == '#' )
state = 1; /* Start of a comment. */
else if (state == 1)
; /* Skip comments. */
else if (state == 2 && isascii (c) && isspace(c))
{
/* Check keyword. */
keyword[i] = 0;
for (i=0; opts[i].short_opt; i++ )
if (opts[i].long_opt && !strcmp (opts[i].long_opt, keyword))
break;
idx = i;
arg->r_opt = opts[idx].short_opt;
if (!opts[idx].short_opt)
{
if (!strcmp (keyword, "alias"))
{
in_alias = 1;
state = 3;
}
else
{
arg->r_opt = ((opts[idx].flags & 256)
? ARGPARSE_INVALID_COMMAND
: ARGPARSE_INVALID_OPTION);
state = -1; /* Skip rest of line and leave. */
}
}
else
state = 3;
}
else if (state == 3)
{
/* Skip leading spaces of the argument. */
if (!isascii (c) || !isspace(c))
{
i = 0;
keyword[i++] = c;
state = 4;
}
}
else if (state == 4)
{
/* Collect the argument. */
if (buffer)
{
if (i < buflen-1)
buffer[i++] = c;
else
{
char *tmp;
size_t tmplen = buflen + 50;
return arg->r_opt;
tmp = jnlib_realloc (buffer, tmplen);
if (tmp)
{
buflen = tmplen;
buffer = tmp;
buffer[i++] = c;
}
else
{
jnlib_free (buffer);
arg->r_opt = ARGPARSE_OUT_OF_CORE;
break;
}
}
}
else if (i < DIM(keyword)-1)
keyword[i++] = c;
else
{
size_t tmplen = DIM(keyword) + 50;
buffer = jnlib_malloc (tmplen);
if (buffer)
{
buflen = tmplen;
memcpy(buffer, keyword, i);
buffer[i++] = c;
}
else
{
arg->r_opt = ARGPARSE_OUT_OF_CORE;
break;
}
}
}
else if (i >= DIM(keyword)-1)
{
arg->r_opt = ARGPARSE_KEYWORD_TOO_LONG;
state = -1; /* Skip rest of line and leave. */
}
else
{
keyword[i++] = c;
state = 2;
}
}
return arg->r_opt;
}
@ -504,7 +574,7 @@ arg_parse( ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts)
arg->internal.last = s;
if( arg->internal.stopped && (arg->flags & (1<<1)) ) {
arg->r_opt = -1; /* not an option but a argument */
arg->r_opt = ARGPARSE_IS_ARG; /* Not an option but an argument. */
arg->r_type = 2;
arg->r.ret_str = s;
argc--; argv++; idx++; /* set to next one */
@ -551,10 +621,10 @@ arg_parse( ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts)
exit(0);
}
if( i == -2 ) /* ambiguous option */
arg->r_opt = -8;
if( i == -2 )
arg->r_opt = ARGPARSE_AMBIGUOUS_OPTION;
else if( i == -1 ) {
arg->r_opt = -2;
arg->r_opt = ARGPARSE_INVALID_OPTION;
arg->r.ret_str = s+2;
}
else
@ -573,7 +643,7 @@ arg_parse( ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts)
arg->r_type = 0; /* because it is optional */
}
else if( !s2 ) {
arg->r_opt = -3; /* missing argument */
arg->r_opt = ARGPARSE_MISSING_ARG;
}
else if( !argpos && *s2 == '-' && (opts[i].flags & 8) ) {
/* the argument is optional and the next seems to be
@ -622,7 +692,8 @@ arg_parse( ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts)
arg->r_opt = opts[i].short_opt;
if( !opts[i].short_opt ) {
arg->r_opt = (opts[i].flags & 256)? -7:-2;
arg->r_opt = (opts[i].flags & 256)?
ARGPARSE_INVALID_COMMAND:ARGPARSE_INVALID_OPTION;
arg->internal.inarg++; /* point to the next arg */
arg->r.ret_str = s;
}
@ -637,7 +708,7 @@ arg_parse( ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts)
arg->r_type = 0; /* because it is optional */
}
else if( !s2 ) {
arg->r_opt = -3; /* missing argument */
arg->r_opt = ARGPARSE_MISSING_ARG;
}
else if( *s2 == '-' && s2[1] && (opts[i].flags & 8) ) {
/* the argument is optional and the next seems to be
@ -662,7 +733,7 @@ arg_parse( ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts)
}
}
else if( arg->flags & (1<<2) ) {
arg->r_opt = -1; /* not an option but a argument */
arg->r_opt = ARGPARSE_IS_ARG;
arg->r_type = 2;
arg->r.ret_str = s;
argc--; argv++; idx++; /* set to next one */

13
jnlib/argparse.h
View File

@ -55,6 +55,19 @@ typedef struct {
} ARGPARSE_OPTS;
/* Error values. */
#define ARGPARSE_IS_ARG (-1)
#define ARGPARSE_INVALID_OPTION (-2)
#define ARGPARSE_MISSING_ARG (-3)
#define ARGPARSE_KEYWORD_TOO_LONG (-4)
#define ARGPARSE_READ_ERROR (-5)
#define ARGPARSE_UNEXPECTED_ARG (-6)
#define ARGPARSE_INVALID_COMMAND (-7)
#define ARGPARSE_AMBIGUOUS_OPTION (-8)
#define ARGPARSE_AMBIGUOUS_COMMAND (-9)
#define ARGPARSE_INVALID_ALIAS (-10)
#define ARGPARSE_OUT_OF_CORE (-11)
int arg_parse( ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts);
int optfile_parse( FILE *fp, const char *filename, unsigned *lineno,

4
jnlib/libjnlib-config.h
View File

@ -65,13 +65,15 @@
/* Malloc functions to be used by jnlib. */
#define jnlib_malloc(a) gcry_malloc( (a) )
#define jnlib_calloc(a,b) gcry_calloc( (a), (b) )
#define jnlib_realloc(a,b) gcry_realloc( (a), (b) )
#define jnlib_strdup(a) gcry_strdup( (a) )
#define jnlib_xmalloc(a) gcry_xmalloc( (a) )
#define jnlib_xcalloc(a,b) gcry_xcalloc( (a), (b) )
#define jnlib_xrealloc(a,n) gcry_xrealloc( (a), (n) )
#define jnlib_xstrdup(a) gcry_xstrdup( (a) )
#define jnlib_free(a) gcry_free( (a) )
/* Logging functions to be jused by jnlib. */
/* Logging functions to be used by jnlib. */
#define jnlib_log_debug log_debug
#define jnlib_log_info log_info
#define jnlib_log_error log_error

6
scd/ChangeLog
View File

@ -1,3 +1,9 @@
2008-09-29 Werner Koch <wk@g10code.com>
* scdaemon.h (GCRY_MD_USER): Rename to GCRY_MODULE_ID_USER.
(GCRY_MD_USER_TLS_MD5SHA1): Rename to MD_USER_TLS_MD5SHA1 and
change all users.
2008-09-28 Marcus Brinkmann <marcus@g10code.com>
* apdu.c (pcsc_get_status): Fix last change.

8
scd/app-p15.c
View File

@ -2948,7 +2948,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo,
mse[0] = 4; /* Length of the template. */
mse[1] = 0x80; /* Algorithm reference tag. */
if (hashalgo == GCRY_MD_USER_TLS_MD5SHA1)
if (hashalgo == MD_USER_TLS_MD5SHA1)
mse[2] = 0x01; /* Let card do pkcs#1 0xFF padding. */
else
mse[2] = 0x02; /* RSASSA-PKCS1-v1.5 using SHA1. */
@ -3124,7 +3124,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo,
if (indatalen == 36)
{
/* No ASN.1 container used. */
if (hashalgo != GCRY_MD_USER_TLS_MD5SHA1)
if (hashalgo != MD_USER_TLS_MD5SHA1)
return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
memcpy (data, indata, indatalen);
}
@ -3187,7 +3187,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo,
return err;
}
if (hashalgo == GCRY_MD_USER_TLS_MD5SHA1)
if (hashalgo == MD_USER_TLS_MD5SHA1)
err = iso7816_compute_ds (app->slot, data, 36, outdata, outdatalen);
else if (no_data_padding)
err = iso7816_compute_ds (app->slot, data+15, 20, outdata, outdatalen);
@ -3226,7 +3226,7 @@ do_auth (app_t app, const char *keyidstr,
return gpg_error (GPG_ERR_WRONG_KEY_USAGE);
}
algo = indatalen == 36? GCRY_MD_USER_TLS_MD5SHA1 : GCRY_MD_SHA1;
algo = indatalen == 36? MD_USER_TLS_MD5SHA1 : GCRY_MD_SHA1;
return do_sign (app, keyidstr, algo, pincb, pincb_arg,
indata, indatalen, outdata, outdatalen);
}

6
scd/scdaemon.h
View File

@ -33,10 +33,10 @@
/* To convey some special hash algorithms we use algorithm numbers
reserved for application use. */
#ifndef GCRY_MD_USER
#define GCRY_MD_USER 1024
#ifndef GCRY_MODULE_ID_USER
#define GCRY_MODULE_ID_USER 1024
#endif
#define GCRY_MD_USER_TLS_MD5SHA1 (GCRY_MD_USER+1)
#define MD_USER_TLS_MD5SHA1 (GCRY_MODULE_ID_USER+1)
/* Maximum length of a digest. */
#define MAX_DIGEST_LEN 36

7
sm/ChangeLog
View File

@ -1,3 +1,10 @@
2008-09-29 Werner Koch <wk@g10code.com>
* certcheck.c (MY_GCRY_PK_ECDSA): Remove. Change users to
GCRY_PK_ECDSA.
* gpgsm.c (MY_GCRY_PK_ECDSA): Ditto.
* sign.c (MY_GCRY_MD_SHA224): Remove change users to GCRY_MD_SHA224.
2008-09-04 Werner Koch <wk@g10code.com>
* certdump.c (gpgsm_format_keydesc): Work around a mingw32 bug.

10
sm/certcheck.c
View File

@ -34,10 +34,6 @@
#include "i18n.h"
/* Remove this if libgcrypt 1.3.0 is required. */
#define MY_GCRY_PK_ECDSA 301
/* Return the number of bits of the Q parameter from the DSA key
KEY. */
static unsigned int
@ -75,11 +71,11 @@ do_encode_md (gcry_md_hd_t md, int algo, int pkalgo, unsigned int nbits,
size_t nframe;
unsigned char *frame;
if (pkalgo == GCRY_PK_DSA || pkalgo == MY_GCRY_PK_ECDSA)
if (pkalgo == GCRY_PK_DSA || pkalgo == GCRY_PK_ECDSA)
{
unsigned int qbits;
if ( pkalgo == MY_GCRY_PK_ECDSA )
if ( pkalgo == GCRY_PK_ECDSA )
qbits = gcry_pk_get_nbits (pkey);
else
qbits = get_dsa_qbits (pkey);
@ -214,7 +210,7 @@ pk_algo_from_sexp (gcry_sexp_t pkey)
/* Because this function is called only for verification we can
assume that ECC actually means ECDSA. */
else if (n==3 && !memcmp (name, "ecc", 3))
algo = MY_GCRY_PK_ECDSA;
algo = GCRY_PK_ECDSA;
else if (n==13 && !memcmp (name, "ambiguous-rsa", 13))
algo = GCRY_PK_RSA;
else

2
sm/certreqgen-ui.c
View File

@ -300,7 +300,7 @@ gpgsm_gencertreq_tty (ctrl_t ctrl, FILE *output_fp)
goto leave;
mem_error:
log_error (_("resource problem: out or core\n"));
log_error (_("resource problem: out of core\n"));
leave:
es_fclose (fp);
xfree (keytype);

6
sm/gpgsm.c
View File

@ -500,17 +500,13 @@ static FILE *open_fwrite (const char *filename);
static estream_t open_es_fwrite (const char *filename);
static void run_protect_tool (int argc, char **argv);
/* Remove this if libgcrypt 1.3.0 is required. */
#define MY_GCRY_PK_ECDSA 301
static int
our_pk_test_algo (int algo)
{
switch (algo)
{
case GCRY_PK_RSA:
case MY_GCRY_PK_ECDSA:
case GCRY_PK_ECDSA:
return gcry_pk_test_algo (algo);
default:
return 1;

5
sm/sign.c
View File

@ -33,9 +33,6 @@
#include "keydb.h"
#include "i18n.h"
/* Remove this if libgcrypt 1.4 is required. */
#define MY_GCRY_MD_SHA224 11
static void
hash_data (int fd, gcry_md_hd_t md)
@ -411,7 +408,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
{
case GCRY_MD_SHA1: oid = "1.3.14.3.2.26"; break;
case GCRY_MD_RMD160: oid = "1.3.36.3.2.1"; break;
case MY_GCRY_MD_SHA224: oid = "2.16.840.1.101.3.4.2.4"; break;
case GCRY_MD_SHA224: oid = "2.16.840.1.101.3.4.2.4"; break;
case GCRY_MD_SHA256: oid = "2.16.840.1.101.3.4.2.1"; break;
case GCRY_MD_SHA384: oid = "2.16.840.1.101.3.4.2.2"; break;
case GCRY_MD_SHA512: oid = "2.16.840.1.101.3.4.2.3"; break;