security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-06-06 23:17:47 +02:00
Code Activity

Remove hacks which are not anymore needed since we now require Libgcrypt 1.4

Browse Source
This commit is contained in:
Werner Koch 2008-09-29 15:02:55 +00:00
parent d62ca1bf4a
commit 7d63aa42e5
27 changed files with 348 additions and 271 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@ -1,3 +1,7 @@
2008-09-29 Werner Koch <wk@g10code.com>
* configure.ac: Require libgcrypt 1.4.
2008-08-27 David Shaw <dshaw@jabberwocky.com> 2008-08-27 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Use printf for the most portable SVN version * configure.ac: Use printf for the most portable SVN version

4
NEWS
View File

@ -16,6 +16,8 @@ Noteworthy changes in version 2.0.10 (unreleased)
* [gpg] New options --with-sig-list and --with-sig-check. * [gpg] New options --with-sig-list and --with-sig-check.
* [gpg] The option "-sat" is no longer an alias for --clearsign.
* [gpgsm] Made --output option work with --export-secret-key-p12. * [gpgsm] Made --output option work with --export-secret-key-p12.
* gpg-connect-agent accepts commands given as command line arguments. * gpg-connect-agent accepts commands given as command line arguments.
@ -33,6 +35,8 @@ Noteworthy changes in version 2.0.10 (unreleased)
* Support for version 2 OpenPGP cards. * Support for version 2 OpenPGP cards.
* Libgcrypt 1.4 is now required.
Noteworthy changes in version 2.0.9 (2008-03-26) Noteworthy changes in version 2.0.9 (2008-03-26)
------------------------------------------------ ------------------------------------------------

24
TODO
View File

@ -51,7 +51,7 @@
* sm/export.c * sm/export.c
** Return an error code or a status info per user ID. ** Return an error code or a status info per user ID.
* scd/tlv.c * common/tlv.c
The parse_sexp function should not go into this file. Check whether The parse_sexp function should not go into this file. Check whether
we can change all S-expression handling code to make use of this we can change all S-expression handling code to make use of this
function. function.
@ -85,33 +85,13 @@
Replace by an estream based implementation. Replace by an estream based implementation.
* jnlib/ * jnlib/
** provide jnlib_malloc and try to remove all jnlib_xmalloc. ** Try to remove all jnlib_xmalloc.
* g10/ * g10/
** issue a NO_SECKEY xxxx if a -u key was not found. ** issue a NO_SECKEY xxxx if a -u key was not found.
* When switching to libgcrypt 1.4
** scd#encode_md_for_card, g10#encode_md_value, sm@do_encode_md
Remove the extra test for a valid algorithm as libgcrypt will do it
then in gcry_md_algo_info.
** skclist.c
Remove the hard coded constant in random_is_faked.
** g10/ Replace DIGEST_ALGO_SHA224
We can't do that right now because it is only defined by newer
versions of libgcrypt.
** GCRY_MD_USER
Remove these definitions.
** MY_GCRY_PK_ECDSA
Remove this.
** MY_GCRY_MD_SHA224
Remove this.
* Extend selinux support to other modules * Extend selinux support to other modules
* Remove -sat PGP2 compatibility hack
* UTF-8 specific TODOs * UTF-8 specific TODOs
None. None.

6
agent/ChangeLog
View File

@ -1,3 +1,9 @@
2008-09-29 Werner Koch <wk@g10code.com>
* agent.h (GCRY_MD_USER): Rename to GCRY_MODULE_ID_USER.
(GCRY_MD_USER_TLS_MD5SHA1): Rename to MD_USER_TLS_MD5SHA1 and
change all users.
2008-09-25 Werner Koch <wk@g10code.com> 2008-09-25 Werner Koch <wk@g10code.com>
* divert-scd.c (getpin_cb): Support a Reset Code style PINs.. * divert-scd.c (getpin_cb): Support a Reset Code style PINs..

6
agent/agent.h
View File

@ -36,10 +36,10 @@
/* To convey some special hash algorithms we use algorithm numbers /* To convey some special hash algorithms we use algorithm numbers
reserved for application use. */ reserved for application use. */
#ifndef GCRY_MD_USER #ifndef GCRY_MODULE_ID_USER
#define GCRY_MD_USER 1024 #define GCRY_MODULE_ID_USER 1024
#endif #endif
#define GCRY_MD_USER_TLS_MD5SHA1 (GCRY_MD_USER+1) #define MD_USER_TLS_MD5SHA1 (GCRY_MODULE_ID_USER+1)
/* Maximum length of a digest. */ /* Maximum length of a digest. */
#define MAX_DIGEST_LEN 36 #define MAX_DIGEST_LEN 36

4
agent/command.c
View File

@ -597,7 +597,7 @@ cmd_sethash (assuan_context_t ctx, char *line)
else if (has_option (line, "--hash=md5")) else if (has_option (line, "--hash=md5"))
algo = GCRY_MD_MD5; algo = GCRY_MD_MD5;
else if (has_option (line, "--hash=tls-md5sha1")) else if (has_option (line, "--hash=tls-md5sha1"))
algo = GCRY_MD_USER_TLS_MD5SHA1; algo = MD_USER_TLS_MD5SHA1;
else else
return set_error (GPG_ERR_ASS_PARAMETER, "invalid hash algorithm"); return set_error (GPG_ERR_ASS_PARAMETER, "invalid hash algorithm");
} }
@ -622,7 +622,7 @@ cmd_sethash (assuan_context_t ctx, char *line)
if (rc) if (rc)
return rc; return rc;
n /= 2; n /= 2;
if (algo == GCRY_MD_USER_TLS_MD5SHA1 && n == 36) if (algo == MD_USER_TLS_MD5SHA1 && n == 36)
; ;
else if (n != 16 && n != 20 && n != 24 && n != 32) else if (n != 16 && n != 20 && n != 24 && n != 32)
return set_error (GPG_ERR_ASS_PARAMETER, "unsupported length of hash"); return set_error (GPG_ERR_ASS_PARAMETER, "unsupported length of hash");

2
agent/divert-scd.c
View File

@ -335,7 +335,7 @@ divert_pksign (ctrl_t ctrl,
if (rc) if (rc)
return rc; return rc;
if (algo == GCRY_MD_USER_TLS_MD5SHA1) if (algo == MD_USER_TLS_MD5SHA1)
{ {
int save = ctrl->use_auth_call; int save = ctrl->use_auth_call;
ctrl->use_auth_call = 1; ctrl->use_auth_call = 1;

2
agent/pksign.c
View File

@ -181,7 +181,7 @@ agent_pksign_do (ctrl_t ctrl, const char *desc_text,
gcry_sexp_t s_hash = NULL; gcry_sexp_t s_hash = NULL;
/* Put the hash into a sexp */ /* Put the hash into a sexp */
if (ctrl->digest.algo == GCRY_MD_USER_TLS_MD5SHA1) if (ctrl->digest.algo == MD_USER_TLS_MD5SHA1)
rc = do_encode_raw_pkcs1 (ctrl->digest.value, rc = do_encode_raw_pkcs1 (ctrl->digest.value,
ctrl->digest.valuelen, ctrl->digest.valuelen,
gcry_pk_get_nbits (s_skey), gcry_pk_get_nbits (s_skey),

2
configure.ac
View File

@ -39,7 +39,7 @@ development_version=no
NEED_GPG_ERROR_VERSION=1.4 NEED_GPG_ERROR_VERSION=1.4
NEED_LIBGCRYPT_API=1 NEED_LIBGCRYPT_API=1
NEED_LIBGCRYPT_VERSION=1.2.2 NEED_LIBGCRYPT_VERSION=1.4.0
NEED_LIBASSUAN_API=1 NEED_LIBASSUAN_API=1
NEED_LIBASSUAN_VERSION=1.0.4 NEED_LIBASSUAN_VERSION=1.0.4

11
g10/ChangeLog
View File

@ -1,3 +1,14 @@
2008-09-29 Werner Koch <wk@g10code.com>
* gpg.c (main): Remove -sat kludge. Note that we printed a
warning for two years.
* seskey.c (encode_md_value): Remove extra gcry_md_test_algo since
it is not needed with Libgcrypt 1.4.
* skclist.c (random_is_faked): Simplify.
* sign.c (match_dsa_hash): Remove runtime check for SHA224.
* gpg.c (print_mds): Use GCRY_MD_SHA224 constant.
2008-09-25 David Shaw <dshaw@jabberwocky.com> 2008-09-25 David Shaw <dshaw@jabberwocky.com>
* keyedit.c (keyedit_menu): Fix bug where a modified keyring loses * keyedit.c (keyedit_menu): Fix bug where a modified keyring loses

23
g10/gpg.c
View File

@ -1,6 +1,6 @@
/* gpg.c - The GnuPG utility (main for gpg) /* gpg.c - The GnuPG utility (main for gpg)
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
* 2006, 2007 Free Software Foundation, Inc. * 2006, 2007, 2008 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -3285,15 +3285,6 @@ main (int argc, char **argv)
set_cmd( &cmd, aListKeys); set_cmd( &cmd, aListKeys);
} }
/* kludge to let -sat generate a clear text signature */
if( opt.textmode == 2 && !detached_sig && opt.armor && cmd == aSign )
{
log_info ("compatibility note:\n");
log_info ("\"-sat\" won't generate clear signed messages in "
"future versions\n");
log_info ("Use \"--clearsign\" instead of \"-sat\"\n");
cmd = aClearsign;
}
if( opt.verbose > 1 ) if( opt.verbose > 1 )
set_packet_list_mode(1); set_packet_list_mode(1);
@ -4155,8 +4146,8 @@ print_mds( const char *fname, int algo )
gcry_md_enable (md, GCRY_MD_MD5); gcry_md_enable (md, GCRY_MD_MD5);
gcry_md_enable (md, GCRY_MD_SHA1); gcry_md_enable (md, GCRY_MD_SHA1);
gcry_md_enable (md, GCRY_MD_RMD160); gcry_md_enable (md, GCRY_MD_RMD160);
if (!openpgp_md_test_algo (DIGEST_ALGO_SHA224)) if (!openpgp_md_test_algo (GCRY_MD_SHA224))
gcry_md_enable (md, DIGEST_ALGO_SHA224); gcry_md_enable (md, GCRY_MD_SHA224);
if (!openpgp_md_test_algo (GCRY_MD_SHA256)) if (!openpgp_md_test_algo (GCRY_MD_SHA256))
gcry_md_enable (md, GCRY_MD_SHA256); gcry_md_enable (md, GCRY_MD_SHA256);
if (!openpgp_md_test_algo (GCRY_MD_SHA384)) if (!openpgp_md_test_algo (GCRY_MD_SHA384))
@ -4178,8 +4169,8 @@ print_mds( const char *fname, int algo )
print_hashline( md, GCRY_MD_MD5, fname ); print_hashline( md, GCRY_MD_MD5, fname );
print_hashline( md, GCRY_MD_SHA1, fname ); print_hashline( md, GCRY_MD_SHA1, fname );
print_hashline( md, GCRY_MD_RMD160, fname ); print_hashline( md, GCRY_MD_RMD160, fname );
if (!gcry_md_test_algo (DIGEST_ALGO_SHA224)) if (!gcry_md_test_algo (GCRY_MD_SHA224))
print_hashline (md, DIGEST_ALGO_SHA224, fname); print_hashline (md, GCRY_MD_SHA224, fname);
if (!gcry_md_test_algo (GCRY_MD_SHA256)) if (!gcry_md_test_algo (GCRY_MD_SHA256))
print_hashline( md, GCRY_MD_SHA256, fname ); print_hashline( md, GCRY_MD_SHA256, fname );
if (!gcry_md_test_algo (GCRY_MD_SHA384)) if (!gcry_md_test_algo (GCRY_MD_SHA384))
@ -4195,8 +4186,8 @@ print_mds( const char *fname, int algo )
print_hex( md, GCRY_MD_MD5, fname ); print_hex( md, GCRY_MD_MD5, fname );
print_hex( md, GCRY_MD_SHA1, fname ); print_hex( md, GCRY_MD_SHA1, fname );
print_hex( md, GCRY_MD_RMD160, fname ); print_hex( md, GCRY_MD_RMD160, fname );
if (!gcry_md_test_algo (DIGEST_ALGO_SHA224)) if (!gcry_md_test_algo (GCRY_MD_SHA224))
print_hex (md, DIGEST_ALGO_SHA224, fname); print_hex (md, GCRY_MD_SHA224, fname);
if (!gcry_md_test_algo (GCRY_MD_SHA256)) if (!gcry_md_test_algo (GCRY_MD_SHA256))
print_hex( md, GCRY_MD_SHA256, fname ); print_hex( md, GCRY_MD_SHA256, fname );
if (!gcry_md_test_algo (GCRY_MD_SHA384)) if (!gcry_md_test_algo (GCRY_MD_SHA384))

1
g10/options.skel
View File

@ -128,6 +128,7 @@ require-cross-certification
# the "--keyserver-options debug". # the "--keyserver-options debug".
keyserver hkp://keys.gnupg.net keyserver hkp://keys.gnupg.net
#keyserver http://http-keys.gnupg.net
#keyserver mailto:pgp-public-keys@keys.nl.pgp.net #keyserver mailto:pgp-public-keys@keys.nl.pgp.net
#keyserver ldap://pgp.surfnet.nl:11370 #keyserver ldap://pgp.surfnet.nl:11370
#keyserver ldap://keyserver.pgp.com #keyserver ldap://keyserver.pgp.com

6
g10/seskey.c
View File

@ -265,11 +265,9 @@ encode_md_value (PKT_public_key *pk, PKT_secret_key *sk,
byte *asn; byte *asn;
size_t asnlen; size_t asnlen;
rc = gcry_md_test_algo (hash_algo); rc = gcry_md_algo_info (hash_algo, GCRYCTL_GET_ASNOID, NULL, &asnlen);
if (!rc)
rc = gcry_md_algo_info (hash_algo, GCRYCTL_GET_ASNOID, NULL, &asnlen);
if (rc) if (rc)
log_fatal ("can't get OID of algo %d: %s\n", log_fatal ("can't get OID of digest algorithm %d: %s\n",
hash_algo, gpg_strerror (rc)); hash_algo, gpg_strerror (rc));
asn = xmalloc (asnlen); asn = xmalloc (asnlen);
if ( gcry_md_algo_info (hash_algo, GCRYCTL_GET_ASNOID, asn, &asnlen) ) if ( gcry_md_algo_info (hash_algo, GCRYCTL_GET_ASNOID, asn, &asnlen) )

4
g10/sign.c
View File

@ -346,9 +346,7 @@ match_dsa_hash (unsigned int qbytes)
if (qbytes <= 20) if (qbytes <= 20)
return DIGEST_ALGO_SHA1; return DIGEST_ALGO_SHA1;
/* SHA244 is only available with libgcrypt 1.4 - thus do a runtime if (qbytes <= 28)
test. */
if (qbytes <= 28 && !gcry_md_test_algo (DIGEST_ALGO_SHA224))
return DIGEST_ALGO_SHA224; return DIGEST_ALGO_SHA224;
if (qbytes <= 32) if (qbytes <= 32)

13
g10/skclist.c
View File

@ -41,18 +41,7 @@
int int
random_is_faked (void) random_is_faked (void)
{ {
/* We use a runtime check to allow for slow migrattion of libgcrypt. return !!gcry_control ( GCRYCTL_FAKED_RANDOM_P, 0);
We can't use the constant becuase that one is actually an enum
value. */
gpg_error_t err = gcry_control ( 51 /*GCRYCTL_FAKED_RANDOM_P*/, 0);
if (!err)
return 0;
if (gpg_err_code (err) != GPG_ERR_INV_OP)
return 1;
log_info ("WARNING: libgcrypt too old.\n");
log_info (" can't check whether we are in faked RNG mode\n");
return 0; /* Need to return false. */
} }

7
jnlib/ChangeLog
View File

@ -1,3 +1,10 @@
2008-09-29 Werner Koch <wk@g10code.com>
* argparse.c (ARGERR_): Use constants for error values.
(optfile_parse): Prettify. Replace xmalloc and xrealloc by malloc
and realloc.
* libjnlib-config.h (jnlib_strdup, jnlib_realloc): New.
2008-06-26 Werner Koch <wk@g10code.com> 2008-06-26 Werner Koch <wk@g10code.com>
* stringhelp.c (print_sanitized_buffer2): Loose check for control * stringhelp.c (print_sanitized_buffer2): Loose check for control

429
jnlib/argparse.c
View File

@ -34,6 +34,7 @@
#include "argparse.h" #include "argparse.h"
/********************************* /*********************************
* @Summary arg_parse * @Summary arg_parse
* #include <wk/lib.h> * #include <wk/lib.h>
@ -172,18 +173,20 @@ initialize( ARGPARSE_ARGS *arg, const char *filename, unsigned *lineno )
if (filename) if (filename)
{ {
if ( arg->r_opt == -6 ) if ( arg->r_opt == ARGPARSE_UNEXPECTED_ARG )
s = _("argument not expected"); s = _("argument not expected");
else if ( arg->r_opt == -5 ) else if ( arg->r_opt == ARGPARSE_READ_ERROR )
s = _("read error"); s = _("read error");
else if ( arg->r_opt == -4 ) else if ( arg->r_opt == ARGPARSE_KEYWORD_TOO_LONG )
s = _("keyword too long"); s = _("keyword too long");
else if ( arg->r_opt == -3 ) else if ( arg->r_opt == ARGPARSE_MISSING_ARG )
s = _("missing argument"); s = _("missing argument");
else if ( arg->r_opt == -7 ) else if ( arg->r_opt == ARGPARSE_INVALID_COMMAND )
s = _("invalid command"); s = _("invalid command");
else if ( arg->r_opt == -10 ) else if ( arg->r_opt == ARGPARSE_INVALID_ALIAS )
s = _("invalid alias definition"); s = _("invalid alias definition");
else if ( arg->r_opt == ARGPARSE_OUT_OF_CORE )
s = _("out of core");
else else
s = _("invalid option"); s = _("invalid option");
jnlib_log_error ("%s:%u: %s\n", filename, *lineno, s); jnlib_log_error ("%s:%u: %s\n", filename, *lineno, s);
@ -192,17 +195,19 @@ initialize( ARGPARSE_ARGS *arg, const char *filename, unsigned *lineno )
{ {
s = arg->internal.last? arg->internal.last:"[??]"; s = arg->internal.last? arg->internal.last:"[??]";
if ( arg->r_opt == -3 ) if ( arg->r_opt == ARGPARSE_MISSING_ARG )
jnlib_log_error (_("missing argument for option \"%.50s\"\n"), s); jnlib_log_error (_("missing argument for option \"%.50s\"\n"), s);
else if ( arg->r_opt == -6 ) else if ( arg->r_opt == ARGPARSE_UNEXPECTED_ARG )
jnlib_log_error (_("option \"%.50s\" does not expect an " jnlib_log_error (_("option \"%.50s\" does not expect an "
"argument\n"), s ); "argument\n"), s );
else if ( arg->r_opt == -7 ) else if ( arg->r_opt == ARGPARSE_INVALID_COMMAND )
jnlib_log_error (_("invalid command \"%.50s\"\n"), s); jnlib_log_error (_("invalid command \"%.50s\"\n"), s);
else if ( arg->r_opt == -8 ) else if ( arg->r_opt == ARGPARSE_AMBIGUOUS_OPTION )
jnlib_log_error (_("option \"%.50s\" is ambiguous\n"), s); jnlib_log_error (_("option \"%.50s\" is ambiguous\n"), s);
else if ( arg->r_opt == -9 ) else if ( arg->r_opt == ARGPARSE_AMBIGUOUS_OPTION )
jnlib_log_error (_("command \"%.50s\" is ambiguous\n"),s ); jnlib_log_error (_("command \"%.50s\" is ambiguous\n"),s );
else if ( arg->r_opt == ARGPARSE_OUT_OF_CORE )
jnlib_log_error ("%s\n", _("out of core\n"));
else else
jnlib_log_error (_("invalid option \"%.50s\"\n"), s); jnlib_log_error (_("invalid option \"%.50s\"\n"), s);
} }
@ -251,181 +256,246 @@ store_alias( ARGPARSE_ARGS *arg, char *name, char *value )
* Note: Abbreviation of options is here not allowed. * Note: Abbreviation of options is here not allowed.
*/ */
int int
optfile_parse( FILE *fp, const char *filename, unsigned *lineno, optfile_parse (FILE *fp, const char *filename, unsigned *lineno,
ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts) ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts)
{ {
int state, i, c; int state, i, c;
int idx=0; int idx=0;
char keyword[100]; char keyword[100];
char *buffer = NULL; char *buffer = NULL;
size_t buflen = 0; size_t buflen = 0;
int inverse=0; int in_alias=0;
int in_alias=0;
if( !fp ) /* same as arg_parse() in this case */ if (!fp) /* Divert to to arg_parse() in this case. */
return arg_parse( arg, opts ); return arg_parse (arg, opts);
initialize( arg, filename, lineno ); initialize (arg, filename, lineno);
/* find the next keyword */ /* Find the next keyword. */
state = i = 0; state = i = 0;
for(;;) { for (;;)
c=getc(fp); {
if( c == '\n' || c== EOF ) { c = getc (fp);
if( c != EOF ) if (c == '\n' || c== EOF )
++*lineno; {
if( state == -1 ) if ( c != EOF )
break; ++*lineno;
else if( state == 2 ) { if (state == -1)
keyword[i] = 0; break;
for(i=0; opts[i].short_opt; i++ ) else if (state == 2)
if( opts[i].long_opt && !strcmp( opts[i].long_opt, keyword) ) {
break; keyword[i] = 0;
idx = i; for (i=0; opts[i].short_opt; i++ )
arg->r_opt = opts[idx].short_opt; {
if( inverse ) /* this does not have an effect, hmmm */ if (opts[i].long_opt && !strcmp (opts[i].long_opt, keyword))
arg->r_opt = -arg->r_opt; break;
if( !opts[idx].short_opt ) /* unknown command/option */ }
arg->r_opt = (opts[idx].flags & 256)? -7:-2; idx = i;
else if( !(opts[idx].flags & 7) ) /* does not take an arg */ arg->r_opt = opts[idx].short_opt;
arg->r_type = 0; /* okay */ if (!opts[idx].short_opt )
else if( (opts[idx].flags & 8) ) /* argument is optional */ arg->r_opt = ((opts[idx].flags & 256)
arg->r_type = 0; /* okay */ ? ARGPARSE_INVALID_COMMAND
else /* required argument */ : ARGPARSE_INVALID_OPTION);
arg->r_opt = -3; /* error */ else if (!(opts[idx].flags & 7))
break; arg->r_type = 0; /* Does not take an arg. */
else if ((opts[idx].flags & 8) )
arg->r_type = 0; /* Arg is optional. */
else
arg->r_opt = ARGPARSE_MISSING_ARG;
break;
} }
else if( state == 3 ) { /* no argument found */ else if (state == 3)
if( in_alias ) {
arg->r_opt = -3; /* error */ /* No argument found. */
else if( !(opts[idx].flags & 7) ) /* does not take an arg */ if (in_alias)
arg->r_type = 0; /* okay */ arg->r_opt = ARGPARSE_MISSING_ARG;
else if( (opts[idx].flags & 8) ) /* no optional argument */ else if (!(opts[idx].flags & 7))
arg->r_type = 0; /* okay */ arg->r_type = 0; /* Does not take an arg. */
else /* no required argument */ else if ((opts[idx].flags & 8))
arg->r_opt = -3; /* error */ arg->r_type = 0; /* No optional argument. */
break; else
} arg->r_opt = ARGPARSE_MISSING_ARG;
else if( state == 4 ) { /* have an argument */
if( in_alias ) {
if( !buffer )
arg->r_opt = -6;
else {
char *p;
buffer[i] = 0; break;
p = strpbrk( buffer, " \t" ); }
if( p ) { else if (state == 4)
*p++ = 0; {
trim_spaces( p ); /* Has an argument. */
} if (in_alias)
if( !p || !*p ) { {
jnlib_free( buffer ); if (!buffer)
arg->r_opt = -10; arg->r_opt = ARGPARSE_UNEXPECTED_ARG;
} else
else { {
store_alias( arg, buffer, p ); char *p;
buffer[i] = 0;
p = strpbrk (buffer, " \t");
if (p)
{
*p++ = 0;
trim_spaces (p);
} }
if (!p || !*p)
{
jnlib_free (buffer);
arg->r_opt = ARGPARSE_INVALID_ALIAS;
}
else
{
store_alias (arg, buffer, p);
}
} }
} }
else if( !(opts[idx].flags & 7) ) /* does not take an arg */ else if (!(opts[idx].flags & 7))
arg->r_opt = -6; /* error */ arg->r_opt = ARGPARSE_UNEXPECTED_ARG;
else { else
char *p; {
if( !buffer ) { char *p;
keyword[i] = 0;
buffer = jnlib_xstrdup(keyword);
}
else
buffer[i] = 0;
trim_spaces( buffer ); if (!buffer)
p = buffer; {
if( *p == '"' ) { /* remove quotes */ keyword[i] = 0;
p++; buffer = jnlib_strdup (keyword);
if( *p && p[strlen(p)-1] == '"' ) if (!buffer)
p[strlen(p)-1] = 0; arg->r_opt = ARGPARSE_OUT_OF_CORE;
} }
if( !set_opt_arg(arg, opts[idx].flags, p) ) else
buffer[i] = 0;
if (buffer)
{
trim_spaces (buffer);
p = buffer;
if (*p == '"')
{
/* Remove quotes. */
p++;
if (*p && p[strlen(p)-1] == '\"' )
p[strlen(p)-1] = 0;
}
if (!set_opt_arg (arg, opts[idx].flags, p))
jnlib_free(buffer); jnlib_free(buffer);
} }
break; }
} break;
else if( c == EOF ) { }
if( ferror(fp) ) else if (c == EOF)
arg->r_opt = -5; /* read error */ {
else if (ferror (fp))
arg->r_opt = 0; /* eof */ arg->r_opt = ARGPARSE_READ_ERROR;
break; else
} arg->r_opt = 0; /* EOF. */
state = 0; break;
i = 0; }
} state = 0;
else if( state == -1 ) i = 0;
; /* skip */ }
else if( !state && isspace(c) ) else if (state == -1)
; /* skip leading white space */ ; /* Skip. */
else if( !state && c == '#' ) else if (state == 0 && isascii (c) && isspace(c))
state = 1; /* start of a comment */ ; /* Skip leading white space. */
else if( state == 1 ) else if (state == 0 && c == '#' )
; /* skip comments */ state = 1; /* Start of a comment. */
else if( state == 2 && isspace(c) ) { else if (state == 1)
keyword[i] = 0; ; /* Skip comments. */
for(i=0; opts[i].short_opt; i++ ) else if (state == 2 && isascii (c) && isspace(c))
if( opts[i].long_opt && !strcmp( opts[i].long_opt, keyword) ) {
break; /* Check keyword. */
idx = i; keyword[i] = 0;
arg->r_opt = opts[idx].short_opt; for (i=0; opts[i].short_opt; i++ )
if( !opts[idx].short_opt ) { if (opts[i].long_opt && !strcmp (opts[i].long_opt, keyword))
if( !strcmp( keyword, "alias" ) ) { break;
in_alias = 1; idx = i;
state = 3; arg->r_opt = opts[idx].short_opt;
} if (!opts[idx].short_opt)
else { {
arg->r_opt = (opts[idx].flags & 256)? -7:-2; if (!strcmp (keyword, "alias"))
state = -1; /* skip rest of line and leave */ {
} in_alias = 1;
} state = 3;
else }
state = 3; else
} {
else if( state == 3 ) { /* skip leading spaces of the argument */ arg->r_opt = ((opts[idx].flags & 256)
if( !isspace(c) ) { ? ARGPARSE_INVALID_COMMAND
i = 0; : ARGPARSE_INVALID_OPTION);
keyword[i++] = c; state = -1; /* Skip rest of line and leave. */
state = 4; }
} }
} else
else if( state == 4 ) { /* collect the argument */ state = 3;
if( buffer ) { }
if( i < buflen-1 ) else if (state == 3)
buffer[i++] = c; {
else { /* Skip leading spaces of the argument. */
buflen += 50; if (!isascii (c) || !isspace(c))
buffer = jnlib_xrealloc(buffer, buflen); {
buffer[i++] = c; i = 0;
} keyword[i++] = c;
} state = 4;
else if( i < DIM(keyword)-1 ) }
keyword[i++] = c; }
else { else if (state == 4)
buflen = DIM(keyword)+50; {
buffer = jnlib_xmalloc(buflen); /* Collect the argument. */
memcpy(buffer, keyword, i); if (buffer)
buffer[i++] = c; {
} if (i < buflen-1)
} buffer[i++] = c;
else if( i >= DIM(keyword)-1 ) { else
arg->r_opt = -4; /* keyword to long */ {
state = -1; /* skip rest of line and leave */ char *tmp;
} size_t tmplen = buflen + 50;
else {
keyword[i++] = c; tmp = jnlib_realloc (buffer, tmplen);
state = 2; if (tmp)
} {
buflen = tmplen;
buffer = tmp;
buffer[i++] = c;
}
else
{
jnlib_free (buffer);
arg->r_opt = ARGPARSE_OUT_OF_CORE;
break;
}
}
}
else if (i < DIM(keyword)-1)
keyword[i++] = c;
else
{
size_t tmplen = DIM(keyword) + 50;
buffer = jnlib_malloc (tmplen);
if (buffer)
{
buflen = tmplen;
memcpy(buffer, keyword, i);
buffer[i++] = c;
}
else
{
arg->r_opt = ARGPARSE_OUT_OF_CORE;
break;
}
}
}
else if (i >= DIM(keyword)-1)
{
arg->r_opt = ARGPARSE_KEYWORD_TOO_LONG;
state = -1; /* Skip rest of line and leave. */
}
else
{
keyword[i++] = c;
state = 2;
}
} }
return arg->r_opt; return arg->r_opt;
} }
@ -504,7 +574,7 @@ arg_parse( ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts)
arg->internal.last = s; arg->internal.last = s;
if( arg->internal.stopped && (arg->flags & (1<<1)) ) { if( arg->internal.stopped && (arg->flags & (1<<1)) ) {
arg->r_opt = -1; /* not an option but a argument */ arg->r_opt = ARGPARSE_IS_ARG; /* Not an option but an argument. */
arg->r_type = 2; arg->r_type = 2;
arg->r.ret_str = s; arg->r.ret_str = s;
argc--; argv++; idx++; /* set to next one */ argc--; argv++; idx++; /* set to next one */
@ -551,10 +621,10 @@ arg_parse( ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts)
exit(0); exit(0);
} }
if( i == -2 ) /* ambiguous option */ if( i == -2 )
arg->r_opt = -8; arg->r_opt = ARGPARSE_AMBIGUOUS_OPTION;
else if( i == -1 ) { else if( i == -1 ) {
arg->r_opt = -2; arg->r_opt = ARGPARSE_INVALID_OPTION;
arg->r.ret_str = s+2; arg->r.ret_str = s+2;
} }
else else
@ -573,7 +643,7 @@ arg_parse( ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts)
arg->r_type = 0; /* because it is optional */ arg->r_type = 0; /* because it is optional */
} }
else if( !s2 ) { else if( !s2 ) {
arg->r_opt = -3; /* missing argument */ arg->r_opt = ARGPARSE_MISSING_ARG;
} }
else if( !argpos && *s2 == '-' && (opts[i].flags & 8) ) { else if( !argpos && *s2 == '-' && (opts[i].flags & 8) ) {
/* the argument is optional and the next seems to be /* the argument is optional and the next seems to be
@ -622,7 +692,8 @@ arg_parse( ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts)
arg->r_opt = opts[i].short_opt; arg->r_opt = opts[i].short_opt;
if( !opts[i].short_opt ) { if( !opts[i].short_opt ) {
arg->r_opt = (opts[i].flags & 256)? -7:-2; arg->r_opt = (opts[i].flags & 256)?
ARGPARSE_INVALID_COMMAND:ARGPARSE_INVALID_OPTION;
arg->internal.inarg++; /* point to the next arg */ arg->internal.inarg++; /* point to the next arg */
arg->r.ret_str = s; arg->r.ret_str = s;
} }
@ -637,7 +708,7 @@ arg_parse( ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts)
arg->r_type = 0; /* because it is optional */ arg->r_type = 0; /* because it is optional */
} }
else if( !s2 ) { else if( !s2 ) {
arg->r_opt = -3; /* missing argument */ arg->r_opt = ARGPARSE_MISSING_ARG;
} }
else if( *s2 == '-' && s2[1] && (opts[i].flags & 8) ) { else if( *s2 == '-' && s2[1] && (opts[i].flags & 8) ) {
/* the argument is optional and the next seems to be /* the argument is optional and the next seems to be
@ -662,7 +733,7 @@ arg_parse( ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts)
} }
} }
else if( arg->flags & (1<<2) ) { else if( arg->flags & (1<<2) ) {
arg->r_opt = -1; /* not an option but a argument */ arg->r_opt = ARGPARSE_IS_ARG;
arg->r_type = 2; arg->r_type = 2;
arg->r.ret_str = s; arg->r.ret_str = s;
argc--; argv++; idx++; /* set to next one */ argc--; argv++; idx++; /* set to next one */

13
jnlib/argparse.h
View File

@ -55,6 +55,19 @@ typedef struct {
} ARGPARSE_OPTS; } ARGPARSE_OPTS;
/* Error values. */
#define ARGPARSE_IS_ARG (-1)
#define ARGPARSE_INVALID_OPTION (-2)
#define ARGPARSE_MISSING_ARG (-3)
#define ARGPARSE_KEYWORD_TOO_LONG (-4)
#define ARGPARSE_READ_ERROR (-5)
#define ARGPARSE_UNEXPECTED_ARG (-6)
#define ARGPARSE_INVALID_COMMAND (-7)
#define ARGPARSE_AMBIGUOUS_OPTION (-8)
#define ARGPARSE_AMBIGUOUS_COMMAND (-9)
#define ARGPARSE_INVALID_ALIAS (-10)
#define ARGPARSE_OUT_OF_CORE (-11)
int arg_parse( ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts); int arg_parse( ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts);
int optfile_parse( FILE *fp, const char *filename, unsigned *lineno, int optfile_parse( FILE *fp, const char *filename, unsigned *lineno,

4
jnlib/libjnlib-config.h
View File

@ -65,13 +65,15 @@
/* Malloc functions to be used by jnlib. */ /* Malloc functions to be used by jnlib. */
#define jnlib_malloc(a) gcry_malloc( (a) ) #define jnlib_malloc(a) gcry_malloc( (a) )
#define jnlib_calloc(a,b) gcry_calloc( (a), (b) ) #define jnlib_calloc(a,b) gcry_calloc( (a), (b) )
#define jnlib_realloc(a,b) gcry_realloc( (a), (b) )
#define jnlib_strdup(a) gcry_strdup( (a) )
#define jnlib_xmalloc(a) gcry_xmalloc( (a) ) #define jnlib_xmalloc(a) gcry_xmalloc( (a) )
#define jnlib_xcalloc(a,b) gcry_xcalloc( (a), (b) ) #define jnlib_xcalloc(a,b) gcry_xcalloc( (a), (b) )
#define jnlib_xrealloc(a,n) gcry_xrealloc( (a), (n) ) #define jnlib_xrealloc(a,n) gcry_xrealloc( (a), (n) )
#define jnlib_xstrdup(a) gcry_xstrdup( (a) ) #define jnlib_xstrdup(a) gcry_xstrdup( (a) )
#define jnlib_free(a) gcry_free( (a) ) #define jnlib_free(a) gcry_free( (a) )
/* Logging functions to be jused by jnlib. */ /* Logging functions to be used by jnlib. */
#define jnlib_log_debug log_debug #define jnlib_log_debug log_debug
#define jnlib_log_info log_info #define jnlib_log_info log_info
#define jnlib_log_error log_error #define jnlib_log_error log_error

6
scd/ChangeLog
View File

@ -1,3 +1,9 @@
2008-09-29 Werner Koch <wk@g10code.com>
* scdaemon.h (GCRY_MD_USER): Rename to GCRY_MODULE_ID_USER.
(GCRY_MD_USER_TLS_MD5SHA1): Rename to MD_USER_TLS_MD5SHA1 and
change all users.
2008-09-28 Marcus Brinkmann <marcus@g10code.com> 2008-09-28 Marcus Brinkmann <marcus@g10code.com>
* apdu.c (pcsc_get_status): Fix last change. * apdu.c (pcsc_get_status): Fix last change.

8
scd/app-p15.c
View File

@ -2948,7 +2948,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo,
mse[0] = 4; /* Length of the template. */ mse[0] = 4; /* Length of the template. */
mse[1] = 0x80; /* Algorithm reference tag. */ mse[1] = 0x80; /* Algorithm reference tag. */
if (hashalgo == GCRY_MD_USER_TLS_MD5SHA1) if (hashalgo == MD_USER_TLS_MD5SHA1)
mse[2] = 0x01; /* Let card do pkcs#1 0xFF padding. */ mse[2] = 0x01; /* Let card do pkcs#1 0xFF padding. */
else else
mse[2] = 0x02; /* RSASSA-PKCS1-v1.5 using SHA1. */ mse[2] = 0x02; /* RSASSA-PKCS1-v1.5 using SHA1. */
@ -3124,7 +3124,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo,
if (indatalen == 36) if (indatalen == 36)
{ {
/* No ASN.1 container used. */ /* No ASN.1 container used. */
if (hashalgo != GCRY_MD_USER_TLS_MD5SHA1) if (hashalgo != MD_USER_TLS_MD5SHA1)
return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM); return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
memcpy (data, indata, indatalen); memcpy (data, indata, indatalen);
} }
@ -3187,7 +3187,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo,
return err; return err;
} }
if (hashalgo == GCRY_MD_USER_TLS_MD5SHA1) if (hashalgo == MD_USER_TLS_MD5SHA1)
err = iso7816_compute_ds (app->slot, data, 36, outdata, outdatalen); err = iso7816_compute_ds (app->slot, data, 36, outdata, outdatalen);
else if (no_data_padding) else if (no_data_padding)
err = iso7816_compute_ds (app->slot, data+15, 20, outdata, outdatalen); err = iso7816_compute_ds (app->slot, data+15, 20, outdata, outdatalen);
@ -3226,7 +3226,7 @@ do_auth (app_t app, const char *keyidstr,
return gpg_error (GPG_ERR_WRONG_KEY_USAGE); return gpg_error (GPG_ERR_WRONG_KEY_USAGE);
} }
algo = indatalen == 36? GCRY_MD_USER_TLS_MD5SHA1 : GCRY_MD_SHA1; algo = indatalen == 36? MD_USER_TLS_MD5SHA1 : GCRY_MD_SHA1;
return do_sign (app, keyidstr, algo, pincb, pincb_arg, return do_sign (app, keyidstr, algo, pincb, pincb_arg,
indata, indatalen, outdata, outdatalen); indata, indatalen, outdata, outdatalen);
} }

6
scd/scdaemon.h
View File

@ -33,10 +33,10 @@
/* To convey some special hash algorithms we use algorithm numbers /* To convey some special hash algorithms we use algorithm numbers
reserved for application use. */ reserved for application use. */
#ifndef GCRY_MD_USER #ifndef GCRY_MODULE_ID_USER
#define GCRY_MD_USER 1024 #define GCRY_MODULE_ID_USER 1024
#endif #endif
#define GCRY_MD_USER_TLS_MD5SHA1 (GCRY_MD_USER+1) #define MD_USER_TLS_MD5SHA1 (GCRY_MODULE_ID_USER+1)
/* Maximum length of a digest. */ /* Maximum length of a digest. */
#define MAX_DIGEST_LEN 36 #define MAX_DIGEST_LEN 36

7
sm/ChangeLog
View File

@ -1,3 +1,10 @@
2008-09-29 Werner Koch <wk@g10code.com>
* certcheck.c (MY_GCRY_PK_ECDSA): Remove. Change users to
GCRY_PK_ECDSA.
* gpgsm.c (MY_GCRY_PK_ECDSA): Ditto.
* sign.c (MY_GCRY_MD_SHA224): Remove change users to GCRY_MD_SHA224.
2008-09-04 Werner Koch <wk@g10code.com> 2008-09-04 Werner Koch <wk@g10code.com>
* certdump.c (gpgsm_format_keydesc): Work around a mingw32 bug. * certdump.c (gpgsm_format_keydesc): Work around a mingw32 bug.

10
sm/certcheck.c
View File

@ -34,10 +34,6 @@
#include "i18n.h" #include "i18n.h"
/* Remove this if libgcrypt 1.3.0 is required. */
#define MY_GCRY_PK_ECDSA 301
/* Return the number of bits of the Q parameter from the DSA key /* Return the number of bits of the Q parameter from the DSA key
KEY. */ KEY. */
static unsigned int static unsigned int
@ -75,11 +71,11 @@ do_encode_md (gcry_md_hd_t md, int algo, int pkalgo, unsigned int nbits,
size_t nframe; size_t nframe;
unsigned char *frame; unsigned char *frame;
if (pkalgo == GCRY_PK_DSA || pkalgo == MY_GCRY_PK_ECDSA) if (pkalgo == GCRY_PK_DSA || pkalgo == GCRY_PK_ECDSA)
{ {
unsigned int qbits; unsigned int qbits;
if ( pkalgo == MY_GCRY_PK_ECDSA ) if ( pkalgo == GCRY_PK_ECDSA )
qbits = gcry_pk_get_nbits (pkey); qbits = gcry_pk_get_nbits (pkey);
else else
qbits = get_dsa_qbits (pkey); qbits = get_dsa_qbits (pkey);
@ -214,7 +210,7 @@ pk_algo_from_sexp (gcry_sexp_t pkey)
/* Because this function is called only for verification we can /* Because this function is called only for verification we can
assume that ECC actually means ECDSA. */ assume that ECC actually means ECDSA. */
else if (n==3 && !memcmp (name, "ecc", 3)) else if (n==3 && !memcmp (name, "ecc", 3))
algo = MY_GCRY_PK_ECDSA; algo = GCRY_PK_ECDSA;
else if (n==13 && !memcmp (name, "ambiguous-rsa", 13)) else if (n==13 && !memcmp (name, "ambiguous-rsa", 13))
algo = GCRY_PK_RSA; algo = GCRY_PK_RSA;
else else

2
sm/certreqgen-ui.c
View File

@ -300,7 +300,7 @@ gpgsm_gencertreq_tty (ctrl_t ctrl, FILE *output_fp)
goto leave; goto leave;
mem_error: mem_error:
log_error (_("resource problem: out or core\n")); log_error (_("resource problem: out of core\n"));
leave: leave:
es_fclose (fp); es_fclose (fp);
xfree (keytype); xfree (keytype);

6
sm/gpgsm.c
View File

@ -500,17 +500,13 @@ static FILE *open_fwrite (const char *filename);
static estream_t open_es_fwrite (const char *filename); static estream_t open_es_fwrite (const char *filename);
static void run_protect_tool (int argc, char **argv); static void run_protect_tool (int argc, char **argv);
/* Remove this if libgcrypt 1.3.0 is required. */
#define MY_GCRY_PK_ECDSA 301
static int static int
our_pk_test_algo (int algo) our_pk_test_algo (int algo)
{ {
switch (algo) switch (algo)
{ {
case GCRY_PK_RSA: case GCRY_PK_RSA:
case MY_GCRY_PK_ECDSA: case GCRY_PK_ECDSA:
return gcry_pk_test_algo (algo); return gcry_pk_test_algo (algo);
default: default:
return 1; return 1;

5
sm/sign.c
View File

@ -33,9 +33,6 @@
#include "keydb.h" #include "keydb.h"
#include "i18n.h" #include "i18n.h"
/* Remove this if libgcrypt 1.4 is required. */
#define MY_GCRY_MD_SHA224 11
static void static void
hash_data (int fd, gcry_md_hd_t md) hash_data (int fd, gcry_md_hd_t md)
@ -411,7 +408,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
{ {
case GCRY_MD_SHA1: oid = "1.3.14.3.2.26"; break; case GCRY_MD_SHA1: oid = "1.3.14.3.2.26"; break;
case GCRY_MD_RMD160: oid = "1.3.36.3.2.1"; break; case GCRY_MD_RMD160: oid = "1.3.36.3.2.1"; break;
case MY_GCRY_MD_SHA224: oid = "2.16.840.1.101.3.4.2.4"; break; case GCRY_MD_SHA224: oid = "2.16.840.1.101.3.4.2.4"; break;
case GCRY_MD_SHA256: oid = "2.16.840.1.101.3.4.2.1"; break; case GCRY_MD_SHA256: oid = "2.16.840.1.101.3.4.2.1"; break;
case GCRY_MD_SHA384: oid = "2.16.840.1.101.3.4.2.2"; break; case GCRY_MD_SHA384: oid = "2.16.840.1.101.3.4.2.2"; break;
case GCRY_MD_SHA512: oid = "2.16.840.1.101.3.4.2.3"; break; case GCRY_MD_SHA512: oid = "2.16.840.1.101.3.4.2.3"; break;