From 9a854f1010d6311576b823b6638997f9778b4327 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Tue, 29 Sep 1998 16:15:15 +0000 Subject: [PATCH] *** empty log message *** --- NEWS | 6 +++ TODO | 9 ++++ doc/HACKING | 2 + doc/Makefile.am | 2 +- doc/OpenPGP | 129 ++++++++++++++++++++++++++++++++++++++++++++++++ doc/gpg.1pod | 24 ++++----- g10/ChangeLog | 5 ++ g10/g10.c | 11 +++-- g10/import.c | 5 ++ g10/mainproc.c | 4 +- g10/plaintext.c | 4 ++ g10/trustdb.c | 10 ++-- zlib/Makefile | 20 ++++---- 13 files changed, 200 insertions(+), 31 deletions(-) create mode 100644 doc/OpenPGP diff --git a/NEWS b/NEWS index 05d910e98..e49c46430 100644 --- a/NEWS +++ b/NEWS @@ -11,6 +11,12 @@ Noteworthy changes in version 0.4.1 "--s2k-mode 3 --s2k-cipher-algo cast5 --s2k-digest-algo sha1" when changing a passphrase. + * doc/OpenPGP talks about OpenPGP compliance, doc/HACKING gives + some hints about the internal structure. + + * checked gnupg against the August 1998 draft (07) and I believe + it is in compliance with this document (except one point). + Noteworthy changes in version 0.4.0 ----------------------------------- diff --git a/TODO b/TODO index f54d99ccc..0fd42b261 100644 --- a/TODO +++ b/TODO @@ -2,6 +2,15 @@ * after creating a new uid, the preferences in the trustdb are not updated. We should always sync the trustdb in such cases. + * The critical bit of signature subpackets is not yet supported; i.e. + it is ignored. + + * Exportable Certification Flag is ignored + + * Why does OpenPGP say: The algorithm byte is included in the + checksum of an encoded key, but the actual implementaion does + not do this but works?? + * write a tool to extract selected keys from a file. * new menu to delete signatures and list signature in menu diff --git a/doc/HACKING b/doc/HACKING index 27faa87c5..0f9801470 100644 --- a/doc/HACKING +++ b/doc/HACKING @@ -3,6 +3,8 @@ (Some notes on GNUPG internals.) +===> Under construction <======= + Memory allocation ----------------- diff --git a/doc/Makefile.am b/doc/Makefile.am index 9c83575b0..f1a859a38 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -1,6 +1,6 @@ ## Process this file with automake to create Makefile.in -EXTRA_DIST = DETAILS rfcs gpg.1pod gpg.1 FAQ HACKING +EXTRA_DIST = DETAILS rfcs gpg.1pod gpg.1 FAQ HACKING OpenPGP man_MANS = gpg.1 diff --git a/doc/OpenPGP b/doc/OpenPGP new file mode 100644 index 000000000..188f0498f --- /dev/null +++ b/doc/OpenPGP @@ -0,0 +1,129 @@ + GNUPG and OpenPGP + ================= + + The current OpenPGP draft expires 1999-02. + + OpenPGP is an Internet-Draft. Internet-Drafts are working + documents of the Internet Engineering Task Force (IETF), its areas, + and its working groups. Note that other groups may also distribute + working documents as Internet-Drafts. + + Internet-Drafts are draft documents valid for a maximum of six + months and may be updated, replaced, or obsoleted by other documents + at any time. It is inappropriate to use Internet-Drafts as + reference material or to cite them other than as "work in progress." + + To view the entire list of current Internet-Drafts, please check the + "1id-abstracts.txt" listing contained in the Internet-Drafts Shadow + Directories on ftp.is.co.za (Africa), ftp.nordu.net (Northern + Europe), ftp.nis.garr.it (Southern Europe), munnari.oz.au (Pacific + Rim), ftp.ietf.org (US East Coast), or ftp.isi.edu (US West Coast). + + + Compatibility Notes + =================== + GNUPG (>0.4) is in compliance with OpenPGP despite these exeptions: + + * (5.1) The critical bit in signature subpackets is currently + ignored. This will be fixed soon. + + * (5.3) GNUPG has an option to use simple S2K for "Symmetric-Key + Encrypted Session-Key Packets"; however a warning message is + issued if this option is active. + + * (5.5.2) states that an implementaion MUST NOT create a v3 key + with an algorithm other than RSA. GNUPG has an option to + create an ElGamal key in a v3 packet; the properties of such + a key are as good as a v4 key. RFC1991 does not specifiy how + to create fingerprints for algorithms other than RSA and so it + is okay to choose a special format for ElGamal. + + * (9.1) states that RSA SHOULD be implemented. This is not done + (except with an extension, usable outside the U.S.) due to + patent problems. + + * (9.2) states that IDEA SHOULD be implemented. This is not done + due to patent problems. + + * (12.1) states that an implementaion MUST NOT use a symmetric + algorithm which is not in the preference list. GNUPG has an + option to override this. + + * A special format of partial packet length exists for v3 packets + which can be considered to be in compliance with RFC1991; this + format is only created if a special option is active. + + All MAY features are implemented with this exception: + + * multi-part armored messages are not supported. + MIME should be used instead. + + + + + Some Notes on OpenPGP / PGP Compatibility: + ========================================== + + * PGP 5.x does not accept V4 signatures for anything other than + key material. + + * PGP 5.x does not recognize the "five-octet" lengths in + new-format headers or in signature subpacket lengths. + + * PGP 5.0 rejects an encrypted session key if the keylength + differs from the S2K symmetric algorithm. This is a bug in its + validation function. + + * PGP 5.0 does not handle multiple one-pass signature headers and + trailers. Signing one will compress the one-pass signed literal + and prefix a V3 signature instead of doing a nested one-pass + signature. + + * When exporting a private key, PGP 2.x generates the header + "BEGIN PGP SECRET KEY BLOCK" instead of "BEGIN PGP PRIVATE KEY + BLOCK". All previous versions ignore the implied data type, and + look directly at the packet data type. + + * In a clear-signed signature, PGP 5.0 will figure out the correct + hash algorithm if there is no "Hash:" header, but it will reject + a mismatch between the header and the actual algorithm used. The + "standard" (i.e. Zimmermann/Finney/et al.) version of PGP 2.x + rejects the "Hash:" header and assumes MD5. There are a number + of enhanced variants of PGP 2.6.x that have been modified for + SHA-1 signatures. + + * PGP 5.0 can read an RSA key in V4 format, but can only recognize + it with a V3 keyid, and can properly use only a V3 format RSA + key. + + * Neither PGP 5.x nor PGP 6.0 recognize Elgamal Encrypt and Sign + keys. They only handle Elgamal Encrypt-only keys. + + + Parts of this document are taken from: + ====================================== + + OpenPGP Message Format + draft-ietf-openpgp-formats-07.txt + + + Copyright 1998 by The Internet Society. All Rights Reserved. + + This document and translations of it may be copied and furnished to + others, and derivative works that comment on or otherwise explain it + or assist in its implementation may be prepared, copied, published + and distributed, in whole or in part, without restriction of any + kind, provided that the above copyright notice and this paragraph + are included on all such copies and derivative works. However, this + document itself may not be modified in any way, such as by removing + the copyright notice or references to the Internet Society or other + Internet organizations, except as needed for the purpose of + developing Internet standards in which case the procedures for + copyrights defined in the Internet Standards process must be + followed, or as required to translate it into languages other than + English. + + The limited permissions granted above are perpetual and will not be + revoked by the Internet Society or its successors or assigns. + + diff --git a/doc/gpg.1pod b/doc/gpg.1pod index 40c930b45..5a2172205 100644 --- a/doc/gpg.1pod +++ b/doc/gpg.1pod @@ -75,7 +75,7 @@ B<-k> [I] [I] B<-kvc> List fingerprints B<-kvvc> List fingerprints and signatures -B<--list-keys> [I] +B<--list-keys> [I] List all keys from the public keyrings, or just the ones given on the command line. @@ -83,7 +83,7 @@ B<--list-secret-keys> [I] List all keys from the secret keyrings, or just the ones given on the command line. -B<--list-sigs> [I] +B<--list-sigs> [I] Same as B<--list-keys>, but the signatures are listed too. @@ -201,7 +201,7 @@ B<--import-ownertrust> [I] Long options can be put in an options file (default F<~/.gnupg/options>); do not write the 2 dashes, but simply the name of the option and any -arguments if required. Lines with a hash as the first non-white-space +arguments if required. Lines with a hash as the first non-white-space character are ignored. Commands may be put in this file too, but that does not make sense. @@ -322,7 +322,9 @@ B<--cipher-algo> I B<--digest-algo> I Use I as message digest algorithm. Running the program with the option B<--verbose> yields a list of - supported algorithms. + supported algorithms. Please note that using this + option may violate the OpenPGP requirement, that a + 160 bit hash is to be used for DSA. B<--s2k-cipher-algo> I Use I as the cipher algorithm used to protect secret @@ -411,11 +413,11 @@ a signature was bad and other errorcode for fatal errors. =head1 EXAMPLES - -se -r Bob [file] sign and encrypt for user Bob - -sat [file] make a clear text signature - -sb [file] make a detached signature - -k [userid] show keys - -kc [userid] show fingerprint + -se -r Bob [file] sign and encrypt for user Bob + -sat [file] make a clear text signature + -sb [file] make a detached signature + -k [userid] show keys + -kc [userid] show fingerprint =head1 ENVIRONMENT @@ -430,13 +432,13 @@ F<~/.gnupg/pubring.gpg> The public keyring F<~/.gnupg/trustdb.gpg> The trust database -F<~/.gnupg/options> May contain options +F<~/.gnupg/options> May contain options F Default location for extensions =head1 SEE ALSO -gpg(1) gpgm(1) +gpg(1) gpgm(1) =head1 WARNINGS diff --git a/g10/ChangeLog b/g10/ChangeLog index e767f75be..6b2f787fa 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,8 @@ +Tue Sep 29 08:32:08 1998 me,,, (wk@tobold) + + * mainproc.c (proc_plaintext): Display note for special filename. + * plaintext.c (handle_plaintext): Suppress output of special file. + Mon Sep 28 12:57:12 1998 Werner Koch (wk@isil.d.shuttle.de) * g10.c (verify_own_keys): Add warning if a key is not protected. diff --git a/g10/g10.c b/g10/g10.c index 891da839e..975876f73 100644 --- a/g10/g10.c +++ b/g10/g10.c @@ -215,11 +215,11 @@ static ARGPARSE_OPTS opts[] = { { oMarginalsNeeded, "marginals-needed", 1, N_("(default is 3)")}, { oLoadExtension, "load-extension" ,2, N_("|file|load extension module")}, { oRFC1991, "rfc1991", 0, N_("emulate the mode described in RFC1991")}, - { oS2KMode, "s2k-mode", 1, N_("|N| use passphrase mode N")}, + { oS2KMode, "s2k-mode", 1, N_("|N|use passphrase mode N")}, { oS2KDigest, "s2k-digest-algo",2, - N_("|NAME| use message digest algorithm NAME for passphrases")}, + N_("|NAME|use message digest algorithm NAME for passphrases")}, { oS2KCipher, "s2k-cipher-algo",2, - N_("|NAME| use cipher algorithm NAME for passphrases")}, + N_("|NAME|use cipher algorithm NAME for passphrases")}, #ifdef IS_G10 { oCipherAlgo, "cipher-algo", 2 , N_("|NAME|use cipher algorithm NAME")}, { oDigestAlgo, "digest-algo", 2 , N_("|NAME|use message digest algorithm NAME")}, @@ -789,7 +789,10 @@ main( int argc, char **argv ) if( opt.marginals_needed < 2 ) log_error(_("marginals-needed must be greater than 1\n")); switch( opt.s2k_mode ) { - case 0: case 1: case 3: break; + case 0: + log_info(_("note: simple S2K mode (0) is strongly discouraged\n")); + break; + case 1: case 3: break; default: log_error(_("invalid S2K mode; must be 0, 1 or 3\n")); } diff --git a/g10/import.c b/g10/import.c index 12a2a099d..63d4bf9b2 100644 --- a/g10/import.c +++ b/g10/import.c @@ -247,6 +247,7 @@ import_one( const char *fname, KBNODE keyblock ) u32 keyid[2]; int rc = 0; int new_key = 0; + int mod_key = 0; /* get the key and print some info about it */ node = find_kbnode( keyblock, PKT_PUBLIC_KEY ); @@ -284,6 +285,7 @@ import_one( const char *fname, KBNODE keyblock ) return 0; } + /* do we have this key already in one of our pubrings ? */ pk_orig = m_alloc_clear( sizeof *pk_orig ); rc = get_pubkey( pk_orig, keyid ); @@ -350,6 +352,7 @@ import_one( const char *fname, KBNODE keyblock ) if( rc ) goto leave; if( n_uids || n_sigs || n_subk ) { + mod_key = 1; /* keyblock_orig has been updated; write */ if( opt.verbose > 1 ) log_info_f(keyblock_resource_name(&kbpos), @@ -394,6 +397,8 @@ import_one( const char *fname, KBNODE keyblock ) log_error("key %08lX: trustdb insert failed: %s\n", (ulong)keyid[1], g10_errstr(rc) ); } + else if( mod_key ) + rc = update_trustdb( new_key? pk: pk_orig); else rc = clear_trust_checked_flag( new_key? pk : pk_orig ); } diff --git a/g10/mainproc.c b/g10/mainproc.c index bcbc4bd92..dd40c10f5 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -243,7 +243,9 @@ proc_plaintext( CTX c, PACKET *pkt ) int any, clearsig, rc; KBNODE n; - if( opt.verbose ) + if( pt->namelen == 8 && !memcmp( pt->name, "_CONSOLE", 8 ) ) + log_info(_("note: sender requested \"for-your-eyes-only\"\n")); + else if( opt.verbose ) log_info("original file name='%.*s'\n", pt->namelen, pt->name); free_md_filter_context( &c->mfx ); c->mfx.md = md_open( 0, 0); diff --git a/g10/plaintext.c b/g10/plaintext.c index 6d1c8796f..b1201b8b7 100644 --- a/g10/plaintext.c +++ b/g10/plaintext.c @@ -98,6 +98,10 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx, fname = m_alloc( strlen( opt.outfile ) + 1); strcpy(fname, opt.outfile ); } + else if( pt->namelen == 8 && !memcmp( pt->name, "_CONSOLE", 8 ) ) { + log_info(_("data not saved; use option \"--output\" to save it\n")); + nooutput = 1; + } else { fname = m_alloc( pt->namelen +1 ); memcpy( fname, pt->name, pt->namelen ); diff --git a/g10/trustdb.c b/g10/trustdb.c index b36c176ae..7bb015844 100644 --- a/g10/trustdb.c +++ b/g10/trustdb.c @@ -909,15 +909,16 @@ update_sigs( TRUSTREC *dir ) if( (sig->sig_class&~3) == 0x10 ) { rc = check_key_signature( keyblock, node, &i ); if( rc == G10ERR_NO_PUBKEY ) { - log_info("key %08lX.%lu, uid %02X%02X: " - "no public key for signature %08lX\n", + if( opt.verbose ) + log_info(_("key %08lX.%lu, uid %02X%02X: " + "no public key for signature %08lX\n"), (ulong)keyid[1], lid, urec.r.uid.namehash[18], urec.r.uid.namehash[19], (ulong)sig->keyid[1] ); miskey = 1; } else if( rc ) - log_error("key %08lX.%lu, uid %02X%02X: " - "invalid %ssignature: %s\n", + log_info(_("key %08lX.%lu, uid %02X%02X: " + "invalid %ssignature: %s\n"), (ulong)keyid[1], lid, urec.r.uid.namehash[18], urec.r.uid.namehash[19], i?"self-":"",g10_errstr(rc)); @@ -1520,6 +1521,7 @@ list_trust_path( int max_depth, const char *username ) /**************** * Check the complete trustdb or only the entries for the given username + * FIXME: We need a mode which only looks at keys with the MISKEY flag set. */ void check_trustdb( const char *username ) diff --git a/zlib/Makefile b/zlib/Makefile index 7b77552a3..0d5d12d55 100644 --- a/zlib/Makefile +++ b/zlib/Makefile @@ -1,5 +1,5 @@ # Generated automatically from Makefile.in by configure. -# Makefile.in generated automatically by automake 1.2f from Makefile.am +# Makefile.in generated automatically by automake 1.3 from Makefile.am # Copyright (C) 1994, 1995, 1996, 1997, 1998 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation @@ -37,6 +37,8 @@ mandir = ${prefix}/man includedir = ${prefix}/include oldincludedir = /usr/include +DISTDIR = + pkgdatadir = $(datadir)/gnupg pkglibdir = $(libdir)/gnupg pkgincludedir = $(includedir)/gnupg @@ -93,7 +95,7 @@ RANLIB = ranlib USE_INCLUDED_LIBINTL = no USE_NLS = no VERSION = 0.4.0a -ZLIBS = +ZLIBS = ../zlib/libzlib.a l = CFLAGS = -O -Wall @@ -103,7 +105,7 @@ EXTRA_DIST = README algorithm.doc ChangeLog example.c # I found no other easy way to use this only if zlib is neede # doing this with SUBDIR = @xxx@ in the top Makefile.am does not # work because automake doesn't scan this Makefile.am here. -#noinst_LIBRARIES = libzlib.a +noinst_LIBRARIES = libzlib.a libzlib_a_SOURCES = adler32.c compress.c crc32.c gzio.c \ uncompr.c deflate.c trees.c zutil.c \ @@ -122,7 +124,7 @@ LIBRARIES = $(noinst_LIBRARIES) DEFS = -DHAVE_CONFIG_H -I. -I$(srcdir) -I.. CPPFLAGS = LDFLAGS = -LIBS = -ldl -lz +LIBS = -ldl libzlib_a_LIBADD = libzlib_a_OBJECTS = adler32.o compress.o crc32.o gzio.o uncompr.o \ deflate.o trees.o zutil.o inflate.o infblock.o inftrees.o infcodes.o \ @@ -144,14 +146,14 @@ DEP_FILES = .deps/adler32.P .deps/compress.P .deps/crc32.P \ SOURCES = $(libzlib_a_SOURCES) OBJECTS = $(libzlib_a_OBJECTS) -default: all +all: Makefile $(LIBRARIES) .SUFFIXES: .SUFFIXES: .S .c .o .s -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) cd $(top_srcdir) && $(AUTOMAKE) --gnu zlib/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status $(BUILT_SOURCES) +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status $(BUILT_SOURCES) cd $(top_builddir) \ && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status @@ -267,8 +269,6 @@ install: install-exec install-data all uninstall: -all: Makefile $(LIBRARIES) - install-strip: $(MAKE) INSTALL_PROGRAM='$(INSTALL_PROGRAM) -s' INSTALL_SCRIPT='$(INSTALL_PROGRAM)' install installdirs: @@ -305,7 +305,7 @@ maintainer-clean: maintainer-clean-noinstLIBRARIES \ @echo "This command is intended for maintainers to use;" @echo "it deletes files that may require special tools to rebuild." -.PHONY: default mostlyclean-noinstLIBRARIES distclean-noinstLIBRARIES \ +.PHONY: mostlyclean-noinstLIBRARIES distclean-noinstLIBRARIES \ clean-noinstLIBRARIES maintainer-clean-noinstLIBRARIES \ mostlyclean-compile distclean-compile clean-compile \ maintainer-clean-compile tags mostlyclean-tags distclean-tags \