See ChangeLog: Thu Jul 15 10:15:35 CEST 1999 Werner Koch

ChangeLog

@@ -1,3 +1,8 @@
+Thu Jul 15 10:15:35 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+
+	* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Fixed last modification.
+
 Wed Jul  7 13:08:40 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
 
 

NEWS

@@ -14,11 +14,12 @@
     * New commands --lsign-key and made --sign-key a shortcut for --edit
       and sign.
 
-    * New options (#122--124 ;-) --[no-]default-recipient[-self]. See the
-      man page.
+    * New options (#122--126 ;-) --[no-]default-recipient[-self],
+      --disable-{cipher,pubkey}-algo. See the man page.
 
     * Enhanced info output in case of multiple recipients and fixed exit code.
 
+
 Noteworthy changes in version 0.9.8
 -----------------------------------
 

TODO

@@ -2,7 +2,7 @@
   * add some status output put for signing and encryption.
     replace the putc in primegen with some kind of status-fd outputs.
 
-  * Speed up calculation of key validity.
+  * Speed up calculation of key validation.
 
   * print a warning when a revoked/expired _secret_ key is used.
 

acinclude.m4

@@ -560,7 +560,7 @@ AC_CHECK_TOOL(AS, as, false)
 # GNUPG_SYS_SYMBOL_UNDERSCORE - does the compiler prefix global symbols
 #                              with an underscore?
 AC_DEFUN(GNUPG_SYS_SYMBOL_UNDERSCORE,
-[ac_cv_sys_symbol_underscore="check"
+[tmp_do_check="no"
 case "${target}" in
     i386-emx-os2 | i[3456]86-pc-os2*emx )
         ac_cv_sys_symbol_underscore=yes
@@ -568,11 +568,13 @@ case "${target}" in
     *)
       if test "$cross_compiling" = yes; then
          ac_cv_sys_symbol_underscore=yes
+      else
+         tmp_do_check="yes"
       fi
        ;;
 esac
 
-if test "$ac_cv_sys_symbol_underscore" = "check"; then
+if test "$tmp_do_check" = "yes"; then
 ac_cv_sys_symbol_underscore=""
 AC_REQUIRE([GNUPG_PROG_NM])dnl
 AC_REQUIRE([GNUPG_SYS_NM_PARSE])dnl

cipher/ChangeLog

@@ -1,3 +1,15 @@
+Thu Jul 15 10:15:35 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+
+	* elgamal.c (elg_check_secret_key,elg_encrypt
+	elg_decrypt,elg_sign,elg_verify): Sanity check on the args.
+	* dsa.c (dsa_check_secret_key,dsa_sign,dsa_verify): Ditto.
+
+	* pubkey.c (disable_pubkey_algo): New.
+	(check_pubkey_algo2): Look at disabled algo table.
+	* cipher.c (disable_cipher_algo): New.
+	(check_cipher_algo): Look at disabled algo table.
+
 Wed Jul  7 13:08:40 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
 
 	* Makefile.am: Support for libtool.

cipher/cipher.c

@@ -48,6 +48,7 @@ struct cipher_table_s {
 };
 
 static struct cipher_table_s cipher_table[TABLE_SIZE];
+static int disabled_algos[TABLE_SIZE];
 
 
 struct cipher_handle_s {
@@ -246,6 +247,22 @@ cipher_algo_to_string( int algo )
     return NULL;
 }
 
+
+void
+disable_cipher_algo( int algo )
+{
+    int i;
+
+    for(i=0; i < DIM(disabled_algos); i++ ) {
+	if( !disabled_algos[i] || disabled_algos[i] == algo ) {
+	    disabled_algos[i] = algo;
+	    return;
+	}
+    }
+    /* fixme: we should use a linked list */
+    log_fatal("can't disable cipher algo %d: table full\n");
+}
+
 /****************
  * Return 0 if the cipher algo is available
  */
@@ -256,8 +273,13 @@ check_cipher_algo( int algo )
 
     do {
        for(i=0; cipher_table[i].name; i++ )
-	   if( cipher_table[i].algo == algo )
-	       return 0; /* okay */
+	   if( cipher_table[i].algo == algo ) {
+		for(i=0; i < DIM(disabled_algos); i++ ) {
+		   if( disabled_algos[i] == algo )
+		       return G10ERR_CIPHER_ALGO;
+		}
+		return 0; /* okay */
+	   }
     } while( load_cipher_modules() );
     return G10ERR_CIPHER_ALGO;
 }

cipher/dsa.c

@@ -300,6 +300,7 @@ verify(MPI r, MPI s, MPI hash, DSA_public_key *pkey )
     MPI base[3];
     MPI exp[3];
 
+
     if( !(mpi_cmp_ui( r, 0 ) > 0 && mpi_cmp( r, pkey->q ) < 0) )
 	return 0; /* assertion	0 < r < q  failed */
     if( !(mpi_cmp_ui( s, 0 ) > 0 && mpi_cmp( s, pkey->q ) < 0) )
@@ -365,6 +366,8 @@ dsa_check_secret_key( int algo, MPI *skey )
 
     if( algo != PUBKEY_ALGO_DSA )
 	return G10ERR_PUBKEY_ALGO;
+    if( !skey[0] || !skey[1] || !skey[2] || !skey[3] || !skey[4] )
+	return G10ERR_BAD_MPI;
 
     sk.p = skey[0];
     sk.q = skey[1];
@@ -386,6 +389,8 @@ dsa_sign( int algo, MPI *resarr, MPI data, MPI *skey )
 
     if( algo != PUBKEY_ALGO_DSA )
 	return G10ERR_PUBKEY_ALGO;
+    if( !data || !skey[0] || !skey[1] || !skey[2] || !skey[3] || !skey[4] )
+	return G10ERR_BAD_MPI;
 
     sk.p = skey[0];
     sk.q = skey[1];
@@ -406,6 +411,9 @@ dsa_verify( int algo, MPI hash, MPI *data, MPI *pkey,
 
     if( algo != PUBKEY_ALGO_DSA )
 	return G10ERR_PUBKEY_ALGO;
+    if( !data[0] || !data[1] || !hash
+	|| !pkey[0] || !pkey[1] || !pkey[2] || !pkey[3] )
+	return G10ERR_BAD_MPI;
 
     pk.p = pkey[0];
     pk.q = pkey[1];

cipher/elgamal.c

@@ -459,6 +459,8 @@ elg_check_secret_key( int algo, MPI *skey )
 
     if( !is_ELGAMAL(algo) )
 	return G10ERR_PUBKEY_ALGO;
+    if( !skey[0] || !skey[1] || !skey[2] || !skey[3] )
+	return G10ERR_BAD_MPI;
 
     sk.p = skey[0];
     sk.g = skey[1];
@@ -479,6 +481,8 @@ elg_encrypt( int algo, MPI *resarr, MPI data, MPI *pkey )
 
     if( !is_ELGAMAL(algo) )
 	return G10ERR_PUBKEY_ALGO;
+    if( !data || !pkey[0] || !pkey[1] || !pkey[2] )
+	return G10ERR_BAD_MPI;
 
     pk.p = pkey[0];
     pk.g = pkey[1];
@@ -496,6 +500,9 @@ elg_decrypt( int algo, MPI *result, MPI *data, MPI *skey )
 
     if( !is_ELGAMAL(algo) )
 	return G10ERR_PUBKEY_ALGO;
+    if( !data[0] || !data[1]
+	|| !skey[0] || !skey[1] || !skey[2] || !skey[3] )
+	return G10ERR_BAD_MPI;
 
     sk.p = skey[0];
     sk.g = skey[1];
@@ -513,6 +520,8 @@ elg_sign( int algo, MPI *resarr, MPI data, MPI *skey )
 
     if( !is_ELGAMAL(algo) )
 	return G10ERR_PUBKEY_ALGO;
+    if( !data || !skey[0] || !skey[1] || !skey[2] || !skey[3] )
+	return G10ERR_BAD_MPI;
 
     sk.p = skey[0];
     sk.g = skey[1];
@@ -532,6 +541,9 @@ elg_verify( int algo, MPI hash, MPI *data, MPI *pkey,
 
     if( !is_ELGAMAL(algo) )
 	return G10ERR_PUBKEY_ALGO;
+    if( !data[0] || !data[1] || !hash
+	|| !pkey[0] || !pkey[1] || !pkey[2] )
+	return G10ERR_BAD_MPI;
 
     pk.p = pkey[0];
     pk.g = pkey[1];

cipher/pubkey.c

@@ -54,7 +54,7 @@ struct pubkey_table_s {
 };
 
 static struct pubkey_table_s pubkey_table[TABLE_SIZE];
-
+static int disabled_algos[TABLE_SIZE];
 
 
 static int
@@ -267,6 +267,20 @@ pubkey_algo_to_string( int algo )
 }
 
 
+void
+disable_pubkey_algo( int algo )
+{
+    int i;
+
+    for(i=0; i < DIM(disabled_algos); i++ ) {
+	if( !disabled_algos[i] || disabled_algos[i] == algo ) {
+	    disabled_algos[i] = algo;
+	    return;
+	}
+    }
+    log_fatal("can't disable pubkey algo %d: table full\n");
+}
+
 
 int
 check_pubkey_algo( int algo )
@@ -291,6 +305,11 @@ check_pubkey_algo2( int algo, unsigned use )
 		if( (use & PUBKEY_USAGE_ENC)
 		    && !(pubkey_table[i].use & PUBKEY_USAGE_ENC) )
 		    return G10ERR_WR_PUBKEY_ALGO;
+
+		for(i=0; i < DIM(disabled_algos); i++ ) {
+		    if( disabled_algos[i] == algo )
+			return G10ERR_PUBKEY_ALGO;
+		}
 		return 0; /* okay */
 	    }
     } while( load_pubkey_modules() );

doc/gpg.sgml

@@ -940,6 +940,7 @@ selected from the preferences stored with the key.
 </para></listitem></varlistentry>
 
 
+
 <varlistentry>
 <term>--digest-algo &ParmName;</term>
 <listitem><para>
@@ -997,6 +998,21 @@ not encrypt the data.
 </para></listitem></varlistentry>
 
 
+<varlistentry>
+<term>--disable-cipher-algo &ParmName;</term>
+<listitem><para>
+Never allow the use of &ParmName; as cipher algorithm.
+The given name will not be checked so that a later loaded algorithm
+will still get disabled.
+</para></listitem></varlistentry>
+
+<varlistentry>
+<term>--disable-pubkey-algo &ParmName;</term>
+<listitem><para>
+Never allow the use of &ParmName; as public key algorithm.
+The given name will not be checked so that a later loaded algorithm
+will still get disabled.
+
 <varlistentry>
 <term>--throw-keyid</term>
 <listitem><para>

g10/ChangeLog

@@ -1,3 +1,8 @@
+Thu Jul 15 10:15:35 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+
+	* g10.c: New options --disable-{cipher,pubkey}-algo.
+
 Wed Jul 14 19:42:08 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
 
 

g10/g10.c

@@ -172,6 +172,8 @@ enum cmd_and_opt_values { aNull = 0,
     oLoggerFD,
     oUtf8Strings,
     oNoUtf8Strings,
+    oDisableCipherAlgo,
+    oDisablePubkeyAlgo,
 aTest };
 
 
@@ -328,6 +330,8 @@ static ARGPARSE_OPTS opts[] = {
     { oUtf8Strings, "utf8-strings", 0, "@" },
     { oNoUtf8Strings, "no-utf8-strings", 0, "@" },
     { oWithFingerprint, "with-fingerprint", 0, "@" },
+    { oDisableCipherAlgo,  "disable-cipher-algo", 2, "@" },
+    { oDisablePubkeyAlgo,  "disable-pubkey-algo", 2, "@" },
 {0} };
 
 
@@ -833,6 +837,12 @@ main( int argc, char **argv )
 	  case oNotation: add_notation_data( pargs.r.ret_str ); break;
 	  case oUtf8Strings: utf8_strings = 1; break;
 	  case oNoUtf8Strings: utf8_strings = 0; break;
+	  case oDisableCipherAlgo:
+		disable_cipher_algo( string_to_cipher_algo(pargs.r.ret_str) );
+		break;
+	  case oDisablePubkeyAlgo:
+		disable_pubkey_algo( string_to_pubkey_algo(pargs.r.ret_str) );
+		break;
 
 	  default : pargs.err = configfp? 1:2; break;
 	}

include/cipher.h

@@ -128,6 +128,7 @@ void rmd160_hash_buffer( char *outbuf, const char *buffer, size_t length );
 /*-- cipher.c --*/
 int string_to_cipher_algo( const char *string );
 const char * cipher_algo_to_string( int algo );
+void disable_cipher_algo( int algo );
 int check_cipher_algo( int algo );
 unsigned cipher_get_keylen( int algo );
 unsigned cipher_get_blocksize( int algo );
@@ -147,6 +148,7 @@ void cipher_sync( CIPHER_HANDLE c );
 
 int string_to_pubkey_algo( const char *string );
 const char * pubkey_algo_to_string( int algo );
+void disable_pubkey_algo( int algo );
 int check_pubkey_algo( int algo );
 int check_pubkey_algo2( int algo, unsigned use );
 int pubkey_get_npkey( int algo );