security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-31 16:23:02 +01:00
Code Activity

Added RSA key generation

Browse Source
This commit is contained in:
Werner Koch 2001-08-14 11:33:49 +00:00
parent dc718d704f
commit aa1514852a
12 changed files with 212 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
NEWS
View File

@ -19,6 +19,8 @@
* Fixed the preference handling; since 1.0.5 they were erroneously
matched against against the latest user ID and not the given one.
* RSA key generation.
Noteworthy changes in version 1.0.6 (2001-05-29)
------------------------------------------------

1
THANKS
View File

@ -120,6 +120,7 @@ Matthew Skala mskala@ansuz.sooke.bc.ca
Matthew Wilcox matthew@wil.cx
Matthias Urlichs smurf@noris.de
Max Valianskiy maxcom@maxcom.ml.org
Michael Engels michael.engels@uni-duesseldorf.de
Michael Fischer v. Mollard mfvm@gmx.de
Michael Roth mroth@nessie.de
Michael Sobolev mss@despair.transas.com

11
TODO
View File

@ -1,11 +1,8 @@
* add listing of notation data
* Make sure that we only update the latest self-signatures.
* Check the changes to the gpg random agtherer on all W32 platforms.
* Check that a key signature can be revoked and later be signed again.
* Check the changes to the gpg random gatherer on all W32 platforms.
* Put a note into readme.w32 that there is a man page and a options
file; write the registry stuff in regedit format.
@ -34,14 +31,14 @@
add a real grammar to the code in mainproc.c
* option to set the signature expiration time for key sigs.
Rework the way we create signature subpackets - the current code
is not easy to understand.
* Option to warn when a non MDC message is decrypted?
* If there is no secure memory, allocate more memory for the secure
memory block or do it in all cases.
* add a way to set expiration time for key signatures.
* add some minor things vor VMS.
* Don't get the ultimately trusted keys from the secring but store

7
doc/DETAILS
View File

@ -366,11 +366,18 @@ The format of this file is as follows:
This is a required parameter.
Key-Length: <length-in-bits>
Length of the key in bits. Default is 1024.
Key-Usage: <usage-list>
Space or comma delimited list of key usage, allowed values are
"encrypt" and "sign". This is used to generate the key flags
and must match the algorithm.
Subkey-Type: <algo-number>|<algo-string>
This generates a secondary key. Currently only one subkey
can be handled.
Subkey-Length: <length-in-bits>
Length of the subkey in bits. Default is 1024.
Subkey-Usage: <usage-list>
Similar to Key-Usage.
Passphrase: <string>
If you want to specify a passphrase for the secret key,
enter it here. Default is not to use any passphrase.

25
g10/ChangeLog
View File

@ -1,3 +1,28 @@
2001-08-14 Werner Koch <wk@gnupg.org>
* keygen.c (ask_algo): New arg r_usage. Allow for RSA keys.
(gen_rsa): Enabled the code.
(do_create): Enabled RSA branch.
(parse_parameter_usage): New.
(proc_parameter_file): Handle usage parameter.
(read_parameter_file): Ditto.
(generate_keypair): Ditto.
(generate_subkeypair): Ditto.
(do_generate_keypair): Ditto.
(do_add_key_flags): New.
(keygen_add_std_prefs): Use the new function.
(keygen_add_key_flags_and_expire): New.
(write_selfsig, write_keybinding): Handle new usage arg.
* build-packet.c (build_sig_subpkt): Make sure that key flags go
into the hashed area.
* keygen.c (write_uid): Initialize the reference cunter.
* keyedit.c (keyedit_menu): No more need to update the trustdb for
preferences. Added calls to merge keblock.
* kbnode.c (dump_kbnode): Print some more flags.
2001-08-10 Werner Koch <wk@gnupg.org>
Revamped the preference handling.

1
g10/build-packet.c
View File

@ -782,6 +782,7 @@ build_sig_subpkt (PKT_signature *sig, sigsubpkttype_t type,
case SIGSUBPKT_POLICY:
case SIGSUBPKT_REVOC_REASON:
case SIGSUBPKT_PRIMARY_UID:
case SIGSUBPKT_KEY_FLAGS:
hashed = 1; break;
default: hashed = 0; break;
}

19
g10/kbnode.c
View File

@ -362,10 +362,14 @@ dump_kbnode( KBNODE node )
fprintf(stderr, "node %p %02x/%02x type=%s",
node, node->flag, node->private_flag, s);
if( node->pkt->pkttype == PKT_USER_ID ) {
PKT_user_id *uid = node->pkt->pkt.user_id;
fputs(" \"", stderr);
print_string( stderr, node->pkt->pkt.user_id->name,
node->pkt->pkt.user_id->len, 0 );
fputs("\"\n", stderr);
print_string( stderr, uid->name, uid->len, 0 );
fprintf (stderr, "\" .%c%c%c\n",
/* we don't have a expired flag */
uid->is_revoked? 'r':'.',
uid->created? 'v':'.',
uid->is_primary? 'p':'.' );
}
else if( node->pkt->pkttype == PKT_SIGNATURE ) {
fprintf(stderr, " class=%02x keyid=%08lX ts=%lu\n",
@ -380,8 +384,13 @@ dump_kbnode( KBNODE node )
}
else if( node->pkt->pkttype == PKT_PUBLIC_KEY
|| node->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
fprintf(stderr, " keyid=%08lX\n", (ulong)
keyid_from_pk( node->pkt->pkt.public_key, NULL ));
PKT_public_key *pk = node->pkt->pkt.public_key;
fprintf(stderr, " keyid=%08lX a=%d u=%d %c%c%c\n",
(ulong)keyid_from_pk( pk, NULL ),
pk->pubkey_algo, pk->pubkey_usage,
pk->has_expired? 'e':'.',
pk->is_revoked? 'r':'.',
pk->is_valid? 'v':'.' );
}
else
fputs("\n", stderr);

14
g10/keyedit.c
View File

@ -819,14 +819,8 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
if( menu_adduid( keyblock, sec_keyblock ) ) {
redisplay = 1;
sec_modified = modified = 1;
/* must update the trustdb already here, so that preferences
* get listed correctly */
rc = update_trust_record( keyblock, 0, NULL );
if( rc ) {
log_error(_("update of trustdb failed: %s\n"),
g10_errstr(rc) );
rc = 0;
}
merge_keys_and_selfsig( sec_keyblock );
merge_keys_and_selfsig( keyblock );
}
break;
@ -868,6 +862,8 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
if( generate_subkeypair( keyblock, sec_keyblock ) ) {
redisplay = 1;
sec_modified = modified = 1;
merge_keys_and_selfsig( sec_keyblock );
merge_keys_and_selfsig( keyblock );
}
break;
@ -1284,7 +1280,7 @@ show_fingerprint( PKT_public_key *pk )
/****************
* Ask for a new user id , do the selfsignature and put it into
* Ask for a new user id, do the selfsignature and put it into
* both keyblocks.
* Return true if there is a new user id
*/

189
g10/keygen.c
View File

@ -41,8 +41,10 @@
enum para_name {
pKEYTYPE,
pKEYLENGTH,
pKEYUSAGE,
pSUBKEYTYPE,
pSUBKEYLENGTH,
pSUBKEYUSAGE,
pNAMEREAL,
pNAMEEMAIL,
pNAMECOMMENT,
@ -60,10 +62,11 @@ struct para_data_s {
int lnr;
enum para_name key;
union {
DEK *dek;
STRING2KEY *s2k;
u32 expire;
char value[1];
DEK *dek;
STRING2KEY *s2k;
u32 expire;
unsigned int usage;
char value[1];
} u;
};
@ -86,6 +89,12 @@ struct output_control_s {
};
struct opaque_data_usage_and_pk {
unsigned int usage;
PKT_public_key *pk;
};
static int prefs_initialized = 0;
static byte sym_prefs[MAX_PREFS];
static int nsym_prefs;
@ -109,10 +118,26 @@ write_uid( KBNODE root, const char *s )
pkt->pkttype = PKT_USER_ID;
pkt->pkt.user_id = m_alloc_clear( sizeof *pkt->pkt.user_id + n - 1 );
pkt->pkt.user_id->len = n;
pkt->pkt.user_id->ref = 1;
strcpy(pkt->pkt.user_id->name, s);
add_kbnode( root, new_kbnode( pkt ) );
}
static void
do_add_key_flags (PKT_signature *sig, unsigned int usage)
{
byte buf[1];
if (!usage)
return;
buf[0] = 0;
if (usage & PUBKEY_USAGE_SIG)
buf[0] |= 0x01 | 0x02;
if (usage & PUBKEY_USAGE_ENC)
buf[0] |= 0x04 | 0x08;
build_sig_subpkt (sig, SIGSUBPKT_KEY_FLAGS, buf, 1);
}
int
@ -135,7 +160,14 @@ keygen_add_key_expire( PKT_signature *sig, void *opaque )
return 0;
}
static int
keygen_add_key_flags_and_expire (PKT_signature *sig, void *opaque)
{
struct opaque_data_usage_and_pk *oduap = opaque;
do_add_key_flags (sig, oduap->usage);
return keygen_add_key_expire (sig, oduap->pk);
}
static int
set_one_pref (ulong val, int type, int (*cf)(int), byte *buf, int *nbuf)
@ -277,8 +309,10 @@ keygen_upd_std_prefs( PKT_signature *sig, void *opaque )
int
keygen_add_std_prefs( PKT_signature *sig, void *opaque )
{
PKT_public_key *pk = opaque;
byte buf[8];
do_add_key_flags (sig, pk->pubkey_usage);
keygen_add_key_expire( sig, opaque );
keygen_upd_std_prefs (sig, opaque);
@ -294,9 +328,9 @@ keygen_add_std_prefs( PKT_signature *sig, void *opaque )
}
static int
write_selfsig( KBNODE root, KBNODE pub_root, PKT_secret_key *sk )
write_selfsig( KBNODE root, KBNODE pub_root, PKT_secret_key *sk,
unsigned int usage )
{
PACKET *pkt;
PKT_signature *sig;
@ -318,13 +352,14 @@ write_selfsig( KBNODE root, KBNODE pub_root, PKT_secret_key *sk )
if( !node )
BUG();
pk = node->pkt->pkt.public_key;
pk->pubkey_usage = usage;
/* we have to cache the key, so that the verification of the signature
* creation is able to retrieve the public key */
cache_public_key (pk);
/* and make the signature */
rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x13, 0, 0,
keygen_add_std_prefs, pk );
keygen_add_std_prefs, pk );
if( rc ) {
log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );
return rc;
@ -338,13 +373,15 @@ write_selfsig( KBNODE root, KBNODE pub_root, PKT_secret_key *sk )
}
static int
write_keybinding( KBNODE root, KBNODE pub_root, PKT_secret_key *sk )
write_keybinding( KBNODE root, KBNODE pub_root, PKT_secret_key *sk,
unsigned int usage )
{
PACKET *pkt;
PKT_signature *sig;
int rc=0;
KBNODE node;
PKT_public_key *pk, *subpk;
struct opaque_data_usage_and_pk oduap;
if( opt.verbose )
log_info(_("writing key binding signature\n"));
@ -368,8 +405,10 @@ write_keybinding( KBNODE root, KBNODE pub_root, PKT_secret_key *sk )
BUG();
/* and make the signature */
oduap.usage = usage;
oduap.pk = subpk;
rc = make_keysig_packet( &sig, pk, NULL, subpk, sk, 0x18, 0, 0,
keygen_add_key_expire, subpk );
keygen_add_key_flags_and_expire, &oduap );
if( rc ) {
log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );
return rc;
@ -555,11 +594,10 @@ gen_dsa(unsigned int nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
return 0;
}
#if 0
/* we can't enable generation right now, becuase we first need to
* implement the keyflags - the problem is that we need to change all
* signature editing function to keep the ketflags associated with an
* RSA key. */
/*
* Generate an RSA key.
*/
static int
gen_rsa(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
STRING2KEY *s2k, PKT_secret_key **ret_sk, u32 expireval )
@ -568,7 +606,7 @@ gen_rsa(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
PACKET *pkt;
PKT_secret_key *sk;
PKT_public_key *pk;
MPI skey[4];
MPI skey[6];
MPI *factors;
assert( is_RSA(algo) );
@ -639,7 +677,6 @@ gen_rsa(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
return 0;
}
#endif
/****************
@ -672,13 +709,15 @@ check_valid_days( const char *s )
/****************
* Returns: 0 to create both a DSA and a ElGamal key.
* and only if key flags are to be written the desired usage.
*/
static int
ask_algo( int addmode )
ask_algo (int addmode, unsigned int *r_usage)
{
char *answer;
int algo;
*r_usage = 0;
tty_printf(_("Please select what kind of key you want:\n"));
if( !addmode )
tty_printf(_(" (%d) DSA and ElGamal (default)\n"), 1 );
@ -686,9 +725,9 @@ ask_algo( int addmode )
if( addmode )
tty_printf( _(" (%d) ElGamal (encrypt only)\n"), 3 );
tty_printf( _(" (%d) ElGamal (sign and encrypt)\n"), 4 );
#if 0
tty_printf( _(" (%d) RSA (sign and encrypt)\n"), 5 );
#endif
tty_printf( _(" (%d) RSA (sign only)\n"), 5 );
if (addmode)
tty_printf( _(" (%d) RSA (encrypt only)\n"), 6 );
for(;;) {
answer = cpr_get("keygen.algo",_("Your selection? "));
@ -699,15 +738,16 @@ ask_algo( int addmode )
algo = 0; /* create both keys */
break;
}
#if 0
else if( algo == 5 ) {
if( cpr_get_answer_is_yes("keygen.algo.rsa_se",_(
"Do you really want to create a sign and encrypt key? "))) {
algo = PUBKEY_ALGO_RSA;
break;
}
else if( algo == 6 && addmode ) {
algo = PUBKEY_ALGO_RSA;
*r_usage = PUBKEY_USAGE_ENC;
break;
}
else if( algo == 5 ) {
algo = PUBKEY_ALGO_RSA;
*r_usage = PUBKEY_USAGE_SIG;
break;
}
#endif
else if( algo == 4 ) {
if( cpr_get_answer_is_yes("keygen.algo.elg_se",_(
"The use of this algorithm is deprecated - create anyway? "))){
@ -1117,7 +1157,7 @@ ask_passphrase( STRING2KEY **ret_s2k )
static int
do_create( int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root,
do_create( int algo, unsigned int nbits, KBNODE pub_root, KBNODE sec_root,
DEK *dek, STRING2KEY *s2k, PKT_secret_key **sk, u32 expiredate )
{
int rc=0;
@ -1133,10 +1173,8 @@ do_create( int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root,
rc = gen_elg(algo, nbits, pub_root, sec_root, dek, s2k, sk, expiredate);
else if( algo == PUBKEY_ALGO_DSA )
rc = gen_dsa(nbits, pub_root, sec_root, dek, s2k, sk, expiredate);
#if 0
else if( algo == PUBKEY_ALGO_RSA )
rc = gen_rsa(algo, nbits, pub_root, sec_root, dek, s2k, sk, expiredate);
#endif
else
BUG();
@ -1219,6 +1257,38 @@ get_parameter_algo( struct para_data_s *para, enum para_name key )
return string_to_pubkey_algo( r->u.value );
}
/*
* parse the usage parameter and set the keyflags. Return true on error.
*/
static int
parse_parameter_usage (const char *fname,
struct para_data_s *para, enum para_name key)
{
struct para_data_s *r = get_parameter( para, key );
char *p, *pn;
unsigned int usage;
if( !r )
return 0; /* none (this is an optional parameter)*/
usage = 0;
pn = r->u.value;
while ( (p = strsep (&pn, " \t,")) ) {
if ( !*p)
;
else if ( !ascii_strcasecmp (p, "sign") )
usage |= PUBKEY_USAGE_SIG;
else if ( !ascii_strcasecmp (p, "encrypt") )
usage |= PUBKEY_USAGE_ENC;
else {
log_error("%s:%d: invalid usage list\n", fname, r->lnr );
return -1; /* error */
}
}
r->u.usage = usage;
return 0;
}
static u32
get_parameter_u32( struct para_data_s *para, enum para_name key )
@ -1229,6 +1299,8 @@ get_parameter_u32( struct para_data_s *para, enum para_name key )
return 0;
if( r->key == pKEYEXPIRE || r->key == pSUBKEYEXPIRE )
return r->u.expire;
if( r->key == pKEYUSAGE || r->key == pSUBKEYUSAGE )
return r->u.usage;
return (unsigned int)strtoul( r->u.value, NULL, 10 );
}
@ -1256,7 +1328,7 @@ get_parameter_s2k( struct para_data_s *para, enum para_name key )
static int
proc_parameter_file( struct para_data_s *para, const char *fname,
struct output_control_s *outctrl )
struct output_control_s *outctrl )
{
struct para_data_s *r;
const char *s1, *s2, *s3;
@ -1273,12 +1345,18 @@ proc_parameter_file( struct para_data_s *para, const char *fname,
return -1;
}
if (parse_parameter_usage (fname, para, pKEYUSAGE))
return -1;
i = get_parameter_algo( para, pSUBKEYTYPE );
if( i > 1 && check_pubkey_algo( i ) ) {
if( i > 0 && check_pubkey_algo( i ) ) {
r = get_parameter( para, pSUBKEYTYPE );
log_error("%s:%d: invalid algorithm\n", fname, r->lnr );
return -1;
}
if (i > 0 && parse_parameter_usage (fname, para, pSUBKEYUSAGE))
return -1;
if( !get_parameter_value( para, pUSERID ) ) {
/* create the formatted user ID */
@ -1372,8 +1450,10 @@ read_parameter_file( const char *fname )
} keywords[] = {
{ "Key-Type", pKEYTYPE},
{ "Key-Length", pKEYLENGTH },
{ "Key-Usage", pKEYUSAGE },
{ "Subkey-Type", pSUBKEYTYPE },
{ "Subkey-Length", pSUBKEYLENGTH },
{ "Subkey-Usage", pSUBKEYUSAGE },
{ "Name-Real", pNAMEREAL },
{ "Name-Email", pNAMEEMAIL },
{ "Name-Comment", pNAMECOMMENT },
@ -1552,6 +1632,7 @@ generate_keypair( const char *fname )
DEK *dek;
STRING2KEY *s2k;
int algo;
unsigned int usage;
int both = 0;
u32 expire;
struct para_data_s *para = NULL;
@ -1565,7 +1646,7 @@ generate_keypair( const char *fname )
return;
}
algo = ask_algo( 0 );
algo = ask_algo( 0, &usage );
if( !algo ) { /* default: DSA with ElG subkey of the specified size */
both = 1;
r = m_alloc_clear( sizeof *r + 20 );
@ -1593,6 +1674,17 @@ generate_keypair( const char *fname )
sprintf( r->u.value, "%d", algo );
r->next = para;
para = r;
if (usage) {
r = m_alloc_clear( sizeof *r + 20 );
r->key = pKEYUSAGE;
sprintf( r->u.value, "%s%s",
(usage & PUBKEY_USAGE_SIG)? "sign ":"",
(usage & PUBKEY_USAGE_ENC)? "encrypt ":"" );
r->next = para;
para = r;
}
}
nbits = ask_keysize( algo );
@ -1738,9 +1830,11 @@ do_generate_keypair( struct para_data_s *para,
if( !rc )
write_uid(sec_root, s );
if( !rc )
rc = write_selfsig(pub_root, pub_root, sk);
rc = write_selfsig(pub_root, pub_root, sk,
get_parameter_uint (para, pKEYUSAGE));
if( !rc )
rc = write_selfsig(sec_root, pub_root, sk);
rc = write_selfsig(sec_root, pub_root, sk,
get_parameter_uint (para, pKEYUSAGE));
}
if( get_parameter( para, pSUBKEYTYPE ) ) {
@ -1752,9 +1846,11 @@ do_generate_keypair( struct para_data_s *para,
NULL,
get_parameter_u32( para, pSUBKEYEXPIRE ) );
if( !rc )
rc = write_keybinding(pub_root, pub_root, sk);
rc = write_keybinding(pub_root, pub_root, sk,
get_parameter_uint (para, pSUBKEYUSAGE));
if( !rc )
rc = write_keybinding(sec_root, pub_root, sk);
rc = write_keybinding(sec_root, pub_root, sk,
get_parameter_uint (para, pSUBKEYUSAGE));
did_sub = 1;
}
@ -1811,10 +1907,16 @@ do_generate_keypair( struct para_data_s *para,
else if( (rc=insert_keyblock( &sec_kbpos, sec_root )) )
log_error("can't write secret key: %s\n", g10_errstr(rc) );
else {
int no_enc_rsa =
get_parameter_algo(para, pKEYTYPE) == PUBKEY_ALGO_RSA
&& get_parameter_uint( para, pKEYUSAGE )
&& !(get_parameter_uint( para,pKEYUSAGE) & PUBKEY_USAGE_ENC);
if( !opt.batch )
tty_printf(_("public and secret key created and signed.\n") );
if( !opt.batch
&& get_parameter_algo( para, pKEYTYPE ) == PUBKEY_ALGO_DSA
&& ( get_parameter_algo( para, pKEYTYPE ) == PUBKEY_ALGO_DSA
|| no_enc_rsa )
&& !get_parameter( para, pSUBKEYTYPE ) )
{
tty_printf(_("Note that this key cannot be used for "
@ -1861,6 +1963,7 @@ generate_subkeypair( KBNODE pub_keyblock, KBNODE sec_keyblock )
KBNODE node;
PKT_secret_key *sk = NULL; /* this is the primary sk */
int algo;
unsigned int usage;
u32 expire;
unsigned nbits;
char *passphrase = NULL;
@ -1914,7 +2017,7 @@ generate_subkeypair( KBNODE pub_keyblock, KBNODE sec_keyblock )
goto leave;
algo = ask_algo( 1 );
algo = ask_algo( 1, &usage );
assert(algo);
nbits = ask_keysize( algo );
expire = ask_expire_interval();
@ -1933,9 +2036,9 @@ generate_subkeypair( KBNODE pub_keyblock, KBNODE sec_keyblock )
rc = do_create( algo, nbits, pub_keyblock, sec_keyblock,
dek, s2k, NULL, expire );
if( !rc )
rc = write_keybinding(pub_keyblock, pub_keyblock, sk);
rc = write_keybinding(pub_keyblock, pub_keyblock, sk, usage);
if( !rc )
rc = write_keybinding(sec_keyblock, pub_keyblock, sk);
rc = write_keybinding(sec_keyblock, pub_keyblock, sk, usage);
if( !rc ) {
okay = 1;
write_status_text (STATUS_KEY_CREATED, "S");

2
g10/seskey.c
View File

@ -183,7 +183,7 @@ do_encode_md( MD_HANDLE md, int algo, size_t len, unsigned nbits,
* Encode a message digest into an MPI.
* v3compathack is used to work around a bug in old GnuPG versions
* which did put the algo identifier inseatd of the block type 1 into
* the encoded value. setting this vare force the old behaviour.
* the encoded value. Setting this flag forces the old behaviour.
*/
MPI
encode_md_value( int pubkey_algo, MD_HANDLE md, int hash_algo,

4
scripts/ChangeLog
View File

@ -1,3 +1,7 @@
2001-08-13 Werner Koch <wk@gnupg.org>
* autogen.sh: Test on gettext 0.10.38. By Michael Engels.
2001-08-07 Werner Koch <wk@gnupg.org>
* autogen.sh: Adjusted --build-w32 for autoconf 2.52

4
scripts/autogen.sh
View File

@ -117,11 +117,11 @@ fi
if (gettext --version </dev/null 2>/dev/null | awk 'NR==1 { split($4,A,"\."); \
X=10000*A[1]+100*A[2]+A[3]; echo X; if( X >= 1035 ) exit 1; exit 0}')
X=10000*A[1]+100*A[2]+A[3]; echo X; if( X >= 1038 ) exit 1; exit 0}')
then
echo "**Error**: You must have "\`gettext\'" installed to compile $PGM."
echo ' (version 0.10.35 or newer is required; get'
echo ' ftp://alpha.gnu.org/gnu/gettext-0.10.35.tar.gz'
echo ' ftp://alpha.gnu.org/gnu/gettext/gettext-0.10.38.tar.gz'
echo ' or install the latest Debian package)'
DIE="yes"
fi