Added RSA key generation

2025-04-17 15:44:34 +02:00 · 2001-08-14 11:33:49 +00:00 · 2001-08-14 11:33:49 +00:00 · aa1514852a
commit aa1514852a
parent dc718d704f
12 changed files with 212 additions and 67 deletions
--- a/2
+++ b/2
@ -19,6 +19,8 @@
    * Fixed the preference handling; since 1.0.5 they were erroneously
      matched against against the latest user ID and not the given one.
    * RSA key generation.
 Noteworthy changes in version 1.0.6 (2001-05-29)
 ------------------------------------------------
--- a/1
+++ b/1
@ -120,6 +120,7 @@ Matthew Skala		   mskala@ansuz.sooke.bc.ca
 Matthew Wilcox             matthew@wil.cx
 Matthias Urlichs	   smurf@noris.de
 Max Valianskiy		   maxcom@maxcom.ml.org
 Michael Engels             michael.engels@uni-duesseldorf.de
 Michael Fischer v. Mollard mfvm@gmx.de
 Michael Roth		   mroth@nessie.de
 Michael Sobolev 	   mss@despair.transas.com
--- a/11
+++ b/11
@ -1,11 +1,8 @@
  * add listing of notation data
-  * Make sure that we only update the latest self-signatures.
+  * Check the changes to the gpg random gatherer on all W32 platforms.
  * Check the changes to the gpg random agtherer on all W32 platforms.
  * Check that a key signature can be revoked and later be signed again.
  * Put a note into readme.w32 that there is a man page and a options
    file;  write the registry stuff in regedit format.
@ -34,14 +31,14 @@
    add a real grammar to the code in mainproc.c
  * option to set the signature expiration time for key sigs.
    Rework the way we create signature subpackets - the current code
    is not easy to understand.
  * Option to warn when a non MDC message is decrypted?
  * If there is no secure memory, allocate more memory for the secure
    memory block or do it in all cases.
  * add a way to set expiration time for key signatures.
  * add some minor things vor VMS.
  * Don't get the ultimately trusted keys from the secring but store
--- a/doc/DETAILS
+++ b/doc/DETAILS
@ -366,11 +366,18 @@ The format of this file is as follows:
 	This is a required parameter.
     Key-Length: <length-in-bits>
 	Length of the key in bits.  Default is 1024.
     Key-Usage: <usage-list>
        Space or comma delimited list of key usage, allowed values are
        "encrypt" and "sign".  This is used to generate the key flags
        and must match the algorithm.
     Subkey-Type: <algo-number>|<algo-string>
 	This generates a secondary key.  Currently only one subkey
 	can be handled.
     Subkey-Length: <length-in-bits>
 	Length of the subkey in bits.  Default is 1024.
     Subkey-Usage: <usage-list>
        Similar to Key-Usage.
     Passphrase: <string>
 	If you want to specify a passphrase for the secret key,
 	enter it here.	Default is not to use any passphrase.
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,28 @@
 2001-08-14  Werner Koch  <wk@gnupg.org>
 	* keygen.c (ask_algo): New arg r_usage.  Allow for RSA keys.
 	(gen_rsa): Enabled the code.
 	(do_create): Enabled RSA branch.
 	(parse_parameter_usage): New.
 	(proc_parameter_file): Handle usage parameter.
 	(read_parameter_file): Ditto.
 	(generate_keypair): Ditto.
 	(generate_subkeypair): Ditto.
 	(do_generate_keypair): Ditto.
 	(do_add_key_flags): New.
 	(keygen_add_std_prefs): Use the new function.
 	(keygen_add_key_flags_and_expire): New.
 	(write_selfsig, write_keybinding): Handle new usage arg.
 	* build-packet.c (build_sig_subpkt): Make sure that key flags go
 	into the hashed area.
 	* keygen.c (write_uid): Initialize the reference cunter.
 	* keyedit.c (keyedit_menu): No more need to update the trustdb for
 	preferences.  Added calls to merge keblock.
 	* kbnode.c (dump_kbnode): Print some more flags.
 2001-08-10  Werner Koch  <wk@gnupg.org>
        Revamped the preference handling.
--- a/g10/build-packet.c
+++ b/g10/build-packet.c
@ -782,6 +782,7 @@ build_sig_subpkt (PKT_signature *sig, sigsubpkttype_t type,
      case SIGSUBPKT_POLICY:
      case SIGSUBPKT_REVOC_REASON:
      case SIGSUBPKT_PRIMARY_UID:
      case SIGSUBPKT_KEY_FLAGS:
 	       hashed = 1; break;
      default: hashed = 0; break;
    }
--- a/g10/kbnode.c
+++ b/g10/kbnode.c
@ -362,10 +362,14 @@ dump_kbnode( KBNODE node )
 	fprintf(stderr, "node %p %02x/%02x type=%s",
 		node, node->flag, node->private_flag, s);
 	if( node->pkt->pkttype == PKT_USER_ID ) {
            PKT_user_id *uid = node->pkt->pkt.user_id;
 	    fputs("  \"", stderr);
-	    print_string( stderr, node->pkt->pkt.user_id->name,
+	    print_string( stderr, uid->name, uid->len, 0 );
-				  node->pkt->pkt.user_id->len, 0 );
+	    fprintf (stderr, "\" .%c%c%c\n",
-	    fputs("\"\n", stderr);
+                     /* we don't have a expired flag */
                     uid->is_revoked? 'r':'.',
                     uid->created?    'v':'.',
                     uid->is_primary? 'p':'.' );
 	}
 	else if( node->pkt->pkttype == PKT_SIGNATURE ) {
 	    fprintf(stderr, "  class=%02x keyid=%08lX ts=%lu\n",
@ -380,8 +384,13 @@ dump_kbnode( KBNODE node )
 	}
 	else if( node->pkt->pkttype == PKT_PUBLIC_KEY
 		 || node->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
-	    fprintf(stderr, "  keyid=%08lX\n", (ulong)
+            PKT_public_key *pk = node->pkt->pkt.public_key;
-		  keyid_from_pk( node->pkt->pkt.public_key, NULL ));
+	    fprintf(stderr, "  keyid=%08lX a=%d u=%d %c%c%c\n",
                    (ulong)keyid_from_pk( pk, NULL ),
                    pk->pubkey_algo, pk->pubkey_usage,
                    pk->has_expired? 'e':'.',  
                    pk->is_revoked?  'r':'.',  
                    pk->is_valid?    'v':'.' );
 	}
 	else
 	    fputs("\n", stderr);
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@ -819,14 +819,8 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
 	    if( menu_adduid( keyblock, sec_keyblock ) ) {
 		redisplay = 1;
 		sec_modified = modified = 1;
-		/* must update the trustdb already here, so that preferences
+		merge_keys_and_selfsig( sec_keyblock );
-		 * get listed correctly */
+		merge_keys_and_selfsig( keyblock );
 		rc = update_trust_record( keyblock, 0, NULL );
 		if( rc ) {
 		    log_error(_("update of trustdb failed: %s\n"),
 				g10_errstr(rc) );
 		    rc = 0;
 		}
 	    }
 	    break;
@ -868,6 +862,8 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
 	    if( generate_subkeypair( keyblock, sec_keyblock ) ) {
 		redisplay = 1;
 		sec_modified = modified = 1;
 		merge_keys_and_selfsig( sec_keyblock );
 		merge_keys_and_selfsig( keyblock );
 	    }
 	    break;
@ -1284,7 +1280,7 @@ show_fingerprint( PKT_public_key *pk )
 /****************
- * Ask for a new user id , do the selfsignature and put it into
+ * Ask for a new user id, do the selfsignature and put it into
 * both keyblocks.
 * Return true if there is a new user id
 */
--- a/g10/keygen.c
+++ b/g10/keygen.c
@ -41,8 +41,10 @@
 enum para_name {
  pKEYTYPE,
  pKEYLENGTH,
  pKEYUSAGE,
  pSUBKEYTYPE,
  pSUBKEYLENGTH,
  pSUBKEYUSAGE,
  pNAMEREAL,
  pNAMEEMAIL,
  pNAMECOMMENT,
@ -60,10 +62,11 @@ struct para_data_s {
    int lnr;
    enum para_name key;
    union {
-       DEK *dek;
+        DEK *dek;
-       STRING2KEY *s2k;
+        STRING2KEY *s2k;
-       u32 expire;
+        u32 expire;
-       char value[1];
+        unsigned int usage; 
        char value[1];
    } u;
 };
@ -86,6 +89,12 @@ struct output_control_s {
 };
 struct opaque_data_usage_and_pk {
    unsigned int usage;
    PKT_public_key *pk;
 };
 static int prefs_initialized = 0;
 static byte sym_prefs[MAX_PREFS];
 static int nsym_prefs;
@ -109,10 +118,26 @@ write_uid( KBNODE root, const char *s )
    pkt->pkttype = PKT_USER_ID;
    pkt->pkt.user_id = m_alloc_clear( sizeof *pkt->pkt.user_id + n - 1 );
    pkt->pkt.user_id->len = n;
    pkt->pkt.user_id->ref = 1;
    strcpy(pkt->pkt.user_id->name, s);
    add_kbnode( root, new_kbnode( pkt ) );
 }
 static void
 do_add_key_flags (PKT_signature *sig, unsigned int usage)
 {
    byte buf[1];
    if (!usage) 
        return;
    buf[0] = 0;
    if (usage & PUBKEY_USAGE_SIG)
        buf[0] |= 0x01 | 0x02;
    if (usage & PUBKEY_USAGE_ENC)
        buf[0] |= 0x04 | 0x08;
    build_sig_subpkt (sig, SIGSUBPKT_KEY_FLAGS, buf, 1);
 }
 int
@ -135,7 +160,14 @@ keygen_add_key_expire( PKT_signature *sig, void *opaque )
    return 0;
 }
 static int
 keygen_add_key_flags_and_expire (PKT_signature *sig, void *opaque)
 {
    struct opaque_data_usage_and_pk *oduap = opaque;
    do_add_key_flags (sig, oduap->usage);
    return keygen_add_key_expire (sig, oduap->pk);
 }
 static int
 set_one_pref (ulong val, int type, int (*cf)(int), byte *buf, int *nbuf)
@ -277,8 +309,10 @@ keygen_upd_std_prefs( PKT_signature *sig, void *opaque )
 int
 keygen_add_std_prefs( PKT_signature *sig, void *opaque )
 {
    PKT_public_key *pk = opaque;
    byte buf[8];
    do_add_key_flags (sig, pk->pubkey_usage);
    keygen_add_key_expire( sig, opaque );
    keygen_upd_std_prefs (sig, opaque);
@ -294,9 +328,9 @@ keygen_add_std_prefs( PKT_signature *sig, void *opaque )
 }
 static int
-write_selfsig( KBNODE root, KBNODE pub_root, PKT_secret_key *sk )
+write_selfsig( KBNODE root, KBNODE pub_root, PKT_secret_key *sk,
               unsigned int usage )
 {
    PACKET *pkt;
    PKT_signature *sig;
@ -318,13 +352,14 @@ write_selfsig( KBNODE root, KBNODE pub_root, PKT_secret_key *sk )
    if( !node )
 	BUG();
    pk = node->pkt->pkt.public_key;
    pk->pubkey_usage = usage;
    /* we have to cache the key, so that the verification of the signature
     * creation is able to retrieve the public key */
    cache_public_key (pk);
    /* and make the signature */
    rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x13, 0, 0,
-			     keygen_add_std_prefs, pk );
+        		     keygen_add_std_prefs, pk );
    if( rc ) {
 	log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );
 	return rc;
@ -338,13 +373,15 @@ write_selfsig( KBNODE root, KBNODE pub_root, PKT_secret_key *sk )
 }
 static int
-write_keybinding( KBNODE root, KBNODE pub_root, PKT_secret_key *sk )
+write_keybinding( KBNODE root, KBNODE pub_root, PKT_secret_key *sk,
                  unsigned int usage )
 {
    PACKET *pkt;
    PKT_signature *sig;
    int rc=0;
    KBNODE node;
    PKT_public_key *pk, *subpk;
    struct opaque_data_usage_and_pk oduap;
    if( opt.verbose )
 	log_info(_("writing key binding signature\n"));
@ -368,8 +405,10 @@ write_keybinding( KBNODE root, KBNODE pub_root, PKT_secret_key *sk )
 	BUG();
    /* and make the signature */
    oduap.usage = usage;
    oduap.pk = subpk;
    rc = make_keysig_packet( &sig, pk, NULL, subpk, sk, 0x18, 0, 0,
-				    keygen_add_key_expire, subpk );
+        		     keygen_add_key_flags_and_expire, &oduap );
    if( rc ) {
 	log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );
 	return rc;
@ -555,11 +594,10 @@ gen_dsa(unsigned int nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
    return 0;
 }
-#if 0
+
-/* we can't enable generation right now, becuase we first need to
+/* 
- * implement the keyflags - the problem is that we need to change all
+ * Generate an RSA key.
- * signature editing function to keep the ketflags associated with an
+ */
 * RSA key.  */
 static int
 gen_rsa(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
 	STRING2KEY *s2k, PKT_secret_key **ret_sk, u32 expireval )
@ -568,7 +606,7 @@ gen_rsa(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
    PACKET *pkt;
    PKT_secret_key *sk;
    PKT_public_key *pk;
-    MPI skey[4];
+    MPI skey[6];
    MPI *factors;
    assert( is_RSA(algo) );
@ -639,7 +677,6 @@ gen_rsa(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
    return 0;
 }
 #endif
 /****************
@ -672,13 +709,15 @@ check_valid_days( const char *s )
 /****************
 * Returns: 0 to create both a DSA and a ElGamal key.
 *          and only if key flags are to be written the desired usage.
 */
 static int
-ask_algo( int addmode )
+ask_algo (int addmode, unsigned int *r_usage)
 {
    char *answer;
    int algo;
    *r_usage = 0;
    tty_printf(_("Please select what kind of key you want:\n"));
    if( !addmode )
 	tty_printf(_("   (%d) DSA and ElGamal (default)\n"), 1 );
@ -686,9 +725,9 @@ ask_algo( int addmode )
    if( addmode )
 	tty_printf(    _("   (%d) ElGamal (encrypt only)\n"), 3 );
    tty_printf(    _("   (%d) ElGamal (sign and encrypt)\n"), 4 );
-  #if 0
+    tty_printf(    _("   (%d) RSA (sign only)\n"), 5 );
-    tty_printf(    _("   (%d) RSA (sign and encrypt)\n"), 5 );
+    if (addmode)
-  #endif
+        tty_printf(    _("   (%d) RSA (encrypt only)\n"), 6 );
    for(;;) {
 	answer = cpr_get("keygen.algo",_("Your selection? "));
@ -699,15 +738,16 @@ ask_algo( int addmode )
 	    algo = 0;	/* create both keys */
 	    break;
 	}
-      #if 0
+	else if( algo == 6 && addmode ) {
-	else if( algo == 5 ) {
+	    algo = PUBKEY_ALGO_RSA;
-	    if( cpr_get_answer_is_yes("keygen.algo.rsa_se",_(
+            *r_usage = PUBKEY_USAGE_ENC;
-		"Do you really want to create a sign and encrypt key? "))) {
+	    break;
-		algo = PUBKEY_ALGO_RSA;
+	}
-		break;
+	else if( algo == 5 ) {
-	    }
+	    algo = PUBKEY_ALGO_RSA;
            *r_usage = PUBKEY_USAGE_SIG;
 	    break;
 	}
      #endif
 	else if( algo == 4 ) {
 	    if( cpr_get_answer_is_yes("keygen.algo.elg_se",_(
 		"The use of this algorithm is deprecated - create anyway? "))){
@ -1117,7 +1157,7 @@ ask_passphrase( STRING2KEY **ret_s2k )
 static int
-do_create( int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root,
+do_create( int algo, unsigned int nbits, KBNODE pub_root, KBNODE sec_root,
 	   DEK *dek, STRING2KEY *s2k, PKT_secret_key **sk, u32 expiredate )
 {
    int rc=0;
@ -1133,10 +1173,8 @@ do_create( int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root,
 	rc = gen_elg(algo, nbits, pub_root, sec_root, dek, s2k, sk, expiredate);
    else if( algo == PUBKEY_ALGO_DSA )
 	rc = gen_dsa(nbits, pub_root, sec_root, dek, s2k, sk, expiredate);
  #if 0
    else if( algo == PUBKEY_ALGO_RSA )
 	rc = gen_rsa(algo, nbits, pub_root, sec_root, dek, s2k, sk, expiredate);
  #endif
    else
 	BUG();
@ -1219,6 +1257,38 @@ get_parameter_algo( struct para_data_s *para, enum para_name key )
    return string_to_pubkey_algo( r->u.value );
 }
 /* 
 * parse the usage parameter and set the keyflags.  Return true on error.
 */
 static int
 parse_parameter_usage (const char *fname,
                       struct para_data_s *para, enum para_name key)
 {
    struct para_data_s *r = get_parameter( para, key );
    char *p, *pn;
    unsigned int usage;
    if( !r )
 	return 0; /* none (this is an optional parameter)*/
    usage = 0;
    pn = r->u.value;
    while ( (p = strsep (&pn, " \t,")) ) {
        if ( !*p)
            ;
        else if ( !ascii_strcasecmp (p, "sign") )
            usage |= PUBKEY_USAGE_SIG;
        else if ( !ascii_strcasecmp (p, "encrypt") )
            usage |= PUBKEY_USAGE_ENC;
        else {
            log_error("%s:%d: invalid usage list\n", fname, r->lnr );
            return -1; /* error */
        }
    }
    r->u.usage = usage;
    return 0;
 }
 static u32
 get_parameter_u32( struct para_data_s *para, enum para_name key )
@ -1229,6 +1299,8 @@ get_parameter_u32( struct para_data_s *para, enum para_name key )
 	return 0;
    if( r->key == pKEYEXPIRE || r->key == pSUBKEYEXPIRE )
 	return r->u.expire;
    if( r->key == pKEYUSAGE || r->key == pSUBKEYUSAGE )
 	return r->u.usage;
    return (unsigned int)strtoul( r->u.value, NULL, 10 );
 }
@ -1256,7 +1328,7 @@ get_parameter_s2k( struct para_data_s *para, enum para_name key )
 static int
 proc_parameter_file( struct para_data_s *para, const char *fname,
-				       struct output_control_s *outctrl )
+                     struct output_control_s *outctrl )
 {
    struct para_data_s *r;
    const char *s1, *s2, *s3;
@ -1273,12 +1345,18 @@ proc_parameter_file( struct para_data_s *para, const char *fname,
 	return -1;
    }
    if (parse_parameter_usage (fname, para, pKEYUSAGE))
        return -1;
    i = get_parameter_algo( para, pSUBKEYTYPE );
-    if( i > 1 && check_pubkey_algo( i ) ) {
+    if( i > 0 && check_pubkey_algo( i ) ) {
 	r = get_parameter( para, pSUBKEYTYPE );
 	log_error("%s:%d: invalid algorithm\n", fname, r->lnr );
 	return -1;
    }
    if (i > 0 && parse_parameter_usage (fname, para, pSUBKEYUSAGE))
        return -1;
    if( !get_parameter_value( para, pUSERID ) ) {
 	/* create the formatted user ID */
@ -1372,8 +1450,10 @@ read_parameter_file( const char *fname )
    } keywords[] = {
 	{ "Key-Type",       pKEYTYPE},
 	{ "Key-Length",     pKEYLENGTH },
 	{ "Key-Usage",      pKEYUSAGE },
 	{ "Subkey-Type",    pSUBKEYTYPE },
 	{ "Subkey-Length",  pSUBKEYLENGTH },
 	{ "Subkey-Usage",   pSUBKEYUSAGE },
 	{ "Name-Real",      pNAMEREAL },
 	{ "Name-Email",     pNAMEEMAIL },
 	{ "Name-Comment",   pNAMECOMMENT },
@ -1552,6 +1632,7 @@ generate_keypair( const char *fname )
    DEK *dek;
    STRING2KEY *s2k;
    int algo;
    unsigned int usage;
    int both = 0;
    u32 expire;
    struct para_data_s *para = NULL;
@ -1565,7 +1646,7 @@ generate_keypair( const char *fname )
 	return;
    }
-    algo = ask_algo( 0 );
+    algo = ask_algo( 0, &usage );
    if( !algo ) { /* default: DSA with ElG subkey of the specified size */
 	both = 1;
 	r = m_alloc_clear( sizeof *r + 20 );
@ -1593,6 +1674,17 @@ generate_keypair( const char *fname )
 	sprintf( r->u.value, "%d", algo );
 	r->next = para;
 	para = r;
        if (usage) {
            r = m_alloc_clear( sizeof *r + 20 );
            r->key = pKEYUSAGE;
            sprintf( r->u.value, "%s%s",
                     (usage & PUBKEY_USAGE_SIG)? "sign ":"",
                     (usage & PUBKEY_USAGE_ENC)? "encrypt ":"" );
            r->next = para;
            para = r;
        }
    }
    nbits = ask_keysize( algo );
@ -1738,9 +1830,11 @@ do_generate_keypair( struct para_data_s *para,
 	if( !rc )
 	    write_uid(sec_root, s );
 	if( !rc )
-	    rc = write_selfsig(pub_root, pub_root, sk);
+	    rc = write_selfsig(pub_root, pub_root, sk,
                               get_parameter_uint (para, pKEYUSAGE));
 	if( !rc )
-	    rc = write_selfsig(sec_root, pub_root, sk);
+	    rc = write_selfsig(sec_root, pub_root, sk,
                               get_parameter_uint (para, pKEYUSAGE));
    }
    if( get_parameter( para, pSUBKEYTYPE ) ) {
@ -1752,9 +1846,11 @@ do_generate_keypair( struct para_data_s *para,
 			NULL,
 			get_parameter_u32( para, pSUBKEYEXPIRE ) );
 	if( !rc )
-	    rc = write_keybinding(pub_root, pub_root, sk);
+	    rc = write_keybinding(pub_root, pub_root, sk,
               			  get_parameter_uint (para, pSUBKEYUSAGE));
 	if( !rc )
-	    rc = write_keybinding(sec_root, pub_root, sk);
+	    rc = write_keybinding(sec_root, pub_root, sk,
               			  get_parameter_uint (para, pSUBKEYUSAGE));
        did_sub = 1;
    }
@ -1811,10 +1907,16 @@ do_generate_keypair( struct para_data_s *para,
 	else if( (rc=insert_keyblock( &sec_kbpos, sec_root )) )
 	    log_error("can't write secret key: %s\n", g10_errstr(rc) );
 	else {
            int no_enc_rsa =
                get_parameter_algo(para, pKEYTYPE) == PUBKEY_ALGO_RSA
                && get_parameter_uint( para, pKEYUSAGE )
                && !(get_parameter_uint( para,pKEYUSAGE) & PUBKEY_USAGE_ENC);
 	    if( !opt.batch )
 		 tty_printf(_("public and secret key created and signed.\n") );
 	    if( !opt.batch
-		&& get_parameter_algo( para, pKEYTYPE ) == PUBKEY_ALGO_DSA
+		&& ( get_parameter_algo( para, pKEYTYPE ) == PUBKEY_ALGO_DSA
                     || no_enc_rsa )
 		&& !get_parameter( para, pSUBKEYTYPE ) )
 	    {
 		tty_printf(_("Note that this key cannot be used for "
@ -1861,6 +1963,7 @@ generate_subkeypair( KBNODE pub_keyblock, KBNODE sec_keyblock )
    KBNODE node;
    PKT_secret_key *sk = NULL; /* this is the primary sk */
    int algo;
    unsigned int usage;
    u32 expire;
    unsigned nbits;
    char *passphrase = NULL;
@ -1914,7 +2017,7 @@ generate_subkeypair( KBNODE pub_keyblock, KBNODE sec_keyblock )
 	goto leave;
-    algo = ask_algo( 1 );
+    algo = ask_algo( 1, &usage );
    assert(algo);
    nbits = ask_keysize( algo );
    expire = ask_expire_interval();
@ -1933,9 +2036,9 @@ generate_subkeypair( KBNODE pub_keyblock, KBNODE sec_keyblock )
    rc = do_create( algo, nbits, pub_keyblock, sec_keyblock,
 				      dek, s2k, NULL, expire );
    if( !rc )
-	rc = write_keybinding(pub_keyblock, pub_keyblock, sk);
+	rc = write_keybinding(pub_keyblock, pub_keyblock, sk, usage);
    if( !rc )
-	rc = write_keybinding(sec_keyblock, pub_keyblock, sk);
+	rc = write_keybinding(sec_keyblock, pub_keyblock, sk, usage);
    if( !rc ) {
 	okay = 1;
        write_status_text (STATUS_KEY_CREATED, "S");
--- a/g10/seskey.c
+++ b/g10/seskey.c
@ -183,7 +183,7 @@ do_encode_md( MD_HANDLE md, int algo, size_t len, unsigned nbits,
 * Encode a message digest into an MPI.
 * v3compathack is used to work around a bug in old GnuPG versions
 * which did put the algo identifier inseatd of the block type 1 into
- * the encoded value.  setting this vare force the old behaviour.
+ * the encoded value.  Setting this flag forces the old behaviour.
 */
 MPI
 encode_md_value( int pubkey_algo, MD_HANDLE md, int hash_algo,
--- a/scripts/ChangeLog
+++ b/scripts/ChangeLog
@ -1,3 +1,7 @@
 2001-08-13  Werner Koch  <wk@gnupg.org>
 	* autogen.sh: Test on gettext 0.10.38. By Michael Engels.
 2001-08-07  Werner Koch  <wk@gnupg.org>
 	* autogen.sh: Adjusted --build-w32 for autoconf 2.52 
--- a/scripts/autogen.sh
+++ b/scripts/autogen.sh
@ -117,11 +117,11 @@ fi
 if (gettext --version </dev/null 2>/dev/null | awk 'NR==1 { split($4,A,"\."); \
-    X=10000*A[1]+100*A[2]+A[3]; echo X; if( X >= 1035 ) exit 1; exit 0}')
+    X=10000*A[1]+100*A[2]+A[3]; echo X; if( X >= 1038 ) exit 1; exit 0}')
    then
    echo "**Error**: You must have "\`gettext\'" installed to compile $PGM."
    echo '           (version 0.10.35 or newer is required; get'
-    echo '            ftp://alpha.gnu.org/gnu/gettext-0.10.35.tar.gz'
+    echo '            ftp://alpha.gnu.org/gnu/gettext/gettext-0.10.38.tar.gz'
    echo '            or install the latest Debian package)'
    DIE="yes"
 fi