security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

.

This commit is contained in:
Werner Koch 1998-09-18 15:24:53 +00:00
parent 17c023bf69
commit b4aeef458c
38 changed files with 447 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
AUTHORS
View File

@ -3,16 +3,18 @@ Authors of GNU Privacy Guard (gnupg).
Werner Koch. Designed and implemented gnupg.
GPG Matthew Skala 1998-08-10
GNUPG Matthew Skala 1998-08-10
Disclaims changes (Twofish code).
mskala@ansuz.sooke.bc.ca
GPG Natural Resources Canada 1998-08-11
GNUPG Natural Resources Canada 1998-08-11
Disclaims changes by Matthew Skala.
GPG Niklas Hernaeus ??????????
GNUPG Niklas Hernaeus ??????????
(Weak key patches)
GNUPG Michael Roth ??????????
(DES code)
TRANSLATIONS Marco d'Itri 1997-02-22
Disclaim

5
ChangeLog
View File

@ -1,3 +1,8 @@
Thu Sep 17 18:49:40 1998 Werner Koch (wk@(none))
* Makefile.am (dist-hook): Now creates RPM file.
* scripts/gnupg.spec: New template file for RPMs
Thu Jul 30 19:17:07 1998 Werner Koch (wk@(none))
* acinclude.h (WK_CHECK_IPC): New

10
INSTALL
View File

@ -77,12 +77,22 @@ You can create them with:
Installation
============
gpg is not installed as suid:root; if you want to do it, do it manually.
We will use capabilities in the future.
The ~/.gnupg directory will be created if it does not exist. Your first
action should be to create a key pair: "gpg --gen-key".
Creating a RPM package
======================
The file scripts/gnupg-x.x.x.spec is used to build a RPM package:
1. As root, copy the spec file into /usr/src/redhat/SPECS
2. copy the tar file into /usr/src/redhat/SOURCES
3. type: rpm -ba SPECS/gnupg-x.x.x.spec
Basic Installation
==================

3
Makefile.am
View File

@ -13,5 +13,8 @@ dist-hook:
|| cp -p $(srcdir)/$$dir/$$i $(distdir)/$$dir/$$i; \
done ; \
done
@set -e; \
sed -e 's/@pkg_version@/$(VERSION)/g' $(srcdir)/scripts/gnupg.spec \
> $(distdir)/scripts/gnupg-$(VERSION).spec

15
NEWS
View File

@ -1,3 +1,18 @@
Noteworthy changes in version 0.4.0
-----------------------------------
* Triple DES is now supported. Michael Roth did this piece of
needed work. We have now all the coded needed to be OpenPGP
compliant.
* Added a simple rpm spec file (see INSTALL).
* detached and armored signatures are now using "PGP SIGNATURE",
except when --rfc1991 is used.
* All times which are not in the yyy-mm-dd format are now printed
in local time.
Noteworthy changes in version 0.3.5
-----------------------------------
* New option --throw-keyid to create anonymous enciphered messages.

17
README
View File

@ -2,12 +2,7 @@
GNUPG - The GNU Privacy Guard
-------------------------------
Version 0.3
WARNING: IF YOU ARE ALREADY USING GNUPG YOU SHOULD NOW MAKE A BACKUP
OF "gpg" BECAUSE YOU NEED IT TO CONVERT YOUR PASSPHRASE AND OTHER
THINGS - SEE "NEWS"!
Version 0.4
As you can see from the version number, the program may have some
bugs and some features may not work at all - please report this to
@ -336,11 +331,11 @@
please subscribe before posting).
-----BEGIN PGP SIGNATURE-----
Version: GNUPG v0.3.2b (GNU/Linux)
Version: GNUPG v0.3.5a (GNU/Linux)
Comment: Get GNUPG from ftp://ftp.guug.de/pub/gcrypt/
iQB1AwUBNcy3yh0Z9MEMmFelAQEUXwMAg8h8GaecR1jWVwCqaWO4oGCyWgaxvi0yfQR1Y1GC
j6Hpo5Hwa3d2UAYETL3M42/M32uxe0Wh8PMgLTWTfhV9XjwxCNg3BBDm2Zb5Enpr9UEIFOdN
OCV3J4gED4jXDOtO
=oPV/
iQB1AwUBNgJ6bB0Z9MEMmFelAQEBHgL+JhFVCrTAK2G3NVVVQBHXU5eucNx3tQQE3UucvSBA
YaKfX8dC5QU7wfgv8nFBXMK2mnAcJhJzBT6mZwxpzTZZTh7IS4qu//R9Vgy3A06ZddxKFf2M
YFelmgdpqTL6ntJC
=JZ3m
-----END PGP SIGNATURE-----

3
THANKS
View File

@ -27,6 +27,8 @@ Mark Adler madler@alumni.caltech.edu
Martin Schulte schulte@thp.uni-koeln.de
Matthew Skala mskala@ansuz.sooke.bc.ca
Max Valianskiy maxcom@maxcom.ml.org
Michael Roth mroth@nessie.de
Michael Sobolev mss@despair.transas.com
Nicolas Graner Nicolas.Graner@cri.u-psud.fr
Niklas Hernaeus nh@sleipner.df.lth.se
Nimrod Zimerman zimerman@forfree.at
@ -37,6 +39,7 @@ QingLong qinglong@bolizm.ihep.su
Ralph Gillen gillen@theochem.uni-duesseldorf.de
Serge Munhoven munhoven@mema.ucl.ac.be
Steffen Ullrich ccrlphr@xensei.com
Steffen Zahn Steffen.Zahn@oen.siemens.de
Thomas Roessler roessler@guug.de
Tom Spindler dogcow@home.merit.edu
Tom Zerucha tzeruch@ceddec.com

5
TODO
View File

@ -1,6 +1,4 @@
* localize asctime()
* if --libdir is used, the extensions are put in a wrong place.
How does GNOME handle this or make a new option for this directory.
@ -13,8 +11,6 @@
* add test cases for invalid data (scrambled armor or other random data)
* fix the expire stuff for v4 packets.
* add some sanity checks to read_keyblock, so that we are sure that
the minimal requirements are met (?)
@ -52,4 +48,5 @@
* Use "user ID", "trustdb" and "WARNING".
* armor.c cannot handle concatenated armored messages.
at least it should be possible to do this for "KEY BLOCK"

2
VERSION
View File

@ -1 +1 @@
0.3.5a
0.4.0

2
acconfig.h
View File

@ -64,6 +64,8 @@
#undef HAVE_U16_TYPEDEF
#undef HAVE_U32_TYPEDEF
#undef HAVE_BROKEN_MLOCK
/* One of the following macros is defined to select which of
* the cipher/rand-xxxx.c should be used */
#undef USE_RAND_DUMMY

44
acinclude.m4
View File

@ -154,6 +154,50 @@ define(WK_CHECK_IPC,
])
######################################################################
# Check whether mlock is broken (hpux 10.20 raises a SIGBUS if mlock
# is not called from uid 0 (not tested whether uid 0 works)
######################################################################
dnl WK_CHECK_MLOCK
dnl
define(WK_CHECK_MLOCK,
[ AC_CHECK_FUNCS(mlock)
if test "$ac_cv_func_mlock" = "yes"; then
AC_MSG_CHECKING(whether mlock is broken)
AC_TRY_RUN([
#include <unistd.h>
#include <errno.h>
#include <sys/mman.h>
#include <sys/types.h>
#include <fcntl.h>
int main()
{
char *pool;
int err;
long int pgsize = getpagesize();
pool = malloc( 4096 + pgsize );
if( !pool )
return 2;
pool += (pgsize - ((long int)pool % pgsize));
err = mlock( pool, 4096 );
if( !err || errno == EPERM )
return 0; /* okay */
return 1; /* hmmm */
}
],
AC_MSG_RESULT(no),
AC_DEFINE(HAVE_BROKEN_MLOCK)
AC_MSG_RESULT(yes),
AC_MSG_RESULT(assuming no))
fi
])
######################################################################
# progtest.m4 from gettext 0.35
######################################################################

6
checks/conventional.test
View File

@ -14,4 +14,10 @@ for i in plain-1 data-80000 ; do
echo "Hier spricht HAL" | $srcdir/run-gpg --passphrase-fd 0 -o y --yes x
cmp $i y || error "$i: mismatch"
done
for i in plain-1 data-80000 ; do
echo "Hier spricht HAL" | $srcdir/run-gpg --passphrase-fd 0 \
--cipher-algo 3des -c -o x --yes $i
echo "Hier spricht HAL" | $srcdir/run-gpg --passphrase-fd 0 -o y --yes x
cmp $i y || error "$i: mismatch"
done

4
cipher/ChangeLog
View File

@ -1,3 +1,7 @@
Thu Sep 17 19:00:06 1998 Werner Koch (wk@(none))
* des.c : New file from Michael Roth <mroth@nessie.de>
Mon Sep 14 11:10:55 1998 Werner Koch (wk@(none))
* blowfish.c (bf_setkey): Niklas Hernaeus patch to detect weak keys.

2
cipher/Makefile.am
View File

@ -17,6 +17,8 @@ libcipher_a_SOURCES = cipher.c \
md.c \
dynload.c \
dynload.h \
des.c \
des.h \
blowfish.c \
blowfish.h \
cast5.c \

12
cipher/cipher.c
View File

@ -29,6 +29,7 @@
#include "util.h"
#include "errors.h"
#include "cipher.h"
#include "des.h"
#include "blowfish.h"
#include "cast5.h"
#include "dynload.h"
@ -106,6 +107,17 @@ setup_cipher_table()
if( !cipher_table[i].name )
BUG();
i++;
cipher_table[i].algo = CIPHER_ALGO_3DES;
cipher_table[i].name = des_get_info( cipher_table[i].algo,
&cipher_table[i].keylen,
&cipher_table[i].blocksize,
&cipher_table[i].contextsize,
&cipher_table[i].setkey,
&cipher_table[i].encrypt,
&cipher_table[i].decrypt );
if( !cipher_table[i].name )
BUG();
i++;
cipher_table[i].algo = CIPHER_ALGO_BLOWFISH160;
cipher_table[i].name = blowfish_get_info( cipher_table[i].algo,
&cipher_table[i].keylen,

119
cipher/des.c
View File

@ -112,14 +112,39 @@
*/
#include <config.h>
#include <string.h> /* memcpy, memcmp */
#include <assert.h>
#include "types.h" /* for byte and u32 typedefs */
#include "util.h" /* for log_fatal() */
#include "des.h"
/* Some defines/checks to support standalone modules */
#ifndef CIPHER_ALGO_3DES
#define CIPHER_ALGO_3DES 2
#elif CIPHER_ALGO_3DES != 2
#error CIPHER_ALGO_3DES is defined to a wrong value.
#endif
#ifndef G10ERR_WEAK_KEY
#define G10ERR_WEAK_KEY 43
#elif G10ERR_WEAK_KEY != 43
#error G10ERR_WEAK_KEY is defined to a wrong value.
#endif
#ifndef G10ERR_WRONG_KEYLEN
#define G10ERR_WRONG_KEYLEN 44
#elif G10ERR_WRONG_KEYLEN != 44
#error G10ERR_WRONG_KEYLEN is defined to a wrong value.
#endif
#include <string.h> /* memcpy, memcmp */
typedef unsigned long u32;
typedef unsigned char byte;
/* Macros used by the info function. */
#define FNCCAST_SETKEY(f) ((int(*)(void*, byte*, unsigned))(f))
#define FNCCAST_CRYPT(f) ((void(*)(void*, byte*, byte*))(f))
/*
@ -127,6 +152,7 @@ typedef unsigned char byte;
*/
typedef struct _des_ctx
{
int mode;
u32 encrypt_subkeys[32];
u32 decrypt_subkeys[32];
}
@ -137,6 +163,7 @@ des_ctx[1];
*/
typedef struct _tripledes_ctx
{
int mode;
u32 encrypt_subkeys[96];
u32 decrypt_subkeys[96];
}
@ -499,7 +526,8 @@ des_setkey (struct _des_ctx *ctx, const byte * key)
/*
* Electronic Codebook Mode DES encryption/decryption of data according to 'mode'.
* Electronic Codebook Mode DES encryption/decryption of data according
* to 'mode'.
*/
static int
des_ecb_crypt (struct _des_ctx *ctx, const byte * from, byte * to, int mode)
@ -638,6 +666,16 @@ tripledes_ecb_crypt (struct _tripledes_ctx *ctx, const byte * from, byte * to, i
}
/*
* Check whether the 8 byte key is weak.
*/
static int
is_weak_key ( byte *key )
{
return 0; /* FIXME */
}
/*
* Performs a selftest of this DES/Triple-DES implementation.
@ -652,8 +690,7 @@ selftest (void)
* need this.
*/
if (sizeof (u32) != 4)
return "Wrong word size for DES configured.";
return "Wrong word size for DES configured.";
/*
* DES Maintenance Test
@ -714,3 +751,69 @@ selftest (void)
return 0;
}
static int
do_tripledes_setkey ( struct _tripledes_ctx *ctx, byte *key, unsigned keylen )
{
if( keylen != 24 )
return G10ERR_WRONG_KEYLEN;
if( is_weak_key( key ) || is_weak_key( key+8 ) || is_weak_key( key+16 ) )
return G10ERR_WEAK_KEY;
tripledes_set3keys ( ctx, key, key+8, key+16);
return 0;
}
static void
do_tripledes_encrypt( struct _tripledes_ctx *ctx, byte *outbuf, byte *inbuf )
{
tripledes_ecb_encrypt ( ctx, inbuf, outbuf );
}
static void
do_tripledes_decrypt( struct _tripledes_ctx *ctx, byte *outbuf, byte *inbuf )
{
tripledes_ecb_decrypt ( ctx, inbuf, outbuf );
}
/****************
* Return some information about the algorithm. We need algo here to
* distinguish different flavors of the algorithm.
* Returns: A pointer to string describing the algorithm or NULL if
* the ALGO is invalid.
*/
const char *
des_get_info( int algo, size_t *keylen,
size_t *blocksize, size_t *contextsize,
int (**r_setkey)( void *c, byte *key, unsigned keylen ),
void (**r_encrypt)( void *c, byte *outbuf, byte *inbuf ),
void (**r_decrypt)( void *c, byte *outbuf, byte *inbuf )
)
{
static int did_selftest = 0;
if( !did_selftest ) {
const char *s = selftest();
if( s )
log_fatal("selftest failed: %s", s );
did_selftest = 1;
}
if( algo == CIPHER_ALGO_3DES ) {
*keylen = 192;
*blocksize = 8;
*contextsize = sizeof(struct _tripledes_ctx);
*r_setkey = FNCCAST_SETKEY(do_tripledes_setkey);
*r_encrypt= FNCCAST_CRYPT(do_tripledes_encrypt);
*r_decrypt= FNCCAST_CRYPT(do_tripledes_decrypt);
return "3DES";
}
return NULL;
}

34
cipher/des.h Normal file
View File

@ -0,0 +1,34 @@
/* des.h
* Copyright (C) 1998 Free Software Foundation, Inc.
*
* This file is part of GNUPG.
*
* GNUPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GNUPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifndef G10_DES_H
#define G10_DES_H
#include "types.h"
const char *
des_get_info( int algo, size_t *keylen,
size_t *blocksize, size_t *contextsize,
int (**setkey)( void *c, byte *key, unsigned keylen ),
void (**encrypt)( void *c, byte *outbuf, byte *inbuf ),
void (**decrypt)( void *c, byte *outbuf, byte *inbuf )
);
#endif /*G10_DES_H*/

4
configure.in
View File

@ -180,10 +180,12 @@ fi
dnl Checks for library functions.
AC_FUNC_VPRINTF
AC_CHECK_FUNCS(strerror stpcpy strlwr tcgetattr rand strtoul mlock mmap)
AC_CHECK_FUNCS(strerror stpcpy strlwr tcgetattr rand strtoul mmap)
AC_CHECK_FUNCS(memmove gettimeofday getrusage gethrtime setrlimit)
AC_CHECK_FUNCS(atexit raise getpagesize strftime)
WK_CHECK_MLOCK
WK_CHECK_IPC
if test "$ac_cv_header_sys_shm_h" = "yes"; then
AC_DEFINE(USE_SHM_COPROCESSING)

6
doc/DETAILS
View File

@ -41,12 +41,10 @@
Layout of the TrustDB
=====================
FIXME: use a directory record as top node instead of the pubkey record
The TrustDB is built from fixed length records, where the first byte
describes the record type. All numeric values are stored in network
byte order. The length of each record is 40 bytes. The first record of
the DB is always of type 1 and this is the only record of this type.
the DB is always of type 2 and this is the only record of this type.
Record type 0:
--------------
@ -56,7 +54,7 @@ Record type 1:
--------------
Version information for this TrustDB. This is always the first
record of the DB and the only one with type 1.
1 byte value 1
1 byte value 2
3 bytes 'gpg' magic value
1 byte Version of the TrustDB
3 byte reserved

13
g10/ChangeLog
View File

@ -1,3 +1,16 @@
Fri Sep 18 16:50:32 1998 Werner Koch (wk@(none))
* getkey.c (merge_key_and_selfsig): New.
Fri Sep 18 10:20:11 1998 Werner Koch (wk@(none))
* pkclist.c (select_algo_from_prefs): Removed 3DEs kludge.
* seskey.c (make_session_key): Fixed SERIOUS bug introduced
by adding the weak key detection code.
* sign.c (sign_file): Changed aremor header in certain cases.
Tue Sep 15 17:52:55 1998 Werner Koch (wk@(none))
* mainproc.c (check_sig_and_print): Replaced ascime by asctimestamp.

5
g10/encr-data.c
View File

@ -69,9 +69,12 @@ decrypt_data( PKT_encrypted *ed, DEK *dek )
log_bug("Nanu\n"); /* oops: found a bug */
dfx.cipher_hd = cipher_open( dek->algo, CIPHER_MODE_AUTO_CFB, 1 );
if( cipher_setkey( dfx.cipher_hd, dek->key, dek->keylen ) )
rc = cipher_setkey( dfx.cipher_hd, dek->key, dek->keylen );
if( rc == G10ERR_WEAK_KEY )
log_info(_("Warning: Message was encrypted with "
"a weak key in the symmetric cipher.\n"));
else if( rc )
log_error("key setup failed: %s\n", g10_errstr(rc) );
cipher_setiv( dfx.cipher_hd, NULL );

2
g10/g10.c
View File

@ -381,8 +381,8 @@ i18n_init(void)
{
#ifdef ENABLE_NLS
#ifdef HAVE_LC_MESSAGES
setlocale( LC_MESSAGES, "" );
setlocale( LC_TIME, "" );
setlocale( LC_MESSAGES, "" );
#else
setlocale( LC_ALL, "" );
#endif

66
g10/getkey.c
View File

@ -613,7 +613,7 @@ compare_name( const char *uid, size_t uidlen, const char *name, int mode )
*/
static void
add_stuff_from_selfsig( KBNODE keyblock, KBNODE knode )
merge_one_pk_and_selfsig( KBNODE keyblock, KBNODE knode )
{
PKT_public_key *pk = knode->pkt->pkt.public_key;
PKT_signature *sig;
@ -643,9 +643,8 @@ add_stuff_from_selfsig( KBNODE keyblock, KBNODE knode )
&& sig->keyid[1] == kid[1]
&& sig->version > 3 ) {
/* okay this is (the first) self-signature which can be used
* fixme: Check how to handle subkey bindings
* FIXME: We should only use this if the signature is valid
* but this is time consuming - we muts provide another
* but this is time consuming - we must provide another
* way to handle this
*/
const byte *p;
@ -658,6 +657,63 @@ add_stuff_from_selfsig( KBNODE keyblock, KBNODE knode )
}
/****************
* merge all selfsignatures with the keys.
*/
void
merge_keys_and_selfsig( KBNODE keyblock )
{
PKT_public_key *pk = NULL;
PKT_secret_key *sk = NULL;
PKT_signature *sig;
KBNODE k;
u32 kid[2];
for(k=keyblock; k; k = k->next ) {
if( k->pkt->pkttype == PKT_PUBLIC_KEY
|| k->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
pk = k->pkt->pkt.public_key; sk = NULL;
if( pk->version < 4 )
pk = NULL; /* not needed for old keys */
else
keyid_from_pk( pk, kid );
}
else if( k->pkt->pkttype == PKT_SECRET_KEY
|| k->pkt->pkttype == PKT_SECRET_SUBKEY ) {
pk = NULL; sk = k->pkt->pkt.secret_key;
if( sk->version < 4 )
sk = NULL;
else
keyid_from_sk( sk, kid );
}
else if( (pk || sk ) && k->pkt->pkttype == PKT_SIGNATURE
&& (sig=k->pkt->pkt.signature)->sig_class >= 0x10
&& sig->sig_class <= 0x13 && sig->version > 3
&& sig->keyid[0] == kid[0] && sig->keyid[1] == kid[1] ) {
/* okay this is (the first) self-signature which can be used
* FIXME: We should only use this if the signature is valid
* but this is time consuming - we must provide another
* way to handle this
*/
const byte *p;
p = parse_sig_subpkt( sig->hashed_data, SIGSUBPKT_KEY_EXPIRE, NULL );
if( pk ) {
pk->valid_days = p? ((buffer_to_u32(p)+86399L)/86400L):0;
/* fixme: add usage etc. */
pk = NULL; /* use only the first self signature */
}
else {
sk->valid_days = p? ((buffer_to_u32(p)+86399L)/86400L):0;
sk = NULL; /* use only the first self signature */
}
}
}
}
/****************
* Lookup a key by scanning all keyrings
* mode 1 = lookup by NAME (exact)
@ -808,12 +864,12 @@ lookup( PKT_public_key *pk, int mode, u32 *keyid,
if( primary && !pk->pubkey_usage ) {
copy_public_key_new_namehash( pk, keyblock->pkt->pkt.public_key,
use_namehash? namehash:NULL);
add_stuff_from_selfsig( keyblock, keyblock );
merge_one_pk_and_selfsig( keyblock, keyblock );
}
else {
copy_public_key_new_namehash( pk, k->pkt->pkt.public_key,
use_namehash? namehash:NULL);
add_stuff_from_selfsig( keyblock, k );
merge_one_pk_and_selfsig( keyblock, k );
}
if( ret_keyblock ) {
*ret_keyblock = keyblock;

1
g10/keydb.h
View File

@ -120,6 +120,7 @@ int get_keyblock_byfprint( KBNODE *ret_keyblock, const byte *fprint,
int seckey_available( u32 *keyid );
int get_seckey_byname( PKT_secret_key *sk, const char *name, int unlock );
int enum_secret_keys( void **context, PKT_secret_key *sk, int with_subkeys );
void merge_keys_and_selfsig( KBNODE keyblock );
char*get_user_id_string( u32 *keyid );
char*get_user_id( u32 *keyid, size_t *rn );

4
g10/keyedit.c
View File

@ -85,6 +85,9 @@ get_keyblock_byname( KBNODE *keyblock, KBPOS *kbpos, const char *username )
rc = read_keyblock( kbpos, keyblock );
if( rc )
log_error("%s: keyblock read problem: %s\n", username, g10_errstr(rc));
else
merge_keys_and_selfsig( *keyblock );
return rc;
}
@ -490,6 +493,7 @@ keyedit_menu( const char *username, STRLIST locusr )
username, g10_errstr(rc));
goto leave;
}
merge_keys_and_selfsig( sec_keyblock );
}
/* and now get the public key */

7
g10/pkclist.c
View File

@ -599,13 +599,6 @@ select_algo_from_prefs( PK_LIST pk_list, int preftype )
i = 1; /* yep; we can use compression algo 1 */
}
if( preftype == PREFTYPE_SYM && i == CIPHER_ALGO_3DES ) {
i = CIPHER_ALGO_CAST5;
if( opt.verbose )
log_info("replacing 3DES by CAST5\n");
}
m_free(pref);
return i;
}

1
g10/seskey.c
View File

@ -42,6 +42,7 @@ make_session_key( DEK *dek )
dek->keylen = cipher_get_keylen( dek->algo ) / 8;
chd = cipher_open( dek->algo, CIPHER_MODE_AUTO_CFB, 1 );
randomize_buffer( dek->key, dek->keylen, 1 );
for(i=0; i < 16; i++ ) {
rc = cipher_setkey( chd, dek->key, dek->keylen );
if( !rc ) {

3
g10/sign.c
View File

@ -220,6 +220,9 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
if( !multifile )
iobuf_push_filter( inp, md_filter, &mfx );
if( detached && !encrypt && !opt.rfc1991 )
afx.what = 2;
if( opt.armor && !outfile )
iobuf_push_filter( out, armor_filter, &afx );
else {

2
g10/trustdb.c
View File

@ -1636,7 +1636,7 @@ check_trust( PKT_public_key *pk, unsigned *r_trustlevel )
pk->valid_days) < cur_time ) {
log_info(_("key %08lX.%lu: expired at %s\n"),
keyid[1], pk->local_id,
strtimestamp( add_days_to_timestamp(pk->timestamp,
asctimestamp( add_days_to_timestamp(pk->timestamp,
pk->valid_days)));
trustlevel = TRUST_EXPIRED;
}

2
include/cipher.h
View File

@ -60,7 +60,7 @@
typedef struct {
int algo;
int keylen;
byte key[20]; /* this is the largest used keylen */
byte key[24]; /* this is the largest used keylen (3des) */
} DEK;
typedef struct cipher_handle_s *CIPHER_HANDLE;

3
include/errors.h
View File

@ -62,7 +62,8 @@
#define G10ERR_TIME_CONFLICT 40
#define G10ERR_WR_PUBKEY_ALGO 41 /* unusabe pubkey algo */
#define G10ERR_FILE_EXISTS 42
#define G10ERR_WEAK_KEY 43
#define G10ERR_WEAK_KEY 43 /* NOTE: hardcoded intothe cipher modules */
#define G10ERR_WRONG_KEYLEN 44 /* NOTE: hardcoded intothe cipher modules */
#ifndef HAVE_STRERROR

4
mpi/ChangeLog
View File

@ -1,3 +1,7 @@
Thu Sep 17 18:08:50 1998 Werner Koch (wk@(none))
* hppa1.1/udiv-qrnnd.S: Fix from Steffen Zahn for HPUX 10.20
Thu Aug 6 16:39:28 1998 Werner Koch,mobil,,, (wk@tobold)
* mpi-bit.c (mpi_set_bytes): Removed.

4
mpi/hppa1.1/udiv-qrnnd.S
View File

@ -50,8 +50,8 @@ __udiv_qrnnd
stws %r25,-16(0,%r30) ; n_hi
stws %r24,-12(0,%r30) ; n_lo
ldil L'L$0000,%r19
ldo R'L$0000(%r19),%r19
ldil L'L$0000,%r19 ; '
ldo R'L$0000(%r19),%r19 ; '
fldds -16(0,%r30),%fr5
stws %r23,-12(0,%r30)
comib,<= 0,%r25,L$1

1
scripts/distfiles
View File

@ -4,3 +4,4 @@ install-sh
mkinstalldirs
mkdiff
missing
gnupg.spec

59
scripts/gnupg.spec Normal file
View File

@ -0,0 +1,59 @@
#
# gnupg -- gnu privacy guard
# This is a template. The dist target uses it to create the real file.
#
Summary: GPL public key crypto
Name: gnupg
Version: @pkg_version@
Release: 3
Copyright: GPL
Group: Applications/Cryptography
Source: ftp://ftp.guug.de/pub/gcrypt/
URL: http://www.d.shuttle.de/isil/crypt/gnupg.html
Vendor: TechnoCage
Packager: Caskey L. Dickson <caskey-at-technocage.com>
Provides: gpg openpgp
%description
GNUPG is a complete and free replacement for PGP. Because it does not use
IDEA or RSA it can be used without any restrictions. GNUPG is nearly in
compliance with the OpenPGP draft.
%prep
rm -rf $RPM_BUILD_DIR/gnupg-@pkg_version@
tar -xvzf $RPM_SOURCE_DIR/gnupg-@pkg_version@.tar.gz
%build
cd gnupg-@pkg_version@
chown -R root.root *
./configure
make
%install
cd gnupg-@pkg_version@
make install
chmod +s /usr/local/bin/gpg
chmod +s /usr/local/bin/gpgm
%files
%doc gnupg-@pkg_version@/doc/DETAILS
%doc gnupg-@pkg_version@/INSTALL
%doc gnupg-@pkg_version@/doc/rfcs
%doc gnupg-@pkg_version@/AUTHORS
%doc gnupg-@pkg_version@/ABOUT-NLS
%doc gnupg-@pkg_version@/COPYING
%doc gnupg-@pkg_version@/ChangeLog
%doc gnupg-@pkg_version@/NEWS
%doc gnupg-@pkg_version@/README
%doc gnupg-@pkg_version@/THANKS
%doc gnupg-@pkg_version@/TODO
/usr/local/man/man1/gpg.1
/usr/local/bin/gpg
/usr/local/bin/gpgm
/usr/local/share/locale/en/LC_MESSAGES/gnupg.mo
/usr/local/share/locale/de/LC_MESSAGES/gnupg.mo
/usr/local/share/locale/it/LC_MESSAGES/gnupg.mo
/usr/local/share/locale/fr/LC_MESSAGES/gnupg.mo
/usr/local/lib/gnupg/tiger
/usr/local/lib/gnupg/twofish

4
util/ChangeLog
View File

@ -1,3 +1,7 @@
Fri Sep 18 16:25:47 1998 Werner Koch (wk@(none))
* secmem.c (lock_pool): Kludge for broken mlock on HPUX 10.20
Tue Sep 15 17:52:21 1998 Werner Koch (wk@(none))
* miscutil.c (asctimestamp): New.

8
util/miscutil.c
View File

@ -61,16 +61,16 @@ strtimestamp( u32 stamp )
const char *
asctimestamp( u32 stamp )
{
static char buffer[30];
static char buffer[50];
struct tm *tp;
time_t atime = stamp;
tp = localtime( &atime );
#ifdef HAVE_STRFTIME
mem2str( buffer, asctime(tp), DIM(buffer) );
#else
strftime( buffer, DIM(buffer)-1, "%c", tp );
strftime( buffer, DIM(buffer)-1, "%c %Z", tp );
buffer[DIM(buffer)-1] = 0;
#else
mem2str( buffer, asctime(tp), DIM(buffer) );
#endif
return buffer;
}

13
util/secmem.c
View File

@ -75,11 +75,22 @@ lock_pool( void *p, size_t n )
uid_t uid;
int err;
uid = getuid();
#ifdef HAVE_BROKEN_MLOCK
if( uid )
err = EPERM;
else {
err = mlock( p, n );
if( err && errno )
err = errno;
}
#else
err = mlock( p, n );
if( err && errno )
err = errno;
#endif
uid = getuid();
if( uid && !geteuid() ) {
if( setuid( uid ) )
log_fatal("failed to reset uid: %s\n", strerror(errno));