mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
See ChangeLog: Mon Jun 5 12:37:43 CEST 2000 Werner Koch
This commit is contained in:
parent
a74c85b4a0
commit
b65f9a8b0d
10
ChangeLog
10
ChangeLog
@ -1,3 +1,13 @@
|
||||
Mon Jun 5 12:37:43 CEST 2000 Werner Koch <wk@openit.de>
|
||||
|
||||
* acnclude.m4 (GNUPG_CHECK_EXPORTDYNAMIC): Replacement for
|
||||
GNUPG_CHECK_RDYNAMIC which should handle gcc with non GNU ld nicer.
|
||||
Contributed by Dave Dykstra.
|
||||
* configure.in (GNYPG_CHECK_RDYNAMIC): Replaced by the new check.
|
||||
|
||||
* configure.in (AC_CHECK_AWK): Moved before the first use of AWK. Suggested
|
||||
by Dave Dykstra.
|
||||
|
||||
Tue May 30 16:37:55 CEST 2000 Werner Koch <wk@openit.de>
|
||||
|
||||
Version 1.0.1-ePit-1
|
||||
|
10
NEWS
10
NEWS
@ -1,5 +1,5 @@
|
||||
Noteworthy changes in version 1.0.1-ePit-1
|
||||
------------------------------------------
|
||||
Noteworthy changes in the current test release
|
||||
----------------------------------------------
|
||||
|
||||
* Fixed expiration handling of encryption keys.
|
||||
|
||||
@ -45,6 +45,12 @@ Noteworthy changes in version 1.0.1-ePit-1
|
||||
* There is a new status PROGRESS which is used to show progress during
|
||||
key generation.
|
||||
|
||||
* Support for the new MDC encryption packets. To create them either
|
||||
--force-mdc must be use or cipher algorithm with a blocksize other
|
||||
than 64 bits is to be used. --openpgp currently disables MDC packets
|
||||
entirely.
|
||||
|
||||
|
||||
Noteworthy changes in version 1.0.1 (1999-12-16)
|
||||
-----------------------------------
|
||||
|
||||
|
5
TODO
5
TODO
@ -7,12 +7,11 @@
|
||||
|
||||
* Fix localtime() in W32.
|
||||
|
||||
* export sollte exit(1) machen bei einem Fehler - testen! Es wird ein
|
||||
leerer File erzeugt. Nur unter Windows?
|
||||
|
||||
* No TCP support yet for W32? arggg - should go into a separate program
|
||||
anyway.
|
||||
|
||||
* Replace Valid/Invalid by Known/Unknown?
|
||||
|
||||
|
||||
Scheduled for 1.1
|
||||
-----------------
|
||||
|
51
acinclude.m4
51
acinclude.m4
@ -206,39 +206,38 @@ define(GNUPG_CHECK_PIC,
|
||||
|
||||
|
||||
######################################################################
|
||||
# Check for rdynamic flag
|
||||
# This sets CFLAGS_RDYNAMIC to the required flags
|
||||
# Check for export-dynamic flag
|
||||
# This sets CFLAGS_EXPORTDYNAMIC to the required flags
|
||||
######################################################################
|
||||
dnl GNUPG_CHECK_RDYNAMIC
|
||||
dnl GNUPG_CHECK_EXPORTDYNAMIC
|
||||
dnl
|
||||
define(GNUPG_CHECK_RDYNAMIC,
|
||||
[ AC_MSG_CHECKING(how to specify -rdynamic)
|
||||
CFLAGS_RDYNAMIC=
|
||||
define(GNUPG_CHECK_EXPORTDYNAMIC,
|
||||
[ AC_MSG_CHECKING(how to specify -export-dynamic)
|
||||
if test "$cross_compiling" = yes; then
|
||||
AC_MSG_RESULT(assume none)
|
||||
AC_MSG_RESULT(assume none)
|
||||
CFLAGS_EXPORTDYNAMIC=""
|
||||
else
|
||||
case "$host_os" in
|
||||
solaris* )
|
||||
CFLAGS_RDYNAMIC="-Wl,-dy"
|
||||
;;
|
||||
|
||||
hpux* )
|
||||
CFLAGS_RDYNAMIC="-Wl,-E"
|
||||
;;
|
||||
|
||||
openbsd* | freebsd2* | osf4* | irix* | netbsd* | bsdi* )
|
||||
CFLAGS_RDYNAMIC=""
|
||||
;;
|
||||
|
||||
* )
|
||||
CFLAGS_RDYNAMIC="-Wl,-export-dynamic"
|
||||
;;
|
||||
esac
|
||||
AC_MSG_RESULT($CFLAGS_RDYNAMIC)
|
||||
AC_CACHE_VAL(gnupg_cv_export_dynamic,[
|
||||
if AC_TRY_COMMAND([${CC-cc} $CFLAGS -Wl,--version 2>&1 |
|
||||
grep "GNU ld" >/dev/null]); then
|
||||
# using gnu's linker
|
||||
gnupg_cv_export_dynamic="-Wl,-export-dynamic"
|
||||
else
|
||||
case "$host_os" in
|
||||
hpux* )
|
||||
gnupg_cv_export_dynamic="-Wl,-E"
|
||||
;;
|
||||
* )
|
||||
gnupg_cv_export_dynamic=""
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
])
|
||||
AC_MSG_RESULT($gnupg_cv_export_dynamic)
|
||||
CFLAGS_EXPORTDYNAMIC="$gnupg_cv_export_dynamic"
|
||||
fi
|
||||
])
|
||||
|
||||
|
||||
#####################################################################
|
||||
# Check for SysV IPC (from GIMP)
|
||||
# And see whether we have a SHM_LOCK (FreeBSD does not have it).
|
||||
|
@ -11,7 +11,7 @@ TESTS = version.test mds.test \
|
||||
signencrypt.test signencrypt-dsa.test \
|
||||
armsignencrypt.test armdetach.test \
|
||||
armdetachm.test detachm.test genkey1024.test \
|
||||
conventional.test
|
||||
conventional.test conventional-mdc.test
|
||||
|
||||
|
||||
TEST_FILES = pubring.asc secring.asc plain-1o.asc plain-2o.asc plain-3o.asc \
|
||||
|
16
checks/conventional-mdc.test
Executable file
16
checks/conventional-mdc.test
Executable file
@ -0,0 +1,16 @@
|
||||
#!/bin/sh
|
||||
|
||||
. $srcdir/defs.inc || exit 3
|
||||
|
||||
#info Checking conventional encryption
|
||||
for i in 0 1 2 3 9 10 11 19 20 21 22 23 39 40 41 8192 32000 ; do
|
||||
for ciph in 3des cast5 blowfish twofish; do
|
||||
dd if=data-80000 of=z bs=1 count=$i 2>/dev/null
|
||||
echo "Hier spricht HAL" | $srcdir/run-gpg --passphrase-fd 0 \
|
||||
--force-mdc --cipher $ciph -c -o x --yes z
|
||||
echo "Hier spricht HAL" | $srcdir/run-gpg --passphrase-fd 0 \
|
||||
-o y --yes x
|
||||
cmp z y || error "$ciph/$i: mismatch"
|
||||
done
|
||||
done
|
||||
|
@ -2,7 +2,7 @@
|
||||
|
||||
. $srcdir/defs.inc || exit 3
|
||||
|
||||
# temp. hack cause the format for 128 biut blocksize messages may change
|
||||
# temp. hack cause the format for 128 bit blocksize messages may change
|
||||
GNUPG_ENABLE_TWOFISH=1
|
||||
export GNUPG_ENABLE_TWOFISH
|
||||
|
||||
|
14
configure.in
14
configure.in
@ -23,7 +23,9 @@ AC_SUBST(PACKAGE)
|
||||
AC_DEFINE_UNQUOTED(VERSION, "$VERSION")
|
||||
AC_DEFINE_UNQUOTED(PACKAGE, "$PACKAGE")
|
||||
|
||||
MODULES_IN_CIPHER=`awk '/^EXTRA_PROGRAMS/ { for(i=3;i<=NF;i++) print $i}' \
|
||||
AC_PROG_AWK
|
||||
|
||||
MODULES_IN_CIPHER=`$AWK '/^EXTRA_PROGRAMS/ { for(i=3;i<=NF;i++) print $i}' \
|
||||
$srcdir/cipher/Makefile.am`
|
||||
|
||||
dnl
|
||||
@ -221,7 +223,7 @@ esac
|
||||
AC_SUBST(MPI_OPT_FLAGS)
|
||||
GNUPG_SYS_SYMBOL_UNDERSCORE
|
||||
GNUPG_CHECK_PIC
|
||||
GNUPG_CHECK_RDYNAMIC
|
||||
GNUPG_CHECK_EXPORTDYNAMIC
|
||||
if test "$NO_PIC" = yes; then
|
||||
try_dynload=no
|
||||
fi
|
||||
@ -320,21 +322,21 @@ if test "$try_dynload" = yes ; then
|
||||
if test "$ac_cv_lib_dl_dlopen" = "yes"; then
|
||||
AC_DEFINE(USE_DYNAMIC_LINKING)
|
||||
AC_DEFINE(HAVE_DL_DLOPEN)
|
||||
DYNLINK_LDFLAGS="$CFLAGS_RDYNAMIC"
|
||||
DYNLINK_LDFLAGS="$CFLAGS_EXPORTDYNAMIC"
|
||||
use_gnupg_extensions=yes
|
||||
else
|
||||
AC_CHECK_FUNCS(dlopen)
|
||||
if test "$ac_cv_func_dlopen" = "yes"; then
|
||||
AC_DEFINE(USE_DYNAMIC_LINKING)
|
||||
AC_DEFINE(HAVE_DL_DLOPEN)
|
||||
DYNLINK_LDFLAGS="$CFLAGS_RDYNAMIC"
|
||||
DYNLINK_LDFLAGS="$CFLAGS_EXPORTDYNAMIC"
|
||||
use_gnupg_extensions=yes
|
||||
else
|
||||
AC_CHECK_LIB(dld,shl_load)
|
||||
if test "$ac_cv_lib_dld_shl_load" = "yes"; then
|
||||
AC_DEFINE(USE_DYNAMIC_LINKING)
|
||||
AC_DEFINE(HAVE_DL_SHL_LOAD)
|
||||
DYNLINK_LDFLAGS="$CFLAGS_RDYNAMIC"
|
||||
DYNLINK_LDFLAGS="$CFLAGS_EXPORTDYNAMIC"
|
||||
use_gnupg_extensions=yes
|
||||
dnl -----------------
|
||||
dnl DLD is not ready for use. So I better disable this test
|
||||
@ -343,7 +345,7 @@ dnl AC_CHECK_LIB(dld,dld_link)
|
||||
dnl if test "$ac_cv_lib_dld_dld_link" = "yes"; then
|
||||
dnl AC_DEFINE(USE_DYNAMIC_LINKING)
|
||||
dnl AC_DEFINE(HAVE_DLD_DLD_LINK)
|
||||
dnl DYNLINK_LDFLAGS="$CFLAGS_RDYNAMIC"
|
||||
dnl DYNLINK_LDFLAGS="$CFLAGS_EXPORTDYNAMIC"
|
||||
dnl use_gnupg_extensions=yes
|
||||
dnl ---------------
|
||||
fi
|
||||
|
@ -1,3 +1,18 @@
|
||||
Mon Jun 5 12:37:43 CEST 2000 Werner Koch <wk@openit.de>
|
||||
|
||||
* build-packet.c (do_mdc): New.
|
||||
(do_encrypted_mdc): Changed for the new proposal.
|
||||
* parse-packet.c (parse_mdc): New.
|
||||
(parse_encrypted): Fixed for the new proposal.
|
||||
* packet.h (PKT_MDC): New.
|
||||
* cipher.c (cipher_filter): Build the MDC packet here.
|
||||
* g10.c (main): Enable --force-mdc.
|
||||
* encr-data.c (mdc_decode_filter): Fixed for new MDC method
|
||||
|
||||
* options.h(rfc2440): New.
|
||||
* g10.c (main): Changed the selected values for --openpgp to not include
|
||||
optional algorithms.
|
||||
|
||||
Thu May 18 11:38:54 CEST 2000 Werner Koch <wk@openit.de>
|
||||
|
||||
* keyedit.c (keyedit_menu): Add a keyword arg to the prompt.
|
||||
|
@ -44,6 +44,7 @@ static u32 calc_plaintext( PKT_plaintext *pt );
|
||||
static int do_plaintext( IOBUF out, int ctb, PKT_plaintext *pt );
|
||||
static int do_encrypted( IOBUF out, int ctb, PKT_encrypted *ed );
|
||||
static int do_encrypted_mdc( IOBUF out, int ctb, PKT_encrypted *ed );
|
||||
static int do_mdc( IOBUF out, PKT_mdc *mdc );
|
||||
static int do_compressed( IOBUF out, int ctb, PKT_compressed *cd );
|
||||
static int do_signature( IOBUF out, int ctb, PKT_signature *sig );
|
||||
static int do_onepass_sig( IOBUF out, int ctb, PKT_onepass_sig *ops );
|
||||
@ -121,6 +122,9 @@ build_packet( IOBUF out, PACKET *pkt )
|
||||
case PKT_ENCRYPTED_MDC:
|
||||
rc = do_encrypted_mdc( out, ctb, pkt->pkt.encrypted );
|
||||
break;
|
||||
case PKT_MDC:
|
||||
rc = do_mdc( out, pkt->pkt.mdc );
|
||||
break;
|
||||
case PKT_COMPRESSED:
|
||||
rc = do_compressed( out, ctb, pkt->pkt.compressed );
|
||||
break;
|
||||
@ -550,13 +554,24 @@ do_encrypted_mdc( IOBUF out, int ctb, PKT_encrypted *ed )
|
||||
n = ed->len ? (ed->len + 10) : 0;
|
||||
write_header(out, ctb, n );
|
||||
iobuf_put(out, 1 ); /* version */
|
||||
iobuf_put(out, ed->mdc_method );
|
||||
|
||||
/* This is all. The caller has to write the real data */
|
||||
|
||||
return rc;
|
||||
}
|
||||
|
||||
|
||||
static int
|
||||
do_mdc( IOBUF out, PKT_mdc *mdc )
|
||||
{
|
||||
/* This packet requires a fixed header encoding */
|
||||
iobuf_put( out, 0xd3 ); /* packet ID and 1 byte length */
|
||||
iobuf_put( out, 0x14 ); /* length = 20 */
|
||||
if( iobuf_write( out, mdc->hash, sizeof(mdc->hash) ) )
|
||||
return G10ERR_WRITE_FILE;
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
do_compressed( IOBUF out, int ctb, PKT_compressed *cd )
|
||||
{
|
||||
|
31
g10/cipher.c
31
g10/cipher.c
@ -49,22 +49,27 @@ write_header( cipher_filter_context_t *cfx, IOBUF a )
|
||||
unsigned nprefix;
|
||||
int use_mdc = opt.force_mdc;
|
||||
|
||||
blocksize = cipher_get_blocksize( cfx->dek->algo );
|
||||
if( blocksize < 8 || blocksize > 16 )
|
||||
log_fatal("unsupported blocksize %u\n", blocksize );
|
||||
if( blocksize != 8 )
|
||||
use_mdc = 1; /* enable it for all modern ciphers */
|
||||
if( opt.rfc2440 )
|
||||
use_mdc = 0; /* override - rfc2440 does not know about MDC */
|
||||
|
||||
memset( &ed, 0, sizeof ed );
|
||||
ed.len = cfx->datalen;
|
||||
ed.new_ctb = !ed.len && !opt.rfc1991;
|
||||
if( use_mdc ) {
|
||||
ed.mdc_method = DIGEST_ALGO_SHA1;
|
||||
cfx->mdc_hash = md_open( DIGEST_ALGO_SHA1, 0 );
|
||||
/*md_start_debug( cfx->mdc_hash, "mdccreat" );*/
|
||||
/*md_start_debug( cfx->mdc_hash, "creatmdc" );*/
|
||||
}
|
||||
init_packet( &pkt );
|
||||
pkt.pkttype = use_mdc? PKT_ENCRYPTED_MDC : PKT_ENCRYPTED;
|
||||
pkt.pkt.encrypted = &ed;
|
||||
if( build_packet( a, &pkt ))
|
||||
log_bug("build_packet(ENCR_DATA) failed\n");
|
||||
blocksize = cipher_get_blocksize( cfx->dek->algo );
|
||||
if( blocksize < 8 || blocksize > 16 )
|
||||
log_fatal("unsupported blocksize %u\n", blocksize );
|
||||
nprefix = blocksize;
|
||||
randomize_buffer( temp, nprefix, 1 );
|
||||
temp[nprefix] = temp[nprefix-2];
|
||||
@ -75,8 +80,6 @@ write_header( cipher_filter_context_t *cfx, IOBUF a )
|
||||
cipher_setkey( cfx->cipher_hd, cfx->dek->key, cfx->dek->keylen );
|
||||
cipher_setiv( cfx->cipher_hd, NULL, 0 );
|
||||
/* log_hexdump( "prefix", temp, nprefix+2 ); */
|
||||
if( cfx->mdc_hash )
|
||||
md_write( cfx->mdc_hash, temp, nprefix+2 );
|
||||
cipher_encrypt( cfx->cipher_hd, temp, temp, nprefix+2);
|
||||
cipher_sync( cfx->cipher_hd );
|
||||
iobuf_write(a, temp, nprefix+2);
|
||||
@ -115,12 +118,22 @@ cipher_filter( void *opaque, int control,
|
||||
if( cfx->mdc_hash ) {
|
||||
byte *hash;
|
||||
int hashlen = md_digest_length( md_get_algo( cfx->mdc_hash ) );
|
||||
byte temp[22];
|
||||
|
||||
assert( hashlen == 20 );
|
||||
/* we must hash the prefix of the MDC packet here */
|
||||
temp[0] = 0xd3;
|
||||
temp[1] = 0x14;
|
||||
md_putc( cfx->mdc_hash, temp[0] );
|
||||
md_putc( cfx->mdc_hash, temp[1] );
|
||||
|
||||
md_final( cfx->mdc_hash );
|
||||
hash = md_read( cfx->mdc_hash, 0 );
|
||||
cipher_encrypt( cfx->cipher_hd, hash, hash, hashlen );
|
||||
if( iobuf_write( a, hash, hashlen ) )
|
||||
rc = G10ERR_WRITE_FILE;
|
||||
memcpy(temp+2, hash, 20);
|
||||
cipher_encrypt( cfx->cipher_hd, temp, temp, 22 );
|
||||
md_close( cfx->mdc_hash ); cfx->mdc_hash = NULL;
|
||||
if( iobuf_write( a, temp, 22 ) )
|
||||
log_error("writing MDC packet failed\n" );
|
||||
}
|
||||
cipher_close(cfx->cipher_hd);
|
||||
write_status( STATUS_END_ENCRYPTION );
|
||||
|
@ -32,9 +32,9 @@
|
||||
#include "i18n.h"
|
||||
|
||||
|
||||
static int decode_filter( void *opaque, int control, IOBUF a,
|
||||
byte *buf, size_t *ret_len);
|
||||
static int mdc_decode_filter( void *opaque, int control, IOBUF a,
|
||||
byte *buf, size_t *ret_len);
|
||||
static int decode_filter( void *opaque, int control, IOBUF a,
|
||||
byte *buf, size_t *ret_len);
|
||||
|
||||
typedef struct {
|
||||
@ -76,8 +76,10 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
|
||||
if( ed->len && ed->len < (nprefix+2) )
|
||||
BUG();
|
||||
|
||||
if( ed->mdc_method )
|
||||
if( ed->mdc_method ) {
|
||||
dfx.mdc_hash = md_open( ed->mdc_method, 0 );
|
||||
/*md_start_debug(dfx.mdc_hash, "checkmdc");*/
|
||||
}
|
||||
dfx.cipher_hd = cipher_open( dek->algo, CIPHER_MODE_AUTO_CFB, 1 );
|
||||
/* log_hexdump( "thekey", dek->key, dek->keylen );*/
|
||||
rc = cipher_setkey( dfx.cipher_hd, dek->key, dek->keylen );
|
||||
@ -107,8 +109,6 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
|
||||
temp[i] = c;
|
||||
}
|
||||
cipher_decrypt( dfx.cipher_hd, temp, temp, nprefix+2);
|
||||
if( dfx.mdc_hash )
|
||||
md_write( dfx.mdc_hash, temp, nprefix+2 );
|
||||
cipher_sync( dfx.cipher_hd );
|
||||
p = temp;
|
||||
/* log_hexdump( "prefix", temp, nprefix+2 ); */
|
||||
@ -116,29 +116,36 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
|
||||
rc = G10ERR_BAD_KEY;
|
||||
goto leave;
|
||||
}
|
||||
|
||||
if( ed->mdc_method )
|
||||
iobuf_push_filter( ed->buf, mdc_decode_filter, &dfx );
|
||||
else
|
||||
iobuf_push_filter( ed->buf, decode_filter, &dfx );
|
||||
proc_packets( procctx, ed->buf);
|
||||
|
||||
proc_packets( procctx, ed->buf );
|
||||
ed->buf = NULL;
|
||||
if( ed->mdc_method && dfx.eof_seen == 2 )
|
||||
rc = G10ERR_INVALID_PACKET;
|
||||
else if( ed->mdc_method ) { /* check the mdc */
|
||||
int datalen = md_digest_length( ed->mdc_method );
|
||||
|
||||
cipher_decrypt( dfx.cipher_hd, dfx.defer, dfx.defer, 20);
|
||||
md_final( dfx.mdc_hash );
|
||||
if( datalen != 20
|
||||
|| memcmp(md_read( dfx.mdc_hash, 0 ), dfx.defer, datalen) )
|
||||
rc = G10ERR_BAD_SIGN;
|
||||
log_hexdump("MDC calculated:", md_read( dfx.mdc_hash, 0), datalen);
|
||||
log_hexdump("MDC message :", dfx.defer, 20);
|
||||
/*log_hexdump("MDC calculated:", md_read( dfx.mdc_hash, 0), datalen);*/
|
||||
/*log_hexdump("MDC message :", dfx.defer, 20);*/
|
||||
}
|
||||
|
||||
leave:
|
||||
cipher_close(dfx.cipher_hd);
|
||||
md_close( dfx.mdc_hash );
|
||||
return rc;
|
||||
}
|
||||
|
||||
|
||||
|
||||
/* I think we should merge this with cipher_filter */
|
||||
static int
|
||||
mdc_decode_filter( void *opaque, int control, IOBUF a,
|
||||
@ -166,10 +173,13 @@ mdc_decode_filter( void *opaque, int control, IOBUF a,
|
||||
if( n == 40 ) {
|
||||
/* we have enough stuff - flush the deferred stuff */
|
||||
/* (we have asserted that the buffer is large enough) */
|
||||
if( !dfx->defer_filled ) /* the first time */
|
||||
if( !dfx->defer_filled ) { /* the first time */
|
||||
memcpy(buf, buf+20, 20 );
|
||||
else
|
||||
n = 20;
|
||||
}
|
||||
else {
|
||||
memcpy(buf, dfx->defer, 20 );
|
||||
}
|
||||
/* now fill up */
|
||||
for(; n < size; n++ ) {
|
||||
if( (c = iobuf_get(a)) == -1 )
|
||||
@ -183,7 +193,7 @@ mdc_decode_filter( void *opaque, int control, IOBUF a,
|
||||
dfx->defer_filled = 1;
|
||||
}
|
||||
else if( !dfx->defer_filled ) { /* eof seen buf empty defer */
|
||||
/* this is very bad because there is an incomplete hash */
|
||||
/* this is bad because there is an incomplete hash */
|
||||
n -= 20;
|
||||
memcpy(buf, buf+20, n );
|
||||
dfx->eof_seen = 2; /* eof with incomplete hash */
|
||||
|
@ -83,6 +83,8 @@ typedef struct {
|
||||
CIPHER_HANDLE cipher_hd;
|
||||
int header;
|
||||
MD_HANDLE mdc_hash;
|
||||
byte enchash[20];
|
||||
int create_mdc; /* flag will be set by the cipher filter */
|
||||
} cipher_filter_context_t;
|
||||
|
||||
|
||||
|
13
g10/g10.c
13
g10/g10.c
@ -821,11 +821,13 @@ main( int argc, char **argv )
|
||||
break;
|
||||
case oRFC1991:
|
||||
opt.rfc1991 = 1;
|
||||
opt.rfc2440 = 0;
|
||||
opt.no_comment = 1;
|
||||
opt.escape_from = 1;
|
||||
break;
|
||||
case oOpenPGP:
|
||||
opt.rfc1991 = 0;
|
||||
opt.rfc2440 = 1;
|
||||
opt.pgp2_workarounds = 0;
|
||||
opt.escape_from = 0;
|
||||
opt.force_v3_sigs = 0;
|
||||
@ -834,10 +836,10 @@ main( int argc, char **argv )
|
||||
opt.not_dash_escaped = 0;
|
||||
opt.def_cipher_algo = 0;
|
||||
opt.def_digest_algo = 0;
|
||||
opt.def_compress_algo = 2;
|
||||
opt.def_compress_algo = 1;
|
||||
opt.s2k_mode = 3; /* iterated+salted */
|
||||
opt.s2k_digest_algo = DIGEST_ALGO_RMD160;
|
||||
opt.s2k_cipher_algo = CIPHER_ALGO_BLOWFISH;
|
||||
opt.s2k_digest_algo = DIGEST_ALGO_SHA1;
|
||||
opt.s2k_cipher_algo = CIPHER_ALGO_CAST5;
|
||||
break;
|
||||
case oEmuChecksumBug: opt.emulate_bugs |= EMUBUG_GPGCHKSUM; break;
|
||||
case oEmu3DESS2KBug: opt.emulate_bugs |= EMUBUG_3DESS2K; break;
|
||||
@ -936,11 +938,6 @@ main( int argc, char **argv )
|
||||
log_info("used in a production environment or with production keys!\n");
|
||||
}
|
||||
#endif
|
||||
if( opt.force_mdc ) {
|
||||
log_info("--force-mdc ignored because"
|
||||
" the OpenPGP WG has not yet aggreed on MDCs\n");
|
||||
opt.force_mdc = 0;
|
||||
}
|
||||
if (opt.no_literal) {
|
||||
log_info(_("NOTE: %s is not for normal use!\n"), "--no-literal");
|
||||
if (opt.textmode)
|
||||
|
@ -333,6 +333,7 @@ proc_encrypted( CTX c, PACKET *pkt )
|
||||
result = G10ERR_NO_SECKEY;
|
||||
if( !result )
|
||||
result = decrypt_data( c, pkt->pkt.encrypted, c->dek );
|
||||
|
||||
m_free(c->dek); c->dek = NULL;
|
||||
if( result == -1 )
|
||||
;
|
||||
@ -350,7 +351,7 @@ proc_encrypted( CTX c, PACKET *pkt )
|
||||
else {
|
||||
write_status( STATUS_DECRYPTION_FAILED );
|
||||
log_error(_("decryption failed: %s\n"), g10_errstr(result));
|
||||
/* Hmmm: does this work when we have encrypted using a multiple
|
||||
/* Hmmm: does this work when we have encrypted using multiple
|
||||
* ways to specify the session key (symmmetric and PK)*/
|
||||
}
|
||||
free_packet(pkt);
|
||||
@ -884,6 +885,7 @@ list_node( CTX c, KBNODE node )
|
||||
}
|
||||
|
||||
|
||||
|
||||
int
|
||||
proc_packets( void *anchor, IOBUF a )
|
||||
{
|
||||
@ -896,6 +898,8 @@ proc_packets( void *anchor, IOBUF a )
|
||||
return rc;
|
||||
}
|
||||
|
||||
|
||||
|
||||
int
|
||||
proc_signature_packets( void *anchor, IOBUF a,
|
||||
STRLIST signedfiles, const char *sigfilename )
|
||||
|
@ -64,6 +64,7 @@ struct {
|
||||
int compress_sigs;
|
||||
int always_trust;
|
||||
int rfc1991;
|
||||
int rfc2440;
|
||||
int pgp2_workarounds;
|
||||
unsigned emulate_bugs; /* bug emulation flags EMUBUG_xxxx */
|
||||
int shm_coprocess;
|
||||
|
11
g10/packet.h
11
g10/packet.h
@ -47,8 +47,9 @@ typedef enum {
|
||||
PKT_PUBLIC_SUBKEY =14, /* public subkey (OpenPGP) */
|
||||
PKT_OLD_COMMENT =16, /* comment packet from an OpenPGP draft */
|
||||
PKT_PHOTO_ID =17, /* PGP's photo ID */
|
||||
PKT_ENCRYPTED_MDC =18, /* integrity protected encrypted data */
|
||||
PKT_MDC =19, /* manipulaion detection code packet */
|
||||
PKT_COMMENT =61, /* new comment packet (private) */
|
||||
PKT_ENCRYPTED_MDC =62, /* test: encrypted data with MDC */
|
||||
} pkttype_t;
|
||||
|
||||
typedef struct packet_struct PACKET;
|
||||
@ -171,10 +172,14 @@ typedef struct {
|
||||
typedef struct {
|
||||
u32 len; /* length of encrypted data */
|
||||
byte new_ctb; /* uses a new CTB */
|
||||
byte mdc_method; /* test: > 0: this is is an encrypted_mdc packet */
|
||||
byte mdc_method; /* > 0: integrity protected encrypted data packet */
|
||||
IOBUF buf; /* IOBUF reference */
|
||||
} PKT_encrypted;
|
||||
|
||||
typedef struct {
|
||||
byte hash[20];
|
||||
} PKT_mdc;
|
||||
|
||||
typedef struct {
|
||||
unsigned int trustval;
|
||||
} PKT_ring_trust;
|
||||
@ -205,6 +210,7 @@ struct packet_struct {
|
||||
PKT_user_id *user_id; /* PKT_USER_ID */
|
||||
PKT_compressed *compressed; /* PKT_COMPRESSED */
|
||||
PKT_encrypted *encrypted; /* PKT_ENCRYPTED[_MDC] */
|
||||
PKT_mdc *mdc; /* PKT_MDC */
|
||||
PKT_ring_trust *ring_trust; /* PKT_RING_TRUST */
|
||||
PKT_plaintext *plaintext; /* PKT_PLAINTEXT */
|
||||
} pkt;
|
||||
@ -333,7 +339,6 @@ int handle_compressed( void *ctx, PKT_compressed *cd,
|
||||
|
||||
/*-- encr-data.c --*/
|
||||
int decrypt_data( void *ctx, PKT_encrypted *ed, DEK *dek );
|
||||
int encrypt_data( PKT_encrypted *ed, DEK *dek );
|
||||
|
||||
/*-- plaintext.c --*/
|
||||
int handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
|
||||
|
@ -73,6 +73,8 @@ static int parse_compressed( IOBUF inp, int pkttype, unsigned long pktlen,
|
||||
PACKET *packet, int new_ctb );
|
||||
static int parse_encrypted( IOBUF inp, int pkttype, unsigned long pktlen,
|
||||
PACKET *packet, int new_ctb);
|
||||
static int parse_mdc( IOBUF inp, int pkttype, unsigned long pktlen,
|
||||
PACKET *packet, int new_ctb);
|
||||
|
||||
static unsigned short
|
||||
read_16(IOBUF inp)
|
||||
@ -441,6 +443,9 @@ parse( IOBUF inp, PACKET *pkt, int reqtype, ulong *retpos,
|
||||
case PKT_ENCRYPTED_MDC:
|
||||
rc = parse_encrypted(inp, pkttype, pktlen, pkt, new_ctb );
|
||||
break;
|
||||
case PKT_MDC:
|
||||
rc = parse_mdc(inp, pkttype, pktlen, pkt, new_ctb );
|
||||
break;
|
||||
default:
|
||||
skip_packet(inp, pkttype, pktlen);
|
||||
break;
|
||||
@ -1697,9 +1702,8 @@ parse_encrypted( IOBUF inp, int pkttype, unsigned long pktlen,
|
||||
ed->new_ctb = new_ctb;
|
||||
ed->mdc_method = 0;
|
||||
if( pkttype == PKT_ENCRYPTED_MDC ) {
|
||||
/* test: this is the new encrypted_mdc packet */
|
||||
/* fixme: add some pktlen sanity checks */
|
||||
int version, method;
|
||||
int version;
|
||||
|
||||
version = iobuf_get_noeof(inp); pktlen--;
|
||||
if( version != 1 ) {
|
||||
@ -1707,12 +1711,7 @@ parse_encrypted( IOBUF inp, int pkttype, unsigned long pktlen,
|
||||
version);
|
||||
goto leave;
|
||||
}
|
||||
method = iobuf_get_noeof(inp); pktlen--;
|
||||
if( method != DIGEST_ALGO_SHA1 ) {
|
||||
log_error("encrypted_mdc does not use SHA1 method\n" );
|
||||
goto leave;
|
||||
}
|
||||
ed->mdc_method = method;
|
||||
ed->mdc_method = DIGEST_ALGO_SHA1;
|
||||
}
|
||||
if( pktlen && pktlen < 10 ) { /* actually this is blocksize+2 */
|
||||
log_error("packet(%d) too short\n", pkttype);
|
||||
@ -1735,3 +1734,26 @@ parse_encrypted( IOBUF inp, int pkttype, unsigned long pktlen,
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
static int
|
||||
parse_mdc( IOBUF inp, int pkttype, unsigned long pktlen,
|
||||
PACKET *pkt, int new_ctb )
|
||||
{
|
||||
PKT_mdc *mdc;
|
||||
byte *p;
|
||||
|
||||
mdc = pkt->pkt.mdc= m_alloc(sizeof *pkt->pkt.mdc );
|
||||
if( list_mode )
|
||||
printf(":mdc packet: length=%lu\n", pktlen);
|
||||
if( !new_ctb || pktlen != 20 ) {
|
||||
log_error("mdc_packet with invalid encoding\n");
|
||||
goto leave;
|
||||
}
|
||||
p = mdc->hash;
|
||||
for( ; pktlen; pktlen--, p++ )
|
||||
*p = iobuf_get_noeof(inp);
|
||||
|
||||
leave:
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -518,6 +518,7 @@ check_key_signature2( KBNODE root, KBNODE node, int *is_selfsig,
|
||||
|
||||
keyid_from_pk( pk, keyid );
|
||||
md = md_open( algo, 0 );
|
||||
md_start_debug( md, "rsa" );
|
||||
hash_public_key( md, pk );
|
||||
hash_uid_node( unode, md, sig );
|
||||
if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] ) {
|
||||
|
@ -22,7 +22,9 @@ ln ../g10/gpg gpg.exe
|
||||
i386--mingw32-strip gpg.exe
|
||||
man -T latin1 -l ../doc/gpg.1 >gpg.man
|
||||
todos gpg.man
|
||||
ln ${srcdir}/README .
|
||||
cp ${srcdir}/README .
|
||||
todos README
|
||||
ln ${srcdir}/doc/README.W32 .
|
||||
todos README.W32
|
||||
for i in ${srcdir}/po/*.gmo; do ln $i "$(basename $i .gmo).mo" ; done
|
||||
zip "gnupg-w32-$(cat ${srcdir}/VERSION).zip" *
|
||||
|
Loading…
x
Reference in New Issue
Block a user