security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-10 21:38:50 +01:00
Code Activity

See ChangeLog: Mon Jun 5 12:37:43 CEST 2000 Werner Koch

Browse Source
This commit is contained in:
Werner Koch 2000-06-05 10:27:46 +00:00
parent a74c85b4a0
commit b65f9a8b0d
21 changed files with 201 additions and 82 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
ChangeLog
View File

@ -1,3 +1,13 @@
Mon Jun 5 12:37:43 CEST 2000 Werner Koch <wk@openit.de>
* acnclude.m4 (GNUPG_CHECK_EXPORTDYNAMIC): Replacement for
GNUPG_CHECK_RDYNAMIC which should handle gcc with non GNU ld nicer.
Contributed by Dave Dykstra.
* configure.in (GNYPG_CHECK_RDYNAMIC): Replaced by the new check.
* configure.in (AC_CHECK_AWK): Moved before the first use of AWK. Suggested
by Dave Dykstra.
Tue May 30 16:37:55 CEST 2000 Werner Koch <wk@openit.de>
Version 1.0.1-ePit-1

10
NEWS
View File

@ -1,5 +1,5 @@
Noteworthy changes in version 1.0.1-ePit-1
------------------------------------------
Noteworthy changes in the current test release
----------------------------------------------
* Fixed expiration handling of encryption keys.
@ -45,6 +45,12 @@ Noteworthy changes in version 1.0.1-ePit-1
* There is a new status PROGRESS which is used to show progress during
key generation.
* Support for the new MDC encryption packets. To create them either
--force-mdc must be use or cipher algorithm with a blocksize other
than 64 bits is to be used. --openpgp currently disables MDC packets
entirely.
Noteworthy changes in version 1.0.1 (1999-12-16)
-----------------------------------

5
TODO
View File

@ -7,12 +7,11 @@
* Fix localtime() in W32.
* export sollte exit(1) machen bei einem Fehler - testen! Es wird ein
leerer File erzeugt. Nur unter Windows?
* No TCP support yet for W32? arggg - should go into a separate program
anyway.
* Replace Valid/Invalid by Known/Unknown?
Scheduled for 1.1
-----------------

2
VERSION
View File

@ -1 +1 @@
1.0.1-ePit-1
1.0.1h

51
acinclude.m4
View File

@ -206,39 +206,38 @@ define(GNUPG_CHECK_PIC,
######################################################################
# Check for rdynamic flag
# This sets CFLAGS_RDYNAMIC to the required flags
# Check for export-dynamic flag
# This sets CFLAGS_EXPORTDYNAMIC to the required flags
######################################################################
dnl GNUPG_CHECK_RDYNAMIC
dnl GNUPG_CHECK_EXPORTDYNAMIC
dnl
define(GNUPG_CHECK_RDYNAMIC,
[ AC_MSG_CHECKING(how to specify -rdynamic)
CFLAGS_RDYNAMIC=
define(GNUPG_CHECK_EXPORTDYNAMIC,
[ AC_MSG_CHECKING(how to specify -export-dynamic)
if test "$cross_compiling" = yes; then
AC_MSG_RESULT(assume none)
AC_MSG_RESULT(assume none)
CFLAGS_EXPORTDYNAMIC=""
else
case "$host_os" in
solaris* )
CFLAGS_RDYNAMIC="-Wl,-dy"
;;
hpux* )
CFLAGS_RDYNAMIC="-Wl,-E"
;;
openbsd* | freebsd2* | osf4* | irix* | netbsd* | bsdi* )
CFLAGS_RDYNAMIC=""
;;
* )
CFLAGS_RDYNAMIC="-Wl,-export-dynamic"
;;
esac
AC_MSG_RESULT($CFLAGS_RDYNAMIC)
AC_CACHE_VAL(gnupg_cv_export_dynamic,[
if AC_TRY_COMMAND([${CC-cc} $CFLAGS -Wl,--version 2>&1 |
grep "GNU ld" >/dev/null]); then
# using gnu's linker
gnupg_cv_export_dynamic="-Wl,-export-dynamic"
else
case "$host_os" in
hpux* )
gnupg_cv_export_dynamic="-Wl,-E"
;;
* )
gnupg_cv_export_dynamic=""
;;
esac
fi
])
AC_MSG_RESULT($gnupg_cv_export_dynamic)
CFLAGS_EXPORTDYNAMIC="$gnupg_cv_export_dynamic"
fi
])
#####################################################################
# Check for SysV IPC (from GIMP)
# And see whether we have a SHM_LOCK (FreeBSD does not have it).

2
checks/Makefile.am
View File

@ -11,7 +11,7 @@ TESTS = version.test mds.test \
signencrypt.test signencrypt-dsa.test \
armsignencrypt.test armdetach.test \
armdetachm.test detachm.test genkey1024.test \
conventional.test
conventional.test conventional-mdc.test
TEST_FILES = pubring.asc secring.asc plain-1o.asc plain-2o.asc plain-3o.asc \

16
checks/conventional-mdc.test Executable file
View File

@ -0,0 +1,16 @@
#!/bin/sh
. $srcdir/defs.inc || exit 3
#info Checking conventional encryption
for i in 0 1 2 3 9 10 11 19 20 21 22 23 39 40 41 8192 32000 ; do
for ciph in 3des cast5 blowfish twofish; do
dd if=data-80000 of=z bs=1 count=$i 2>/dev/null
echo "Hier spricht HAL" | $srcdir/run-gpg --passphrase-fd 0 \
--force-mdc --cipher $ciph -c -o x --yes z
echo "Hier spricht HAL" | $srcdir/run-gpg --passphrase-fd 0 \
-o y --yes x
cmp z y || error "$ciph/$i: mismatch"
done
done

2
checks/conventional.test
View File

@ -2,7 +2,7 @@
. $srcdir/defs.inc || exit 3
# temp. hack cause the format for 128 biut blocksize messages may change
# temp. hack cause the format for 128 bit blocksize messages may change
GNUPG_ENABLE_TWOFISH=1
export GNUPG_ENABLE_TWOFISH

14
configure.in
View File

@ -23,7 +23,9 @@ AC_SUBST(PACKAGE)
AC_DEFINE_UNQUOTED(VERSION, "$VERSION")
AC_DEFINE_UNQUOTED(PACKAGE, "$PACKAGE")
MODULES_IN_CIPHER=`awk '/^EXTRA_PROGRAMS/ { for(i=3;i<=NF;i++) print $i}' \
AC_PROG_AWK
MODULES_IN_CIPHER=`$AWK '/^EXTRA_PROGRAMS/ { for(i=3;i<=NF;i++) print $i}' \
$srcdir/cipher/Makefile.am`
dnl
@ -221,7 +223,7 @@ esac
AC_SUBST(MPI_OPT_FLAGS)
GNUPG_SYS_SYMBOL_UNDERSCORE
GNUPG_CHECK_PIC
GNUPG_CHECK_RDYNAMIC
GNUPG_CHECK_EXPORTDYNAMIC
if test "$NO_PIC" = yes; then
try_dynload=no
fi
@ -320,21 +322,21 @@ if test "$try_dynload" = yes ; then
if test "$ac_cv_lib_dl_dlopen" = "yes"; then
AC_DEFINE(USE_DYNAMIC_LINKING)
AC_DEFINE(HAVE_DL_DLOPEN)
DYNLINK_LDFLAGS="$CFLAGS_RDYNAMIC"
DYNLINK_LDFLAGS="$CFLAGS_EXPORTDYNAMIC"
use_gnupg_extensions=yes
else
AC_CHECK_FUNCS(dlopen)
if test "$ac_cv_func_dlopen" = "yes"; then
AC_DEFINE(USE_DYNAMIC_LINKING)
AC_DEFINE(HAVE_DL_DLOPEN)
DYNLINK_LDFLAGS="$CFLAGS_RDYNAMIC"
DYNLINK_LDFLAGS="$CFLAGS_EXPORTDYNAMIC"
use_gnupg_extensions=yes
else
AC_CHECK_LIB(dld,shl_load)
if test "$ac_cv_lib_dld_shl_load" = "yes"; then
AC_DEFINE(USE_DYNAMIC_LINKING)
AC_DEFINE(HAVE_DL_SHL_LOAD)
DYNLINK_LDFLAGS="$CFLAGS_RDYNAMIC"
DYNLINK_LDFLAGS="$CFLAGS_EXPORTDYNAMIC"
use_gnupg_extensions=yes
dnl -----------------
dnl DLD is not ready for use. So I better disable this test
@ -343,7 +345,7 @@ dnl AC_CHECK_LIB(dld,dld_link)
dnl if test "$ac_cv_lib_dld_dld_link" = "yes"; then
dnl AC_DEFINE(USE_DYNAMIC_LINKING)
dnl AC_DEFINE(HAVE_DLD_DLD_LINK)
dnl DYNLINK_LDFLAGS="$CFLAGS_RDYNAMIC"
dnl DYNLINK_LDFLAGS="$CFLAGS_EXPORTDYNAMIC"
dnl use_gnupg_extensions=yes
dnl ---------------
fi

15
g10/ChangeLog
View File

@ -1,3 +1,18 @@
Mon Jun 5 12:37:43 CEST 2000 Werner Koch <wk@openit.de>
* build-packet.c (do_mdc): New.
(do_encrypted_mdc): Changed for the new proposal.
* parse-packet.c (parse_mdc): New.
(parse_encrypted): Fixed for the new proposal.
* packet.h (PKT_MDC): New.
* cipher.c (cipher_filter): Build the MDC packet here.
* g10.c (main): Enable --force-mdc.
* encr-data.c (mdc_decode_filter): Fixed for new MDC method
* options.h(rfc2440): New.
* g10.c (main): Changed the selected values for --openpgp to not include
optional algorithms.
Thu May 18 11:38:54 CEST 2000 Werner Koch <wk@openit.de>
* keyedit.c (keyedit_menu): Add a keyword arg to the prompt.

17
g10/build-packet.c
View File

@ -44,6 +44,7 @@ static u32 calc_plaintext( PKT_plaintext *pt );
static int do_plaintext( IOBUF out, int ctb, PKT_plaintext *pt );
static int do_encrypted( IOBUF out, int ctb, PKT_encrypted *ed );
static int do_encrypted_mdc( IOBUF out, int ctb, PKT_encrypted *ed );
static int do_mdc( IOBUF out, PKT_mdc *mdc );
static int do_compressed( IOBUF out, int ctb, PKT_compressed *cd );
static int do_signature( IOBUF out, int ctb, PKT_signature *sig );
static int do_onepass_sig( IOBUF out, int ctb, PKT_onepass_sig *ops );
@ -121,6 +122,9 @@ build_packet( IOBUF out, PACKET *pkt )
case PKT_ENCRYPTED_MDC:
rc = do_encrypted_mdc( out, ctb, pkt->pkt.encrypted );
break;
case PKT_MDC:
rc = do_mdc( out, pkt->pkt.mdc );
break;
case PKT_COMPRESSED:
rc = do_compressed( out, ctb, pkt->pkt.compressed );
break;
@ -550,13 +554,24 @@ do_encrypted_mdc( IOBUF out, int ctb, PKT_encrypted *ed )
n = ed->len ? (ed->len + 10) : 0;
write_header(out, ctb, n );
iobuf_put(out, 1 ); /* version */
iobuf_put(out, ed->mdc_method );
/* This is all. The caller has to write the real data */
return rc;
}
static int
do_mdc( IOBUF out, PKT_mdc *mdc )
{
/* This packet requires a fixed header encoding */
iobuf_put( out, 0xd3 ); /* packet ID and 1 byte length */
iobuf_put( out, 0x14 ); /* length = 20 */
if( iobuf_write( out, mdc->hash, sizeof(mdc->hash) ) )
return G10ERR_WRITE_FILE;
return 0;
}
static int
do_compressed( IOBUF out, int ctb, PKT_compressed *cd )
{

31
g10/cipher.c
View File

@ -49,22 +49,27 @@ write_header( cipher_filter_context_t *cfx, IOBUF a )
unsigned nprefix;
int use_mdc = opt.force_mdc;
blocksize = cipher_get_blocksize( cfx->dek->algo );
if( blocksize < 8 || blocksize > 16 )
log_fatal("unsupported blocksize %u\n", blocksize );
if( blocksize != 8 )
use_mdc = 1; /* enable it for all modern ciphers */
if( opt.rfc2440 )
use_mdc = 0; /* override - rfc2440 does not know about MDC */
memset( &ed, 0, sizeof ed );
ed.len = cfx->datalen;
ed.new_ctb = !ed.len && !opt.rfc1991;
if( use_mdc ) {
ed.mdc_method = DIGEST_ALGO_SHA1;
cfx->mdc_hash = md_open( DIGEST_ALGO_SHA1, 0 );
/*md_start_debug( cfx->mdc_hash, "mdccreat" );*/
/*md_start_debug( cfx->mdc_hash, "creatmdc" );*/
}
init_packet( &pkt );
pkt.pkttype = use_mdc? PKT_ENCRYPTED_MDC : PKT_ENCRYPTED;
pkt.pkt.encrypted = &ed;
if( build_packet( a, &pkt ))
log_bug("build_packet(ENCR_DATA) failed\n");
blocksize = cipher_get_blocksize( cfx->dek->algo );
if( blocksize < 8 || blocksize > 16 )
log_fatal("unsupported blocksize %u\n", blocksize );
nprefix = blocksize;
randomize_buffer( temp, nprefix, 1 );
temp[nprefix] = temp[nprefix-2];
@ -75,8 +80,6 @@ write_header( cipher_filter_context_t *cfx, IOBUF a )
cipher_setkey( cfx->cipher_hd, cfx->dek->key, cfx->dek->keylen );
cipher_setiv( cfx->cipher_hd, NULL, 0 );
/* log_hexdump( "prefix", temp, nprefix+2 ); */
if( cfx->mdc_hash )
md_write( cfx->mdc_hash, temp, nprefix+2 );
cipher_encrypt( cfx->cipher_hd, temp, temp, nprefix+2);
cipher_sync( cfx->cipher_hd );
iobuf_write(a, temp, nprefix+2);
@ -115,12 +118,22 @@ cipher_filter( void *opaque, int control,
if( cfx->mdc_hash ) {
byte *hash;
int hashlen = md_digest_length( md_get_algo( cfx->mdc_hash ) );
byte temp[22];
assert( hashlen == 20 );
/* we must hash the prefix of the MDC packet here */
temp[0] = 0xd3;
temp[1] = 0x14;
md_putc( cfx->mdc_hash, temp[0] );
md_putc( cfx->mdc_hash, temp[1] );
md_final( cfx->mdc_hash );
hash = md_read( cfx->mdc_hash, 0 );
cipher_encrypt( cfx->cipher_hd, hash, hash, hashlen );
if( iobuf_write( a, hash, hashlen ) )
rc = G10ERR_WRITE_FILE;
memcpy(temp+2, hash, 20);
cipher_encrypt( cfx->cipher_hd, temp, temp, 22 );
md_close( cfx->mdc_hash ); cfx->mdc_hash = NULL;
if( iobuf_write( a, temp, 22 ) )
log_error("writing MDC packet failed\n" );
}
cipher_close(cfx->cipher_hd);
write_status( STATUS_END_ENCRYPTION );

32
g10/encr-data.c
View File

@ -32,9 +32,9 @@
#include "i18n.h"
static int decode_filter( void *opaque, int control, IOBUF a,
byte *buf, size_t *ret_len);
static int mdc_decode_filter( void *opaque, int control, IOBUF a,
byte *buf, size_t *ret_len);
static int decode_filter( void *opaque, int control, IOBUF a,
byte *buf, size_t *ret_len);
typedef struct {
@ -76,8 +76,10 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
if( ed->len && ed->len < (nprefix+2) )
BUG();
if( ed->mdc_method )
if( ed->mdc_method ) {
dfx.mdc_hash = md_open( ed->mdc_method, 0 );
/*md_start_debug(dfx.mdc_hash, "checkmdc");*/
}
dfx.cipher_hd = cipher_open( dek->algo, CIPHER_MODE_AUTO_CFB, 1 );
/* log_hexdump( "thekey", dek->key, dek->keylen );*/
rc = cipher_setkey( dfx.cipher_hd, dek->key, dek->keylen );
@ -107,8 +109,6 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
temp[i] = c;
}
cipher_decrypt( dfx.cipher_hd, temp, temp, nprefix+2);
if( dfx.mdc_hash )
md_write( dfx.mdc_hash, temp, nprefix+2 );
cipher_sync( dfx.cipher_hd );
p = temp;
/* log_hexdump( "prefix", temp, nprefix+2 ); */
@ -116,29 +116,36 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
rc = G10ERR_BAD_KEY;
goto leave;
}
if( ed->mdc_method )
iobuf_push_filter( ed->buf, mdc_decode_filter, &dfx );
else
iobuf_push_filter( ed->buf, decode_filter, &dfx );
proc_packets( procctx, ed->buf);
proc_packets( procctx, ed->buf );
ed->buf = NULL;
if( ed->mdc_method && dfx.eof_seen == 2 )
rc = G10ERR_INVALID_PACKET;
else if( ed->mdc_method ) { /* check the mdc */
int datalen = md_digest_length( ed->mdc_method );
cipher_decrypt( dfx.cipher_hd, dfx.defer, dfx.defer, 20);
md_final( dfx.mdc_hash );
if( datalen != 20
|| memcmp(md_read( dfx.mdc_hash, 0 ), dfx.defer, datalen) )
rc = G10ERR_BAD_SIGN;
log_hexdump("MDC calculated:", md_read( dfx.mdc_hash, 0), datalen);
log_hexdump("MDC message :", dfx.defer, 20);
/*log_hexdump("MDC calculated:", md_read( dfx.mdc_hash, 0), datalen);*/
/*log_hexdump("MDC message :", dfx.defer, 20);*/
}
leave:
cipher_close(dfx.cipher_hd);
md_close( dfx.mdc_hash );
return rc;
}
/* I think we should merge this with cipher_filter */
static int
mdc_decode_filter( void *opaque, int control, IOBUF a,
@ -166,10 +173,13 @@ mdc_decode_filter( void *opaque, int control, IOBUF a,
if( n == 40 ) {
/* we have enough stuff - flush the deferred stuff */
/* (we have asserted that the buffer is large enough) */
if( !dfx->defer_filled ) /* the first time */
if( !dfx->defer_filled ) { /* the first time */
memcpy(buf, buf+20, 20 );
else
n = 20;
}
else {
memcpy(buf, dfx->defer, 20 );
}
/* now fill up */
for(; n < size; n++ ) {
if( (c = iobuf_get(a)) == -1 )
@ -183,7 +193,7 @@ mdc_decode_filter( void *opaque, int control, IOBUF a,
dfx->defer_filled = 1;
}
else if( !dfx->defer_filled ) { /* eof seen buf empty defer */
/* this is very bad because there is an incomplete hash */
/* this is bad because there is an incomplete hash */
n -= 20;
memcpy(buf, buf+20, n );
dfx->eof_seen = 2; /* eof with incomplete hash */

2
g10/filter.h
View File

@ -83,6 +83,8 @@ typedef struct {
CIPHER_HANDLE cipher_hd;
int header;
MD_HANDLE mdc_hash;
byte enchash[20];
int create_mdc; /* flag will be set by the cipher filter */
} cipher_filter_context_t;

13
g10/g10.c
View File

@ -821,11 +821,13 @@ main( int argc, char **argv )
break;
case oRFC1991:
opt.rfc1991 = 1;
opt.rfc2440 = 0;
opt.no_comment = 1;
opt.escape_from = 1;
break;
case oOpenPGP:
opt.rfc1991 = 0;
opt.rfc2440 = 1;
opt.pgp2_workarounds = 0;
opt.escape_from = 0;
opt.force_v3_sigs = 0;
@ -834,10 +836,10 @@ main( int argc, char **argv )
opt.not_dash_escaped = 0;
opt.def_cipher_algo = 0;
opt.def_digest_algo = 0;
opt.def_compress_algo = 2;
opt.def_compress_algo = 1;
opt.s2k_mode = 3; /* iterated+salted */
opt.s2k_digest_algo = DIGEST_ALGO_RMD160;
opt.s2k_cipher_algo = CIPHER_ALGO_BLOWFISH;
opt.s2k_digest_algo = DIGEST_ALGO_SHA1;
opt.s2k_cipher_algo = CIPHER_ALGO_CAST5;
break;
case oEmuChecksumBug: opt.emulate_bugs |= EMUBUG_GPGCHKSUM; break;
case oEmu3DESS2KBug: opt.emulate_bugs |= EMUBUG_3DESS2K; break;
@ -936,11 +938,6 @@ main( int argc, char **argv )
log_info("used in a production environment or with production keys!\n");
}
#endif
if( opt.force_mdc ) {
log_info("--force-mdc ignored because"
" the OpenPGP WG has not yet aggreed on MDCs\n");
opt.force_mdc = 0;
}
if (opt.no_literal) {
log_info(_("NOTE: %s is not for normal use!\n"), "--no-literal");
if (opt.textmode)

6
g10/mainproc.c
View File

@ -333,6 +333,7 @@ proc_encrypted( CTX c, PACKET *pkt )
result = G10ERR_NO_SECKEY;
if( !result )
result = decrypt_data( c, pkt->pkt.encrypted, c->dek );
m_free(c->dek); c->dek = NULL;
if( result == -1 )
;
@ -350,7 +351,7 @@ proc_encrypted( CTX c, PACKET *pkt )
else {
write_status( STATUS_DECRYPTION_FAILED );
log_error(_("decryption failed: %s\n"), g10_errstr(result));
/* Hmmm: does this work when we have encrypted using a multiple
/* Hmmm: does this work when we have encrypted using multiple
* ways to specify the session key (symmmetric and PK)*/
}
free_packet(pkt);
@ -884,6 +885,7 @@ list_node( CTX c, KBNODE node )
}
int
proc_packets( void *anchor, IOBUF a )
{
@ -896,6 +898,8 @@ proc_packets( void *anchor, IOBUF a )
return rc;
}
int
proc_signature_packets( void *anchor, IOBUF a,
STRLIST signedfiles, const char *sigfilename )

1
g10/options.h
View File

@ -64,6 +64,7 @@ struct {
int compress_sigs;
int always_trust;
int rfc1991;
int rfc2440;
int pgp2_workarounds;
unsigned emulate_bugs; /* bug emulation flags EMUBUG_xxxx */
int shm_coprocess;

11
g10/packet.h
View File

@ -47,8 +47,9 @@ typedef enum {
PKT_PUBLIC_SUBKEY =14, /* public subkey (OpenPGP) */
PKT_OLD_COMMENT =16, /* comment packet from an OpenPGP draft */
PKT_PHOTO_ID =17, /* PGP's photo ID */
PKT_ENCRYPTED_MDC =18, /* integrity protected encrypted data */
PKT_MDC =19, /* manipulaion detection code packet */
PKT_COMMENT =61, /* new comment packet (private) */
PKT_ENCRYPTED_MDC =62, /* test: encrypted data with MDC */
} pkttype_t;
typedef struct packet_struct PACKET;
@ -171,10 +172,14 @@ typedef struct {
typedef struct {
u32 len; /* length of encrypted data */
byte new_ctb; /* uses a new CTB */
byte mdc_method; /* test: > 0: this is is an encrypted_mdc packet */
byte mdc_method; /* > 0: integrity protected encrypted data packet */
IOBUF buf; /* IOBUF reference */
} PKT_encrypted;
typedef struct {
byte hash[20];
} PKT_mdc;
typedef struct {
unsigned int trustval;
} PKT_ring_trust;
@ -205,6 +210,7 @@ struct packet_struct {
PKT_user_id *user_id; /* PKT_USER_ID */
PKT_compressed *compressed; /* PKT_COMPRESSED */
PKT_encrypted *encrypted; /* PKT_ENCRYPTED[_MDC] */
PKT_mdc *mdc; /* PKT_MDC */
PKT_ring_trust *ring_trust; /* PKT_RING_TRUST */
PKT_plaintext *plaintext; /* PKT_PLAINTEXT */
} pkt;
@ -333,7 +339,6 @@ int handle_compressed( void *ctx, PKT_compressed *cd,
/*-- encr-data.c --*/
int decrypt_data( void *ctx, PKT_encrypted *ed, DEK *dek );
int encrypt_data( PKT_encrypted *ed, DEK *dek );
/*-- plaintext.c --*/
int handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,

38
g10/parse-packet.c
View File

@ -73,6 +73,8 @@ static int parse_compressed( IOBUF inp, int pkttype, unsigned long pktlen,
PACKET *packet, int new_ctb );
static int parse_encrypted( IOBUF inp, int pkttype, unsigned long pktlen,
PACKET *packet, int new_ctb);
static int parse_mdc( IOBUF inp, int pkttype, unsigned long pktlen,
PACKET *packet, int new_ctb);
static unsigned short
read_16(IOBUF inp)
@ -441,6 +443,9 @@ parse( IOBUF inp, PACKET *pkt, int reqtype, ulong *retpos,
case PKT_ENCRYPTED_MDC:
rc = parse_encrypted(inp, pkttype, pktlen, pkt, new_ctb );
break;
case PKT_MDC:
rc = parse_mdc(inp, pkttype, pktlen, pkt, new_ctb );
break;
default:
skip_packet(inp, pkttype, pktlen);
break;
@ -1697,9 +1702,8 @@ parse_encrypted( IOBUF inp, int pkttype, unsigned long pktlen,
ed->new_ctb = new_ctb;
ed->mdc_method = 0;
if( pkttype == PKT_ENCRYPTED_MDC ) {
/* test: this is the new encrypted_mdc packet */
/* fixme: add some pktlen sanity checks */
int version, method;
int version;
version = iobuf_get_noeof(inp); pktlen--;
if( version != 1 ) {
@ -1707,12 +1711,7 @@ parse_encrypted( IOBUF inp, int pkttype, unsigned long pktlen,
version);
goto leave;
}
method = iobuf_get_noeof(inp); pktlen--;
if( method != DIGEST_ALGO_SHA1 ) {
log_error("encrypted_mdc does not use SHA1 method\n" );
goto leave;
}
ed->mdc_method = method;
ed->mdc_method = DIGEST_ALGO_SHA1;
}
if( pktlen && pktlen < 10 ) { /* actually this is blocksize+2 */
log_error("packet(%d) too short\n", pkttype);
@ -1735,3 +1734,26 @@ parse_encrypted( IOBUF inp, int pkttype, unsigned long pktlen,
return 0;
}
static int
parse_mdc( IOBUF inp, int pkttype, unsigned long pktlen,
PACKET *pkt, int new_ctb )
{
PKT_mdc *mdc;
byte *p;
mdc = pkt->pkt.mdc= m_alloc(sizeof *pkt->pkt.mdc );
if( list_mode )
printf(":mdc packet: length=%lu\n", pktlen);
if( !new_ctb || pktlen != 20 ) {
log_error("mdc_packet with invalid encoding\n");
goto leave;
}
p = mdc->hash;
for( ; pktlen; pktlen--, p++ )
*p = iobuf_get_noeof(inp);
leave:
return 0;
}

1
g10/sig-check.c
View File

@ -518,6 +518,7 @@ check_key_signature2( KBNODE root, KBNODE node, int *is_selfsig,
keyid_from_pk( pk, keyid );
md = md_open( algo, 0 );
md_start_debug( md, "rsa" );
hash_public_key( md, pk );
hash_uid_node( unode, md, sig );
if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] ) {

4
scripts/mk-w32-dist
View File

@ -22,7 +22,9 @@ ln ../g10/gpg gpg.exe
i386--mingw32-strip gpg.exe
man -T latin1 -l ../doc/gpg.1 >gpg.man
todos gpg.man
ln ${srcdir}/README .
cp ${srcdir}/README .
todos README
ln ${srcdir}/doc/README.W32 .
todos README.W32
for i in ${srcdir}/po/*.gmo; do ln $i "$(basename $i .gmo).mo" ; done
zip "gnupg-w32-$(cat ${srcdir}/VERSION).zip" *