1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

See ChangeLog: Tue Oct 26 14:10:21 CEST 1999 Werner Koch

This commit is contained in:
Werner Koch 1999-10-26 12:14:37 +00:00
parent df4ecbb8d9
commit cf70ca8d68
71 changed files with 4032 additions and 2869 deletions

8
BUGS
View File

@ -54,5 +54,11 @@ and after about half a day in the rsync snapshots.
for the last one. This happens on some systems when not using the for the last one. This happens on some systems when not using the
GNU ld. This need to be fixed in libtool. GNU ld. This need to be fixed in libtool.
[ **] #25 1999-10-04 <wk@gnupg.org> 1.0
Validity check based on user name is only done when listing a key;
the key ID based checking (selecting the user ID with the most
validity) is used in all other cases. The Edit menu does not have
a way to disbly user ID based validity.
Next #25
Next #26

View File

@ -1,3 +1,13 @@
Tue Oct 26 14:10:21 CEST 1999 Werner Koch <wk@gnupg.de>
* README-alpha: New
* configure.in: Fixed quoting in test for development version.
* THANKS: Add entries for Michael, Brenno and J Horacio who did
very nice Howto documents - I apoligize for forgetting to mention them
earlier.
Fri Sep 17 12:56:42 CEST 1999 Werner Koch <wk@isil.d.shuttle.de> Fri Sep 17 12:56:42 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>

View File

@ -1,12 +1,15 @@
## Process this file with automake to produce Makefile.in ## Process this file with automake to produce Makefile.in
if COMPILE_LIBGCRYPT #if COMPILE_LIBGCRYPT
#gcrypt = gcrypt
#my_clean_gcrypt =
#else
#gcrypt =
#my_clean_gcrypt = gcrypt/Makefile
#endif
gcrypt = gcrypt gcrypt = gcrypt
my_clean_gcrypt = my_clean_gcrypt =
else
gcrypt =
my_clean_gcrypt = gcrypt/Makefile
endif
if CROSS_COMPILING if CROSS_COMPILING
checks = checks =
@ -15,7 +18,7 @@ checks = checks
endif endif
SUBDIRS = intl zlib util mpi cipher tools g10 po doc ${checks} ${gcrypt} SUBDIRS = intl zlib util mpi cipher tools g10 po doc ${checks} ${gcrypt}
EXTRA_DIST = VERSION PROJECTS BUGS EXTRA_DIST = README-alpha VERSION PROJECTS BUGS
# gettext never gets it right, so we take here care of deleting the # gettext never gets it right, so we take here care of deleting the
# symlink. my_clean_gcrypt is just a kludge until we can include # symlink. my_clean_gcrypt is just a kludge until we can include
# libgcrypt. # libgcrypt.

8
NEWS
View File

@ -1,3 +1,11 @@
Noteworthy changes in version 1.1.0 (1999-10-26)
-----------------------------------
* Did a couple of changes for this new development series.
This release basically works on my machine but may have
serious problems.
Noteworthy changes in version 1.0.0 (1999-09-07) Noteworthy changes in version 1.0.0 (1999-09-07)
----------------------------------- -----------------------------------

7
NOTES
View File

@ -1,4 +1,7 @@
gcry_md_open() may return NULL in case of an unknown algorithm
Return GCRYERR_NOMEM instead of using m_alloc in most library functions
SCO UnixWare/7.1.0 reported by Allan Clark <allanc@sco.com> for 0.9.8 SCO UnixWare/7.1.0 reported by Allan Clark <allanc@sco.com> for 0.9.8
@ -11,3 +14,7 @@ Some other reported cpu-vendor-os strings:
sparc-sun-sunos4.1.2 sparc-sun-sunos4.1.2
i386-pc-sysv4.2 (USL Unixware v1.1.2) i386-pc-sysv4.2 (USL Unixware v1.1.2)
Johan Wevers <johanw@vulcan.xs4all.nl> is working on a NL translation.

199
THANKS
View File

@ -3,106 +3,109 @@ reporting problems, suggesting various improvements or submitting actual
code. Here is a list of those people. Help me keep it complete and free of code. Here is a list of those people. Help me keep it complete and free of
errors. errors.
Allan Clark allanc@sco.com Allan Clark allanc@sco.com
Anand Kumria wildfire@progsoc.uts.edu.au Anand Kumria wildfire@progsoc.uts.edu.au
Ariel T Glenn ariel@columbia.edu Ariel T Glenn ariel@columbia.edu
Bodo Moeller Bodo_Moeller@public.uni-hamburg.de Bodo Moeller Bodo_Moeller@public.uni-hamburg.de
Bryan Fullerton bryanf@samurai.com Brenno de Winter brenno@dewinter.com
Brian Moore bem@cmc.net Brian Moore bem@cmc.net
Brian Warner warner@lothar.com Brian Warner warner@lothar.com
Caskey L. Dickson caskey@technocage.com Bryan Fullerton bryanf@samurai.com
Cees van de Griend cees-list@griend.xs4all.nl Caskey L. Dickson caskey@technocage.com
Charles Levert charles@comm.polymtl.ca Cees van de Griend cees-list@griend.xs4all.nl
Christian von Roques roques@pond.sub.org Charles Levert charles@comm.polymtl.ca
Christopher Oliver oliver@fritz.traverse.net Christian von Roques roques@pond.sub.org
Christian Recktenwald chris@citecs.de Christopher Oliver oliver@fritz.traverse.net
Daniel Eisenbud eisenbud@cs.swarthmore.edu Christian Recktenwald chris@citecs.de
Daniel Koening dan@mail.isis.de Daniel Eisenbud eisenbud@cs.swarthmore.edu
David Ellement ellement@sdd.hp.com Daniel Koening dan@mail.isis.de
Detlef Lannert lannert@lannert.rz.uni-duesseldorf.de David Ellement ellement@sdd.hp.com
Dirk Lattermann dlatt@t-online.de Detlef Lannert lannert@lannert.rz.uni-duesseldorf.de
Ed Boraas ecxjo@esperanto.org Dirk Lattermann dlatt@t-online.de
Enzo Michelangeli em@MailAndNews.com Ed Boraas ecxjo@esperanto.org
Ernst Molitor ernst.molitor@uni-bonn.de Enzo Michelangeli em@MailAndNews.com
Fabio Coatti cova@felix.unife.it Ernst Molitor ernst.molitor@uni-bonn.de
Felix von Leitner leitner@amdiv.de Fabio Coatti cova@felix.unife.it
Frank Heckenbach heckenb@mi.uni-erlangen.de Felix von Leitner leitner@amdiv.de
Frank Stajano frank.stajano@cl.cam.ac.uk Frank Heckenbach heckenb@mi.uni-erlangen.de
Gaël Quéri gqueri@mail.dotcom.fr Frank Stajano frank.stajano@cl.cam.ac.uk
Greg Louis glouis@dynamicro.on.ca Gaël Quéri gqueri@mail.dotcom.fr
Greg Troxel gdt@ir.bbn.com Greg Louis glouis@dynamicro.on.ca
Gregory Steuck steuck@iname.com Greg Troxel gdt@ir.bbn.com
Geoff Keating geoffk@ozemail.com.au Gregory Steuck steuck@iname.com
Harald Denker harry@hal.westfalen.de Geoff Keating geoffk@ozemail.com.au
Hendrik Buschkamp buschkamp@rheumanet.org Harald Denker harry@hal.westfalen.de
Holger Schurig holger@d.om.org Hendrik Buschkamp buschkamp@rheumanet.org
Hugh Daniel hugh@toad.com Holger Schurig holger@d.om.org
Ian McKellar imckellar@harvestroad.com.au Hugh Daniel hugh@toad.com
Janusz A. Urbanowicz alex@bofh.torun.pl Ian McKellar imckellar@harvestroad.com.au
James Troup james@nocrew.org Janusz A. Urbanowicz alex@bofh.torun.pl
Jean-loup Gailly gzip@prep.ai.mit.edu James Troup james@nocrew.org
Jens Bachem bachem@rrz.uni-koeln.de Jean-loup Gailly gzip@prep.ai.mit.edu
Joachim Backes backes@rhrk.uni-kl.de Jens Bachem bachem@rrz.uni-koeln.de
John A. Martin jam@jamux.com J Horacio MG homega@ciberia.es
Johnny Teveßen j.tevessen@gmx.de Joachim Backes backes@rhrk.uni-kl.de
Jörg Schilling schilling@fokus.gmd.de John A. Martin jam@jamux.com
Jun Kuriyama kuriyama@sky.rim.or.jp Johnny Teveßen j.tevessen@gmx.de
Karl Fogel kfogel@guanabana.onshore.com Jörg Schilling schilling@fokus.gmd.de
Karsten Thygesen karthy@kom.auc.dk Jun Kuriyama kuriyama@sky.rim.or.jp
Katsuhiro Kondou kondou@nec.co.jp Karl Fogel kfogel@guanabana.onshore.com
Kazu Yamamoto kazu@iijlab.net Karsten Thygesen karthy@kom.auc.dk
Lars Kellogg-Stedman lars@bu.edu Katsuhiro Kondou kondou@nec.co.jp
Marco d'Itri md@linux.it Kazu Yamamoto kazu@iijlab.net
Mark Adler madler@alumni.caltech.edu Lars Kellogg-Stedman lars@bu.edu
Mark Elbrecht snowball3@bigfoot.com Marco d'Itri md@linux.it
Markus Friedl Markus.Friedl@informatik.uni-erlangen.de Mark Adler madler@alumni.caltech.edu
Martin Kahlert martin.kahlert@provi.de Mark Elbrecht snowball3@bigfoot.com
Markus Friedl Markus.Friedl@informatik.uni-erlangen.de
Martin Kahlert martin.kahlert@provi.de
Martin Hamilton Martin Hamilton
Martin Schulte schulte@thp.uni-koeln.de Martin Schulte schulte@thp.uni-koeln.de
Matthew Skala mskala@ansuz.sooke.bc.ca Matthew Skala mskala@ansuz.sooke.bc.ca
Max Valianskiy maxcom@maxcom.ml.org Max Valianskiy maxcom@maxcom.ml.org
Michael Roth mroth@nessie.de Michael Fischer v. Mollard mfvm@gmx.de
Michael Sobolev mss@despair.transas.com Michael Roth mroth@nessie.de
Nicolas Graner Nicolas.Graner@cri.u-psud.fr Michael Sobolev mss@despair.transas.com
NIIBE Yutaka gniibe@chroot.org Nicolas Graner Nicolas.Graner@cri.u-psud.fr
NIIBE Yutaka gniibe@chroot.org
Niklas Hernaeus Niklas Hernaeus
Nimrod Zimerman zimerman@forfree.at Nimrod Zimerman zimerman@forfree.at
N J Doye nic@niss.ac.uk N J Doye nic@niss.ac.uk
Oliver Haakert haakert@hsp.de Oliver Haakert haakert@hsp.de
Oskari Jääskeläinen f33003a@cc.hut.fi Oskari Jääskeläinen f33003a@cc.hut.fi
Paul D. Smith psmith@baynetworks.com Paul D. Smith psmith@baynetworks.com
Philippe Laliberte arsphl@oeil.qc.ca Philippe Laliberte arsphl@oeil.qc.ca
Peter Gutmann pgut001@cs.auckland.ac.nz Peter Gutmann pgut001@cs.auckland.ac.nz
QingLong qinglong@bolizm.ihep.su QingLong qinglong@bolizm.ihep.su
Ralph Gillen gillen@theochem.uni-duesseldorf.de Ralph Gillen gillen@theochem.uni-duesseldorf.de
Rat ratinox@peorth.gweep.net Rat ratinox@peorth.gweep.net
Reinhard Wobst R.Wobst@ifw-dresden.de Reinhard Wobst R.Wobst@ifw-dresden.de
Rémi Guyomarch rguyom@mail.dotcom.fr Rémi Guyomarch rguyom@mail.dotcom.fr
Reuben Sumner rasumner@wisdom.weizmann.ac.il Reuben Sumner rasumner@wisdom.weizmann.ac.il
Richard Outerbridge outer@interlog.com Richard Outerbridge outer@interlog.com
Roddy Strachan roddy@satlink.com.au Roddy Strachan roddy@satlink.com.au
Roland Rosenfeld roland@spinnaker.rhein.de Roland Rosenfeld roland@spinnaker.rhein.de
Ross Golder rossigee@bigfoot.com Ross Golder rossigee@bigfoot.com
Serge Munhoven munhoven@mema.ucl.ac.be Serge Munhoven munhoven@mema.ucl.ac.be
SL Baur steve@xemacs.org SL Baur steve@xemacs.org
Stefan Karrmann S.Karrmann@gmx.net Stefan Karrmann S.Karrmann@gmx.net
Stefan Keller dres@cs.tu-berlin.de Stefan Keller dres@cs.tu-berlin.de
Steffen Ullrich ccrlphr@xensei.com Steffen Ullrich ccrlphr@xensei.com
Steffen Zahn zahn@berlin.snafu.de Steffen Zahn zahn@berlin.snafu.de
Steven Bakker steven@icoe.att.com Steven Bakker steven@icoe.att.com
Susanne Schultz schultz@hsp.de Susanne Schultz schultz@hsp.de
Thiago Jung Bauermann jungmann@cwb.matrix.com.br Thiago Jung Bauermann jungmann@cwb.matrix.com.br
Thomas Roessler roessler@guug.de Thomas Roessler roessler@guug.de
Tom Spindler dogcow@home.merit.edu Tom Spindler dogcow@home.merit.edu
Tom Zerucha tzeruch@ceddec.com Tom Zerucha tzeruch@ceddec.com
Tomas Fasth tomas.fasth@twinspot.net Tomas Fasth tomas.fasth@twinspot.net
Thomas Mikkelsen tbm@image.dk Thomas Mikkelsen tbm@image.dk
Ulf Möller 3umoelle@informatik.uni-hamburg.de Ulf Möller 3umoelle@informatik.uni-hamburg.de
Urko Lusa ulusa@lacueva.ddns.org Urko Lusa ulusa@lacueva.ddns.org
Walter Koch koch@hsp.de Walter Koch koch@hsp.de
Werner Koch werner.koch@guug.de Werner Koch werner.koch@guug.de
Wim Vandeputte bunbun@reptile.rug.ac.be Wim Vandeputte bunbun@reptile.rug.ac.be
nbecker@hns.com nbecker@hns.com
Thanks to the German Unix User Group for providing FTP space, Thanks to the German Unix User Group for providing FTP space,
Martin Hamilton for hosting the mailing list and HSP for Martin Hamilton for hosting the mailing list and HSP for

10
TODO
View File

@ -1,10 +1,10 @@
* try to do --verify even if the files are swapped on the commandline * Implement the AXP syscall to enable bus traps for GLIB 2
(requested by Herny Spencer) or change the error message to
a more clear one. * parse a paramter file to do automatic key generation and to set
parameters for the keygen menu. Far easier than to do a dialog for
each required parameter.
Scheduled for 1.1
-----------------
* With option -i prompt before adding a key to the keyring and show some * With option -i prompt before adding a key to the keyring and show some
info what we are about to add. info what we are about to add.

View File

@ -1 +1 @@
1.0.0pre1.1 1.1.0

View File

@ -13,7 +13,7 @@ fi
LANG= LANG=
LANGUAGE= LANGUAGE=
expect - <<EOF >/dev/null expect - <<EOF
#set timeout -1 #set timeout -1
set timeout 8 set timeout 8
match_max 100000 match_max 100000

View File

@ -1,3 +1,21 @@
Tue Oct 26 14:10:21 CEST 1999 Werner Koch <wk@gnupg.de>
* elgamal.c (sign): Hugh found strange code here. Replaced by BUG().
* cipher.c: Merged with gcrypt/symapi.c.
* pubkey.c (string_to_pubkey_algo): Renamed function to ...
(gcry_pk_map_name): ... this.
(pubkey_algo_to_string): Renamed function to ...
(gcry_pk_algo_name): ... this.
(gcry_pk_algo_info): New.
* pubkey.c: Merged with gcrypt/pkapi.c.
* md.c (md_reset): Clear finalized; thanks to Ulf Moeller for
fixing this bug.
* md.c: Merged with gcrypt/mdapi.c
Wed Sep 15 14:39:59 CEST 1999 Michael Roth <mroth@nessie.de> Wed Sep 15 14:39:59 CEST 1999 Michael Roth <mroth@nessie.de>
* des.c: Various speed improvements: One bit pre rotation * des.c: Various speed improvements: One bit pre rotation

View File

@ -24,6 +24,8 @@
#include <string.h> #include <string.h>
#include <errno.h> #include <errno.h>
#include <assert.h> #include <assert.h>
#include "g10lib.h"
#include "util.h" #include "util.h"
#include "errors.h" #include "errors.h"
#include "cipher.h" #include "cipher.h"
@ -32,9 +34,10 @@
#include "cast5.h" #include "cast5.h"
#include "dynload.h" #include "dynload.h"
#define MAX_BLOCKSIZE 16 #define MAX_BLOCKSIZE 16
#define TABLE_SIZE 10 #define TABLE_SIZE 10
#define CTX_MAGIC_NORMAL 0x24091964
#define CTX_MAGIC_SECURE 0x46919042
struct cipher_table_s { struct cipher_table_s {
const char *name; const char *name;
@ -50,10 +53,11 @@ struct cipher_table_s {
static struct cipher_table_s cipher_table[TABLE_SIZE]; static struct cipher_table_s cipher_table[TABLE_SIZE];
static int disabled_algos[TABLE_SIZE]; static int disabled_algos[TABLE_SIZE];
struct gcry_cipher_handle {
struct cipher_handle_s { int magic;
int algo; int algo;
int mode; int mode;
unsigned int flags;
size_t blocksize; size_t blocksize;
byte iv[MAX_BLOCKSIZE]; /* (this should be ulong aligned) */ byte iv[MAX_BLOCKSIZE]; /* (this should be ulong aligned) */
byte lastiv[MAX_BLOCKSIZE]; byte lastiv[MAX_BLOCKSIZE];
@ -209,16 +213,13 @@ load_cipher_modules(void)
} }
/**************** /****************
* Map a string to the cipher algo * Map a string to the cipher algo.
* Returns: The algo ID of the cipher for the gioven name or
* 0 if the name is not known.
*/ */
int int
string_to_cipher_algo( const char *string ) gcry_cipher_map_name( const char *string )
{ {
int i; int i;
const char *s; const char *s;
@ -234,7 +235,7 @@ string_to_cipher_algo( const char *string )
/**************** /****************
* Map a cipher algo to a string * Map a cipher algo to a string
*/ */
const char * static const char *
cipher_algo_to_string( int algo ) cipher_algo_to_string( int algo )
{ {
int i; int i;
@ -247,8 +248,20 @@ cipher_algo_to_string( int algo )
return NULL; return NULL;
} }
/****************
* This function simply returns the name of the algorithm or some constant
* string when there is no algo. It will never return NULL.
*/
const char *
gcry_cipher_algo_name( int algo )
{
const char *s = cipher_algo_to_string( algo );
return s? s: "";
}
void
static void
disable_cipher_algo( int algo ) disable_cipher_algo( int algo )
{ {
int i; int i;
@ -266,7 +279,7 @@ disable_cipher_algo( int algo )
/**************** /****************
* Return 0 if the cipher algo is available * Return 0 if the cipher algo is available
*/ */
int static int
check_cipher_algo( int algo ) check_cipher_algo( int algo )
{ {
int i; int i;
@ -285,7 +298,7 @@ check_cipher_algo( int algo )
} }
unsigned static unsigned
cipher_get_keylen( int algo ) cipher_get_keylen( int algo )
{ {
int i; int i;
@ -305,7 +318,7 @@ cipher_get_keylen( int algo )
return 0; return 0;
} }
unsigned static unsigned
cipher_get_blocksize( int algo ) cipher_get_blocksize( int algo )
{ {
int i; int i;
@ -328,70 +341,98 @@ cipher_get_blocksize( int algo )
/**************** /****************
* Open a cipher handle for use with algorithm ALGO, in mode MODE * Open a cipher handle for use with algorithm ALGO, in mode MODE
* and put it into secure memory if SECURE is true. * and return the handle. Return NULL and set the internal error variable
* if something goes wrong.
*/ */
CIPHER_HANDLE
cipher_open( int algo, int mode, int secure ) GCRY_CIPHER_HD
gcry_cipher_open( int algo, int mode, unsigned int flags )
{ {
CIPHER_HANDLE hd; GCRY_CIPHER_HD h;
int i; int idx;
int secure = (flags & GCRY_CIPHER_SECURE);
fast_random_poll(); fast_random_poll();
do {
for(i=0; cipher_table[i].name; i++ ) /* check whether the algo is available */
if( cipher_table[i].algo == algo ) if( check_cipher_algo( algo ) ) {
break; set_lasterr( GCRYERR_INV_ALGO );
} while( !cipher_table[i].name && load_cipher_modules() ); return NULL;
if( !cipher_table[i].name ) { }
log_fatal("cipher_open: algorithm %d not available\n", algo );
/* check flags */
if( (flags & ~(GCRY_CIPHER_SECURE|GCRY_CIPHER_ENABLE_SYNC)) ) {
set_lasterr( GCRYERR_INV_ARG );
return NULL;
}
/* get the table index of the algo */
for(idx=0; cipher_table[idx].name; idx++ )
if( cipher_table[idx].algo == algo )
break;
if( !cipher_table[idx].name )
BUG(); /* check_cipher_algo() should have loaded the algo */
if( algo == CIPHER_ALGO_DUMMY )
mode = GCRY_CIPHER_MODE_NONE; /* force this mode for dummy algo */
/* check that a valid mode has been requested */
switch( mode ) {
case GCRY_CIPHER_MODE_ECB:
case GCRY_CIPHER_MODE_CBC:
case GCRY_CIPHER_MODE_CFB:
break;
case GCRY_CIPHER_MODE_NONE:
/* FIXME: issue a warning when this mode is used */
break;
default:
set_lasterr( GCRYERR_INV_ALGO );
return NULL; return NULL;
} }
/* ? perform selftest here and mark this with a flag in cipher_table ? */ /* ? perform selftest here and mark this with a flag in cipher_table ? */
hd = secure ? m_alloc_secure_clear( sizeof *hd h = secure ? m_alloc_secure_clear( sizeof *h
+ cipher_table[i].contextsize + cipher_table[idx].contextsize
- sizeof(PROPERLY_ALIGNED_TYPE) ) - sizeof(PROPERLY_ALIGNED_TYPE) )
: m_alloc_clear( sizeof *hd + cipher_table[i].contextsize : m_alloc_clear( sizeof *h + cipher_table[idx].contextsize
- sizeof(PROPERLY_ALIGNED_TYPE) ); - sizeof(PROPERLY_ALIGNED_TYPE) );
hd->algo = algo; h->magic = secure ? CTX_MAGIC_SECURE : CTX_MAGIC_NORMAL;
hd->blocksize = cipher_table[i].blocksize; h->algo = algo;
hd->setkey = cipher_table[i].setkey; h->mode = mode;
hd->encrypt = cipher_table[i].encrypt; h->flags = flags;
hd->decrypt = cipher_table[i].decrypt; h->blocksize = cipher_table[idx].blocksize;
if( algo == CIPHER_ALGO_DUMMY ) h->setkey = cipher_table[idx].setkey;
hd->mode = CIPHER_MODE_DUMMY; h->encrypt = cipher_table[idx].encrypt;
else if( mode == CIPHER_MODE_AUTO_CFB ) { h->decrypt = cipher_table[idx].decrypt;
#warning Remove this code and the AUTO:CFB macro.
if( algo >= 100 )
hd->mode = CIPHER_MODE_CFB;
else
hd->mode = CIPHER_MODE_PHILS_CFB;
}
else
hd->mode = mode;
return hd; return h;
} }
void void
cipher_close( CIPHER_HANDLE c ) gcry_cipher_close( GCRY_CIPHER_HD h )
{ {
m_free(c); if( !h )
return;
if( h->magic != CTX_MAGIC_SECURE && h->magic != CTX_MAGIC_NORMAL ) {
fatal_invalid_arg("gcry_cipher_close: already closed/invalid handle");
return;
}
h->magic = 0;
m_free(h);
} }
int static int
cipher_setkey( CIPHER_HANDLE c, byte *key, unsigned keylen ) cipher_setkey( GCRY_CIPHER_HD c, byte *key, unsigned keylen )
{ {
return (*c->setkey)( &c->context.c, key, keylen ); return (*c->setkey)( &c->context.c, key, keylen );
} }
static void
void cipher_setiv( GCRY_CIPHER_HD c, const byte *iv, unsigned ivlen )
cipher_setiv( CIPHER_HANDLE c, const byte *iv, unsigned ivlen )
{ {
memset( c->iv, 0, c->blocksize ); memset( c->iv, 0, c->blocksize );
if( iv ) { if( iv ) {
@ -408,7 +449,7 @@ cipher_setiv( CIPHER_HANDLE c, const byte *iv, unsigned ivlen )
static void static void
do_ecb_encrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nblocks ) do_ecb_encrypt( GCRY_CIPHER_HD c, byte *outbuf, byte *inbuf, unsigned nblocks )
{ {
unsigned n; unsigned n;
@ -420,7 +461,7 @@ do_ecb_encrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nblocks )
} }
static void static void
do_ecb_decrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nblocks ) do_ecb_decrypt( GCRY_CIPHER_HD c, byte *outbuf, byte *inbuf, unsigned nblocks )
{ {
unsigned n; unsigned n;
@ -432,7 +473,7 @@ do_ecb_decrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nblocks )
} }
static void static void
do_cbc_encrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nblocks ) do_cbc_encrypt( GCRY_CIPHER_HD c, byte *outbuf, byte *inbuf, unsigned nblocks )
{ {
unsigned int n; unsigned int n;
byte *ivp; byte *ivp;
@ -453,7 +494,7 @@ do_cbc_encrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nblocks )
} }
static void static void
do_cbc_decrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nblocks ) do_cbc_decrypt( GCRY_CIPHER_HD c, byte *outbuf, byte *inbuf, unsigned nblocks )
{ {
unsigned int n; unsigned int n;
byte *ivp; byte *ivp;
@ -476,7 +517,7 @@ do_cbc_decrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nblocks )
static void static void
do_cfb_encrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nbytes ) do_cfb_encrypt( GCRY_CIPHER_HD c, byte *outbuf, byte *inbuf, unsigned nbytes )
{ {
byte *ivp; byte *ivp;
size_t blocksize = c->blocksize; size_t blocksize = c->blocksize;
@ -520,7 +561,7 @@ do_cfb_encrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nbytes )
} }
static void static void
do_cfb_decrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nbytes ) do_cfb_decrypt( GCRY_CIPHER_HD c, byte *outbuf, byte *inbuf, unsigned nbytes )
{ {
byte *ivp; byte *ivp;
ulong temp; ulong temp;
@ -582,23 +623,22 @@ do_cfb_decrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nbytes )
* inbuf and outbuf may overlap or be the same. * inbuf and outbuf may overlap or be the same.
* Depending on the mode some some contraints apply to NBYTES. * Depending on the mode some some contraints apply to NBYTES.
*/ */
void static void
cipher_encrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nbytes ) cipher_encrypt( GCRY_CIPHER_HD c, byte *outbuf, byte *inbuf, unsigned nbytes )
{ {
switch( c->mode ) { switch( c->mode ) {
case CIPHER_MODE_ECB: case GCRY_CIPHER_MODE_ECB:
assert(!(nbytes%8)); assert(!(nbytes%8));
do_ecb_encrypt(c, outbuf, inbuf, nbytes/8 ); do_ecb_encrypt(c, outbuf, inbuf, nbytes/8 );
break; break;
case CIPHER_MODE_CBC: case GCRY_CIPHER_MODE_CBC:
assert(!(nbytes%8)); /* fixme: should be blocksize */ assert(!(nbytes%8)); /* fixme: should be blocksize */
do_cbc_encrypt(c, outbuf, inbuf, nbytes/8 ); do_cbc_encrypt(c, outbuf, inbuf, nbytes/8 );
break; break;
case CIPHER_MODE_CFB: case GCRY_CIPHER_MODE_CFB:
case CIPHER_MODE_PHILS_CFB:
do_cfb_encrypt(c, outbuf, inbuf, nbytes ); do_cfb_encrypt(c, outbuf, inbuf, nbytes );
break; break;
case CIPHER_MODE_DUMMY: case GCRY_CIPHER_MODE_NONE:
if( inbuf != outbuf ) if( inbuf != outbuf )
memmove( outbuf, inbuf, nbytes ); memmove( outbuf, inbuf, nbytes );
break; break;
@ -607,28 +647,54 @@ cipher_encrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nbytes )
} }
/****************
* Encrypt IN and write it to OUT. If IN is NULL, in-place encryption has
* been requested,
*/
int
gcry_cipher_encrypt( GCRY_CIPHER_HD h, byte *out, size_t outsize,
const byte *in, size_t inlen )
{
if( !in ) {
/* caller requested in-place encryption */
/* actullay cipher_encrypt() does not need to know about it, but
* we may chnage this to get better performace */
cipher_encrypt( h, out, out, outsize );
}
else {
if( outsize < inlen )
return set_lasterr( GCRYERR_TOO_SHORT );
/* fixme: check that the inlength is a multipe of the blocksize
* if a blockoriented mode is used, or modify cipher_encrypt to
* return an error in this case */
cipher_encrypt( h, out, in, inlen );
}
return 0;
}
/**************** /****************
* Decrypt INBUF to OUTBUF with the mode selected at open. * Decrypt INBUF to OUTBUF with the mode selected at open.
* inbuf and outbuf may overlap or be the same. * inbuf and outbuf may overlap or be the same.
* Depending on the mode some some contraints apply to NBYTES. * Depending on the mode some some contraints apply to NBYTES.
*/ */
void static void
cipher_decrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nbytes ) cipher_decrypt( GCRY_CIPHER_HD c, byte *outbuf, byte *inbuf, unsigned nbytes )
{ {
switch( c->mode ) { switch( c->mode ) {
case CIPHER_MODE_ECB: case GCRY_CIPHER_MODE_ECB:
assert(!(nbytes%8)); assert(!(nbytes%8));
do_ecb_decrypt(c, outbuf, inbuf, nbytes/8 ); do_ecb_decrypt(c, outbuf, inbuf, nbytes/8 );
break; break;
case CIPHER_MODE_CBC: case GCRY_CIPHER_MODE_CBC:
assert(!(nbytes%8)); /* fixme: should assert on blocksize */ assert(!(nbytes%8)); /* fixme: should assert on blocksize */
do_cbc_decrypt(c, outbuf, inbuf, nbytes/8 ); do_cbc_decrypt(c, outbuf, inbuf, nbytes/8 );
break; break;
case CIPHER_MODE_CFB: case GCRY_CIPHER_MODE_CFB:
case CIPHER_MODE_PHILS_CFB:
do_cfb_decrypt(c, outbuf, inbuf, nbytes ); do_cfb_decrypt(c, outbuf, inbuf, nbytes );
break; break;
case CIPHER_MODE_DUMMY: case GCRY_CIPHER_MODE_NONE:
if( inbuf != outbuf ) if( inbuf != outbuf )
memmove( outbuf, inbuf, nbytes ); memmove( outbuf, inbuf, nbytes );
break; break;
@ -637,18 +703,160 @@ cipher_decrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nbytes )
} }
int
gcry_cipher_decrypt( GCRY_CIPHER_HD h, byte *out, size_t outsize,
const byte *in, size_t inlen )
{
if( !in ) {
/* caller requested in-place encryption */
/* actullay cipher_encrypt() does not need to know about it, but
* we may chnage this to get better performace */
cipher_decrypt( h, out, out, outsize );
}
else {
if( outsize < inlen )
return set_lasterr( GCRYERR_TOO_SHORT );
/* fixme: check that the inlength is a multipe of the blocksize
* if a blockoriented mode is used, or modify cipher_encrypt to
* return an error in this case */
cipher_decrypt( h, out, in, inlen );
}
return 0;
}
/**************** /****************
* Used for PGP's somewhat strange CFB mode. Only works if * Used for PGP's somewhat strange CFB mode. Only works if
* the handle is in PHILS_CFB mode * the corresponding flag is set.
*/ */
void static void
cipher_sync( CIPHER_HANDLE c ) cipher_sync( GCRY_CIPHER_HD c )
{ {
if( c->mode == CIPHER_MODE_PHILS_CFB && c->unused ) { if( (c->flags & GCRY_CIPHER_ENABLE_SYNC) && c->unused ) {
memmove(c->iv + c->unused, c->iv, c->blocksize - c->unused ); memmove(c->iv + c->unused, c->iv, c->blocksize - c->unused );
memcpy(c->iv, c->lastiv + c->blocksize - c->unused, c->unused); memcpy(c->iv, c->lastiv + c->blocksize - c->unused, c->unused);
c->unused = 0; c->unused = 0;
} }
} }
int
gcry_cipher_ctl( GCRY_CIPHER_HD h, int cmd, void *buffer, size_t buflen)
{
switch( cmd ) {
case GCRYCTL_SET_KEY:
cipher_setkey( h, buffer, buflen );
break;
case GCRYCTL_SET_IV:
cipher_setiv( h, buffer, buflen );
break;
case GCRYCTL_CFB_SYNC:
cipher_sync( h );
break;
case GCRYCTL_DISABLE_ALGO:
/* this one expects a NULL handle and buffer pointing to an
* integer with the algo number.
*/
if( h || !buffer || buflen != sizeof(int) )
return set_lasterr( GCRYERR_INV_ARG );
disable_cipher_algo( *(int*)buffer );
break;
default:
return set_lasterr( GCRYERR_INV_OP );
}
return 0;
}
/****************
* Return information about the cipher handle.
* -1 is returned on error and gcry_errno() may be used to get more information
* about the error.
*/
int
gcry_cipher_info( GCRY_CIPHER_HD h, int cmd, void *buffer, size_t *nbytes)
{
switch( cmd ) {
default:
set_lasterr( GCRYERR_INV_OP );
return -1;
}
return 0;
}
/****************
* Return information about the given cipher algorithm
* WHAT select the kind of information returned:
* GCRYCTL_GET_KEYLEN:
* Return the length of the key, if the algorithm
* supports multiple key length, the maximum supported value
* is returnd. The length is return as number of octets.
* buffer and nbytes must be zero.
* The keylength is returned in _bytes_.
* GCRYCTL_GET_BLKLEN:
* Return the blocklength of the algorithm counted in octets.
* buffer and nbytes must be zero.
* GCRYCTL_TEST_ALGO:
* Returns 0 when the specified algorithm is available for use.
* buffer and nbytes must be zero.
*
* On error the value -1 is returned and the error reason may be
* retrieved by gcry_errno().
* Note: Because this function is in most caes used to return an
* integer value, we can make it easier for the caller to just look at
* the return value. The caller will in all cases consult the value
* and thereby detecting whether a error occured or not (i.e. while checking
* the block size)
*/
int
gcry_cipher_algo_info( int algo, int what, void *buffer, size_t *nbytes)
{
unsigned int ui;
switch( what ) {
case GCRYCTL_GET_KEYLEN:
if( buffer || nbytes ) {
set_lasterr( GCRYERR_INV_ARG );
break;
}
ui = cipher_get_keylen( algo );
if( ui > 0 && ui <= 512 )
return (int)ui/8;
/* the only reason is an invalid algo or a strange blocksize */
set_lasterr( GCRYERR_INV_ALGO );
break;
case GCRYCTL_GET_BLKLEN:
if( buffer || nbytes ) {
set_lasterr( GCRYERR_INV_ARG );
break;
}
ui = cipher_get_blocksize( algo );
if( ui > 0 && ui < 10000 )
return (int)ui;
/* the only reason is an invalid algo or a strange blocksize */
set_lasterr( GCRYERR_INV_ALGO );
break;
case GCRYCTL_TEST_ALGO:
if( buffer || nbytes ) {
set_lasterr( GCRYERR_INV_ARG );
break;
}
if( check_cipher_algo( algo ) ) {
set_lasterr( GCRYERR_INV_ALGO );
break;
}
return 0;
default:
set_lasterr( GCRYERR_INV_OP );
}
return -1;
}

View File

@ -351,8 +351,10 @@ sign(MPI a, MPI b, MPI input, ELG_secret_key *skey )
mpi_powm( a, skey->g, k, skey->p ); mpi_powm( a, skey->g, k, skey->p );
mpi_mul(t, skey->x, a ); mpi_mul(t, skey->x, a );
mpi_subm(t, input, t, p_1 ); mpi_subm(t, input, t, p_1 );
while( mpi_is_neg(t) ) while( mpi_is_neg(t) ) {
BUG(); /* That is nonsense code - left over from a very early test?*/
mpi_add(t, t, p_1); mpi_add(t, t, p_1);
}
mpi_invm(inv, k, p_1 ); mpi_invm(inv, k, p_1 );
mpi_mulm(b, t, inv, p_1 ); mpi_mulm(b, t, inv, p_1 );

View File

@ -24,6 +24,8 @@
#include <string.h> #include <string.h>
#include <errno.h> #include <errno.h>
#include <assert.h> #include <assert.h>
#include "g10lib.h"
#include "util.h" #include "util.h"
#include "cipher.h" #include "cipher.h"
#include "errors.h" #include "errors.h"
@ -31,9 +33,38 @@
#include "rmd.h" #include "rmd.h"
struct md_digest_list_s;
/* this structure is put right after the GCRY_MD_HD buffer, so that
* only one memory block is needed. */
struct gcry_md_context {
int magic;
int secure;
FILE *debug;
int finalized;
struct md_digest_list_s *list;
};
#define CTX_MAGIC_NORMAL 0x11071961
#define CTX_MAGIC_SECURE 0x16917011
static const char * digest_algo_to_string( int algo );
static int check_digest_algo( int algo );
static GCRY_MD_HD md_open( int algo, int secure );
static int md_enable( GCRY_MD_HD hd, int algo );
static GCRY_MD_HD md_copy( GCRY_MD_HD a );
static void md_close(GCRY_MD_HD a);
static void md_write( GCRY_MD_HD a, byte *inbuf, size_t inlen);
static void md_final(GCRY_MD_HD a);
static byte *md_read( GCRY_MD_HD a, int algo );
static int md_get_algo( GCRY_MD_HD a );
static int md_digest_length( int algo );
static const byte *md_asn_oid( int algo, size_t *asnlen, size_t *mdlen );
static void md_start_debug( GCRY_MD_HD a, const char *suffix );
static void md_stop_debug( GCRY_MD_HD a );
/**************** /****************
* This structure is used for the list of available algorithms * This structure is used for the list of available algorithms
* and for the list of algorithms in MD_HANDLE. * and for the list of algorithms in GCRY_MD_HD.
*/ */
struct md_digest_list_s { struct md_digest_list_s {
struct md_digest_list_s *next; struct md_digest_list_s *next;
@ -146,7 +177,7 @@ load_digest_module( int req_algo )
* Map a string to the digest algo * Map a string to the digest algo
*/ */
int int
string_to_digest_algo( const char *string ) gcry_md_map_name( const char *string )
{ {
struct md_digest_list_s *r; struct md_digest_list_s *r;
@ -162,7 +193,7 @@ string_to_digest_algo( const char *string )
/**************** /****************
* Map a digest algo to a string * Map a digest algo to a string
*/ */
const char * static const char *
digest_algo_to_string( int algo ) digest_algo_to_string( int algo )
{ {
struct md_digest_list_s *r; struct md_digest_list_s *r;
@ -175,8 +206,21 @@ digest_algo_to_string( int algo )
return NULL; return NULL;
} }
/****************
* This function simply returns the name of the algorithm or some constant
* string when there is no algo. It will never return NULL.
* Use the macro gcry_md_test_algo() to check whether the algorithm
* is valid.
*/
const char *
gcry_md_algo_name( int algo )
{
const char *s = digest_algo_to_string( algo );
return s? s: "?";
}
int
static int
check_digest_algo( int algo ) check_digest_algo( int algo )
{ {
struct md_digest_list_s *r; struct md_digest_list_s *r;
@ -196,37 +240,73 @@ check_digest_algo( int algo )
* More algorithms may be added by md_enable(). The initial algorithm * More algorithms may be added by md_enable(). The initial algorithm
* may be 0. * may be 0.
*/ */
MD_HANDLE static GCRY_MD_HD
md_open( int algo, int secure ) md_open( int algo, int secure )
{ {
MD_HANDLE hd; GCRY_MD_HD hd;
int bufsize; struct gcry_md_context *ctx;
int bufsize = secure? 512 : 1024;
size_t n;
if( secure ) { /* Allocate a memory area to hold the caller visible buffer with it's
bufsize = 512 - sizeof( *hd ); * control information and the data required by this module. Set the
hd = m_alloc_secure_clear( sizeof *hd + bufsize ); * context pointer at the beginning to this area.
} * We have to use this strange scheme because we want to hide the
else { * internal data but have a variable sized buffer.
bufsize = 1024 - sizeof( *hd ); *
hd = m_alloc_clear( sizeof *hd + bufsize ); * +---+------+---........------+-------------+
} * !ctx! bctl ! buffer ! private !
* +---+------+---........------+-------------+
* ! ^
* !---------------------------!
*
* We have to make sture that private is well aligned.
*/
n = sizeof( struct gcry_md_handle ) + bufsize;
n = ((n + sizeof(PROPERLY_ALIGNED_TYPE)-1)
/ sizeof(PROPERLY_ALIGNED_TYPE) ) * sizeof(PROPERLY_ALIGNED_TYPE);
hd->bufsize = bufsize+1; /* hd has already one byte allocated */ /* allocate and set the Context pointer to the private data */
hd->secure = secure; hd = secure ? m_alloc_secure( n + sizeof( struct gcry_md_context ) )
if( algo ) : m_alloc( n + sizeof( struct gcry_md_context ) );
md_enable( hd, algo ); hd->ctx = ctx = (struct gcry_md_context*)( (char*)hd + n );
fast_random_poll(); /* setup the globally visible data (bctl in the diagram)*/
hd->bufsize = n - sizeof( struct gcry_md_handle ) + 1;
hd->bufpos = 0;
/* initialize the private data */
memset( hd->ctx, 0, sizeof *hd->ctx );
ctx->magic = secure ? CTX_MAGIC_SECURE : CTX_MAGIC_NORMAL;
ctx->secure = secure;
fast_random_poll(); /* FIXME: should we really do that? */
if( algo && md_enable( hd, algo ) ) {
md_close( hd );
return NULL;
}
return hd; return hd;
} }
void
md_enable( MD_HANDLE h, int algo ) GCRY_MD_HD
gcry_md_open( int algo, unsigned int flags )
{ {
GCRY_MD_HD hd;
/* fixme: check that algo is available and that only valid
* flag values are used */
hd = md_open( algo, (flags & GCRY_MD_FLAG_SECURE) );
return hd;
}
static int
md_enable( GCRY_MD_HD hd, int algo )
{
struct gcry_md_context *h = hd->ctx;
struct md_digest_list_s *r, *ac; struct md_digest_list_s *r, *ac;
for( ac=h->list; ac; ac = ac->next ) for( ac=h->list; ac; ac = ac->next )
if( ac->algo == algo ) if( ac->algo == algo )
return ; /* already enabled */ return 0; /* already enabled */
/* find the algorithm */ /* find the algorithm */
do { do {
for(r = digest_list; r; r = r->next ) for(r = digest_list; r; r = r->next )
@ -234,8 +314,8 @@ md_enable( MD_HANDLE h, int algo )
break; break;
} while( !r && load_digest_module( algo ) ); } while( !r && load_digest_module( algo ) );
if( !r ) { if( !r ) {
log_error("md_enable: algorithm %d not available\n", algo ); log_debug("md_enable: algorithm %d not available\n", algo );
return; return set_lasterr( GCRYERR_INV_ALGO );
} }
/* and allocate a new list entry */ /* and allocate a new list entry */
ac = h->secure? m_alloc_secure( sizeof *ac + r->contextsize ac = h->secure? m_alloc_secure( sizeof *ac + r->contextsize
@ -247,20 +327,37 @@ md_enable( MD_HANDLE h, int algo )
h->list = ac; h->list = ac;
/* and init this instance */ /* and init this instance */
(*ac->init)( &ac->context.c ); (*ac->init)( &ac->context.c );
return 0;
} }
MD_HANDLE int
md_copy( MD_HANDLE a ) gcry_md_enable( GCRY_MD_HD hd, int algo )
{ {
MD_HANDLE b; return md_enable( hd, algo );
struct md_digest_list_s *ar, *br; }
if( a->bufcount ) static GCRY_MD_HD
md_write( a, NULL, 0 ); md_copy( GCRY_MD_HD ahd )
b = a->secure ? m_alloc_secure( sizeof *b + a->bufsize - 1 ) {
: m_alloc( sizeof *b + a->bufsize - 1 ); struct gcry_md_context *a = ahd->ctx;
memcpy( b, a, sizeof *a + a->bufsize - 1 ); struct gcry_md_context *b;
GCRY_MD_HD bhd;
struct md_digest_list_s *ar, *br;
size_t n;
if( ahd->bufpos )
md_write( ahd, NULL, 0 );
n = (char*)ahd->ctx - (char*)ahd;
bhd = a->secure ? m_alloc_secure( n + sizeof( struct gcry_md_context ) )
: m_alloc( n + sizeof( struct gcry_md_context ) );
bhd->ctx = b = (struct gcry_md_context*)( (char*)bhd + n );
/* no need to copy the buffer due to the write above */
assert( ahd->bufsize == (n - sizeof( struct gcry_md_handle ) + 1) );
bhd->bufsize = ahd->bufsize;
bhd->bufpos = 0; assert( !ahd->bufpos );
memcpy( b, a, sizeof *a );
b->list = NULL; b->list = NULL;
b->debug = NULL; b->debug = NULL;
/* and now copy the complete list of algorithms */ /* and now copy the complete list of algorithms */
@ -277,38 +374,43 @@ md_copy( MD_HANDLE a )
} }
if( a->debug ) if( a->debug )
md_start_debug( b, "unknown" ); md_start_debug( bhd, "unknown" );
return b; return bhd;
} }
GCRY_MD_HD
gcry_md_copy( GCRY_MD_HD hd )
{
return md_copy( hd );
}
/**************** /****************
* Reset all contexts and discard any buffered stuff. This may be used * Reset all contexts and discard any buffered stuff. This may be used
* instead of a md_close(); md_open(). * instead of a md_close(); md_open().
*/ */
void void
md_reset( MD_HANDLE a ) gcry_md_reset( GCRY_MD_HD a )
{ {
struct md_digest_list_s *r; struct md_digest_list_s *r;
a->bufcount = 0; a->bufpos = a->ctx->finalized = 0;
for( r=a->list; r; r = r->next ) { for( r=a->ctx->list; r; r = r->next ) {
memset( r->context.c, 0, r->contextsize ); memset( r->context.c, 0, r->contextsize );
(*r->init)( &r->context.c ); (*r->init)( &r->context.c );
} }
} }
void static void
md_close(MD_HANDLE a) md_close(GCRY_MD_HD a)
{ {
struct md_digest_list_s *r, *r2; struct md_digest_list_s *r, *r2;
if( !a ) if( !a )
return; return;
if( a->debug ) if( a->ctx->debug )
md_stop_debug(a); md_stop_debug(a);
for(r=a->list; r; r = r2 ) { for(r=a->ctx->list; r; r = r2 ) {
r2 = r->next; r2 = r->next;
m_free(r); m_free(r);
} }
@ -317,60 +419,86 @@ md_close(MD_HANDLE a)
void void
md_write( MD_HANDLE a, byte *inbuf, size_t inlen) gcry_md_close( GCRY_MD_HD hd )
{
md_close( hd );
}
static void
md_write( GCRY_MD_HD a, byte *inbuf, size_t inlen)
{ {
struct md_digest_list_s *r; struct md_digest_list_s *r;
if( a->debug ) { if( a->ctx->debug ) {
if( a->bufcount && fwrite(a->buffer, a->bufcount, 1, a->debug ) != 1 ) if( a->bufpos && fwrite(a->buf, a->bufpos, 1, a->ctx->debug ) != 1 )
BUG(); BUG();
if( inlen && fwrite(inbuf, inlen, 1, a->debug ) != 1 ) if( inlen && fwrite(inbuf, inlen, 1, a->ctx->debug ) != 1 )
BUG(); BUG();
} }
for(r=a->list; r; r = r->next ) { for(r=a->ctx->list; r; r = r->next ) {
(*r->write)( &r->context.c, a->buffer, a->bufcount ); if( a->bufpos )
(*r->write)( &r->context.c, a->buf, a->bufpos );
(*r->write)( &r->context.c, inbuf, inlen ); (*r->write)( &r->context.c, inbuf, inlen );
} }
a->bufcount = 0; a->bufpos = 0;
}
void
gcry_md_write( GCRY_MD_HD hd, const byte *inbuf, size_t inlen)
{
md_write( hd, (byte*)inbuf, inlen );
} }
void static void
md_final(MD_HANDLE a) md_final(GCRY_MD_HD a)
{ {
struct md_digest_list_s *r; struct md_digest_list_s *r;
if( a->finalized ) if( a->ctx->finalized )
return; return;
if( a->bufcount ) if( a->bufpos )
md_write( a, NULL, 0 ); md_write( a, NULL, 0 );
for(r=a->list; r; r = r->next ) { for(r=a->ctx->list; r; r = r->next ) {
(*r->final)( &r->context.c ); (*r->final)( &r->context.c );
} }
a->finalized = 1; a->ctx->finalized = 1;
}
int
gcry_md_ctl( GCRY_MD_HD hd, int cmd, byte *buffer, size_t buflen)
{
if( cmd == GCRYCTL_FINALIZE )
md_final( hd );
else
return GCRYERR_INV_OP;
return 0;
} }
/**************** /****************
* if ALGO is null get the digest for the used algo (which should be only one) * if ALGO is null get the digest for the used algo (which should be only one)
*/ */
byte * static byte *
md_read( MD_HANDLE a, int algo ) md_read( GCRY_MD_HD a, int algo )
{ {
struct md_digest_list_s *r; struct md_digest_list_s *r;
if( !algo ) { /* return the first algorithm */ if( !algo ) { /* return the first algorithm */
if( (r=a->list) ) { if( (r=a->ctx->list) ) {
if( r->next ) if( r->next )
log_debug("more than algorithm in md_read(0)\n"); log_debug("more than algorithm in md_read(0)\n");
return (*r->read)( &r->context.c ); return (*r->read)( &r->context.c );
} }
} }
else { else {
for(r=a->list; r; r = r->next ) for(r=a->ctx->list; r; r = r->next )
if( r->algo == algo ) if( r->algo == algo )
return (*r->read)( &r->context.c ); return (*r->read)( &r->context.c );
} }
@ -378,6 +506,17 @@ md_read( MD_HANDLE a, int algo )
return NULL; return NULL;
} }
/****************
* Read out the complete digest, this function implictly finalizes
* the hash.
*/
byte *
gcry_md_read( GCRY_MD_HD hd, int algo )
{
gcry_md_ctl( hd, GCRYCTL_FINALIZE, NULL, 0 );
return md_read( hd, algo);
}
/**************** /****************
* This function combines md_final and md_read but keeps the context * This function combines md_final and md_read but keeps the context
@ -388,22 +527,23 @@ md_read( MD_HANDLE a, int algo )
* hold the complete digest, the buffer is filled with as many bytes are * hold the complete digest, the buffer is filled with as many bytes are
* possible and this value is returned. * possible and this value is returned.
*/ */
int #if 0
md_digest( MD_HANDLE a, int algo, byte *buffer, int buflen ) static int
md_digest( GCRY_MD_HD a, int algo, byte *buffer, int buflen )
{ {
struct md_digest_list_s *r = NULL; struct md_digest_list_s *r = NULL;
char *context; char *context;
char *digest; char *digest;
if( a->bufcount ) if( a->bufpos )
md_write( a, NULL, 0 ); md_write( a, NULL, 0 );
if( !algo ) { /* return digest for the first algorithm */ if( !algo ) { /* return digest for the first algorithm */
if( (r=a->list) && r->next ) if( (r=a->ctx->list) && r->next )
log_debug("more than algorithm in md_digest(0)\n"); log_debug("more than algorithm in md_digest(0)\n");
} }
else { else {
for(r=a->list; r; r = r->next ) for(r=a->ctx->list; r; r = r->next )
if( r->algo == algo ) if( r->algo == algo )
break; break;
} }
@ -414,9 +554,9 @@ md_digest( MD_HANDLE a, int algo, byte *buffer, int buflen )
return r->mdlen; return r->mdlen;
/* I don't want to change the interface, so I simply work on a copy /* I don't want to change the interface, so I simply work on a copy
* the context (extra overhead - should be fixed)*/ * of the context (extra overhead - should be fixed)*/
context = a->secure ? m_alloc_secure( r->contextsize ) context = a->ctx->secure ? m_alloc_secure( r->contextsize )
: m_alloc( r->contextsize ); : m_alloc( r->contextsize );
memcpy( context, r->context.c, r->contextsize ); memcpy( context, r->context.c, r->contextsize );
(*r->final)( context ); (*r->final)( context );
digest = (*r->read)( context ); digest = (*r->read)( context );
@ -428,14 +568,26 @@ md_digest( MD_HANDLE a, int algo, byte *buffer, int buflen )
m_free(context); m_free(context);
return buflen; return buflen;
} }
#endif
/****************
* Read out an intermediate digest.
*/
int int
md_get_algo( MD_HANDLE a ) gcry_md_get( GCRY_MD_HD hd, int algo, byte *buffer, int buflen )
{
/*md_digest ... */
return GCRYERR_INTERNAL;
}
static int
md_get_algo( GCRY_MD_HD a )
{ {
struct md_digest_list_s *r; struct md_digest_list_s *r;
if( (r=a->list) ) { if( (r=a->ctx->list) ) {
if( r->next ) if( r->next )
log_error("WARNING: more than algorithm in md_get_algo()\n"); log_error("WARNING: more than algorithm in md_get_algo()\n");
return r->algo; return r->algo;
@ -443,10 +595,18 @@ md_get_algo( MD_HANDLE a )
return 0; return 0;
} }
int
gcry_md_get_algo( GCRY_MD_HD hd )
{
return md_get_algo( hd ); /* fixme: we need error handling */
}
/**************** /****************
* Return the length of the digest * Return the length of the digest
*/ */
int static int
md_digest_length( int algo ) md_digest_length( int algo )
{ {
struct md_digest_list_s *r; struct md_digest_list_s *r;
@ -457,14 +617,35 @@ md_digest_length( int algo )
return r->mdlen; return r->mdlen;
} }
} while( !r && load_digest_module( algo ) ); } while( !r && load_digest_module( algo ) );
log_error("WARNING: no length for md algo %d\n", algo);
return 0; return 0;
} }
/****************
* Return the length of the digest in bytes.
* This function will return 0 in case of errors.
*/
unsigned int
gcry_md_get_algo_dlen( int algo )
{
/* we do some very quick checks here */
switch( algo )
{
case GCRY_MD_MD5: return 16;
case GCRY_MD_SHA1:
case GCRY_MD_RMD160: return 20;
default: {
int len = md_digest_length( algo );
if( !len )
set_lasterr( GCRYERR_INV_ALGO );
return 0;
}
}
}
/* Hmmm: add a mode to enumerate the OIDs /* Hmmm: add a mode to enumerate the OIDs
* to make g10/sig-check.c more portable */ * to make g10/sig-check.c more portable */
const byte * static const byte *
md_asn_oid( int algo, size_t *asnlen, size_t *mdlen ) md_asn_oid( int algo, size_t *asnlen, size_t *mdlen )
{ {
struct md_digest_list_s *r; struct md_digest_list_s *r;
@ -485,31 +666,92 @@ md_asn_oid( int algo, size_t *asnlen, size_t *mdlen )
} }
/****************
* Return information about the given cipher algorithm
* WHAT select the kind of information returned:
* GCRYCTL_TEST_ALGO:
* Returns 0 when the specified algorithm is available for use.
* buffer and nbytes must be zero.
* GCRYCTL_GET_ASNOID:
* Return the ASNOID of the algorithm in buffer. if buffer is NULL, only
* the required length is returned.
*
* On error the value -1 is returned and the error reason may be
* retrieved by gcry_errno().
* Note: Because this function is in most caes used to return an
* integer value, we can make it easier for the caller to just look at
* the return value. The caller will in all cases consult the value
* and thereby detecting whether a error occured or not (i.e. while checking
* the block size)
*/
int
gcry_md_algo_info( int algo, int what, void *buffer, size_t *nbytes)
{
switch( what ) {
case GCRYCTL_TEST_ALGO:
if( buffer || nbytes ) {
set_lasterr( GCRYERR_INV_ARG );
return -1;
}
if( check_digest_algo( algo ) ) {
set_lasterr( GCRYERR_INV_ALGO );
return -1;
}
break;
case GCRYCTL_GET_ASNOID: {
size_t asnlen;
const char *asn = md_asn_oid( algo, &asnlen, NULL );
if( buffer && *nbytes >= asnlen ) {
memcpy( buffer, asn, asnlen );
*nbytes = asnlen;
return 0;
}
if( !buffer && nbytes ) {
*nbytes = asnlen;
return 0;
}
set_lasterr( buffer ? GCRYERR_TOO_SHORT : GCRYERR_INV_ARG );
return -1;
}
break;
default:
set_lasterr( GCRYERR_INV_OP );
return -1;
}
return 0;
}
void void
md_start_debug( MD_HANDLE md, const char *suffix ) md_start_debug( GCRY_MD_HD md, const char *suffix )
{ {
static int idx=0; static int idx=0;
char buf[25]; char buf[25];
if( md->debug ) { if( md->ctx->debug ) {
log_debug("Oops: md debug already started\n"); log_debug("Oops: md debug already started\n");
return; return;
} }
idx++; idx++;
sprintf(buf, "dbgmd-%05d.%.10s", idx, suffix ); sprintf(buf, "dbgmd-%05d.%.10s", idx, suffix );
md->debug = fopen(buf, "w"); md->ctx->debug = fopen(buf, "w");
if( !md->debug ) if( !md->ctx->debug )
log_debug("md debug: can't open %s\n", buf ); log_debug("md debug: can't open %s\n", buf );
} }
void void
md_stop_debug( MD_HANDLE md ) md_stop_debug( GCRY_MD_HD md )
{ {
if( md->debug ) { if( md->ctx->debug ) {
if( md->bufcount ) if( md->bufpos )
md_write( md, NULL, 0 ); md_write( md, NULL, 0 );
fclose(md->debug); fclose(md->ctx->debug);
md->debug = NULL; md->ctx->debug = NULL;
} }
#ifdef HAVE_U64_TYPEDEF #ifdef HAVE_U64_TYPEDEF
{ /* a kludge to pull in the __muldi3 for Solaris */ { /* a kludge to pull in the __muldi3 for Solaris */
@ -521,3 +763,25 @@ md_stop_debug( MD_HANDLE md )
#endif #endif
} }
/****************
* Return information about the digest handle.
* GCRYCTL_IS_SECURE:
* Returns 1 when the handle works on secured memory
* otherwise 0 is returned. There is no error return.
*/
int
gcry_md_info( GCRY_MD_HD h, int cmd, void *buffer, size_t *nbytes)
{
switch( cmd ) {
case GCRYCTL_IS_SECURE:
return h->ctx->secure;
default:
set_lasterr( GCRYERR_INV_OP );
return -1;
}
return 0;
}

View File

@ -1,5 +1,5 @@
/* pubkey.c - pubkey dispatcher /* pubkey.c - pubkey dispatcher
* Copyright (C) 1998 Free Software Foundation, Inc. * Copyright (C) 1998, 1999 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -24,6 +24,8 @@
#include <string.h> #include <string.h>
#include <errno.h> #include <errno.h>
#include <assert.h> #include <assert.h>
#include "g10lib.h"
#include "util.h" #include "util.h"
#include "errors.h" #include "errors.h"
#include "mpi.h" #include "mpi.h"
@ -236,7 +238,7 @@ load_pubkey_modules(void)
* Map a string to the pubkey algo * Map a string to the pubkey algo
*/ */
int int
string_to_pubkey_algo( const char *string ) gcry_pk_map_name( const char *string )
{ {
int i; int i;
const char *s; const char *s;
@ -254,7 +256,7 @@ string_to_pubkey_algo( const char *string )
* Map a pubkey algo to a string * Map a pubkey algo to a string
*/ */
const char * const char *
pubkey_algo_to_string( int algo ) gcry_pk_algo_name( int algo )
{ {
int i; int i;
@ -565,3 +567,78 @@ pubkey_verify( int algo, MPI hash, MPI *data, MPI *pkey,
return rc; return rc;
} }
int
gcry_pk_encrypt( GCRY_SEXP *result, GCRY_SEXP data, GCRY_SEXP pkey )
{
/* ... */
return 0;
}
int
gcry_pk_decrypt( GCRY_SEXP *result, GCRY_SEXP data, GCRY_SEXP skey )
{
/* ... */
return 0;
}
int
gcry_pk_sign( GCRY_SEXP *result, GCRY_SEXP data, GCRY_SEXP skey )
{
GCRY_SEXP s;
/* get the secret key */
s = NULL; /*gcry_sexp_find_token( skey, "private-key", 0 );*/
if( !s )
return -1; /* no private key */
/* ... */
return 0;
}
int
gcry_pk_verify( GCRY_SEXP *result, GCRY_SEXP data, GCRY_SEXP pkey )
{
/* ... */
return 0;
}
/****************
* Return information about the given algorithm
* WHAT select the kind of information returned:
* GCRYCTL_TEST_ALGO:
* Returns 0 when the specified algorithm is available for use.
* buffer and nbytes must be zero.
*
* On error the value -1 is returned and the error reason may be
* retrieved by gcry_errno().
* Note: Because this function is in most caes used to return an
* integer value, we can make it easier for the caller to just look at
* the return value. The caller will in all cases consult the value
* and thereby detecting whether a error occured or not (i.e. while checking
* the block size)
*/
int
gcry_pk_algo_info( int algo, int what, void *buffer, size_t *nbytes)
{
switch( what ) {
case GCRYCTL_TEST_ALGO:
if( buffer || nbytes ) {
set_lasterr( GCRYERR_INV_ARG );
return -1;
}
if( check_pubkey_algo( algo ) ) {
set_lasterr( GCRYERR_INV_ALGO );
return -1;
}
break;
default:
set_lasterr( GCRYERR_INV_OP );
return -1;
}
return 0;
}

View File

@ -109,22 +109,9 @@ dnl Check wether we want to compile libgcrypt
dnl dnl
AC_MSG_CHECKING([whether compilation of libgcrypt is requested]) AC_MSG_CHECKING([whether compilation of libgcrypt is requested])
AC_ARG_ENABLE(libgcrypt, AC_ARG_ENABLE(libgcrypt,
[ --enable-libgcrypt compile the libgcrypt [default=no]], [ --enable-libgcrypt compile the libgcrypt [default=yes]],
[compile_libgcrypt="$enableval"],[compile_libgcrypt=no]) [compile_libgcrypt="$enableval"],[compile_libgcrypt=no])
AC_MSG_RESULT($compile_libgcrypt) AC_MSG_RESULT($compile_libgcrypt)
if test x$compile_libgcrypt = xyes ; then
if test -f $srcdir/gcrypt/gcrypt.h; then
:
else
compile_libgcrypt=no
AC_MSG_WARN([[
***
*** LIBGCRYPT is not yet ready for public testing.
*** Maybe you have more luck with the next release of GnuPG
*** Watch the gnupg-announce mailing list or the webpage.
***]])
fi
fi
AM_CONDITIONAL(COMPILE_LIBGCRYPT, test x$compile_libgcrypt = xyes) AM_CONDITIONAL(COMPILE_LIBGCRYPT, test x$compile_libgcrypt = xyes)
@ -680,10 +667,13 @@ AC_SUBST(ZLIBS)
changequote(,)dnl changequote(,)dnl
tmp_pat='[a-zA-Z]' tmp_pat='[a-zA-Z]'
changequote([,])dnl changequote([,])dnl
if echo "$VERSION" | grep $tmp_pat >/dev/null ; then if echo "$VERSION" | grep "$tmp_pat" >/dev/null ; then
AC_DEFINE(IS_DEVELOPMENT_VERSION) AC_DEFINE(IS_DEVELOPMENT_VERSION)
fi fi
dnl Temp workaround:
GNUPG_LINK_FILES(gcrypt/gcrypt.h, gcrypt.h )
AM_CONDITIONAL(CROSS_COMPILING, test x$cross_compiling = xyes) AM_CONDITIONAL(CROSS_COMPILING, test x$cross_compiling = xyes)
GNUPG_DO_LINK_FILES GNUPG_DO_LINK_FILES

36
doc/ChangeLog Normal file
View File

@ -0,0 +1,36 @@
Tue Oct 26 14:10:21 CEST 1999 Werner Koch <wk@gnupg.de>
* Makefile.am (SUBDIRS): Removed gph from this development series
Mon Sep 6 19:59:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* Makefile.am (SUBDIRS): New subdir gph for the manual.
Thu Jul 22 20:03:03 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* gpg.sgml (--always-trust): Added.
Wed Jul 14 19:42:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* Makefile.am: Create a dummy man page if docbook-to-man is missing.
Wed Jun 16 20:16:21 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* gpg1.pod: Removed.
* gpg.sgml: New. Replaces the pod file
* Makefile.am: Add rule to make a man file from sgml
Tue Jun 15 12:21:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* Makefile.in.in: Use DESTDIR.
Mon May 31 19:41:10 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* gpg.1pod: Enhanced the Bugs section (Michael).
Wed Feb 10 17:15:39 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* gpg.1pod: Spelling and grammar corrections (John A. Martin)
* FAQ: Ditto.
* DETAILS: Ditto.

View File

@ -181,6 +181,14 @@ more arguments in future versions.
<n_uids> <n_subk> <n_sigs> <n_revoc> <sec_read> <sec_imported> <sec_dups> <n_uids> <n_subk> <n_sigs> <n_revoc> <sec_read> <sec_imported> <sec_dups>
Final statistics on import process (this is one long line) Final statistics on import process (this is one long line)
FILE_START <what> <filename>
Start processing a file <filename>. <what> indicates the performed
operation:
1 - verify
FILE_DONE
Marks the end of a file processing which has been started
by FILE_START.
Key generation Key generation

View File

@ -1,6 +1,6 @@
## Process this file with automake to create Makefile.in ## Process this file with automake to create Makefile.in
SUBDIRS = gph ##SUBDIRS = gph
EXTRA_DIST = DETAILS gpg.sgml gpg.1 FAQ HACKING OpenPGP EXTRA_DIST = DETAILS gpg.sgml gpg.1 FAQ HACKING OpenPGP

View File

@ -260,7 +260,7 @@ only in the local environment.</para></listitem></varlistentry>
<term>revsig</term> <term>revsig</term>
<listitem><para> <listitem><para>
Revoke a signature. GnuPG asks for every Revoke a signature. GnuPG asks for every
every signature which has been done by one of signature which has been done by one of
the secret keys, whether a revocation the secret keys, whether a revocation
certificate should be generated.</para></listitem></varlistentry> certificate should be generated.</para></listitem></varlistentry>
<varlistentry> <varlistentry>

View File

@ -1,5 +1,55 @@
Sat Sep 18 12:16:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de> Tue Oct 26 14:10:21 CEST 1999 Werner Koch <wk@gnupg.de>
* misc.c (openpgp_cipher_test_algo): New.
(openpgp_pk_test_algo): New.
(openpgp_md_test_algo): New.
* g10.c (build_list): Changed to use the new functions from libgcrypt.
* ringedit.c (enum_keyblocks): Set .rt to 0 on open.
* encode.c (encode_simple): Use new CTB when we don't have the
length of the file. This is somewhat strange as the comment above
indicates that this part is actually fixed for PGP 5 - maybe I simply
lost the source line, tsss.
* sign.c (clearsign_file): Avoid duplicated Entries in the "Hash:"
line. Those headers are now only _not_ printed when there are
only old-style keys _and_ all hashs are MD5.
(clearsign_file): Use gcry_md_test_algo() and gcry_md_algo_name().
* openfile.c (make_outfile_name): Use case-insenstive compare for
DOS systems. Add ".pgp" to the list of know extensions.
(open_outfile): For DOS systems try to replace the suffix instead of
appending it.
* encr-data.c (decrypt_data): Reset error on a weak key.
* cipher.c: Replaced the cipher and digest functions by the gcry_ ones.
* seckey-cert.c: Ditto.
* seskey.c: Ditto.
* g10.c (print_mds): Replaced digst functions with the new gcry_ ones.
* keyid.c: Ditto.
* mainproc.c: Ditto.
* passphrase.c: Ditto.
* sig-check.c: Ditto.
* sign.c: Ditto.
* pkclist.c (do_edit_ownertrust): Made the answer string const.
* basicdefs.h: New. Move some defs and decl to this header.
* openfile.c (open_outfile): Fixed the 8dot3 handling.
* passphrase.c (passphrase_to_dek): Print uid using utf8 func.
* delkey.c (delete_key): Ditto.
* pkclist.c (show_paths,do_edit_ownertrust,do_we_trust): Ditto
(do_we_trust_pre): Ditto.
* trustdb.c (print_user_id,check_uidsigs): Ditto.
* revoke.c (gen_revoke,ask_revoke_sig): Ditto.
Sat Sep 18 12:16:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* filter.h: Changed cipher handle types to the the GCRY_xxx ones. * filter.h: Changed cipher handle types to the the GCRY_xxx ones.
replaces include cipher by system header include gcrypt.h. replaces include cipher by system header include gcrypt.h.

View File

@ -4,7 +4,8 @@ INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/intl
EXTRA_DIST = OPTIONS pubring.asc options.skel EXTRA_DIST = OPTIONS pubring.asc options.skel
OMIT_DEPENDENCIES = zlib.h zconf.h OMIT_DEPENDENCIES = zlib.h zconf.h
LDFLAGS = @LDFLAGS@ @DYNLINK_LDFLAGS@ LDFLAGS = @LDFLAGS@ @DYNLINK_LDFLAGS@
needed_libs = ../cipher/libcipher.la ../mpi/libmpi.la ../util/libutil.la needed_libs = ../cipher/libcipher.la ../mpi/libmpi.la ../util/libutil.la \
../gcrypt/libgcrypt.la
#noinst_PROGRAMS = gpgd #noinst_PROGRAMS = gpgd
bin_PROGRAMS = gpg bin_PROGRAMS = gpg

View File

@ -242,7 +242,7 @@ do_public_key( IOBUF out, int ctb, PKT_public_key *pk )
* Make a hash value from the public key certificate * Make a hash value from the public key certificate
*/ */
void void
hash_public_key( MD_HANDLE md, PKT_public_key *pk ) hash_public_key( GCRY_MD_HD md, PKT_public_key *pk )
{ {
PACKET pkt; PACKET pkt;
int rc = 0; int rc = 0;
@ -293,10 +293,10 @@ hash_public_key( MD_HANDLE md, PKT_public_key *pk )
} }
} }
/* hash a header */ /* hash a header */
md_putc( md, 0x99 ); gcry_md_putc( md, 0x99 );
pktlen &= 0xffff; /* can't handle longer packets */ pktlen &= 0xffff; /* can't handle longer packets */
md_putc( md, pktlen >> 8 ); gcry_md_putc( md, pktlen >> 8 );
md_putc( md, pktlen & 0xff ); gcry_md_putc( md, pktlen & 0xff );
} }
/* hash the packet body */ /* hash the packet body */
while( (c=iobuf_get(a)) != -1 ) { while( (c=iobuf_get(a)) != -1 ) {
@ -307,7 +307,7 @@ hash_public_key( MD_HANDLE md, PKT_public_key *pk )
i=0; i=0;
} }
#endif #endif
md_putc( md, c ); gcry_md_putc( md, c );
} }
#if 0 #if 0
putc('\n', fp); putc('\n', fp);

View File

@ -25,6 +25,7 @@
#include <errno.h> #include <errno.h>
#include <assert.h> #include <assert.h>
#include <gcrypt.h>
#include "errors.h" #include "errors.h"
#include "iobuf.h" #include "iobuf.h"
#include "memory.h" #include "memory.h"
@ -55,6 +56,8 @@ write_header( cipher_filter_context_t *cfx, IOBUF a )
if( use_mdc ) { if( use_mdc ) {
ed.mdc_method = DIGEST_ALGO_SHA1; ed.mdc_method = DIGEST_ALGO_SHA1;
cfx->mdc_hash = gcry_md_open( DIGEST_ALGO_SHA1, 0 ); cfx->mdc_hash = gcry_md_open( DIGEST_ALGO_SHA1, 0 );
/*should we check the function works, or is it better to provide
a flag which makes the function die itself ?? FIXME */
/*md_start_debug( cfx->mdc_hash, "mdccreat" );*/ /*md_start_debug( cfx->mdc_hash, "mdccreat" );*/
} }
init_packet( &pkt ); init_packet( &pkt );
@ -70,13 +73,12 @@ write_header( cipher_filter_context_t *cfx, IOBUF a )
temp[nprefix] = temp[nprefix-2]; temp[nprefix] = temp[nprefix-2];
temp[nprefix+1] = temp[nprefix-1]; temp[nprefix+1] = temp[nprefix-1];
print_cipher_algo_note( cfx->dek->algo ); print_cipher_algo_note( cfx->dek->algo );
if( gcry_cipher_open( &cfx->cipher_hd, if( !(cfx->cipher_hd = gcry_cipher_open( cfx->dek->algo,
cfx->dek->algo, GCRY_CIPHER_MODE_CFB,
CIPHER_MODE_CFB, GCRY_CIPHER_SECURE
GCRY_CIPHER_SECURE | (cfx->dek->algo >= 100 ?
| (cfy->dek->algo >= 100 ? 0 : GCRY_CIPHER_ENABLE_SYNC)))
0 : GCRY_CIPHER_ENABLE_SYNC) ) ) {
) {
/* we should never get an error here cause we already checked, that /* we should never get an error here cause we already checked, that
* the algorithm is available. */ * the algorithm is available. */
BUG(); BUG();
@ -91,7 +93,7 @@ write_header( cipher_filter_context_t *cfx, IOBUF a )
/* log_hexdump( "prefix", temp, nprefix+2 ); */ /* log_hexdump( "prefix", temp, nprefix+2 ); */
if( cfx->mdc_hash ) if( cfx->mdc_hash )
gcry_md_write( cfx->mdc_hash, temp, nprefix+2 ); gcry_md_write( cfx->mdc_hash, temp, nprefix+2 );
rc = cipher_encrypt( cfx->cipher_hd, temp, nprefix+2, NULL, 0 ); rc = gcry_cipher_encrypt( cfx->cipher_hd, temp, nprefix+2, NULL, 0 );
if( !rc ) if( !rc )
rc = gcry_cipher_sync( cfx->cipher_hd ); rc = gcry_cipher_sync( cfx->cipher_hd );
if( rc ) if( rc )

View File

@ -124,7 +124,7 @@ delete_key( const char *username, int secret )
pubkey_letter( pk->pubkey_algo ), pubkey_letter( pk->pubkey_algo ),
keyid[1], datestr_from_pk(pk) ); keyid[1], datestr_from_pk(pk) );
p = get_user_id( keyid, &n ); p = get_user_id( keyid, &n );
tty_print_string( p, n ); tty_print_utf8_string( p, n );
m_free(p); m_free(p);
tty_printf("\n\n"); tty_printf("\n\n");

View File

@ -177,6 +177,7 @@ encode_simple( const char *filename, int mode )
pt->timestamp = make_timestamp(); pt->timestamp = make_timestamp();
pt->mode = opt.textmode? 't' : 'b'; pt->mode = opt.textmode? 't' : 'b';
pt->len = filesize; pt->len = filesize;
pt->new_ctb = !pt->len && !opt.rfc1991;
pt->buf = inp; pt->buf = inp;
pkt.pkttype = PKT_PLAINTEXT; pkt.pkttype = PKT_PLAINTEXT;
pkt.pkt.plaintext = pt; pkt.pkt.plaintext = pt;
@ -480,8 +481,8 @@ write_pubkey_enc_from_list( PK_LIST pk_list, DEK *dek, IOBUF out )
if( opt.verbose ) { if( opt.verbose ) {
char *ustr = get_user_id_string( enc->keyid ); char *ustr = get_user_id_string( enc->keyid );
log_info(_("%s/%s encrypted for: %s\n"), log_info(_("%s/%s encrypted for: %s\n"),
pubkey_algo_to_string(enc->pubkey_algo), gcry_pk_algo_name(enc->pubkey_algo),
cipher_algo_to_string(dek->algo), ustr ); gcry_cipher_algo_name(dek->algo), ustr );
m_free(ustr); m_free(ustr);
} }
/* and write it */ /* and write it */

View File

@ -56,7 +56,6 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
decode_filter_ctx_t dfx; decode_filter_ctx_t dfx;
byte *p; byte *p;
int rc=0, c, i; int rc=0, c, i;
int algo_okay;
byte temp[32]; byte temp[32];
int blocksize; int blocksize;
unsigned nprefix; unsigned nprefix;
@ -71,27 +70,45 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
if( opt.verbose ) if( opt.verbose )
log_info(_("%s encrypted data\n"), gcry_cipher_algo_name( dek->algo ) ); log_info(_("%s encrypted data\n"), gcry_cipher_algo_name( dek->algo ) );
blocksize = gcry_cipher_get_blklen( dek->algo ); blocksize = gcry_cipher_get_algo_blklen( dek->algo );
if( blocksize < 1 || blocksize > 16 ) if( blocksize < 1 || blocksize > 16 )
log_fatal("unsupported blocksize %u\n", blocksize ); log_fatal("unsupported blocksize %u\n", blocksize );
nprefix = blocksize; nprefix = blocksize;
if( ed->len && ed->len < (nprefix+2) ) if( ed->len && ed->len < (nprefix+2) )
BUG(); BUG();
--> We are currently working HERE!!!!
if( ed->mdc_method ) if( ed->mdc_method ) {
dfx.mdc_hash = md_open( ed->mdc_method, 0 ); dfx.mdc_hash = gcry_md_open( ed->mdc_method, 0 );
dfx.cipher_hd = cipher_open( dek->algo, CIPHER_MODE_AUTO_CFB, 1 ); if( !dfx.mdc_hash )
BUG();
}
if( !(dfx.cipher_hd = gcry_cipher_open( dek->algo,
GCRY_CIPHER_MODE_CFB,
GCRY_CIPHER_SECURE
| (dek->algo >= 100 ?
0 : GCRY_CIPHER_ENABLE_SYNC) ))
) {
/* we should never get an error here cause we already checked, that
* the algorithm is available. What about a flag to let the function
* die in this case? */
BUG();
}
/* log_hexdump( "thekey", dek->key, dek->keylen );*/ /* log_hexdump( "thekey", dek->key, dek->keylen );*/
rc = cipher_setkey( dfx.cipher_hd, dek->key, dek->keylen ); rc = gcry_cipher_setkey( dfx.cipher_hd, dek->key, dek->keylen );
if( rc == G10ERR_WEAK_KEY ) if( rc == GCRYERR_WEAK_KEY ) {
log_info(_("WARNING: message was encrypted with " log_info(_("WARNING: message was encrypted with "
"a weak key in the symmetric cipher.\n")); "a weak key in the symmetric cipher.\n"));
rc = 0;
}
else if( rc ) { else if( rc ) {
log_error("key setup failed: %s\n", g10_errstr(rc) ); log_error("key setup failed: %s\n", gcry_strerror(rc) );
rc = map_gcry_rc(rc);
goto leave; goto leave;
} }
cipher_setiv( dfx.cipher_hd, NULL, 0 ); gcry_cipher_setiv( dfx.cipher_hd, NULL, 0 );
if( ed->len ) { if( ed->len ) {
for(i=0; i < (nprefix+2) && ed->len; i++, ed->len-- ) { for(i=0; i < (nprefix+2) && ed->len; i++, ed->len-- ) {
@ -108,10 +125,10 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
else else
temp[i] = c; temp[i] = c;
} }
cipher_decrypt( dfx.cipher_hd, temp, temp, nprefix+2); gcry_cipher_decrypt( dfx.cipher_hd, temp, nprefix+2, NULL, 0 );
if( dfx.mdc_hash ) if( dfx.mdc_hash )
md_write( dfx.mdc_hash, temp, nprefix+2 ); gcry_md_write( dfx.mdc_hash, temp, nprefix+2 );
cipher_sync( dfx.cipher_hd ); gcry_cipher_sync( dfx.cipher_hd );
p = temp; p = temp;
/* log_hexdump( "prefix", temp, nprefix+2 ); */ /* log_hexdump( "prefix", temp, nprefix+2 ); */
if( p[nprefix-2] != p[nprefix] || p[nprefix-1] != p[nprefix+1] ) { if( p[nprefix-2] != p[nprefix] || p[nprefix-1] != p[nprefix+1] ) {
@ -127,20 +144,20 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
if( ed->mdc_method && dfx.eof_seen == 2 ) if( ed->mdc_method && dfx.eof_seen == 2 )
rc = G10ERR_INVALID_PACKET; rc = G10ERR_INVALID_PACKET;
else if( ed->mdc_method ) { /* check the mdc */ else if( ed->mdc_method ) { /* check the mdc */
int datalen = md_digest_length( ed->mdc_method ); int datalen = gcry_md_get_algo_dlen( ed->mdc_method );
md_final( dfx.mdc_hash );
if( datalen != 20 if( datalen != 20
|| memcmp(md_read( dfx.mdc_hash, 0 ), dfx.defer, datalen) ) || memcmp(gcry_md_read( dfx.mdc_hash, 0 ), dfx.defer, datalen) )
rc = G10ERR_BAD_SIGN; rc = G10ERR_BAD_SIGN;
log_hexdump("MDC calculated:", md_read( dfx.mdc_hash, 0), datalen); log_hexdump("MDC calculated:", gcry_md_read( dfx.mdc_hash, 0), datalen);
log_hexdump("MDC message :", dfx.defer, 20); log_hexdump("MDC message :", dfx.defer, 20);
} }
leave: leave:
cipher_close(dfx.cipher_hd); gcry_cipher_close(dfx.cipher_hd);
md_close( dfx.mdc_hash ); gcry_md_close( dfx.mdc_hash );
return rc; return rc;
} }
/* I think we should merge this with cipher_filter */ /* I think we should merge this with cipher_filter */
static int static int
mdc_decode_filter( void *opaque, int control, IOBUF a, mdc_decode_filter( void *opaque, int control, IOBUF a,
@ -198,8 +215,8 @@ mdc_decode_filter( void *opaque, int control, IOBUF a,
} }
if( n ) { if( n ) {
cipher_decrypt( dfx->cipher_hd, buf, buf, n); gcry_cipher_decrypt( dfx->cipher_hd, buf, n, NULL, 0);
md_write( dfx->mdc_hash, buf, n ); gcry_md_write( dfx->mdc_hash, buf, n );
} }
else { else {
assert( dfx->eof_seen ); assert( dfx->eof_seen );
@ -225,7 +242,7 @@ decode_filter( void *opaque, int control, IOBUF a, byte *buf, size_t *ret_len)
n = iobuf_read( a, buf, size ); n = iobuf_read( a, buf, size );
if( n == -1 ) n = 0; if( n == -1 ) n = 0;
if( n ) if( n )
cipher_decrypt( fc->cipher_hd, buf, buf, n); gcry_cipher_decrypt( fc->cipher_hd, buf, n, NULL, 0);
else else
rc = -1; /* eof */ rc = -1; /* eof */
*ret_len = n; *ret_len = n;

View File

@ -22,7 +22,9 @@
#include <gcrypt.h> #include <gcrypt.h>
#include "types.h" #include "basicdefs.h"
typedef struct { typedef struct {
GCRY_MD_HD md; /* catch all */ GCRY_MD_HD md; /* catch all */
@ -83,6 +85,13 @@ typedef struct {
} cipher_filter_context_t; } cipher_filter_context_t;
typedef struct {
int header_okay;
PK_LIST pk_list;
cipher_filter_context_t cfx;
} encrypt_filter_context_t;
typedef struct { typedef struct {
byte *buffer; /* malloced buffer */ byte *buffer; /* malloced buffer */

View File

@ -26,6 +26,7 @@
#include <ctype.h> #include <ctype.h>
#include <unistd.h> #include <unistd.h>
#include <gcrypt.h>
#include "packet.h" #include "packet.h"
#include "iobuf.h" #include "iobuf.h"
@ -36,7 +37,6 @@
#include "keydb.h" #include "keydb.h"
#include "trustdb.h" #include "trustdb.h"
#include "mpi.h" #include "mpi.h"
#include "cipher.h"
#include "filter.h" #include "filter.h"
#include "ttyio.h" #include "ttyio.h"
#include "i18n.h" #include "i18n.h"
@ -353,8 +353,8 @@ int g10_errors_seen = 0;
static int utf8_strings = 0; static int utf8_strings = 0;
static int maybe_setuid = 1; static int maybe_setuid = 1;
static char *build_list( const char *text, static char *build_list( const char *text, const char * (*mapf)(int),
const char *(*mapf)(int), int (*chkf)(int) ); int (*chkf)(int) );
static void set_cmd( enum cmd_and_opt_values *ret_cmd, static void set_cmd( enum cmd_and_opt_values *ret_cmd,
enum cmd_and_opt_values new_cmd ); enum cmd_and_opt_values new_cmd );
static void print_hex( byte *p, size_t n ); static void print_hex( byte *p, size_t n );
@ -388,20 +388,20 @@ strusage( int level )
case 31: p = _("\nSupported algorithms:\n"); break; case 31: p = _("\nSupported algorithms:\n"); break;
case 32: case 32:
if( !ciphers ) if( !ciphers )
ciphers = build_list("Cipher: ", cipher_algo_to_string, ciphers = build_list("Cipher: ", gcry_cipher_algo_name,
check_cipher_algo ); openpgp_cipher_test_algo );
p = ciphers; p = ciphers;
break; break;
case 33: case 33:
if( !pubkeys ) if( !pubkeys )
pubkeys = build_list("Pubkey: ", pubkey_algo_to_string, pubkeys = build_list("Pubkey: ", gcry_pk_algo_name,
check_pubkey_algo ); openpgp_pk_test_algo );
p = pubkeys; p = pubkeys;
break; break;
case 34: case 34:
if( !digests ) if( !digests )
digests = build_list("Hash: ", digest_algo_to_string, digests = build_list("Hash: ", gcry_md_algo_name,
check_digest_algo ); openpgp_md_test_algo );
p = digests; p = digests;
break; break;
@ -415,7 +415,6 @@ static char *
build_list( const char *text, const char * (*mapf)(int), int (*chkf)(int) ) build_list( const char *text, const char * (*mapf)(int), int (*chkf)(int) )
{ {
int i; int i;
const char *s;
size_t n=strlen(text)+2; size_t n=strlen(text)+2;
char *list, *p; char *list, *p;
@ -423,16 +422,16 @@ build_list( const char *text, const char * (*mapf)(int), int (*chkf)(int) )
secmem_init( 0 ); /* drop setuid */ secmem_init( 0 ); /* drop setuid */
for(i=1; i < 110; i++ ) for(i=1; i < 110; i++ )
if( !chkf(i) && (s=mapf(i)) ) if( !chkf(i) )
n += strlen(s) + 2; n += strlen(mapf(i)) + 2;
list = m_alloc( 21 + n ); *list = 0; list = m_alloc( 21 + n ); *list = 0;
for(p=NULL, i=1; i < 110; i++ ) { for(p=NULL, i=1; i < 110; i++ ) {
if( !chkf(i) && (s=mapf(i)) ) { if( !chkf(i) ) {
if( !p ) if( !p )
p = stpcpy( list, text ); p = stpcpy( list, text );
else else
p = stpcpy( p, ", "); p = stpcpy( p, ", ");
p = stpcpy(p, s ); p = stpcpy(p, mapf(i) );
} }
} }
if( p ) if( p )
@ -577,8 +576,8 @@ main( int argc, char **argv )
opt.def_digest_algo = 0; opt.def_digest_algo = 0;
opt.def_compress_algo = 2; opt.def_compress_algo = 2;
opt.s2k_mode = 3; /* iterated+salted */ opt.s2k_mode = 3; /* iterated+salted */
opt.s2k_digest_algo = DIGEST_ALGO_RMD160; opt.s2k_digest_algo = GCRY_MD_RMD160;
opt.s2k_cipher_algo = CIPHER_ALGO_BLOWFISH; opt.s2k_cipher_algo = GCRY_CIPHER_BLOWFISH;
opt.completes_needed = 1; opt.completes_needed = 1;
opt.marginals_needed = 3; opt.marginals_needed = 3;
opt.max_cert_depth = 5; opt.max_cert_depth = 5;
@ -798,8 +797,8 @@ main( int argc, char **argv )
opt.def_digest_algo = 0; opt.def_digest_algo = 0;
opt.def_compress_algo = 2; opt.def_compress_algo = 2;
opt.s2k_mode = 3; /* iterated+salted */ opt.s2k_mode = 3; /* iterated+salted */
opt.s2k_digest_algo = DIGEST_ALGO_RMD160; opt.s2k_digest_algo = GCRY_MD_RMD160;
opt.s2k_cipher_algo = CIPHER_ALGO_BLOWFISH; opt.s2k_cipher_algo = GCRY_CIPHER_BLOWFISH;
break; break;
case oEmuChecksumBug: opt.emulate_bugs |= EMUBUG_GPGCHKSUM; break; case oEmuChecksumBug: opt.emulate_bugs |= EMUBUG_GPGCHKSUM; break;
case oCompressSigs: opt.compress_sigs = 1; break; case oCompressSigs: opt.compress_sigs = 1; break;
@ -853,11 +852,14 @@ main( int argc, char **argv )
case oNotation: add_notation_data( pargs.r.ret_str ); break; case oNotation: add_notation_data( pargs.r.ret_str ); break;
case oUtf8Strings: utf8_strings = 1; break; case oUtf8Strings: utf8_strings = 1; break;
case oNoUtf8Strings: utf8_strings = 0; break; case oNoUtf8Strings: utf8_strings = 0; break;
case oDisableCipherAlgo: case oDisableCipherAlgo: {
disable_cipher_algo( string_to_cipher_algo(pargs.r.ret_str) ); int algo = gcry_cipher_map_name(pargs.r.ret_str);
gcry_cipher_ctl( NULL, GCRYCTL_DISABLE_ALGO,
&algo, sizeof algo );
}
break; break;
case oDisablePubkeyAlgo: case oDisablePubkeyAlgo:
disable_pubkey_algo( string_to_pubkey_algo(pargs.r.ret_str) ); disable_pubkey_algo( gcry_pk_map_name(pargs.r.ret_str) );
break; break;
case oAllowNonSelfsignedUID: case oAllowNonSelfsignedUID:
opt.allow_non_selfsigned_uid = 1; opt.allow_non_selfsigned_uid = 1;
@ -927,27 +929,27 @@ main( int argc, char **argv )
/* must do this after dropping setuid, because string_to... /* must do this after dropping setuid, because string_to...
* may try to load an module */ * may try to load an module */
if( def_cipher_string ) { if( def_cipher_string ) {
opt.def_cipher_algo = string_to_cipher_algo(def_cipher_string); opt.def_cipher_algo = gcry_cipher_map_name(def_cipher_string);
m_free(def_cipher_string); def_cipher_string = NULL; m_free(def_cipher_string); def_cipher_string = NULL;
if( check_cipher_algo(opt.def_cipher_algo) ) if( openpgp_cipher_test_algo(opt.def_cipher_algo) )
log_error(_("selected cipher algorithm is invalid\n")); log_error(_("selected cipher algorithm is invalid\n"));
} }
if( def_digest_string ) { if( def_digest_string ) {
opt.def_digest_algo = string_to_digest_algo(def_digest_string); opt.def_digest_algo = gcry_md_map_name(def_digest_string);
m_free(def_digest_string); def_digest_string = NULL; m_free(def_digest_string); def_digest_string = NULL;
if( check_digest_algo(opt.def_digest_algo) ) if( openpgp_md_test_algo(opt.def_digest_algo) )
log_error(_("selected digest algorithm is invalid\n")); log_error(_("selected digest algorithm is invalid\n"));
} }
if( s2k_cipher_string ) { if( s2k_cipher_string ) {
opt.s2k_cipher_algo = string_to_cipher_algo(s2k_cipher_string); opt.s2k_cipher_algo = gcry_cipher_map_name(s2k_cipher_string);
m_free(s2k_cipher_string); s2k_cipher_string = NULL; m_free(s2k_cipher_string); s2k_cipher_string = NULL;
if( check_cipher_algo(opt.s2k_cipher_algo) ) if( openpgp_cipher_test_algo(opt.s2k_cipher_algo) )
log_error(_("selected cipher algorithm is invalid\n")); log_error(_("selected cipher algorithm is invalid\n"));
} }
if( s2k_digest_string ) { if( s2k_digest_string ) {
opt.s2k_digest_algo = string_to_digest_algo(s2k_digest_string); opt.s2k_digest_algo = gcry_md_map_name(s2k_digest_string);
m_free(s2k_digest_string); s2k_digest_string = NULL; m_free(s2k_digest_string); s2k_digest_string = NULL;
if( check_digest_algo(opt.s2k_digest_algo) ) if( openpgp_md_test_algo(opt.s2k_digest_algo) )
log_error(_("selected digest algorithm is invalid\n")); log_error(_("selected digest algorithm is invalid\n"));
} }
if( opt.set_policy_url ) { if( opt.set_policy_url ) {
@ -1330,7 +1332,7 @@ main( int argc, char **argv )
wrong_args("--print-md algo [files]"); wrong_args("--print-md algo [files]");
{ {
int all_algos = (**argv=='*' && !(*argv)[1]); int all_algos = (**argv=='*' && !(*argv)[1]);
int algo = all_algos? 0 : string_to_digest_algo(*argv); int algo = all_algos? 0 : gcry_md_map_name(*argv);
if( !algo && !all_algos ) if( !algo && !all_algos )
log_error(_("invalid hash algorithm `%s'\n"), *argv ); log_error(_("invalid hash algorithm `%s'\n"), *argv );
@ -1509,8 +1511,9 @@ print_mds( const char *fname, int algo )
FILE *fp; FILE *fp;
char buf[1024]; char buf[1024];
size_t n; size_t n;
MD_HANDLE md; GCRY_MD_HD md;
char *pname; char *pname;
int have_tiger = 0;
if( !fname ) { if( !fname ) {
fp = stdin; fp = stdin;
@ -1527,43 +1530,41 @@ print_mds( const char *fname, int algo )
return; return;
} }
md = md_open( 0, 0 ); md = gcry_md_open( 0, 0 );
if( algo ) if( algo )
md_enable( md, algo ); gcry_md_enable( md, algo );
else { else {
md_enable( md, DIGEST_ALGO_MD5 ); gcry_md_enable( md, GCRY_MD_MD5 );
md_enable( md, DIGEST_ALGO_SHA1 ); gcry_md_enable( md, GCRY_MD_SHA1 );
md_enable( md, DIGEST_ALGO_RMD160 ); gcry_md_enable( md, GCRY_MD_RMD160 );
if( !check_digest_algo(DIGEST_ALGO_TIGER) ) have_tiger = !gcry_md_enable( md, GCRY_MD_TIGER );
md_enable( md, DIGEST_ALGO_TIGER );
} }
while( (n=fread( buf, 1, DIM(buf), fp )) ) while( (n=fread( buf, 1, DIM(buf), fp )) )
md_write( md, buf, n ); gcry_md_write( md, buf, n );
if( ferror(fp) ) if( ferror(fp) )
log_error("%s%s\n", pname, strerror(errno) ); log_error("%s%s\n", pname, strerror(errno) );
else { else {
md_final(md);
if( algo ) { if( algo ) {
if( fname ) if( fname )
fputs( pname, stdout ); fputs( pname, stdout );
print_hex(md_read(md, algo), md_digest_length(algo) ); print_hex( gcry_md_read(md, algo), gcry_md_get_algo_dlen(algo) );
} }
else { else {
printf( "%s MD5 = ", fname?pname:"" ); printf( "%s MD5 = ", fname?pname:"" );
print_hex(md_read(md, DIGEST_ALGO_MD5), 16 ); print_hex(gcry_md_read(md, GCRY_MD_MD5), 16 );
printf("\n%s SHA1 = ", fname?pname:"" ); printf("\n%s SHA1 = ", fname?pname:"" );
print_hex(md_read(md, DIGEST_ALGO_SHA1), 20 ); print_hex(gcry_md_read(md, GCRY_MD_SHA1), 20 );
printf("\n%sRMD160 = ", fname?pname:"" ); printf("\n%sRMD160 = ", fname?pname:"" );
print_hex(md_read(md, DIGEST_ALGO_RMD160), 20 ); print_hex(gcry_md_read(md, GCRY_MD_RMD160), 20 );
if( !check_digest_algo(DIGEST_ALGO_TIGER) ) { if( have_tiger ) {
printf("\n%s TIGER = ", fname?pname:"" ); printf("\n%s TIGER = ", fname?pname:"" );
print_hex(md_read(md, DIGEST_ALGO_TIGER), 24 ); print_hex(gcry_md_read(md, GCRY_MD_TIGER), 24 );
} }
} }
putchar('\n'); putchar('\n');
} }
md_close(md); gcry_md_close(md);
if( fp != stdin ) if( fp != stdin )
fclose(fp); fclose(fp);

View File

@ -25,9 +25,8 @@
#include <gdbm.h> #include <gdbm.h>
#endif #endif
#include "types.h" #include "basicdefs.h"
#include "packet.h" #include "packet.h"
#include "cipher.h"
#define MAX_FINGERPRINT_LEN 20 #define MAX_FINGERPRINT_LEN 20
@ -83,7 +82,6 @@ struct keyblock_pos_struct {
typedef struct keyblock_pos_struct KBPOS; typedef struct keyblock_pos_struct KBPOS;
/* structure to hold a couple of public key certificates */ /* structure to hold a couple of public key certificates */
typedef struct pk_list *PK_LIST;
struct pk_list { struct pk_list {
PK_LIST next; PK_LIST next;
PKT_public_key *pk; PKT_public_key *pk;
@ -91,7 +89,6 @@ struct pk_list {
}; };
/* structure to hold a couple of secret key certificates */ /* structure to hold a couple of secret key certificates */
typedef struct sk_list *SK_LIST;
struct sk_list { struct sk_list {
SK_LIST next; SK_LIST next;
PKT_secret_key *sk; PKT_secret_key *sk;

View File

@ -443,7 +443,7 @@ ask_keysize( int algo )
" minimum keysize is 768 bits\n" " minimum keysize is 768 bits\n"
" default keysize is 1024 bits\n" " default keysize is 1024 bits\n"
" highest suggested keysize is 2048 bits\n"), " highest suggested keysize is 2048 bits\n"),
pubkey_algo_to_string(algo) ); gcry_pk_algo_name(algo) );
for(;;) { for(;;) {
answer = cpr_get("keygen.size", answer = cpr_get("keygen.size",
_("What keysize do you want? (1024) ")); _("What keysize do you want? (1024) "));
@ -686,7 +686,7 @@ ask_user_id( int mode )
tty_printf(_("You selected this USER-ID:\n \"%s\"\n\n"), uid); tty_printf(_("You selected this USER-ID:\n \"%s\"\n\n"), uid);
/* fixme: add a warning if this user-id already exists */ /* fixme: add a warning if this user-id already exists */
for(;;) { for(;;) {
char *ansstr = _("NnCcEeOoQq"); const char *ansstr = _("NnCcEeOoQq");
if( strlen(ansstr) != 10 ) if( strlen(ansstr) != 10 )
BUG(); BUG();

View File

@ -25,6 +25,7 @@
#include <errno.h> #include <errno.h>
#include <time.h> #include <time.h>
#include <assert.h> #include <assert.h>
#include <gcrypt.h>
#include "util.h" #include "util.h"
#include "main.h" #include "main.h"
#include "packet.h" #include "packet.h"
@ -48,10 +49,10 @@ pubkey_letter( int algo )
} }
static MD_HANDLE static GCRY_MD_HD
do_fingerprint_md( PKT_public_key *pk ) do_fingerprint_md( PKT_public_key *pk )
{ {
MD_HANDLE md; GCRY_MD_HD md;
unsigned n; unsigned n;
unsigned nb[PUBKEY_MAX_NPKEY]; unsigned nb[PUBKEY_MAX_NPKEY];
unsigned nn[PUBKEY_MAX_NPKEY]; unsigned nn[PUBKEY_MAX_NPKEY];
@ -59,7 +60,9 @@ do_fingerprint_md( PKT_public_key *pk )
int i; int i;
int npkey = pubkey_get_npkey( pk->pubkey_algo ); int npkey = pubkey_get_npkey( pk->pubkey_algo );
md = md_open( pk->version < 4 ? DIGEST_ALGO_RMD160 : DIGEST_ALGO_SHA1, 0); md = gcry_md_open( pk->version < 4 ? GCRY_MD_RMD160 : GCRY_MD_SHA1, 0);
if( !md )
BUG();
n = pk->version < 4 ? 8 : 6; n = pk->version < 4 ? 8 : 6;
for(i=0; i < npkey; i++ ) { for(i=0; i < npkey; i++ ) {
nb[i] = mpi_get_nbits(pk->pkey[i]); nb[i] = mpi_get_nbits(pk->pkey[i]);
@ -67,19 +70,19 @@ do_fingerprint_md( PKT_public_key *pk )
n += 2 + nn[i]; n += 2 + nn[i];
} }
md_putc( md, 0x99 ); /* ctb */ gcry_md_putc( md, 0x99 ); /* ctb */
md_putc( md, n >> 8 ); /* 2 byte length header */ gcry_md_putc( md, n >> 8 ); /* 2 byte length header */
md_putc( md, n ); gcry_md_putc( md, n );
if( pk->version < 4 ) if( pk->version < 4 )
md_putc( md, 3 ); gcry_md_putc( md, 3 );
else else
md_putc( md, 4 ); gcry_md_putc( md, 4 );
{ u32 a = pk->timestamp; { u32 a = pk->timestamp;
md_putc( md, a >> 24 ); gcry_md_putc( md, a >> 24 );
md_putc( md, a >> 16 ); gcry_md_putc( md, a >> 16 );
md_putc( md, a >> 8 ); gcry_md_putc( md, a >> 8 );
md_putc( md, a ); gcry_md_putc( md, a );
} }
if( pk->version < 4 ) { if( pk->version < 4 ) {
u16 a; u16 a;
@ -88,22 +91,22 @@ do_fingerprint_md( PKT_public_key *pk )
a = (u16)((pk->expiredate - pk->timestamp) / 86400L); a = (u16)((pk->expiredate - pk->timestamp) / 86400L);
else else
a = 0; a = 0;
md_putc( md, a >> 8 ); gcry_md_putc( md, a >> 8 );
md_putc( md, a ); gcry_md_putc( md, a );
} }
md_putc( md, pk->pubkey_algo ); gcry_md_putc( md, pk->pubkey_algo );
for(i=0; i < npkey; i++ ) { for(i=0; i < npkey; i++ ) {
md_putc( md, nb[i]>>8); gcry_md_putc( md, nb[i]>>8);
md_putc( md, nb[i] ); gcry_md_putc( md, nb[i] );
md_write( md, pp[i], nn[i] ); gcry_md_write( md, pp[i], nn[i] );
m_free(pp[i]); m_free(pp[i]);
} }
md_final( md ); gcry_md_final( md );
return md; return md;
} }
static MD_HANDLE static GCRY_MD_HD
do_fingerprint_md_sk( PKT_secret_key *sk ) do_fingerprint_md_sk( PKT_secret_key *sk )
{ {
PKT_public_key pk; PKT_public_key pk;
@ -140,13 +143,13 @@ keyid_from_sk( PKT_secret_key *sk, u32 *keyid )
} }
else { else {
const byte *dp; const byte *dp;
MD_HANDLE md; GCRY_MD_HD md;
md = do_fingerprint_md_sk(sk); md = do_fingerprint_md_sk(sk);
dp = md_read( md, 0 ); dp = gcry_md_read( md, 0 );
keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ; keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ;
keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ; keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ;
lowbits = keyid[1]; lowbits = keyid[1];
md_close(md); gcry_md_close(md);
} }
return lowbits; return lowbits;
@ -179,13 +182,13 @@ keyid_from_pk( PKT_public_key *pk, u32 *keyid )
} }
else { else {
const byte *dp; const byte *dp;
MD_HANDLE md; GCRY_MD_HD md;
md = do_fingerprint_md(pk); md = do_fingerprint_md(pk);
dp = md_read( md, 0 ); dp = gcry_md_read( md, 0 );
keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ; keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ;
keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ; keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ;
lowbits = keyid[1]; lowbits = keyid[1];
md_close(md); gcry_md_close(md);
pk->keyid[0] = keyid[0]; pk->keyid[0] = keyid[0];
pk->keyid[1] = keyid[1]; pk->keyid[1] = keyid[1];
} }
@ -348,34 +351,36 @@ fingerprint_from_pk( PKT_public_key *pk, byte *array, size_t *ret_len )
if( pk->version < 4 && is_RSA(pk->pubkey_algo) ) { if( pk->version < 4 && is_RSA(pk->pubkey_algo) ) {
/* RSA in version 3 packets is special */ /* RSA in version 3 packets is special */
MD_HANDLE md; GCRY_MD_HD md;
md = md_open( DIGEST_ALGO_MD5, 0); md = gcry_md_open( DIGEST_ALGO_MD5, 0);
if( !md )
BUG();
if( pubkey_get_npkey( pk->pubkey_algo ) > 1 ) { if( pubkey_get_npkey( pk->pubkey_algo ) > 1 ) {
p = buf = mpi_get_buffer( pk->pkey[0], &n, NULL ); p = buf = mpi_get_buffer( pk->pkey[0], &n, NULL );
md_write( md, p, n ); gcry_md_write( md, p, n );
m_free(buf); m_free(buf);
p = buf = mpi_get_buffer( pk->pkey[1], &n, NULL ); p = buf = mpi_get_buffer( pk->pkey[1], &n, NULL );
md_write( md, p, n ); gcry_md_write( md, p, n );
m_free(buf); m_free(buf);
} }
md_final(md); gcry_md_final(md);
if( !array ) if( !array )
array = m_alloc( 16 ); array = m_alloc( 16 );
len = 16; len = 16;
memcpy(array, md_read(md, DIGEST_ALGO_MD5), 16 ); memcpy(array, gcry_md_read(md, DIGEST_ALGO_MD5), 16 );
md_close(md); gcry_md_close(md);
} }
else { else {
MD_HANDLE md; GCRY_MD_HD md;
md = do_fingerprint_md(pk); md = do_fingerprint_md(pk);
dp = md_read( md, 0 ); dp = gcry_md_read( md, 0 );
len = md_digest_length( md_get_algo( md ) ); len = gcry_md_get_algo_dlen( gcry_md_get_algo( md ) );
assert( len <= MAX_FINGERPRINT_LEN ); assert( len <= MAX_FINGERPRINT_LEN );
if( !array ) if( !array )
array = m_alloc( len ); array = m_alloc( len );
memcpy(array, dp, len ); memcpy(array, dp, len );
md_close(md); gcry_md_close(md);
} }
*ret_len = len; *ret_len = len;
@ -392,34 +397,36 @@ fingerprint_from_sk( PKT_secret_key *sk, byte *array, size_t *ret_len )
if( sk->version < 4 && is_RSA(sk->pubkey_algo) ) { if( sk->version < 4 && is_RSA(sk->pubkey_algo) ) {
/* RSA in version 3 packets is special */ /* RSA in version 3 packets is special */
MD_HANDLE md; GCRY_MD_HD md;
md = md_open( DIGEST_ALGO_MD5, 0); md = gcry_md_open( DIGEST_ALGO_MD5, 0);
if( !md )
BUG();
if( pubkey_get_npkey( sk->pubkey_algo ) > 1 ) { if( pubkey_get_npkey( sk->pubkey_algo ) > 1 ) {
p = buf = mpi_get_buffer( sk->skey[1], &n, NULL ); p = buf = mpi_get_buffer( sk->skey[1], &n, NULL );
md_write( md, p, n ); gcry_md_write( md, p, n );
m_free(buf); m_free(buf);
p = buf = mpi_get_buffer( sk->skey[0], &n, NULL ); p = buf = mpi_get_buffer( sk->skey[0], &n, NULL );
md_write( md, p, n ); gcry_md_write( md, p, n );
m_free(buf); m_free(buf);
} }
md_final(md); gcry_md_final(md);
if( !array ) if( !array )
array = m_alloc( 16 ); array = m_alloc( 16 );
len = 16; len = 16;
memcpy(array, md_read(md, DIGEST_ALGO_MD5), 16 ); memcpy(array, gcry_md_read(md, GCRY_MD_MD5), 16 );
md_close(md); gcry_md_close(md);
} }
else { else {
MD_HANDLE md; GCRY_MD_HD md;
md = do_fingerprint_md_sk(sk); md = do_fingerprint_md_sk(sk);
dp = md_read( md, 0 ); dp = gcry_md_read( md, 0 );
len = md_digest_length( md_get_algo( md ) ); len = gcry_md_get_algo_dlen( gcry_md_get_algo( md ) );
assert( len <= MAX_FINGERPRINT_LEN ); assert( len <= MAX_FINGERPRINT_LEN );
if( !array ) if( !array )
array = m_alloc( len ); array = m_alloc( len );
memcpy(array, dp, len ); memcpy(array, dp, len );
md_close(md); gcry_md_close(md);
} }
*ret_len = len; *ret_len = len;

View File

@ -19,22 +19,16 @@
*/ */
#ifndef G10_MAIN_H #ifndef G10_MAIN_H
#define G10_MAIN_H #define G10_MAIN_H
#include "types.h"
#include <gcrypt.h>
#include "basicdefs.h"
#include "iobuf.h" #include "iobuf.h"
#include "mpi.h" #include "mpi.h"
#include "cipher.h"
#include "keydb.h" #include "keydb.h"
#define DEFAULT_CIPHER_ALGO CIPHER_ALGO_BLOWFISH #define DEFAULT_CIPHER_ALGO GCRY_CIPHER_BLOWFISH
#define DEFAULT_PUBKEY_ALGO PUBKEY_ALGO_ELGAMAL #define DEFAULT_PUBKEY_ALGO GCRY_PUBKEY_ELGAMAL
#define DEFAULT_DIGEST_ALGO DIGEST_ALGO_RMD160 #define DEFAULT_DIGEST_ALGO GCRY_MD_RMD160
typedef struct {
int header_okay;
PK_LIST pk_list;
cipher_filter_context_t cfx;
} encrypt_filter_context_t;
/*-- g10.c --*/ /*-- g10.c --*/
@ -61,6 +55,10 @@ u16 checksum_mpi( MPI a );
u16 checksum_mpi_counted_nbits( MPI a ); u16 checksum_mpi_counted_nbits( MPI a );
u32 buffer_to_u32( const byte *buffer ); u32 buffer_to_u32( const byte *buffer );
int openpgp_cipher_test_algo( int algo );
int openpgp_pk_test_algo( int algo );
int openpgp_md_test_algo( int algo );
/*-- helptext.c --*/ /*-- helptext.c --*/
void display_online_help( const char *keyword ); void display_online_help( const char *keyword );
@ -73,7 +71,7 @@ int encrypt_filter( void *opaque, int control,
/*-- sign.c --*/ /*-- sign.c --*/
int complete_sig( PKT_signature *sig, PKT_secret_key *sk, MD_HANDLE md ); int complete_sig( PKT_signature *sig, PKT_secret_key *sk, GCRY_MD_HD md );
int sign_file( STRLIST filenames, int detached, STRLIST locusr, int sign_file( STRLIST filenames, int detached, STRLIST locusr,
int do_encrypt, STRLIST remusr, const char *outfile ); int do_encrypt, STRLIST remusr, const char *outfile );
int clearsign_file( const char *fname, STRLIST locusr, const char *outfile ); int clearsign_file( const char *fname, STRLIST locusr, const char *outfile );
@ -108,7 +106,7 @@ void copy_options_file( const char *destdir );
/*-- seskey.c --*/ /*-- seskey.c --*/
void make_session_key( DEK *dek ); void make_session_key( DEK *dek );
MPI encode_session_key( DEK *dek, unsigned nbits ); MPI encode_session_key( DEK *dek, unsigned nbits );
MPI encode_md_value( int pubkey_algo, MD_HANDLE md, MPI encode_md_value( int pubkey_algo, GCRY_MD_HD md,
int hash_algo, unsigned nbits ); int hash_algo, unsigned nbits );
/*-- comment.c --*/ /*-- comment.c --*/
@ -143,7 +141,7 @@ int verify_signatures( int nfiles, char **files );
int decrypt_message( const char *filename ); int decrypt_message( const char *filename );
/*-- plaintext.c --*/ /*-- plaintext.c --*/
int hash_datafiles( MD_HANDLE md, MD_HANDLE md2, int hash_datafiles( GCRY_MD_HD md, GCRY_MD_HD md2,
STRLIST files, const char *sigfilename, int textmode ); STRLIST files, const char *sigfilename, int textmode );
/*-- signal.c --*/ /*-- signal.c --*/

View File

@ -25,12 +25,12 @@
#include <assert.h> #include <assert.h>
#include <time.h> #include <time.h>
#include <gcrypt.h>
#include "packet.h" #include "packet.h"
#include "iobuf.h" #include "iobuf.h"
#include "memory.h" #include "memory.h"
#include "options.h" #include "options.h"
#include "util.h" #include "util.h"
#include "cipher.h"
#include "keydb.h" #include "keydb.h"
#include "filter.h" #include "filter.h"
#include "main.h" #include "main.h"
@ -266,7 +266,7 @@ print_failed_pkenc( struct kidlist_item *list )
{ {
for( ; list; list = list->next ) { for( ; list; list = list->next ) {
PKT_public_key *pk = m_alloc_clear( sizeof *pk ); PKT_public_key *pk = m_alloc_clear( sizeof *pk );
const char *algstr = pubkey_algo_to_string( list->pubkey_algo ); const char *algstr = gcry_pk_algo_name( list->pubkey_algo );
pk->pubkey_algo = list->pubkey_algo; pk->pubkey_algo = list->pubkey_algo;
if( !get_pubkey( pk, list->kid ) ) { if( !get_pubkey( pk, list->kid ) ) {
@ -361,7 +361,8 @@ proc_plaintext( CTX c, PACKET *pkt )
else if( opt.verbose ) else if( opt.verbose )
log_info(_("original file name='%.*s'\n"), pt->namelen, pt->name); log_info(_("original file name='%.*s'\n"), pt->namelen, pt->name);
free_md_filter_context( &c->mfx ); free_md_filter_context( &c->mfx );
c->mfx.md = md_open( 0, 0); if( !(c->mfx.md = gcry_md_open( 0, 0)) )
BUG();
/* fixme: we may need to push the textfilter if we have sigclass 1 /* fixme: we may need to push the textfilter if we have sigclass 1
* and no armoring - Not yet tested * and no armoring - Not yet tested
* Hmmm, why don't we need it at all if we have sigclass 1 * Hmmm, why don't we need it at all if we have sigclass 1
@ -372,7 +373,8 @@ proc_plaintext( CTX c, PACKET *pkt )
for(n=c->list; n; n = n->next ) { for(n=c->list; n; n = n->next ) {
if( n->pkt->pkttype == PKT_ONEPASS_SIG ) { if( n->pkt->pkttype == PKT_ONEPASS_SIG ) {
if( n->pkt->pkt.onepass_sig->digest_algo ) { if( n->pkt->pkt.onepass_sig->digest_algo ) {
md_enable( c->mfx.md, n->pkt->pkt.onepass_sig->digest_algo ); gcry_md_enable( c->mfx.md,
n->pkt->pkt.onepass_sig->digest_algo );
if( !any && n->pkt->pkt.onepass_sig->digest_algo if( !any && n->pkt->pkt.onepass_sig->digest_algo
== DIGEST_ALGO_MD5 ) == DIGEST_ALGO_MD5 )
only_md5 = 1; only_md5 = 1;
@ -398,9 +400,9 @@ proc_plaintext( CTX c, PACKET *pkt )
} }
} }
if( !any ) { /* no onepass sig packet: enable all standard algos */ if( !any ) { /* no onepass sig packet: enable all standard algos */
md_enable( c->mfx.md, DIGEST_ALGO_RMD160 ); gcry_md_enable( c->mfx.md, DIGEST_ALGO_RMD160 );
md_enable( c->mfx.md, DIGEST_ALGO_SHA1 ); gcry_md_enable( c->mfx.md, DIGEST_ALGO_SHA1 );
md_enable( c->mfx.md, DIGEST_ALGO_MD5 ); gcry_md_enable( c->mfx.md, DIGEST_ALGO_MD5 );
} }
if( only_md5 ) { if( only_md5 ) {
/* This is a kludge to work around a bug in pgp2. It does only /* This is a kludge to work around a bug in pgp2. It does only
@ -408,7 +410,8 @@ proc_plaintext( CTX c, PACKET *pkt )
* pgp mails we could see whether there is the signature packet * pgp mails we could see whether there is the signature packet
* in front of the plaintext. If someone needs this, send me a patch. * in front of the plaintext. If someone needs this, send me a patch.
*/ */
c->mfx.md2 = md_open( DIGEST_ALGO_MD5, 0); if( !(c->mfx.md2 = gcry_md_open( DIGEST_ALGO_MD5, 0)) )
BUG();
} }
#if 0 #if 0
#warning md_start_debug is enabled #warning md_start_debug is enabled
@ -467,7 +470,7 @@ static int
do_check_sig( CTX c, KBNODE node, int *is_selfsig ) do_check_sig( CTX c, KBNODE node, int *is_selfsig )
{ {
PKT_signature *sig; PKT_signature *sig;
MD_HANDLE md = NULL, md2 = NULL; GCRY_MD_HD md = NULL, md2 = NULL;
int algo, rc; int algo, rc;
assert( node->pkt->pkttype == PKT_SIGNATURE ); assert( node->pkt->pkttype == PKT_SIGNATURE );
@ -476,27 +479,31 @@ do_check_sig( CTX c, KBNODE node, int *is_selfsig )
sig = node->pkt->pkt.signature; sig = node->pkt->pkt.signature;
algo = sig->digest_algo; algo = sig->digest_algo;
if( (rc=check_digest_algo(algo)) ) if( (rc=openpgp_md_test_algo(algo)) )
return rc; return rc;
if( sig->sig_class == 0x00 ) { if( sig->sig_class == 0x00 ) {
if( c->mfx.md ) if( c->mfx.md )
md = md_copy( c->mfx.md ); md = gcry_md_copy( c->mfx.md );
else /* detached signature */ else /* detached signature */
md = md_open( 0, 0 ); /* signature_check() will enable the md*/ md = gcry_md_open( 0, 0 ); /* signature_check() will enable the md*/
if( !md )
BUG();
} }
else if( sig->sig_class == 0x01 ) { else if( sig->sig_class == 0x01 ) {
/* how do we know that we have to hash the (already hashed) text /* how do we know that we have to hash the (already hashed) text
* in canonical mode ??? (calculating both modes???) */ * in canonical mode ??? (calculating both modes???) */
if( c->mfx.md ) { if( c->mfx.md ) {
md = md_copy( c->mfx.md ); md = gcry_md_copy( c->mfx.md );
if( c->mfx.md2 ) if( c->mfx.md2 )
md2 = md_copy( c->mfx.md2 ); md2 = gcry_md_copy( c->mfx.md2 );
} }
else { /* detached signature */ else { /* detached signature */
log_debug("Do we really need this here?"); log_debug("Do we really need this here?");
md = md_open( 0, 0 ); /* signature_check() will enable the md*/ md = gcry_md_open( 0, 0 ); /* signature_check() will enable the md*/
md2 = md_open( 0, 0 ); md2 = gcry_md_open( 0, 0 );
if( !md || !md2 )
BUG();
} }
} }
else if( (sig->sig_class&~3) == 0x10 else if( (sig->sig_class&~3) == 0x10
@ -518,8 +525,8 @@ do_check_sig( CTX c, KBNODE node, int *is_selfsig )
rc = signature_check( sig, md ); rc = signature_check( sig, md );
if( rc == G10ERR_BAD_SIGN && md2 ) if( rc == G10ERR_BAD_SIGN && md2 )
rc = signature_check( sig, md2 ); rc = signature_check( sig, md2 );
md_close(md); gcry_md_close(md);
md_close(md2); gcry_md_close(md2);
return rc; return rc;
} }
@ -1020,7 +1027,7 @@ static int
check_sig_and_print( CTX c, KBNODE node ) check_sig_and_print( CTX c, KBNODE node )
{ {
PKT_signature *sig = node->pkt->pkt.signature; PKT_signature *sig = node->pkt->pkt.signature;
const char *astr, *tstr; const char *tstr;
int rc; int rc;
if( opt.skip_verify ) { if( opt.skip_verify ) {
@ -1029,9 +1036,9 @@ check_sig_and_print( CTX c, KBNODE node )
} }
tstr = asctimestamp(sig->timestamp); tstr = asctimestamp(sig->timestamp);
astr = pubkey_algo_to_string( sig->pubkey_algo );
log_info(_("Signature made %.*s using %s key ID %08lX\n"), log_info(_("Signature made %.*s using %s key ID %08lX\n"),
(int)strlen(tstr), tstr, astr? astr: "?", (ulong)sig->keyid[1] ); (int)strlen(tstr), tstr, gcry_pk_algo_name( sig->pubkey_algo ),
(ulong)sig->keyid[1] );
rc = do_check_sig(c, node, NULL ); rc = do_check_sig(c, node, NULL );
if( rc == G10ERR_NO_PUBKEY && opt.keyserver_name ) { if( rc == G10ERR_NO_PUBKEY && opt.keyserver_name ) {
@ -1148,11 +1155,12 @@ proc_tree( CTX c, KBNODE node )
if( !c->have_data ) { if( !c->have_data ) {
free_md_filter_context( &c->mfx ); free_md_filter_context( &c->mfx );
/* prepare to create all requested message digests */ /* prepare to create all requested message digests */
c->mfx.md = md_open(0, 0); if( !(c->mfx.md = gcry_md_open(0, 0)) )
BUG();
/* fixme: why looking for the signature packet and not 1passpacket*/ /* fixme: why looking for the signature packet and not 1passpacket*/
for( n1 = node; (n1 = find_next_kbnode(n1, PKT_SIGNATURE )); ) { for( n1 = node; (n1 = find_next_kbnode(n1, PKT_SIGNATURE )); ) {
md_enable( c->mfx.md, n1->pkt->pkt.signature->digest_algo); gcry_md_enable( c->mfx.md, n1->pkt->pkt.signature->digest_algo);
} }
/* ask for file and hash it */ /* ask for file and hash it */
if( c->sigs_only ) if( c->sigs_only )
@ -1177,18 +1185,21 @@ proc_tree( CTX c, KBNODE node )
if( !c->have_data ) { if( !c->have_data ) {
/* detached signature */ /* detached signature */
free_md_filter_context( &c->mfx ); free_md_filter_context( &c->mfx );
c->mfx.md = md_open(sig->digest_algo, 0); if( !(c->mfx.md = gcry_md_open(sig->digest_algo, 0)) )
BUG();
if( sig->digest_algo == DIGEST_ALGO_MD5 if( sig->digest_algo == DIGEST_ALGO_MD5
&& is_RSA( sig->pubkey_algo ) ) { && is_RSA( sig->pubkey_algo ) ) {
/* enable a workaround for a pgp2 bug */ /* enable a workaround for a pgp2 bug */
c->mfx.md2 = md_open( DIGEST_ALGO_MD5, 0 ); if( !(c->mfx.md2 = gcry_md_open( DIGEST_ALGO_MD5, 0 )) )
BUG();
} }
else if( sig->digest_algo == DIGEST_ALGO_SHA1 else if( sig->digest_algo == DIGEST_ALGO_SHA1
&& sig->pubkey_algo == PUBKEY_ALGO_DSA && sig->pubkey_algo == PUBKEY_ALGO_DSA
&& sig->sig_class == 0x01 ) { && sig->sig_class == 0x01 ) {
/* enable the workaround also for pgp5 when the detached /* enable the workaround also for pgp5 when the detached
* signature has been created in textmode */ * signature has been created in textmode */
c->mfx.md2 = md_open( sig->digest_algo, 0 ); if( !(c->mfx.md2 = gcry_md_open( sig->digest_algo, 0 )) )
BUG();
} }
/* Here we have another hack to work around a pgp 2 bug /* Here we have another hack to work around a pgp 2 bug
* It works by not using the textmode for detached signatures; * It works by not using the textmode for detached signatures;

View File

@ -50,9 +50,9 @@ md_filter( void *opaque, int control,
i = iobuf_read( a, buf, size ); i = iobuf_read( a, buf, size );
if( i == -1 ) i = 0; if( i == -1 ) i = 0;
if( i ) { if( i ) {
md_write(mfx->md, buf, i ); gcry_md_write(mfx->md, buf, i );
if( mfx->md2 ) if( mfx->md2 )
md_write(mfx->md2, buf, i ); gcry_md_write(mfx->md2, buf, i );
} }
else else
rc = -1; /* eof */ rc = -1; /* eof */
@ -67,8 +67,8 @@ md_filter( void *opaque, int control,
void void
free_md_filter_context( md_filter_context_t *mfx ) free_md_filter_context( md_filter_context_t *mfx )
{ {
md_close(mfx->md); gcry_md_close(mfx->md);
md_close(mfx->md2); gcry_md_close(mfx->md2);
mfx->md = NULL; mfx->md = NULL;
mfx->md2 = NULL; mfx->md2 = NULL;
mfx->maxbuf_size = 0; mfx->maxbuf_size = 0;

View File

@ -31,6 +31,7 @@
#include <sys/time.h> #include <sys/time.h>
#include <sys/resource.h> #include <sys/resource.h>
#endif #endif
#include <gcrypt.h>
#include "util.h" #include "util.h"
#include "main.h" #include "main.h"
#include "options.h" #include "options.h"
@ -265,3 +266,32 @@ map_gcry_rc( int rc )
} }
} }
/****************
* Wrapper around the libgcrypt function with addional checks on
* openPGP contrainst for the algo ID.
*/
int
openpgp_cipher_test_algo( int algo )
{
if( algo < 0 || algo > 110 )
return GCRYERR_INV_ALGO;
return gcry_cipher_test_algo(algo);
}
int
openpgp_pk_test_algo( int algo )
{
if( algo < 0 || algo > 110 )
return GCRYERR_INV_ALGO;
return gcry_pk_test_algo(algo);
}
int
openpgp_md_test_algo( int algo )
{
if( algo < 0 || algo > 110 )
return GCRYERR_INV_ALGO;
return gcry_md_test_algo(algo);
}

View File

@ -39,6 +39,14 @@
#define SKELEXT ".skel" #define SKELEXT ".skel"
#endif #endif
#ifdef HAVE_DRIVE_LETTERS
#define CMP_FILENAME(a,b) stricmp( (a), (b) )
#else
#define CMP_FILENAME(a,b) strcmp( (a), (b) )
#endif
/* FIXME: Implement opt.interactive. */ /* FIXME: Implement opt.interactive. */
/**************** /****************
@ -70,6 +78,7 @@ overwrite_filep( const char *fname )
} }
/**************** /****************
* Strip know extensions from iname and return a newly allocated * Strip know extensions from iname and return a newly allocated
* filename. Return NULL if we can't do that. * filename. Return NULL if we can't do that.
@ -82,13 +91,11 @@ make_outfile_name( const char *iname )
if( (!iname || (*iname=='-' && !iname[1]) )) if( (!iname || (*iname=='-' && !iname[1]) ))
return m_strdup("-"); return m_strdup("-");
#ifdef HAVE_DRIVE_LETTERS
#warning add case insensitive compare
#endif
n = strlen(iname); n = strlen(iname);
if( n > 4 && ( !strcmp(iname+n-4,".gpg") if( n > 4 && ( !CMP_FILENAME(iname+n-4,".gpg")
|| !strcmp(iname+n-4,".sig") || !CMP_FILENAME(iname+n-4,".pgp")
|| !strcmp(iname+n-4,".asc") ) ) { || !CMP_FILENAME(iname+n-4,".sig")
|| !CMP_FILENAME(iname+n-4,".asc") ) ) {
char *buf = m_strdup( iname ); char *buf = m_strdup( iname );
buf[n-4] = 0; buf[n-4] = 0;
return buf; return buf;
@ -169,11 +176,33 @@ open_outfile( const char *iname, int mode, IOBUF *a )
name = opt.outfile; name = opt.outfile;
else { else {
#ifdef USE_ONLY_8DOT3 #ifdef USE_ONLY_8DOT3
#warning please implement 8.3 files /* It is quite common for DOS system to have only one dot in a
#endif * a filename So if we have something like this, we simple
* replace the suffix execpt in cases where the suffix is
* larger than 3 characters and not the same as.
* We should really map the filenames to 8.3 but this tends to
* be more complicated and is probaly a duty of the filesystem
*/
char *dot;
const char *newsfx = mode==1 ? ".asc" :
mode==2 ? ".sig" : ".gpg";
buf = m_alloc(strlen(iname)+4+1);
strcpy(buf,iname);
dot = strchr(buf, '.' );
if( dot && dot > buf && dot[1] && strlen(dot) <= 4
&& CMP_FILENAME(newsfx, dot) ) {
strcpy(dot, newsfx );
}
else if( dot && !dot[1] ) /* don't duplicate a dot */
strcat( dot, newsfx+1 );
else
strcat( buf, newsfx );
#else
buf = m_alloc(strlen(iname)+4+1); buf = m_alloc(strlen(iname)+4+1);
strcpy(stpcpy(buf,iname), mode==1 ? ".asc" : strcpy(stpcpy(buf,iname), mode==1 ? ".asc" :
mode==2 ? ".sig" : ".gpg"); mode==2 ? ".sig" : ".gpg");
#endif
name = buf; name = buf;
} }
@ -204,9 +233,6 @@ open_sigfile( const char *iname )
IOBUF a = NULL; IOBUF a = NULL;
size_t len; size_t len;
#ifdef USE_ONLY_8DOT3
#warning please implement 8.3 files
#endif
if( iname && !(*iname == '-' && !iname[1]) ) { if( iname && !(*iname == '-' && !iname[1]) ) {
len = strlen(iname); len = strlen(iname);
if( len > 4 && ( !strcmp(iname + len - 4, ".sig") if( len > 4 && ( !strcmp(iname + len - 4, ".sig")

View File

@ -281,7 +281,7 @@ const byte *parse_sig_subpkt2( PKT_signature *sig,
/*-- build-packet.c --*/ /*-- build-packet.c --*/
int build_packet( IOBUF inp, PACKET *pkt ); int build_packet( IOBUF inp, PACKET *pkt );
u32 calc_packet_length( PACKET *pkt ); u32 calc_packet_length( PACKET *pkt );
void hash_public_key( MD_HANDLE md, PKT_public_key *pk ); void hash_public_key( GCRY_MD_HD md, PKT_public_key *pk );
void build_sig_subpkt( PKT_signature *sig, sigsubpkttype_t type, void build_sig_subpkt( PKT_signature *sig, sigsubpkttype_t type,
const byte *buffer, size_t buflen ); const byte *buffer, size_t buflen );
void build_sig_subpkt_from_sig( PKT_signature *sig ); void build_sig_subpkt_from_sig( PKT_signature *sig );
@ -313,7 +313,7 @@ int cmp_user_ids( PKT_user_id *a, PKT_user_id *b );
/*-- sig-check.c --*/ /*-- sig-check.c --*/
int signature_check( PKT_signature *sig, MD_HANDLE digest ); int signature_check( PKT_signature *sig, GCRY_MD_HD digest );
/*-- seckey-cert.c --*/ /*-- seckey-cert.c --*/
int is_secret_key_protected( PKT_secret_key *sk ); int is_secret_key_protected( PKT_secret_key *sk );
@ -334,7 +334,7 @@ int encrypt_data( PKT_encrypted *ed, DEK *dek );
/*-- plaintext.c --*/ /*-- plaintext.c --*/
int handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx, int handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
int nooutput, int clearsig ); int nooutput, int clearsig );
int ask_for_detached_datafile( MD_HANDLE md, MD_HANDLE md2, int ask_for_detached_datafile( GCRY_MD_HD md, GCRY_MD_HD md2,
const char *inname, int textmode ); const char *inname, int textmode );
/*-- comment.c --*/ /*-- comment.c --*/

View File

@ -159,14 +159,14 @@ passphrase_to_dek( u32 *keyid, int pubkey_algo,
tty_printf(_("\nYou need a passphrase to unlock the secret key for\n" tty_printf(_("\nYou need a passphrase to unlock the secret key for\n"
"user: \"") ); "user: \"") );
p = get_user_id( keyid, &n ); p = get_user_id( keyid, &n );
tty_print_string( p, n ); tty_print_utf8_string( p, n );
m_free(p); m_free(p);
tty_printf("\"\n"); tty_printf("\"\n");
if( !get_pubkey( pk, keyid ) ) { if( !get_pubkey( pk, keyid ) ) {
const char *s = pubkey_algo_to_string( pk->pubkey_algo );
tty_printf( _("%u-bit %s key, ID %08lX, created %s"), tty_printf( _("%u-bit %s key, ID %08lX, created %s"),
nbits_from_pk( pk ), s?s:"?", (ulong)keyid[1], nbits_from_pk( pk ),
gcry_pk_algo_name( pk->pubkey_algo ), (ulong)keyid[1],
strtimestamp(pk->timestamp) ); strtimestamp(pk->timestamp) );
if( keyid[2] && keyid[3] && keyid[0] != keyid[2] if( keyid[2] && keyid[3] && keyid[0] != keyid[2]
&& keyid[1] != keyid[3] ) && keyid[1] != keyid[3] )
@ -229,22 +229,24 @@ passphrase_to_dek( u32 *keyid, int pubkey_algo,
static void static void
hash_passphrase( DEK *dek, char *pw, STRING2KEY *s2k, int create ) hash_passphrase( DEK *dek, char *pw, STRING2KEY *s2k, int create )
{ {
MD_HANDLE md; GCRY_MD_HD md;
int pass, i; int pass, i;
int used = 0; int used = 0;
int pwlen = strlen(pw); int pwlen = strlen(pw);
assert( s2k->hash_algo ); assert( s2k->hash_algo );
dek->keylen = cipher_get_keylen( dek->algo ) / 8; dek->keylen = gcry_cipher_get_algo_keylen( dek->algo );
if( !(dek->keylen > 0 && dek->keylen <= DIM(dek->key)) ) if( !(dek->keylen > 0 && dek->keylen <= DIM(dek->key)) )
BUG(); BUG();
md = md_open( s2k->hash_algo, 1); if( !(md = gcry_md_open( s2k->hash_algo, GCRY_MD_FLAG_SECURE )) )
BUG();
for(pass=0; used < dek->keylen ; pass++ ) { for(pass=0; used < dek->keylen ; pass++ ) {
if( pass ) { if( pass ) {
md_reset(md); gcry_md_reset(md);
for(i=0; i < pass; i++ ) /* preset the hash context */ for(i=0; i < pass; i++ ) /* preset the hash context */
md_putc(md, 0 ); gcry_md_putc(md, 0 );
} }
if( s2k->mode == 1 || s2k->mode == 3 ) { if( s2k->mode == 1 || s2k->mode == 3 ) {
@ -264,28 +266,28 @@ hash_passphrase( DEK *dek, char *pw, STRING2KEY *s2k, int create )
} }
/* a little bit complicated because we need a ulong for count */ /* a little bit complicated because we need a ulong for count */
while( count > len2 ) { /* maybe iterated+salted */ while( count > len2 ) { /* maybe iterated+salted */
md_write( md, s2k->salt, 8 ); gcry_md_write( md, s2k->salt, 8 );
md_write( md, pw, pwlen ); gcry_md_write( md, pw, pwlen );
count -= len2; count -= len2;
} }
if( count < 8 ) if( count < 8 )
md_write( md, s2k->salt, count ); gcry_md_write( md, s2k->salt, count );
else { else {
md_write( md, s2k->salt, 8 ); gcry_md_write( md, s2k->salt, 8 );
count -= 8; count -= 8;
assert( count >= 0 ); assert( count >= 0 );
md_write( md, pw, count ); gcry_md_write( md, pw, count );
} }
} }
else else
md_write( md, pw, pwlen ); gcry_md_write( md, pw, pwlen );
md_final( md ); gcry_md_final( md );
i = md_digest_length( s2k->hash_algo ); i = gcry_md_get_algo_dlen( s2k->hash_algo );
if( i > dek->keylen - used ) if( i > dek->keylen - used )
i = dek->keylen - used; i = dek->keylen - used;
memcpy( dek->key+used, md_read(md, s2k->hash_algo), i ); memcpy( dek->key+used, gcry_md_read(md, s2k->hash_algo), i );
used += i; used += i;
} }
md_close(md); gcry_md_close(md);
} }

View File

@ -27,6 +27,7 @@
#include "options.h" #include "options.h"
#include "packet.h" #include "packet.h"
#include "main.h"
#include "errors.h" #include "errors.h"
#include "keydb.h" #include "keydb.h"
#include "memory.h" #include "memory.h"
@ -149,7 +150,7 @@ show_paths( ulong lid, int only_first )
putchar(' '); putchar(' ');
p = get_user_id( keyid, &n ); p = get_user_id( keyid, &n );
tty_print_string( p, n ), tty_print_utf8_string( p, n ),
m_free(p); m_free(p);
tty_printf("\"\n"); tty_printf("\"\n");
free_public_key( pk ); free_public_key( pk );
@ -194,7 +195,7 @@ do_edit_ownertrust( ulong lid, int mode, unsigned *new_trust, int defer_help )
for(;;) { for(;;) {
/* a string with valid answers */ /* a string with valid answers */
char *ans = _("sSmMqQ"); const char *ans = _("sSmMqQ");
if( !did_help ) { if( !did_help ) {
if( !mode ) { if( !mode ) {
@ -203,7 +204,7 @@ do_edit_ownertrust( ulong lid, int mode, unsigned *new_trust, int defer_help )
nbits_from_pk( pk ), pubkey_letter( pk->pubkey_algo ), nbits_from_pk( pk ), pubkey_letter( pk->pubkey_algo ),
(ulong)keyid[1], datestr_from_pk( pk ) ); (ulong)keyid[1], datestr_from_pk( pk ) );
p = get_user_id( keyid, &n ); p = get_user_id( keyid, &n );
tty_print_string( p, n ), tty_print_utf8_string( p, n ),
m_free(p); m_free(p);
tty_printf("\"\n"); tty_printf("\"\n");
print_fpr( pk ); print_fpr( pk );
@ -460,7 +461,7 @@ do_we_trust_pre( PKT_public_key *pk, int trustlevel )
nbits_from_pk( pk ), pubkey_letter( pk->pubkey_algo ), nbits_from_pk( pk ), pubkey_letter( pk->pubkey_algo ),
(ulong)keyid[1], datestr_from_pk( pk ) ); (ulong)keyid[1], datestr_from_pk( pk ) );
p = get_user_id( keyid, &n ); p = get_user_id( keyid, &n );
tty_print_string( p, n ), tty_print_utf8_string( p, n ),
m_free(p); m_free(p);
tty_printf("\"\n"); tty_printf("\"\n");
print_fpr( pk ); print_fpr( pk );
@ -908,10 +909,10 @@ algo_available( int preftype, int algo )
if( preftype == PREFTYPE_SYM ) { if( preftype == PREFTYPE_SYM ) {
if( algo == CIPHER_ALGO_TWOFISH ) if( algo == CIPHER_ALGO_TWOFISH )
return 0; /* we don't want to generate Twofish messages for now*/ return 0; /* we don't want to generate Twofish messages for now*/
return algo && !check_cipher_algo( algo ); return algo && !openpgp_cipher_test_algo( algo );
} }
else if( preftype == PREFTYPE_HASH ) { else if( preftype == PREFTYPE_HASH ) {
return algo && !check_digest_algo( algo ); return algo && !openpgp_md_test_algo( algo );
} }
else if( preftype == PREFTYPE_COMPR ) { else if( preftype == PREFTYPE_COMPR ) {
return !algo || algo == 1 || algo == 2; return !algo || algo == 1 || algo == 2;

View File

@ -106,7 +106,7 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
goto leave; goto leave;
} }
if( mfx->md ) if( mfx->md )
md_putc(mfx->md, c ); gcry_md_putc(mfx->md, c );
if( c == '\r' ) if( c == '\r' )
continue; /* fixme: this hack might be too simple */ continue; /* fixme: this hack might be too simple */
if( fp ) { if( fp ) {
@ -132,7 +132,7 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
goto leave; goto leave;
} }
if( mfx->md ) if( mfx->md )
md_write( mfx->md, buffer, len ); gcry_md_write( mfx->md, buffer, len );
if( fp ) { if( fp ) {
if( fwrite( buffer, 1, len, fp ) != len ) { if( fwrite( buffer, 1, len, fp ) != len ) {
log_error("Error writing to `%s': %s\n", log_error("Error writing to `%s': %s\n",
@ -151,7 +151,7 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
if( convert ) { /* text mode */ if( convert ) { /* text mode */
while( (c = iobuf_get(pt->buf)) != -1 ) { while( (c = iobuf_get(pt->buf)) != -1 ) {
if( mfx->md ) if( mfx->md )
md_putc(mfx->md, c ); gcry_md_putc(mfx->md, c );
if( convert && c == '\r' ) if( convert && c == '\r' )
continue; /* fixme: this hack might be too simple */ continue; /* fixme: this hack might be too simple */
if( fp ) { if( fp ) {
@ -180,7 +180,7 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
if( len < 32768 ) if( len < 32768 )
eof = 1; eof = 1;
if( mfx->md ) if( mfx->md )
md_write( mfx->md, buffer, len ); gcry_md_write( mfx->md, buffer, len );
if( fp ) { if( fp ) {
if( fwrite( buffer, 1, len, fp ) != len ) { if( fwrite( buffer, 1, len, fp ) != len ) {
log_error("Error writing to `%s': %s\n", log_error("Error writing to `%s': %s\n",
@ -210,26 +210,26 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
if( !mfx->md ) if( !mfx->md )
continue; continue;
if( state == 2 ) { if( state == 2 ) {
md_putc(mfx->md, '\r' ); gcry_md_putc(mfx->md, '\r' );
md_putc(mfx->md, '\n' ); gcry_md_putc(mfx->md, '\n' );
state = 0; state = 0;
} }
if( !state ) { if( !state ) {
if( c == '\r' ) if( c == '\r' )
state = 1; state = 1;
else else
md_putc(mfx->md, c ); gcry_md_putc(mfx->md, c );
} }
else if( state == 1 ) { else if( state == 1 ) {
if( c == '\n' ) if( c == '\n' )
state = 2; state = 2;
else { else {
md_putc(mfx->md, '\r' ); gcry_md_putc(mfx->md, '\r' );
if( c == '\r' ) if( c == '\r' )
state = 1; state = 1;
else { else {
state = 0; state = 0;
md_putc(mfx->md, c ); gcry_md_putc(mfx->md, c );
} }
} }
} }
@ -253,7 +253,7 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
} }
static void static void
do_hash( MD_HANDLE md, MD_HANDLE md2, IOBUF fp, int textmode ) do_hash( GCRY_MD_HD md, GCRY_MD_HD md2, IOBUF fp, int textmode )
{ {
text_filter_context_t tfx; text_filter_context_t tfx;
int c; int c;
@ -267,27 +267,27 @@ do_hash( MD_HANDLE md, MD_HANDLE md2, IOBUF fp, int textmode )
int lc = -1; int lc = -1;
while( (c = iobuf_get(fp)) != -1 ) { while( (c = iobuf_get(fp)) != -1 ) {
if( c == '\n' && lc == '\r' ) if( c == '\n' && lc == '\r' )
md_putc(md2, c); gcry_md_putc(md2, c);
else if( c == '\n' ) { else if( c == '\n' ) {
md_putc(md2, '\r'); gcry_md_putc(md2, '\r');
md_putc(md2, c); gcry_md_putc(md2, c);
} }
else if( c != '\n' && lc == '\r' ) { else if( c != '\n' && lc == '\r' ) {
md_putc(md2, '\n'); gcry_md_putc(md2, '\n');
md_putc(md2, c); gcry_md_putc(md2, c);
} }
else else
md_putc(md2, c); gcry_md_putc(md2, c);
if( md ) if( md )
md_putc(md, c ); gcry_md_putc(md, c );
lc = c; lc = c;
} }
} }
else { else {
while( (c = iobuf_get(fp)) != -1 ) { while( (c = iobuf_get(fp)) != -1 ) {
if( md ) if( md )
md_putc(md, c ); gcry_md_putc(md, c );
} }
} }
} }
@ -298,7 +298,7 @@ do_hash( MD_HANDLE md, MD_HANDLE md2, IOBUF fp, int textmode )
* INFILE is the name of the input file. * INFILE is the name of the input file.
*/ */
int int
ask_for_detached_datafile( MD_HANDLE md, MD_HANDLE md2, ask_for_detached_datafile( GCRY_MD_HD md, GCRY_MD_HD md2,
const char *inname, int textmode ) const char *inname, int textmode )
{ {
char *answer = NULL; char *answer = NULL;
@ -308,7 +308,7 @@ ask_for_detached_datafile( MD_HANDLE md, MD_HANDLE md2,
fp = open_sigfile( inname ); /* open default file */ fp = open_sigfile( inname ); /* open default file */
if( !fp && !opt.batch ) { if( !fp && !opt.batch ) {
int any=0; int any=0;
tty_printf("Detached signature.\n"); tty_printf(_("Detached signature.\n"));
do { do {
m_free(answer); m_free(answer);
answer = cpr_get("detached_signature.filename", answer = cpr_get("detached_signature.filename",
@ -353,7 +353,7 @@ ask_for_detached_datafile( MD_HANDLE md, MD_HANDLE md2,
* If FILES is NULL, hash stdin. * If FILES is NULL, hash stdin.
*/ */
int int
hash_datafiles( MD_HANDLE md, MD_HANDLE md2, STRLIST files, hash_datafiles( GCRY_MD_HD md, GCRY_MD_HD md2, STRLIST files,
const char *sigfilename, int textmode ) const char *sigfilename, int textmode )
{ {
IOBUF fp; IOBUF fp;

View File

@ -26,6 +26,7 @@
#include "util.h" #include "util.h"
#include "memory.h" #include "memory.h"
#include "packet.h" #include "packet.h"
#include "main.h"
#include "mpi.h" #include "mpi.h"
#include "keydb.h" #include "keydb.h"
#include "trustdb.h" #include "trustdb.h"
@ -150,12 +151,12 @@ get_it( PKT_pubkey_enc *k, DEK *dek, PKT_secret_key *sk, u32 *keyid )
dek->algo = frame[n++]; dek->algo = frame[n++];
if( dek->algo == CIPHER_ALGO_IDEA ) if( dek->algo == CIPHER_ALGO_IDEA )
write_status(STATUS_RSA_OR_IDEA); write_status(STATUS_RSA_OR_IDEA);
rc = check_cipher_algo( dek->algo ); rc = openpgp_cipher_test_algo( dek->algo );
if( rc ) { if( rc ) {
dek->algo = 0; dek->algo = 0;
goto leave; goto leave;
} }
if( (dek->keylen*8) != cipher_get_keylen( dek->algo ) ) { if( dek->keylen != gcry_cipher_get_algo_keylen( dek->algo ) ) {
rc = G10ERR_WRONG_SECKEY; rc = G10ERR_WRONG_SECKEY;
goto leave; goto leave;
} }

View File

@ -113,7 +113,7 @@ gen_revoke( const char *uname )
{ {
size_t n; size_t n;
char *p = get_user_id( sk_keyid, &n ); char *p = get_user_id( sk_keyid, &n );
tty_print_string( p, n ); tty_print_utf8_string( p, n );
m_free(p); m_free(p);
tty_printf("\n"); tty_printf("\n");
} }
@ -243,8 +243,8 @@ ask_revoke_sig( KBNODE keyblock, KBNODE node, PKT_signature *sig ) ) {
} }
tty_printf(_("user ID: \"")); tty_printf(_("user ID: \""));
tty_print_string( unode->pkt->pkt.user_id->name, tty_print_utf8_string( unode->pkt->pkt.user_id->name,
unode->pkt->pkt.user_id->len, 0 ); unode->pkt->pkt.user_id->len, 0 );
tty_printf(_("\"\nsigned with your key %08lX at %s\n"), tty_printf(_("\"\nsigned with your key %08lX at %s\n"),
sig->keyid[1], datestr_from_sig(sig) ); sig->keyid[1], datestr_from_sig(sig) );

View File

@ -737,7 +737,9 @@ enum_keyblocks( int mode, KBPOS *kbpos, KBNODE *ret_root )
if( !mode || mode == 5 || mode == 100 ) { if( !mode || mode == 5 || mode == 100 ) {
int i; int i;
kbpos->fp = NULL; kbpos->fp = NULL;
kbpos->rt = rt_UNKNOWN;
if( !mode ) { if( !mode ) {
kbpos->secret = 0; kbpos->secret = 0;
i = 0; i = 0;

View File

@ -23,12 +23,13 @@
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include <assert.h> #include <assert.h>
#include <gcrypt.h>
#include "util.h" #include "util.h"
#include "memory.h" #include "memory.h"
#include "packet.h" #include "packet.h"
#include "mpi.h" #include "mpi.h"
#include "keydb.h" #include "keydb.h"
#include "cipher.h"
#include "main.h" #include "main.h"
#include "options.h" #include "options.h"
#include "i18n.h" #include "i18n.h"
@ -46,12 +47,12 @@ do_check( PKT_secret_key *sk )
if( sk->is_protected ) { /* remove the protection */ if( sk->is_protected ) { /* remove the protection */
DEK *dek = NULL; DEK *dek = NULL;
u32 keyid[4]; /* 4! because we need two of them */ u32 keyid[4]; /* 4! because we need two of them */
CIPHER_HANDLE cipher_hd=NULL; GCRY_CIPHER_HD cipher_hd=NULL;
PKT_secret_key *save_sk; PKT_secret_key *save_sk;
if( sk->protect.algo == CIPHER_ALGO_NONE ) if( sk->protect.algo == GCRY_CIPHER_NONE )
BUG(); BUG();
if( check_cipher_algo( sk->protect.algo ) ) { if( openpgp_cipher_test_algo( sk->protect.algo ) ) {
log_info(_("protection algorithm %d is not supported\n"), log_info(_("protection algorithm %d is not supported\n"),
sk->protect.algo ); sk->protect.algo );
return G10ERR_CIPHER_ALGO; return G10ERR_CIPHER_ALGO;
@ -66,12 +67,21 @@ do_check( PKT_secret_key *sk )
} }
dek = passphrase_to_dek( keyid, sk->pubkey_algo, sk->protect.algo, dek = passphrase_to_dek( keyid, sk->pubkey_algo, sk->protect.algo,
&sk->protect.s2k, 0 ); &sk->protect.s2k, 0 );
cipher_hd = cipher_open( sk->protect.algo, if( !(cipher_hd = gcry_cipher_open( sk->protect.algo,
CIPHER_MODE_AUTO_CFB, 1); GCRY_CIPHER_MODE_CFB,
cipher_setkey( cipher_hd, dek->key, dek->keylen ); GCRY_CIPHER_SECURE
| (sk->protect.algo >= 100 ?
0 : GCRY_CIPHER_ENABLE_SYNC) ) )
) {
BUG();
}
if( gcry_cipher_setkey( cipher_hd, dek->key, dek->keylen ) )
log_fatal("set key failed: %s\n", gcry_strerror(-1) );
m_free(dek); m_free(dek);
save_sk = copy_secret_key( NULL, sk ); save_sk = copy_secret_key( NULL, sk );
cipher_setiv( cipher_hd, sk->protect.iv, sk->protect.ivlen ); if( gcry_cipher_setiv( cipher_hd, sk->protect.iv, sk->protect.ivlen ))
log_fatal("set IV failed: %s\n", gcry_strerror(-1) );
csum = 0; csum = 0;
if( sk->version >= 4 ) { if( sk->version >= 4 ) {
int ndata; int ndata;
@ -81,7 +91,7 @@ do_check( PKT_secret_key *sk )
assert( mpi_is_opaque( sk->skey[i] ) ); assert( mpi_is_opaque( sk->skey[i] ) );
p = mpi_get_opaque( sk->skey[i], &ndata ); p = mpi_get_opaque( sk->skey[i], &ndata );
data = m_alloc_secure( ndata ); data = m_alloc_secure( ndata );
cipher_decrypt( cipher_hd, data, p, ndata ); gcry_cipher_decrypt( cipher_hd, data, ndata, p, ndata );
mpi_free( sk->skey[i] ); sk->skey[i] = NULL ; mpi_free( sk->skey[i] ); sk->skey[i] = NULL ;
p = data; p = data;
if( ndata < 2 ) { if( ndata < 2 ) {
@ -109,9 +119,9 @@ do_check( PKT_secret_key *sk )
for(i=pubkey_get_npkey(sk->pubkey_algo); for(i=pubkey_get_npkey(sk->pubkey_algo);
i < pubkey_get_nskey(sk->pubkey_algo); i++ ) { i < pubkey_get_nskey(sk->pubkey_algo); i++ ) {
buffer = mpi_get_secure_buffer( sk->skey[i], &nbytes, NULL ); buffer = mpi_get_secure_buffer( sk->skey[i], &nbytes, NULL );
cipher_sync( cipher_hd ); gcry_cipher_sync( cipher_hd );
assert( mpi_is_protected(sk->skey[i]) ); assert( mpi_is_protected(sk->skey[i]) );
cipher_decrypt( cipher_hd, buffer, buffer, nbytes ); gcry_cipher_decrypt( cipher_hd, buffer, nbytes, NULL, 0 );
mpi_set_buffer( sk->skey[i], buffer, nbytes, 0 ); mpi_set_buffer( sk->skey[i], buffer, nbytes, 0 );
mpi_clear_protect_flag( sk->skey[i] ); mpi_clear_protect_flag( sk->skey[i] );
csum += checksum_mpi( sk->skey[i] ); csum += checksum_mpi( sk->skey[i] );
@ -121,7 +131,7 @@ do_check( PKT_secret_key *sk )
csum = sk->csum; csum = sk->csum;
} }
} }
cipher_close( cipher_hd ); gcry_cipher_close( cipher_hd );
/* now let's see whether we have used the right passphrase */ /* now let's see whether we have used the right passphrase */
if( csum != sk->csum ) { if( csum != sk->csum ) {
copy_secret_key( sk, save_sk ); copy_secret_key( sk, save_sk );
@ -215,23 +225,41 @@ protect_secret_key( PKT_secret_key *sk, DEK *dek )
return 0; return 0;
if( !sk->is_protected ) { /* okay, apply the protection */ if( !sk->is_protected ) { /* okay, apply the protection */
CIPHER_HANDLE cipher_hd=NULL; GCRY_CIPHER_HD cipher_hd=NULL;
if( check_cipher_algo( sk->protect.algo ) ) if( openpgp_cipher_test_algo( sk->protect.algo ) )
rc = G10ERR_CIPHER_ALGO; /* unsupport protection algorithm */ rc = G10ERR_CIPHER_ALGO; /* unsupport protection algorithm */
else { else {
print_cipher_algo_note( sk->protect.algo ); print_cipher_algo_note( sk->protect.algo );
cipher_hd = cipher_open( sk->protect.algo, if( !(cipher_hd = gcry_cipher_open( sk->protect.algo,
CIPHER_MODE_AUTO_CFB, 1 ); GCRY_CIPHER_MODE_CFB,
if( cipher_setkey( cipher_hd, dek->key, dek->keylen ) ) GCRY_CIPHER_SECURE
| (sk->protect.algo >= 100 ?
0 : GCRY_CIPHER_ENABLE_SYNC) ))
) {
BUG();
}
rc = gcry_cipher_setkey( cipher_hd, dek->key, dek->keylen );
if( rc == GCRYERR_WEAK_KEY ) {
log_info(_("WARNING: Weak key detected" log_info(_("WARNING: Weak key detected"
" - please change passphrase again.\n")); " - please change passphrase again.\n"));
sk->protect.ivlen = cipher_get_blocksize( sk->protect.algo ); rc = 0;
}
else if( rc )
BUG();
/* set the IV length */
{ int blocksize = gcry_cipher_get_algo_blklen( sk->protect.algo );
if( blocksize != 8 && blocksize != 16 )
log_fatal("unsupported blocksize %d\n", blocksize );
sk->protect.ivlen = blocksize;
}
assert( sk->protect.ivlen <= DIM(sk->protect.iv) ); assert( sk->protect.ivlen <= DIM(sk->protect.iv) );
if( sk->protect.ivlen != 8 && sk->protect.ivlen != 16 )
BUG(); /* yes, we are very careful */
randomize_buffer(sk->protect.iv, sk->protect.ivlen, 1); randomize_buffer(sk->protect.iv, sk->protect.ivlen, 1);
cipher_setiv( cipher_hd, sk->protect.iv, sk->protect.ivlen ); gcry_cipher_setiv( cipher_hd, sk->protect.iv, sk->protect.ivlen );
if( sk->version >= 4 ) { if( sk->version >= 4 ) {
#define NMPIS (PUBKEY_MAX_NSKEY - PUBKEY_MAX_NPKEY) #define NMPIS (PUBKEY_MAX_NSKEY - PUBKEY_MAX_NPKEY)
byte *bufarr[NMPIS]; byte *bufarr[NMPIS];
@ -267,7 +295,7 @@ protect_secret_key( PKT_secret_key *sk, DEK *dek )
*p++ = csum >> 8; *p++ = csum >> 8;
*p++ = csum; *p++ = csum;
assert( p == data+ndata ); assert( p == data+ndata );
cipher_encrypt( cipher_hd, data, data, ndata ); gcry_cipher_encrypt( cipher_hd, data, ndata, NULL, 0 );
for(i = pubkey_get_npkey(sk->pubkey_algo); for(i = pubkey_get_npkey(sk->pubkey_algo);
i < pubkey_get_nskey(sk->pubkey_algo); i++ ) { i < pubkey_get_nskey(sk->pubkey_algo); i++ ) {
mpi_free( sk->skey[i] ); mpi_free( sk->skey[i] );
@ -284,9 +312,9 @@ protect_secret_key( PKT_secret_key *sk, DEK *dek )
i < pubkey_get_nskey(sk->pubkey_algo); i++ ) { i < pubkey_get_nskey(sk->pubkey_algo); i++ ) {
csum += checksum_mpi_counted_nbits( sk->skey[i] ); csum += checksum_mpi_counted_nbits( sk->skey[i] );
buffer = mpi_get_buffer( sk->skey[i], &nbytes, NULL ); buffer = mpi_get_buffer( sk->skey[i], &nbytes, NULL );
cipher_sync( cipher_hd ); gcry_cipher_sync( cipher_hd );
assert( !mpi_is_protected(sk->skey[i]) ); assert( !mpi_is_protected(sk->skey[i]) );
cipher_encrypt( cipher_hd, buffer, buffer, nbytes ); gcry_cipher_encrypt( cipher_hd, buffer, nbytes, NULL, 0 );
mpi_set_buffer( sk->skey[i], buffer, nbytes, 0 ); mpi_set_buffer( sk->skey[i], buffer, nbytes, 0 );
mpi_set_protect_flag( sk->skey[i] ); mpi_set_protect_flag( sk->skey[i] );
m_free( buffer ); m_free( buffer );
@ -294,7 +322,7 @@ protect_secret_key( PKT_secret_key *sk, DEK *dek )
sk->csum = csum; sk->csum = csum;
} }
sk->is_protected = 1; sk->is_protected = 1;
cipher_close( cipher_hd ); gcry_cipher_close( cipher_hd );
} }
} }
return rc; return rc;

View File

@ -23,6 +23,8 @@
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include <assert.h> #include <assert.h>
#include <gcrypt.h>
#include "util.h" #include "util.h"
#include "cipher.h" #include "cipher.h"
#include "mpi.h" #include "mpi.h"
@ -36,19 +38,28 @@
void void
make_session_key( DEK *dek ) make_session_key( DEK *dek )
{ {
CIPHER_HANDLE chd; GCRY_CIPHER_HD chd;
int i, rc; int i, rc;
dek->keylen = cipher_get_keylen( dek->algo ) / 8; dek->keylen = gcry_cipher_get_algo_keylen( dek->algo );
if( !(chd = gcry_cipher_open( dek->algo, GCRY_CIPHER_MODE_CFB,
GCRY_CIPHER_SECURE
| (dek->algo >= 100 ?
0 : GCRY_CIPHER_ENABLE_SYNC) ))
) {
BUG();
}
chd = cipher_open( dek->algo, CIPHER_MODE_AUTO_CFB, 1 );
randomize_buffer( dek->key, dek->keylen, 1 ); randomize_buffer( dek->key, dek->keylen, 1 );
for(i=0; i < 16; i++ ) { for(i=0; i < 16; i++ ) {
rc = cipher_setkey( chd, dek->key, dek->keylen ); rc = gcry_cipher_setkey( chd, dek->key, dek->keylen );
if( !rc ) { if( !rc ) {
cipher_close( chd ); gcry_cipher_close( chd );
return; return;
} }
if( rc != GCRYERR_WEAK_KEY )
BUG();
log_info(_("weak key created - retrying\n") ); log_info(_("weak key created - retrying\n") );
/* Renew the session key until we get a non-weak key. */ /* Renew the session key until we get a non-weak key. */
randomize_buffer( dek->key, dek->keylen, 1 ); randomize_buffer( dek->key, dek->keylen, 1 );
@ -141,8 +152,8 @@ encode_session_key( DEK *dek, unsigned nbits )
static MPI static MPI
do_encode_md( MD_HANDLE md, int algo, size_t len, unsigned nbits, do_encode_md( GCRY_MD_HD md, int algo, size_t len, unsigned nbits,
const byte *asn, size_t asnlen ) const byte *asn, size_t asnlen )
{ {
int nframe = (nbits+7) / 8; int nframe = (nbits+7) / 8;
byte *frame; byte *frame;
@ -159,7 +170,8 @@ do_encode_md( MD_HANDLE md, int algo, size_t len, unsigned nbits,
* *
* PAD consists of FF bytes. * PAD consists of FF bytes.
*/ */
frame = md_is_secure(md)? m_alloc_secure( nframe ) : m_alloc( nframe ); frame = gcry_md_is_secure(md)? m_alloc_secure( nframe )
: m_alloc( nframe );
n = 0; n = 0;
frame[n++] = 0; frame[n++] = 0;
frame[n++] = algo; frame[n++] = algo;
@ -168,9 +180,9 @@ do_encode_md( MD_HANDLE md, int algo, size_t len, unsigned nbits,
memset( frame+n, 0xff, i ); n += i; memset( frame+n, 0xff, i ); n += i;
frame[n++] = 0; frame[n++] = 0;
memcpy( frame+n, asn, asnlen ); n += asnlen; memcpy( frame+n, asn, asnlen ); n += asnlen;
memcpy( frame+n, md_read(md, algo), len ); n += len; memcpy( frame+n, gcry_md_read(md, algo), len ); n += len;
assert( n == nframe ); assert( n == nframe );
a = md_is_secure(md)? a = gcry_md_is_secure(md)?
mpi_alloc_secure( (nframe+BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB ) mpi_alloc_secure( (nframe+BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB )
: mpi_alloc( (nframe+BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB ); : mpi_alloc( (nframe+BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB );
mpi_set_buffer( a, frame, nframe, 0 ); mpi_set_buffer( a, frame, nframe, 0 );
@ -180,24 +192,33 @@ do_encode_md( MD_HANDLE md, int algo, size_t len, unsigned nbits,
MPI MPI
encode_md_value( int pubkey_algo, MD_HANDLE md, int hash_algo, unsigned nbits ) encode_md_value( int pubkey_algo, GCRY_MD_HD md, int hash_algo, unsigned nbits )
{ {
int algo = hash_algo? hash_algo : md_get_algo(md); int algo = hash_algo? hash_algo : gcry_md_get_algo(md);
const byte *asn;
size_t asnlen, mdlen;
MPI frame; MPI frame;
if( pubkey_algo == PUBKEY_ALGO_DSA ) { if( pubkey_algo == PUBKEY_ALGO_DSA ) {
frame = md_is_secure(md)? mpi_alloc_secure((md_digest_length(hash_algo) frame = gcry_md_is_secure(md)? mpi_alloc_secure(
(gcry_md_get_algo_dlen(hash_algo)
+BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB ) +BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB )
: mpi_alloc((md_digest_length(hash_algo) : mpi_alloc((gcry_md_get_algo_dlen(hash_algo)
+BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB ); +BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB );
mpi_set_buffer( frame, md_read(md, hash_algo), mpi_set_buffer( frame, gcry_md_read(md, hash_algo),
md_digest_length(hash_algo), 0 ); gcry_md_get_algo_dlen(hash_algo), 0 );
} }
else { else {
asn = md_asn_oid( algo, &asnlen, &mdlen ); byte *asn;
frame = do_encode_md( md, algo, mdlen, nbits, asn, asnlen ); size_t asnlen;
if( gcry_md_algo_info( algo, GCRYCTL_GET_ASNOID, NULL, &asnlen ) )
log_fatal("can't get OID of algo %d: %s\n",
algo, gcry_strerror(-1));
asn = m_alloc( asnlen );
if( gcry_md_algo_info( algo, GCRYCTL_GET_ASNOID, asn, &asnlen ) )
BUG();
frame = do_encode_md( md, algo, gcry_md_get_algo_dlen( algo ),
nbits, asn, asnlen );
m_free( asn );
} }
return frame; return frame;
} }

View File

@ -23,42 +23,43 @@
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include <assert.h> #include <assert.h>
#include <gcrypt.h>
#include "util.h" #include "util.h"
#include "packet.h" #include "packet.h"
#include "memory.h" #include "memory.h"
#include "mpi.h" #include "mpi.h"
#include "keydb.h" #include "keydb.h"
#include "cipher.h"
#include "main.h" #include "main.h"
#include "status.h" #include "status.h"
#include "i18n.h" #include "i18n.h"
struct cmp_help_context_s { struct cmp_help_context_s {
PKT_signature *sig; PKT_signature *sig;
MD_HANDLE md; GCRY_MD_HD md;
}; };
static int do_signature_check( PKT_signature *sig, MD_HANDLE digest, static int do_signature_check( PKT_signature *sig, GCRY_MD_HD digest,
u32 *r_expire ); u32 *r_expire );
static int do_check( PKT_public_key *pk, PKT_signature *sig, static int do_check( PKT_public_key *pk, PKT_signature *sig,
MD_HANDLE digest ); GCRY_MD_HD digest );
/**************** /****************
* Check the signature which is contained in SIG. * Check the signature which is contained in SIG.
* The MD_HANDLE should be currently open, so that this function * The GCRY_MD_HD should be currently open, so that this function
* is able to append some data, before finalizing the digest. * is able to append some data, before finalizing the digest.
*/ */
int int
signature_check( PKT_signature *sig, MD_HANDLE digest ) signature_check( PKT_signature *sig, GCRY_MD_HD digest )
{ {
u32 dummy; u32 dummy;
return do_signature_check( sig, digest, &dummy ); return do_signature_check( sig, digest, &dummy );
} }
static int static int
do_signature_check( PKT_signature *sig, MD_HANDLE digest, u32 *r_expire ) do_signature_check( PKT_signature *sig, GCRY_MD_HD digest, u32 *r_expire )
{ {
PKT_public_key *pk = m_alloc_clear( sizeof *pk ); PKT_public_key *pk = m_alloc_clear( sizeof *pk );
int rc=0; int rc=0;
@ -84,36 +85,37 @@ do_signature_check( PKT_signature *sig, MD_HANDLE digest, u32 *r_expire )
* not possible to sign more than one identical document within * not possible to sign more than one identical document within
* one second. Some remote bacth processing applications might * one second. Some remote bacth processing applications might
* like this feature here */ * like this feature here */
MD_HANDLE md; GCRY_MD_HD md;
u32 a = sig->timestamp; u32 a = sig->timestamp;
int i, nsig = pubkey_get_nsig( sig->pubkey_algo ); int i, nsig = pubkey_get_nsig( sig->pubkey_algo );
byte *p, *buffer; byte *p, *buffer;
md = md_open( DIGEST_ALGO_RMD160, 0); if( !(md = gcry_md_open( DIGEST_ALGO_RMD160, 0)) )
md_putc( digest, sig->pubkey_algo ); BUG();
md_putc( digest, sig->digest_algo ); gcry_md_putc( digest, sig->pubkey_algo );
md_putc( digest, (a >> 24) & 0xff ); gcry_md_putc( digest, sig->digest_algo );
md_putc( digest, (a >> 16) & 0xff ); gcry_md_putc( digest, (a >> 24) & 0xff );
md_putc( digest, (a >> 8) & 0xff ); gcry_md_putc( digest, (a >> 16) & 0xff );
md_putc( digest, a & 0xff ); gcry_md_putc( digest, (a >> 8) & 0xff );
gcry_md_putc( digest, a & 0xff );
for(i=0; i < nsig; i++ ) { for(i=0; i < nsig; i++ ) {
unsigned n = mpi_get_nbits( sig->data[i]); unsigned n = mpi_get_nbits( sig->data[i]);
md_putc( md, n>>8); gcry_md_putc( md, n>>8);
md_putc( md, n ); gcry_md_putc( md, n );
p = mpi_get_buffer( sig->data[i], &n, NULL ); p = mpi_get_buffer( sig->data[i], &n, NULL );
md_write( md, p, n ); gcry_md_write( md, p, n );
m_free(p); m_free(p);
} }
md_final( md ); gcry_md_final( md );
p = make_radix64_string( md_read( md, 0 ), 20 ); p = make_radix64_string( gcry_md_read( md, 0 ), 20 );
buffer = m_alloc( strlen(p) + 60 ); buffer = m_alloc( strlen(p) + 60 );
sprintf( buffer, "%s %s %lu", sprintf( buffer, "%s %s %lu",
p, strtimestamp( sig->timestamp ), (ulong)sig->timestamp ); p, strtimestamp( sig->timestamp ), (ulong)sig->timestamp );
write_status_text( STATUS_SIG_ID, buffer ); write_status_text( STATUS_SIG_ID, buffer );
m_free(buffer); m_free(buffer);
m_free(p); m_free(p);
md_close(md); gcry_md_close(md);
} }
return rc; return rc;
@ -123,11 +125,11 @@ do_signature_check( PKT_signature *sig, MD_HANDLE digest, u32 *r_expire )
#if 0 /* not anymore used */ #if 0 /* not anymore used */
/**************** /****************
* Check the MDC which is contained in SIG. * Check the MDC which is contained in SIG.
* The MD_HANDLE should be currently open, so that this function * The GCRY_MD_HD should be currently open, so that this function
* is able to append some data, before finalizing the digest. * is able to append some data, before finalizing the digest.
*/ */
int int
mdc_kludge_check( PKT_signature *sig, MD_HANDLE digest ) mdc_kludge_check( PKT_signature *sig, GCRY_MD_HD digest )
{ {
int rc=0; int rc=0;
@ -139,23 +141,23 @@ mdc_kludge_check( PKT_signature *sig, MD_HANDLE digest )
/* complete the digest */ /* complete the digest */
if( sig->version >= 4 ) if( sig->version >= 4 )
md_putc( digest, sig->version ); gcry_md_putc( digest, sig->version );
md_putc( digest, sig->sig_class ); gcry_md_putc( digest, sig->sig_class );
if( sig->version < 4 ) { if( sig->version < 4 ) {
u32 a = sig->timestamp; u32 a = sig->timestamp;
md_putc( digest, (a >> 24) & 0xff ); gcry_md_putc( digest, (a >> 24) & 0xff );
md_putc( digest, (a >> 16) & 0xff ); gcry_md_putc( digest, (a >> 16) & 0xff );
md_putc( digest, (a >> 8) & 0xff ); gcry_md_putc( digest, (a >> 8) & 0xff );
md_putc( digest, a & 0xff ); gcry_md_putc( digest, a & 0xff );
} }
else { else {
byte buf[6]; byte buf[6];
size_t n; size_t n;
md_putc( digest, sig->pubkey_algo ); gcry_md_putc( digest, sig->pubkey_algo );
md_putc( digest, sig->digest_algo ); gcry_md_putc( digest, sig->digest_algo );
if( sig->hashed_data ) { if( sig->hashed_data ) {
n = (sig->hashed_data[0] << 8) | sig->hashed_data[1]; n = (sig->hashed_data[0] << 8) | sig->hashed_data[1];
md_write( digest, sig->hashed_data, n+2 ); gcry_md_write( digest, sig->hashed_data, n+2 );
n += 6; n += 6;
} }
else else
@ -167,7 +169,7 @@ mdc_kludge_check( PKT_signature *sig, MD_HANDLE digest )
buf[3] = n >> 16; buf[3] = n >> 16;
buf[4] = n >> 8; buf[4] = n >> 8;
buf[5] = n; buf[5] = n;
md_write( digest, buf, 6 ); gcry_md_write( digest, buf, 6 );
} }
md_final( digest ); md_final( digest );
@ -221,7 +223,7 @@ cmp_help( void *opaque, MPI result )
size_t mdlen, asnlen; size_t mdlen, asnlen;
struct cmp_help_context_s *ctx = opaque; struct cmp_help_context_s *ctx = opaque;
PKT_signature *sig = ctx->sig; PKT_signature *sig = ctx->sig;
MD_HANDLE digest = ctx->md; GCRY_MD_HD digest = ctx->md;
old_enc = 0; old_enc = 0;
for(i=j=0; (c=mpi_getbyte(result, i)) != -1; i++ ) { for(i=j=0; (c=mpi_getbyte(result, i)) != -1; i++ ) {
@ -284,7 +286,7 @@ cmp_help( void *opaque, MPI result )
static int static int
do_check( PKT_public_key *pk, PKT_signature *sig, MD_HANDLE digest ) do_check( PKT_public_key *pk, PKT_signature *sig, GCRY_MD_HD digest )
{ {
MPI result = NULL; MPI result = NULL;
int rc=0; int rc=0;
@ -323,33 +325,33 @@ do_check( PKT_public_key *pk, PKT_signature *sig, MD_HANDLE digest )
} }
if( (rc=check_digest_algo(sig->digest_algo)) ) if( (rc=openpgp_md_test_algo(sig->digest_algo)) )
return rc; return rc;
if( (rc=check_pubkey_algo(sig->pubkey_algo)) ) if( (rc=openpgp_pk_test_algo(sig->pubkey_algo)) )
return rc; return rc;
/* make sure the digest algo is enabled (in case of a detached signature)*/ /* make sure the digest algo is enabled (in case of a detached signature)*/
md_enable( digest, sig->digest_algo ); gcry_md_enable( digest, sig->digest_algo );
/* complete the digest */ /* complete the digest */
if( sig->version >= 4 ) if( sig->version >= 4 )
md_putc( digest, sig->version ); gcry_md_putc( digest, sig->version );
md_putc( digest, sig->sig_class ); gcry_md_putc( digest, sig->sig_class );
if( sig->version < 4 ) { if( sig->version < 4 ) {
u32 a = sig->timestamp; u32 a = sig->timestamp;
md_putc( digest, (a >> 24) & 0xff ); gcry_md_putc( digest, (a >> 24) & 0xff );
md_putc( digest, (a >> 16) & 0xff ); gcry_md_putc( digest, (a >> 16) & 0xff );
md_putc( digest, (a >> 8) & 0xff ); gcry_md_putc( digest, (a >> 8) & 0xff );
md_putc( digest, a & 0xff ); gcry_md_putc( digest, a & 0xff );
} }
else { else {
byte buf[6]; byte buf[6];
size_t n; size_t n;
md_putc( digest, sig->pubkey_algo ); gcry_md_putc( digest, sig->pubkey_algo );
md_putc( digest, sig->digest_algo ); gcry_md_putc( digest, sig->digest_algo );
if( sig->hashed_data ) { if( sig->hashed_data ) {
n = (sig->hashed_data[0] << 8) | sig->hashed_data[1]; n = (sig->hashed_data[0] << 8) | sig->hashed_data[1];
md_write( digest, sig->hashed_data, n+2 ); gcry_md_write( digest, sig->hashed_data, n+2 );
n += 6; n += 6;
} }
else else
@ -361,9 +363,9 @@ do_check( PKT_public_key *pk, PKT_signature *sig, MD_HANDLE digest )
buf[3] = n >> 16; buf[3] = n >> 16;
buf[4] = n >> 8; buf[4] = n >> 8;
buf[5] = n; buf[5] = n;
md_write( digest, buf, 6 ); gcry_md_write( digest, buf, 6 );
} }
md_final( digest ); gcry_md_final( digest );
result = encode_md_value( pk->pubkey_algo, digest, sig->digest_algo, result = encode_md_value( pk->pubkey_algo, digest, sig->digest_algo,
mpi_get_nbits(pk->pkey[0])); mpi_get_nbits(pk->pkey[0]));
@ -385,7 +387,7 @@ do_check( PKT_public_key *pk, PKT_signature *sig, MD_HANDLE digest )
static void static void
hash_uid_node( KBNODE unode, MD_HANDLE md, PKT_signature *sig ) hash_uid_node( KBNODE unode, GCRY_MD_HD md, PKT_signature *sig )
{ {
PKT_user_id *uid = unode->pkt->pkt.user_id; PKT_user_id *uid = unode->pkt->pkt.user_id;
@ -397,9 +399,9 @@ hash_uid_node( KBNODE unode, MD_HANDLE md, PKT_signature *sig )
buf[2] = uid->len >> 16; buf[2] = uid->len >> 16;
buf[3] = uid->len >> 8; buf[3] = uid->len >> 8;
buf[4] = uid->len; buf[4] = uid->len;
md_write( md, buf, 5 ); gcry_md_write( md, buf, 5 );
} }
md_write( md, uid->name, uid->len ); gcry_md_write( md, uid->name, uid->len );
} }
/**************** /****************
@ -417,7 +419,7 @@ check_key_signature( KBNODE root, KBNODE node, int *is_selfsig )
int int
check_key_signature2( KBNODE root, KBNODE node, int *is_selfsig, u32 *r_expire) check_key_signature2( KBNODE root, KBNODE node, int *is_selfsig, u32 *r_expire)
{ {
MD_HANDLE md; GCRY_MD_HD md;
PKT_public_key *pk; PKT_public_key *pk;
PKT_signature *sig; PKT_signature *sig;
int algo; int algo;
@ -439,24 +441,26 @@ check_key_signature2( KBNODE root, KBNODE node, int *is_selfsig, u32 *r_expire)
sig->flags.valid? "good":"bad" ); sig->flags.valid? "good":"bad" );
#endif #endif
if( (rc=check_digest_algo(algo)) ) if( (rc=openpgp_md_test_algo(algo)) )
return rc; return rc;
if( sig->sig_class == 0x20 ) { if( sig->sig_class == 0x20 ) {
md = md_open( algo, 0 ); if( !(md = gcry_md_open( algo, 0 )) )
BUG();
hash_public_key( md, pk ); hash_public_key( md, pk );
rc = do_check( pk, sig, md ); rc = do_check( pk, sig, md );
md_close(md); gcry_md_close(md);
} }
else if( sig->sig_class == 0x28 ) { /* subkey revocation */ else if( sig->sig_class == 0x28 ) { /* subkey revocation */
KBNODE snode = find_prev_kbnode( root, node, PKT_PUBLIC_SUBKEY ); KBNODE snode = find_prev_kbnode( root, node, PKT_PUBLIC_SUBKEY );
if( snode ) { if( snode ) {
md = md_open( algo, 0 ); if( !(md = gcry_md_open( algo, 0 )) )
BUG();
hash_public_key( md, pk ); hash_public_key( md, pk );
hash_public_key( md, snode->pkt->pkt.public_key ); hash_public_key( md, snode->pkt->pkt.public_key );
rc = do_check( pk, sig, md ); rc = do_check( pk, sig, md );
md_close(md); gcry_md_close(md);
} }
else { else {
log_error("no subkey for subkey revocation packet\n"); log_error("no subkey for subkey revocation packet\n");
@ -474,11 +478,12 @@ check_key_signature2( KBNODE root, KBNODE node, int *is_selfsig, u32 *r_expire)
if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] ) if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] )
*is_selfsig = 1; *is_selfsig = 1;
} }
md = md_open( algo, 0 ); if( !(md = gcry_md_open( algo, 0 )) )
BUG();
hash_public_key( md, pk ); hash_public_key( md, pk );
hash_public_key( md, snode->pkt->pkt.public_key ); hash_public_key( md, snode->pkt->pkt.public_key );
rc = do_check( pk, sig, md ); rc = do_check( pk, sig, md );
md_close(md); gcry_md_close(md);
} }
else { else {
log_error("no subkey for key signature packet\n"); log_error("no subkey for key signature packet\n");
@ -492,7 +497,8 @@ check_key_signature2( KBNODE root, KBNODE node, int *is_selfsig, u32 *r_expire)
u32 keyid[2]; u32 keyid[2];
keyid_from_pk( pk, keyid ); keyid_from_pk( pk, keyid );
md = md_open( algo, 0 ); if( !(md = gcry_md_open( algo, 0 )) )
BUG();
hash_public_key( md, pk ); hash_public_key( md, pk );
hash_uid_node( unode, md, sig ); hash_uid_node( unode, md, sig );
if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] ) { if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] ) {
@ -502,7 +508,7 @@ check_key_signature2( KBNODE root, KBNODE node, int *is_selfsig, u32 *r_expire)
} }
else else
rc = do_signature_check( sig, md, r_expire ); rc = do_signature_check( sig, md, r_expire );
md_close(md); gcry_md_close(md);
} }
else { else {
log_error("no user ID for key signature packet\n"); log_error("no user ID for key signature packet\n");

View File

@ -25,6 +25,7 @@
#include <errno.h> #include <errno.h>
#include <assert.h> #include <assert.h>
#include <gcrypt.h>
#include "options.h" #include "options.h"
#include "packet.h" #include "packet.h"
#include "errors.h" #include "errors.h"
@ -94,7 +95,7 @@ mk_notation_and_policy( PKT_signature *sig )
static int static int
do_sign( PKT_secret_key *sk, PKT_signature *sig, do_sign( PKT_secret_key *sk, PKT_signature *sig,
MD_HANDLE md, int digest_algo ) GCRY_MD_HD md, int digest_algo )
{ {
MPI frame; MPI frame;
byte *dp; byte *dp;
@ -113,10 +114,10 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig,
print_pubkey_algo_note(sk->pubkey_algo); print_pubkey_algo_note(sk->pubkey_algo);
if( !digest_algo ) if( !digest_algo )
digest_algo = md_get_algo(md); digest_algo = gcry_md_get_algo(md);
print_digest_algo_note( digest_algo ); print_digest_algo_note( digest_algo );
dp = md_read( md, digest_algo ); dp = gcry_md_read( md, digest_algo );
sig->digest_algo = digest_algo; sig->digest_algo = digest_algo;
sig->digest_start[0] = dp[0]; sig->digest_start[0] = dp[0];
sig->digest_start[1] = dp[1]; sig->digest_start[1] = dp[1];
@ -130,7 +131,7 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig,
if( opt.verbose ) { if( opt.verbose ) {
char *ustr = get_user_id_string( sig->keyid ); char *ustr = get_user_id_string( sig->keyid );
log_info(_("%s signature from: %s\n"), log_info(_("%s signature from: %s\n"),
pubkey_algo_to_string(sk->pubkey_algo), ustr ); gcry_pk_algo_name(sk->pubkey_algo), ustr );
m_free(ustr); m_free(ustr);
} }
} }
@ -140,7 +141,7 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig,
int int
complete_sig( PKT_signature *sig, PKT_secret_key *sk, MD_HANDLE md ) complete_sig( PKT_signature *sig, PKT_secret_key *sk, GCRY_MD_HD md )
{ {
int rc=0; int rc=0;
@ -273,11 +274,12 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
/* prepare to calculate the MD over the input */ /* prepare to calculate the MD over the input */
if( opt.textmode && !outfile ) if( opt.textmode && !outfile )
iobuf_push_filter( inp, text_filter, &tfx ); iobuf_push_filter( inp, text_filter, &tfx );
mfx.md = md_open(0, 0); if( !(mfx.md = gcry_md_open(0, 0)))
BUG();
for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) { for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
PKT_secret_key *sk = sk_rover->sk; PKT_secret_key *sk = sk_rover->sk;
md_enable(mfx.md, hash_for(sk->pubkey_algo)); gcry_md_enable(mfx.md, hash_for(sk->pubkey_algo));
} }
if( !multifile ) if( !multifile )
@ -448,7 +450,7 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) { for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
PKT_secret_key *sk; PKT_secret_key *sk;
PKT_signature *sig; PKT_signature *sig;
MD_HANDLE md; GCRY_MD_HD md;
sk = sk_rover->sk; sk = sk_rover->sk;
@ -462,37 +464,37 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
sig->timestamp = make_timestamp(); sig->timestamp = make_timestamp();
sig->sig_class = opt.textmode && !outfile? 0x01 : 0x00; sig->sig_class = opt.textmode && !outfile? 0x01 : 0x00;
md = md_copy( mfx.md ); md = gcry_md_copy( mfx.md );
if( sig->version >= 4 ) { if( sig->version >= 4 ) {
build_sig_subpkt_from_sig( sig ); build_sig_subpkt_from_sig( sig );
md_putc( md, sig->version ); gcry_md_putc( md, sig->version );
} }
mk_notation_and_policy( sig ); mk_notation_and_policy( sig );
md_putc( md, sig->sig_class ); gcry_md_putc( md, sig->sig_class );
if( sig->version < 4 ) { if( sig->version < 4 ) {
u32 a = sig->timestamp; u32 a = sig->timestamp;
md_putc( md, (a >> 24) & 0xff ); gcry_md_putc( md, (a >> 24) & 0xff );
md_putc( md, (a >> 16) & 0xff ); gcry_md_putc( md, (a >> 16) & 0xff );
md_putc( md, (a >> 8) & 0xff ); gcry_md_putc( md, (a >> 8) & 0xff );
md_putc( md, a & 0xff ); gcry_md_putc( md, a & 0xff );
} }
else { else {
byte buf[6]; byte buf[6];
size_t n; size_t n;
md_putc( md, sig->pubkey_algo ); gcry_md_putc( md, sig->pubkey_algo );
md_putc( md, sig->digest_algo ); gcry_md_putc( md, sig->digest_algo );
if( sig->hashed_data ) { if( sig->hashed_data ) {
n = (sig->hashed_data[0] << 8) | sig->hashed_data[1]; n = (sig->hashed_data[0] << 8) | sig->hashed_data[1];
md_write( md, sig->hashed_data, n+2 ); gcry_md_write( md, sig->hashed_data, n+2 );
n += 6; n += 6;
} }
else { else {
md_putc( md, 0 ); /* always hash the length of the subpacket*/ gcry_md_putc( md, 0 ); /* always hash the length of the subpacket*/
md_putc( md, 0 ); gcry_md_putc( md, 0 );
n = 6; n = 6;
} }
/* add some magic */ /* add some magic */
@ -502,13 +504,13 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
buf[3] = n >> 16; buf[3] = n >> 16;
buf[4] = n >> 8; buf[4] = n >> 8;
buf[5] = n; buf[5] = n;
md_write( md, buf, 6 ); gcry_md_write( md, buf, 6 );
} }
md_final( md ); gcry_md_final( md );
rc = do_sign( sk, sig, md, hash_for(sig->pubkey_algo) ); rc = do_sign( sk, sig, md, hash_for(sig->pubkey_algo) );
md_close( md ); gcry_md_close( md );
if( !rc ) { /* and write it */ if( !rc ) { /* and write it */
init_packet(&pkt); init_packet(&pkt);
@ -530,7 +532,7 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
else else
iobuf_close(out); iobuf_close(out);
iobuf_close(inp); iobuf_close(inp);
md_close( mfx.md ); gcry_md_close( mfx.md );
release_sk_list( sk_list ); release_sk_list( sk_list );
release_pk_list( pk_list ); release_pk_list( pk_list );
return rc; return rc;
@ -545,7 +547,7 @@ int
clearsign_file( const char *fname, STRLIST locusr, const char *outfile ) clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
{ {
armor_filter_context_t afx; armor_filter_context_t afx;
MD_HANDLE textmd = NULL; GCRY_MD_HD textmd = NULL;
IOBUF inp = NULL, out = NULL; IOBUF inp = NULL, out = NULL;
PACKET pkt; PACKET pkt;
int rc = 0; int rc = 0;
@ -594,21 +596,26 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
} }
} }
if( old_style || only_md5 ) if( old_style && only_md5 )
iobuf_writestr(out, "\n" ); iobuf_writestr(out, "\n" );
else { else {
const char *s;
int any = 0; int any = 0;
byte hashs_seen[256];
memset( hashs_seen, 0, sizeof hashs_seen );
iobuf_writestr(out, "Hash: " ); iobuf_writestr(out, "Hash: " );
for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) { for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
PKT_secret_key *sk = sk_rover->sk; PKT_secret_key *sk = sk_rover->sk;
s = digest_algo_to_string( hash_for(sk->pubkey_algo) ); int i = hash_for(sk->pubkey_algo);
if( s ) {
if( any ) if( !hashs_seen[ i & 0xff ] ) {
iobuf_put(out, ',' ); if( !openpgp_md_test_algo( i ) ) {
iobuf_writestr(out, s ); hashs_seen[ i & 0xff ] = 1;
any = 1; if( any )
iobuf_put(out, ',' );
iobuf_writestr(out, gcry_md_algo_name( i ) );
any = 1;
}
} }
} }
assert(any); assert(any);
@ -620,10 +627,11 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
} }
textmd = md_open(0, 0); if( !(textmd = gcry_md_open(0, 0)) )
BUG();
for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) { for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
PKT_secret_key *sk = sk_rover->sk; PKT_secret_key *sk = sk_rover->sk;
md_enable(textmd, hash_for(sk->pubkey_algo)); gcry_md_enable(textmd, hash_for(sk->pubkey_algo));
} }
/*md_start_debug( textmd, "sign" );*/ /*md_start_debug( textmd, "sign" );*/
copy_clearsig_text( out, inp, textmd, copy_clearsig_text( out, inp, textmd,
@ -638,7 +646,7 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) { for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
PKT_secret_key *sk; PKT_secret_key *sk;
PKT_signature *sig; PKT_signature *sig;
MD_HANDLE md; GCRY_MD_HD md;
sk = sk_rover->sk; sk = sk_rover->sk;
@ -652,36 +660,36 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
sig->timestamp = make_timestamp(); sig->timestamp = make_timestamp();
sig->sig_class = 0x01; sig->sig_class = 0x01;
md = md_copy( textmd ); md = gcry_md_copy( textmd );
if( sig->version >= 4 ) { if( sig->version >= 4 ) {
build_sig_subpkt_from_sig( sig ); build_sig_subpkt_from_sig( sig );
md_putc( md, sig->version ); gcry_md_putc( md, sig->version );
} }
mk_notation_and_policy( sig ); mk_notation_and_policy( sig );
md_putc( md, sig->sig_class ); gcry_md_putc( md, sig->sig_class );
if( sig->version < 4 ) { if( sig->version < 4 ) {
u32 a = sig->timestamp; u32 a = sig->timestamp;
md_putc( md, (a >> 24) & 0xff ); gcry_md_putc( md, (a >> 24) & 0xff );
md_putc( md, (a >> 16) & 0xff ); gcry_md_putc( md, (a >> 16) & 0xff );
md_putc( md, (a >> 8) & 0xff ); gcry_md_putc( md, (a >> 8) & 0xff );
md_putc( md, a & 0xff ); gcry_md_putc( md, a & 0xff );
} }
else { else {
byte buf[6]; byte buf[6];
size_t n; size_t n;
md_putc( md, sig->pubkey_algo ); gcry_md_putc( md, sig->pubkey_algo );
md_putc( md, sig->digest_algo ); gcry_md_putc( md, sig->digest_algo );
if( sig->hashed_data ) { if( sig->hashed_data ) {
n = (sig->hashed_data[0] << 8) | sig->hashed_data[1]; n = (sig->hashed_data[0] << 8) | sig->hashed_data[1];
md_write( md, sig->hashed_data, n+2 ); gcry_md_write( md, sig->hashed_data, n+2 );
n += 6; n += 6;
} }
else { else {
md_putc( md, 0 ); /* always hash the length of the subpacket*/ gcry_md_putc( md, 0 ); /* always hash the length of the subpacket*/
md_putc( md, 0 ); gcry_md_putc( md, 0 );
n = 6; n = 6;
} }
/* add some magic */ /* add some magic */
@ -691,13 +699,13 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
buf[3] = n >> 16; buf[3] = n >> 16;
buf[4] = n >> 8; buf[4] = n >> 8;
buf[5] = n; buf[5] = n;
md_write( md, buf, 6 ); gcry_md_write( md, buf, 6 );
} }
md_final( md ); gcry_md_final( md );
rc = do_sign( sk, sig, md, hash_for(sig->pubkey_algo) ); rc = do_sign( sk, sig, md, hash_for(sig->pubkey_algo) );
md_close( md ); gcry_md_close( md );
if( !rc ) { /* and write it */ if( !rc ) { /* and write it */
init_packet(&pkt); init_packet(&pkt);
@ -719,7 +727,7 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
else else
iobuf_close(out); iobuf_close(out);
iobuf_close(inp); iobuf_close(inp);
md_close( textmd ); gcry_md_close( textmd );
release_sk_list( sk_list ); release_sk_list( sk_list );
return rc; return rc;
} }
@ -741,7 +749,7 @@ make_keysig_packet( PKT_signature **ret_sig, PKT_public_key *pk,
{ {
PKT_signature *sig; PKT_signature *sig;
int rc=0; int rc=0;
MD_HANDLE md; GCRY_MD_HD md;
assert( (sigclass >= 0x10 && sigclass <= 0x13) assert( (sigclass >= 0x10 && sigclass <= 0x13)
|| sigclass == 0x20 || sigclass == 0x18 || sigclass == 0x20 || sigclass == 0x18
@ -754,7 +762,8 @@ make_keysig_packet( PKT_signature **ret_sig, PKT_public_key *pk,
default: digest_algo = DIGEST_ALGO_RMD160; break; default: digest_algo = DIGEST_ALGO_RMD160; break;
} }
} }
md = md_open( digest_algo, 0 ); if( !(md = gcry_md_open( digest_algo, 0 )))
BUG();
/* hash the public key certificate and the user id */ /* hash the public key certificate and the user id */
hash_public_key( md, pk ); hash_public_key( md, pk );
@ -769,9 +778,9 @@ make_keysig_packet( PKT_signature **ret_sig, PKT_public_key *pk,
buf[2] = uid->len >> 16; buf[2] = uid->len >> 16;
buf[3] = uid->len >> 8; buf[3] = uid->len >> 8;
buf[4] = uid->len; buf[4] = uid->len;
md_write( md, buf, 5 ); gcry_md_write( md, buf, 5 );
} }
md_write( md, uid->name, uid->len ); gcry_md_write( md, uid->name, uid->len );
} }
/* and make the signature packet */ /* and make the signature packet */
sig = m_alloc_clear( sizeof *sig ); sig = m_alloc_clear( sizeof *sig );
@ -790,29 +799,29 @@ make_keysig_packet( PKT_signature **ret_sig, PKT_public_key *pk,
if( !rc ) { if( !rc ) {
mk_notation_and_policy( sig ); mk_notation_and_policy( sig );
if( sig->version >= 4 ) if( sig->version >= 4 )
md_putc( md, sig->version ); gcry_md_putc( md, sig->version );
md_putc( md, sig->sig_class ); gcry_md_putc( md, sig->sig_class );
if( sig->version < 4 ) { if( sig->version < 4 ) {
u32 a = sig->timestamp; u32 a = sig->timestamp;
md_putc( md, (a >> 24) & 0xff ); gcry_md_putc( md, (a >> 24) & 0xff );
md_putc( md, (a >> 16) & 0xff ); gcry_md_putc( md, (a >> 16) & 0xff );
md_putc( md, (a >> 8) & 0xff ); gcry_md_putc( md, (a >> 8) & 0xff );
md_putc( md, a & 0xff ); gcry_md_putc( md, a & 0xff );
} }
else { else {
byte buf[6]; byte buf[6];
size_t n; size_t n;
md_putc( md, sig->pubkey_algo ); gcry_md_putc( md, sig->pubkey_algo );
md_putc( md, sig->digest_algo ); gcry_md_putc( md, sig->digest_algo );
if( sig->hashed_data ) { if( sig->hashed_data ) {
n = (sig->hashed_data[0] << 8) | sig->hashed_data[1]; n = (sig->hashed_data[0] << 8) | sig->hashed_data[1];
md_write( md, sig->hashed_data, n+2 ); gcry_md_write( md, sig->hashed_data, n+2 );
n += 6; n += 6;
} }
else { else {
md_putc( md, 0 ); /* always hash the length of the subpacket*/ gcry_md_putc( md, 0 ); /* always hash the length of the subpacket*/
md_putc( md, 0 ); gcry_md_putc( md, 0 );
n = 6; n = 6;
} }
/* add some magic */ /* add some magic */
@ -822,15 +831,15 @@ make_keysig_packet( PKT_signature **ret_sig, PKT_public_key *pk,
buf[3] = n >> 16; buf[3] = n >> 16;
buf[4] = n >> 8; buf[4] = n >> 8;
buf[5] = n; buf[5] = n;
md_write( md, buf, 6 ); gcry_md_write( md, buf, 6 );
} }
md_final(md); gcry_md_final(md);
rc = complete_sig( sig, sk, md ); rc = complete_sig( sig, sk, md );
} }
md_close( md ); gcry_md_close( md );
if( rc ) if( rc )
free_seckey_enc( sig ); free_seckey_enc( sig );
else else

View File

@ -25,6 +25,7 @@
#include <errno.h> #include <errno.h>
#include <assert.h> #include <assert.h>
#include <gcrypt.h>
#include "errors.h" #include "errors.h"
#include "iobuf.h" #include "iobuf.h"
#include "memory.h" #include "memory.h"
@ -141,7 +142,7 @@ text_filter( void *opaque, int control,
* md is updated as required by rfc2440 * md is updated as required by rfc2440
*/ */
int int
copy_clearsig_text( IOBUF out, IOBUF inp, MD_HANDLE md, copy_clearsig_text( IOBUF out, IOBUF inp, GCRY_MD_HD md,
int escape_dash, int escape_from, int pgp2mode ) int escape_dash, int escape_from, int pgp2mode )
{ {
unsigned maxlen; unsigned maxlen;
@ -166,15 +167,15 @@ copy_clearsig_text( IOBUF out, IOBUF inp, MD_HANDLE md,
/* update the message digest */ /* update the message digest */
if( escape_dash ) { if( escape_dash ) {
if( pending_lf ) { if( pending_lf ) {
md_putc( md, '\r' ); gcry_md_putc( md, '\r' );
md_putc( md, '\n' ); gcry_md_putc( md, '\n' );
} }
md_write( md, buffer, gcry_md_write( md, buffer,
len_without_trailing_chars( buffer, n, len_without_trailing_chars( buffer, n,
pgp2mode? " \r\n":" \t\r\n")); pgp2mode? " \r\n":" \t\r\n"));
} }
else else
md_write( md, buffer, n ); gcry_md_write( md, buffer, n );
pending_lf = buffer[n-1] == '\n'; pending_lf = buffer[n-1] == '\n';
/* write the output */ /* write the output */
@ -190,7 +191,7 @@ copy_clearsig_text( IOBUF out, IOBUF inp, MD_HANDLE md,
if( !pending_lf ) { /* make sure that the file ends with a LF */ if( !pending_lf ) { /* make sure that the file ends with a LF */
iobuf_put( out, '\n'); iobuf_put( out, '\n');
if( !escape_dash ) if( !escape_dash )
md_putc( md, '\n' ); gcry_md_putc( md, '\n' );
} }
if( truncated ) if( truncated )

View File

@ -586,13 +586,13 @@ print_user_id( FILE *fp, const char *text, u32 *keyid )
p = get_user_id( keyid, &n ); p = get_user_id( keyid, &n );
if( fp ) { if( fp ) {
fprintf( fp, "%s \"", text ); fprintf( fp, "%s \"", text );
print_string( fp, p, n, 0 ); print_utf8_string( fp, p, n );
putc('\"', fp); putc('\"', fp);
putc('\n', fp); putc('\n', fp);
} }
else { else {
tty_printf( "%s \"", text ); tty_printf( "%s \"", text );
tty_print_string( p, n ); tty_print_utf8_string( p, n );
tty_printf( "\"\n" ); tty_printf( "\"\n" );
} }
m_free(p); m_free(p);
@ -652,7 +652,7 @@ print_path( int pathlen, TN ME .........., FILE *fp, ulong highlight )
p = get_user_id( keyid, &n ); p = get_user_id( keyid, &n );
putc(' ', fp); putc(' ', fp);
putc('\"', fp); putc('\"', fp);
print_string( fp, p, n > 40? 40:n, 0 ); print_utf8_string( fp, p, n > 40? 40:n, 0 );
putc('\"', fp); putc('\"', fp);
m_free(p); m_free(p);
putc('\n', fp ); putc('\n', fp );
@ -1000,7 +1000,7 @@ check_uidsigs( KBNODE keyblock, KBNODE keynode, u32 *mainkid, ulong lid,
(ulong)mainkid[1], lid ); (ulong)mainkid[1], lid );
assert(keynode->pkt->pkttype == PKT_USER_ID ); assert(keynode->pkt->pkttype == PKT_USER_ID );
uid = keynode->pkt->pkt.user_id; uid = keynode->pkt->pkt.user_id;
print_string( log_stream(), uid->name, uid->len, '\"' ); print_utf8_string( log_stream(), uid->name, uid->len );
fputs("\"\n", log_stream()); fputs("\"\n", log_stream());
} }

View File

@ -1,3 +1,7 @@
Tue Oct 26 14:10:21 CEST 1999 Werner Koch <wk@gnupg.de>
* g10lib.h: Moved from ../gcrypt to here.
Wed Sep 15 16:22:17 CEST 1999 Werner Koch <wk@isil.d.shuttle.de> Wed Sep 15 16:22:17 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>

View File

@ -57,38 +57,6 @@
|| (a)==PUBKEY_ALGO_RSA_S ) || (a)==PUBKEY_ALGO_RSA_S )
#define is_ELGAMAL(a) ((a)==PUBKEY_ALGO_ELGAMAL || (a)==PUBKEY_ALGO_ELGAMAL_E) #define is_ELGAMAL(a) ((a)==PUBKEY_ALGO_ELGAMAL || (a)==PUBKEY_ALGO_ELGAMAL_E)
typedef struct {
int algo;
int keylen;
byte key[32]; /* this is the largest used keylen (256 bit) */
} DEK;
struct cipher_handle_s;
typedef struct cipher_handle_s *CIPHER_HANDLE;
#define CIPHER_MODE_ECB 1
#define CIPHER_MODE_CFB 2
#define CIPHER_MODE_PHILS_CFB 3
#define CIPHER_MODE_AUTO_CFB 4
#define CIPHER_MODE_DUMMY 5 /* used with algo DUMMY for no encryption */
#define CIPHER_MODE_CBC 6
struct md_digest_list_s;
struct gcry_md_context {
int secure;
FILE *debug;
int finalized;
struct md_digest_list_s *list;
int bufcount;
int bufsize;
byte buffer[1];
};
typedef struct gcry_md_context *MD_HANDLE;
int g10c_debug_mode; int g10c_debug_mode;
int g10_opt_verbose; int g10_opt_verbose;
const char *g10_opt_homedir; const char *g10_opt_homedir;
@ -96,82 +64,12 @@ const char *g10_opt_homedir;
/*-- dynload.c --*/ /*-- dynload.c --*/
void register_cipher_extension( const char *mainpgm, const char *fname ); void register_cipher_extension( const char *mainpgm, const char *fname );
/*-- md.c --*/
int string_to_digest_algo( const char *string );
const char * digest_algo_to_string( int algo );
int check_digest_algo( int algo );
MD_HANDLE md_open( int algo, int secure );
void md_enable( MD_HANDLE hd, int algo );
MD_HANDLE md_copy( MD_HANDLE a );
void md_reset( MD_HANDLE a );
void md_close(MD_HANDLE a);
void md_write( MD_HANDLE a, byte *inbuf, size_t inlen);
void md_final(MD_HANDLE a);
byte *md_read( MD_HANDLE a, int algo );
int md_digest( MD_HANDLE a, int algo, byte *buffer, int buflen );
int md_get_algo( MD_HANDLE a );
int md_digest_length( int algo );
const byte *md_asn_oid( int algo, size_t *asnlen, size_t *mdlen );
void md_start_debug( MD_HANDLE a, const char *suffix );
void md_stop_debug( MD_HANDLE a );
#define md_is_secure(a) ((a)->secure)
#define md_putc(h,c) \
do { \
if( (h)->bufcount == (h)->bufsize ) \
md_write( (h), NULL, 0 ); \
(h)->buffer[(h)->bufcount++] = (c) & 0xff; \
} while(0)
/*-- rmd160.c --*/ /*-- rmd160.c --*/
void rmd160_hash_buffer( char *outbuf, const char *buffer, size_t length ); void rmd160_hash_buffer( char *outbuf, const char *buffer, size_t length );
/*-- cipher.c --*/
int string_to_cipher_algo( const char *string );
const char * cipher_algo_to_string( int algo );
void disable_cipher_algo( int algo );
int check_cipher_algo( int algo );
unsigned cipher_get_keylen( int algo );
unsigned cipher_get_blocksize( int algo );
CIPHER_HANDLE cipher_open( int algo, int mode, int secure );
void cipher_close( CIPHER_HANDLE c );
int cipher_setkey( CIPHER_HANDLE c, byte *key, unsigned keylen );
void cipher_setiv( CIPHER_HANDLE c, const byte *iv, unsigned ivlen );
void cipher_encrypt( CIPHER_HANDLE c, byte *out, byte *in, unsigned nbytes );
void cipher_decrypt( CIPHER_HANDLE c, byte *out, byte *in, unsigned nbytes );
void cipher_sync( CIPHER_HANDLE c );
/*-- pubkey.c --*/
#define PUBKEY_MAX_NPKEY 4
#define PUBKEY_MAX_NSKEY 6
#define PUBKEY_MAX_NSIG 2
#define PUBKEY_MAX_NENC 2
int string_to_pubkey_algo( const char *string );
const char * pubkey_algo_to_string( int algo );
void disable_pubkey_algo( int algo );
int check_pubkey_algo( int algo );
int check_pubkey_algo2( int algo, unsigned use );
int pubkey_get_npkey( int algo );
int pubkey_get_nskey( int algo );
int pubkey_get_nsig( int algo );
int pubkey_get_nenc( int algo );
unsigned pubkey_nbits( int algo, MPI *pkey );
int pubkey_generate( int algo, unsigned nbits, MPI *skey, MPI **retfactors );
int pubkey_check_secret_key( int algo, MPI *skey );
int pubkey_encrypt( int algo, MPI *resarr, MPI data, MPI *pkey );
int pubkey_decrypt( int algo, MPI *result, MPI *data, MPI *skey );
int pubkey_sign( int algo, MPI *resarr, MPI hash, MPI *skey );
int pubkey_verify( int algo, MPI hash, MPI *data, MPI *pkey,
int (*cmp)(void *, MPI), void *opaque );
/*-- smallprime.c --*/ /*-- smallprime.c --*/
extern ushort small_prime_numbers[]; extern ushort small_prime_numbers[];
/*-- primegen.c --*/
MPI generate_secret_prime( unsigned nbits );
MPI generate_public_prime( unsigned nbits );
MPI generate_elg_prime( int mode, unsigned pbits, unsigned qbits,
MPI g, MPI **factors );
#endif /*G10_CIPHER_H*/ #endif /*G10_CIPHER_H*/

View File

@ -9,5 +9,6 @@ util.h
i18n.h i18n.h
host2net.h host2net.h
http.h http.h
g10lib.h
ChangeLog ChangeLog

212
include/g10lib.h Normal file
View File

@ -0,0 +1,212 @@
/* g10lib.h - internal defintions for libgcrypt
* Copyright (C) 1998 Free Software Foundation, Inc.
*
* This header is to be used inside of libgcrypt in place of gcrypt.h.
* This way we can easily distinguish between internal and external
* usage of gcrypt.h
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifndef G10LIB_H
#define G10LIB_H 1
#ifdef _GCRYPT_H
#error gcrypt.h already included
#endif
#include "gcrypt.h"
#ifdef G10_I18N_H
#error i18n should not be included here
#endif
#define _(a) g10_gettext(a)
#define N_(a) (a)
/*-- gcrypt/global.c --*/
int set_lasterr( int ec );
/*-- gcrypt/misc.c --*/
const char *g10_gettext( const char *key );
int fatal_invalid_arg(const char *text);
#if 0
/* This used to be the old include/g10lib.h */
#include "mpi.h"
int g10c_debug_mode;
int g10_opt_verbose;
/********************************
******* math functions *******
********************************/
MPI g10m_new( unsigned nbits );
MPI g10m_new_secure( unsigned nbits );
void g10m_release( MPI a );
void g10m_resize( MPI a, unsigned nbits );
MPI g10m_copy( MPI a );
void g10m_swap( MPI a, MPI b);
void g10m_set( MPI w, MPI u);
void g10m_set_ui( MPI w, unsigned long u);
void g10m_set_bytes( MPI a, unsigned nbits, unsigned char (*fnc)(int), int opaque );
int g10m_cmp( MPI u, MPI v );
int g10m_cmp_ui( MPI u, unsigned long v );
void g10m_add(MPI w, MPI u, MPI v);
void g10m_add_ui(MPI w, MPI u, unsigned long v );
void g10m_sub( MPI w, MPI u, MPI v);
void g10m_sub_ui(MPI w, MPI u, unsigned long v );
void g10m_mul_ui(MPI w, MPI u, unsigned long v );
void g10m_mul_2exp( MPI w, MPI u, unsigned long cnt);
void g10m_mul( MPI w, MPI u, MPI v);
void g10m_mulm( MPI w, MPI u, MPI v, MPI m);
void g10m_fdiv_q( MPI quot, MPI dividend, MPI divisor );
void g10m_powm( MPI res, MPI base, MPI exp, MPI mod);
int g10m_gcd( MPI g, MPI a, MPI b );
int g10m_invm( MPI x, MPI u, MPI v );
unsigned g10m_get_nbits( MPI a );
unsigned g10m_get_size( MPI a );
void g10m_set_buffer( MPI a, const char *buffer, unsigned nbytes, int sign );
/********************************************
******* symmetric cipher functions *******
********************************************/
/*********************************************
******* asymmetric cipher functions *******
*********************************************/
/*********************************************
******* cryptograhic hash functions *******
*********************************************/
/*****************************************
******* miscellaneous functions *******
*****************************************/
const char *g10m_revision_string(int mode);
const char *g10c_revision_string(int mode);
const char *g10u_revision_string(int mode);
MPI g10c_generate_secret_prime( unsigned nbits );
char *g10c_get_random_bits( unsigned nbits, int level, int secure );
void *g10_malloc( size_t n );
void *g10_calloc( size_t n );
void *g10_malloc_secure( size_t n );
void *g10_calloc_secure( size_t n );
void *g10_realloc( void *a, size_t n );
void g10_free( void *p );
char *g10_strdup( const char * a);
void g10_log_bug( const char *fmt, ... );
void g10_log_bug0( const char *, int );
void g10_log_fatal( const char *fmt, ... );
void g10_log_error( const char *fmt, ... );
void g10_log_info( const char *fmt, ... );
void g10_log_debug( const char *fmt, ... );
void g10_log_hexdump( const char *text, char *buf, size_t len );
void g10_log_mpidump( const char *text, MPI a );
/***************************
******* constants *******
**************************/
#define CIPHER_ALGO_NONE 0
#define CIPHER_ALGO_IDEA 1
#define CIPHER_ALGO_3DES 2
#define CIPHER_ALGO_CAST5 3
#define CIPHER_ALGO_BLOWFISH 4 /* blowfish 128 bit key */
#define CIPHER_ALGO_SAFER_SK128 5
#define CIPHER_ALGO_DES_SK 6
#define CIPHER_ALGO_BLOWFISH160 42 /* blowfish 160 bit key (not in OpenPGP)*/
#define CIPHER_ALGO_DUMMY 110 /* no encryption at all */
#define PUBKEY_ALGO_RSA 1
#define PUBKEY_ALGO_RSA_E 2 /* RSA encrypt only */
#define PUBKEY_ALGO_RSA_S 3 /* RSA sign only */
#define PUBKEY_ALGO_ELGAMAL_E 16 /* encrypt only ElGamal (but not vor v3)*/
#define PUBKEY_ALGO_DSA 17
#define PUBKEY_ALGO_ELGAMAL 20 /* sign and encrypt elgamal */
#define DIGEST_ALGO_MD5 1
#define DIGEST_ALGO_SHA1 2
#define DIGEST_ALGO_RMD160 3
#define DIGEST_ALGO_TIGER 6
#define is_RSA(a) ((a)==PUBKEY_ALGO_RSA || (a)==PUBKEY_ALGO_RSA_E \
|| (a)==PUBKEY_ALGO_RSA_S )
#define is_ELGAMAL(a) ((a)==PUBKEY_ALGO_ELGAMAL || (a)==PUBKEY_ALGO_ELGAMAL_E)
#define G10ERR_GENERAL 1
#define G10ERR_PUBKEY_ALGO 4
#define G10ERR_DIGEST_ALGO 5
#define G10ERR_BAD_PUBKEY 6
#define G10ERR_BAD_SECKEY 7
#define G10ERR_BAD_SIGN 8
#define G10ERR_CIPHER_ALGO 12
#define G10ERR_WRONG_SECKEY 18
#define G10ERR_UNSUPPORTED 19
#define G10ERR_NI_PUBKEY 27
#define G10ERR_NI_CIPHER 28
#define G10ERR_BAD_MPI 30
#define G10ERR_WR_PUBKEY_ALGO 41
/***********************************
******* some handy macros *******
***********************************/
#ifndef BUG
#define BUG() g10_log_bug0( __FILE__ , __LINE__ )
#endif
#ifndef STR
#define STR(v) #v
#define STR2(v) STR(v)
#endif
#ifndef DIM
#define DIM(v) (sizeof(v)/sizeof((v)[0]))
#define DIMof(type,member) DIM(((type *)0)->member)
#endif
#define DBG_CIPHER g10c_debug_mode
#define OPT_VERBOSE g10_opt_verbose
#endif /* if 0 */
#endif /* G10LIB_H */

View File

@ -54,7 +54,10 @@ struct gcry_mpi {
mpi_limb_t *d; /* array with the limbs */ mpi_limb_t *d; /* array with the limbs */
}; };
typedef struct gcry_mpi *MPI; #ifndef DID_MPI_TYPEDEF
typedef struct gcry_mpi *MPI;
#define DID_MPI_TYPEDEF
#endif
#define MPI_NULL NULL #define MPI_NULL NULL

View File

@ -1,6 +1,5 @@
Wed Sep 15 16:22:17 CEST 1999 Werner Koch <wk@isil.d.shuttle.de> Wed Sep 15 16:22:17 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* pt_PT.po: New. Done by Pedro Morais. * pt_PT.po: New. Done by Pedro Morais.
* it.po: Updated by Marco. * it.po: Updated by Marco.

489
po/de.po

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

625
po/fr.po

File diff suppressed because it is too large Load Diff

496
po/it.po

File diff suppressed because it is too large Load Diff

489
po/pl.po

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

489
po/ru.po

File diff suppressed because it is too large Load Diff

View File

@ -1,3 +1,8 @@
Tue Oct 26 14:10:21 CEST 1999 Werner Koch <wk@gnupg.de>
* commit: Remove leading and trailing empty lines when copying
Changes to Changelog
Wed Sep 15 16:22:17 CEST 1999 Werner Koch <wk@isil.d.shuttle.de> Wed Sep 15 16:22:17 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>

View File

@ -11,15 +11,25 @@ addr="<`id -un`@`hostname -d`>"
for i in `find . -name Changes -print`; do for i in `find . -name Changes -print`; do
dir=`dirname $i` dir=`dirname $i`
if [ -s $dir/Changes ]; then if [ -s $dir/Changes ]; then
lines=`wc -l <$dir/Changes` awk '
echo "$date $name $addr" >$dir/ChangeLog.new state == 0 && /^[ \t]*$/ { next }
echo >>$dir/ChangeLog.new state == 0 { state = 1 }
cat $dir/Changes >>$dir/ChangeLog.new /^[ \t]*$/ { empty++; next }
[ -f $dir/ChangeLog ] && cat $dir/ChangeLog >>$dir/ChangeLog.new { while ( empty > 0 ) { print ""; empty--; }; print }
echo -n > $dir/Changes ' < $dir/Changes > $dir/Changes.tmp
[ -f $dir/ChangeLog ] && rm $dir/ChangeLog if [ -s $dir/Changes.tmp ]; then
mv $dir/ChangeLog.new $dir/ChangeLog lines=`wc -l <$dir/Changes.tmp`
echo "$lines new lines in $dir/ChangeLog" echo "$date $name $addr" >$dir/ChangeLog.new
echo >>$dir/ChangeLog.new
cat $dir/Changes.tmp >>$dir/ChangeLog.new
echo >>$dir/ChangeLog.new
[ -f $dir/ChangeLog ] && cat $dir/ChangeLog >>$dir/ChangeLog.new
echo -n > $dir/Changes
[ -f $dir/ChangeLog ] && rm $dir/ChangeLog
mv $dir/ChangeLog.new $dir/ChangeLog
echo "$lines new lines in $dir/ChangeLog"
fi
rm $dir/Changes.tmp || true
fi fi
done done

View File

@ -21,7 +21,7 @@ This is a snapshot of the current CVS head branch!
It may not compile or not work. Please don't report It may not compile or not work. Please don't report
bugs about this snapshot release it is just for your bugs about this snapshot release it is just for your
convenience and to reduce the load of out CVS server. convenience and to reduce the load of our CVS server.
Thanks, Thanks,

View File

@ -3,7 +3,8 @@
EXTRA_DIST = lspgpot EXTRA_DIST = lspgpot
INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/intl INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/intl
needed_libs = ../cipher/libcipher.la \ needed_libs = ../cipher/libcipher.la \
../mpi/libmpi.la ../util/libutil.la @INTLLIBS@ ../mpi/libmpi.la ../util/libutil.la ../gcrypt/libgcrypt.la @INTLLIBS@
noinst_PROGRAMS = mpicalc bftest clean-sat mk-tdata shmtest noinst_PROGRAMS = mpicalc bftest clean-sat mk-tdata shmtest

View File

@ -27,8 +27,8 @@
#include <fcntl.h> #include <fcntl.h>
#endif #endif
#include <gcrypt.h>
#include "util.h" #include "util.h"
#include "cipher.h"
#include "i18n.h" #include "i18n.h"
static void static void
@ -62,7 +62,7 @@ int
main(int argc, char **argv) main(int argc, char **argv)
{ {
int encode=0; int encode=0;
CIPHER_HANDLE hd; GCRY_CIPHER_HD hd;
char buf[4096]; char buf[4096];
int n, size=4096; int n, size=4096;
int algo; int algo;
@ -92,21 +92,21 @@ main(int argc, char **argv)
if( argc != 3 ) if( argc != 3 )
my_usage(); my_usage();
argc--; argv++; argc--; argv++;
algo = string_to_cipher_algo( *argv ); algo = gcry_cipher_map_name( *argv );
argc--; argv++; argc--; argv++;
hd = cipher_open( algo, CIPHER_MODE_CFB, 0 ); hd = gcry_cipher_open( algo, GCRY_CIPHER_MODE_CFB, 0 );
cipher_setkey( hd, *argv, strlen(*argv) ); gcry_cipher_setkey( hd, *argv, strlen(*argv) );
cipher_setiv( hd, NULL, 0 ); gcry_cipher_setiv( hd, NULL, 0 );
while( (n = fread( buf, 1, size, stdin )) > 0 ) { while( (n = fread( buf, 1, size, stdin )) > 0 ) {
if( encode ) if( encode )
cipher_encrypt( hd, buf, buf, n ); gcry_cipher_encrypt( hd, buf, n, buf, n );
else else
cipher_decrypt( hd, buf, buf, n ); gcry_cipher_decrypt( hd, buf, n, buf, n );
if( fwrite( buf, 1, n, stdout) != n ) if( fwrite( buf, 1, n, stdout) != n )
log_fatal("write error\n"); log_fatal("write error\n");
} }
cipher_close(hd); gcry_cipher_close(hd);
return 0; return 0;
} }

View File

@ -1,3 +1,11 @@
Tue Oct 26 14:10:21 CEST 1999 Werner Koch <wk@gnupg.de>
* simple-gettext.c (set_gettext_file): Check charset and do
mapping only for IBM850.
* strgutil.c (query_native_charset): New.
(get_native_charset): Try to get it from the system on the first call.
(ibm850_unicode): New table.
Fri Sep 17 12:56:42 CEST 1999 Werner Koch <wk@isil.d.shuttle.de> Fri Sep 17 12:56:42 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>

View File

@ -217,6 +217,13 @@ load_domain( const char *filename )
free( domain ); free( domain );
return NULL; return NULL;
} }
/* Currently we have only a Latin-1 to IBM850 translation, so
* we simply mark everything mapped if we don't have this codepage. */
{
const char *s = get_native_charset();
if( !s || strcmp(s, "ibm850")
memset( domain->mapped, 1, domain->nstrings );
}
return domain; return domain;
} }
@ -242,7 +249,6 @@ set_gettext_file( const char *filename )
#endif #endif
) { ) {
/* absolute path - use it as is */ /* absolute path - use it as is */
log_info("trying `%s'\n", filename );
domain = load_domain( filename ); domain = load_domain( filename );
} }
else { /* relative path - append ".mo" and get DIR from env */ else { /* relative path - append ".mo" and get DIR from env */
@ -280,7 +286,7 @@ get_string( struct loaded_domain *domain, u32 idx )
byte *pp; byte *pp;
domain->mapped[idx] = 1; domain->mapped[idx] = 1;
/* we assume Latin1 -> CP 850 for now */ /* currently we only support Latin-1 to CP 850 */
for( pp=p; *pp; pp++ ) { for( pp=p; *pp; pp++ ) {
if( (*pp & 0x80) ) { if( (*pp & 0x80) ) {
switch( *pp ) { switch( *pp ) {

View File

@ -65,6 +65,26 @@ static ushort latin2_unicode[128] = {
0x0159,0x016F,0x00FA,0x0171,0x00FC,0x00FD,0x0163,0x02D9 0x0159,0x016F,0x00FA,0x0171,0x00FC,0x00FD,0x0163,0x02D9
}; };
static ushort ibm850_unicode[128] = {
0x00c7,0x00fc,0x00e9,0x00e2,0x00e4,0x00e0,0x00e5,0x00e7,
0x00ea,0x00eb,0x00e8,0x00ef,0x00ee,0x00ec,0x00c4,0x00c5,
0x00c9,0x00e6,0x00c6,0x00f4,0x00f6,0x00f2,0x00fb,0x00f9,
0x00ff,0x00d6,0x00dc,0x00f8,0x00a3,0x00d8,0x00d7,0x0192,
0x00e1,0x00ed,0x00f3,0x00fa,0x00f1,0x00d1,0x00aa,0x00ba,
0x00bf,0x00ae,0x00ac,0x00bd,0x00bc,0x00a1,0x00ab,0x00bb,
0x2591,0x2592,0x2593,0x2502,0x2524,0x00c1,0x00c2,0x00c0,
0x00a9,0x2563,0x2551,0x2557,0x255d,0x00a2,0x00a5,0x2510,
0x2514,0x2534,0x252c,0x251c,0x2500,0x253c,0x00e3,0x00c3,
0x255a,0x2554,0x2569,0x2566,0x2560,0x2550,0x256c,0x00a4,
0x00f0,0x00d0,0x00ca,0x00cb,0x00c8,0x0131,0x00cd,0x00ce,
0x00cf,0x2518,0x250c,0x2588,0x2584,0x00a6,0x00cc,0x2580,
0x00d3,0x00df,0x00d4,0x00d2,0x00f5,0x00d5,0x00b5,0x00fe,
0x00de,0x00da,0x00db,0x00d9,0x00fd,0x00dd,0x00af,0x00b4,
0x00ad,0x00b1,0x2017,0x00be,0x00b6,0x00a7,0x00f7,0x00b8,
0x00b0,0x00a8,0x00b7,0x00b9,0x00b3,0x00b2,0x25a0,0x00a0,
};
static int query_native_charset_done = 0;
static const char *active_charset_name = "iso-8859-1"; static const char *active_charset_name = "iso-8859-1";
static ushort *active_charset = NULL; static ushort *active_charset = NULL;
@ -291,9 +311,65 @@ string_count_chr( const char *string, int c )
} }
static const char*
query_native_charset(void)
{
#ifdef __MINGW32__
unsigned int cp;
cp = GetConsoleOutputCP();
if( cp != GetConsoleCP() ) {
/* The input cgarset is not equal to the output charset
* our system depends on it and therefore we will set
* same the same (this won't work on Windows 95) */
if( !SetConsoleCP( cp ) )
log_info("can't set Input-CP to Output-CP: %d\n",
(int)GetLastError() );
}
/* we could read the registry, but this seems to be too much work */
switch( cp ) {
case 850: return "ibm850";
case 437: return "ibm437";
case 1252: return "iso-8859-1";
default:
log_info("unknown MS-Windows CodePage %u "
"- trying to switch to Latin-1\n", cp );
/* try to set latin-1 */
if( !SetConsoleOutputCP( 1252 ) ) {
if( !SetConsoleCP( 1252 ) )
return "iso-8859-1";
else /* back off */
SetConsoleOutputCP( cp );
}
log_info("no information about MS-Windows CodePage %u\n", cp );
return NULL;
}
#else
return NULL; /* unknown */
#endif
}
const char*
get_native_charset()
{
if( !query_native_charset_done ) {
const char *s;
query_native_charset_done = 1;
s = query_native_charset();
if( s )
set_native_charset(s);
}
return active_charset_name;
}
int int
set_native_charset( const char *newset ) set_native_charset( const char *newset )
{ {
query_native_charset_done = 1; /* don't do this when we want to set one*/
if( !stricmp( newset, "iso-8859-1" ) ) { if( !stricmp( newset, "iso-8859-1" ) ) {
active_charset_name = "iso-8859-1"; active_charset_name = "iso-8859-1";
active_charset = NULL; active_charset = NULL;
@ -306,16 +382,15 @@ set_native_charset( const char *newset )
active_charset_name = "koi8-r"; active_charset_name = "koi8-r";
active_charset = koi8_unicode; active_charset = koi8_unicode;
} }
else if( !stricmp( newset, "ibm850" ) || !stricmp( newset, "ibm437" ) ) {
active_charset_name = "ibm850";
active_charset = ibm850_unicode;
}
else else
return G10ERR_GENERAL; return G10ERR_GENERAL;
return 0; return 0;
} }
const char*
get_native_charset()
{
return active_charset_name;
}
/**************** /****************
* Convert string, which is in native encoding to UTF8 and return the * Convert string, which is in native encoding to UTF8 and return the