Fixed a build bug (straw letter in sm/import.c) and updated the documentation.

TODO

@@ -48,6 +48,7 @@ might want to have an agent context for each service request
 ** Check that all error code mapping is done.
 ** Remove the inter-module dependencies between gpgsm and keybox
 ** Add an source_of_key field
+** We need an error code GPG_ERR_NOT_LOCKED
 
 * agent/gpg-agent.c
 ** A SIGHUP should also restart the scdaemon

agent/minip12.c

@@ -91,8 +91,12 @@ static unsigned char const oid_encryptedData[9] = {
   0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x06 };
 static unsigned char const oid_pkcs_12_pkcs_8ShroudedKeyBag[11] = {
   0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x0C, 0x0A, 0x01, 0x02 };
+static unsigned char const oid_pkcs_12_CertBag[11] = {
+  0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x0C, 0x0A, 0x01, 0x03 };
 static unsigned char const oid_pbeWithSHAAnd3_KeyTripleDES_CBC[10] = {
   0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x0C, 0x01, 0x03 };
+static unsigned char const oid_pbeWithSHAAnd40BitRC2_CBC[10] = {
+  0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x0C, 0x01, 0x06 };
 
 static unsigned char const oid_rsaEncryption[9] = {
   0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01 };
@@ -402,11 +406,62 @@ parse_bag_encrypted_data (const unsigned char *buffer, size_t length,
   p += DIM(oid_data);
   n -= DIM(oid_data);
 
-  /* fixme: continue parsing */
+#if 0
+  where = "bag.encryptedData.keyinfo"
+  if (parse_tag (&p, &n, &ti))
+    goto bailout;
+  if (ti.class || ti.tag != TAG_SEQUENCE)
+    goto bailout;
+  if (parse_tag (&p, &n, &ti))
+    goto bailout;
+  if (!ti.class && ti.tag == TAG_OBJECT_ID
+      && ti.length == DIM(oid_pbeWithSHAAnd40BitRC2_CBC)
+      && memcmp (p, oid_pbeWithSHAAnd40BitRC2_CBC,
+                 DIM(oid_pbeWithSHAAnd40BitRC2_CBC)))
+    {
+      p += DIM(oid_pbeWithSHAAnd40BitRC2_CBC);
+      n -= DIM(oid_pbeWithSHAAnd40BitRC2_CBC);
+    }
+  else
+    goto bailout;
+
+  where = "rc2-params";
+  if (parse_tag (&p, &n, &ti))
+    goto bailout;
+  if (ti.class || ti.tag != TAG_SEQUENCE)
+    goto bailout;
+  if (parse_tag (&p, &n, &ti))
+    goto bailout;
+  if (ti.class || ti.tag != TAG_OCTET_STRING || ti.length != 8 )
+    goto bailout;
+  memcpy (salt, p, 8);
+  p += 8;
+  n -= 8;
+  if (parse_tag (&p, &n, &ti))
+    goto bailout;
+  if (ti.class || ti.tag != TAG_INTEGER || !ti.length )
+    goto bailout;
+  for (iter=0; ti.length; ti.length--)
+    {
+      iter <<= 8;
+      iter |= (*p++) & 0xff; 
+      n--;
+    }
+  
+  where = "rc2-ciphertext";
+  if (parse_tag (&p, &n, &ti))
+    goto bailout;
+  if (ti.class || ti.tag != TAG_OCTET_STRING || !ti.length )
+    goto bailout;
+  
+  log_info ("%lu bytes of RC2 encrypted text\n", ti.length);
+#endif
+
+
 
   return 0;
  bailout:
-  log_error ("encrptedData error at \"%s\", offset %u\n",
+  log_error ("encryptedData error at \"%s\", offset %u\n",
              where, (p - buffer)+startoffset);
   return -1;
 }
@@ -615,8 +670,8 @@ parse_bag_data (const unsigned char *buffer, size_t length, int startoffset,
 
 
 /* Parse a PKCS12 object and return an array of MPI representing the
-   secret key parameters.  This is a very limited inplementation in
-   that it is only able to look for 3DES encoded enctyptedData and
+   secret key parameters.  This is a very limited implementation in
+   that it is only able to look for 3DES encoded encryptedData and
    tries to extract the first private key object it finds.  In case of
    an error NULL is returned. */
 gcry_mpi_t *

agent/protect-tool.c

@@ -648,7 +648,7 @@ import_p12_file (const char *fname)
     log_printf ("%02X", grip[i]);
   log_printf ("\n");
 
-  /* convert to canonical encoding */
+  /* Convert to canonical encoding. */
   buflen = gcry_sexp_sprint (s_key, GCRYSEXP_FMT_CANON, NULL, 0);
   assert (buflen);
   key = gcry_xmalloc_secure (buflen);

doc/ChangeLog

@@ -1,3 +1,9 @@
+2004-02-03  Werner Koch  <wk@gnupg.org>
+
+	* contrib.texi (Contributors): Updated from the gpg 1.2.3 thanks
+	list.
+	* gpgsm.texi, gpg-agent.texi, scdaemon.texi: Language cleanups.
+
 2003-12-01  Werner Koch  <wk@gnupg.org>
 
 	* gpgsm.texi (Certificate Options): Add --{enable,disable}-ocsp.

doc/assuan.texi

@@ -5,7 +5,7 @@
 @node Assuan
 @chapter Description of the Assuan protocol.
 
-The architecture of the modula GnuPG system is based on a couple of
+The architecture of the modular GnuPG system is based on a couple of
 highly specialized modules which make up a network of client server
 communication.  A common framework for intermodule communication is
 therefore needed and should be implemented in a library.

doc/contrib.texi

@@ -40,23 +40,84 @@ underspecified interfaces.
 Thomas Koester did extensive testing and tracked down a lot of bugs
 
 @item
-Werner Koch desgned the system and wrote most of the original code.
+Werner Koch designed the system and wrote most of the original code.
 
 @end itemize
 
-FIXME: We need to copy a lot of credits from GnupG 1.0 to here.
+We'd also like to thank these folks who have contributed a lot of time
+and energy working on GnuPG over the years:
 
+David Shaw, Matthew Skala, Michael Roth, Niklas Hernaeus, Nils
+Ellmenreich, Rémi Guyomarch, Stefan Bellon, Timo Schulz and Werner
+Koch wrote the code.  Birger Langkjer, Daniel Resare, Dokianakis
+Theofanis, Edmund GRIMLEY EVANS, Gaël Quéri, Gregory Steuck, Nagy
+Ferenc László, Ivo Timmermans, Jacobo Tarri'o Barreiro, Janusz
+Aleksander Urbanowicz, Jedi Lin, Jouni Hiltunen, Laurentiu Buzdugan,
+Magda Procha'zkova', Michael Anckaert, Michal Majer, Marco d'Itri,
+Nilgun Belma Buguner, Pedro Morais, Tedi Heriyanto, Thiago Jung
+Bauermann, Rafael Caetano dos Santos, Toomas Soome, Urko Lusa, Walter
+Koch, Yosiaki IIDA did the official translations. Mike Ashley wrote
+and maintains the GNU Privacy Handbook. David Scribner is the current
+FAQ editor.  Lorenzo Cappelletti maintains the web site.
 
-We'd also like to thank the folks who have contributed time and energy in
-testing GnuPG:
+The following people helped greatly by suggesting improvements,
+testing, fixing bugs, providing resources and doing other important
+tasks: Adam Mitchell, Albert Chin, Alec Habig, Allan Clark, Anand
+Kumria, Andreas Haumer, Anthony Mulcahy, Ariel T Glenn, Bob Mathews,
+Bodo Moeller, Brendan O'Dea, Brenno de Winter, Brian M. Carlson, Brian
+Moore, Brian Warner, Bryan Fullerton, Caskey L. Dickson, Cees van de
+Griend, Charles Levert, Chip Salzenberg, Chris Adams, Christian Biere,
+Christian Kurz, Christian von Roques, Christopher Oliver, Christian
+Recktenwald, Dan Winship, Daniel Eisenbud, Daniel Koening, Dave
+Dykstra, David C Niemi, David Champion, David Ellement, David
+Hallinan, David Hollenberg, David Mathog, David R. Bergstein, Detlef
+Lannert, Dimitri, Dirk Lattermann, Dirk Meyer, Disastry, Douglas
+Calvert, Ed Boraas, Edmund GRIMLEY EVANS, Edwin Woudt, Enzo
+Michelangeli, Ernst Molitor, Fabio Coatti, Felix von Leitner, fish
+stiqz, Florian Weimer, Francesco Potorti, Frank Donahoe, Frank
+Heckenbach, Frank Stajano, Frank Tobin, Gabriel Rosenkoetter, Gaël
+Quéri, Gene Carter, Geoff Keating, Georg Schwarz, Giampaolo Tomassoni,
+Gilbert Fernandes, Greg Louis, Greg Troxel, Gregory Steuck, Gregery
+Barton, Harald Denker, Holger Baust, Hendrik Buschkamp, Holger
+Schurig, Holger Smolinski, Holger Trapp, Hugh Daniel, Huy Le, Ian
+McKellar, Ivo Timmermans, Jan Krueger, Jan Niehusmann, Janusz
+A. Urbanowicz, James Troup, Jean-loup Gailly, Jeff Long, Jeffery Von
+Ronne, Jens Bachem, Jeroen C. van Gelderen, J Horacio MG, J. Michael
+Ashley, Jim Bauer, Jim Small, Joachim Backes, Joe Rhett, John
+A. Martin, Johnny Teveßen, Jörg Schilling, Jos Backus, Joseph Walton,
+Juan F. Codagnone, Jun Kuriyama, Kahil D. Jallad, Karl Fogel, Karsten
+Thygesen, Katsuhiro Kondou, Kazu Yamamoto, Keith Clayton, Kevin Ryde,
+Klaus Singvogel, Kurt Garloff, Lars Kellogg-Stedman, L. Sassaman, M
+Taylor, Marcel Waldvogel, Marco d'Itri, Marco Parrone, Marcus
+Brinkmann, Mark Adler, Mark Elbrecht, Mark Pettit, Markus Friedl,
+Martin Kahlert, Martin Hamilton, Martin Schulte, Matt Kraai, Matthew
+Skala, Matthew Wilcox, Matthias Urlichs, Max Valianskiy, Michael
+Engels, Michael Fischer v. Mollard, Michael Roth, Michael Sobolev,
+Michael Tokarev, Nicolas Graner, Mike McEwan, Neal H Walfield, Nelson
+H. F. Beebe, NIIBE Yutaka, Niklas Hernaeus, Nimrod Zimerman, N J Doye,
+Oliver Haakert, Oskari Jääskeläinen, Pascal Scheffers, Paul D. Smith,
+Per Cederqvist, Phil Blundell, Philippe Laliberte, Peter Fales, Peter
+Gutmann, Peter Marschall, Peter Valchev, Piotr Krukowiecki, QingLong,
+Ralph Gillen, Rat, Reinhard Wobst, Rémi Guyomarch, Reuben Sumner,
+Richard Outerbridge, Robert Joop, Roddy Strachan, Roger Sondermann,
+Roland Rosenfeld, Roman Pavlik, Ross Golder, Ryan Malayter, Sam
+Roberts, Sami Tolvanen, Sean MacLennan, Sebastian Klemke, Serge
+Munhoven, SL Baur, Stefan Bellon, Dr.Stefan.Dalibor, Stefan Karrmann,
+Stefan Keller, Steffen Ullrich, Steffen Zahn, Steven Bakker, Steven
+Murdoch, Susanne Schultz, Ted Cabeen, Thiago Jung Bauermann, Thijmen
+Klok, Thomas Roessler, Tim Mooney, Timo Schulz, Todd Vierling, TOGAWA
+Satoshi, Tom Spindler, Tom Zerucha, Tomas Fasth, Tommi Komulainen,
+Thomas Klausner, Tomasz Kozlowski, Thomas Mikkelsen, Ulf Möller, Urko
+Lusa, Vincent P. Broman, Volker Quetschke, W Lewis, Walter Hofmann,
+Walter Koch, Wayne Chapeskie, Wim Vandeputte, Winona Brown, Yosiaki
+IIDA, Yoshihiro Kajiki and Gerlinde Klaes.
 
-@itemize @bullet
-@item
-Joe R. Hacker
-
-@item
-And many others
-@end itemize
+This software has been made possible by the previous work of Chris
+Wedgwood, Jean-loup Gailly, Jon Callas, Mark Adler, Martin Hellmann
+Paul Kendall, Philip R. Zimmermann, Peter Gutmann, Philip A. Nelson,
+Taher ElGamal, Torbjorn Granlund, Whitfield Diffie, some unknown NSA
+mathematicians and all the folks who have worked hard to create
+complete and free operating systems.
 
 And finally we'd like to thank everyone who uses these tools, submits
 bug reports and generally reminds us why we're doing this work in the

doc/gnupg.texi

@@ -112,7 +112,7 @@ Boston, MA 02111-1307 USA
 @cindex introduction
 
 This manual documents how to use the GNU Privay Guard system as well as
-the administartion and the architecture.
+the administration and the architecture.
 
 @c * Gpg::             Using the OpenPGP protocol.
 @menu

doc/gpg-agent.texi

@@ -118,7 +118,9 @@ $ eval `gpg-agent --daemon`
 @item --options @var{file}
 @opindex options
 Reads configuration from @var{file} instead of from the default
-per-user configuration file.
+per-user configuration file.  The default configuration file is named
+@file{gpg-agent.conf} and expected in the @file{.gnupg} directory directly
+below the home directory of the user.
 
 @item -v
 @item --verbose
@@ -224,15 +226,16 @@ control this behaviour but this command line option takes precedence.
 Set the time a cache entry is valid to @var{n} seconds.  The default are
 600 seconds.
 
-@item --pinentry-program @var{path}
+@item --pinentry-program @var{filename}
 @opindex pinentry-program
-Use program @var{path} as the PIN entry.  The default is installation
+Use program @var{filename} as the PIN entry.  The default is installation
 dependend and can be shown with the @code{--version} command.
 
-@item --scdaemon-program @var{path}
+@item --scdaemon-program @var{filename}
 @opindex scdaemon-program
-Use program @var{path} as the Smartcard daemon.  The default is installation
-dependend and can be shown with the @code{--version} command.
+Use program @var{filename} as the Smartcard daemon.  The default is
+installation dependend and can be shown with the @code{--version}
+command.
 
 
 @item --display @var{string}

doc/gpgsm.texi

@@ -98,11 +98,12 @@ Run in server mode and wait for commands on the @code{stdin}.
 @opindex call-dirmngr
 Behave as a Dirmngr client issuing the request @var{command} with the
 optional list of @var{args}.  The output of the Dirmngr is printed
-stdout.  Please note that filenames given as arguments should have an
-absulte path because they are passed verbatim to the Dirmngr and the
-working directory of the Dirmngr might not be the same as the one of
-this client.  Currently it is not possible to pass data via stdin to the
-Dirmngr.  @var{command} should not contain spaces.
+stdout.  Please note that file names given as arguments should have an
+absulte file name (i.e. commencing with @code{/} because they are
+passed verbatim to the Dirmngr and the working directory of the
+Dirmngr might not be the same as the one of this client.  Currently it
+is not possible to pass data via stdin to the Dirmngr.  @var{command}
+should not contain spaces.
 
 This is command is required for certain maintaining tasks of the dirmngr
 where a dirmngr must be able to call back to gpgsm.  See the Dirmngr
@@ -193,7 +194,9 @@ in the option file.
 @item --options @var{file}
 @opindex options
 Reads configuration from @var{file} instead of from the default
-per-user configuration file.
+per-user configuration file.  The default configuration file is named
+@file{gpgsm.conf} and expected in the @file{.gnupg} directory directly
+below the home directory of the user.
 
 @item -v
 @item --verbose
@@ -299,7 +302,7 @@ secret key found in the database.
 @opindex with-key-data
 Displays extra information with the @code{--list-keys} commands.  Especially
 a line tagged @code{grp} is printed which tells you the keygrip of a
-key.  This string is for example used as the filename of the
+key.  This string is for example used as the file name of the
 secret key.
 
 @end table
@@ -360,10 +363,10 @@ usual C-Syntax. The currently defined bits are:
 @opindex debug-all
 Same as @code{--debug=0xffffffff}
 
-@item --debug-no-path-validation
-@opindex debug-no-path-validation
+@item --debug-no-chain-validation
+@opindex debug-no-chain-validation
 This is actually not a debugging option but only useful as such.  It
-lets gpgsm bypass all certificate path validation checks.
+lets gpgsm bypass all certificate chain validation checks.
 
 @end table
 

doc/scdaemon.texi

@@ -76,7 +76,9 @@ This is mainly a debugging command, used to print the ATR
 @item --options @var{file}
 @opindex options
 Reads configuration from @var{file} instead of from the default
-per-user configuration file.
+per-user configuration file.  The default configuration file is named
+@file{scdaemon.conf} and expected in the @file{.gnupg} directory directly
+below the home directory of the user.
 
 @item -v
 @item --verbose

sm/import.c

@@ -214,7 +214,7 @@ import_one (CTRL ctrl, struct stats_s *stats, int in_fd)
     {
       rc = gpg_error (gpg_err_code_from_errno (errno));
       log_error ("fdopen() failed: %s\n", strerror (errno));
-  q    goto leave;
+      goto leave;
     }
 
   rc = gpgsm_create_reader (&b64reader, ctrl, fp, &reader);